Ben Laurie
95dd301861
Missing MINFO generation.
2013-03-04 14:31:18 +00:00
Ben Laurie
0850f11855
Fix ignored return value warnings.
...
Not sure why I am getting these now and not before.
2013-02-21 18:30:04 +00:00
Dr. Stephen Henson
e511c64a24
Don't use C++ style comments.
2013-01-24 23:22:33 +00:00
Andy Polyakov
46bf83f07a
x86_64 assembly pack: make Windows build more robust.
...
PR: 2963 and a number of others
2013-01-22 22:27:28 +01:00
Andy Polyakov
06b3b640eb
gost2814789t.c: portability fixes.
2013-01-22 14:37:03 +01:00
Ben Laurie
5bdf1f1a89
Fix warnings.
2013-01-21 23:02:17 +00:00
Andy Polyakov
a0dcb8d821
gost_crypt.c: add assertions.
...
Submitted by: Seguei Leontiev
PR: 2821
2013-01-19 18:10:05 +01:00
Andy Polyakov
26906f2d93
engines/ccgost: add test case.
...
Submitted by: Serguei Leontiev
PR: 2821
2013-01-19 17:56:56 +01:00
Andy Polyakov
3a3f964eda
gost_crypt.c: more intuitive ceiling.
2012-12-19 17:24:46 +00:00
Andy Polyakov
8cfb6411ff
engines/cchost/gost_crypt.c: fix typo.
2012-12-19 11:06:00 +00:00
Andy Polyakov
2c0093d294
engines/e_capi.c: fix typo.
...
Submitted by: Pierre Delaage
2012-12-19 10:54:47 +00:00
Andy Polyakov
947e129219
engine/cchost: fix bugs.
...
PR: 2821
Submitted by: Dmitry Belyavsky, Serguei Leontiev
2012-12-19 10:45:13 +00:00
Dr. Stephen Henson
c4fc172240
PR: 2880
...
Submitted by: "Florian Rüchel" <florian.ruechel@ruhr-uni-bochum.de>
Correctly handle local machine keys in the capi ENGINE.
2012-11-18 15:24:37 +00:00
Dr. Stephen Henson
d21bf10dea
Don't load GOST ENGINE if it is already loaded.
...
Multiple copies of the ENGINE will cause problems when it is cleaned up as
the methods are stored in static structures which will be overwritten and
freed up more than once.
Set static methods to NULL when the ENGINE is freed so it can be reloaded.
2012-09-01 11:30:53 +00:00
Andy Polyakov
99e59d634a
gosthash.c: use memmove in circle_xor8, as input pointers can be equal.
...
PR: 2858
2012-08-13 16:36:51 +00:00
Andy Polyakov
6251989eb6
x86_64 assembly pack: make it possible to compile with Perl located on
...
path with spaces.
PR: 2835
2012-06-27 10:08:23 +00:00
Ben Laurie
71fa451343
Version skew reduction: trivia (I hope).
2012-06-03 22:00:21 +00:00
Andy Polyakov
ed998634cd
e_padlock-x86[_64].pl: better understanding of prefetch errata and proper
...
workaround.
2012-03-19 20:23:32 +00:00
Andy Polyakov
884c580e05
eng_all.c: revert previous "disable Padlock" commit, which was unjustified.
2012-03-19 20:20:41 +00:00
Dr. Stephen Henson
174b07be93
PR: 2744
...
Submitted by: Dmitry Belyavsky <beldmit@gmail.com>
CMS support for ccgost engine
2012-03-11 13:40:17 +00:00
Dr. Stephen Henson
797a2a102d
PR: 2743
...
Reported by: Dmitry Belyavsky <beldmit@gmail.com>
Fix memory leak if invalid GOST MAC key given.
2012-02-29 14:13:00 +00:00
Dr. Stephen Henson
e626c77808
PR: 2703
...
Submitted by: Alexey Melnikov <alexey.melnikov@isode.com>
Fix some memory and resource leaks in CAPI ENGINE.
2012-02-11 23:13:10 +00:00
Dr. Stephen Henson
da2a5a79ef
PR: 2705
...
Submitted by: Alexey Melnikov <alexey.melnikov@isode.com>
Only create ex_data indices once for CAPI engine.
2012-02-11 23:08:08 +00:00
Andy Polyakov
a50bce82ec
Sanitize usage of <ctype.h> functions. It's important that characters
...
are passed zero-extended, not sign-extended.
PR: 2682
2012-01-12 16:21:35 +00:00
Dr. Stephen Henson
6bf896d9b1
Check GOST parameters are not NULL (CVE-2012-0027)
2012-01-04 23:03:40 +00:00
Ben Laurie
b9ef708e40
Padlock engine doesn't build (the asm parts are not built for some reason),
...
so remove for now.
2011-12-13 15:56:40 +00:00
Andy Polyakov
dce7f142a6
Configure: reimplement commit#21695.
2011-11-15 12:32:18 +00:00
Ben Laurie
ae55176091
Fix some warnings caused by __owur. Temporarily (I hope) remove the more
...
aspirational __owur annotations.
2011-11-14 00:36:10 +00:00
Andy Polyakov
f9542a4231
engines/: get rid of cvs warnings on MacOS X, proper clean in ccgost.
2011-11-12 12:13:13 +00:00
Bodo Möller
f391750205
"make update" (partial)
2011-10-19 15:29:14 +00:00
Andy Polyakov
5d77cdc591
engines/.cvsignore: stop whining about e_padlock-*.s.
2011-10-18 13:39:47 +00:00
Andy Polyakov
6c8ce3c2ff
e_padlock-x86[_64].pl: protection against prefetch errata.
2011-10-11 21:07:53 +00:00
Andy Polyakov
b1d3e9de63
e_padlock-x86_64.pl: brown-bag bug in stack pointer handling.
