Use right date in FAQ too :-)

client random values.

CHANGES

@@ -2,7 +2,39 @@
  OpenSSL CHANGES
  _______________
 
- Changes between 0.9.7e and 0.9.7f  [XX xxx XXXX]
+ Changes between 0.9.7e and 0.9.7f  [22 Mar 2005]
+
+  *) Use (SSL_RANDOM_VALUE - 4) bytes of pseudo random data when generating
+     server and client random values. Previously
+     (SSL_RANDOM_VALUE - sizeof(time_t)) would be used which would result in
+     less random data when sizeof(time_t) > 4 (some 64 bit platforms).
+
+     This change has negligible security impact because:
+
+     1. Server and client random values still have 24 bytes of pseudo random
+        data.
+
+     2. Server and client random values are sent in the clear in the initial
+        handshake.
+
+     3. The master secret is derived using the premaster secret (48 bytes in
+        size for static RSA ciphersuites) as well as client server and random
+        values.
+
+     The OpenSSL team would like to thank the UK NISCC for bringing this issue
+     to our attention. 
+
+     [Stephen Henson, reported by UK NISCC]
+
+  *) Use Windows randomness collection on Cygwin.
+     [Ulf M<>ller]
+
+  *) Fix hang in EGD/PRNGD query when communication socket is closed
+     prematurely by EGD/PRNGD.
+     [Darren Tucker <dtucker@zip.com.au> via Lutz J<>nicke, resolves #1014]
+
+  *) Prompt for pass phrases when appropriate for PKCS12 input format.
+     [Steve Henson]
 
   *) Back-port of selected performance improvements from development
      branch, as well as improved support for PowerPC platforms.

Configure

@@ -270,10 +270,10 @@ my %table=(
 "hpux64-parisc2-gcc","gcc:-O3 -DB_ENDIAN -DMD32_XARRAY::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC1 DES_INT:asm/pa-risc2W.o:::::::::dlfcn:hpux64-shared:-fpic::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 
 # IA-64 targets
-"hpux-ia64-cc","cc:-Ae +DD32 +O3 +Olit=all -z -DB_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o::::asm/sha1-ia64.o::asm/rc4-ia64.o:::dlfcn:hpux-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux-ia64-cc","cc:-Ae +DD32 +O3 +Olit=all -z -DB_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o::::asm/sha1-ia64.o::asm/rc4-ia64.o:::dlfcn:hpux-shared:+Z::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 # Frank Geurts <frank.geurts@nl.abnamro.com> has patiently assisted with
 # with debugging of the following config.
-"hpux64-ia64-cc","cc:-Ae +DD64 +O3 +Olit=all -z -DB_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o::::asm/sha1-ia64.o::asm/rc4-ia64.o:::dlfcn:hpux64-shared:+Z::.sl.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"hpux64-ia64-cc","cc:-Ae +DD64 +O3 +Olit=all -z -DB_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG MD2_CHAR RC4_INDEX DES_UNROLL DES_RISC1 DES_INT:asm/ia64-cpp.o::::asm/sha1-ia64.o::asm/rc4-ia64.o:::dlfcn:hpux64-shared:+Z::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 
 # More attempts at unified 10.X and 11.X targets for HP C compiler.
 #
@@ -425,7 +425,9 @@ my %table=(
 "qnx6",	"cc:-DL_ENDIAN -DTERMIOS::(unknown)::-lsocket:${x86_gcc_des} ${x86_gcc_opts}:",
 
 # Linux on ARM
-"linux-elf-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+# ARM comes in both little- and big-endian flavors. The following line is
+# endian neutral, but ./config is free to throw in -D[BL]_ENDIAN...
+"linux-elf-arm","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
 
 # SCO/Caldera targets.
 #
@@ -518,17 +520,17 @@ my %table=(
 "BC-16","bcc:::(unknown):WIN16::BN_LLONG DES_PTR RC4_INDEX SIXTEEN_BIT:::",
 
 # MinGW
-"mingw", "gcc:-DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -mno-cygwin -Wall:::MINGW32:-mno-cygwin -lwsock32 -lgdi32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:win32::::.dll",
+"mingw", "gcc:-DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -mno-cygwin -Wall:::MINGW32:-lwsock32 -lgdi32:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:win32:cygwin-shared:-D_DLL:-mno-cygwin:.dll",
 
 # UWIN 
 "UWIN", "cc:-DTERMIOS -DL_ENDIAN -O -Wall:::UWIN::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32",
 
 # Cygwin
 "Cygwin-pre1.3", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::(unknown):CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::win32",
-"Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall:::CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:win32:cygwin-shared:::.dll",
+"Cygwin", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall:::CYGWIN32::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn:cygwin-shared:::.dll",
 
 # DJGPP
-"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall:::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::",
+"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall -DDEVRANDOM=\"/dev/urandom\\x24\":::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::",
 
 # Ultrix from Bernhard Simon <simon@zid.tuwien.ac.at>
 "ultrix-cc","cc:-std1 -O -Olimit 2500 -DL_ENDIAN::(unknown):::::::",
@@ -938,8 +940,7 @@ print "Configuring for $target\n";
 
 my $IsWindows=scalar grep /^$target$/,@WinTargets;
 
-$exe_ext=".exe" if ($target eq "Cygwin");
-$exe_ext=".exe" if ($target eq "DJGPP");
+$exe_ext=".exe" if ($target eq "Cygwin" || $target eq "DJGPP" || $target eq "mingw");
 $exe_ext=".pm" if ($target eq "vos-gcc" or $target eq "debug-vos-gcc" or $target eq "vos-vcc" or $target eq "debug-vos-vcc");
 $openssldir="/usr/local/ssl" if ($openssldir eq "" and $prefix eq "");
 $prefix=$openssldir if $prefix eq "";
@@ -1536,7 +1537,6 @@ EOF
 	} else {
 	    # No path for Perl known ...
 	    &dofile("tools/c_rehash",'/usr/local/bin/perl','^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";');
-	    &dofile("apps/der_chop",'/usr/local/bin/perl','^#!/', '#!%s');
 	    &dofile("apps/CA.pl",'/usr/local/bin/perl','^#!/', '#!%s');
 	}
 	if ($depflags ne "" && !$make_depend) {

FAQ

@@ -70,7 +70,7 @@ OpenSSL  -  Frequently Asked Questions
 * Which is the current version of OpenSSL?
 
 The current version is available from <URL: http://www.openssl.org>.
-OpenSSL 0.9.7e was released on October 25, 2004.
+OpenSSL 0.9.7f was released on March 22, 2005.
 
 In addition to the current stable release, you can also access daily
 snapshots of the OpenSSL development version at <URL:
@@ -472,6 +472,10 @@ This will only compile sha_dgst.c with -O0, the rest with the optimization
 level chosen by the configuration process.  When the above is done, do the
 test and installation and you're set.
 
+3. Reconfigure the toolkit with no-sha0 option to leave out SHA0. It
+should not be used and is not used in SSL/TLS nor any other recognized
+protocol in either case.
+
 
 * Why does the OpenSSL compilation fail with "ar: command not found"?
 

INSTALL.DJGPP

@@ -3,32 +3,45 @@
  INSTALLATION ON THE DOS PLATFORM WITH DJGPP
  -------------------------------------------
 
- Openssl has been ported to DOS, but only with long filename support. If
- you wish to compile on native DOS with 8+3 filenames, you will have to
- tweak the installation yourself, including renaming files with illegal
- or duplicate names.
+ OpenSSL has been ported to DJGPP, a Unix look-alike 32-bit run-time
+ environment for 16-bit DOS, but only with long filename support.
+ If you wish to compile on native DOS with 8+3 filenames, you will
+ have to tweak the installation yourself, including renaming files
+ with illegal or duplicate names.
 
  You should have a full DJGPP environment installed, including the
  latest versions of DJGPP, GCC, BINUTILS, BASH, etc. This package
  requires that PERL and BC also be installed.
 
- All of these can be obtained from the usual DJGPP mirror sites, such
- as "ftp://ftp.simtel.net/pub/simtelnet/gnu/djgpp". You also need to
- have the WATT-32 networking package installed before you try to compile
- openssl. This can be obtained from "http://www.bgnett.no/~giva/".
+ All of these can be obtained from the usual DJGPP mirror sites or
+ directly at "http://www.delorie.com/pub/djgpp". For help on which
+ files to download, see the DJGPP "ZIP PICKER" page at
+ "http://www.delorie.com/djgpp/zip-picker.html". You also need to have
+ the WATT-32 networking package installed before you try to compile
+ OpenSSL. This can be obtained from "http://www.bgnett.no/~giva/".
  The Makefile assumes that the WATT-32 code is in the directory
  specified by the environment variable WATT_ROOT. If you have watt-32
  in directory "watt32" under your main DJGPP directory, specify
  WATT_ROOT="/dev/env/DJDIR/watt32".
 
- To compile openssl, start your BASH shell. Then configure for DOS by
- running "./Configure" with appropriate arguments. The basic syntax for
- DOS is:
- ./Configure no-threads --prefix=/dev/env/DJDIR DJGPP
- 
- You may run out of DPMI selectors when running in a DOS box under
- Windows. If so, just close the BASH shell, go back to Windows, and
- restart BASH. Then run "make" again.
+ To compile OpenSSL, start your BASH shell, then configure for DJGPP by
+ running "./Configure" with appropriate arguments:
 
- Building openssl under DJGPP has been tested with DJGPP 2.03,
- GCC 2.952, GCC 2.953, perl 5.005_02 and perl 5.006_01.
+	./Configure no-threads --prefix=/dev/env/DJDIR DJGPP
+ 
+ And finally fire up "make". You may run out of DPMI selectors when
+ running in a DOS box under Windows. If so, just close the BASH
+ shell, go back to Windows, and restart BASH. Then run "make" again.
+
+ RUN-TIME CAVEAT LECTOR
+ --------------
+
+ Quoting FAQ:
+
+  "Cryptographic software needs a source of unpredictable data to work
+   correctly.  Many open source operating systems provide a "randomness
+   device" (/dev/urandom or /dev/random) that serves this purpose."
+
+ As of version 0.9.7f DJGPP port checks upon /dev/urandom$ for a 3rd
+ party "randomness" DOS driver. One such driver, NOISE.SYS, can be
+ obtained from "http://www.rahul.net/dkaufman/index.html".

Makefile.org

@@ -227,7 +227,7 @@ all: Makefile sub_all openssl.pc
 
 sigs:	$(SIGS)
 libcrypto.a.sha1: libcrypto.a
-	if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
+	@if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
 		$(RANLIB) libcrypto.a; \
 		fips/sha1/fips_standalone_sha1 libcrypto.a > libcrypto.a.sha1; \
 	fi
@@ -334,11 +334,18 @@ do_cygwin-shared:
 	if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
 		libs="$(LIBKRB5) $$libs"; \
 	fi; \
-	( set -x; ${CC}  -shared -o cyg$$i-$(SHLIB_VERSION_NUMBER).dll \
+	shlib=cyg$${i}-$(SHLIB_VERSION_NUMBER).dll; \
+	[ "$(PLATFORM)" = "mingw" ] && shlib=$${i}eay32.dll; \
+	[ -f apps/$$shlib ] && rm apps/$$shlib; \
+	[ -f test/$$shlib ] && rm test/$$shlib; \
+	base=;  [ $$i = "crypto" ] && base=-Wl,--image-base,0xFE00000; \
+	( set -x; ${CC} ${SHARED_LDFLAGS} \
+		-shared $$base -o $$shlib \
 		-Wl,-Bsymbolic \
 		-Wl,--whole-archive lib$$i.a \
 		-Wl,--out-implib,lib$$i.dll.a \
-		-Wl,--no-whole-archive $$libs ) || exit 1; \
+		-Wl,--no-whole-archive $$libs ${EX_LIBS} ) || exit 1; \
+	cp -p $$shlib apps/; cp -p $$shlib test/; \
 	libs="-l$$i $$libs"; \
 	done
 
@@ -479,8 +486,8 @@ do_irix-shared:
 		if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
 			libs="$(LIBKRB5) $$libs"; \
 		fi; \
-		( WHOLELIB="-all lib$$i.a -notall"; \
-		  (${CC} -v 2>&1 | grep gcc) > /dev/null && WHOLELIB="-Wl,-all,lib$$i.a,-notall"; \
+		( WHOLELIB="-all lib$$i.a -none"; \
+		  (${CC} -v 2>&1 | grep gcc) > /dev/null && WHOLELIB="-Wl,-all,lib$$i.a,-none"; \
 		  set -x; ${CC} ${SHARED_LDFLAGS} \
 			-shared -o lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
 			-Wl,-soname,lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR} \
@@ -505,13 +512,18 @@ do_hpux-shared:
 	if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
 		libs="$(LIBKRB5) $$libs"; \
 	fi; \
+	if expr $(PLATFORM) : '.*ia64' > /dev/null; then \
+		shlib=lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR}; \
+	else \
+		shlib=lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR}; \
+	fi; \
+	[ -f $$shlib ] && rm -f $$shlib; \
 	( set -x; /usr/ccs/bin/ld ${SHARED_LDFLAGS} \
 		+vnocompatwarnings \
 		-b -z +s \
-		-o lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-		+h lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \
+		-o $$shlib +h $$shlib \
 		-Fl lib$$i.a -ldld -lc ) || exit 1; \
-	chmod a=rx lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR}; \
+	chmod a=rx $$shlib; \
 	done
 
