oweals/openssl.git
13 years agogcm128.c: fix bug in OPENSSL_SMALL_FOOTPRINT decrypt.
Andy Polyakov [Sun, 6 Feb 2011 23:48:32 +0000 (23:48 +0000)]
gcm128.c: fix bug in OPENSSL_SMALL_FOOTPRINT decrypt.
PR: 2432
Submitted by: Michael Heyman

13 years agoFix duplicate code and typo.
Dr. Stephen Henson [Sun, 6 Feb 2011 00:51:05 +0000 (00:51 +0000)]
Fix duplicate code and typo.

13 years agoRemove unneeded functions, make some functions and variables static.
Dr. Stephen Henson [Fri, 4 Feb 2011 17:56:57 +0000 (17:56 +0000)]
Remove unneeded functions, make some functions and variables static.

13 years agoAdd FIPS support to the WIN32 build system.
Dr. Stephen Henson [Thu, 3 Feb 2011 23:12:04 +0000 (23:12 +0000)]
Add FIPS support to the WIN32 build system.

13 years agoTransfer error redirection to fips.h, add OPENSSL_FIPSAPI to source files
Dr. Stephen Henson [Thu, 3 Feb 2011 17:00:24 +0000 (17:00 +0000)]
Transfer error redirection to fips.h, add OPENSSL_FIPSAPI to source files
that use it.

13 years agoRename crypto/fips_err.c to fips_ers.c to avoid clash with other fips_err.c
Dr. Stephen Henson [Thu, 3 Feb 2011 16:16:30 +0000 (16:16 +0000)]
Rename crypto/fips_err.c to fips_ers.c to avoid clash with other fips_err.c

13 years agoInclude fips header file in err_all.c if needed.
Dr. Stephen Henson [Thu, 3 Feb 2011 16:03:21 +0000 (16:03 +0000)]
Include fips header file in err_all.c if needed.

13 years agoAdd FIPS error codes.
Dr. Stephen Henson [Thu, 3 Feb 2011 15:58:43 +0000 (15:58 +0000)]
Add FIPS error codes.

13 years agoadd -stripcr option to copy.pl from 0.9.8
Dr. Stephen Henson [Thu, 3 Feb 2011 14:57:51 +0000 (14:57 +0000)]
add -stripcr option to copy.pl from 0.9.8

13 years agoAdd Windows FIPS build utilities.
Dr. Stephen Henson [Thu, 3 Feb 2011 14:20:59 +0000 (14:20 +0000)]
Add Windows FIPS build utilities.

13 years agoFor now disable EC_GFp_nistp224_method() for WIN32 so the WIN32 build
Dr. Stephen Henson [Thu, 3 Feb 2011 13:00:08 +0000 (13:00 +0000)]
For now disable EC_GFp_nistp224_method() for WIN32 so the WIN32 build
completes without linker errors.

13 years agoAdd FIPS support to mkdef.pl script, update ordinals.
Dr. Stephen Henson [Thu, 3 Feb 2011 12:59:01 +0000 (12:59 +0000)]
Add FIPS support to mkdef.pl script, update ordinals.

13 years agoUse single X931 key generation source file for FIPS and non-FIPS builds.
Dr. Stephen Henson [Thu, 3 Feb 2011 12:47:56 +0000 (12:47 +0000)]
Use single X931 key generation source file for FIPS and non-FIPS builds.

13 years agoAssorted bugfixes:
Bodo Möller [Thu, 3 Feb 2011 12:03:51 +0000 (12:03 +0000)]
Assorted bugfixes:
- safestack macro changes for C++ were incomplete
- RLE decompression boundary case
- SSL 2.0 key arg length check

Submitted by: Google (Adam Langley, Neel Mehta, Bodo Moeller)

13 years agofix omissions
Bodo Möller [Thu, 3 Feb 2011 11:13:29 +0000 (11:13 +0000)]
fix omissions

13 years agoCVE-2010-4180 fix (from OpenSSL_1_0_0-stable)
Bodo Möller [Thu, 3 Feb 2011 10:43:00 +0000 (10:43 +0000)]
CVE-2010-4180 fix (from OpenSSL_1_0_0-stable)

13 years agomake update
Bodo Möller [Thu, 3 Feb 2011 10:17:53 +0000 (10:17 +0000)]
make update

13 years agoFix error codes.
Bodo Möller [Thu, 3 Feb 2011 10:03:23 +0000 (10:03 +0000)]
Fix error codes.