2011-10-09 21:53:53 +00:00
Andy Polyakov
08d62e9f1a
e_padlock-x86[_64].pl: SHA fixes, comply with specification and fix bug.
2011-10-08 21:37:44 +00:00
Andy Polyakov
50452b2e60
e_padlock: add CTR mode.
2011-10-05 17:03:44 +00:00
Andy Polyakov
d18762f7c9
e_padlock-x86_64.pl: fix typo.
2011-10-04 11:21:33 +00:00
Andy Polyakov
149ca7128c
e_padlock-x86*.pl: Nano-related update.
2011-10-04 11:05:16 +00:00
Andy Polyakov
04c3aa5c1a
e_padlock-x86.pl: previous C3-specific fix was incomplete.
2011-10-01 10:44:51 +00:00
Andy Polyakov
3edc26a256
e_padlock-x86.pl: make it work on VIA C3 (which doesn't support SSE2).
2011-10-01 10:16:13 +00:00
Andy Polyakov
2b1f17f83f
Make latest assembler additions (vpaes and e_padlock) work in Windows build.
2011-09-18 15:40:11 +00:00
Andy Polyakov
33987f2f45
engines/asm/e_padlock-x86_64.pl: name it right and fix small bug.
2011-09-06 22:53:34 +00:00
Andy Polyakov
ed28aef8b4
Padlock engine: make it independent of inline assembler.
2011-09-06 20:45:36 +00:00
Dr. Stephen Henson
f7924634d4
PR: 2586
...
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve
Zero structure fields properly.
2011-09-01 13:45:46 +00:00
Dr. Stephen Henson
d3f6a5a01d
PR: 2586
...
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve
Fix brace mismatch.
2011-09-01 13:37:37 +00:00
Andy Polyakov
87f6b97e89
e_padlock.c: fix typo.
2011-05-25 10:02:20 +00:00
Andy Polyakov
67d8487bb8
e_padlock.c: last x86_64 commit didn't work with some optimizers.
2011-05-24 17:18:19 +00:00
Andy Polyakov
b50842036f
e_padlock.c: make it compile on MacOS X.
2011-05-18 16:21:54 +00:00
Dr. Stephen Henson
b9b0a177f8
new flag to stop ENGINE methods being registered
2011-05-15 15:56:49 +00:00
Dr. Stephen Henson
9609ea869d
NULL is a valid cspname
2011-05-15 11:44:14 +00:00
Richard Levitte
3a660e7364
Corrections to the VMS build system.
...
Submitted by Steven M. Schweda <sms@antinode.info>
2011-03-25 16:20:35 +00:00
Richard Levitte
4ec3e8ca51
For VMS, implement the possibility to choose 64-bit pointers with
...
different options:
"64" The build system will choose /POINTER_SIZE=64=ARGV if
the compiler supports it, otherwise /POINTER_SIZE=64.
"64=" The build system will force /POINTER_SIZE=64.
"64=ARGV" The build system will force /POINTER_SIZE=64=ARGV.
2011-03-25 09:40:48 +00:00
Richard Levitte
537c982306
After some adjustments, apply the changes OpenSSL 1.0.0d on OpenVMS
...
submitted by Steven M. Schweda <sms@antinode.info>
2011-03-19 10:58:14 +00:00
Dr. Stephen Henson
a3654f0586
Include openssl/crypto.h first in several other files so FIPS renaming
...
is picked up.
2011-02-16 17:25:01 +00:00
Bodo Möller
9d0397e977
make update
2011-02-03 10:17:53 +00:00
Dr. Stephen Henson
eb164d0b12
stop warnings about no previous prototype when compiling shared engines
2011-01-30 01:30:48 +00:00
Richard Levitte
5b301b2fe3
PR: 2407
...
Fix fault include.
Submitted by Arpadffy Zoltan <Zoltan.Arpadffy@scientificgames.se>
2011-01-06 20:56:02 +00:00
Andy Polyakov
c329c6bac7
e_capi.c: rearrange #include-s to improve portability.
...
PR: 2394
2010-12-14 20:39:17 +00:00
Richard Levitte
b7ef916c38
First attempt at adding the possibility to set the pointer size for the builds on VMS.
...
PR: 2393
2010-12-14 19:19:04 +00:00
Andy Polyakov
cc4c230653
e_capi.c: change from ANSI to TCHAR domain. This makes it compilable on
...
Windows CE/Mobile, yet keeps it normal Windows loop.
PR: 2350
2010-12-12 20:26:09 +00:00
Richard Levitte
c8f0610d99
Synchronise with Unix and do all other needed modifications to have it
...
build on VMS again.
2010-11-22 22:04:41 +00:00
Dr. Stephen Henson
9ac0708f37
PR: 2375
...
Submitted by: Guenter <lists@gknw.net>
Reviewed by: steve
cleanup/fix e_aep.c for OpenWatcom
2010-11-18 23:00:02 +00:00
Dr. Stephen Henson
6b02f9fafb
PR: 2374
...
Submitted by: Guenter <lists@gknw.net>
Reviewed by: steve
Don't compile capi ENGINE on mingw32
2010-11-18 22:57:02 +00:00
Andy Polyakov
f2c88f5282
engine/Makefile: harmonize engine install rule for .dylib extension on MacOS X.
...
PR: 2319
2010-08-24 21:45:41 +00:00
Ben Laurie
c8bbd98a2b
Fix warnings.
2010-06-12 14:13:23 +00:00
Dr. Stephen Henson
19a45b8d47
Avoid use of ex_data free function in Chil ENGINE so it can be safely
...
reloaded.
2010-05-26 16:17:16 +00:00
Dr. Stephen Henson
ae7c67cace
PR: 2254
...