 # This assumes that GNU utilities are *not* used
@@ -528,12 +540,17 @@ do_hpux64-shared:
 	if [ "${SHLIBDIRS}" = "ssl" -a -n "$(LIBKRB5)" ]; then \
 		libs="$(LIBKRB5) $$libs"; \
 	fi; \
+	if expr $(PLATFORM) : '.*ia64' > /dev/null; then \
+		shlib=lib$$i.so.${SHLIB_MAJOR}.${SHLIB_MINOR}; \
+	else \
+		shlib=lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR}; \
+	fi; \
+	[ -f $$shlib ] && rm -f $$shlib; \
 	( set -x; /usr/ccs/bin/ld ${SHARED_LDFLAGS} \
 		-b -z \
-		-o lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \
-		+h lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR} \
+		-o $$shlib +h $$shlib \
 		+forceload lib$$i.a -ldl -lc ) || exit 1; \
-	chmod a=rx lib$$i.sl.${SHLIB_MAJOR}.${SHLIB_MINOR}; \
+	chmod a=rx $$shlib; \
 	done
 
 # The following method is said to work on all platforms.  Tests will
@@ -629,7 +646,7 @@ clean:	libclean
 	do \
 	if [ -d "$$i" ]; then \
 		(cd $$i && echo "making clean in $$i..." && \
-		$(MAKE) SDIRS='${SDIRS}' clean ) || exit 1; \
+		$(MAKE) EXE_EXT='${EXE_EXT}' SDIRS='${SDIRS}' clean ) || exit 1; \
 		rm -f $(LIBS); \
 	fi; \
 	done;
@@ -681,20 +698,9 @@ dclean:
 
 rehash: rehash.time
 rehash.time: certs
-	@(OPENSSL="`pwd`/apps/openssl$(EXE_EXT)"; OPENSSL_DEBUG_MEMORY=on; \
+	@(OPENSSL="`pwd`/util/opensslwrap.sh"; \
+	  OPENSSL_DEBUG_MEMORY=on; \
 	  export OPENSSL OPENSSL_DEBUG_MEMORY; \
-	  if [ -n "$(SHARED_LIBS)" ]; then \
-	    LD_LIBRARY_PATH="`pwd`:$$LD_LIBRARY_PATH"; \
-	    DYLD_LIBRARY_PATH="`pwd`:$$DYLD_LIBRARY_PATH"; \
-	    SHLIB_PATH="`pwd`:$$SHLIB_PATH"; \
-	    LIBPATH="`pwd`:$$LIBPATH"; \
-	    if [ "$(PLATFORM)" = "Cygwin" ]; then \
-	      PATH="`pwd`:$$PATH"; \
-	    fi; \
-	    LD_PRELOAD="`pwd`/libssl.so `pwd`/libcrypto.so"; \
-	    export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH; \
-	    export LD_PRELOAD; \
-	  fi; \
 	  $(PERL) tools/c_rehash certs)
 	touch rehash.time
 
@@ -703,17 +709,7 @@ test:   tests
 tests: rehash
 	@(cd test && echo "testing..." && \
 	$(MAKE) CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' FIPS_DES_ENC='${FIPS_DES_ENC}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' FIPS_SHA1_ASM_OBJ='${FIPS_SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' TESTS='${TESTS}' KRB5_INCLUDES='${KRB5_INCLUDES}' LIBKRB5='${LIBKRB5}' EXE_EXT='${EXE_EXT}' SHARED_LIBS='${SHARED_LIBS}' SHLIB_EXT='${SHLIB_EXT}' SHLIB_TARGET='${SHLIB_TARGET}' TESTS='${TESTS}' OPENSSL_DEBUG_MEMORY=on tests );
-	@if [ -n "$(SHARED_LIBS)" ]; then \
-	  LD_LIBRARY_PATH="`pwd`:$$LD_LIBRARY_PATH"; \
-	  DYLD_LIBRARY_PATH="`pwd`:$$DYLD_LIBRARY_PATH"; \
-	  SHLIB_PATH="`pwd`:$$SHLIB_PATH"; \
-	  LIBPATH="`pwd`:$$LIBPATH"; \
-	  if [ "$(PLATFORM)" = "Cygwin" ]; then PATH="`pwd`:$$PATH"; fi; \
-	  LD_PRELOAD="`pwd`/libssl.so `pwd`/libcrypto.so"; \
-	  export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH; \
-	  export LD_PRELOAD; \
-	fi; \
-	apps/openssl version -a
+	util/shlib_wrap.sh apps/openssl version -a
 
 report:
 	@$(PERL) util/selftest.pl
@@ -891,7 +887,7 @@ install_docs:
 	@pod2man="`cd util; ./pod2mantest $(PERL)`"; \
 	here="`pwd`"; \
 	filecase=; \
-	if [ "$(PLATFORM)" = "DJGPP" -o "$(PLATFORM)" = "Cygwin" ]; then \
+	if [ "$(PLATFORM)" = "DJGPP" -o "$(PLATFORM)" = "Cygwin" -o "$(PLATFORM)" = "mingw" ]; then \
 		filecase=-i; \
 	fi; \
 	for i in doc/apps/*.pod; do \

NEWS

@@ -5,6 +5,14 @@
   This file gives a brief overview of the major changes between each OpenSSL
   release. For more details please read the CHANGES file.
 
+  Major changes between OpenSSL 0.9.7e and OpenSSL 0.9.7f:
+
+      o Several compilation issues fixed.
+      o Many memory allocation failure checks added.
+      o Improved comparison of X509 Name type.
+      o Mandatory basic checks on certificates.
+      o Performance improvements.
+
   Major changes between OpenSSL 0.9.7d and OpenSSL 0.9.7e:
 
       o Fix race condition in CRL checking code.

README

@@ -1,7 +1,7 @@
 
- OpenSSL 0.9.7e 25 Oct 2004
+ OpenSSL 0.9.7f 22 March 2005
 
- Copyright (c) 1998-2004 The OpenSSL Project
+ Copyright (c) 1998-2005 The OpenSSL Project
  Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
  All rights reserved.
 

STATUS

@@ -1,10 +1,12 @@
 
   OpenSSL STATUS                           Last modified at
-  ______________                           $Date: 2004/03/17 12:01:16 $
+  ______________                           $Date: 2005/03/22 18:17:22 $
 
   DEVELOPMENT STATE
 
     o  OpenSSL 0.9.8:  Under development...
+    o  OpenSSL 0.9.7f: Released on March     22nd, 2005
+    o  OpenSSL 0.9.7e: Released on October   25th, 2004
     o  OpenSSL 0.9.7d: Released on March     17th, 2004
     o  OpenSSL 0.9.7c: Released on September 30th, 2003
     o  OpenSSL 0.9.7b: Released on April     10th, 2003

TABLE

@@ -92,7 +92,7 @@ $cast_obj     = asm/cx86-out.o
 $rc4_obj      = asm/rx86-out.o
 $rmd160_obj   = asm/rm86-out.o
 $rc5_obj      = asm/r586-out.o
-$dso_scheme   = win32
+$dso_scheme   = dlfcn
 $shared_target= cygwin-shared
 $shared_cflag = 
 $shared_ldflag = 
@@ -127,7 +127,7 @@ $arflags      =
 
 *** DJGPP
 $cc           = gcc
-$cflags       = -I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall
+$cflags       = -I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall -DDEVRANDOM="/dev/urandom\x24"
 $unistd       = 
 $thread_cflag = 
 $sys_id       = MSDOS
@@ -2346,7 +2346,7 @@ $dso_scheme   = dlfcn
 $shared_target= hpux-shared
 $shared_cflag = +Z
 $shared_ldflag = 
-$shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
 
@@ -2621,7 +2621,7 @@ $dso_scheme   = dlfcn
 $shared_target= hpux64-shared
 $shared_cflag = +Z
 $shared_ldflag = 
-$shared_extension = .sl.$(SHLIB_MAJOR).$(SHLIB_MINOR)
+$shared_extension = .so.$(SHLIB_MAJOR).$(SHLIB_MINOR)
 $ranlib       = 
 $arflags      = 
 
@@ -3052,7 +3052,7 @@ $arflags      =
 
 *** linux-elf-arm
 $cc           = gcc
-$cflags       = -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall
+$cflags       = -DTERMIO -O3 -fomit-frame-pointer -Wall
 $unistd       = 
 $thread_cflag = -D_REENTRANT
 $sys_id       = 
@@ -3556,7 +3556,7 @@ $cflags       = -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -mno-cygwin -Wal
 $unistd       = 
 $thread_cflag = 
 $sys_id       = MINGW32
-$lflags       = -mno-cygwin -lwsock32 -lgdi32
+$lflags       = -lwsock32 -lgdi32
 $bn_ops       = BN_LLONG DES_PTR DES_RISC1 DES_UNROLL RC4_INDEX MD2_INT
 $bn_obj       = asm/bn86-out.o asm/co86-out.o
 $des_obj      = asm/dx86-out.o asm/yx86-out.o
@@ -3568,9 +3568,9 @@ $rc4_obj      = asm/rx86-out.o
 $rmd160_obj   = asm/rm86-out.o
 $rc5_obj      = asm/r586-out.o
 $dso_scheme   = win32
-$shared_target= 
-$shared_cflag = 
-$shared_ldflag = 
+$shared_target= cygwin-shared
+$shared_cflag = -D_DLL
+$shared_ldflag = -mno-cygwin
 $shared_extension = .dll
 $ranlib       = 
 $arflags      = 

apps/CA.pl.in

@@ -36,13 +36,21 @@
 # default openssl.cnf file has setup as per the following
 # demoCA ... where everything is stored
 
+my $openssl;
+if(defined $ENV{OPENSSL}) {
+	$openssl = $ENV{OPENSSL};
+} else {
+	$openssl = "openssl";
+	$ENV{OPENSSL} = $openssl;
+}
+
 $SSLEAY_CONFIG=$ENV{"SSLEAY_CONFIG"};
 $DAYS="-days 365";
-$REQ="openssl req $SSLEAY_CONFIG";
-$CA="openssl ca $SSLEAY_CONFIG";
-$VERIFY="openssl verify";
-$X509="openssl x509";
-$PKCS12="openssl pkcs12";
+$REQ="$openssl req $SSLEAY_CONFIG";
+$CA="$openssl ca $SSLEAY_CONFIG";
+$VERIFY="$openssl verify";
+$X509="$openssl x509";
+$PKCS12="$openssl pkcs12";
 
 $CATOP="./demoCA";
 $CAKEY="cakey.pem";

apps/CA.sh

@@ -30,11 +30,13 @@
 # default openssl.cnf file has setup as per the following
 # demoCA ... where everything is stored
 
+if [ -z "$OPENSSL" ]; then OPENSSL=openssl; fi
+
 DAYS="-days 365"
-REQ="openssl req $SSLEAY_CONFIG"
-CA="openssl ca $SSLEAY_CONFIG"
-VERIFY="openssl verify"
-X509="openssl x509"
+REQ="$OPENSSL req $SSLEAY_CONFIG"
+CA="$OPENSSL ca $SSLEAY_CONFIG"
+VERIFY="$OPENSSL verify"
+X509="$OPENSSL x509"
 
