oweals/openssl.git
17 years agoCheck selftest in rand too.
Dr. Stephen Henson [Mon, 2 Jul 2007 11:27:52 +0000 (11:27 +0000)]
Check selftest in rand too.

17 years agoCheck selftest status in all crypto operations and abort with
Dr. Stephen Henson [Mon, 2 Jul 2007 11:22:50 +0000 (11:22 +0000)]
Check selftest status in all crypto operations and abort with
a fatal error on failure.

17 years agoModify AES and 3DES selftests to use EVP.
Dr. Stephen Henson [Sun, 1 Jul 2007 23:19:15 +0000 (23:19 +0000)]
Modify AES and 3DES selftests to use EVP.

17 years agoMove 3DES EVP inside FIPS module and modify algorithm tests to use it.
Dr. Stephen Henson [Sun, 1 Jul 2007 17:58:15 +0000 (17:58 +0000)]
Move 3DES EVP inside FIPS module and modify algorithm tests to use it.

17 years agoChanges to make AES algorithm test work via EVP.
Dr. Stephen Henson [Sun, 1 Jul 2007 12:53:10 +0000 (12:53 +0000)]
Changes to make AES algorithm test work via EVP.

17 years agoAdd enc_min.c file.
Dr. Stephen Henson [Sun, 1 Jul 2007 00:08:42 +0000 (00:08 +0000)]
Add enc_min.c file.

17 years agoMove minimal EVP_CIPHER implementation into FIPS library. Not used by
Dr. Stephen Henson [Sun, 1 Jul 2007 00:07:25 +0000 (00:07 +0000)]
Move minimal EVP_CIPHER implementation into FIPS library. Not used by
any FIPS applications yet.

17 years agobn_mont.c fix [from HEAD].
Andy Polyakov [Fri, 29 Jun 2007 13:15:33 +0000 (13:15 +0000)]
bn_mont.c fix [from HEAD].

17 years agoMake fips test suite script halt on errors.
Dr. Stephen Henson [Sat, 23 Jun 2007 00:02:25 +0000 (00:02 +0000)]
Make fips test suite script halt on errors.

17 years agoAvoid warnings. Fix fips_dssvs program.
Dr. Stephen Henson [Fri, 22 Jun 2007 12:17:52 +0000 (12:17 +0000)]
Avoid warnings. Fix fips_dssvs program.

17 years agoFix warnings.
Dr. Stephen Henson [Wed, 20 Jun 2007 17:49:42 +0000 (17:49 +0000)]
Fix warnings.

17 years agoRemove deleted function from headers.
Dr. Stephen Henson [Tue, 19 Jun 2007 16:10:19 +0000 (16:10 +0000)]
Remove deleted function from headers.

17 years agoFix from stable branch.
Dr. Stephen Henson [Tue, 19 Jun 2007 15:44:44 +0000 (15:44 +0000)]
Fix from stable branch.

17 years agoUpdates from stable branch: BN_*_no_branch privatization and elimination of
Andy Polyakov [Mon, 11 Jun 2007 16:43:29 +0000 (16:43 +0000)]
Updates from stable branch: BN_*_no_branch privatization and elimination of
conditional final subtraction in Montgomery multiplication.

17 years agoIncrement counter after use.
Dr. Stephen Henson [Tue, 5 Jun 2007 17:28:00 +0000 (17:28 +0000)]
Increment counter after use.

17 years agoDisable DES in FIPS mode.
Dr. Stephen Henson [Mon, 21 May 2007 12:45:10 +0000 (12:45 +0000)]
Disable DES in FIPS mode.

17 years agoUpdate from stable branch.
Dr. Stephen Henson [Mon, 21 May 2007 12:40:07 +0000 (12:40 +0000)]
Update from stable branch.

17 years agoPadlock engine fails to compile with -O0 -fPIC [from HEAD].
Andy Polyakov [Sun, 20 May 2007 07:14:30 +0000 (07:14 +0000)]
Padlock engine fails to compile with -O0 -fPIC [from HEAD].

