oweals/openssl.git
13 years agoPR: 2533
Dr. Stephen Henson [Wed, 25 May 2011 15:20:49 +0000 (15:20 +0000)]
PR: 2533
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Setting SSL_MODE_RELEASE_BUFFERS should be ignored for DTLS, but instead causes
the program to crash. This is due to missing version checks and is fixed with
this patch.

13 years agoPR: 2529
Dr. Stephen Henson [Wed, 25 May 2011 15:16:10 +0000 (15:16 +0000)]
PR: 2529
Submitted by: Marcus Meissner <meissner@suse.de>
Reviewed by: steve

Call ssl_new() to reallocate SSL BIO internals if we want to replace
the existing internal SSL structure.

13 years agoPR: 2527
Dr. Stephen Henson [Wed, 25 May 2011 15:05:39 +0000 (15:05 +0000)]
PR: 2527
Submitted by: Marcus Meissner <meissner@suse.de>
Reviewed by: steve

Set cnf to NULL to avoid possible double free.

13 years agoFix the ECDSA timing attack mentioned in the paper at:
Dr. Stephen Henson [Wed, 25 May 2011 14:52:21 +0000 (14:52 +0000)]
Fix the ECDSA timing attack mentioned in the paper at:

http://eprint.iacr.org/2011/232.pdf

Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for
bringing this to our attention.

13 years agoFix the ECDSA timing attack mentioned in the paper at:
Dr. Stephen Henson [Wed, 25 May 2011 14:41:56 +0000 (14:41 +0000)]
Fix the ECDSA timing attack mentioned in the paper at:

http://eprint.iacr.org/2011/232.pdf

Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for
bringing this to our attention.

13 years agoSome nextproto patches broke DTLS: fix
Dr. Stephen Henson [Wed, 25 May 2011 14:31:47 +0000 (14:31 +0000)]
Some nextproto patches broke DTLS: fix

13 years agoOops use up to date patch for PR#2506
Dr. Stephen Henson [Wed, 25 May 2011 14:30:20 +0000 (14:30 +0000)]
Oops use up to date patch for PR#2506

13 years agoPR: 2512
Dr. Stephen Henson [Wed, 25 May 2011 12:37:07 +0000 (12:37 +0000)]
PR: 2512
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix BIO_accept so it can be bound to IPv4 or IPv6 sockets consistently.

13 years agoPR: 2506
Dr. Stephen Henson [Wed, 25 May 2011 12:28:06 +0000 (12:28 +0000)]
PR: 2506
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fully implement SSL_clear for DTLS.

13 years agoPR: 2505
Dr. Stephen Henson [Wed, 25 May 2011 12:25:01 +0000 (12:25 +0000)]
PR: 2505
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS session resumption timer bug.

13 years agouse TLS1_get_version macro to check version so TLS v1.2 changes don't interfere with...
Dr. Stephen Henson [Wed, 25 May 2011 11:43:07 +0000 (11:43 +0000)]
use TLS1_get_version macro to check version so TLS v1.2 changes don't interfere with DTLS

13 years agoe_padlock.c: fix typo.
Andy Polyakov [Wed, 25 May 2011 10:02:20 +0000 (10:02 +0000)]
e_padlock.c: fix typo.

13 years agorc4-586.pl: optimize unused code path.
Andy Polyakov [Wed, 25 May 2011 09:36:13 +0000 (09:36 +0000)]
rc4-586.pl: optimize unused code path.

13 years agoe_padlock.c: last x86_64 commit didn't work with some optimizers.
Andy Polyakov [Tue, 24 May 2011 17:18:19 +0000 (17:18 +0000)]
e_padlock.c: last x86_64 commit didn't work with some optimizers.

13 years agorc4-586.pl: 50% improvement on Core2 and 80% on Westmere.
Andy Polyakov [Tue, 24 May 2011 13:07:29 +0000 (13:07 +0000)]
rc4-586.pl: 50% improvement on Core2 and 80% on Westmere.

13 years agoPR: 2522
Dr. Stephen Henson [Mon, 23 May 2011 12:27:43 +0000 (12:27 +0000)]
PR: 2522
Submitted by: Henrik Grindal Bakken <henribak@cisco.com>

Don't compare past end of buffer.