 CATOP=./demoCA
 CAKEY=./cakey.pem

apps/Makefile

@@ -144,28 +144,18 @@ $(DLIBCRYPTO):
 $(EXE): progs.h $(E_OBJ) $(PROGRAM).o $(DLIBCRYPTO) $(DLIBSSL)
 	$(RM) $(EXE)
 	if [ "$(SHLIB_TARGET)" = "hpux-shared" -o "$(SHLIB_TARGET)" = "darwin-shared" ] ; then \
-	  $(CC) -o $(EXE) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(DLIBSSL) $(LIBKRB5) $(DLIBCRYPTO) $(EX_LIBS) ; \
+	  set -x; $${CC:-$(CC)} -o $(EXE) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(DLIBSSL) $(LIBKRB5) $(DLIBCRYPTO) $(EX_LIBS) ; \
+	elif [ -z "$(SHARED_LIBS)" ]; then \
+	  set -x; $${CC:-$(CC)} -o $(EXE) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS) ; \
 	else \
-	  LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
+	  set -x; LD_LIBRARY_PATH=..:$$LD_LIBRARY_PATH \
 	  $(CC) -o $(EXE) $(CFLAGS) $(PROGRAM).o $(E_OBJ) $(PEX_LIBS) $(LIBSSL) $(LIBKRB5) $(LIBCRYPTO) $(EX_LIBS) ; \
 	fi
 	if egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
 		TOP=$(TOP) $(TOP)/fips/openssl_fips_fingerprint $(TOP)/libcrypto.a $(EXE); \
 	fi
 	-(cd ..; \
-	  OPENSSL="`pwd`/apps/$(EXE)"; export OPENSSL; \
-	  if [ -n "$(SHARED_LIBS)" ]; then \
-	    LD_LIBRARY_PATH="`pwd`:$$LD_LIBRARY_PATH"; \
-	    DYLD_LIBRARY_PATH="`pwd`:$$DYLD_LIBRARY_PATH"; \
-	    SHLIB_PATH="`pwd`:$$SHLIB_PATH"; \
-	    LIBPATH="`pwd`:$$LIBPATH"; \
-	    if [ "$(PLATFORM)" = "Cygwin" ]; then \
-	      PATH="`pwd`:$$PATH"; \
-	    fi; \
-	    LD_PRELOAD="`pwd`/libssl.so `pwd`/libcrypto.so"; \
-	    export LD_LIBRARY_PATH DYLD_LIBRARY_PATH SHLIB_PATH LIBPATH PATH; \
-	    export LD_PRELOAD; \
-	  fi; \
+	  OPENSSL="`pwd`/util/opensslwrap.sh"; export OPENSSL; \
 	  $(PERL) tools/c_rehash certs)
 
 progs.h: progs.pl

apps/apps.c

@@ -330,22 +330,6 @@ void program_name(char *in, char *out, int size)
 #endif
 #endif
 
-#ifdef OPENSSL_SYS_VMS
-int VMS_strcasecmp(const char *str1, const char *str2)
-	{
-	while (*str1 && *str2)
-		{
-		int res = toupper(*str1) - toupper(*str2);
-		if (res) return res < 0 ? -1 : 1;
-		}
-	if (*str1)
-		return 1;
-	if (*str2)
-		return -1;
-	return 0;
-	}
-#endif
-
 int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[])
 	{
 	int num,len,i;
@@ -691,6 +675,51 @@ int add_oid_section(BIO *err, CONF *conf)
 	return 1;
 }
 
+static int load_pkcs12(BIO *err, BIO *in, const char *desc,
+		pem_password_cb *pem_cb,  void *cb_data,
+		EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca)
+	{
+ 	const char *pass;
+	char tpass[PEM_BUFSIZE];
+	int len, ret = 0;
+	PKCS12 *p12;
+	p12 = d2i_PKCS12_bio(in, NULL);
+	if (p12 == NULL)
+		{
+		BIO_printf(err, "Error loading PKCS12 file for %s\n", desc);	
+		goto die;
+		}
+	/* See if an empty password will do */
+	if (PKCS12_verify_mac(p12, "", 0) || PKCS12_verify_mac(p12, NULL, 0))
+		pass = "";
+	else
+		{
+		if (!pem_cb)
+			pem_cb = (pem_password_cb *)password_callback;
+		len = pem_cb(tpass, PEM_BUFSIZE, 0, cb_data);
+		if (len < 0) 
+			{
+			BIO_printf(err, "Passpharse callback error for %s\n",
+					desc);
+			goto die;
+			}
+		if (len < PEM_BUFSIZE)
+			tpass[len] = 0;
+		if (!PKCS12_verify_mac(p12, tpass, len))
+			{
+			BIO_printf(err,
+	"Mac verify error (wrong password?) in PKCS12 file for %s\n", desc);	
+			goto die;
+			}
+		pass = tpass;
+		}
+	ret = PKCS12_parse(p12, pass, pkey, cert, ca);
+	die:
+	if (p12)
+		PKCS12_free(p12);
+	return ret;
+	}
+
 X509 *load_cert(BIO *err, const char *file, int format,
 	const char *pass, ENGINE *e, const char *cert_descrip)
 	{
@@ -771,11 +800,9 @@ X509 *load_cert(BIO *err, const char *file, int format,
 			(pem_password_cb *)password_callback, NULL);
 	else if (format == FORMAT_PKCS12)
 		{
-		PKCS12 *p12 = d2i_PKCS12_bio(cert, NULL);
-
-		PKCS12_parse(p12, NULL, NULL, &x, NULL);
-		PKCS12_free(p12);
-		p12 = NULL;
+		if (!load_pkcs12(err, cert,cert_descrip, NULL, NULL,
+					NULL, &x, NULL))
+			goto end;
 		}
 	else	{
 		BIO_printf(err,"bad input format specified for %s\n",
@@ -854,11 +881,10 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
 #endif
 	else if (format == FORMAT_PKCS12)
 		{
-		PKCS12 *p12 = d2i_PKCS12_bio(key, NULL);
-
-		PKCS12_parse(p12, pass, &pkey, NULL, NULL);
-		PKCS12_free(p12);
-		p12 = NULL;
+		if (!load_pkcs12(err, key, key_descrip,
+				(pem_password_cb *)password_callback, &cb_data,
+				&pkey, NULL, NULL))
+			goto end;
 		}
 	else
 		{

apps/dgst.c

@@ -78,7 +78,7 @@ static HMAC_CTX hmac_ctx;
 
 int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
 	  EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title,
-	  const char *file,BIO *bmd,const char *hmac_key);
+	  const char *file,BIO *bmd,const char *hmac_key, int non_fips_allow);
 
 int MAIN(int, char **);
 
@@ -108,6 +108,7 @@ int MAIN(int argc, char **argv)
 	char *engine=NULL;
 #endif
 	char *hmac_key=NULL;
+	int non_fips_allow = 0;
 
 	apps_startup();
 
@@ -192,6 +193,8 @@ int MAIN(int argc, char **argv)
 			out_bin = 1;
 		else if (strcmp(*argv,"-d") == 0)
 			debug=1;
+		else if (strcmp(*argv,"-non-fips-allow") == 0)
+			non_fips_allow=1;
 		else if (!strcmp(*argv,"-hmac"))
 			{
 			if (--argc < 1)
@@ -342,10 +345,18 @@ int MAIN(int argc, char **argv)
 		}
 	}
 
+	if (non_fips_allow)
+		{
+		EVP_MD_CTX *md_ctx;
+		BIO_get_md_ctx(bmd,&md_ctx);
+		EVP_MD_CTX_set_flags(md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+		}
+
 	/* we use md as a filter, reading from 'in' */
 	if (!BIO_set_md(bmd,md))
 		{
-		BIO_printf(bio_err, "Error setting digest %s\n", pname);
+		BIO_printf(bio_err, "Error setting digest %s\n",
+							EVP_MD_name(md));
 		ERR_print_errors(bio_err);
 		goto end;
 		}
@@ -356,7 +367,7 @@ int MAIN(int argc, char **argv)
 		{
 		BIO_set_fp(in,stdin,BIO_NOCLOSE);
 		err=do_fp(out, buf,inp,separator, out_bin, sigkey, sigbuf,
-			  siglen,"","(stdin)",bmd,hmac_key);
+			  siglen,"","(stdin)",bmd,hmac_key, non_fips_allow);
 		}
 	else
 		{
@@ -382,7 +393,7 @@ int MAIN(int argc, char **argv)
 			else
 				tmp="";
 			r=do_fp(out,buf,inp,separator,out_bin,sigkey,sigbuf,
-				siglen,tmp,argv[i],bmd,hmac_key);
+				siglen,tmp,argv[i],bmd,hmac_key,non_fips_allow);
 			if(r)
 			    err=r;
 			if(tofree)
@@ -409,7 +420,7 @@ end:
 
 int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
 	  EVP_PKEY *key, unsigned char *sigin, int siglen, const char *title,
-	  const char *file,BIO *bmd,const char *hmac_key)
+	  const char *file,BIO *bmd,const char *hmac_key, int non_fips_allow)
 	{
 	unsigned int len;
 	int i;
@@ -420,7 +431,11 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
 		EVP_MD *md;
 
 		BIO_get_md(bmd,&md);
-		HMAC_Init(&hmac_ctx,hmac_key,strlen(hmac_key),md);
+		HMAC_CTX_init(&hmac_ctx);
+		if (non_fips_allow)
+			HMAC_CTX_set_flags(&hmac_ctx,
+					EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+		HMAC_Init_ex(&hmac_ctx,hmac_key,strlen(hmac_key),md, NULL);
 		BIO_get_md_ctx(bmd,&md_ctx);
 		BIO_set_md_ctx(bmd,&hmac_ctx.md_ctx);
 		}

apps/enc.c

@@ -118,6 +118,7 @@ int MAIN(int argc, char **argv)
 	int enc=1,printkey=0,i,base64=0;
 	int debug=0,olb64=0,nosalt=0;
 	const EVP_CIPHER *cipher=NULL,*c;
+	EVP_CIPHER_CTX *ctx = NULL;
 	char *inf=NULL,*outf=NULL;
 	BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL;
 #define PROG_NAME_SIZE  39
@@ -126,6 +127,7 @@ int MAIN(int argc, char **argv)
 	char *engine = NULL;
 #endif
 	const EVP_MD *dgst=NULL;
+	int non_fips_allow = 0;
 
 	apps_startup();
 
@@ -260,6 +262,8 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) goto bad;
 			md= *(++argv);
 			}
+		else if (strcmp(*argv,"-non-fips-allow") == 0)
+			non_fips_allow = 1;
 		else if	((argv[0][0] == '-') &&
 			((c=EVP_get_cipherbyname(&(argv[0][1]))) != NULL))
 			{
@@ -539,13 +543,43 @@ bad:
 
 		if ((benc=BIO_new(BIO_f_cipher())) == NULL)
 			goto end;
-		BIO_set_cipher(benc,cipher,key,iv,enc);
-		if (nopad)
+
+		/* Since we may be changing parameters work on the encryption
+		 * context rather than calling BIO_set_cipher().
+		 */
+
+		BIO_get_cipher_ctx(benc, &ctx);
+		if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, enc))
 			{
-			EVP_CIPHER_CTX *ctx;
-			BIO_get_cipher_ctx(benc, &ctx);
-			EVP_CIPHER_CTX_set_padding(ctx, 0);
+			BIO_printf(bio_err, "Error setting cipher %s\n",
+					EVP_CIPHER_name(cipher));
+			ERR_print_errors(bio_err);
+			goto end;
 			}
+
+		if (non_fips_allow)
+			EVP_CIPHER_CTX_set_flags(ctx,
+				EVP_CIPH_FLAG_NON_FIPS_ALLOW);
+
+		if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, enc))
+			{
+			BIO_printf(bio_err, "Error setting cipher %s\n",
+					EVP_CIPHER_name(cipher));
+			ERR_print_errors(bio_err);
+			goto end;
+			}
+
+		if (nopad)
+			EVP_CIPHER_CTX_set_padding(ctx, 0);
+
+		if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, enc))
+			{
+			BIO_printf(bio_err, "Error setting cipher %s\n",
+					EVP_CIPHER_name(cipher));
+			ERR_print_errors(bio_err);
+			goto end;
+			}
+
 		if (debug)
 			{
 			BIO_set_callback(benc,BIO_debug_callback);

apps/openssl.c

@@ -247,7 +247,7 @@ int main(int Argc, char *Argv[])
 		if (!FIPS_mode_set(1,p)) {
 			ERR_load_crypto_strings();
 			ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
-			exit(1);
+			EXIT(1);
 		}
 		in_FIPS_mode = 1;
 		if (getenv("OPENSSL_FIPS_MD5"))

apps/pkcs12.c

@@ -109,7 +109,7 @@ int MAIN(int argc, char **argv)
     int maciter = PKCS12_DEFAULT_ITER;
     int twopass = 0;
     int keytype = 0;
-    int cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC;
+    int cert_pbe;
     int key_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
     int ret = 1;
     int macver = 1;
@@ -126,6 +126,13 @@ int MAIN(int argc, char **argv)
 
     apps_startup();
 
+#ifdef OPENSSL_FIPS
+    if (FIPS_mode())
+	cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
+    else
+#endif
+    cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC;
+
     enc = EVP_des_ede3_cbc();
     if (bio_err == NULL ) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
 

apps/req.c

@@ -175,7 +175,7 @@ int MAIN(int argc, char **argv)
 	char *passin = NULL, *passout = NULL;
 	char *p;
 	char *subj = NULL;
-	const EVP_MD *md_alg=NULL,*digest=EVP_md5();
+	const EVP_MD *md_alg=NULL,*digest;
 	unsigned long chtype = MBSTRING_ASC;
 #ifndef MONOLITH
 	char *to_free;
@@ -197,6 +197,13 @@ int MAIN(int argc, char **argv)
 	informat=FORMAT_PEM;
 	outformat=FORMAT_PEM;
 