Submitted by: Ger Hobbelt <ger@hobbelt.com>
Approved by: steve@openssl.org
Check for <= 0 i2d return value.
2010-05-22 00:40:38 +00:00
Dr. Stephen Henson
e855d538de
PR: 2255
...
Submitted By: Ger Hobbelt <ger@hobbelt.com>
Place RSA dependent variable under #ifndef OPENSSL_NO_RSA
2010-05-15 00:19:44 +00:00
Dr. Stephen Henson
5d1a50ac2a
fix bug in ccgost CFB mode code
2010-04-14 00:33:06 +00:00
Dr. Stephen Henson
af73b08ac0
check ASN1 type before using it
2010-04-14 00:30:32 +00:00
Dr. Stephen Henson
172f6b2d62
make GOST MAC work again
2010-04-08 10:55:04 +00:00
Dr. Stephen Henson
f2e8488b85
initialise buf if wrong_info not used
2010-03-24 23:42:05 +00:00
Andy Polyakov
82f385d71d
e_capi.c: fix typo.
2010-03-15 22:28:48 +00:00
Dr. Stephen Henson
6c6bdd543d
workaround for missing definition in some headers
2010-03-15 13:10:08 +00:00
Dr. Stephen Henson
00947cea0c
PR: 2192
...
Submitted By: Jaroslav Imrich <jaroslav.imrich@disig.sk>
The prompt_info and wrong_info parameters can be empty strings which
can produce confusing prompts. Treat empty string same as NULL.
2010-03-12 12:48:32 +00:00
Bodo Möller
2d9dcd4ff0
Always check bn_wexpend() return values for failure (CVE-2009-3245).
...
(The CHANGES entry covers the change from PR #2111 as well, submitted by
Martin Olsson.)
Submitted by: Neel Mehta
2010-02-23 10:36:35 +00:00
Dr. Stephen Henson
439aab3afc
Submitted by: Dmitry Ivanov <vonami@gmail.com>
...
Don't leave dangling pointers in GOST engine if calls fail.
2010-02-16 14:30:29 +00:00
Richard Levitte
407a410136
Have the VMS build system catch up with the 1.0.0-stable branch.
2010-01-27 09:18:42 +00:00
Richard Levitte
c8c07be883
size_t doesn't compare less than zero...
2010-01-27 01:18:21 +00:00
Dr. Stephen Henson
d5e8d8b547
PR: 2141
...
Submitted by: "NARUSE, Yui" <naruse@airemix.jp>
Remove non-ASCII comment which causes compilation errors on some versions
of VC++.
2010-01-19 19:28:18 +00:00
Dr. Stephen Henson
72a9776abc
PR: 2135
...
Submitted by: Mike Frysinger <vapier@gentoo.org>
Change missed references to lib to $(LIBDIR)
2010-01-16 20:05:59 +00:00
Andy Polyakov
f87e307875
Adapt mingw config for newer mingw environment. Note modified conditional
...
compilation in e_capi.c.
PR: 2113
2009-12-30 11:46:54 +00:00
Bodo Möller
8580f8015f
Use properly local variables for thread-safety.
...
Submitted by: Martin Rex
2009-12-22 11:52:17 +00:00
Dr. Stephen Henson
0f6e21385e
PR: 1686
...
Submitted by: Hanno Böck <hanno@hboeck.de>
Approved by: steve@openssl.org
Create engines dir if it doesn't already exist.
2009-11-10 01:52:41 +00:00
Dr. Stephen Henson
4a1b71fb0c
PR: 2070
...
Submitted by: Alexander Nikitovskiy <Nikitovski@ya.ru>
Approved by: steve@openssl.org
Fix wrong cast.
2009-10-19 13:16:01 +00:00
Dr. Stephen Henson
a0b3e0de6c
Fixup sureware ENGINE to handle new RAND_METHOD
2009-09-23 23:49:04 +00:00
Dr. Stephen Henson
6727565a84
PR: 2003
...
Make it possible to install OpenSSL in directories with name other
than "lib" for example "lib64". Based on patch from Jeremy Utley.
2009-08-10 14:48:40 +00:00
Dr. Stephen Henson
c55d27ac33
Make update.
2009-07-08 09:19:53 +00:00
Dr. Stephen Henson
9458530d45
Update from 1.0.0-stable
2009-07-01 11:29:25 +00:00
Dr. Stephen Henson
f0288f05b9
Submitted by: Artem Chuprina <ran@cryptocom.ru>
...
Reviewed by: steve@openssl.org
Various GOST ciphersuite and ENGINE fixes. Including...
Allow EVP_PKEY_set_derive_peerkey() in encryption operations.
New flag when certificate verify should be omitted in client key exchange.
2009-06-16 16:38:47 +00:00
Dr. Stephen Henson
512cab0128
Fix error codes.
2009-06-15 11:18:31 +00:00
Dr. Stephen Henson
0b36857866
Update from 0.9.8-stable.
2009-05-29 14:02:57 +00:00
Richard Levitte
cc8cc9a3a1
Functional VMS changes submitted by sms@antinode.info (Steven M. Schweda).
...
Thank you\!
(note: not tested for now, a few nightly builds should give indications though)
2009-05-15 16:36:56 +00:00
Andy Polyakov
3dccfc1e68
e_padlock.c: fix typo (missing #endif) and switch to __builtin_alloca
...
(with introduction of 64-bit support alloca must be declared and there
is no standard way of doing that, switching to __bultin_alloca is
considered appropriate because code explicitly targets gcc anyway).
2009-05-12 20:19:09 +00:00
Dr. Stephen Henson
8002e3073b
Typo.
2009-05-07 16:40:52 +00:00
Richard Levitte
7da74281d2
Do not try to link the support file(s), as they aren't a complete
...
engine ;-)
2009-05-06 13:56:50 +00:00
Richard Levitte
e6b0c0007f
Make sure the padlock code compiles correctly even on hardware that
...
doesn't have padlocks.