13 years agoCope with new DSA2 file format where some p/q only tests are made.
Dr. Stephen Henson [Wed, 2 Feb 2011 17:48:03 +0000 (17:48 +0000)]
Cope with new DSA2 file format where some p/q only tests are made.

13 years agoFix target config errors.
Dr. Stephen Henson [Wed, 2 Feb 2011 15:11:40 +0000 (15:11 +0000)]
Fix target config errors.

13 years agoMake no-asm work in fips mode. Add android platform.
Dr. Stephen Henson [Wed, 2 Feb 2011 15:07:13 +0000 (15:07 +0000)]
Make no-asm work in fips mode. Add android platform.

13 years agoAdd sign/verify digest API to handle an explicit digest instead of finalising
Dr. Stephen Henson [Wed, 2 Feb 2011 14:21:33 +0000 (14:21 +0000)]
Add sign/verify digest API to handle an explicit digest instead of finalising
a context.

13 years agoRemove DSA parameter generation from DSA selftest. It is unnecessary and
Dr. Stephen Henson [Wed, 2 Feb 2011 14:20:45 +0000 (14:20 +0000)]
Remove DSA parameter generation from DSA selftest. It is unnecessary and
can be very slow on embedded platforms. Hard code DSA parameters instead.

13 years agoDon't try to set pmd if it is NULL.
Dr. Stephen Henson [Tue, 1 Feb 2011 19:15:12 +0000 (19:15 +0000)]
Don't try to set pmd if it is NULL.

13 years agoAdd DSA2 support to final algorithm tests: keypair and keyver.
Dr. Stephen Henson [Tue, 1 Feb 2011 18:53:48 +0000 (18:53 +0000)]
Add DSA2 support to final algorithm tests: keypair and keyver.

13 years agoSupport more DSA2 tests.
Dr. Stephen Henson [Tue, 1 Feb 2011 17:54:23 +0000 (17:54 +0000)]
Support more DSA2 tests.

13 years agoTolerate mixed case and leading zeroes when comparing.
Dr. Stephen Henson [Tue, 1 Feb 2011 17:15:53 +0000 (17:15 +0000)]
Tolerate mixed case and leading zeroes when comparing.

13 years agofixes for DSA2 parameter generation
Dr. Stephen Henson [Tue, 1 Feb 2011 17:15:19 +0000 (17:15 +0000)]
fixes for DSA2 parameter generation

13 years agoupdate README.FIPS
Dr. Stephen Henson [Tue, 1 Feb 2011 17:14:07 +0000 (17:14 +0000)]
update README.FIPS

13 years agoSince FIPS 186-3 specifies we use the leftmost bits of the digest
Dr. Stephen Henson [Tue, 1 Feb 2011 12:52:01 +0000 (12:52 +0000)]
Since FIPS 186-3 specifies we use the leftmost bits of the digest
we shouldn't reject digest lengths larger than SHA256: the FIPS
algorithm tests include SHA384 and SHA512 tests.

13 years agoProvisional, experimental support for DSA2 parameter generation algorithm.
Dr. Stephen Henson [Mon, 31 Jan 2011 19:44:09 +0000 (19:44 +0000)]
Provisional, experimental support for DSA2 parameter generation algorithm.
Not properly integrated or tested yet.

13 years agostop warnings about no previous prototype when compiling shared engines
Dr. Stephen Henson [Sun, 30 Jan 2011 01:30:48 +0000 (01:30 +0000)]
stop warnings about no previous prototype when compiling shared engines

13 years agoFix shared build for fips
Dr. Stephen Henson [Sun, 30 Jan 2011 01:14:34 +0000 (01:14 +0000)]
Fix shared build for fips

13 years agoAdd fips option into Configure, disable endian code for no-asm and FIPS.
Dr. Stephen Henson [Sun, 30 Jan 2011 00:01:09 +0000 (00:01 +0000)]
Add fips option into Configure, disable endian code for no-asm and FIPS.
Make shared library default for fips.