+#ifdef  OPENSSL_FIPS
+	if (FIPS_mode())
+		digest = EVP_sha1();
+	else
+#endif
+		digest = EVP_md5();
+
 	prog=argv[0];
 	argc--;
 	argv++;

apps/s_client.c

@@ -197,6 +197,9 @@ static void sc_usage(void)
 	BIO_printf(bio_err," -pause        - sleep(1) after each read(2) and write(2) system call\n");
 	BIO_printf(bio_err," -showcerts    - show all certificates in the chain\n");
 	BIO_printf(bio_err," -debug        - extra output\n");
+#ifdef WATT32
+	BIO_printf(bio_err," -wdebug       - WATT-32 tcp debugging\n");
+#endif
 	BIO_printf(bio_err," -msg          - Show protocol messages\n");
 	BIO_printf(bio_err," -nbio_test    - more ssl protocol testing\n");
 	BIO_printf(bio_err," -state        - print the 'ssl' states\n");
@@ -348,6 +351,10 @@ int MAIN(int argc, char **argv)
 			c_Pause=1;
 		else if	(strcmp(*argv,"-debug") == 0)
 			c_debug=1;
+#ifdef WATT32
+		else if	(strcmp(*argv,"-wdebug") == 0)
+			dbug_init();
+#endif
 		else if	(strcmp(*argv,"-msg") == 0)
 			c_msg=1;
 		else if	(strcmp(*argv,"-showcerts") == 0)
@@ -588,6 +595,8 @@ re_start:
 	if (starttls_proto == 1)
 		{
 		BIO_read(sbio,mbuf,BUFSIZZ);
+		BIO_printf(sbio,"EHLO some.host.name\r\n");
+		BIO_read(sbio,mbuf,BUFSIZZ);
 		BIO_printf(sbio,"STARTTLS\r\n");
 		BIO_read(sbio,sbuf,BUFSIZZ);
 		}

apps/s_socket.c

@@ -153,7 +153,6 @@ static int ssl_sock_init(void)
 #ifdef WATT32
 	extern int _watt_do_exit;
 	_watt_do_exit = 0;
-	dbug_init();
 	if (sock_init())
 		return (0);
 #elif defined(OPENSSL_SYS_WINDOWS)

apps/x509.c

@@ -179,7 +179,7 @@ int MAIN(int argc, char **argv)
 	X509_REQ *rq=NULL;
 	int fingerprint=0;
 	char buf[256];
-	const EVP_MD *md_alg,*digest=EVP_md5();
+	const EVP_MD *md_alg,*digest;
 	CONF *extconf = NULL;
 	char *extsect = NULL, *extfile = NULL, *passin = NULL, *passargin = NULL;
 	int need_rand = 0;
@@ -216,6 +216,13 @@ int MAIN(int argc, char **argv)
 	if (ctx == NULL) goto end;
 	X509_STORE_set_verify_cb_func(ctx,callb);
 
+#ifdef  OPENSSL_FIPS
+	if (FIPS_mode())
+		digest = EVP_sha1();
+	else
+#endif
+		digest = EVP_md5();
+
 	argc--;
 	argv++;
 	num=0;

config

@@ -491,29 +491,29 @@ case "$GUESSOS" in
 	OUT="irix-$CC"
 	;;
   mips3-sgi-irix)
-	CPU=`(hinv -t cpu) 2>/dev/null | head -1 | sed 's/^CPU:[^R]*R\([0-9]*\).*/\1/'`
-	CPU=${CPU:-0}
-	if [ $CPU -ge 5000 ]; then
-		options="$options -mips4"
-	else
-		options="$options -mips3"
-	fi
+	#CPU=`(hinv -t cpu) 2>/dev/null | head -1 | sed 's/^CPU:[^R]*R\([0-9]*\).*/\1/'`
+	#CPU=${CPU:-0}
+	#if [ $CPU -ge 5000 ]; then
+	#	options="$options -mips4"
+	#else
+	#	options="$options -mips3"
+	#fi
 	OUT="irix-mips3-$CC"
 	;;
   mips4-sgi-irix64)
 	echo "WARNING! If you wish to build 64-bit library, then you have to"
 	echo "         invoke './Configure irix64-mips4-$CC' *manually*."
-	if [ "$TEST" = "false" ]; then
+	if [ "$TEST" = "false" -a -t 1 ]; then
 	  echo "         You have about 5 seconds to press Ctrl-C to abort."
-	  (stty -icanon min 0 time 50; read waste) < /dev/tty
+	  (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
 	fi
-        CPU=`(hinv -t cpu) 2>/dev/null | head -1 | sed 's/^CPU:[^R]*R\([0-9]*\).*/\1/'`
-        CPU=${CPU:-0}
-        if [ $CPU -ge 5000 ]; then
-                options="$options -mips4"
-        else
-                options="$options -mips3"
-        fi
+        #CPU=`(hinv -t cpu) 2>/dev/null | head -1 | sed 's/^CPU:[^R]*R\([0-9]*\).*/\1/'`
+        #CPU=${CPU:-0}
+        #if [ $CPU -ge 5000 ]; then
+        #        options="$options -mips4"
+        #else
+        #        options="$options -mips3"
+        #fi
 	OUT="irix-mips3-$CC"
 	;;
   alpha-*-linux2)
@@ -549,9 +549,9 @@ EOF
   ppc64-*-linux2)
 	echo "WARNING! If you wish to build 64-bit library, then you have to"
 	echo "         invoke './Configure linux-ppc64' *manually*."
-	if [ "$TEST" = "false" ]; then
+	if [ "$TEST" = "false" -a -t 1 ]; then
 	    echo "         You have about 5 seconds to press Ctrl-C to abort."
-	    (stty -icanon min 0 time 50; read waste) < /dev/tty
+	    (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
 	fi
 	OUT="linux-ppc"
 	;;
@@ -565,9 +565,9 @@ EOF
 	echo "WARNING! If you *know* that your GNU C supports 64-bit/V9 ABI"
 	echo "         and wish to build 64-bit library, then you have to"
 	echo "         invoke './Configure linux64-sparcv9' *manually*."
-	if [ "$TEST" = "false" ]; then
+	if [ "$TEST" = "false" -a -t 1 ]; then
 	  echo "          You have about 5 seconds to press Ctrl-C to abort."
-	  (stty -icanon min 0 time 50; read waste) < /dev/tty
+	  (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
 	fi
 	OUT="linux-sparcv9" ;;
   sparc-*-linux2)
@@ -598,7 +598,9 @@ EOF
 
 	options="$options -mschedule=$CPUSCHEDULE -march=$CPUARCH"
 	OUT="linux-parisc" ;;
-  arm*-*-linux2) OUT="linux-elf-arm" ;;
+  arm*b-*-linux2) OUT="linux-elf-arm"; options="$options -DB_ENDIAN" ;;
+  arm*l-*-linux2) OUT="linux-elf-arm"; options="$options -DL_ENDIAN" ;;
+  arm*-*-linux2)  OUT="linux-elf-arm" ;;
   s390-*-linux2) OUT="linux-s390" ;;
   s390x-*-linux?) OUT="linux-s390x" ;;
   x86_64-*-linux?) OUT="linux-x86_64" ;;
@@ -622,9 +624,9 @@ EOF
 	    if [ "$CC" = "cc" -a $CCVER -ge 50 ]; then
 		echo "WARNING! If you wish to build 64-bit library, then you have to"
 		echo "         invoke './Configure solaris64-sparcv9-cc' *manually*."
-		if [ "$TEST" = "false" ]; then
+		if [ "$TEST" = "false" -a -t 1 ]; then
 		  echo "         You have about 5 seconds to press Ctrl-C to abort."
-		  (stty -icanon min 0 time 50; read waste) < /dev/tty
+		  (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
 		fi
 	    elif [ "$CC" = "gcc" -a "$GCC_ARCH" = "-m64" ]; then
 		# $GCC_ARCH denotes default ABI chosen by compiler driver
@@ -634,17 +636,17 @@ EOF
 		OUT="solaris64-sparcv9-gcc"
 		echo "WARNING! If you wish to build 32-bit library, then you have to"
 		echo "         invoke './Configure solaris-sparcv9-gcc' *manually*."
-		if [ "$TEST" = "false" ]; then
+		if [ "$TEST" = "false" -a -t 1 ]; then
 		  echo "         You have about 5 seconds to press Ctrl-C to abort."
-		  (stty -icanon min 0 time 50; read waste) < /dev/tty
+		  (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
 		fi
 	    elif [ "$GCC_ARCH" = "-m32" ]; then
 		echo "NOTICE! If you *know* that your GNU C supports 64-bit/V9 ABI"
 		echo "        and wish to build 64-bit library, then you have to"
 		echo "        invoke './Configure solaris64-sparcv9-gcc' *manually*."
-		if [ "$TEST" = "false" ]; then
+		if [ "$TEST" = "false" -a -t 1 ]; then
 		  echo "         You have about 5 seconds to press Ctrl-C to abort."
-		  (stty -icanon min 0 time 50; read waste) < /dev/tty
+		  (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
 		fi
 	    fi
 	fi
@@ -720,9 +722,9 @@ EOF
 	     echo "WARNING! 64-bit ABI is the default configured ABI on HP-UXi."
 	     echo "         If you wish to build 32-bit library, the you have to"
 	     echo "         invoke './Configure hpux-ia64-cc' *manually*."
-	     if [ "$TEST" = "false" ]; then
+	     if [ "$TEST" = "false" -a -t 1 ]; then
 		echo "         You have about 5 seconds to press Ctrl-C to abort."
-		(stty -icanon min 0 time 50; read waste) < /dev/tty
+		(trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
 	     fi
 	     OUT="hpux64-ia64-cc"
 	elif [ $CPU_VERSION -ge 532 ]; then	# PA-RISC 2.x CPU
@@ -732,9 +734,9 @@ EOF
 	     if [ $KERNEL_BITS -eq 64 -a "$CC" = "cc" ]; then
 		echo "WARNING! If you wish to build 64-bit library then you have to"
 		echo "         invoke './Configure hpux64-parisc2-cc' *manually*."
-		if [ "$TEST" = "false" ]; then
+		if [ "$TEST" = "false" -a -t 1 ]; then
 		  echo "         You have about 5 seconds to press Ctrl-C to abort."
-		  (stty -icanon min 0 time 50; read waste) < /dev/tty
+		  (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
 		fi
 	     fi
 	elif [ $CPU_VERSION -ge 528 ]; then	# PA-RISC 1.1+ CPU
@@ -760,9 +762,9 @@ EOF
 	    if [ $KERNEL_BITS -eq 64 ]; then
 		echo "WARNING! If you wish to build 64-bit kit, then you have to"
 		echo "         invoke './Configure aix64-cc' *manually*."
-		if [ "$TEST" = "false" ]; then
+		if [ "$TEST" = "false" -a -t 1 ]; then
 		    echo "         You have ~5 seconds to press Ctrl-C to abort."
-		    (/bin/stty -icanon min 0 time 50; read waste) < /dev/tty
+		    (trap "stty `stty -g`" 2 0; stty -icanon min 0 time 50; read waste) <&1
 		fi
 	    fi
 	fi

crypto/Makefile

@@ -94,10 +94,9 @@ lib:	$(LIBOBJ)
 	@touch lib
 
 shared: buildinf.h lib subdirs
-	if [ -n "$(SHARED_LIBS)" ]; then \
-	    if ! egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null; then \
+	@if [ -n "$(SHARED_LIBS)" ]; then \
+		egrep 'define OPENSSL_FIPS' $(TOP)/include/openssl/opensslconf.h > /dev/null || \
 		(cd ..; $(MAKE) $(SHARED_LIB)); \
-	    fi \
 	fi
 
 libs:
@@ -202,8 +201,8 @@ mem_dbg.o: ../include/openssl/err.h ../include/openssl/lhash.h
 mem_dbg.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
 mem_dbg.o: ../include/openssl/safestack.h ../include/openssl/stack.h
 mem_dbg.o: ../include/openssl/symhacks.h cryptlib.h mem_dbg.c
-o_str.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h o_str.c
-o_str.o: o_str.h
+o_str.o: ../e_os.h ../include/openssl/e_os2.h ../include/openssl/opensslconf.h
+o_str.o: o_str.c o_str.h
 o_time.o: ../include/openssl/e_os2.h ../include/openssl/opensslconf.h o_time.c
 o_time.o: o_time.h
 tmdiff.o: ../e_os.h ../include/openssl/bio.h ../include/openssl/buffer.h

crypto/aes/aes_cbc.c

@@ -66,6 +66,7 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
 	unsigned long n;
 	unsigned long len = length;
 	unsigned char tmp[AES_BLOCK_SIZE];
+	const unsigned char *iv = ivec;
 
