Ben Laurie
fb4de3deed
Update ignores.
2004-06-19 13:18:01 +00:00
Ben Laurie
4d4716dc03
Add Diffie-Hellman to FIPS.
2004-06-19 13:16:51 +00:00
Ben Laurie
b5e4469150
The version that was actually submitted for FIPS testing.
2004-06-19 13:15:35 +00:00
Richard Levitte
3e00d6c4bb
Typo, setting the first element of nids[] to NULL instead of setting
...
*cnids.
2004-06-15 11:46:06 +00:00
Lutz Jänicke
5e86220660
More precise explanation of session id context requirements.
2004-06-14 13:26:47 +00:00
Richard Levitte
4313847660
Make sure o_str.h is reachable.
2004-05-27 10:19:04 +00:00
Richard Levitte
3844adbf58
Run an installation of FIPS stuff as well.
2004-05-27 10:07:04 +00:00
Richard Levitte
d8e2073449
Compile the FIPS directory on VMS as well. fips-lib.com is
...
essentially a copy of crypto-lib.com, with just a few edits.
2004-05-27 10:04:40 +00:00
Richard Levitte
e9f7ebd674
Copy the FIPS files to the temporary openssl include directory.
2004-05-27 09:33:10 +00:00
Richard Levitte
5affe206e1
Define FIPS_*_SIZE_T for AES, DSA and RSA as well, in preparation for
...
size_t-ification of those algorithms in future version of OpenSSL...
2004-05-19 14:16:33 +00:00
Andy Polyakov
1f4eccaaa5
Make reservations in FIPS code for upcoming size_t-fication of OpenSSL API.
...
And couple of bug-fixes in fips/rand code [return without lock release and
incorrect return value in fips_rand_bytes].
2004-05-17 15:37:26 +00:00
Richard Levitte
07bf82a71d
Typo corretced.
2004-05-17 04:47:26 +00:00
Richard Levitte
43d6233a22
Rewrite the usage to avoid confusion.
2004-05-17 04:40:49 +00:00
Richard Levitte
736ce650c6
Make it possible for the user to choose the digest used to create the
...
key.
2004-05-17 04:39:00 +00:00
Richard Levitte
a8bb3d0e15
When in FIPS mode, use SHA1 to digest the key, rather than MD5, as MD5
...
isn't a FIPS-approved algorithm.
Note: this means the user needs to keep track of this, and we need to
add support for that...
2004-05-17 04:31:14 +00:00
Richard Levitte
f27a152f69
Make sure the applications know when we are running in FIPS mode. We
...
can't use the variable in libcrypto, since it's supposedly unknown.
Note: currently only supported in MONOLITH mode.
2004-05-17 04:30:06 +00:00
Richard Levitte
63d494b22c
Generate SHA1 files on Windows and other platforms supported by
...
mk1mf.pl, when building in FIPS mode.
Note: UNTESTED!
2004-05-17 04:28:31 +00:00
Ben Laurie
9ac9a29407
Fix self-tests, ban some things in FIPS mode, fix copyrights.
2004-05-15 17:51:26 +00:00
Dr. Stephen Henson
bdb4a7e092
Fixes so alerts are sent properly in s3_pkt.c
...
PR: 851
2004-05-15 17:46:50 +00:00
Ben Laurie
0163602573
Check error returns.
2004-05-15 16:39:23 +00:00
Richard Levitte
bac2e26a9e
Reimplement old functions, so older software that link to libcrypto
...
don't crash and burn.
2004-05-14 17:55:59 +00:00
Richard Levitte
10eae14f9b
All EVP_*_cfb functions have changed names to EVP_*_cfb64 or
...
EVP_*_cfb128.
2004-05-14 17:54:18 +00:00
Richard Levitte
745c7356c2
make update
2004-05-13 22:41:01 +00:00
Richard Levitte
e31c121315
o_str.h is not an exported header.
2004-05-13 22:40:40 +00:00
Richard Levitte
dbf2ac31c9
Synchronise o_str.c between 0.9.8-dev and 0.9.7-stable.