17 years agoType cast fixes in aes-586.pl [from 098-stable].
Andy Polyakov [Sat, 19 May 2007 20:12:46 +0000 (20:12 +0000)]
Type cast fixes in aes-586.pl [from 098-stable].

17 years agocygwin shared rules update [from HEAD].
Andy Polyakov [Sat, 19 May 2007 19:41:28 +0000 (19:41 +0000)]
cygwin shared rules update [from HEAD].
PR: 1517

17 years agoTypo in x509_txt.c [from HEAD].
Andy Polyakov [Sat, 19 May 2007 18:05:33 +0000 (18:05 +0000)]
Typo in x509_txt.c [from HEAD].

17 years agoDetect UltraSPARC T1 in ./config [from HEAD].
Andy Polyakov [Fri, 4 May 2007 13:08:00 +0000 (13:08 +0000)]
Detect UltraSPARC T1 in ./config [from HEAD].

17 years agoFix s390x detection in ./config [from 098].
Andy Polyakov [Mon, 30 Apr 2007 12:06:30 +0000 (12:06 +0000)]
Fix s390x detection in ./config [from 098].

17 years agoMake ordinals consistent across branches.
Dr. Stephen Henson [Wed, 25 Apr 2007 13:24:56 +0000 (13:24 +0000)]
Make ordinals consistent across branches.

17 years agoMerge from 0.9.8-stable.
Dr. Stephen Henson [Wed, 25 Apr 2007 13:15:51 +0000 (13:15 +0000)]
Merge from 0.9.8-stable.

17 years agoMerge from stable branch.
Dr. Stephen Henson [Tue, 24 Apr 2007 11:34:19 +0000 (11:34 +0000)]
Merge from stable branch.

17 years agoMerge from 0.9.8 stable branch.
Dr. Stephen Henson [Tue, 24 Apr 2007 11:30:51 +0000 (11:30 +0000)]
Merge from 0.9.8 stable branch.

17 years agoFix from HEAD.
Dr. Stephen Henson [Mon, 9 Apr 2007 23:51:50 +0000 (23:51 +0000)]
Fix from HEAD.

17 years agoUpdate ordinals. Use gap for EVP_add_alg_module to keep values consistent
Dr. Stephen Henson [Mon, 9 Apr 2007 12:15:31 +0000 (12:15 +0000)]
Update ordinals. Use gap for EVP_add_alg_module to keep values consistent
across versions.

17 years agoIf config file tries to enter FIPS mode in a non FIPS capable library
Dr. Stephen Henson [Mon, 9 Apr 2007 12:06:26 +0000 (12:06 +0000)]
If config file tries to enter FIPS mode in a non FIPS capable library
return an error.

17 years agoUpdate from HEAD.
Dr. Stephen Henson [Mon, 9 Apr 2007 11:47:59 +0000 (11:47 +0000)]
Update from HEAD.

17 years agoAdd algorithm configuration module.
Dr. Stephen Henson [Sun, 8 Apr 2007 17:51:02 +0000 (17:51 +0000)]
Add algorithm configuration module.

17 years agoBlock low level public key signature operations in FIPS mode.
Dr. Stephen Henson [Fri, 6 Apr 2007 00:30:24 +0000 (00:30 +0000)]
Block low level public key signature operations in FIPS mode.

Update self tests for all modes and use EVP.

Update pairwise consistency checks.

17 years agoFix Win32 warning. Update ordinals.
Dr. Stephen Henson [Wed, 4 Apr 2007 00:33:23 +0000 (00:33 +0000)]
Fix Win32 warning. Update ordinals.

17 years agoNew EVP sign and verify functionality.
Dr. Stephen Henson [Tue, 3 Apr 2007 21:01:29 +0000 (21:01 +0000)]
New EVP sign and verify functionality.

