Andy Polyakov [Mon, 24 Oct 2011 06:00:06 +0000 (06:00 +0000)]
e_aes.c: fold even aesni_ccm_cipher.
Andy Polyakov [Sun, 23 Oct 2011 22:58:40 +0000 (22:58 +0000)]
e_aes.c: prevent potential DoS in aes_gcm_tls_cipher.
Andy Polyakov [Sun, 23 Oct 2011 19:41:00 +0000 (19:41 +0000)]
cryptlib.c: remove stdio dependency in Windows fipscanister.lib.
Dr. Stephen Henson [Sun, 23 Oct 2011 17:06:28 +0000 (17:06 +0000)]
No need for custom flag in XTS mode: block length is 1.
Andy Polyakov [Sun, 23 Oct 2011 15:17:30 +0000 (15:17 +0000)]
fips_canister.c: harmonize fingerprinting for all Windows, CE or not.
Andy Polyakov [Sun, 23 Oct 2011 15:12:37 +0000 (15:12 +0000)]
config: in cross-compile case interrogate cross-compiler, not host, work
around sub-shell limitation.
Dr. Stephen Henson [Sat, 22 Oct 2011 17:24:27 +0000 (17:24 +0000)]
Check for selftest failure in various places.
Andy Polyakov [Sat, 22 Oct 2011 10:49:52 +0000 (10:49 +0000)]
x86gas.pl: relax .init segment alignment.
Andy Polyakov [Fri, 21 Oct 2011 19:34:48 +0000 (19:34 +0000)]
mk1mk.pl: cleanup engines' handling and make fips build work on WIN64I.
Dr. Stephen Henson [Fri, 21 Oct 2011 11:46:16 +0000 (11:46 +0000)]
Update error codes.
Andy Polyakov [Fri, 21 Oct 2011 06:03:45 +0000 (06:03 +0000)]
fips.c: remove preprocessor artefact.
Dr. Stephen Henson [Fri, 21 Oct 2011 01:57:37 +0000 (01:57 +0000)]
fix (?) AVX clearing
Dr. Stephen Henson [Fri, 21 Oct 2011 00:12:53 +0000 (00:12 +0000)]
Check for uninitialised DRBG_CTX and don't free up default DRBG_CTX.
Andy Polyakov [Thu, 20 Oct 2011 21:03:09 +0000 (21:03 +0000)]
fips.c: x86[_64] capability masking.
Andy Polyakov [Thu, 20 Oct 2011 20:52:26 +0000 (20:52 +0000)]
armcap.c: auto-setup processor capability vector.
Dr. Stephen Henson [Thu, 20 Oct 2011 13:56:01 +0000 (13:56 +0000)]
Fix error codes.
Andy Polyakov [Thu, 20 Oct 2011 12:09:13 +0000 (12:09 +0000)]
fips/fips_[canister|premain].c: make it work with VC6 and add sentinels
even to code segments.
Andy Polyakov [Thu, 20 Oct 2011 08:39:29 +0000 (08:39 +0000)]
sha1-mips.pl: fix typo.
Andy Polyakov [Thu, 20 Oct 2011 08:28:06 +0000 (08:28 +0000)]
Drain unused MacOS directory.
Dr. Stephen Henson [Wed, 19 Oct 2011 23:23:35 +0000 (23:23 +0000)]
Add "nopass" for empty password too.
Dr. Stephen Henson [Wed, 19 Oct 2011 22:34:53 +0000 (22:34 +0000)]
add authentication parameter to FIPS_module_mode_set
Andy Polyakov [Wed, 19 Oct 2011 21:49:20 +0000 (21:49 +0000)]
vxworks-mips: unify and add assembler.
Andy Polyakov [Wed, 19 Oct 2011 21:42:21 +0000 (21:42 +0000)]
Remove superseded MIPS assembler modules.
Andy Polyakov [Wed, 19 Oct 2011 21:05:53 +0000 (21:05 +0000)]
fips_canister.c: more cross-compiler platfroms verified.
Andy Polyakov [Wed, 19 Oct 2011 18:57:03 +0000 (18:57 +0000)]
arm_arch.h: add missing pre-defined macro, __ARM_ARCH_5TEJ__.