13 years agoadd fiplibdir and basedir options to Configure
Dr. Stephen Henson [Sat, 29 Jan 2011 23:45:02 +0000 (23:45 +0000)]
add fiplibdir and basedir options to Configure

13 years agouse different default fips install directory
Dr. Stephen Henson [Sat, 29 Jan 2011 23:05:15 +0000 (23:05 +0000)]
use different default fips install directory

13 years agoupdate version to 2.0
Dr. Stephen Henson [Sat, 29 Jan 2011 21:51:59 +0000 (21:51 +0000)]
update version to 2.0

13 years agotypo
Dr. Stephen Henson [Sat, 29 Jan 2011 21:45:04 +0000 (21:45 +0000)]
typo

13 years agodon't descend fips directory if not in fips mode
Dr. Stephen Henson [Sat, 29 Jan 2011 21:39:33 +0000 (21:39 +0000)]
don't descend fips directory if not in fips mode

13 years agoAdd preliminary FIPS information.
Dr. Stephen Henson [Sat, 29 Jan 2011 17:05:25 +0000 (17:05 +0000)]
Add preliminary FIPS information.

13 years agoMove all FIPSAPI renames into fips.h header file, include early in
Dr. Stephen Henson [Thu, 27 Jan 2011 19:10:56 +0000 (19:10 +0000)]
Move all FIPSAPI renames into fips.h header file, include early in
crypto.h if needed.

Modify source tree to handle change.

13 years agoadd .cvsignore
Dr. Stephen Henson [Thu, 27 Jan 2011 18:11:36 +0000 (18:11 +0000)]
add .cvsignore

13 years agoadd FIPS API malloc/free
Dr. Stephen Henson [Thu, 27 Jan 2011 18:09:05 +0000 (18:09 +0000)]
add FIPS API malloc/free

13 years agoRedirect FIPS memory allocation to FIPS_malloc() routine, remove
Dr. Stephen Henson [Thu, 27 Jan 2011 17:23:43 +0000 (17:23 +0000)]
Redirect FIPS memory allocation to FIPS_malloc() routine, remove
OpenSSL malloc dependencies.

13 years agoadd fips_dsatest.c file
Dr. Stephen Henson [Thu, 27 Jan 2011 16:52:49 +0000 (16:52 +0000)]
add fips_dsatest.c file

13 years agoUpdate source files to handle new FIPS_lock() location. Add FIPS_lock()
Dr. Stephen Henson [Thu, 27 Jan 2011 15:57:31 +0000 (15:57 +0000)]
Update source files to handle new FIPS_lock() location. Add FIPS_lock()
definition. Remove stale function references from fips.h

13 years agoChange OPENSSL_FIPSEVP to OPENSSL_FIPSAPI as it doesn't just refer
Dr. Stephen Henson [Thu, 27 Jan 2011 15:22:26 +0000 (15:22 +0000)]
Change OPENSSL_FIPSEVP to OPENSSL_FIPSAPI as it doesn't just refer
to EVP any more.

Move locking #define into fips.h.

Set FIPS locking callbacks at same time as OpenSSL locking callbacks.

13 years agoInclude thread ID code in fips module.
Dr. Stephen Henson [Thu, 27 Jan 2011 14:50:41 +0000 (14:50 +0000)]
Include thread ID code in fips module.

13 years agoNew FIPS_lock() function for minimal FIPS locking API: to avoid dependencies
Dr. Stephen Henson [Thu, 27 Jan 2011 14:29:48 +0000 (14:29 +0000)]
New FIPS_lock() function for minimal FIPS locking API: to avoid dependencies
on OpenSSL locking code. Use API in some internal FIPS files.

Remove redundant ENGINE defines from fips.h

13 years agoMove locking and thread ID functions into new files lock.c and thr_id.c,
Dr. Stephen Henson [Thu, 27 Jan 2011 14:27:24 +0000 (14:27 +0000)]
Move locking and thread ID functions into new files lock.c and thr_id.c,
redirect locking to minimal FIPS_lock() function where required.

13 years agouse FIPSEVP in some bn and rsa files
Dr. Stephen Henson [Thu, 27 Jan 2011 14:24:42 +0000 (14:24 +0000)]
use FIPSEVP in some bn and rsa files

13 years agoupdate .cvsignore
Dr. Stephen Henson [Thu, 27 Jan 2011 13:33:47 +0000 (13:33 +0000)]
update .cvsignore

13 years agoInternal version of BN_mod_inverse allowing checking of no-inverse without
Dr. Stephen Henson [Wed, 26 Jan 2011 16:59:47 +0000 (16:59 +0000)]
Internal version of BN_mod_inverse allowing checking of no-inverse without
need to inspect error queue.

