oweals/openssl.git
9 years agoAdd new VxWorks x86 platform
Andy Polyakov [Sat, 4 Jul 2015 19:17:45 +0000 (15:17 -0400)]
Add new VxWorks x86 platform

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
9 years agoutil/incore update that allows FINGERPRINT_premain-free build. OpenSSL-fips-2_0_10
Andy Polyakov [Mon, 11 May 2015 10:16:01 +0000 (12:16 +0200)]
util/incore update that allows FINGERPRINT_premain-free build.

As for complementary fips.c modification. Goal is to ensure that
FIPS_signature does not end up in .bss segment, one guaranteed to
be zeroed upon program start-up. One would expect explicitly
initialized values to end up in .data segment, but it turned out
that values explicitly initialized with zeros can end up in .bss.
The modification does not affect program flow, because first byte
was the only one of significance [to FINGERPRINT_premain].

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
9 years agoAdd support for Android 5, both 32- and 64-bit cases.
Andy Polyakov [Mon, 11 May 2015 10:04:12 +0000 (12:04 +0200)]
Add support for Android 5, both 32- and 64-bit cases.

Special note about additional -pie flag in android-armv7. The initial
reason for adding it is that Android 5 refuses to execute non-PIE
binaries. But what about older systems and previously validated
platforms? It should be noted that flag is not used when compiling
object code, fipscanister.o in this context, only when linking
applications, *supplementary* fips_algvs used during validation
procedure.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
9 years agoAdditional vxWorks target.
Andy Polyakov [Mon, 11 May 2015 09:56:30 +0000 (11:56 +0200)]
Additional vxWorks target.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
9 years agofipsalgtest.pl update.
Andy Polyakov [Mon, 11 May 2015 09:55:19 +0000 (11:55 +0200)]
fipsalgtest.pl update.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
9 years agoConfigure: add ios-cross target with ARM assembly support.
Andy Polyakov [Mon, 11 May 2015 09:53:41 +0000 (11:53 +0200)]
Configure: add ios-cross target with ARM assembly support.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
9 years agoAdd iOS-specific armv4cpud.S module.
Andy Polyakov [Mon, 11 May 2015 09:50:29 +0000 (11:50 +0200)]
Add iOS-specific armv4cpud.S module.

Normally it would be generated from a perlasm module, but doing so
would affect existing armv4cpuid.S, which in turn would formally void
previously validated platforms. Hense separate module is generated.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
9 years agoAdapt ARM assembly pack for iOS.
Andy Polyakov [Mon, 11 May 2015 09:43:55 +0000 (11:43 +0200)]
Adapt ARM assembly pack for iOS.

This is achieved by filtering perlasm output through arm-xlate.pl. But note
that it's done only if "flavour" argument is not 'void'. As 'void' is
default value for other ARM targets, permasm output is not actually
filtered on previously validated platforms.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
9 years agocrypto/modes/modes_lcl.h: let STRICT_ALIGNMENT be on iOS.
Andy Polyakov [Mon, 11 May 2015 09:20:52 +0000 (11:20 +0200)]
crypto/modes/modes_lcl.h: let STRICT_ALIGNMENT be on iOS.

While ARMv7 in general is capable of unaligned access, not all instructions
actually are. And trouble is that compiler doesn't seem to differentiate
those capable and incapable of unaligned access. As result exceptions could
be observed in xts128.c and ccm128.c modules. Contemporary Linux kernels
handle such exceptions by performing requested operation and resuming
execution as is if it succeeded. While on iOS exception is fatal.
Correct solution is to let STRICT_ALIGNMENT be on all ARM platforms,
but doing so is in formal conflict with FIPS maintenance policy.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
9 years agoAdd iOS-specific fips_algvs application.
Andy Polyakov [Mon, 11 May 2015 09:39:04 +0000 (11:39 +0200)]
Add iOS-specific fips_algvs application.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
9 years agoConfigure: engage ARMv8 assembly pack in ios64-cross target.
Andy Polyakov [Mon, 11 May 2015 09:36:48 +0000 (11:36 +0200)]
Configure: engage ARMv8 assembly pack in ios64-cross target.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
9 years agoEngage ARMv8 assembly pack.
Andy Polyakov [Mon, 11 May 2015 09:34:56 +0000 (11:34 +0200)]
Engage ARMv8 assembly pack.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
9 years agoAdd ARMv8 assembly pack.
Andy Polyakov [Mon, 11 May 2015 09:18:04 +0000 (11:18 +0200)]
Add ARMv8 assembly pack.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
10 years agosupport for iOS 7.x/ARMv8 OpenSSL-fips-2_0_9
Dr. Stephen Henson [Fri, 24 Oct 2014 19:41:49 +0000 (20:41 +0100)]
support for iOS 7.x/ARMv8