 	assert(in && out && key && ivec);
 	assert((AES_ENCRYPT == enc)||(AES_DECRYPT == enc));
@@ -73,22 +74,39 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
 	if (AES_ENCRYPT == enc) {
 		while (len >= AES_BLOCK_SIZE) {
 			for(n=0; n < AES_BLOCK_SIZE; ++n)
-				tmp[n] = in[n] ^ ivec[n];
-			AES_encrypt(tmp, out, key);
-			memcpy(ivec, out, AES_BLOCK_SIZE);
+				out[n] = in[n] ^ iv[n];
+			AES_encrypt(out, out, key);
+			iv = out;
 			len -= AES_BLOCK_SIZE;
 			in += AES_BLOCK_SIZE;
 			out += AES_BLOCK_SIZE;
 		}
 		if (len) {
 			for(n=0; n < len; ++n)
-				tmp[n] = in[n] ^ ivec[n];
+				out[n] = in[n] ^ iv[n];
 			for(n=len; n < AES_BLOCK_SIZE; ++n)
-				tmp[n] = ivec[n];
-			AES_encrypt(tmp, tmp, key);
-			memcpy(out, tmp, AES_BLOCK_SIZE);
-			memcpy(ivec, tmp, AES_BLOCK_SIZE);
-		}			
+				out[n] = iv[n];
+			AES_encrypt(out, out, key);
+			iv = out;
+		}
+		memcpy(ivec,iv,AES_BLOCK_SIZE);
+	} else if (in != out) {
+		while (len >= AES_BLOCK_SIZE) {
+			AES_decrypt(in, out, key);
+			for(n=0; n < AES_BLOCK_SIZE; ++n)
+				out[n] ^= iv[n];
+			iv = in;
+			len -= AES_BLOCK_SIZE;
+			in  += AES_BLOCK_SIZE;
+			out += AES_BLOCK_SIZE;
+		}
+		if (len) {
+			AES_decrypt(in,tmp,key);
+			for(n=0; n < len; ++n)
+				out[n] = tmp[n] ^ iv[n];
+			iv = in;
+		}
+		memcpy(ivec,iv,AES_BLOCK_SIZE);
 	} else {
 		while (len >= AES_BLOCK_SIZE) {
 			memcpy(tmp, in, AES_BLOCK_SIZE);
@@ -102,10 +120,12 @@ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
 		}
 		if (len) {
 			memcpy(tmp, in, AES_BLOCK_SIZE);
-			AES_decrypt(tmp, tmp, key);
+			AES_decrypt(tmp, out, key);
 			for(n=0; n < len; ++n)
-				out[n] = tmp[n] ^ ivec[n];
+				out[n] ^= ivec[n];
+			for(n=len; n < AES_BLOCK_SIZE; ++n)
+				out[n] = tmp[n];
 			memcpy(ivec, tmp, AES_BLOCK_SIZE);
-		}			
+		}
 	}
 }

crypto/aes/aes_cfb.c

@@ -158,61 +158,35 @@ void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
 
 /* This expects a single block of size nbits for both in and out. Note that
    it corrupts any extra bits in the last byte of out */
-/* Untested, once it is working, it will be optimised */
 void AES_cfbr_encrypt_block(const unsigned char *in,unsigned char *out,
 			    const int nbits,const AES_KEY *key,
 			    unsigned char *ivec,const int enc)
     {
-    int n;
+    int n,rem,num;
     unsigned char ovec[AES_BLOCK_SIZE*2];
 
-    assert(in && out && key && ivec);
-    if(enc)
-	{
+    if (nbits<=0 || nbits>128) return;
+
+	/* fill in the first half of the new IV with the current IV */
+	memcpy(ovec,ivec,AES_BLOCK_SIZE);
 	/* construct the new IV */
-	AES_encrypt(ivec,ovec,key);
-	/* encrypt the input */
-	for(n=0 ; n < (nbits+7)/8 ; ++n)
-	    out[n]=in[n]^ovec[n];
-	/* fill in the first half of the new IV with the current IV */
-	memcpy(ovec,ivec,AES_BLOCK_SIZE);
-	/* and put the ciphertext in the second half */
-	memcpy(ovec+AES_BLOCK_SIZE,out,(nbits+7)/8);
-	/* shift ovec left most of the bits... */
-	memmove(ovec,ovec+nbits/8,AES_BLOCK_SIZE+(nbits%8 ? 1 : 0));
-	/* now the remaining bits */
-	if(nbits%8 != 0)
+	AES_encrypt(ivec,ivec,key);
+	num = (nbits+7)/8;
+	if (enc)	/* encrypt the input */
+	    for(n=0 ; n < num ; ++n)
+		out[n] = (ovec[AES_BLOCK_SIZE+n] = in[n] ^ ivec[n]);
+	else		/* decrypt the input */
+	    for(n=0 ; n < num ; ++n)
+		out[n] = (ovec[AES_BLOCK_SIZE+n] = in[n]) ^ ivec[n];
+	/* shift ovec left... */
+	rem = nbits%8;
+	num = nbits/8;
+	if(rem==0)
+	    memcpy(ivec,ovec+num,AES_BLOCK_SIZE);
+	else
 	    for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
-		{
-		ovec[n]<<=nbits%8;
-		ovec[n]|=ovec[n+1]>>(8-nbits%8);
-		}
-	/* finally, move it back into place */
-	memcpy(ivec,ovec,AES_BLOCK_SIZE);
-	}
-    else
-	{
-	/* construct the new IV in the first half of ovec */
-	AES_encrypt(ivec,ovec,key);
-	/* decrypt the input */
-	for(n=0 ; n < (nbits+7)/8 ; ++n)
-	    out[n]=in[n]^ovec[n];
-	/* fill in the first half of the new IV with the current IV */
-	memcpy(ovec,ivec,AES_BLOCK_SIZE);
-	/* append the ciphertext */
-	memcpy(ovec+AES_BLOCK_SIZE,in,(nbits+7)/8);
-	/* shift ovec left most of the bits... */
-	memmove(ovec,ovec+nbits/8,AES_BLOCK_SIZE+(nbits%8 ? 1 : 0));
-	/* now the remaining bits */
-	if(nbits%8 != 0)
-	    for(n=0 ; n < AES_BLOCK_SIZE ; ++n)
-		{
-		ovec[n]<<=nbits%8;
-		ovec[n]|=ovec[n+1]>>(8-nbits%8);
-		}
-	/* finally, move it back into place */
-	memcpy(ivec,ovec,AES_BLOCK_SIZE);
-	}
+		ivec[n] = ovec[n+num]<<rem | ovec[n+num+1]>>(8-rem);
+
     /* it is not necessary to cleanse ovec, since the IV is not secret */
     }
 

crypto/asn1/a_type.c

@@ -71,7 +71,10 @@ int ASN1_TYPE_get(ASN1_TYPE *a)
 void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value)
 	{
 	if (a->value.ptr != NULL)
-		ASN1_primitive_free((ASN1_VALUE **)&a, NULL);
+		{
+		ASN1_TYPE **tmp_a = &a;
+		ASN1_primitive_free((ASN1_VALUE **)tmp_a, NULL);
+		}
 	a->type=type;
 	a->value.ptr=value;
 	}

crypto/asn1/a_verify.c

@@ -142,6 +142,13 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat
 		goto err;
 		}
 
+	if (!EVP_VerifyInit_ex(&ctx,type, NULL))
+		{
+		ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB);
+		ret=0;
+		goto err;
+		}
+
 	inl = ASN1_item_i2d(asn, &buf_in, it);
 	
 	if (buf_in == NULL)
@@ -150,7 +157,6 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat
 		goto err;
 		}
 
-	EVP_VerifyInit_ex(&ctx,type, NULL);
 	EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl);
 
 	OPENSSL_cleanse(buf_in,(unsigned int)inl);

crypto/asn1/x_name.c

@@ -160,21 +160,22 @@ static int x509_name_ex_d2i(ASN1_VALUE **val, unsigned char **in, long len, cons
 					int tag, int aclass, char opt, ASN1_TLC *ctx)
 {
 	unsigned char *p = *in, *q;
-	STACK *intname = NULL;
+	STACK *intname = NULL, **intname_pp = &intname;
 	int i, j, ret;
-	X509_NAME *nm = NULL;
+	X509_NAME *nm = NULL, **nm_pp = &nm;
 	STACK_OF(X509_NAME_ENTRY) *entries;
 	X509_NAME_ENTRY *entry;
 	q = p;
 
 	/* Get internal representation of Name */
-	ret = ASN1_item_ex_d2i((ASN1_VALUE **)&intname, &p, len, ASN1_ITEM_rptr(X509_NAME_INTERNAL),
-								tag, aclass, opt, ctx);
+	ret = ASN1_item_ex_d2i((ASN1_VALUE **)intname_pp,
+			       &p, len, ASN1_ITEM_rptr(X509_NAME_INTERNAL),
+			       tag, aclass, opt, ctx);
 	
 	if(ret <= 0) return ret;
 
 	if(*val) x509_name_ex_free(val, NULL);
-	if(!x509_name_ex_new((ASN1_VALUE **)&nm, NULL)) goto err;
+	if(!x509_name_ex_new((ASN1_VALUE **)nm_pp, NULL)) goto err;
 	/* We've decoded it: now cache encoding */
 	if(!BUF_MEM_grow(nm->bytes, p - q)) goto err;
 	memcpy(nm->bytes->data, q, p - q);
@@ -218,7 +219,7 @@ static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_IT
 
 static int x509_name_encode(X509_NAME *a)
 {
-	STACK *intname = NULL;
+	STACK *intname = NULL, **intname_pp = &intname;
 	int len;
 	unsigned char *p;
 	STACK_OF(X509_NAME_ENTRY) *entries = NULL;
@@ -236,10 +237,12 @@ static int x509_name_encode(X509_NAME *a)
 		}
 		if(!sk_X509_NAME_ENTRY_push(entries, entry)) goto memerr;
 	}
-	len = ASN1_item_ex_i2d((ASN1_VALUE **)&intname, NULL, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
+	len = ASN1_item_ex_i2d((ASN1_VALUE **)intname_pp, NULL,
+			       ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
 	if (!BUF_MEM_grow(a->bytes,len)) goto memerr;
 	p=(unsigned char *)a->bytes->data;
-	ASN1_item_ex_i2d((ASN1_VALUE **)&intname, &p, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
+	ASN1_item_ex_i2d((ASN1_VALUE **)intname_pp,
+			 &p, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
 	sk_pop_free(intname, sk_internal_free);
 	a->modified = 0;
 	return len;

crypto/bf/Makefile

@@ -109,5 +109,8 @@ bf_enc.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
 bf_enc.o: ../../include/openssl/opensslconf.h bf_enc.c bf_locl.h
 bf_ofb64.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
 bf_ofb64.o: ../../include/openssl/opensslconf.h bf_locl.h bf_ofb64.c
-bf_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/e_os2.h
-bf_skey.o: ../../include/openssl/opensslconf.h bf_locl.h bf_pi.h bf_skey.c
+bf_skey.o: ../../include/openssl/blowfish.h ../../include/openssl/crypto.h
+bf_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
+bf_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+bf_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+bf_skey.o: bf_locl.h bf_pi.h bf_skey.c

crypto/bf/bf_skey.c

@@ -58,11 +58,12 @@
 
 #include <stdio.h>
 #include <string.h>
+#include <openssl/crypto.h>
 #include <openssl/blowfish.h>
 #include "bf_locl.h"
 #include "bf_pi.h"
 
-void BF_set_key(BF_KEY *key, int len, const unsigned char *data)
+FIPS_NON_FIPS_VCIPHER_Init(BF)
 	{
 	int i;
 	BF_LONG *p,ri,in[2];

crypto/bf/blowfish.h

@@ -104,7 +104,10 @@ typedef struct bf_key_st
 	BF_LONG S[4*256];
 	} BF_KEY;
 
- 
+
+#ifdef OPENSSL_FIPS 
+void private_BF_set_key(BF_KEY *key, int len, const unsigned char *data);
+#endif
 void BF_set_key(BF_KEY *key, int len, const unsigned char *data);
 
 void BF_encrypt(BF_LONG *data,const BF_KEY *key);

crypto/bio/bss_file.c

@@ -266,7 +266,7 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, long num, void *ptr)
 			ret=0;
 			break;
 			}
-#if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_OS2)
+#if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_OS2) || defined(OPENSSL_SYS_WIN32_CYGWIN)
 		if (!(num & BIO_FP_TEXT))
 			strcat(p,"b");
 		else

crypto/cast/Makefile

@@ -114,5 +114,7 @@ c_ofb64.o: ../../e_os.h ../../include/openssl/cast.h
 c_ofb64.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
 c_ofb64.o: c_ofb64.c cast_lcl.h
 c_skey.o: ../../e_os.h ../../include/openssl/cast.h
-c_skey.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h
-c_skey.o: c_skey.c cast_lcl.h cast_s.h
+c_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+c_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+c_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+c_skey.o: ../../include/openssl/symhacks.h c_skey.c cast_lcl.h cast_s.h

crypto/cast/c_skey.c

@@ -56,7 +56,9 @@
  * [including the GNU Public Licence.]
  */
 
+#include <openssl/crypto.h>
 #include <openssl/cast.h>
+
 #include "cast_lcl.h"
 #include "cast_s.h"
 
@@ -72,7 +74,7 @@
 #define S6 CAST_S_table6
 #define S7 CAST_S_table7
 
-void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data)
+FIPS_NON_FIPS_VCIPHER_Init(CAST)
 	{
 	CAST_LONG x[16];
 	CAST_LONG z[16];

crypto/cast/cast.h

@@ -81,7 +81,10 @@ typedef struct cast_key_st
 	int short_key;	/* Use reduced rounds for short key */
 	} CAST_KEY;
 
