Dr. Stephen Henson [Wed, 11 May 2005 16:28:33 +0000 (16:28 +0000)]
Allow AES CFB1 ciphers in FIPS mode.
Dr. Stephen Henson [Wed, 11 May 2005 00:35:55 +0000 (00:35 +0000)]
Stop warnings.
Andy Polyakov [Tue, 10 May 2005 22:57:21 +0000 (22:57 +0000)]
Tidy up an error code.
Andy Polyakov [Tue, 10 May 2005 22:54:44 +0000 (22:54 +0000)]
Fix fips_hmactest.c.
Nils Larsch [Tue, 10 May 2005 11:57:19 +0000 (11:57 +0000)]
use 'p' as conversion specifier for printf to avoid truncation of
pointers on 64 bit platforms. Patch supplied by Daniel Gryniewicz
via Mike Frysinger <vapier@gentoo.org>.
PR: 1064
Nils Larsch [Tue, 10 May 2005 09:52:39 +0000 (09:52 +0000)]
improve command line argument checking
PR: 1061
Andy Polyakov [Mon, 9 May 2005 22:35:35 +0000 (22:35 +0000)]
Add algorithm selection command-line option to fips_hmactest
[and fix typo in fips.h].
Andy Polyakov [Mon, 9 May 2005 21:41:47 +0000 (21:41 +0000)]
Comply with optimization manual (no data should share cache-line with code).
Andy Polyakov [Mon, 9 May 2005 20:47:42 +0000 (20:47 +0000)]
Missing declaration.
Andy Polyakov [Mon, 9 May 2005 19:34:34 +0000 (19:34 +0000)]
Void new FIPS tests if configured without FIPS.
Andy Polyakov [Mon, 9 May 2005 19:22:14 +0000 (19:22 +0000)]
Add FIPS HMAC power-up test.
Dr. Stephen Henson [Sun, 8 May 2005 23:48:18 +0000 (23:48 +0000)]
Stop warnings in asserts.
Add support for SHA-XXX in RSA tests.
Make fips_check_rsa work for key lengths > 2048 bits.
Andy Polyakov [Sun, 8 May 2005 19:52:13 +0000 (19:52 +0000)]
Eliminate "statement with no effect" warning when OPENSSL_assert macro
is used with constant assertion.
Andy Polyakov [Sun, 8 May 2005 08:25:14 +0000 (08:25 +0000)]
Remove SSE2 option from fips sha512 [for now].
Andy Polyakov [Sat, 7 May 2005 22:33:29 +0000 (22:33 +0000)]
Move SHA1 selftest input vectors to writable segment.
Andy Polyakov [Sat, 7 May 2005 22:06:40 +0000 (22:06 +0000)]
Add FIPS RNG tests.
Submitted by: Steve Marquess
Andy Polyakov [Sat, 7 May 2005 17:21:34 +0000 (17:21 +0000)]
Backport SHA-[224|256|384|512] from HEAD to FIPS.
Dr. Stephen Henson [Sat, 7 May 2005 12:50:28 +0000 (12:50 +0000)]
Add FIPS rsa sign test program.
Dr. Stephen Henson [Sat, 7 May 2005 12:11:37 +0000 (12:11 +0000)]
FIPS RSA sign test.
Andy Polyakov [Sat, 7 May 2005 08:53:06 +0000 (08:53 +0000)]
Downsync from HEAD.
PR: 1059
Dr. Stephen Henson [Thu, 5 May 2005 21:46:30 +0000 (21:46 +0000)]
FIPS RSA verify test.
Richard Levitte [Thu, 5 May 2005 06:39:10 +0000 (06:39 +0000)]
A few more fingerprints...
Dr. Stephen Henson [Wed, 4 May 2005 22:02:32 +0000 (22:02 +0000)]
Delete unused variables.
Andy Polyakov [Wed, 4 May 2005 16:12:07 +0000 (16:12 +0000)]
Backport of rc4-x86_64 from HEAD.
cvs2svn [Wed, 4 May 2005 14:51:39 +0000 (14:51 +0000)]
This commit was manufactured by cvs2svn to create branch
'OpenSSL_0_9_7-stable'.