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Steve Marquess <marquess@openssl.org
10 years agoUpdate fipsalgtest.pl to cope with changes in file names and format
Dr. Stephen Henson [Fri, 24 Oct 2014 19:32:27 +0000 (20:32 +0100)]
Update fipsalgtest.pl to cope with changes in file names and format

X9.31 tests need to look in files for '9.31'
RSA-PSS tests may contain additonal text as well as "salt len: n".
We now just look at the start of a filename for a match.

Separate ECDSA2 test list.

Reorder test to handle new formats: for example PQGVer for DSA2 can be
detected based on file format but if this fails revert to PQGVER.

For future debugging add a --debug-detect option which prints out more
details of the test detection including the first few lines of each
request file.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Steve Marquess <marquess@openssl.org
10 years agoRemove Dual EC DRBG again... OpenSSL-fips-2_0_8
Dr. Stephen Henson [Fri, 11 Jul 2014 18:12:21 +0000 (19:12 +0100)]
Remove Dual EC DRBG again...

Dual EC DRBG removal now accepted for 2.0.8 onwards.

10 years agoAdd linux-x86_64-cross target. OpenSSL-fips-2_0_7
Dr. Stephen Henson [Mon, 12 May 2014 17:38:41 +0000 (18:38 +0100)]
Add linux-x86_64-cross target.

10 years agoRevert "Remove Dual EC DRBG from FIPS module."
Dr. Stephen Henson [Mon, 12 May 2014 17:35:30 +0000 (18:35 +0100)]
Revert "Remove Dual EC DRBG from FIPS module."

Revert Dual EC DRBG removal commit as it was not accepted for 2.0.7
version of the module.

This reverts commit 200f249b8c3b6439e0200d01caadc24806f1a983.

10 years agoQNX6-armv4 support. OpenSSL-fips-2_0_6
Dr. Stephen Henson [Mon, 16 Dec 2013 21:41:07 +0000 (21:41 +0000)]
QNX6-armv4 support.

10 years agoRemove Dual EC DRBG from FIPS module.
Dr. Stephen Henson [Mon, 9 Dec 2013 21:54:50 +0000 (21:54 +0000)]
Remove Dual EC DRBG from FIPS module.

10 years agoeCos ARMv4/5 support OpenSSL-fips-2_0_5
Dr. Stephen Henson [Mon, 16 Dec 2013 14:29:20 +0000 (14:29 +0000)]
eCos ARMv4/5 support

10 years agosha1-armv4-large.pl: comply with ABI.
Andy Polyakov [Fri, 17 Aug 2012 19:57:04 +0000 (19:57 +0000)]
sha1-armv4-large.pl: comply with ABI.
(cherry picked from commit 1a9d60d2e3b02d5e1954fc71c92bf3a6af691495)

10 years agoDon't require tag before ciphertext in AESGCM mode
Dr. Stephen Henson [Tue, 16 Oct 2012 22:46:08 +0000 (22:46 +0000)]
Don't require tag before ciphertext in AESGCM mode
(cherry picked from commit 964eaad78ccdc6c4537664924e6082b08cc1c8ee)

10 years agoAdd MIPS support. OpenSSL-fips-2_0_4
Dr. Stephen Henson [Mon, 16 Dec 2013 14:07:18 +0000 (14:07 +0000)]
Add MIPS support.

11 years agoSupport for WinEC7. OpenSSL-fips-2_0_3
Dr. Stephen Henson [Wed, 10 Apr 2013 14:38:24 +0000 (15:38 +0100)]
Support for WinEC7.

12 years agoAdd BSD-ppc85xx support and avoid copying overlapping buffers in fips_dssvs.c OpenSSL-fips-2_0_2
Dr. Stephen Henson [Sun, 14 Oct 2012 12:02:53 +0000 (12:02 +0000)]
Add BSD-ppc85xx support and avoid copying overlapping buffers in fips_dssvs.c

12 years agoupdate CHANGES OpenSSL-fips-2_0_1
Dr. Stephen Henson [Thu, 4 Oct 2012 14:10:12 +0000 (14:10 +0000)]
update CHANGES

12 years agoAdd support for Windows CE and C64+ to FIPS module.
Dr. Stephen Henson [Thu, 4 Oct 2012 13:27:11 +0000 (13:27 +0000)]
Add support for Windows CE and C64+ to FIPS module.