- 
+
+#ifdef OPENSSL_FIPS 
+void private_CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
+#endif
 void CAST_set_key(CAST_KEY *key, int len, const unsigned char *data);
 void CAST_ecb_encrypt(const unsigned char *in,unsigned char *out,CAST_KEY *key,
 		      int enc);

crypto/comp/Makefile

@@ -90,6 +90,7 @@ c_rle.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h c_rle.c
 c_zlib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
 c_zlib.o: ../../include/openssl/bn.h ../../include/openssl/comp.h
 c_zlib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+c_zlib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
 c_zlib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 c_zlib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
 c_zlib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h

crypto/comp/c_zlib.c

@@ -3,6 +3,7 @@
 #include <string.h>
 #include <openssl/objects.h>
 #include <openssl/comp.h>
+#include <openssl/err.h>
 
 COMP_METHOD *COMP_zlib(void );
 

crypto/crypto.h

@@ -439,6 +439,58 @@ void OpenSSLDie(const char *file,int line,const char *assertion);
 #ifdef OPENSSL_FIPS
 int FIPS_mode(void);
 void *FIPS_rand_check(void);
+
+#define FIPS_ERROR_IGNORED(alg) OpenSSLDie(__FILE__, __LINE__, \
+		alg " previous FIPS forbidden algorithm error ignored");
+
+#define FIPS_BAD_ABORT(alg) OpenSSLDie(__FILE__, __LINE__, \
+		#alg " Algorithm forbidden in FIPS mode");
+
+#ifdef OPENSSL_FIPS_STRICT
+#define FIPS_BAD_ALGORITHM(alg) FIPS_BAD_ABORT(alg)
+#else
+#define FIPS_BAD_ALGORITHM(alg) \
+	{ \
+	FIPSerr(FIPS_F_HASH_FINAL,FIPS_R_NON_FIPS_METHOD); \
+	ERR_add_error_data(2, "Algorithm=", #alg); \
+	return 0; \
+	}
+#endif
+
+/* Low level digest API blocking macro */
+
+#define FIPS_NON_FIPS_MD_Init(alg) \
+	int alg##_Init(alg##_CTX *c) \
+		{ \
+		if (FIPS_mode()) \
+			FIPS_BAD_ALGORITHM(alg) \
+		return private_##alg##_Init(c); \
+		} \
+	int private_##alg##_Init(alg##_CTX *c)
+
+/* For ciphers the API often varies from cipher to cipher and each needs to
+ * be treated as a special case. Variable key length ciphers (Blowfish, RC4,
+ * CAST) however are very similar and can use a blocking macro.
+ */
+
+#define FIPS_NON_FIPS_VCIPHER_Init(alg) \
+	void alg##_set_key(alg##_KEY *key, int len, const unsigned char *data) \
+		{ \
+		if (FIPS_mode()) \
+			FIPS_BAD_ABORT(alg) \
+		private_##alg##_set_key(key, len, data); \
+		} \
+	void private_##alg##_set_key(alg##_KEY *key, int len, \
+					const unsigned char *data)
+
+#else
+
+#define FIPS_NON_FIPS_VCIPHER_Init(alg) \
+	void alg##_set_key(alg##_KEY *key, int len, const unsigned char *data)
+
+#define FIPS_NON_FIPS_MD_Init(alg) \
+	int alg##_Init(alg##_CTX *c) 
+
 #endif /* def OPENSSL_FIPS */
 
 /* BEGIN ERROR CODES */

crypto/dso/dso_win32.c

@@ -61,7 +61,7 @@
 #include "cryptlib.h"
 #include <openssl/dso.h>
 
-#if !defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINCE)
+#if !defined(DSO_WIN32)
 DSO_METHOD *DSO_METHOD_win32(void)
 	{
 	return NULL;

crypto/evp/Makefile

@@ -448,7 +448,7 @@ e_rc4.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
 e_rc4.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
 e_rc4.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 e_rc4.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
-e_rc4.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_rc4.c
+e_rc4.o: ../../include/openssl/ui_compat.h ../cryptlib.h e_rc4.c evp_locl.h
 e_rc5.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
 e_rc5.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 e_rc5.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
@@ -713,7 +713,7 @@ m_md2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
 m_md2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 m_md2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
 m_md2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_md2.o: ../cryptlib.h m_md2.c
+m_md2.o: ../cryptlib.h evp_locl.h m_md2.c
 m_md4.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
 m_md4.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 m_md4.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
@@ -734,7 +734,7 @@ m_md4.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
 m_md4.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 m_md4.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
 m_md4.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_md4.o: ../cryptlib.h m_md4.c
+m_md4.o: ../cryptlib.h evp_locl.h m_md4.c
 m_md5.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
 m_md5.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 m_md5.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
@@ -755,7 +755,7 @@ m_md5.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
 m_md5.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 m_md5.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
 m_md5.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_md5.o: ../cryptlib.h m_md5.c
+m_md5.o: ../cryptlib.h evp_locl.h m_md5.c
 m_mdc2.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
 m_mdc2.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 m_mdc2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
@@ -776,7 +776,7 @@ m_mdc2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
 m_mdc2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 m_mdc2.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
 m_mdc2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_mdc2.o: ../cryptlib.h m_mdc2.c
+m_mdc2.o: ../cryptlib.h evp_locl.h m_mdc2.c
 m_null.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
 m_null.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 m_null.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
@@ -840,7 +840,7 @@ m_sha.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
 m_sha.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 m_sha.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
 m_sha.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-m_sha.o: ../cryptlib.h m_sha.c
+m_sha.o: ../cryptlib.h evp_locl.h m_sha.c
 m_sha1.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
 m_sha1.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
 m_sha1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h

crypto/evp/bio_md.c

@@ -192,13 +192,8 @@ static long md_ctrl(BIO *b, int cmd, long num, void *ptr)
 			ret=0;
 		break;
 	case BIO_C_GET_MD_CTX:
-		if (b->init)
-			{
-			pctx=ptr;
-			*pctx=ctx;
-			}
-		else
-			ret=0;
+		pctx=ptr;
+		*pctx=ctx;
 		break;
 	case BIO_C_SET_MD_CTX:
 		if (b->init)

crypto/evp/c_alld.c

@@ -75,7 +75,7 @@ void OpenSSL_add_all_digests(void)
 	EVP_add_digest_alias(SN_md5,"ssl2-md5");
 	EVP_add_digest_alias(SN_md5,"ssl3-md5");
 #endif
-#ifndef OPENSSL_NO_SHA
+#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0)
 	EVP_add_digest(EVP_sha());
 #ifndef OPENSSL_NO_DSA
 	EVP_add_digest(EVP_dss());

crypto/evp/digest.c

@@ -137,6 +137,39 @@ int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type)
 	return EVP_DigestInit_ex(ctx, type, NULL);
 	}
 
+#ifdef OPENSSL_FIPS
+
+/* The purpose of these is to trap programs that attempt to use non FIPS
+ * algorithms in FIPS mode and ignore the errors.
+ */
+
+static int bad_init(EVP_MD_CTX *ctx)
+	{ FIPS_ERROR_IGNORED("Digest init"); return 0;}
+
+static int bad_update(EVP_MD_CTX *ctx,const void *data,unsigned long count)
+	{ FIPS_ERROR_IGNORED("Digest update"); return 0;}
+
+static int bad_final(EVP_MD_CTX *ctx,unsigned char *md)
+	{ FIPS_ERROR_IGNORED("Digest Final"); return 0;}
+
+static const EVP_MD bad_md =
+	{
+	0,
+	0,
+	0,
+	0,
+	bad_init,
+	bad_update,
+	bad_final,
+	NULL,
+	NULL,
+	NULL,
+	0,
+	{0,0,0,0},
+	};
+
+#endif
+
 int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
 	{
 	EVP_MD_CTX_clear_flags(ctx,EVP_MD_CTX_FLAG_CLEANED);
@@ -195,6 +228,18 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
 #endif
 	if (ctx->digest != type)
 		{
+#ifdef OPENSSL_FIPS
+		if (FIPS_mode())
+			{
+			if (!(type->flags & EVP_MD_FLAG_FIPS) 
+			 && !(ctx->flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW))
+				{
+				EVPerr(EVP_F_EVP_DIGESTINIT, EVP_R_DISABLED_FOR_FIPS);
+				ctx->digest = &bad_md;
+				return 0;
+				}
+			}
+#endif
 		if (ctx->digest && ctx->digest->ctx_size)
 			OPENSSL_free(ctx->md_data);
 		ctx->digest=type;

crypto/evp/e_aes.c

@@ -67,32 +67,32 @@ typedef struct
 
 IMPLEMENT_BLOCK_CIPHER(aes_128, ks, AES, EVP_AES_KEY,
 		       NID_aes_128, 16, 16, 16, 128,
-		       0, aes_init_key, NULL, 
+		       EVP_CIPH_FLAG_FIPS, aes_init_key, NULL, 
 		       EVP_CIPHER_set_asn1_iv,
 		       EVP_CIPHER_get_asn1_iv,
 		       NULL)
 IMPLEMENT_BLOCK_CIPHER(aes_192, ks, AES, EVP_AES_KEY,
 		       NID_aes_192, 16, 24, 16, 128,
-		       0, aes_init_key, NULL, 
+		       EVP_CIPH_FLAG_FIPS, aes_init_key, NULL, 
 		       EVP_CIPHER_set_asn1_iv,
 		       EVP_CIPHER_get_asn1_iv,
 		       NULL)
 IMPLEMENT_BLOCK_CIPHER(aes_256, ks, AES, EVP_AES_KEY,
 		       NID_aes_256, 16, 32, 16, 128,
-		       0, aes_init_key, NULL, 
+		       EVP_CIPH_FLAG_FIPS, aes_init_key, NULL, 
 		       EVP_CIPHER_set_asn1_iv,
 		       EVP_CIPHER_get_asn1_iv,
 		       NULL)
 
-#define IMPLEMENT_AES_CFBR(ksize,cbits)	IMPLEMENT_CFBR(aes,AES,EVP_AES_KEY,ks,ksize,cbits,16)
+#define IMPLEMENT_AES_CFBR(ksize,cbits,flags)	IMPLEMENT_CFBR(aes,AES,EVP_AES_KEY,ks,ksize,cbits,16,flags)
 
-IMPLEMENT_AES_CFBR(128,1)
-IMPLEMENT_AES_CFBR(192,1)
-IMPLEMENT_AES_CFBR(256,1)
+IMPLEMENT_AES_CFBR(128,1,0)
+IMPLEMENT_AES_CFBR(192,1,0)
+IMPLEMENT_AES_CFBR(256,1,0)
 
-IMPLEMENT_AES_CFBR(128,8)
-IMPLEMENT_AES_CFBR(192,8)
-IMPLEMENT_AES_CFBR(256,8)
+IMPLEMENT_AES_CFBR(128,8,EVP_CIPH_FLAG_FIPS)
+IMPLEMENT_AES_CFBR(192,8,EVP_CIPH_FLAG_FIPS)
+IMPLEMENT_AES_CFBR(256,8,EVP_CIPH_FLAG_FIPS)
 
 static int aes_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
 		   const unsigned char *iv, int enc)

crypto/evp/e_des.c

@@ -127,16 +127,18 @@ static int des_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     }
 
 BLOCK_CIPHER_defs(des, DES_key_schedule, NID_des, 8, 8, 8, 64,
-			0, des_init_key, NULL,
+			EVP_CIPH_FLAG_FIPS, des_init_key, NULL,
 			EVP_CIPHER_set_asn1_iv,
 			EVP_CIPHER_get_asn1_iv,
 			NULL)
 
-BLOCK_CIPHER_def_cfb(des,DES_key_schedule,NID_des,8,8,1,0,des_init_key,NULL,
+BLOCK_CIPHER_def_cfb(des,DES_key_schedule,NID_des,8,8,1,
+		     EVP_CIPH_FLAG_FIPS,des_init_key,NULL,
 		     EVP_CIPHER_set_asn1_iv,
 		     EVP_CIPHER_get_asn1_iv,NULL)
 
-BLOCK_CIPHER_def_cfb(des,DES_key_schedule,NID_des,8,8,8,0,des_init_key,NULL,
+BLOCK_CIPHER_def_cfb(des,DES_key_schedule,NID_des,8,8,8,
+		     EVP_CIPH_FLAG_FIPS,des_init_key,NULL,
 		     EVP_CIPHER_set_asn1_iv,
 		     EVP_CIPHER_get_asn1_iv,NULL)
 

crypto/evp/e_des3.c

@@ -160,7 +160,7 @@ static int des_ede3_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
     }
 
 BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64,
-			0, des_ede_init_key, NULL, 
+			EVP_CIPH_FLAG_FIPS, des_ede_init_key, NULL, 
 			EVP_CIPHER_set_asn1_iv,
 			EVP_CIPHER_get_asn1_iv,
 			NULL)
@@ -171,18 +171,18 @@ BLOCK_CIPHER_defs(des_ede, DES_EDE_KEY, NID_des_ede, 8, 16, 8, 64,
 #define des_ede3_ecb_cipher des_ede_ecb_cipher
 