13 years agospacrv9cap.c: addenum to recent EC optimizations.
Andy Polyakov [Mon, 23 May 2011 08:14:32 +0000 (08:14 +0000)]
spacrv9cap.c: addenum to recent EC optimizations.

13 years agoaesni-x86[_64].pl: optimize for Sandy Bridge and add XTS mode.
Andy Polyakov [Sun, 22 May 2011 18:38:00 +0000 (18:38 +0000)]
aesni-x86[_64].pl: optimize for Sandy Bridge and add XTS mode.

13 years agox86_64-gf2m.pl: add Win64 SEH.
Andy Polyakov [Sun, 22 May 2011 18:29:11 +0000 (18:29 +0000)]
x86_64-gf2m.pl: add Win64 SEH.

13 years agoppccap.c: addenum to recent EC optimizations.
Andy Polyakov [Sat, 21 May 2011 10:17:02 +0000 (10:17 +0000)]
ppccap.c: addenum to recent EC optimizations.

13 years agoec_cvt.c: ARM comparison results were wrong, clarify the background.
Andy Polyakov [Sat, 21 May 2011 08:40:18 +0000 (08:40 +0000)]
ec_cvt.c: ARM comparison results were wrong, clarify the background.

13 years agoec_cvt.c: avoid EC_GFp_nist_method on platforms with bn_mul_mont [see
Andy Polyakov [Fri, 20 May 2011 20:31:37 +0000 (20:31 +0000)]
ec_cvt.c: avoid EC_GFp_nist_method on platforms with bn_mul_mont [see
commentary for details].

13 years agoPR: 2295
Dr. Stephen Henson [Fri, 20 May 2011 14:56:29 +0000 (14:56 +0000)]
PR: 2295
Submitted by: Alexei Khlebnikov <alexei.khlebnikov@opera.com>
Reviewed by: steve

OOM checking. Leak in OOM fix. Fall-through comment. Duplicate code
elimination.

13 years agoAdd CHANGES entry: add FIPS support to ssl
Dr. Stephen Henson [Thu, 19 May 2011 18:10:25 +0000 (18:10 +0000)]
Add CHANGES entry: add FIPS support to ssl

13 years agoImplement FIPS_mode and FIPS_mode_set
Dr. Stephen Henson [Thu, 19 May 2011 18:09:02 +0000 (18:09 +0000)]
Implement FIPS_mode and FIPS_mode_set

13 years agooops
Dr. Stephen Henson [Thu, 19 May 2011 17:55:15 +0000 (17:55 +0000)]
oops

13 years agoupdate date
Dr. Stephen Henson [Thu, 19 May 2011 17:53:04 +0000 (17:53 +0000)]
update date

13 years agoinherit HMAC flags from MD_CTX
Dr. Stephen Henson [Thu, 19 May 2011 17:38:25 +0000 (17:38 +0000)]
inherit HMAC flags from MD_CTX

13 years agoset encodedPoint to NULL after freeing it
Dr. Stephen Henson [Thu, 19 May 2011 16:17:47 +0000 (16:17 +0000)]
set encodedPoint to NULL after freeing it

13 years agoaesni-x86_64.pl: make it compile on MacOS X.
Andy Polyakov [Wed, 18 May 2011 17:05:24 +0000 (17:05 +0000)]
aesni-x86_64.pl: make it compile on MacOS X.

13 years agox86gas.pl: don't omit .comm OPENSSL_ia32cap_P on MacOS X.
Andy Polyakov [Wed, 18 May 2011 16:28:53 +0000 (16:28 +0000)]
x86gas.pl: don't omit .comm OPENSSL_ia32cap_P on MacOS X.

13 years agox86_64-xlate.pl: add inter-register movq and make x86_64-gfm.s compile on
Andy Polyakov [Wed, 18 May 2011 16:26:03 +0000 (16:26 +0000)]
x86_64-xlate.pl: add inter-register movq and make x86_64-gfm.s compile on
Solaris, MacOS X, elderly gas...