12 years agofile msincore was added on branch OpenSSL-fips-2_0-stable on 2012-10-04 13:27:10...
Dr. Stephen Henson [Wed, 23 May 2012 17:07:25 +0000 (17:07 +0000)]
file msincore was added on branch OpenSSL-fips-2_0-stable on 2012-10-04 13:27:10 +0000

12 years agofile hmac_sha1.pl was added on branch OpenSSL-fips-2_0-stable on 2012-10-04 13:27...
Dr. Stephen Henson [Wed, 23 May 2012 17:07:24 +0000 (17:07 +0000)]
file hmac_sha1.pl was added on branch OpenSSL-fips-2_0-stable on 2012-10-04 13:27:10 +0000

12 years agorevert fipslink.pl unlink retry change OpenSSL-fips-2_0 OpenSSL-fips-2_0-rc9
Dr. Stephen Henson [Wed, 18 Jan 2012 15:07:11 +0000 (15:07 +0000)]
revert fipslink.pl unlink retry change

12 years agogive a hand old assemblers assembling loop instruction. (original by Andy)
Dr. Stephen Henson [Wed, 18 Jan 2012 14:54:20 +0000 (14:54 +0000)]
give a hand old assemblers assembling loop instruction. (original by Andy)

12 years agotypo OpenSSL-fips-2_0-rc8
Dr. Stephen Henson [Tue, 3 Jan 2012 19:43:06 +0000 (19:43 +0000)]
typo

12 years agoPrepare RC8
Dr. Stephen Henson [Tue, 3 Jan 2012 14:23:54 +0000 (14:23 +0000)]
Prepare RC8

12 years agounlink target and retry to avoid intermittent Win32 failures
Dr. Stephen Henson [Tue, 3 Jan 2012 14:22:45 +0000 (14:22 +0000)]
unlink target and retry to avoid intermittent Win32 failures

12 years agoset version to rc8-dev
Dr. Stephen Henson [Mon, 12 Dec 2011 14:02:57 +0000 (14:02 +0000)]
set version to rc8-dev

12 years agoPrepare for RC7. OpenSSL-fips-2_0-rc7
Dr. Stephen Henson [Mon, 12 Dec 2011 13:44:05 +0000 (13:44 +0000)]
Prepare for RC7.

12 years agoRetry rename operation with a slight delay to workaround problems on
Dr. Stephen Henson [Sat, 10 Dec 2011 18:06:55 +0000 (18:06 +0000)]
Retry rename operation with a slight delay to workaround problems on
some versions of Windows.

12 years agouse different names for asm temp files to avoid problems on some platforms
Dr. Stephen Henson [Sat, 10 Dec 2011 13:29:23 +0000 (13:29 +0000)]
use different names for asm temp files to avoid problems on some platforms

12 years agoClose file streams in FIPS algorithm test utilities.
Dr. Stephen Henson [Thu, 8 Dec 2011 15:14:38 +0000 (15:14 +0000)]
Close file streams in FIPS algorithm test utilities.

12 years agoprepare for RC6 OpenSSL-fips-2_0-rc6
Dr. Stephen Henson [Sun, 4 Dec 2011 21:29:08 +0000 (21:29 +0000)]
prepare for RC6

12 years agoFor FIPS builds we don't use the normal test files (and in the restricted
Dr. Stephen Henson [Sun, 4 Dec 2011 15:26:26 +0000 (15:26 +0000)]
For FIPS builds we don't use the normal test files (and in the restricted
tarball some don't exist) so set TEST='' to avoid linking to them. This also
avoids problems on platforms that copy instead of symlink.

12 years agouse BUILD_ONE_CMD for fips specific links otherwise we effectively do 'make links...
Dr. Stephen Henson [Sun, 4 Dec 2011 15:14:13 +0000 (15:14 +0000)]
use BUILD_ONE_CMD for fips specific links otherwise we effectively do 'make links' twice

12 years agoWorkaround for VxWorks
Dr. Stephen Henson [Sun, 4 Dec 2011 15:11:44 +0000 (15:11 +0000)]
Workaround for VxWorks

12 years agoavoid use of symlinks on Windows: it causes problems on some build environments
Dr. Stephen Henson [Sun, 4 Dec 2011 15:04:20 +0000 (15:04 +0000)]
avoid use of symlinks on Windows: it causes problems on some build environments

12 years agoFix x86cpuid so it doesn't fail for some (currently theoretical) virtual
Dr. Stephen Henson [Sat, 3 Dec 2011 21:47:48 +0000 (21:47 +0000)]
Fix x86cpuid so it doesn't fail for some (currently theoretical) virtual
machines.