17 years agoDon't process any of kssl.c if krb5 option not set.
Dr. Stephen Henson [Tue, 3 Apr 2007 18:24:22 +0000 (18:24 +0000)]
Don't process any of kssl.c if krb5 option not set.

17 years agoAdd new file.
Dr. Stephen Henson [Tue, 3 Apr 2007 02:13:20 +0000 (02:13 +0000)]
Add new file.

17 years agoAdd tiny ASN1 code for DSA signatures.
Dr. Stephen Henson [Mon, 2 Apr 2007 23:59:47 +0000 (23:59 +0000)]
Add tiny ASN1 code for DSA signatures.

Make DSA tests, selftests and algorithm tests use EVP.

17 years agoMake ordinals consistent with 0.9.8-stable.
Dr. Stephen Henson [Wed, 28 Mar 2007 22:09:56 +0000 (22:09 +0000)]
Make ordinals consistent with 0.9.8-stable.

17 years agoUpdate from stable branch.
Dr. Stephen Henson [Wed, 28 Mar 2007 22:00:48 +0000 (22:00 +0000)]
Update from stable branch.

17 years agoUpdate from 0.9.8-stable with patches also applied to equivalent FIPS
Dr. Stephen Henson [Wed, 28 Mar 2007 12:38:55 +0000 (12:38 +0000)]
Update from 0.9.8-stable with patches also applied to equivalent FIPS
sources.

17 years agoPerl script to rename sections in MS COFF binaries.
Dr. Stephen Henson [Tue, 27 Mar 2007 00:04:55 +0000 (00:04 +0000)]
Perl script to rename sections in MS COFF binaries.

Submitted by: Andy Polyakov

17 years agoUse perl script instead of editbin to rename object file sections.
Dr. Stephen Henson [Tue, 27 Mar 2007 00:03:42 +0000 (00:03 +0000)]
Use perl script instead of editbin to rename object file sections.

17 years agoModify VC++ build sytem to use fipscanister.lib instead of fipscanister.o
Dr. Stephen Henson [Mon, 26 Mar 2007 12:06:44 +0000 (12:06 +0000)]
Modify VC++ build sytem to use fipscanister.lib instead of fipscanister.o
and avoid the need for ld.exe.

17 years agoOops! Revert to previous version and [re-]apply diff.
Andy Polyakov [Sun, 25 Mar 2007 15:42:13 +0000 (15:42 +0000)]
Oops! Revert to previous version and [re-]apply diff.

17 years agoaix updates from HEAD.
Andy Polyakov [Sun, 25 Mar 2007 15:37:26 +0000 (15:37 +0000)]
aix updates from HEAD.

17 years agoTypos in Makefiles.
Andy Polyakov [Sun, 25 Mar 2007 14:40:33 +0000 (14:40 +0000)]
Typos in Makefiles.

17 years agoMake sure fipscanister.o is built and installed for static WIN32 builds.
Dr. Stephen Henson [Sat, 24 Mar 2007 18:47:54 +0000 (18:47 +0000)]
Make sure fipscanister.o is built and installed for static WIN32 builds.

17 years agoAdd some version info and comments to WIN32 FIPS DLL.
Dr. Stephen Henson [Thu, 22 Mar 2007 19:24:34 +0000 (19:24 +0000)]
Add some version info and comments to WIN32 FIPS DLL.

17 years agoAdd version info to FIPS DLL.
Dr. Stephen Henson [Thu, 22 Mar 2007 19:07:31 +0000 (19:07 +0000)]
Add version info to FIPS DLL.

17 years agoForward FIPS DLL implementations from libcrypto DLL under Win32.
Dr. Stephen Henson [Thu, 22 Mar 2007 18:31:35 +0000 (18:31 +0000)]
Forward FIPS DLL implementations from libcrypto DLL under Win32.