13 years agox86_64cpuid.pl: allow shared build to work without -Bsymbolic.
Andy Polyakov [Wed, 18 May 2011 16:24:19 +0000 (16:24 +0000)]
x86_64cpuid.pl: allow shared build to work without -Bsymbolic.
PR: 2466

13 years agoe_padlock.c: make it compile on MacOS X.
Andy Polyakov [Wed, 18 May 2011 16:21:54 +0000 (16:21 +0000)]
e_padlock.c: make it compile on MacOS X.

13 years agox86[_64]cpuid.pl: handle new extensions.
Andy Polyakov [Mon, 16 May 2011 20:35:11 +0000 (20:35 +0000)]
x86[_64]cpuid.pl: handle new extensions.

13 years agoppc-xlate.pl: get linux64 declaration right.
Andy Polyakov [Mon, 16 May 2011 19:52:41 +0000 (19:52 +0000)]
ppc-xlate.pl: get linux64 declaration right.

13 years agocms-test.pl: make it work with not-so-latest perl.
Andy Polyakov [Mon, 16 May 2011 18:11:45 +0000 (18:11 +0000)]
cms-test.pl: make it work with not-so-latest perl.

13 years agox86gas.pl: add palignr and move pclmulqdq.
Andy Polyakov [Mon, 16 May 2011 18:07:00 +0000 (18:07 +0000)]
x86gas.pl: add palignr and move pclmulqdq.

13 years agox86_64 assembler pack: add x86_64-gf2m module.
Andy Polyakov [Mon, 16 May 2011 17:46:45 +0000 (17:46 +0000)]
x86_64 assembler pack: add x86_64-gf2m module.

13 years agox86_64-xlate.pl: allow "base-less" effective address, add palignr, move
Andy Polyakov [Mon, 16 May 2011 17:44:38 +0000 (17:44 +0000)]
x86_64-xlate.pl: allow "base-less" effective address, add palignr, move
pclmulqdq.

13 years agonew flag to stop ENGINE methods being registered
Dr. Stephen Henson [Sun, 15 May 2011 15:56:49 +0000 (15:56 +0000)]
new flag to stop ENGINE methods being registered

13 years agoNULL is a valid cspname
Dr. Stephen Henson [Sun, 15 May 2011 11:44:14 +0000 (11:44 +0000)]
NULL is a valid cspname

13 years agoTypo.
Dr. Stephen Henson [Fri, 13 May 2011 12:43:41 +0000 (12:43 +0000)]
Typo.

13 years agotypo
Dr. Stephen Henson [Fri, 13 May 2011 12:37:40 +0000 (12:37 +0000)]
typo

13 years agoRecognise NO_NISTP224-64-GCC-128
Dr. Stephen Henson [Fri, 13 May 2011 12:35:05 +0000 (12:35 +0000)]
Recognise NO_NISTP224-64-GCC-128

13 years agoEnter FIPS mode by calling FIPS_module_mode_set in openssl.c until
Dr. Stephen Henson [Thu, 12 May 2011 17:59:47 +0000 (17:59 +0000)]
Enter FIPS mode by calling FIPS_module_mode_set in openssl.c until
FIPS_mode_set is implemented.

13 years agoProvisional support for TLS v1.2 client authentication: client side only.
Dr. Stephen Henson [Thu, 12 May 2011 17:35:03 +0000 (17:35 +0000)]
Provisional support for TLS v1.2 client authentication: client side only.

Parse certificate request message and set digests appropriately.

Generate new TLS v1.2 format certificate verify message.

Keep handshake caches around for longer as they are needed for client auth.

13 years agoProcess signature algorithms during TLS v1.2 client authentication.
Dr. Stephen Henson [Thu, 12 May 2011 14:38:01 +0000 (14:38 +0000)]
Process signature algorithms during TLS v1.2 client authentication.

Make sure message is long enough for signature algorithms.

13 years agoFix error discrepancy.
Dr. Stephen Henson [Thu, 12 May 2011 14:28:09 +0000 (14:28 +0000)]
Fix error discrepancy.