13 years agoFIPS changes to test/Makefile: rules to build FIPS test applications.
Dr. Stephen Henson [Wed, 26 Jan 2011 16:47:51 +0000 (16:47 +0000)]
FIPS changes to test/Makefile: rules to build FIPS test applications.

13 years agoUse ARX in crypto/Makefile
Dr. Stephen Henson [Wed, 26 Jan 2011 16:22:03 +0000 (16:22 +0000)]
Use ARX in crypto/Makefile

13 years agoFIPS HMAC changes:
Dr. Stephen Henson [Wed, 26 Jan 2011 16:15:38 +0000 (16:15 +0000)]
FIPS HMAC changes:

Use EVP macros.

Use tiny EVP in FIPS mode.

13 years agoChange AR to ARX to allow exclusion of fips object modules
Dr. Stephen Henson [Wed, 26 Jan 2011 16:08:08 +0000 (16:08 +0000)]
Change AR to ARX to allow exclusion of fips object modules

13 years agoFIPS mode ERR changes. Redirect errors to tiny FIPS callbacks to avoid ERR
Dr. Stephen Henson [Wed, 26 Jan 2011 15:53:07 +0000 (15:53 +0000)]
FIPS mode ERR changes. Redirect errors to tiny FIPS callbacks to avoid ERR
library dependencies.

13 years agoFIPS DH changes: selftest checks and key range checks.
Dr. Stephen Henson [Wed, 26 Jan 2011 15:47:19 +0000 (15:47 +0000)]
FIPS DH changes: selftest checks and key range checks.

13 years agoFIPS mode DSA changes:
Dr. Stephen Henson [Wed, 26 Jan 2011 15:46:26 +0000 (15:46 +0000)]
FIPS mode DSA changes:

Check for selftest failures.

Pairwise consistency test for RSA key generation.

Use some EVP macros instead of EVP functions.

Use minimal FIPS EVP where needed.

Key size restrictions.

13 years agoFIPS mode RSA changes:
Dr. Stephen Henson [Wed, 26 Jan 2011 15:37:41 +0000 (15:37 +0000)]
FIPS mode RSA changes:

Check for selftest failures.

Pairwise consistency test for RSA key generation.

Use some EVP macros instead of EVP functions.

Use minimal FIPS EVP where needed.

13 years agoadd new RAND errors
Dr. Stephen Henson [Wed, 26 Jan 2011 15:33:51 +0000 (15:33 +0000)]
add new RAND errors

13 years agoFIPS mode EVP changes:
Dr. Stephen Henson [Wed, 26 Jan 2011 15:25:33 +0000 (15:25 +0000)]
FIPS mode EVP changes:

Set EVP_CIPH_FLAG_FIPS on approved ciphers.

Support "default ASN1" flag which avoids need for ASN1 dependencies in FIPS
code.

Include some defines to redirect operations to a "tiny EVP" implementation
in some FIPS source files.

Change m_sha1.c to use EVP_PKEY_NULL_method: the EVP_MD sign/verify functions
are not used in OpenSSL 1.0 and later for SHA1 and SHA2 ciphers: the EVP_PKEY
API is used instead.

13 years agoFIPS mode changes to make RNG compile (this will need updating later as we
Dr. Stephen Henson [Wed, 26 Jan 2011 14:52:04 +0000 (14:52 +0000)]
FIPS mode changes to make RNG compile (this will need updating later as we
need a whole new PRNG for FIPS).

1. avoid use of ERR_peek().