17 years agoAdd missing #ifdef
Dr. Stephen Henson [Thu, 22 Mar 2007 13:42:05 +0000 (13:42 +0000)]
Add missing #ifdef

17 years agoUpdate from stable branch.
Dr. Stephen Henson [Thu, 22 Mar 2007 13:19:46 +0000 (13:19 +0000)]
Update from stable branch.

17 years agoAnd so it begins...
Dr. Stephen Henson [Thu, 22 Mar 2007 00:39:24 +0000 (00:39 +0000)]
And so it begins...

17 years agoThis commit was manufactured by cvs2svn to create branch 'OpenSSL-fips-
cvs2svn [Wed, 21 Mar 2007 14:33:02 +0000 (14:33 +0000)]
This commit was manufactured by cvs2svn to create branch 'OpenSSL-fips-
0_9_8-stable'.

17 years agostricter session ID context matching
Bodo Möller [Wed, 21 Mar 2007 14:33:01 +0000 (14:33 +0000)]
stricter session ID context matching

17 years agooops -- this should have been in 0.9.8e
Bodo Möller [Wed, 21 Mar 2007 14:18:27 +0000 (14:18 +0000)]
oops -- this should have been in 0.9.8e

17 years agoclarification regarding libdes files
Bodo Möller [Wed, 21 Mar 2007 10:58:32 +0000 (10:58 +0000)]
clarification regarding libdes files

17 years agoPowerPC config updates from HEAD.
Andy Polyakov [Tue, 20 Mar 2007 09:06:52 +0000 (09:06 +0000)]
PowerPC config updates from HEAD.

17 years agoFix kerberos ciphersuite bugs introduced with PR:1336.
Dr. Stephen Henson [Fri, 9 Mar 2007 14:06:34 +0000 (14:06 +0000)]
Fix kerberos ciphersuite bugs introduced with PR:1336.

17 years agoMake local function static.
Ben Laurie [Thu, 8 Mar 2007 15:52:04 +0000 (15:52 +0000)]
Make local function static.

17 years agoStop memory leak.
Dr. Stephen Henson [Mon, 5 Mar 2007 00:06:47 +0000 (00:06 +0000)]
Stop memory leak.

17 years agoInitialize "buf" to 0 to make valgrind happy :-)
Lutz Jänicke [Fri, 2 Mar 2007 17:54:31 +0000 (17:54 +0000)]
Initialize "buf" to 0 to make valgrind happy :-)
Note: the RAND_bytes() manual page says:
 RAND_bytes() puts num cryptographically strong pseudo-random bytes into buf.
It does not talk about using the previous contents of buf so we are working
as documented.

17 years agoDo not use uninitialized memory to seed the PRNG as it may confuse
Lutz Jänicke [Fri, 2 Mar 2007 17:44:55 +0000 (17:44 +0000)]
Do not use uninitialized memory to seed the PRNG as it may confuse
code checking tools.
PR: 1499

17 years agoEVP_CIPHER_CTX_key_length() should return the set key length in the
Dr. Stephen Henson [Tue, 27 Feb 2007 18:42:52 +0000 (18:42 +0000)]
EVP_CIPHER_CTX_key_length() should return the set key length in the
EVP_CIPHER_CTX structure which may not be the same as the underlying
cipher key length for variable length ciphers.

17 years agoMerge from HEAD
Lutz Jänicke [Tue, 27 Feb 2007 08:26:51 +0000 (08:26 +0000)]
Merge from HEAD

17 years agoinclude complete 0.9.7 history
Bodo Möller [Mon, 26 Feb 2007 10:48:56 +0000 (10:48 +0000)]
include complete 0.9.7 history

17 years agouse 2007 copyright for generated files
Bodo Möller [Mon, 26 Feb 2007 10:47:49 +0000 (10:47 +0000)]
use 2007 copyright for generated files

17 years agoPrepare for next version.
Dr. Stephen Henson [Fri, 23 Feb 2007 12:50:54 +0000 (12:50 +0000)]
Prepare for next version.