Andy Polyakov [Wed, 4 May 2005 14:51:38 +0000 (14:51 +0000)]
Commentary update motivating code update in 0.9.7.
Andy Polyakov [Wed, 4 May 2005 08:42:47 +0000 (08:42 +0000)]
x86_64 assembler translator update.
Andy Polyakov [Tue, 3 May 2005 23:03:31 +0000 (23:03 +0000)]
Cvs missed adapted module itself, here it goes...
Andy Polyakov [Tue, 3 May 2005 22:59:17 +0000 (22:59 +0000)]
Engage md5-x86_64 assembler module.
Andy Polyakov [Tue, 3 May 2005 22:56:15 +0000 (22:56 +0000)]
Throw in md5-x86_64 assembler.
Dr. Stephen Henson [Tue, 3 May 2005 22:14:07 +0000 (22:14 +0000)]
Fix mk1mf.pl and avoid warning in VC++.
Andy Polyakov [Tue, 3 May 2005 21:20:17 +0000 (21:20 +0000)]
Cygwin doesn't expose Win32 [not "officially"].
Andy Polyakov [Tue, 3 May 2005 21:16:42 +0000 (21:16 +0000)]
Commentary update.
Andy Polyakov [Tue, 3 May 2005 21:05:06 +0000 (21:05 +0000)]
Cpuid modules updates.
Nils Larsch [Tue, 3 May 2005 20:58:24 +0000 (20:58 +0000)]
remove false positive
Nils Larsch [Tue, 3 May 2005 20:27:00 +0000 (20:27 +0000)]
remove BN_ncopy, it was only used in bn_nist.c and wasn't particular
useful anyway
Nils Larsch [Tue, 3 May 2005 20:23:33 +0000 (20:23 +0000)]
rewrite of bn_nist.c, disable support for some curves on 64 bit platforms
for now (it was broken anyway)
Nils Larsch [Tue, 3 May 2005 18:35:16 +0000 (18:35 +0000)]
fix typo
PR: 1054
Nils Larsch [Tue, 3 May 2005 18:34:01 +0000 (18:34 +0000)]
fix typo
PR: 1054
Dr. Stephen Henson [Tue, 3 May 2005 17:07:56 +0000 (17:07 +0000)]
Preliminary FIPS hmac test program.
Andy Polyakov [Tue, 3 May 2005 15:42:05 +0000 (15:42 +0000)]
Rename amd64 modules to x86_64 and update RC4 implementation.
Andy Polyakov [Tue, 3 May 2005 15:35:14 +0000 (15:35 +0000)]
x86_64 assembler translator update.
Dr. Stephen Henson [Tue, 3 May 2005 11:56:09 +0000 (11:56 +0000)]
Remove unnecessary code.
Nils Larsch [Tue, 3 May 2005 10:00:16 +0000 (10:00 +0000)]
backport fix from the stable branch
Richard Levitte [Tue, 3 May 2005 08:49:28 +0000 (08:49 +0000)]
Synchronise with Unix build.
Dr. Stephen Henson [Mon, 2 May 2005 23:06:06 +0000 (23:06 +0000)]
Add .cvsignore
Dr. Stephen Henson [Mon, 2 May 2005 23:04:18 +0000 (23:04 +0000)]
Add fips hmac files
Dr. Stephen Henson [Mon, 2 May 2005 23:02:19 +0000 (23:02 +0000)]
Update dependencies.
Dr. Stephen Henson [Mon, 2 May 2005 22:59:41 +0000 (22:59 +0000)]
Add hmac to fips.
Ben Laurie [Sun, 1 May 2005 13:55:41 +0000 (13:55 +0000)]
Redundant changes.
Ben Laurie [Sun, 1 May 2005 13:49:56 +0000 (13:49 +0000)]
Add prototype.
Dr. Stephen Henson [Sun, 1 May 2005 12:47:33 +0000 (12:47 +0000)]
Update from HEAD.
Dr. Stephen Henson [Sun, 1 May 2005 12:46:57 +0000 (12:46 +0000)]
Support for smime-type MIME parameter.
Andy Polyakov [Sat, 30 Apr 2005 23:48:17 +0000 (23:48 +0000)]
Remove false positives and resolve some of remaining ones.