12 years agoChange EVP_MAXCHUNK so it doesn't wraparound to 0 on some platforms (IP32L64).
Dr. Stephen Henson [Sat, 3 Dec 2011 21:44:01 +0000 (21:44 +0000)]
Change EVP_MAXCHUNK so it doesn't wraparound to 0 on some platforms (IP32L64).

12 years agoPrepare for RC6.
Dr. Stephen Henson [Sat, 3 Dec 2011 19:51:52 +0000 (19:51 +0000)]
Prepare for RC6.

12 years agoAdd tests to ensure ECDSA key gen and DSA signing fails if DRBG
Dr. Stephen Henson [Sat, 3 Dec 2011 19:41:28 +0000 (19:41 +0000)]
Add tests to ensure ECDSA key gen and DSA signing fails if DRBG
entropy source fails.

12 years agofunctions aren't unused: revert
Dr. Stephen Henson [Sat, 3 Dec 2011 19:19:34 +0000 (19:19 +0000)]
functions aren't unused: revert

12 years agoremove unused functions from module
Dr. Stephen Henson [Sat, 3 Dec 2011 18:27:31 +0000 (18:27 +0000)]
remove unused functions from module

12 years agobn/asm/mips.pl: fix typos [from HEAD], original by Andy
Dr. Stephen Henson [Sat, 3 Dec 2011 18:26:26 +0000 (18:26 +0000)]
bn/asm/mips.pl: fix typos [from HEAD], original by Andy

13 years agoprepare for rc5 OpenSSL-fips-2_0-rc5
Dr. Stephen Henson [Fri, 25 Nov 2011 16:27:19 +0000 (16:27 +0000)]
prepare for rc5

13 years agoreturn error if counter exceeds limit and seed value supplied
Dr. Stephen Henson [Fri, 25 Nov 2011 16:03:27 +0000 (16:03 +0000)]
return error if counter exceeds limit and seed value supplied

13 years agocheck counter value against 4 * L, not 4096
Dr. Stephen Henson [Fri, 25 Nov 2011 15:00:20 +0000 (15:00 +0000)]
check counter value against 4 * L, not 4096

13 years agobump version for rc5-dev: hopefully will never be needed...
Dr. Stephen Henson [Mon, 21 Nov 2011 00:05:15 +0000 (00:05 +0000)]
bump version for rc5-dev: hopefully will never be needed...

13 years agoprepare for rc4 OpenSSL-fips-2_0-rc4
Dr. Stephen Henson [Sat, 19 Nov 2011 17:04:28 +0000 (17:04 +0000)]
prepare for rc4

13 years agoAdd flag to support cofactor ECDH
Dr. Stephen Henson [Sat, 19 Nov 2011 17:03:44 +0000 (17:03 +0000)]
Add flag to support cofactor ECDH

13 years agobump version to rc4-dev
Dr. Stephen Henson [Fri, 18 Nov 2011 21:59:36 +0000 (21:59 +0000)]
bump version to rc4-dev

13 years agoprepare for RC3 OpenSSL-fips-2_0-rc3
Dr. Stephen Henson [Fri, 18 Nov 2011 18:50:57 +0000 (18:50 +0000)]
prepare for RC3

13 years agoIn EC_KEY_set_public_key_affine_coordinates include explicit check to see passed...
Dr. Stephen Henson [Wed, 16 Nov 2011 13:28:11 +0000 (13:28 +0000)]
In EC_KEY_set_public_key_affine_coordinates include explicit check to see passed components do not exceed field order

13 years agoportability fix for some perl versions
Dr. Stephen Henson [Fri, 11 Nov 2011 19:01:11 +0000 (19:01 +0000)]
portability fix for some perl versions

13 years agofclose streams in fips_drbvs.c OpenSSL-fips-2_0-rc2
Dr. Stephen Henson [Wed, 9 Nov 2011 14:23:17 +0000 (14:23 +0000)]
fclose streams in fips_drbvs.c

Produced error message for unsupported curves in fips_ecdhvs.c

13 years agoPrepare for RC3 (which may never happen).
Dr. Stephen Henson [Tue, 8 Nov 2011 19:08:40 +0000 (19:08 +0000)]
Prepare for RC3 (which may never happen).