Bodo Möller [Wed, 19 Oct 2011 15:29:14 +0000 (15:29 +0000)]
"make update" (partial)
Bodo Möller [Wed, 19 Oct 2011 14:59:27 +0000 (14:59 +0000)]
BN_BLINDING multi-threading fix.
Submitted by: Emilia Kasper (Google)
Dr. Stephen Henson [Wed, 19 Oct 2011 12:05:08 +0000 (12:05 +0000)]
Typo (?)
Dr. Stephen Henson [Wed, 19 Oct 2011 11:47:21 +0000 (11:47 +0000)]
Build fipscanister.o only by default. Utility build now needs
make build_tests
Dr. Stephen Henson [Wed, 19 Oct 2011 11:44:25 +0000 (11:44 +0000)]
Recognise new option.
Bodo Möller [Wed, 19 Oct 2011 09:24:22 +0000 (09:24 +0000)]
Fix indentation
Bodo Möller [Wed, 19 Oct 2011 08:59:53 +0000 (08:59 +0000)]
Fix warnings.
Also, use the common Configure mechanism for enabling/disabling the 64-bit ECC code.
Dr. Stephen Henson [Tue, 18 Oct 2011 22:11:11 +0000 (22:11 +0000)]
Update premain fingerprint.
Bodo Möller [Tue, 18 Oct 2011 19:43:16 +0000 (19:43 +0000)]
Improve optional 64-bit NIST-P224 implementation, and add NIST-P256 and
NIST-P521. (Now -DEC_NISTP_64_GCC_128 enables all three of these;
-DEC_NISTP224_64_GCC_128 no longer works.)
Submitted by: Google Inc.
Andy Polyakov [Tue, 18 Oct 2011 18:59:33 +0000 (18:59 +0000)]
fipssyms.h: assign alias to newly introduced bn_gather5.
Andy Polyakov [Tue, 18 Oct 2011 18:56:09 +0000 (18:56 +0000)]
fips/*: extend fipsro segmenting to all _MSC_VER builds (including WinCE).
Andy Polyakov [Tue, 18 Oct 2011 18:52:05 +0000 (18:52 +0000)]
fips_enc.c: assign minimal block size to bad_cipher [to avoid arithmetic
exceptions in TLS layer].
Andy Polyakov [Tue, 18 Oct 2011 13:39:47 +0000 (13:39 +0000)]
engines/.cvsignore: stop whining about e_padlock-*.s.
Andy Polyakov [Tue, 18 Oct 2011 13:37:26 +0000 (13:37 +0000)]
evp/e_aes.c: fold AES-NI modes that heavily rely on indirect calls
(trade 2% small-block performance), engage bit-sliced AES in GCM.
Andy Polyakov [Tue, 18 Oct 2011 09:50:23 +0000 (09:50 +0000)]
x86_64-xlate.pl: make vpaes-x86_64.pl and rc4-md5-x86_64 work with ml64,
fix bug in .crt section alignment.
PR: 2620, 2624
Andy Polyakov [Tue, 18 Oct 2011 09:22:04 +0000 (09:22 +0000)]
bsaes-x86_64.pl: make it work with ml64.
Andy Polyakov [Tue, 18 Oct 2011 08:03:02 +0000 (08:03 +0000)]
[bs|vp]aes-x86[_64].pl: typos and clarifications.
Andy Polyakov [Tue, 18 Oct 2011 07:53:50 +0000 (07:53 +0000)]
c_allc.c: add aes-xts to loop.
Dr. Stephen Henson [Tue, 18 Oct 2011 00:02:42 +0000 (00:02 +0000)]
Do global replace to remove assembly language object files.
Andy Polyakov [Mon, 17 Oct 2011 23:35:00 +0000 (23:35 +0000)]
bn_mont.c: get corner cases right in updated BN_from_montgomery_word.
Andy Polyakov [Mon, 17 Oct 2011 17:41:49 +0000 (17:41 +0000)]
bn_exp.c: further optimizations using more ideas from
http://eprint.iacr.org/2011/239.
Andy Polyakov [Mon, 17 Oct 2011 17:39:59 +0000 (17:39 +0000)]
x86_64-mont.pl: minor optimization.
Andy Polyakov [Mon, 17 Oct 2011 17:24:28 +0000 (17:24 +0000)]
bn_mont.c: simplify BN_from_montgomery_word.