Andy Polyakov [Sat, 30 Apr 2005 23:45:53 +0000 (23:45 +0000)]
Cygwin/mingw sync with stable.
Andy Polyakov [Sat, 30 Apr 2005 21:51:41 +0000 (21:51 +0000)]
Allow for ./config no-sha0 [from stable].
Andy Polyakov [Sat, 30 Apr 2005 21:39:39 +0000 (21:39 +0000)]
Fold rules in test/Makefiles [from stable].
Dr. Stephen Henson [Sat, 30 Apr 2005 18:16:40 +0000 (18:16 +0000)]
Update from HEAD.
Dr. Stephen Henson [Sat, 30 Apr 2005 18:07:30 +0000 (18:07 +0000)]
Typo.
Dr. Stephen Henson [Sat, 30 Apr 2005 18:02:54 +0000 (18:02 +0000)]
Don't attempt to parse nested ASN1 strings by default.
Richard Levitte [Sat, 30 Apr 2005 15:25:04 +0000 (15:25 +0000)]
Some true positives fixed, toss some false positives.
Richard Levitte [Sat, 30 Apr 2005 15:23:14 +0000 (15:23 +0000)]
From branch OpenSSL_0_9_7-stable, 2004-09-11 11:45:
Makefile.ssl changed name to Makefile...
Richard Levitte [Sat, 30 Apr 2005 15:21:40 +0000 (15:21 +0000)]
From branch OpenSSL_0_9_7-stable, 2004-08-11 22:34:
Another missing module in the VMS build files.I believe this is
the last, though...
Richard Levitte [Sat, 30 Apr 2005 15:17:05 +0000 (15:17 +0000)]
All kinds of changes from branch OpenSSL_0_9_7-stable
Richard Levitte [Sat, 30 Apr 2005 14:41:51 +0000 (14:41 +0000)]
This one deserves a note. In the change to CHANGES, there's the
following:
+ NOTE: This is for the 0.9.7 series ONLY. This hack will never
+ appear in 0.9.8 or later. We EXPECT application authors to have
+ dealt properly with this when 0.9.8 is released (unless we actually
+ make such changes in the libcrypto locking code that changes will
+ have to be made anyway).
That makes this one a false positive.
Richard Levitte [Sat, 30 Apr 2005 14:40:19 +0000 (14:40 +0000)]
Remove a bunch of false positives, and fix some true positives.
Richard Levitte [Sat, 30 Apr 2005 14:34:28 +0000 (14:34 +0000)]
From branch OpenSSL_0_9_7-stable, 2002-11-13 15:30:
The loading functions should be static if we build a dynamic
engine.
Richard Levitte [Sat, 30 Apr 2005 13:50:57 +0000 (13:50 +0000)]
Remove a bunch of false positives, fix one true positive.
Richard Levitte [Sat, 30 Apr 2005 13:42:02 +0000 (13:42 +0000)]
From branch OpenSSL_0_9_7-stable, revision 1.1.4.1, 2002-05-23 17:25:
Forgot this file.
Dr. Stephen Henson [Sat, 30 Apr 2005 13:08:56 +0000 (13:08 +0000)]
Update from HEAD.
Dr. Stephen Henson [Sat, 30 Apr 2005 13:06:45 +0000 (13:06 +0000)]
Use more efficient way to locate end of an ASN1 structure.
Nils Larsch [Fri, 29 Apr 2005 21:20:31 +0000 (21:20 +0000)]
don't let BN_CTX_free(NULL) segfault
Nils Larsch [Fri, 29 Apr 2005 20:41:38 +0000 (20:41 +0000)]
remove false positive
Nils Larsch [Fri, 29 Apr 2005 20:10:06 +0000 (20:10 +0000)]
check return value of RAND_pseudo_bytes; backport from the stable branch
Nils Larsch [Fri, 29 Apr 2005 19:24:50 +0000 (19:24 +0000)]
remove some false positive
Nils Larsch [Fri, 29 Apr 2005 15:56:06 +0000 (15:56 +0000)]
hide the definition of ECDSA_METHOD and ECDSA_DATA (and mutatis mutandis
for ecdh)
Nils Larsch [Fri, 29 Apr 2005 15:21:09 +0000 (15:21 +0000)]
add 192 bit prime curve to the command line options
Nils Larsch [Fri, 29 Apr 2005 15:07:34 +0000 (15:07 +0000)]
add reference to BN_BLINDING_new.pod
Nils Larsch [Fri, 29 Apr 2005 14:26:59 +0000 (14:26 +0000)]
avoid warnings when building on systems where sizeof(void *) > sizeof(int)
Andy Polyakov [Fri, 29 Apr 2005 13:36:50 +0000 (13:36 +0000)]
Exclude the option for passing parameters pre-computed in unverified way.