 BLOCK_CIPHER_defs(des_ede3, DES_EDE_KEY, NID_des_ede3, 8, 24, 8, 64,
-			0, des_ede3_init_key, NULL, 
+			EVP_CIPH_FLAG_FIPS, des_ede3_init_key, NULL, 
 			EVP_CIPHER_set_asn1_iv,
 			EVP_CIPHER_get_asn1_iv,
 			NULL)
 
-BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,1,0,
-		     des_ede3_init_key,NULL,
+BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,1,
+		     EVP_CIPH_FLAG_FIPS, des_ede3_init_key,NULL,
 		     EVP_CIPHER_set_asn1_iv,
 		     EVP_CIPHER_get_asn1_iv,NULL)
 
-BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,8,0,
-		     des_ede3_init_key,NULL,
+BLOCK_CIPHER_def_cfb(des_ede3,DES_EDE_KEY,NID_des_ede3,24,8,8,
+		     EVP_CIPH_FLAG_FIPS, des_ede3_init_key,NULL,
 		     EVP_CIPHER_set_asn1_iv,
 		     EVP_CIPHER_get_asn1_iv,NULL)
 

crypto/evp/e_rc4.c

@@ -62,6 +62,7 @@
 #include "cryptlib.h"
 #include <openssl/evp.h>
 #include <openssl/objects.h>
+#include "evp_locl.h"
 #include <openssl/rc4.h>
 
 /* FIXME: surely this is available elsewhere? */

crypto/evp/evp.h

@@ -117,6 +117,10 @@
 #include <openssl/aes.h>
 #endif
 
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
+
 /*
 #define EVP_RC2_KEY_SIZE		16
 #define EVP_RC4_KEY_SIZE		16
@@ -290,6 +294,7 @@ struct env_md_st
 
 #define EVP_MD_FLAG_ONESHOT	0x0001 /* digest can only handle a single
 					* block */
+#define EVP_MD_FLAG_FIPS	0x0400 /* Note if suitable for use in FIPS mode */
 
 #define EVP_PKEY_NULL_method	NULL,NULL,{0,0,0,0}
 
@@ -332,6 +337,9 @@ struct env_md_ctx_st
 #define EVP_MD_CTX_FLAG_REUSE		0x0004 /* Don't free up ctx->md_data
 						* in EVP_MD_CTX_cleanup */
 
+#define EVP_MD_CTX_FLAG_NON_FIPS_ALLOW	0x0008	/* Allow use of non FIPS digest
+						 * in FIPS mode */
+
 struct evp_cipher_st
 	{
 	int nid;
@@ -373,6 +381,10 @@ struct evp_cipher_st
 #define 	EVP_CIPH_CUSTOM_KEY_LENGTH	0x80
 /* Don't use standard block padding */
 #define 	EVP_CIPH_NO_PADDING		0x100
+/* Note if suitable for use in FIPS mode */
+#define		EVP_CIPH_FLAG_FIPS		0x400
+/* Allow non FIPS cipher in FIPS mode */
+#define		EVP_CIPH_FLAG_NON_FIPS_ALLOW	0x800
 
 /* ctrl() values */
 
@@ -478,6 +490,9 @@ typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
 #define EVP_CIPHER_CTX_set_app_data(e,d) ((e)->app_data=(char *)(d))
 #define EVP_CIPHER_CTX_type(c)         EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
 #define EVP_CIPHER_CTX_flags(e)		((e)->cipher->flags)
+#define EVP_CIPHER_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs))
+#define EVP_CIPHER_CTX_clear_flags(ctx,flgs) ((ctx)->flags&=~(flgs))
+#define EVP_CIPHER_CTX_test_flags(ctx,flgs) ((ctx)->flags&(flgs))
 #define EVP_CIPHER_CTX_mode(e)		((e)->cipher->flags & EVP_CIPH_MODE)
 
 #define EVP_ENCODE_LENGTH(l)	(((l+2)/3*4)+(l/48+1)*2+80)
@@ -853,12 +868,16 @@ void ERR_load_EVP_strings(void);
 /* Function codes. */
 #define EVP_F_AES_INIT_KEY				 129
 #define EVP_F_D2I_PKEY					 100
+#define EVP_F_EVP_ADD_CIPHER				 130
+#define EVP_F_EVP_ADD_DIGEST				 131
 #define EVP_F_EVP_CIPHERINIT				 123
 #define EVP_F_EVP_CIPHER_CTX_CTRL			 124
 #define EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH		 122
 #define EVP_F_EVP_DECRYPTFINAL				 101
 #define EVP_F_EVP_DIGESTINIT				 128
 #define EVP_F_EVP_ENCRYPTFINAL				 127
+#define EVP_F_EVP_GET_CIPHERBYNAME			 132
+#define EVP_F_EVP_GET_DIGESTBYNAME			 133
 #define EVP_F_EVP_MD_CTX_COPY				 110
 #define EVP_F_EVP_OPENINIT				 102
 #define EVP_F_EVP_PBE_ALG_ADD				 115
@@ -894,6 +913,7 @@ void ERR_load_EVP_strings(void);
 #define EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH		 138
 #define EVP_R_DECODE_ERROR				 114
 #define EVP_R_DIFFERENT_KEY_TYPES			 101
+#define EVP_R_DISABLED_FOR_FIPS				 141
 #define EVP_R_ENCODE_ERROR				 115
 #define EVP_R_EVP_PBE_CIPHERINIT_ERROR			 119
 #define EVP_R_EXPECTING_AN_RSA_KEY			 127

crypto/evp/evp_enc.c

@@ -82,6 +82,48 @@ int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
 	return EVP_CipherInit_ex(ctx,cipher,NULL,key,iv,enc);
 	}
 
+#ifdef OPENSSL_FIPS
+
+/* The purpose of these is to trap programs that attempt to use non FIPS
+ * algorithms in FIPS mode and ignore the errors.
+ */
+
+int bad_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
+	    const unsigned char *iv, int enc)
+	{ FIPS_ERROR_IGNORED("Cipher init"); return 0;}
+
+int bad_do_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+		 const unsigned char *in, unsigned int inl)
+	{ FIPS_ERROR_IGNORED("Cipher update"); return 0;}
+
+/* NB: no cleanup because it is allowed after failed init */
+
+int bad_set_asn1(EVP_CIPHER_CTX *ctx, ASN1_TYPE *typ)
+	{ FIPS_ERROR_IGNORED("Cipher set_asn1"); return 0;}
+int bad_get_asn1(EVP_CIPHER_CTX *ctx, ASN1_TYPE *typ)
+	{ FIPS_ERROR_IGNORED("Cipher get_asn1"); return 0;}
+int bad_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
+	{ FIPS_ERROR_IGNORED("Cipher ctrl"); return 0;}
+
+static const EVP_CIPHER bad_cipher =
+	{
+	0,
+	0,
+	0,
+	0,
+	0,
+	bad_init,
+	bad_do_cipher,
+	NULL,
+	0,
+	bad_set_asn1,
+	bad_get_asn1,
+	bad_ctrl,
+	NULL
+	};
+
+#endif
+
 int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *impl,
 	     const unsigned char *key, const unsigned char *iv, int enc)
 	{
@@ -146,7 +188,6 @@ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, ENGINE *imp
 		else
 			ctx->engine = NULL;
 #endif
-
 		ctx->cipher=cipher;
 		if (ctx->cipher->ctx_size)
 			{
@@ -210,6 +251,24 @@ skip_to_init:
 		}
 	}
 
+#ifdef OPENSSL_FIPS
+	/* After 'key' is set no further parameters changes are permissible.
+	 * So only check for non FIPS enabling at this point.
+	 */
+	if (key && FIPS_mode())
+		{
+		if (!(ctx->cipher->flags & EVP_CIPH_FLAG_FIPS)
+			& !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW))
+			{
+			EVPerr(EVP_F_EVP_CIPHERINIT, EVP_R_DISABLED_FOR_FIPS);
+			ERR_add_error_data(2, "cipher=",
+						EVP_CIPHER_name(ctx->cipher));
+			ctx->cipher = &bad_cipher;
+			return 0;
+			}
+		}
+#endif
+
 	if(key || (ctx->cipher->flags & EVP_CIPH_ALWAYS_CALL_INIT)) {
 		if(!ctx->cipher->init(ctx,key,iv,enc)) return 0;
 	}

crypto/evp/evp_err.c

@@ -1,6 +1,6 @@
 /* crypto/evp/evp_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2002 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2005 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -68,12 +68,16 @@ static ERR_STRING_DATA EVP_str_functs[]=
 	{
 {ERR_PACK(0,EVP_F_AES_INIT_KEY,0),	"AES_INIT_KEY"},
 {ERR_PACK(0,EVP_F_D2I_PKEY,0),	"D2I_PKEY"},
+{ERR_PACK(0,EVP_F_EVP_ADD_CIPHER,0),	"EVP_add_cipher"},
+{ERR_PACK(0,EVP_F_EVP_ADD_DIGEST,0),	"EVP_add_digest"},
 {ERR_PACK(0,EVP_F_EVP_CIPHERINIT,0),	"EVP_CipherInit"},
 {ERR_PACK(0,EVP_F_EVP_CIPHER_CTX_CTRL,0),	"EVP_CIPHER_CTX_ctrl"},
 {ERR_PACK(0,EVP_F_EVP_CIPHER_CTX_SET_KEY_LENGTH,0),	"EVP_CIPHER_CTX_set_key_length"},
 {ERR_PACK(0,EVP_F_EVP_DECRYPTFINAL,0),	"EVP_DecryptFinal"},
 {ERR_PACK(0,EVP_F_EVP_DIGESTINIT,0),	"EVP_DigestInit"},
 {ERR_PACK(0,EVP_F_EVP_ENCRYPTFINAL,0),	"EVP_EncryptFinal"},
+{ERR_PACK(0,EVP_F_EVP_GET_CIPHERBYNAME,0),	"EVP_get_cipherbyname"},
+{ERR_PACK(0,EVP_F_EVP_GET_DIGESTBYNAME,0),	"EVP_get_digestbyname"},
 {ERR_PACK(0,EVP_F_EVP_MD_CTX_COPY,0),	"EVP_MD_CTX_copy"},
 {ERR_PACK(0,EVP_F_EVP_OPENINIT,0),	"EVP_OpenInit"},
 {ERR_PACK(0,EVP_F_EVP_PBE_ALG_ADD,0),	"EVP_PBE_alg_add"},
@@ -112,6 +116,7 @@ static ERR_STRING_DATA EVP_str_reasons[]=
 {EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH ,"data not multiple of block length"},
 {EVP_R_DECODE_ERROR                      ,"decode error"},
 {EVP_R_DIFFERENT_KEY_TYPES               ,"different key types"},
+{EVP_R_DISABLED_FOR_FIPS                 ,"disabled for fips"},
 {EVP_R_ENCODE_ERROR                      ,"encode error"},
 {EVP_R_EVP_PBE_CIPHERINIT_ERROR          ,"evp pbe cipherinit error"},
 {EVP_R_EXPECTING_AN_RSA_KEY              ,"expecting an rsa key"},

crypto/evp/evp_locl.h

@@ -226,11 +226,27 @@ const EVP_CIPHER *EVP_##cname##_ecb(void) { return &cname##_ecb; }
 
 #define EVP_C_DATA(kstruct, ctx)	((kstruct *)(ctx)->cipher_data)
 