Andy Polyakov [Mon, 17 Oct 2011 17:20:48 +0000 (17:20 +0000)]
bn_shift.c: minimize reallocations, which allows BN_FLG_STATIC_DATA to
be shifted in specific cases.
Andy Polyakov [Mon, 17 Oct 2011 17:10:54 +0000 (17:10 +0000)]
Engage bsaes-x86_64.pl, bit-sliced AES.
Dr. Stephen Henson [Sun, 16 Oct 2011 12:31:49 +0000 (12:31 +0000)]
L=3072, N=256 provides 128 bits of security not 112.
Andy Polyakov [Sat, 15 Oct 2011 08:32:16 +0000 (08:32 +0000)]
Add android-x86.
Dr. Stephen Henson [Fri, 14 Oct 2011 23:51:58 +0000 (23:51 +0000)]
Clarify usage message.
Dr. Stephen Henson [Fri, 14 Oct 2011 22:04:14 +0000 (22:04 +0000)]
more vxworks patches
Dr. Stephen Henson [Fri, 14 Oct 2011 17:28:10 +0000 (17:28 +0000)]
Allow override of GCCVER and noexecstack checking from environment.
Vxworks support.
Dr. Stephen Henson [Fri, 14 Oct 2011 15:15:20 +0000 (15:15 +0000)]
Don't use TPREFIX shell variable for minimal script.
Dr. Stephen Henson [Fri, 14 Oct 2011 13:00:08 +0000 (13:00 +0000)]
Add usage messages.
Andy Polyakov [Fri, 14 Oct 2011 09:32:06 +0000 (09:32 +0000)]
e_aes.c: fix bug in aesni_gcm_tls_cipher.
Andy Polyakov [Fri, 14 Oct 2011 09:15:19 +0000 (09:15 +0000)]
aesni-x86[_64].pl: fix bug in CCM code.
Andy Polyakov [Thu, 13 Oct 2011 19:46:44 +0000 (19:46 +0000)]
Remove eng_aesni.c as AES-NI support is integrated directly at EVP.
Bodo Möller [Thu, 13 Oct 2011 15:07:08 +0000 (15:07 +0000)]
use -no_ecdhe when using -no_dhe
Bodo Möller [Thu, 13 Oct 2011 14:29:59 +0000 (14:29 +0000)]
Oops - ectest.c finds further problems beyond those exposed by bntext.c
Bodo Möller [Thu, 13 Oct 2011 14:21:39 +0000 (14:21 +0000)]
Avoid failed assertion in BN_DEBUG builds
Bodo Möller [Thu, 13 Oct 2011 13:41:34 +0000 (13:41 +0000)]
Make CTR mode behaviour consistent with other modes:
- clear ctx->num in EVP_CipherInit_ex
- adapt e_eas.c changes from http://cvs.openssl.org/chngview?cn=19816
for eng_aesni.c
Submitted by: Emilia Kasper
Bodo Möller [Thu, 13 Oct 2011 13:27:09 +0000 (13:27 +0000)]
Clarify warning
Bodo Möller [Thu, 13 Oct 2011 13:20:33 +0000 (13:20 +0000)]
typo
Bodo Möller [Thu, 13 Oct 2011 13:05:58 +0000 (13:05 +0000)]
In ssl3_clear, preserve s3->init_extra along with s3->rbuf.
Submitted by: Bob Buckholz <bbuckholz@google.com>
Bodo Möller [Thu, 13 Oct 2011 12:35:10 +0000 (12:35 +0000)]
Fix OPENSSL_BN_ASM_MONT5 for corner cases; add a test.
Submitted by: Emilia Kasper
Dr. Stephen Henson [Wed, 12 Oct 2011 22:41:33 +0000 (22:41 +0000)]
Print curve type for signature tests.
Dr. Stephen Henson [Wed, 12 Oct 2011 21:55:03 +0000 (21:55 +0000)]
increase test RSA key size to 1024 bits
Dr. Stephen Henson [Wed, 12 Oct 2011 18:48:01 +0000 (18:48 +0000)]
Update README.FIPS for new FIPS 2.0 testvectors.