2009-05-06 13:55:40 +00:00
Andy Polyakov
01483c269e
Make CAPI engine UNICODE aware (it didn't work on Win64).
2009-05-03 13:52:01 +00:00
Richard Levitte
f8a2233457
Stupid typo
2009-04-28 12:48:02 +00:00
Richard Levitte
876708c67d
Add padlock data
...
Redo the loop so it really compiles all objects for one engine, then
links the engine (until now, it still thought every file was an engine
of its own...).
2009-04-27 00:04:33 +00:00
Dr. Stephen Henson
d4f0339c66
Update from 1.0.0-stable.
2009-04-26 22:18:22 +00:00
Andy Polyakov
127186bf57
e_padlock: add support for x86_64 gcc.
2009-04-26 18:14:58 +00:00
Richard Levitte
d2617165ad
Add local symbol hacks for OpenVMS
2009-04-26 12:26:00 +00:00
Dr. Stephen Henson
ef236ec3b2
Merge from 1.0.0-stable branch.
2009-04-23 16:32:42 +00:00
Dr. Stephen Henson
8711efb498
Updates from 1.0.0-stable branch.
2009-04-20 11:33:12 +00:00
Dr. Stephen Henson
e5fa864f62
Updates from 1.0.0-stable.
2009-04-15 15:27:03 +00:00
Dr. Stephen Henson
14023fe352
Merge from 1.0.0-stable branch.
2009-04-03 11:45:19 +00:00
Dr. Stephen Henson
70b2186e24
Stop warnings.
2009-03-31 19:54:51 +00:00
Dr. Stephen Henson
b6af2c7e3e
Submitted by: "Victor B. Wagner" <vitus@cryptocom.ru>
...
Reviewed by: steve@openssl.org
Update ccgost engine to support parameter files.
2009-03-17 15:38:34 +00:00
Dr. Stephen Henson
2c618ab993
Submitted by: "Victor B. Wagner" <vitus@cryptocom.ru>
...
Reviewed by: steve@openssl.org
Change default Gost parameter set to id_Gost28147_89_CryptoPro_A_ParamSet
2009-02-16 21:52:01 +00:00
Andy Polyakov
e527201f6b
This _WIN32-specific patch makes it possible to "wrap" OpenSSL in another
...
.DLL, in particular static build. The issue has been discussed in RT#1230
and later on openssl-dev, and mutually exclusive approaches were suggested.
This completes compromise solution suggested in RT#1230.
PR: 1230
2008-12-22 13:54:12 +00:00
Richard Levitte
26397d2e8c
Synchronise VMS build system with the Unixly one
2008-12-16 10:54:28 +00:00
Ben Laurie
19d300d07c
Return error if DH_new() fails (Coverity ID 150).
2008-12-13 17:39:53 +00:00
Ben Laurie
071920d9f6
Check for NULL before use (Coverity ID 203).
2008-12-13 17:28:25 +00:00
Geoff Thorpe
71702f7ed0
Clarify a 'chil' engine param that is a little unintuitive.
...
Submitted by: Sander Temme <sander@temme.net>
2008-11-28 22:04:49 +00:00
Geoff Thorpe
31636a3ed1
Allow the CHIL engine to load even if dynamic locks aren't registered.
...
Submitted by: Sander Temme
2008-11-19 14:21:27 +00:00
Ben Laurie
774b2fe700
Aftermath of a clashing size_t fix (now only format changes).
2008-11-13 09:48:47 +00:00
Dr. Stephen Henson
dd9557a8ba
Revert another size_t change.
2008-11-12 18:47:24 +00:00
Geoff Thorpe
6343829a39
Revert the size_t modifications from HEAD that had led to more
...
knock-on work than expected - they've been extracted into a patch
series that can be completed elsewhere, or in a different branch,
before merging back to HEAD.
2008-11-12 03:58:08 +00:00
Dr. Stephen Henson
2e5975285e
Update obsolete email address...
2008-11-05 18:39:08 +00:00
Andy Polyakov
9be5481297
Add initial support for mingw64.
...
PR: 1693
Submitted by: Alon Bar-Lev
2008-11-03 21:15:07 +00:00
Dr. Stephen Henson
70d71f6185
Fix warnings: printf format mismatches on 64 bit platforms.
...
Change assert to OPENSSL_assert().
Fix e_padlock prototype.
2008-11-02 15:41:30 +00:00
Ben Laurie
5e4430e70d
More size_tification.
2008-11-01 16:40:37 +00:00
Andy Polyakov
09a60c9833
Fix warnings after commit#17578.
2008-10-31 20:20:54 +00:00
Ben Laurie
babb379849
Type-checked (and modern C compliant) OBJ_bsearch.
2008-10-12 14:32:47 +00:00
Andy Polyakov
492279f6f3
AIX build updates.
2008-09-12 14:45:54 +00:00
Bodo Möller
9be8035b11
fix error function codes
2008-08-13 19:44:15 +00:00
Dr. Stephen Henson
a0f3679b52
Update from stable branch.
2008-06-25 10:43:07 +00:00
Dr. Stephen Henson
2836cb3816
Update from stable branch.
2008-06-18 15:08:41 +00:00
Dr. Stephen Henson
46d4782888
Update from stable branch.
2008-06-18 12:06:10 +00:00
Dr. Stephen Henson
1cd504e7be
Don't change _WIN32_WINNT and detect GetConsoleWindow() and
...
CryptUIDlgSelectCertificateFromStore() at runtime. Add callback function
for selection mechanism.
2008-06-05 23:19:56 +00:00
Dr. Stephen Henson
11f3cee93b
Update from stable branch.
2008-06-05 17:04:16 +00:00
Dr. Stephen Henson
ffc2b3e927
Update from stable branch.
