generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
8,513 Commits 16 Branches 258 Tags
Commit Graph

4146 Commits

Author SHA1 Message Date
Dr. Stephen Henson
7e92432b39 Replace FIPS PRNG with AES version. 2007-02-21 16:57:35 +00:00
Dr. Stephen Henson
e3435a51f7 Include changes from 0.9.7-stable. 2007-02-21 13:50:22 +00:00
Dr. Stephen Henson
91588bbb6e FIPS error codes are in fips_err.h not fips_err.c 2007-02-14 13:15:58 +00:00
Dr. Stephen Henson
53ddf0cc10 FIPS portability patches. 
Submitted by:  Brad House <brad@mainstreetsoftworks.com>
 2007-02-05 18:42:12 +00:00
Dr. Stephen Henson
7fa5c5a9f6 Update dependencies. 2007-02-03 17:38:31 +00:00
Dr. Stephen Henson
16fc2d25d3 Constification. 2007-02-03 17:30:41 +00:00
Dr. Stephen Henson
ca36b0969a Remove all error string tables out of fipscanister.o, reorganise 
ERR and SYS error code files to achieve this.
 2007-02-03 17:19:43 +00:00
Dr. Stephen Henson
8e664b2055 Remove ASN1 library (and other) dependencies from fipscanister.o 2007-01-24 13:00:15 +00:00
Dr. Stephen Henson
d02dab1b32 Update version for FIPS2 branch. 2007-01-24 12:42:20 +00:00
Dr. Stephen Henson
c2c47c7f95 Typo. 2007-01-23 18:21:12 +00:00
Dr. Stephen Henson
37e8a08075 Constify tag table. 2007-01-23 17:53:01 +00:00
Dr. Stephen Henson
ab8c8aa404 Move some DSA functions between files to make it possible to use the DSA 
crypto without ASN1 dependency.
 2007-01-23 17:43:57 +00:00
Dr. Stephen Henson
566933a8ba Update from HEAD. 2007-01-21 16:02:37 +00:00
Dr. Stephen Henson
618def59f7 Remove 'done' variable since it stops error codes being reloaded. 2006-12-07 13:23:22 +00:00
Nils Larsch
492a907089 fix function names in RSAerr calls 
PR: 1403
 2006-12-04 20:41:46 +00:00
Dr. Stephen Henson
ea474c567f Rebuild error source files. 2006-11-21 19:27:19 +00:00
Dr. Stephen Henson
0e5d87d76f Fix from HEAD. 2006-11-13 13:23:33 +00:00
Mark J. Cox
055fa1c35c Initialise ctx to NULL to avoid uninitialized free, noticed by 
Steve Kiernan
 2006-09-29 08:20:11 +00:00
Mark J. Cox
6b131d9c45 After tagging, open up 0.9.7m-dev 2006-09-28 12:00:30 +00:00
Mark J. Cox
c830c1a209 Prepare for 0.9.7l release 2006-09-28 11:56:57 +00:00
Mark J. Cox
b213966415 Introduce limits to prevent malicious keys being able to 
cause a denial of service.  (CVE-2006-2940)
[Steve Henson, Bodo Moeller]

Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service.  (CVE-2006-2937)  [Steve Henson]

Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]

Fix SSL client code which could crash if connecting to a
malicious SSLv2 server.  (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]
 2006-09-28 11:53:51 +00:00
Dr. Stephen Henson
4ebd255a5b Fix from head. 2006-09-22 17:06:51 +00:00
Bodo Möller
d9d294463e Ensure that the addition mods[i]+delta cannot overflow in probable_prime(). 
[Problem pointed out by Adam Young <adamy (at) acm.org>]
 2006-09-19 10:00:29 +00:00
Bodo Möller
c2293d2e9a make consistent with 0.9.8-branch version of this file 2006-09-06 06:41:32 +00:00
Mark J. Cox
60bee5d44c Bump for 0.9.7l-dev 2006-09-05 08:38:12 +00:00
Mark J. Cox
975a7a483f Prepare 0.9.7k release 2006-09-05 08:34:07 +00:00
Mark J. Cox
ffa0407233 Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher 
(CVE-2006-4339)  [Ben Laurie and Google Security Team]

Submitted by: Ben Laurie, Google Security Team
Reviewed by: bmoeller, mjc, shenson
 2006-09-05 08:24:14 +00:00
Dr. Stephen Henson
6f414aef0e Update from HEAD. 2006-08-31 20:11:30 +00:00
Dr. Stephen Henson
0f562e2a2c Fix from HEAD. 2006-07-09 12:05:10 +00:00
Bodo Möller
feee55c65d use <poll.h> as by Single Unix Specification 2006-06-30 08:15:13 +00:00
Bodo Möller
81edd235b1 always read if we can't use select because of a too large FD 
(it's non-blocking mode anyway)
 2006-06-28 14:49:39 +00:00
Andy Polyakov
23c13189e9 Mitigate the hazard of cache-collision timing attack on last round 
[from HEAD].
 2006-06-28 08:57:22 +00:00
Richard Levitte
bdd00f8c8a Use poll() when possible to gather Unix randomness entropy 2006-06-27 06:31:48 +00:00
Richard Levitte
e4a901b0b3 Synchronise with the Unix build 2006-06-21 05:08:36 +00:00
Dr. Stephen Henson
e25a2423da Place hex_to_string and string_to_hex in separate source file to avoid 
dragging in extra dependencies when just these functions are used.
 2006-06-20 18:06:40 +00:00
Bodo Möller
094c6aa51d Thread-safety fixes 2006-06-16 01:01:34 +00:00
Bodo Möller
019a63f9c9 Thread-safety fixes 2006-06-14 08:50:11 +00:00
Dr. Stephen Henson
0be0592ec4 Fix from HEAD. 2006-05-17 18:20:53 +00:00
Dr. Stephen Henson
a6fb8a8203 Update for next dev version. 2006-05-04 13:08:01 +00:00
Dr. Stephen Henson
d26d236162 Prepare for release 2006-05-04 12:52:59 +00:00
Dr. Stephen Henson
daaca57e55 Use new fips-1.0 directory in error library. 2006-05-04 12:09:04 +00:00
Dr. Stephen Henson
d4e81773cc Check pbe2->keyfunc->parameter is not NULL before dereferencing. 
PR: 1316
 2006-04-15 17:42:46 +00:00
Dr. Stephen Henson
f4e43726a8 Check flag before calling FIPS_dsa_check(). 2006-03-31 22:44:20 +00:00
Dr. Stephen Henson
6fa6e3e2df Flag to allow use of DSA_METHOD in FIPS mode. 2006-03-31 17:09:46 +00:00
Nils Larsch
e0fe7abeec apply fixes from the cvs head 2006-03-14 09:07:06 +00:00
Dr. Stephen Henson
e8518f847e Check EVP_DigestInit return value in EVP_BytesToKey() and use supported 
algorithm in PKCS12_create in FIPS mode.
 2006-03-01 21:15:24 +00:00
Nils Larsch
5dc96f40ce fix "#ifndef HZ" statement 
PR: 1287
 2006-02-28 20:15:56 +00:00
Dr. Stephen Henson
3c1ee6c147 Fix from HEAD. 2006-02-04 01:50:41 +00:00
Dr. Stephen Henson
a13e6553ad Fix from HEAD. 2006-02-04 01:27:52 +00:00
Nils Larsch
0b51beff26 fix if statement: call conn_state() if the BIO is not in the BIO_CONN_S_OK state 2006-02-02 22:29:55 +00:00