13 years agoPlatform update from HEAD.
Andy Polyakov [Tue, 8 Nov 2011 14:44:55 +0000 (14:44 +0000)]
Platform update from HEAD.

13 years agoadd fips_algvs.c to restricted tarball
Dr. Stephen Henson [Mon, 7 Nov 2011 13:54:30 +0000 (13:54 +0000)]
add fips_algvs.c to restricted tarball

13 years agoPrepare for RC2
Dr. Stephen Henson [Mon, 7 Nov 2011 13:18:12 +0000 (13:18 +0000)]
Prepare for RC2

13 years agoMacOS and iOS support
Dr. Stephen Henson [Mon, 7 Nov 2011 13:16:55 +0000 (13:16 +0000)]
MacOS and iOS support

13 years agofipsld, incore: switch to new cross-compile support [from HEAD].
Andy Polyakov [Mon, 7 Nov 2011 00:22:59 +0000 (00:22 +0000)]
fipsld, incore: switch to new cross-compile support [from HEAD].

13 years agoe_aes.c: fold aesni_xts_cipher and [most importantly] fix aes_xts_cipher's
Andy Polyakov [Sun, 6 Nov 2011 19:49:58 +0000 (19:49 +0000)]
e_aes.c: fold aesni_xts_cipher and [most importantly] fix aes_xts_cipher's
return value after custom flag was rightly reverted [from HEAD].

13 years agocheck for unset entropy and nonce callbacks
Dr. Stephen Henson [Sun, 6 Nov 2011 13:08:54 +0000 (13:08 +0000)]
check for unset entropy and nonce callbacks

13 years agoUpdate fips_test_suite to take multiple command line options and
Dr. Stephen Henson [Sun, 6 Nov 2011 12:52:27 +0000 (12:52 +0000)]
Update fips_test_suite to take multiple command line options and
an induced error checking function.

13 years agotypo
Dr. Stephen Henson [Sat, 5 Nov 2011 18:25:16 +0000 (18:25 +0000)]
typo

13 years agomake post failure simulation reversible in all cases
Dr. Stephen Henson [Sat, 5 Nov 2011 18:15:01 +0000 (18:15 +0000)]
make post failure simulation reversible in all cases

13 years agotypo: use key for POST callback
Dr. Stephen Henson [Sat, 5 Nov 2011 18:11:16 +0000 (18:11 +0000)]
typo: use key for POST callback

13 years agofix set but unused warnings
Dr. Stephen Henson [Sat, 5 Nov 2011 18:04:50 +0000 (18:04 +0000)]
fix set but unused warnings

13 years agoarmv4cpuid.S, armv4-gf2m.pl: make newest code compilable by older assembler [from...
Andy Polyakov [Sat, 5 Nov 2011 13:57:02 +0000 (13:57 +0000)]
armv4cpuid.S, armv4-gf2m.pl: make newest code compilable by older assembler [from HEAD].

13 years agox86cpuid.pl: don't punish "last-year" OSes on "this-year" CPUs [from HEAD].
Andy Polyakov [Sat, 5 Nov 2011 13:56:10 +0000 (13:56 +0000)]
x86cpuid.pl: don't punish "last-year" OSes on "this-year" CPUs [from HEAD].
PR: 2633

13 years agoppc.pl: fix bug in bn_mul_comba4 [from HEAD].
Andy Polyakov [Sat, 5 Nov 2011 13:55:20 +0000 (13:55 +0000)]
ppc.pl: fix bug in bn_mul_comba4 [from HEAD].
PR: 2636
Submitted by: Charles Bryant

13 years agoAdd single call public key sign and verify functions.
Dr. Stephen Henson [Sat, 5 Nov 2011 01:32:52 +0000 (01:32 +0000)]
Add single call public key sign and verify functions.

13 years agoAdd support for memory leak checking in fips_algvs.
Dr. Stephen Henson [Wed, 2 Nov 2011 19:16:43 +0000 (19:16 +0000)]
Add support for memory leak checking in fips_algvs.

Fix many memory leaks in algorithm test utilities.

13 years agoRemove duplicate test from health check. Fix memory leaks by uninstantiating
Dr. Stephen Henson [Wed, 2 Nov 2011 16:35:24 +0000 (16:35 +0000)]
Remove duplicate test from health check. Fix memory leaks by uninstantiating
DRBG before reinitialising it.