2008-06-05 11:45:25 +00:00
Dr. Stephen Henson
e1451bb51d
Update from stable branch.
2008-06-04 23:03:28 +00:00
Dr. Stephen Henson
1381bf90f4
Use an appropriate Window for selection dialog.
2008-06-04 16:45:05 +00:00
Dr. Stephen Henson
e0f7b87227
Add support for Windoes dialog box based certificate selection.
2008-06-04 16:10:09 +00:00
Dr. Stephen Henson
b814c01a76
Tidy up and add comments to selection code.
2008-06-04 12:03:57 +00:00
Ben Laurie
5ce278a77b
More type-checking.
2008-06-04 11:01:43 +00:00
Dr. Stephen Henson
37cf49a3df
Avoid name clash.
2008-06-04 10:57:38 +00:00
Ben Laurie
f79262e94b
Only include windows headers when under windows.
2008-06-04 05:21:13 +00:00
Dr. Stephen Henson
7d537d4fc7
Add initial support for multiple SSL client certifcate selection in
...
CryptoAPI ENGINE.
2008-06-03 23:54:31 +00:00
Dr. Stephen Henson
ca89fc1fb4
Match empty CA list to anything for ssl client auth in CryptoAPI engine.
2008-06-03 11:37:52 +00:00
Dr. Stephen Henson
b3c8dd4eab
Add preliminary SSL client auth callback to CryptoAPI ENGINE.
2008-06-03 10:27:39 +00:00
Dr. Stephen Henson
eac442ddd3
Windows batch file to rebuild error codes for CryptoAPI ENGINE.
2008-06-02 23:10:34 +00:00
Dr. Stephen Henson
2aa2a5775f
Fix indentation.
2008-06-02 14:29:32 +00:00
Dr. Stephen Henson
953174f46e
Free old store name (if any).
2008-06-01 23:45:11 +00:00
Dr. Stephen Henson
c621c7e432
Add ctrl for alternative certificate store names.
2008-06-01 23:42:49 +00:00
Dr. Stephen Henson
2bbe8f9129
Use keyspec for DSA too.
2008-06-01 23:28:17 +00:00
Dr. Stephen Henson
4be0a5d429
Get and note keyspec when signing.
2008-06-01 23:24:53 +00:00
Dr. Stephen Henson
408f906592
Add CryptoAPI error file too.
2008-05-31 22:50:00 +00:00
Dr. Stephen Henson
7a18ecb2df
Add CryptoAPI ENGINE from stable branch.
2008-05-31 22:49:32 +00:00
Ben Laurie
3c1d6bbc92
LHASH revamp. make depend.
2008-05-26 11:24:29 +00:00
Geoff Thorpe
5ee6f96cea
Paul Sheer optimised the OpenSSL to/from libGMP conversions for the case
...
where they both use the same limb size. I've tweaked his patch slightly, so
blame me if it breaks.
Submitted by: Paul Sheer
Reviewed by: Geoff Thorpe
2008-04-27 18:41:23 +00:00
Lutz Jänicke
0f401ff08b
Add missing 'extern "C" {' to some _err.h files in crypto/engines/
...
PR: 1609
2008-04-18 07:43:26 +00:00
Lutz Jänicke
5558128541
Another minor update from the mingw development
...
PR: 1552
Submitted by: Roumen Petrov <openssl@roumenpetrov.info>
2008-04-18 06:35:55 +00:00
Lutz Jänicke
4c1a6e004a
Apply mingw patches as supplied by Roumen Petrov an Alon Bar-Lev
...
PR: 1552
Submitted by: Roumen Petrov <openssl@roumenpetrov.info>, "Alon Bar-Lev" <alon.barlev@gmail.com>
2008-04-17 10:19:16 +00:00
Dr. Stephen Henson
fe591284be
Update dependencies.
2008-03-22 18:52:03 +00:00
Geoff Thorpe
1e26a8baed
Fix a variety of warnings generated by some elevated compiler-fascism,
...
OPENSSL_NO_DEPRECATED, etc. Steve, please double-check the CMS stuff...
2008-03-16 21:05:46 +00:00
Dr. Stephen Henson
92e2c81aff
Fix error code function name mismatches in GOST engine, rebuild errors.
2008-02-28 13:45:06 +00:00
Andy Polyakov
085ea80371
engine/ccgost Win32 portability fixes.
2008-01-05 21:28:53 +00:00
Dr. Stephen Henson
744ecaa5b6
Avoid WIN32 signed/unsigned warnings.
2008-01-04 00:37:23 +00:00
Dr. Stephen Henson
eef0c1f34c
Netware support.
...
Submitted by: Guenter Knauf <eflash@gmx.net>
2008-01-03 22:43:04 +00:00
Andy Polyakov
339a1820fd
gmp engine was non-operational.
2007-12-04 20:28:52 +00:00
Dr. Stephen Henson
98057eba77
Submitted by: "Victor B. Wagner" <vitus@cryptocom.ru>
...
Update gost algorithm print routines.
2007-11-21 12:39:12 +00:00
Dr. Stephen Henson
097f9d8c52
Avoid warning.
2007-11-20 17:52:02 +00:00
Ben Laurie
10f0c85cfc
Fix warnings.
2007-11-16 03:03:01 +00:00
Dr. Stephen Henson
37210fe7e2
GOST ENGINE information.
2007-10-26 23:50:40 +00:00
Dr. Stephen Henson
0e1dba934f
1. Changes for s_client.c to make it return non-zero exit code in case
...
of handshake failure
2. Changes to x509_certificate_type function (crypto/x509/x509type.c) to
make it recognize GOST certificates as EVP_PKT_SIGN|EVP_PKT_EXCH
(required for s3_srvr to accept GOST client certificates).