2. If compiling with FIPS use small FIPS EVP and disable ENGINE

13 years agoAdd fipscanisterbuild configuration option and update Makefile.org: doesn't compile yet
Dr. Stephen Henson [Wed, 26 Jan 2011 12:31:30 +0000 (12:31 +0000)]
Add fipscanisterbuild configuration option and update Makefile.org: doesn't compile yet

13 years agoFIPS_allow_md5() no longer exists and is no longer required
Dr. Stephen Henson [Wed, 26 Jan 2011 12:23:58 +0000 (12:23 +0000)]
FIPS_allow_md5() no longer exists and is no longer required

13 years agoAdd rsa_crpt
Richard Levitte [Wed, 26 Jan 2011 06:51:35 +0000 (06:51 +0000)]
Add rsa_crpt

13 years agoupdate mkerr.pl for use fips directory, add arx.pl script
Dr. Stephen Henson [Wed, 26 Jan 2011 01:35:07 +0000 (01:35 +0000)]
update mkerr.pl for use fips directory, add arx.pl script

13 years agoadd fips_premain.c.sha1
Dr. Stephen Henson [Wed, 26 Jan 2011 01:15:54 +0000 (01:15 +0000)]
add fips_premain.c.sha1

13 years agoadd fips_sha1_selftest.c
Dr. Stephen Henson [Wed, 26 Jan 2011 01:11:12 +0000 (01:11 +0000)]
add fips_sha1_selftest.c

13 years agoadd fips/sha files
Dr. Stephen Henson [Wed, 26 Jan 2011 01:09:52 +0000 (01:09 +0000)]
add fips/sha files

13 years agoadd fips/aes/Makefile
Dr. Stephen Henson [Wed, 26 Jan 2011 01:05:48 +0000 (01:05 +0000)]
add fips/aes/Makefile

13 years agoadd fips/des/Makefile
Dr. Stephen Henson [Wed, 26 Jan 2011 01:04:53 +0000 (01:04 +0000)]
add fips/des/Makefile

13 years agoadd fips/Makefile
Dr. Stephen Henson [Wed, 26 Jan 2011 01:03:54 +0000 (01:03 +0000)]
add fips/Makefile

13 years agoadd some missing fips files
Dr. Stephen Henson [Wed, 26 Jan 2011 00:58:09 +0000 (00:58 +0000)]
add some missing fips files

13 years agoAnd so it begins... again.
Dr. Stephen Henson [Wed, 26 Jan 2011 00:56:19 +0000 (00:56 +0000)]
And so it begins... again.

Initial FIPS 140-2 code ported to HEAD. Doesn't even compile yet, may have
missing files, extraneous files and other nastiness.

In other words: it's experimental ATM, OK?

13 years agoMove RSA encryption functions to new file crypto/rsa/rsa_crpt.c to separate
Dr. Stephen Henson [Tue, 25 Jan 2011 17:35:10 +0000 (17:35 +0000)]
Move RSA encryption functions to new file crypto/rsa/rsa_crpt.c to separate
crypto and ENGINE dependencies in RSA library.

13 years agoMove BN_options function to bn_print.c to remove dependency for BIO printf
Dr. Stephen Henson [Tue, 25 Jan 2011 17:10:30 +0000 (17:10 +0000)]
Move BN_options function to bn_print.c to remove dependency for BIO printf
routines from bn_lib.c

13 years agoMove DSA_sign, DSA_verify to dsa_asn1.c and include separate versions of
Dr. Stephen Henson [Tue, 25 Jan 2011 16:55:15 +0000 (16:55 +0000)]
Move DSA_sign, DSA_verify to dsa_asn1.c and include separate versions of
DSA_SIG_new() and DSA_SIG_free() to remove ASN1 dependencies from DSA_do_sign()
and DSA_do_verify().

13 years agorecalculate DSA signature if r or s is zero (FIPS 186-3 requirement)
Dr. Stephen Henson [Tue, 25 Jan 2011 16:01:29 +0000 (16:01 +0000)]
recalculate DSA signature if r or s is zero (FIPS 186-3 requirement)

13 years agorevert Makefile change
Dr. Stephen Henson [Tue, 25 Jan 2011 12:15:10 +0000 (12:15 +0000)]
revert Makefile change

13 years agoPR: 2433
Dr. Stephen Henson [Mon, 24 Jan 2011 16:19:52 +0000 (16:19 +0000)]
PR: 2433
Submitted by: Chris Wilson <chris@qwirx.com>
Reviewed by: steve

Constify ASN1_STRING_set_default_mask_asc().

13 years agoNew function EC_KEY_set_affine_coordinates() this performs all the
Dr. Stephen Henson [Mon, 24 Jan 2011 16:07:40 +0000 (16:07 +0000)]
New function EC_KEY_set_affine_coordinates() this performs all the
NIST PKV tests.