17 years agoAdd L to version number OpenSSL_0_9_8e
Dr. Stephen Henson [Fri, 23 Feb 2007 12:38:11 +0000 (12:38 +0000)]
Add L to version number

17 years agoPrepare for release.
Dr. Stephen Henson [Fri, 23 Feb 2007 12:12:28 +0000 (12:12 +0000)]
Prepare for release.

17 years agoMake update.
Dr. Stephen Henson [Fri, 23 Feb 2007 01:01:08 +0000 (01:01 +0000)]
Make update.

17 years agoFix problem with multi line responses in -starttls by using a buffering
Lutz Jänicke [Thu, 22 Feb 2007 17:39:50 +0000 (17:39 +0000)]
Fix problem with multi line responses in -starttls by using a buffering
BIO and BIO_gets().

17 years agoDon't use deprecated -mcpu option.
Dr. Stephen Henson [Thu, 22 Feb 2007 02:00:39 +0000 (02:00 +0000)]
Don't use deprecated -mcpu option.

17 years agoUpdate NEWS file.
Dr. Stephen Henson [Thu, 22 Feb 2007 01:35:24 +0000 (01:35 +0000)]
Update NEWS file.

17 years agoExtend SMTP and IMAP protocol handling to perform the required
Lutz Jänicke [Wed, 21 Feb 2007 18:20:33 +0000 (18:20 +0000)]
Extend SMTP and IMAP protocol handling to perform the required
EHLO or CAPABILITY handshake before sending STARTTLS

Submitted by: Goetz Babin-Ebell <goetz@shomitefo.de>

17 years agoAdd automatic detection for Linux on SuperH
Lutz Jänicke [Wed, 21 Feb 2007 18:10:19 +0000 (18:10 +0000)]
Add automatic detection for Linux on SuperH
PR: 1152
Submitted by: Mike Frysinger <vapier@gentoo.org>

17 years agoAdd support for m68 linux
Lutz Jänicke [Wed, 21 Feb 2007 17:58:51 +0000 (17:58 +0000)]
Add support for m68 linux
PR: 1277
Submitted by: Mike Frysinger <vapier@gentoo.org>

17 years agoFix incorrect handling of special characters
Lutz Jänicke [Wed, 21 Feb 2007 17:44:51 +0000 (17:44 +0000)]
Fix incorrect handling of special characters
PR: 1459
Submitted by: tnitschke@innominate.com
Reviewed by: steve@openssl.org

17 years agoUpdate from 0.9.7-stable.
Dr. Stephen Henson [Wed, 21 Feb 2007 13:48:49 +0000 (13:48 +0000)]
Update from 0.9.7-stable.

17 years agoInclude "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that a
Bodo Möller [Mon, 19 Feb 2007 18:38:11 +0000 (18:38 +0000)]
Include "!eNULL" in SSL_DEFAULT_CIPHER_LIST to make sure that a
ciphersuite string such as "DEFAULT:RSA" cannot enable
authentication-only ciphersuites.

17 years agoremove inconsistency between builds with and without Camellia enabled
Bodo Möller [Mon, 19 Feb 2007 17:55:07 +0000 (17:55 +0000)]
remove inconsistency between builds with and without Camellia enabled

17 years agofix incorrect strength bit values for certain Kerberos ciphersuites
Bodo Möller [Mon, 19 Feb 2007 14:47:21 +0000 (14:47 +0000)]
fix incorrect strength bit values for certain Kerberos ciphersuites

Submitted by: Victor Duchovni

17 years agoAvoid warning.
Dr. Stephen Henson [Sun, 18 Feb 2007 18:18:31 +0000 (18:18 +0000)]
Avoid warning.

17 years agoFix Win32 warnings.
Dr. Stephen Henson [Sun, 18 Feb 2007 17:23:20 +0000 (17:23 +0000)]
Fix Win32 warnings.