3. Changes to EVP
- adding of function EVP_PKEY_CTX_get0_peerkey
- Make function EVP_PKEY_derive_set_peerkey work for context with
ENCRYPT operation, because we use peerkey field in the context to
pass non-ephemeral secret key to GOST encrypt operation.
- added EVP_PKEY_CTRL_SET_IV control command. It is really
GOST-specific, but it is used in SSL code, so it has to go
in some header file, available during libssl compilation
4. Fix to HMAC to avoid call of OPENSSL_cleanse on undefined data
5. Include des.h if KSSL_DEBUG is defined into some libssl files, to
make debugging output which depends on constants defined there, work
and other KSSL_DEBUG output fixes
6. Declaration of real GOST ciphersuites, two authentication methods
SSL_aGOST94 and SSL_aGOST2001 and one key exchange method SSL_kGOST
7. Implementation of these methods.
8. Support for sending unsolicited serverhello extension if GOST
ciphersuite is selected. It is require for interoperability with
CryptoPro CSP 3.0 and 3.6 and controlled by
SSL_OP_CRYPTOPRO_TLSEXT_BUG constant.
This constant is added to SSL_OP_ALL, because it does nothing, if
non-GOST ciphersuite is selected, and all implementation of GOST
include compatibility with CryptoPro.
9. Support for CertificateVerify message without length field. It is
another CryptoPro bug, but support is made unconditional, because it
does no harm for draft-conforming implementation.
10. In tls1_mac extra copy of stream mac context is no more done.
When I've written currently commited code I haven't read
EVP_DigestSignFinal manual carefully enough and haven't noticed that
it does an internal digest ctx copying.
This implementation was tested against
1. CryptoPro CSP 3.6 client and server
2. Cryptopro CSP 3.0 server
2007-10-26 12:06:36 +00:00
Bodo Möller
1b827d7b6f
Clean up error codes a bit.
...
(engines/ccgost/ remains utter chaos, though; "make errors" is not happy.)
2007-09-19 00:58:58 +00:00
Dr. Stephen Henson
3c07d3a3d3
Finish gcc 4.2 changes.
2007-06-07 13:14:42 +00:00
Dr. Stephen Henson
0aa08a2e34
Fix for GOST engine on platforms where sizeof(size_t) != sizeof(int).
2007-05-31 12:32:27 +00:00
Dr. Stephen Henson
7b8b797375
Revert broken change to ccgost.
...
Initialize context properly for HMAC pkey method.
2007-05-22 12:58:39 +00:00
Dr. Stephen Henson
9aba74e55a
Fix warning and back out bad modification.
2007-05-21 12:16:36 +00:00
Andy Polyakov
61775daf00
Padlock engine fails to compile with -O0 -fPIC.
2007-05-20 07:13:45 +00:00
Dr. Stephen Henson
ec06417d52
Updated GOST MAC support.
...
Submitted by: vitus@cryptocom.ru
2007-05-18 15:55:55 +00:00
Dr. Stephen Henson
a4346646f1
Initial GOST MAC support. Not fully working yet...
2007-05-17 17:44:09 +00:00
Ben Laurie
38e952e8ae
Missing config file.
2007-04-05 16:57:07 +00:00
Ben Laurie
2f877235a3
Missing return on error. Coverity ID 115.
2007-04-04 14:38:59 +00:00
Dr. Stephen Henson
9981a51e42
Stage 1 GOST ciphersuite support.
...
Submitted by: ran@cryptocom.ru
Reviewed by: steve@openssl.org
2007-03-23 17:04:05 +00:00
Richard Levitte
ebb326afe6
Synchronise the VMS build with recent movements in the Unix build.
2007-03-23 09:36:33 +00:00
Dr. Stephen Henson
53ca4761cc
PR: 1483
...
Add support for GOST 28147-89 in Gost ENGINE.
2007-02-09 19:43:04 +00:00
Andy Polyakov
00b4e083fd
Move eng_padlock.c to ./engines.
...
Submitted by: Michal Ludvig <michal@logix.cz>
2006-12-29 10:42:24 +00:00
Richard Levitte
ea46f5e0e5
Replace strdup() with BUF_strdup().
2006-12-25 09:43:46 +00:00
Nils Larsch
afda1385bd
use OPENSSL_NO_DYNAMIC_ENGINE macro, disable debug messages
...
PR: 1440
Submitted by: Victor B. Wagner" <vitus@cryptocom.ru>
2006-12-22 09:21:29 +00:00
Dr. Stephen Henson
4d7aff707e
Update dependencies.
2006-11-30 13:41:47 +00:00
Dr. Stephen Henson
8bd11f3ec2
Add .cvsignore
2006-11-21 21:37:41 +00:00
Ben Laurie
84948b39df
Fix various warnings.
2006-11-08 09:45:12 +00:00
Andy Polyakov
d7917c584a
Yet another mingw warning.
2006-10-23 07:45:52 +00:00
Andy Polyakov
1e7b6c029c
Avoid application relink on every make invocation.
2006-10-20 11:23:35 +00:00
Dr. Stephen Henson
6ec6cfc767
Updated file.
2006-09-21 16:19:10 +00:00
Dr. Stephen Henson
44181ea836
Add missing prototype. Fix various warnings (C++ comments, ; outside function).
2006-09-21 13:24:46 +00:00
Dr. Stephen Henson
ffa5ebf3f4
Compile in gost engine.
2006-09-21 13:07:57 +00:00
Dr. Stephen Henson
926c41bd29
Updated version of gost engine.
2006-09-21 13:04:43 +00:00
Dr. Stephen Henson
a04549cc75
GOST public key algorithm ENGINE donated to the OpenSSL by Cryptocom.
...
Very early version, doesn't do much yet, not even added to the build system.