Dr. Stephen Henson [Wed, 12 Oct 2011 17:27:08 +0000 (17:27 +0000)]
Remove o_init.o special case from Makefile: this doesn't work.
Dr. Stephen Henson [Wed, 12 Oct 2011 17:18:38 +0000 (17:18 +0000)]
Skip ECDH sanity check. Add --compare-all to run comparison tests on
all files instead of sanity checks.
Dr. Stephen Henson [Wed, 12 Oct 2011 17:03:15 +0000 (17:03 +0000)]
Handle partial test where H is absent: needed to check g generation.
Dr. Stephen Henson [Wed, 12 Oct 2011 15:35:34 +0000 (15:35 +0000)]
Update instructions.
Dr. Stephen Henson [Wed, 12 Oct 2011 15:33:54 +0000 (15:33 +0000)]
Updates to handle some verification of v2 tests.
Now enable v2 by default and require a --disable-v2 option to run the
old v1 tests.
Dr. Stephen Henson [Wed, 12 Oct 2011 15:32:57 +0000 (15:32 +0000)]
Handle broken test on verify too.
Dr. Stephen Henson [Wed, 12 Oct 2011 13:17:19 +0000 (13:17 +0000)]
ECDH POST selftest failure inducing support.
Dr. Stephen Henson [Wed, 12 Oct 2011 13:06:45 +0000 (13:06 +0000)]
Fix warnings.
Dr. Stephen Henson [Wed, 12 Oct 2011 12:55:58 +0000 (12:55 +0000)]
Only include one ECDH selftest.
Andy Polyakov [Tue, 11 Oct 2011 21:07:53 +0000 (21:07 +0000)]
e_padlock-x86[_64].pl: protection against prefetch errata.
Dr. Stephen Henson [Tue, 11 Oct 2011 18:15:31 +0000 (18:15 +0000)]
update pkey method initialisation and copy
Dr. Stephen Henson [Tue, 11 Oct 2011 17:44:26 +0000 (17:44 +0000)]
print out subgroup order if present
Dr. Stephen Henson [Mon, 10 Oct 2011 20:35:09 +0000 (20:35 +0000)]
def_rsa_finish not used any more.
Dr. Stephen Henson [Mon, 10 Oct 2011 19:09:01 +0000 (19:09 +0000)]
remove some debugging code
Dr. Stephen Henson [Mon, 10 Oct 2011 14:08:55 +0000 (14:08 +0000)]
fix leak properly this time...
Dr. Stephen Henson [Mon, 10 Oct 2011 12:56:18 +0000 (12:56 +0000)]
add GCM ciphers in SSL_library_init
Dr. Stephen Henson [Mon, 10 Oct 2011 12:41:11 +0000 (12:41 +0000)]
disable GCM if not available
Dr. Stephen Henson [Sun, 9 Oct 2011 23:26:39 +0000 (23:26 +0000)]
Don't disable TLS v1.2 by default now.
Dr. Stephen Henson [Sun, 9 Oct 2011 23:16:20 +0000 (23:16 +0000)]
Synv ordinals with 1.0.1-stable.
Dr. Stephen Henson [Sun, 9 Oct 2011 23:11:55 +0000 (23:11 +0000)]
fix CHANGES entry
Dr. Stephen Henson [Sun, 9 Oct 2011 23:08:15 +0000 (23:08 +0000)]
fix memory leaks
Andy Polyakov [Sun, 9 Oct 2011 21:53:53 +0000 (21:53 +0000)]
e_padlock-x86_64.pl: brown-bag bug in stack pointer handling.
Dr. Stephen Henson [Sun, 9 Oct 2011 15:29:43 +0000 (15:29 +0000)]
Sync ordinals with 1.0.1-stable.
Dr. Stephen Henson [Sun, 9 Oct 2011 00:56:52 +0000 (00:56 +0000)]
PR: 2482
Submitted by: Rob Austein <sra@hactrn.net>
Reviewed by: steve
Don't allow inverted ranges in RFC3779 code, discovered by Frank Ellermann.
Andy Polyakov [Sat, 8 Oct 2011 21:37:44 +0000 (21:37 +0000)]
e_padlock-x86[_64].pl: SHA fixes, comply with specification and fix bug.