Andy Polyakov [Thu, 28 Apr 2005 08:52:29 +0000 (08:52 +0000)]
Pointer to BN_MONT_CTX could be used uninitialized.
Andy Polyakov [Thu, 28 Apr 2005 08:49:01 +0000 (08:49 +0000)]
Pointer to BN_MONT_CTX could be used uninitialized.
Richard Levitte [Thu, 28 Apr 2005 04:55:28 +0000 (04:55 +0000)]
Synchronise with Unix build system.
Dr. Stephen Henson [Thu, 28 Apr 2005 00:22:00 +0000 (00:22 +0000)]
Fix from HEAD.
Dr. Stephen Henson [Thu, 28 Apr 2005 00:21:29 +0000 (00:21 +0000)]
Increase offset for BIO_f_enc() to avoid problems with overlapping buffers
when decrypting data.
Dr. Stephen Henson [Wed, 27 Apr 2005 16:32:30 +0000 (16:32 +0000)]
Update default dependency flags.
Dr. Stephen Henson [Wed, 27 Apr 2005 16:27:14 +0000 (16:27 +0000)]
Lots of Win32 fixes for DTLS.
1. "unsigned long long" isn't portable changed: to BN_ULLONG.
2. The LL prefix isn't allowed in VC++ but it isn't needed where it is used.
2. Avoid lots of compiler warnings about signed/unsigned mismatches.
3. Include new library directory pqueue in mk1mf build system.
4. Update symbols.
Nils Larsch [Wed, 27 Apr 2005 08:56:15 +0000 (08:56 +0000)]
get rid of Makefile.ssl in util/
Nils Larsch [Wed, 27 Apr 2005 08:48:55 +0000 (08:48 +0000)]
no Makefile.ssl anymore
Nils Larsch [Wed, 27 Apr 2005 07:59:17 +0000 (07:59 +0000)]
add missing parentheses
Nils Larsch [Wed, 27 Apr 2005 07:57:50 +0000 (07:57 +0000)]
add missing parentheses
Dr. Stephen Henson [Wed, 27 Apr 2005 00:04:59 +0000 (00:04 +0000)]
Change method_mont_p from (char *) to (BN_MONT_CTX *) and remove several
casts.
Dr. Stephen Henson [Tue, 26 Apr 2005 23:58:54 +0000 (23:58 +0000)]
Port BN_MONT_CTX_set_locked() from stable branch.
The function rsa_eay_mont_helper() has been removed because it is no longer
needed after this change.
Dr. Stephen Henson [Tue, 26 Apr 2005 23:45:49 +0000 (23:45 +0000)]
Stop unused variable warning.
Dr. Stephen Henson [Tue, 26 Apr 2005 23:33:47 +0000 (23:33 +0000)]
Remove more false positives.
Bodo Möller [Tue, 26 Apr 2005 23:22:49 +0000 (23:22 +0000)]
there's no such thing as Makefile.ssl anymore
Bodo Möller [Tue, 26 Apr 2005 23:22:25 +0000 (23:22 +0000)]
util/mk1mf.pl issues have been resolved
Dr. Stephen Henson [Tue, 26 Apr 2005 23:21:49 +0000 (23:21 +0000)]
Port from stable branch.
Dr. Stephen Henson [Tue, 26 Apr 2005 23:19:21 +0000 (23:19 +0000)]
More false positives and cases covered by port of prime.c
Bodo Möller [Tue, 26 Apr 2005 23:11:05 +0000 (23:11 +0000)]
"PS" to Steve's commit (Port prime utility across from stable branch).