2006-09-17 13:00:18 +00:00
Ulf Möller
4700aea951
Add BeOS support.
...
PR: 1312
Submitted by: Oliver Tappe <zooey@hirschkaefer.de>
Reviewed by: Ulf Moeller
2006-04-11 21:34:21 +00:00
Dr. Stephen Henson
4f59b6587f
Implementation of pkey_rsa_verify. Some constification.
2006-04-10 01:06:17 +00:00
Nils Larsch
33af4421f2
remove unnecessary code
2006-03-18 14:22:20 +00:00
Nils Larsch
67b6f1ca88
fix problems found by coverity: remove useless code
2006-03-15 17:45:43 +00:00
Ulf Möller
3b408d83fe
make update
2006-02-12 23:21:56 +00:00
Ulf Möller
c7235be6e3
RFC 3161 compliant time stamp request creation, response generation
...
and response verification.
Submitted by: Zoltan Glozik <zglozik@opentsa.org>
Reviewed by: Ulf Moeller
2006-02-12 23:11:56 +00:00
Dr. Stephen Henson
15ac971681
Update filenames in makefiles.
2006-02-04 01:45:59 +00:00
Nils Larsch
8c5a2bd6bb
add additional checks + cleanup
...
Submitted by: David Hartman <david_hartman@symantec.com>
2006-01-29 23:12:22 +00:00
Bodo Möller
739a543ea8
Some error code cleanups (SSL lib. used SSL_R_... codes reserved for alerts)
2006-01-08 19:42:30 +00:00
Andy Polyakov
755c5b3330
Fix install problems on MacOS X and HP-UX.
...
PR: 1218,1185
2005-10-25 21:58:59 +00:00
Geoff Thorpe
f920c5b590
Fix signed/unsigned warnings.
2005-07-26 04:25:05 +00:00
Nils Larsch
3eeaab4bed
make
...
./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa]
make depend all test
work again
PR: 1159
2005-07-16 12:37:36 +00:00
Ben Laurie
45d8574b93
Fix warnings.
2005-06-29 10:25:06 +00:00
Andy Polyakov
02c31fa461
Jumbo Makfiles update.
...
- eliminate ambiguities between GNU-ish and SysV-ish make flavors;
- switch [back] to -e;
- fold/unify rules;
This is follow-up to the patch introducing common BUILDENV. Idea is
to collect as much parameters in $(TOP) as possible and "strip" lower
Makefiles for most variables [and thus makes them more readable].
2005-06-23 00:03:26 +00:00
Nils Larsch
edb0600583
clear dso pointer in case of an error
...
PR: 816
2005-06-17 21:26:36 +00:00
Nils Larsch
ac86d923fc
update for the cswift engine:
...
- fix the problem described in bug report 825
- fix a segfault when the engine fails to initialize
- let the engine switch to software when keysize > 2048
PR: 825, 826
Submitted by: Frédéric Giudicelli
2005-06-17 20:27:41 +00:00
Richard Levitte
2333d65880
Change all relevant occurences of 'ncipher' to 'chil'. That's what nCipher always wanted...
2005-05-30 05:17:02 +00:00
Geoff Thorpe
a2c32e2d7f
Change the source and output paths for 'chil' and '4758cca' engines so that
...
dynamic loading is consistent with respect to engine ids.
2005-05-29 19:14:21 +00:00
Geoff Thorpe
60192e96b8
Handle differences between engine IDs and their dynamic library names (and
...
source files, for that matter) by tolerating the alternatives. It would be
preferable to also change the generated shared library names, but that will
be taken up separately.
2005-05-25 02:54:28 +00:00
Richard Levitte
447aa49007
Patches for Cygwin, provided by Corinna Vinschen <vinschen@redhat.com>
2005-05-21 16:41:34 +00:00
Andy Polyakov
ce92b6eb9c
Further BUILDENV refinement, further fool-proofing of Makefiles and
...
[most importantly] put back dependencies accidentaly eliminated in
check-in #13342 .
2005-05-16 16:55:47 +00:00
Andy Polyakov
734540f887
Consolidate BUILDENV [idea is to keep all variables in one place].
2005-05-15 23:53:34 +00:00
Andy Polyakov
81a86fcf17
Fool-proofing Makefiles
2005-05-15 22:23:26 +00:00
Bodo Möller
fbeaa3c47d
Update util/ck_errf.pl script, and have it run automatically
...
during "make errors" and thus during "make update".
Fix lots of bugs that util/ck_errf.pl can detect automatically.
Various others of these are still left to fix; that's why
"make update" will complain loudly when run now.
2005-05-09 00:27:37 +00:00
Andy Polyakov
4c3a2d64e4
Fold rules in test/Makefiles [from stable].
2005-04-30 21:39:39 +00:00
Richard Levitte
4bb61becbb
Add emacs cache files to .cvsignore.
2005-04-11 14:17:07 +00:00
Ben Laurie
41a15c4f0f
Give everything prototypes (well, everything that's actually used).
2005-03-31 09:26:39 +00:00
Ben Laurie
42ba5d2329
Blow away Makefile.ssl.
2005-03-30 13:05:57 +00:00
Geoff Thorpe
9081980565
This fixes the installation target for dynamic engines, which was trying to
...
install to a different location than it had created. (BTW, VMS will need a
matching fix in eng_list.c.) Note, these aren't ssl-specific, so I'm
putting "engines/" into the libs directory rather than at the "--prefix"
level or inside "ssl/".
2004-06-01 03:18:58 +00:00
Andy Polyakov
393b704d28
Minimal work-around for ./engine shared builds. "Minimal" means that I
...
think that proper Makefile clean-up is required.
2004-05-31 22:29:26 +00:00
Geoff Thorpe
f15390bdb4
The inclusion of bn.h from the engine.h API header has been deprecated, so
...
the engine implementations need to include bn.h to manipulate bignums.