13 years agoAdd SSL_INTERN definition.
Dr. Stephen Henson [Thu, 12 May 2011 13:13:07 +0000 (13:13 +0000)]
Add SSL_INTERN definition.

13 years agoSync ordinals.
Dr. Stephen Henson [Wed, 11 May 2011 23:04:10 +0000 (23:04 +0000)]
Sync ordinals.

13 years agomake kerberos work with OPENSSL_NO_SSL_INTERN
Dr. Stephen Henson [Wed, 11 May 2011 22:50:18 +0000 (22:50 +0000)]
make kerberos work with OPENSSL_NO_SSL_INTERN

13 years agobn_nist.c: fix shadowing warnings.
Andy Polyakov [Wed, 11 May 2011 20:19:00 +0000 (20:19 +0000)]
bn_nist.c: fix shadowing warnings.

13 years agofips_canister.c: pick more neutral macro name.
Andy Polyakov [Wed, 11 May 2011 20:17:06 +0000 (20:17 +0000)]
fips_canister.c: pick more neutral macro name.

13 years agoReorder signature algorithms in strongest hash first order.
Dr. Stephen Henson [Wed, 11 May 2011 16:33:28 +0000 (16:33 +0000)]
Reorder signature algorithms in strongest hash first order.

13 years agoSet FIPS mode for values other than 1. The only current effect
Dr. Stephen Henson [Wed, 11 May 2011 14:49:01 +0000 (14:49 +0000)]
Set FIPS mode for values other than 1. The only current effect
is to return a consistent value. So calling FIPS_module_mode_set(n)
for n != 0 will result in FIPS_module_mode() returning n. This
will support future expansion of more FIPS modes e.g. a Suite B mode.

13 years agoRename FIPS_mode_set and FIPS_mode. Theses symbols will be defined in
Dr. Stephen Henson [Wed, 11 May 2011 14:43:38 +0000 (14:43 +0000)]
Rename FIPS_mode_set and FIPS_mode. Theses symbols will be defined in
the FIPS capable OpenSSL.

13 years agoInlcude README.ECC in FIPS restricted tarball.
Dr. Stephen Henson [Wed, 11 May 2011 12:52:51 +0000 (12:52 +0000)]
Inlcude README.ECC in FIPS restricted tarball.

13 years agoAdd NSA sublicense info.
Dr. Stephen Henson [Wed, 11 May 2011 12:50:57 +0000 (12:50 +0000)]
Add NSA sublicense info.

13 years agoUpdate instructions.
Dr. Stephen Henson [Tue, 10 May 2011 10:59:25 +0000 (10:59 +0000)]
Update instructions.

13 years agoTypo.
Dr. Stephen Henson [Tue, 10 May 2011 10:57:03 +0000 (10:57 +0000)]
Typo.

13 years agofips_canister.c: fix typo.
Andy Polyakov [Tue, 10 May 2011 10:03:23 +0000 (10:03 +0000)]
fips_canister.c: fix typo.

13 years agofips_canister.c: initial support for cross-compiling. "Initial" refers
Andy Polyakov [Tue, 10 May 2011 09:53:59 +0000 (09:53 +0000)]
fips_canister.c: initial support for cross-compiling. "Initial" refers
to the two-entry list of verified platforms in #ifndef
FIPS_REF_POINT_IS_SAFE_TO_CROSS_COMPILE pre-processor section.

13 years agoInitialise rc.
Dr. Stephen Henson [Mon, 9 May 2011 21:21:29 +0000 (21:21 +0000)]
Initialise rc.

13 years agoInitial TLS v1.2 client support. Include a default supported signature
Dr. Stephen Henson [Mon, 9 May 2011 15:44:01 +0000 (15:44 +0000)]
Initial TLS v1.2 client support. Include a default supported signature
algorithms extension (including everything we support). Swicth to new
signature format where needed and relax ECC restrictions.

Not TLS v1.2 client certifcate support yet but client will handle case
where a certificate is requested and we don't have one.

13 years agoCall fipsas.pl directly for pa-risc targets.
Dr. Stephen Henson [Mon, 9 May 2011 15:23:00 +0000 (15:23 +0000)]
Call fipsas.pl directly for pa-risc targets.