13 years agoPrint out an error for "make test" in FIPS builds.
Dr. Stephen Henson [Wed, 2 Nov 2011 00:43:45 +0000 (00:43 +0000)]
Print out an error for "make test" in FIPS builds.

13 years agoReplace exit calls with return in fips_test_suite
Dr. Stephen Henson [Wed, 2 Nov 2011 00:07:15 +0000 (00:07 +0000)]
Replace exit calls with return in fips_test_suite

13 years agoAdd support for multicall fips_algvs utility combining functionality
Dr. Stephen Henson [Tue, 1 Nov 2011 13:45:30 +0000 (13:45 +0000)]
Add support for multicall fips_algvs utility combining functionality
of all fips test utilities in a single binary and some minimal script
parsing for platforms lacking a suitable shell.

In order to keep changes to the build system to a minimum it #includes all
the utilities C source files (yuck).

13 years agoPR: 2632
Dr. Stephen Henson [Wed, 26 Oct 2011 16:46:20 +0000 (16:46 +0000)]
PR: 2632
Submitted by: emmanuel.azencot@bull.net
Reviewed by: steve

Return -1 immediately if not affine coordinates as BN_CTX has not been
set up.

13 years agoPrepare for RC2.
Dr. Stephen Henson [Mon, 24 Oct 2011 16:58:49 +0000 (16:58 +0000)]
Prepare for RC2.

13 years agoprepare for RC1
Dr. Stephen Henson [Mon, 24 Oct 2011 16:53:59 +0000 (16:53 +0000)]
prepare for RC1

13 years agotypo
Dr. Stephen Henson [Mon, 24 Oct 2011 13:24:28 +0000 (13:24 +0000)]
typo

13 years agoThis commit was manufactured by cvs2svn to create branch 'OpenSSL-fips-
cvs2svn [Mon, 24 Oct 2011 06:00:07 +0000 (06:00 +0000)]
This commit was manufactured by cvs2svn to create branch 'OpenSSL-fips-
2_0-stable'.

13 years agoe_aes.c: fold even aesni_ccm_cipher.
Andy Polyakov [Mon, 24 Oct 2011 06:00:06 +0000 (06:00 +0000)]
e_aes.c: fold even aesni_ccm_cipher.

13 years agoe_aes.c: prevent potential DoS in aes_gcm_tls_cipher.
Andy Polyakov [Sun, 23 Oct 2011 22:58:40 +0000 (22:58 +0000)]
e_aes.c: prevent potential DoS in aes_gcm_tls_cipher.

13 years agocryptlib.c: remove stdio dependency in Windows fipscanister.lib.
Andy Polyakov [Sun, 23 Oct 2011 19:41:00 +0000 (19:41 +0000)]
cryptlib.c: remove stdio dependency in Windows fipscanister.lib.

13 years agoNo need for custom flag in XTS mode: block length is 1.
Dr. Stephen Henson [Sun, 23 Oct 2011 17:06:28 +0000 (17:06 +0000)]
No need for custom flag in XTS mode: block length is 1.

13 years agofips_canister.c: harmonize fingerprinting for all Windows, CE or not.
Andy Polyakov [Sun, 23 Oct 2011 15:17:30 +0000 (15:17 +0000)]
fips_canister.c: harmonize fingerprinting for all Windows, CE or not.

13 years agoconfig: in cross-compile case interrogate cross-compiler, not host, work
Andy Polyakov [Sun, 23 Oct 2011 15:12:37 +0000 (15:12 +0000)]
config: in cross-compile case interrogate cross-compiler, not host, work
around sub-shell limitation.

13 years agoCheck for selftest failure in various places.
Dr. Stephen Henson [Sat, 22 Oct 2011 17:24:27 +0000 (17:24 +0000)]
Check for selftest failure in various places.

13 years agox86gas.pl: relax .init segment alignment.
Andy Polyakov [Sat, 22 Oct 2011 10:49:52 +0000 (10:49 +0000)]
x86gas.pl: relax .init segment alignment.

13 years agomk1mk.pl: cleanup engines' handling and make fips build work on WIN64I.
Andy Polyakov [Fri, 21 Oct 2011 19:34:48 +0000 (19:34 +0000)]
mk1mk.pl: cleanup engines' handling and make fips build work on WIN64I.

13 years agoUpdate error codes.
Dr. Stephen Henson [Fri, 21 Oct 2011 11:46:16 +0000 (11:46 +0000)]
Update error codes.