Dr. Stephen Henson [Fri, 7 Oct 2011 18:18:50 +0000 (18:18 +0000)]
Add fips/ecdh directory.
Dr. Stephen Henson [Fri, 7 Oct 2011 15:18:09 +0000 (15:18 +0000)]
New -force_pubkey option to x509 utility to supply a different public
key to the one in a request. This is useful for cases where the public
key cannot be used for signing e.g. DH.
Dr. Stephen Henson [Fri, 7 Oct 2011 15:07:19 +0000 (15:07 +0000)]
use client version when eliminating TLS v1.2 ciphersuites in client hello
Dr. Stephen Henson [Thu, 6 Oct 2011 20:44:02 +0000 (20:44 +0000)]
? crypto/aes/aes-armv4.S
? crypto/aes/aesni-sha1-x86_64.s
? crypto/aes/aesni-x86_64.s
? crypto/aes/foo.pl
? crypto/aes/vpaes-x86_64.s
? crypto/bn/.bn_lib.c.swp
? crypto/bn/armv4-gf2m.S
? crypto/bn/diffs
? crypto/bn/modexp512-x86_64.s
? crypto/bn/x86_64-gf2m.s
? crypto/bn/x86_64-mont5.s
? crypto/ec/bc.txt
? crypto/ec/diffs
? crypto/modes/a.out
? crypto/modes/diffs
? crypto/modes/ghash-armv4.S
? crypto/modes/ghash-x86_64.s
? crypto/modes/op.h
? crypto/modes/tst.c
? crypto/modes/x.h
? crypto/objects/.obj_xref.txt.swp
? crypto/rand/diffs
? crypto/sha/sha-512
? crypto/sha/sha1-armv4-large.S
? crypto/sha/sha256-armv4.S
? crypto/sha/sha512-armv4.S
Index: crypto/objects/obj_xref.c
===================================================================
RCS file: /v/openssl/cvs/openssl/crypto/objects/obj_xref.c,v
retrieving revision 1.9
diff -u -r1.9 obj_xref.c
--- crypto/objects/obj_xref.c 5 Nov 2008 18:38:58 -0000 1.9
+++ crypto/objects/obj_xref.c 6 Oct 2011 20:30:21 -0000
@@ -110,8 +110,10 @@
#endif
if (rv == NULL)
return 0;
- *pdig_nid = rv->hash_id;
- *ppkey_nid = rv->pkey_id;
+ if (pdig_nid)
+ *pdig_nid = rv->hash_id;
+ if (ppkey_nid)
+ *ppkey_nid = rv->pkey_id;
return 1;
}
@@ -144,7 +146,8 @@
#endif
if (rv == NULL)
return 0;
- *psignid = (*rv)->sign_id;
+ if (psignid)
+ *psignid = (*rv)->sign_id;
return 1;
}
Index: crypto/x509/x509type.c
===================================================================
RCS file: /v/openssl/cvs/openssl/crypto/x509/x509type.c,v
retrieving revision 1.10
diff -u -r1.10 x509type.c
--- crypto/x509/x509type.c 26 Oct 2007 12:06:33 -0000 1.10
+++ crypto/x509/x509type.c 6 Oct 2011 20:36:04 -0000
@@ -100,20 +100,26 @@
break;
}
- i=X509_get_signature_type(x);
- switch (i)
+ i=OBJ_obj2nid(x->sig_alg->algorithm);
+ if (i && OBJ_find_sigid_algs(i, NULL, &i))
{
- case EVP_PKEY_RSA:
- ret|=EVP_PKS_RSA;
- break;
- case EVP_PKEY_DSA:
- ret|=EVP_PKS_DSA;
- break;
- case EVP_PKEY_EC:
- ret|=EVP_PKS_EC;
- break;
- default:
- break;
+
+ switch (i)
+ {
+ case NID_rsaEncryption:
+ case NID_rsa:
+ ret|=EVP_PKS_RSA;
+ break;
+ case NID_dsa:
+ case NID_dsa_2:
+ ret|=EVP_PKS_DSA;
+ break;
+ case NID_X9_62_id_ecPublicKey:
+ ret|=EVP_PKS_EC;
+ break;
+ default:
+ break;
+ }
}
if (EVP_PKEY_size(pk) <= 1024/8)/* /8 because it's 1024 bits we look