13 years agoOptimized bn_nist.c. Performance improvement varies from one benchmark
Andy Polyakov [Mon, 9 May 2011 10:16:32 +0000 (10:16 +0000)]
Optimized bn_nist.c. Performance improvement varies from one benchmark
and platform to another. It was measured to deliver 20-30% better
performance on x86 platforms and 30-40% on x86_64, on nistp384 benchmark.

13 years agoallow SHA384, SHA512 wit DSA
Dr. Stephen Henson [Sun, 8 May 2011 12:38:35 +0000 (12:38 +0000)]
allow SHA384, SHA512 wit DSA

13 years agoRemove gf2m modules from bn_asm if no-ec2m set.
Dr. Stephen Henson [Sat, 7 May 2011 22:56:56 +0000 (22:56 +0000)]
Remove gf2m modules from bn_asm if no-ec2m set.

13 years agoRemove FIXME comments.
Dr. Stephen Henson [Sat, 7 May 2011 22:37:58 +0000 (22:37 +0000)]
Remove FIXME comments.

13 years agoOmit GF2m properly this time ;-)
Dr. Stephen Henson [Sat, 7 May 2011 22:36:03 +0000 (22:36 +0000)]
Omit GF2m properly this time ;-)

13 years agoDon't include GF2m source files is NOEC2M set.
Dr. Stephen Henson [Sat, 7 May 2011 22:22:37 +0000 (22:22 +0000)]
Don't include GF2m source files is NOEC2M set.

13 years agoIA-64 assembler pack: fix typos and make it work on HP-UX.
Andy Polyakov [Sat, 7 May 2011 20:36:05 +0000 (20:36 +0000)]
IA-64 assembler pack: fix typos and make it work on HP-UX.

13 years agox86 assembler pack: add bn_GF2m_mul_2x2 implementations (see x86-gf2m.pl for
Andy Polyakov [Sat, 7 May 2011 10:31:06 +0000 (10:31 +0000)]
x86 assembler pack: add bn_GF2m_mul_2x2 implementations (see x86-gf2m.pl for
details and performance data).

13 years agoFixes for WIN64 FIPS build.
Dr. Stephen Henson [Fri, 6 May 2011 23:47:23 +0000 (23:47 +0000)]
Fixes for WIN64 FIPS build.

13 years agoGet OPENSSL_FIPSSYMS from environment in fipsas.pl, include ppccap.c and .S
Dr. Stephen Henson [Fri, 6 May 2011 21:42:34 +0000 (21:42 +0000)]
Get OPENSSL_FIPSSYMS from environment in fipsas.pl, include ppccap.c and .S
files in fipsdist.

13 years agoDon't fail WIN32 builds on warnings.
Dr. Stephen Henson [Fri, 6 May 2011 17:55:59 +0000 (17:55 +0000)]
Don't fail WIN32 builds on warnings.

13 years agoReturn error codes for selftest failure instead of hard assertion errors.
Dr. Stephen Henson [Fri, 6 May 2011 17:38:39 +0000 (17:38 +0000)]
Return error codes for selftest failure instead of hard assertion errors.

13 years agoContinuing TLS v1.2 support: add support for server parsing of
Dr. Stephen Henson [Fri, 6 May 2011 13:00:07 +0000 (13:00 +0000)]
Continuing TLS v1.2 support: add support for server parsing of
signature algorithms extension and correct signature format for
server key exchange.

All ciphersuites should now work on the server but no client support and
no client certificate support yet.

13 years agoHide more symbols.
Dr. Stephen Henson [Thu, 5 May 2011 23:10:32 +0000 (23:10 +0000)]
Hide more symbols.

13 years agoARM assembler pack: engage newly introduced armv4-gf2m module.
Andy Polyakov [Thu, 5 May 2011 21:57:11 +0000 (21:57 +0000)]
ARM assembler pack: engage newly introduced armv4-gf2m module.

13 years agoFix warning of signed/unsigned comparison.
Dr. Stephen Henson [Thu, 5 May 2011 14:47:38 +0000 (14:47 +0000)]
Fix warning of signed/unsigned comparison.