13 years agocheck EC public key isn't point at infinity
Dr. Stephen Henson [Mon, 24 Jan 2011 15:04:34 +0000 (15:04 +0000)]
check EC public key isn't point at infinity

13 years agoPR: 1612
Dr. Stephen Henson [Mon, 24 Jan 2011 14:41:34 +0000 (14:41 +0000)]
PR: 1612
Submitted by: Robert Jackson <robert@rjsweb.net>
Reviewed by: steve

Fix EC_POINT_cmp function for case where b but not a is the point at infinity.

13 years agooops, revert mistakenly committed EC changes
Dr. Stephen Henson [Wed, 19 Jan 2011 14:42:42 +0000 (14:42 +0000)]
oops, revert mistakenly committed EC changes

13 years agoAdd additional parameter to dsa_builtin_paramgen to output the generated
Dr. Stephen Henson [Wed, 19 Jan 2011 14:35:53 +0000 (14:35 +0000)]
Add additional parameter to dsa_builtin_paramgen to output the generated
seed to: this doesn't introduce any binary compatibility issues as the
function is only used internally.

The seed output is needed for FIPS 140-2 algorithm testing: the functionality
used to be in DSA_generate_parameters_ex() but was removed in OpenSSL 1.0.0

13 years agoadd va_list version of ERR_add_error_data
Dr. Stephen Henson [Fri, 14 Jan 2011 15:13:37 +0000 (15:13 +0000)]
add va_list version of ERR_add_error_data

13 years agostop warning with no-engine
Dr. Stephen Henson [Thu, 13 Jan 2011 15:41:58 +0000 (15:41 +0000)]
stop warning with no-engine

13 years agoPR: 2425
Richard Levitte [Mon, 10 Jan 2011 20:55:21 +0000 (20:55 +0000)]
PR: 2425
Synchronise VMS build with Unixly build.

13 years agoConstify.
Ben Laurie [Sun, 9 Jan 2011 17:50:18 +0000 (17:50 +0000)]
Constify.

13 years agoFix warning.
Ben Laurie [Sun, 9 Jan 2011 17:50:06 +0000 (17:50 +0000)]
Fix warning.

13 years agomissed change in ACKNOWLEDGEMENTS file
Dr. Stephen Henson [Sun, 9 Jan 2011 13:37:09 +0000 (13:37 +0000)]
missed change in ACKNOWLEDGEMENTS file

13 years agomove some string utilities to buf_str.c to reduce some dependencies (from 0.9.8 branch).
Dr. Stephen Henson [Sun, 9 Jan 2011 13:32:57 +0000 (13:32 +0000)]
move some string utilities to buf_str.c to reduce some dependencies (from 0.9.8 branch).

13 years agoadd X9.31 prime generation routines from 0.9.8 branch
Dr. Stephen Henson [Sun, 9 Jan 2011 13:02:14 +0000 (13:02 +0000)]
add X9.31 prime generation routines from 0.9.8 branch

13 years agoPR: 2407
Richard Levitte [Thu, 6 Jan 2011 20:56:02 +0000 (20:56 +0000)]
PR: 2407
Fix fault include.
Submitted by Arpadffy Zoltan <Zoltan.Arpadffy@scientificgames.se>

13 years agoDon't use decryption_failed alert for TLS v1.1 or later.
Dr. Stephen Henson [Tue, 4 Jan 2011 19:39:27 +0000 (19:39 +0000)]
Don't use decryption_failed alert for TLS v1.1 or later.

13 years agoSince DTLS 1.0 is based on TLS 1.1 we should never return a decryption_failed
Dr. Stephen Henson [Tue, 4 Jan 2011 19:34:20 +0000 (19:34 +0000)]
Since DTLS 1.0 is based on TLS 1.1 we should never return a decryption_failed
alert.

13 years agooops missed an assert
Dr. Stephen Henson [Mon, 3 Jan 2011 12:54:08 +0000 (12:54 +0000)]
oops missed an assert

13 years agoPR: 2411
Dr. Stephen Henson [Mon, 3 Jan 2011 01:40:53 +0000 (01:40 +0000)]
PR: 2411
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve

Fix corner cases in RFC3779 code.