2004-05-17 18:56:15 +00:00
Geoff Thorpe
c57bc2dc51
make update
2004-04-19 18:33:41 +00:00
Geoff Thorpe
28ded31b97
More updates for the header cleanups (and apologies, again, for not having
...
consolidated these prior to committing).
2004-04-19 18:30:41 +00:00
Geoff Thorpe
3a87a9b9db
Reduce header interdependencies, initially in engine.h (the rest of the
...
changes are the fallout). As this could break source code that doesn't
directly include headers for interfaces it uses, changes to recursive
includes are covered by the OPENSSL_NO_DEPRECATED symbol. It's better to
define this when building and using openssl, and then adapt code where
necessary - this is how to stay current. However the mechanism exists for
the lethargic.
2004-04-19 17:46:04 +00:00
Geoff Thorpe
ea77fc3380
... and this should likewise fix up those RSA implementations that weren't
...
already built and tested.
2004-03-25 02:55:17 +00:00
Geoff Thorpe
46ef873f0b
By adding a BN_CTX parameter to the 'rsa_mod_exp' callback, private key
...
operations no longer require two distinct BN_CTX structures. This may put
more "strain" on the current BN_CTX implementation (which has a fixed limit
to the number of variables it will hold), but so far this limit is not
triggered by any of the tests pass and I will be changing BN_CTX in the
near future to avoid this problem anyway.
This also changes the default RSA implementation code to use the BN_CTX in
favour of initialising some of its variables locally in each function.
2004-03-25 02:52:04 +00:00
Richard Levitte
4d8743f490
Netware-specific changes,
...
PR: 780
Submitted by: Verdon Walker <VWalker@novell.com>
Reviewed by: Richard Levitte
2003-11-28 13:10:58 +00:00
Geoff Thorpe
d8ec0dcf45
Avoid some shadowed variable names.
...
Submitted by: Nils Larsch
2003-11-04 00:51:32 +00:00
Geoff Thorpe
2754597013
A general spring-cleaning (in autumn) to fix up signed/unsigned warnings.
...
I have tried to convert 'len' type variable declarations to unsigned as a
means to address these warnings when appropriate, but when in doubt I have
used casts in the comparisons instead. The better solution (that would get
us all lynched by API users) would be to go through and convert all the
function prototypes and structure definitions to use unsigned variables
except when signed is necessary. The proliferation of (signed) "int" for
strictly non-negative uses is unfortunate.
2003-10-29 20:24:15 +00:00
Richard Levitte
a99ce1a574
Conform with the standard prototype for engine control functions.
2003-06-26 07:10:10 +00:00
Richard Levitte
98cec7fc7b
make update
2003-06-11 22:27:19 +00:00
Geoff Thorpe
dcfb57c736
This memset() in the ubsec ENGINE is a bug. Zeroing out the result array
...
should not be necessary in any case, but more importantly the result and
input BIGNUMs could be the same, in which case this is clearly a problem.
Submitted by: Jonathan Hersch
Reviewed by: Joe Orton
Approved by: Geoff Thorpe
2003-06-06 17:51:34 +00:00
Richard Levitte
a1d57849b3
make update
2003-01-30 17:53:02 +00:00
Geoff Thorpe
a85bef1899
Commit a slightly modified version of an old experiment to do RSA private
...
key operations using the GMP library. The default is not to build (or use)
this code unless OPENSSL_USE_GMP is defined (because it will impose header
and linker dependencies that might need specifying too).
2003-01-30 15:43:07 +00:00
Richard Levitte
0bdd2da5d2
Ingore the correct flag file.
2003-01-16 21:36:17 +00:00
Geoff Thorpe
0e4aa0d2d2
As with RSA, which was modified recently, this change makes it possible to
...
override key-generation implementations by placing handlers in the methods
for DSA and DH. Also, parameter generation for DSA and DH is possible by
another new handler for each method.
2003-01-15 02:01:55 +00:00
Richard Levitte
448666239c
Name the flag file correctly
2003-01-10 16:04:07 +00:00
Geoff Thorpe
4ebb5293fc
RSA_METHOD now supports key-generation, but (for now) none of these
...
ENGINEs implement it.
2003-01-07 05:53:58 +00:00
Andy Polyakov
97e2e71ef9
HP/UX 11i make gets upset by this line containing nothing but a Tab
2003-01-03 10:32:04 +00:00
Richard Levitte
ad492c3601
Link engines against libcrypto, even when a TCP/IP implementation is
...
specified...
2003-01-02 00:26:01 +00:00
Richard Levitte
5e42f9ab46
make update
2002-12-29 01:38:15 +00:00
Richard Levitte
30c08f2e3d
Update the make system for installations:
...
- define a HERE variable to indicate where the source tree is (used
very little right now)
- make more use of copying and making attribute changes to {file}.new,
and then move it to {file}
- use 'mv -f' to avoid all those questions to the user when the file
in question doesn't have write attributes for that user.
2002-12-15 05:59:13 +00:00
Richard Levitte
1c24347062
Declare another general file.
2002-12-05 01:42:14 +00:00
Richard Levitte
38d6e4bb50
If an application supports static locks, it MUST support dynamic locks as
...
well to be able to use the CHIL engine.
PR: 281
2002-12-05 00:56:58 +00:00
Richard Levitte
ced621e3c2
PR: 381
2002-12-05 00:05:48 +00:00
Richard Levitte
4579924b7e
Cleanse memory using the new OPENSSL_cleanse() function.
...
I've covered all the memset()s I felt safe modifying, but may have missed some.
2002-11-28 08:04:36 +00:00
Richard Levitte
cb21d001c9
DCL logic bugs fixed.
...
(I really need to review my knowledge of the language)
2002-11-14 15:38:47 +00:00