13 years agoARM assembler pack. Add bn_GF2m_mul_2x2 implementation (see source code
Andy Polyakov [Thu, 5 May 2011 07:21:17 +0000 (07:21 +0000)]
ARM assembler pack. Add bn_GF2m_mul_2x2 implementation (see source code
for details and performance data).

13 years agoRemove superfluous PRNG self tests.
Dr. Stephen Henson [Wed, 4 May 2011 23:17:29 +0000 (23:17 +0000)]
Remove superfluous PRNG self tests.

Print timer resolution.

13 years agoxts128.c: minor optimizaton.
Andy Polyakov [Wed, 4 May 2011 20:57:43 +0000 (20:57 +0000)]
xts128.c: minor optimizaton.

13 years agoUpdate status.
Dr. Stephen Henson [Wed, 4 May 2011 18:43:32 +0000 (18:43 +0000)]
Update status.

13 years agoRemove debugging print.
Dr. Stephen Henson [Wed, 4 May 2011 18:33:42 +0000 (18:33 +0000)]
Remove debugging print.

Explicitly use LINKDIRS for fipsdist links.

13 years agobn_gf2m.c: optimized BN_GF2m_mod_inv delivers sometimes 2x of ECDSA sign.
Andy Polyakov [Wed, 4 May 2011 15:22:53 +0000 (15:22 +0000)]
bn_gf2m.c: optimized BN_GF2m_mod_inv delivers sometimes 2x of ECDSA sign.
Exact improvement coefficients vary from one benchmark and platform to
another, e.g. it performs 70%-33% better on ARM, hereafter less for
longer keys, and 100%-90% better on x86_64.

13 years agoFix warning.
Dr. Stephen Henson [Wed, 4 May 2011 14:34:36 +0000 (14:34 +0000)]
Fix warning.

13 years agoInclude fipssyms.h for ARM builds to translate symbols.
Dr. Stephen Henson [Wed, 4 May 2011 14:16:03 +0000 (14:16 +0000)]
Include fipssyms.h for ARM builds to translate symbols.

Translate arm symbol to fips_*.

13 years agoRemove useless setting.
Dr. Stephen Henson [Wed, 4 May 2011 01:09:52 +0000 (01:09 +0000)]
Remove useless setting.

13 years agoPR: 2499
Dr. Stephen Henson [Mon, 2 May 2011 23:29:57 +0000 (23:29 +0000)]
PR: 2499
Submitted by: "James 'J.C.' Jones" <james.jc.jones@gmail.com>

Typos.

13 years agoFix do_fips script.
Dr. Stephen Henson [Mon, 2 May 2011 17:11:54 +0000 (17:11 +0000)]
Fix do_fips script.

13 years agoUse faster curves for ECDSA self test.
Dr. Stephen Henson [Mon, 2 May 2011 12:13:04 +0000 (12:13 +0000)]
Use faster curves for ECDSA self test.

13 years agoUse more portable clock_gettime() for fips_test_suite timing.
Dr. Stephen Henson [Mon, 2 May 2011 11:09:38 +0000 (11:09 +0000)]
Use more portable clock_gettime() for fips_test_suite timing.

Output times of each subtest.

13 years agoStop warning in VxWorks.
Dr. Stephen Henson [Sun, 1 May 2011 20:55:05 +0000 (20:55 +0000)]
Stop warning in VxWorks.

13 years agoQuick hack to time POST.
Dr. Stephen Henson [Sun, 1 May 2011 20:54:42 +0000 (20:54 +0000)]
Quick hack to time POST.

13 years agoTwo more symbol renames.
Dr. Stephen Henson [Sun, 1 May 2011 19:07:16 +0000 (19:07 +0000)]
Two more symbol renames.

13 years agoHandle multiple CPUID_OBJ correctly.
Dr. Stephen Henson [Sun, 1 May 2011 19:06:39 +0000 (19:06 +0000)]
Handle multiple CPUID_OBJ correctly.

13 years agoRename some more symbols.
Dr. Stephen Henson [Sun, 1 May 2011 17:51:40 +0000 (17:51 +0000)]
Rename some more symbols.