2004-05-13 22:40:08 +00:00
Richard Levitte
4108d365bf
make update
2004-05-13 21:38:37 +00:00
Richard Levitte
03ef2c333c
Let's make life easier and have the VMS version of the configuration be
...
generated from the Unixly configuration file.
2004-05-13 21:38:23 +00:00
Dr. Stephen Henson
7922ba2feb
Make self signing option of 'x509' use random serial numbers too.
2004-05-12 18:20:57 +00:00
Dr. Stephen Henson
d94b22235f
Fix memory leak.
2004-05-12 17:53:22 +00:00
Ben Laurie
72d75ee206
Blow up in people's faces if they don't reseed.
2004-05-12 14:11:10 +00:00
Richard Levitte
49bc4c1023
make update
2004-05-12 10:17:15 +00:00
Richard Levitte
0e92f7738a
Forgot to update the Makefile with the o_str stuff...
2004-05-12 10:17:02 +00:00
Richard Levitte
d529f2a8f7
The functions OPENSSL_strcasen?cmp() were forgotten when merging the
...
FIPS branch into this. It's needed at least for certain OpenVMS
versions, and should really be used in a more general way.
2004-05-12 10:09:00 +00:00
Richard Levitte
141a64faff
Ignore 'Makefile.save'
2004-05-12 10:07:20 +00:00
Richard Levitte
035dcd3724
Ignore the 'lib' timestamp file.
2004-05-12 08:46:43 +00:00
Richard Levitte
3e9c37a386
I forgot to modify the signature for fips_rand.c...
2004-05-12 08:42:55 +00:00
Richard Levitte
00a59641ee
Only really build this file when OPENSSL_FIPS is defined. And oh,
...
let's keep internal variables static.
2004-05-12 08:28:51 +00:00
Richard Levitte
90cce79346
Makefile.ssl changed name to Makefile.
2004-05-12 08:28:00 +00:00
Richard Levitte
4eeaf52ed9
Only check for FIPS signatures when FIPS is enabled.
2004-05-12 08:27:38 +00:00
Ben Laurie
3642f632d3
Pull FIPS back into stable.
2004-05-11 12:46:24 +00:00
Richard Levitte
aaa16d0001
Remove the creation of $(INSTALL_PREFIX)$(OPENSSLDIR)/lib, since we don't
...
use it.
Notified by Frédéric L. W. Meunier <0@pervalidus.tk> in PR 713
2004-05-06 09:46:48 +00:00
Richard Levitte
3b8ba6b610
When the pointer 'from' changes, it's stored length needs to change as
...
well.
Notified by Frank Kardel <kardel@acm.org> in PR 879.
2004-05-06 09:31:31 +00:00
Bodo Möller
535aef9def
update from current 0.9.6-stable CHANGES file
2004-05-04 01:08:33 +00:00
Dr. Stephen Henson
6e308baf5a
Fix memory leak.
...
PR:870
2004-04-22 12:33:03 +00:00
Dr. Stephen Henson
5a9d2d9081
Port the random serial number generation to 0.9.7-stable.
...
Due to the changes in CA.pl in 0.9.8 (use of -self_sign) a slightly different
technique is used to ensure that 'ca' uses the next serial number. It
now initializes the serial number using 'openssl x509 -next_serial'.
2004-04-22 12:19:48 +00:00
Geoff Thorpe
688791b22b
Extend the index parameter checking from sk_value to sk_set(). Also tidy up
...
some similar code elsewhere.
Thanks to Francesco Petruzzi for bringing this to my attention.
2004-04-21 15:09:25 +00:00
Dr. Stephen Henson
8e94e99ccb
Clear error if unique_subject lookup fails.
2004-04-15 00:33:24 +00:00
Dr. Stephen Henson
e20db94948
Add some root CAs.
2004-04-13 17:49:05 +00:00
cvs2svn
462a286eeb
This commit was manufactured by cvs2svn to create branch
...
'OpenSSL_0_9_7-stable'.
2004-04-13 17:47:38 +00:00
Dr. Stephen Henson
28722cf212
Add some root CAs.
2004-04-13 17:47:37 +00:00