17 years agoSome fixes for ciphersuite string processing:
Bodo Möller [Sat, 17 Feb 2007 06:52:42 +0000 (06:52 +0000)]
Some fixes for ciphersuite string processing:

- add a workaround provided by Victor Duchovni so that 128- and
  256-bit variants of otherwise identical ciphersuites are treated
  correctly;

- also, correctly skip invalid parts of ciphersuite description strings.

Submitted by: Victor Duchovni, Bodo Moeller

17 years agoensure that the EVP_CIPHER_CTX object is initialized
Nils Larsch [Fri, 16 Feb 2007 20:40:07 +0000 (20:40 +0000)]
ensure that the EVP_CIPHER_CTX object is initialized

PR: 1490

17 years agoAdd STARTTLS support for IMAP and FTP.
Richard Levitte [Fri, 16 Feb 2007 18:12:20 +0000 (18:12 +0000)]
Add STARTTLS support for IMAP and FTP.
Submitted by Kees Cook <kees@outflux.net>

17 years ago- use OPENSSL_malloc() etc. in zlib
Nils Larsch [Wed, 14 Feb 2007 21:50:26 +0000 (21:50 +0000)]
- use OPENSSL_malloc() etc. in zlib
- move zlib_stateful_ex_idx initialization to COMP_zlib()

PR: 1468

17 years agouse user-supplied malloc functions for persistent kssl objects
Nils Larsch [Sat, 10 Feb 2007 10:40:24 +0000 (10:40 +0000)]
use user-supplied malloc functions for persistent kssl objects

PR: 1467
Submitted by: Andrei Pelinescu-Onciul <andrei@iptel.org>

17 years agoremove unreachable code
Nils Larsch [Sat, 10 Feb 2007 09:48:42 +0000 (09:48 +0000)]
remove unreachable code

17 years agoAdd hmac option to dgst from 0.9.7-stable.
Dr. Stephen Henson [Thu, 8 Feb 2007 19:08:21 +0000 (19:08 +0000)]
Add hmac option to dgst from 0.9.7-stable.

17 years agoensure that a ec key is used
Nils Larsch [Wed, 7 Feb 2007 20:36:40 +0000 (20:36 +0000)]
ensure that a ec key is used

PR: 1476

17 years agoAfter objects have been freed, NULLify the pointers so there will be no double
Richard Levitte [Wed, 7 Feb 2007 01:42:51 +0000 (01:42 +0000)]
After objects have been freed, NULLify the pointers so there will be no double
free of those objects

17 years agofix typo
Nils Larsch [Tue, 6 Feb 2007 19:48:36 +0000 (19:48 +0000)]
fix typo

17 years agoadd note about 56 bit ciphers
Nils Larsch [Tue, 6 Feb 2007 19:40:45 +0000 (19:40 +0000)]
add note about 56 bit ciphers

PR: 1461

17 years agoUpdate from fips2 branch.
Dr. Stephen Henson [Sat, 3 Feb 2007 17:32:14 +0000 (17:32 +0000)]
Update from fips2 branch.

17 years agofile err_str.c was added on branch OpenSSL-fips-0_9_8-stable on 2007-03-22 00:38...
Dr. Stephen Henson [Sat, 3 Feb 2007 17:19:42 +0000 (17:19 +0000)]
file err_str.c was added on branch OpenSSL-fips-0_9_8-stable on 2007-03-22 00:38:08 +0000

17 years agofile err_str.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 11:26:29 +0000
Dr. Stephen Henson [Sat, 3 Feb 2007 17:19:41 +0000 (17:19 +0000)]
file err_str.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 11:26:29 +0000

17 years agofile fips_err.c was added on branch OpenSSL-fips-0_9_8-stable on 2007-03-22 00:37...
Dr. Stephen Henson [Sat, 3 Feb 2007 17:19:40 +0000 (17:19 +0000)]
file fips_err.c was added on branch OpenSSL-fips-0_9_8-stable on 2007-03-22 00:37:45 +0000