-#define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len) \
+#define IMPLEMENT_CFBR(cipher,cprefix,kstruct,ksched,keysize,cbits,iv_len,flags) \
 	BLOCK_CIPHER_func_cfb(cipher##_##keysize,cprefix,cbits,kstruct,ksched) \
 	BLOCK_CIPHER_def_cfb(cipher##_##keysize,kstruct, \
 			     NID_##cipher##_##keysize, keysize/8, iv_len, cbits, \
-			     0, cipher##_init_key, NULL, \
+			     flags, cipher##_init_key, NULL, \
 			     EVP_CIPHER_set_asn1_iv, \
 			     EVP_CIPHER_get_asn1_iv, \
 			     NULL)
+
+#ifdef OPENSSL_FIPS
+#define RC2_set_key	private_RC2_set_key
+#define RC4_set_key	private_RC4_set_key
+#define CAST_set_key	private_CAST_set_key
+#define RC5_32_set_key	private_RC5_32_set_key
+#define BF_set_key	private_BF_set_key
+#define idea_set_encrypt_key private_idea_set_encrypt_key
+
+#define MD5_Init	private_MD5_Init
+#define MD4_Init	private_MD4_Init
+#define MD2_Init	private_MD2_Init
+#define MDC2_Init	private_MDC2_Init
+#define SHA_Init	private_SHA_Init
+
+#endif

crypto/evp/m_dss.c

@@ -77,7 +77,7 @@ static const EVP_MD dsa_md=
 	NID_dsaWithSHA,
 	NID_dsaWithSHA,
 	SHA_DIGEST_LENGTH,
-	0,
+	EVP_MD_FLAG_FIPS,
 	init,
 	update,
 	final,

crypto/evp/m_md2.c

@@ -60,6 +60,7 @@
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/evp.h>
+#include "evp_locl.h"
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 #include <openssl/md2.h>

crypto/evp/m_md4.c

@@ -60,6 +60,7 @@
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/evp.h>
+#include "evp_locl.h"
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 #include <openssl/md4.h>

crypto/evp/m_md5.c

@@ -60,6 +60,7 @@
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/evp.h>
+#include "evp_locl.h"
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 #include <openssl/md5.h>

crypto/evp/m_mdc2.c

@@ -60,6 +60,7 @@
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/evp.h>
+#include "evp_locl.h"
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 #include <openssl/mdc2.h>

crypto/evp/m_sha.c

@@ -56,10 +56,11 @@
  * [including the GNU Public Licence.]
  */
 
-#ifndef OPENSSL_NO_SHA
+#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA0)
 #include <stdio.h>
 #include "cryptlib.h"
 #include <openssl/evp.h>
+#include "evp_locl.h"
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 

crypto/evp/m_sha1.c

@@ -77,7 +77,7 @@ static const EVP_MD sha1_md=
 	NID_sha1,
 	NID_sha1WithRSAEncryption,
 	SHA_DIGEST_LENGTH,
-	0,
+	EVP_MD_FLAG_FIPS,
 	init,
 	update,
 	final,

crypto/evp/names.c

@@ -61,6 +61,9 @@
 #include <openssl/evp.h>
 #include <openssl/objects.h>
 #include <openssl/x509.h>
+#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
+#endif
 
 int EVP_add_cipher(const EVP_CIPHER *c)
 	{

crypto/hmac/hmac.c

@@ -77,6 +77,15 @@ void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int len,
 
 	if (key != NULL)
 		{
+#ifdef OPENSSL_FIPS
+		if (FIPS_mode() && !(md->flags & EVP_MD_FLAG_FIPS)
+		&& (!(ctx->md_ctx.flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW)
+		 || !(ctx->i_ctx.flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW)
+		 || !(ctx->o_ctx.flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW)))
+		OpenSSLDie(__FILE__,__LINE__,
+			"HMAC: digest not allowed in FIPS mode");
+#endif
+		
 		reset=1;
 		j=EVP_MD_block_size(md);
 		OPENSSL_assert(j <= sizeof ctx->key);
@@ -171,3 +180,10 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
 	return(md);
 	}
 
+void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags)
+	{
+	EVP_MD_CTX_set_flags(&ctx->i_ctx, flags);
+	EVP_MD_CTX_set_flags(&ctx->o_ctx, flags);
+	EVP_MD_CTX_set_flags(&ctx->md_ctx, flags);
+	}
+

crypto/hmac/hmac.h

@@ -98,6 +98,7 @@ unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len,
 		    const unsigned char *d, int n, unsigned char *md,
 		    unsigned int *md_len);
 
+void HMAC_CTX_set_flags(HMAC_CTX *ctx, unsigned long flags);
 
 #ifdef  __cplusplus
 }

crypto/idea/Makefile

@@ -85,5 +85,8 @@ i_ecb.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
 i_ecb.o: ../../include/openssl/opensslv.h i_ecb.c idea_lcl.h
 i_ofb64.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
 i_ofb64.o: i_ofb64.c idea_lcl.h
+i_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
 i_skey.o: ../../include/openssl/idea.h ../../include/openssl/opensslconf.h
+i_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+i_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 i_skey.o: i_skey.c idea_lcl.h

crypto/idea/i_skey.c

@@ -57,10 +57,23 @@
  */
 
 #include <openssl/idea.h>
+#include <openssl/crypto.h>
 #include "idea_lcl.h"
 
 static IDEA_INT inverse(unsigned int xin);
+
+#ifdef OPENSSL_FIPS
 void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks)
+	{
+	if (FIPS_mode())
+		FIPS_BAD_ABORT(IDEA)
+	private_idea_set_encrypt_key(key, ks);
+	}
+void private_idea_set_encrypt_key(const unsigned char *key,
+						IDEA_KEY_SCHEDULE *ks)
+#else
+void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks)
+#endif
 	{
 	int i;
 	register IDEA_INT *kt,*kf,r0,r1,r2;

crypto/idea/idea.h

@@ -82,6 +82,10 @@ typedef struct idea_key_st
 const char *idea_options(void);
 void idea_ecb_encrypt(const unsigned char *in, unsigned char *out,
 	IDEA_KEY_SCHEDULE *ks);
+#ifdef OPENSSL_FIPS
+void private_idea_set_encrypt_key(const unsigned char *key,
+						IDEA_KEY_SCHEDULE *ks);
+#endif
 void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks);
 void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk);
 void idea_cbc_encrypt(const unsigned char *in, unsigned char *out,

crypto/md2/Makefile

@@ -77,7 +77,9 @@ clean:
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 
-md2_dgst.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+md2_dgst.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+md2_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+md2_dgst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
 md2_dgst.o: ../../include/openssl/md2.h ../../include/openssl/opensslconf.h
 md2_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
 md2_dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h

crypto/md2/md2.h

@@ -80,6 +80,9 @@ typedef struct MD2state_st
 	} MD2_CTX;
 
 const char *MD2_options(void);
+#ifdef OPENSSL_FIPS
+int private_MD2_Init(MD2_CTX *c);
+#endif
 int MD2_Init(MD2_CTX *c);
 int MD2_Update(MD2_CTX *c, const unsigned char *data, unsigned long len);
 int MD2_Final(unsigned char *md, MD2_CTX *c);

crypto/md2/md2_dgst.c

@@ -62,6 +62,8 @@
 #include <openssl/md2.h>
 #include <openssl/opensslv.h>
 #include <openssl/crypto.h>
+#include <openssl/fips.h>
+#include <openssl/err.h>
 
 const char *MD2_version="MD2" OPENSSL_VERSION_PTEXT;
 
@@ -116,7 +118,7 @@ const char *MD2_options(void)
 		return("md2(int)");
 	}
 
-int MD2_Init(MD2_CTX *c)
+FIPS_NON_FIPS_MD_Init(MD2)
 	{
 	c->num=0;
 	memset(c->state,0,sizeof c->state);

crypto/md32_common.h

@@ -559,7 +559,7 @@ int HASH_FINAL (unsigned char *md, HASH_CTX *c)
 	static const unsigned char end[4]={0x80,0x00,0x00,0x00};
 	const unsigned char *cp=end;
 
-#ifdef OPENSSL_FIPS
+#if 0
 	if(FIPS_mode() && !FIPS_md5_allowed())
 	    {
 	    FIPSerr(FIPS_F_HASH_FINAL,FIPS_R_NON_FIPS_METHOD);

crypto/md4/md4.h

@@ -104,6 +104,9 @@ typedef struct MD4state_st
 	int num;
 	} MD4_CTX;
 
+#ifdef OPENSSL_FIPS
+int private_MD4_Init(MD4_CTX *c);
+#endif
 int MD4_Init(MD4_CTX *c);
 int MD4_Update(MD4_CTX *c, const void *data, unsigned long len);
 int MD4_Final(unsigned char *md, MD4_CTX *c);

crypto/md4/md4_dgst.c

@@ -70,7 +70,7 @@ const char *MD4_version="MD4" OPENSSL_VERSION_PTEXT;
 #define INIT_DATA_C (unsigned long)0x98badcfeL
 #define INIT_DATA_D (unsigned long)0x10325476L
 
-int MD4_Init(MD4_CTX *c)
+FIPS_NON_FIPS_MD_Init(MD4)
 	{
 	c->A=INIT_DATA_A;
 	c->B=INIT_DATA_B;

crypto/md5/md5.h

@@ -104,6 +104,9 @@ typedef struct MD5state_st
 	int num;
 	} MD5_CTX;
 
+#ifdef OPENSSL_FIPS
+int private_MD5_Init(MD5_CTX *c);
+#endif
 int MD5_Init(MD5_CTX *c);
 int MD5_Update(MD5_CTX *c, const void *data, unsigned long len);
 int MD5_Final(unsigned char *md, MD5_CTX *c);

crypto/md5/md5_dgst.c

@@ -70,7 +70,7 @@ const char *MD5_version="MD5" OPENSSL_VERSION_PTEXT;
 #define INIT_DATA_C (unsigned long)0x98badcfeL
 #define INIT_DATA_D (unsigned long)0x10325476L
 
-int MD5_Init(MD5_CTX *c)
+FIPS_NON_FIPS_MD_Init(MD5)
 	{
 	c->A=INIT_DATA_A;
 	c->B=INIT_DATA_B;

crypto/mdc2/Makefile

@@ -87,8 +87,10 @@ mdc2_one.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
 mdc2_one.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 mdc2_one.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
 mdc2_one.o: ../cryptlib.h mdc2_one.c
-mdc2dgst.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-mdc2dgst.o: ../../include/openssl/des_old.h ../../include/openssl/e_os2.h
+mdc2dgst.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+mdc2dgst.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
+mdc2dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+mdc2dgst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
 mdc2dgst.o: ../../include/openssl/mdc2.h ../../include/openssl/opensslconf.h
 mdc2dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
 mdc2dgst.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h

crypto/mdc2/mdc2.h

@@ -80,7 +80,9 @@ typedef struct mdc2_ctx_st
 	int pad_type; /* either 1 or 2, default 1 */
 	} MDC2_CTX;
 
-
+#ifdef OPENSSL_FIPS
+int private_MDC2_Init(MDC2_CTX *c);
+#endif
 int MDC2_Init(MDC2_CTX *c);
 int MDC2_Update(MDC2_CTX *c, const unsigned char *data, unsigned long len);
 int MDC2_Final(unsigned char *md, MDC2_CTX *c);

crypto/mdc2/mdc2dgst.c

@@ -60,6 +60,8 @@
 #include <stdlib.h>
 #include <string.h>
 #include <openssl/des.h>
+#include <openssl/fips.h>
+#include <openssl/err.h>
 #include <openssl/mdc2.h>
 
 #undef c2l
@@ -75,7 +77,7 @@
 			*((c)++)=(unsigned char)(((l)>>24L)&0xff))
 
 static void mdc2_body(MDC2_CTX *c, const unsigned char *in, unsigned int len);
-int MDC2_Init(MDC2_CTX *c)
+FIPS_NON_FIPS_MD_Init(MDC2)
 	{
 	c->num=0;
 	c->pad_type=1;

crypto/o_str.c

@@ -57,20 +57,12 @@
  */
 
 #include <ctype.h>
-#include <openssl/e_os2.h>
-#ifdef OPENSSL_SYS_WINDOWS
-# include <string.h>
-#else
-# include <strings.h>
-#endif
+#include <e_os.h>
 #include "o_str.h"
 
-#undef strncasecmp
-#undef strcasecmp
-
 int OPENSSL_strncasecmp(const char *str1, const char *str2, size_t n)
 	{
-#if defined(OPENSSL_SYS_VMS)
+#if defined(OPENSSL_IMPLEMENTS_strncasecmp)
 	while (*str1 && *str2 && n)
 		{
 		int res = toupper(*str1) - toupper(*str2);
@@ -86,18 +78,17 @@ int OPENSSL_strncasecmp(const char *str1, const char *str2, size_t n)
 	if (*str2)
 		return -1;
 	return 0;
-#elif defined(OPENSSL_SYS_WINDOWS)
-	return _strnicmp(str1, str2, n);
 #else
+	/* Recursion hazard warning! Whenever strncasecmp is #defined as
+	 * OPENSSL_strncasecmp, OPENSSL_IMPLEMENTS_strncasecmp must be
+	 * defined as well. */
 	return strncasecmp(str1, str2, n);
 #endif
 	}
 int OPENSSL_strcasecmp(const char *str1, const char *str2)
 	{
-#if defined(OPENSSL_SYS_VMS)
+#if defined(OPENSSL_IMPLEMENTS_strncasecmp)
 	return OPENSSL_strncasecmp(str1, str2, (size_t)-1);
-#elif defined(OPENSSL_SYS_WINDOWS)
-	return _stricmp(str1, str2);
 #else
 	return strcasecmp(str1, str2);
 #endif

crypto/objects/Makefile

@@ -49,6 +49,7 @@ obj_dat.h: obj_dat.pl obj_mac.h
 # objects.pl both reads and writes obj_mac.num
 obj_mac.h: objects.pl objects.txt obj_mac.num
 	$(PERL) objects.pl objects.txt obj_mac.num obj_mac.h
+	@sleep 1; touch obj_mac.h; sleep 1
 
 files:
 	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO

crypto/opensslv.h

@@ -25,11 +25,11 @@
  * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
  *  major minor fix final patch/beta)
  */
-#define OPENSSL_VERSION_NUMBER	0x00907060L
+#define OPENSSL_VERSION_NUMBER	0x0090706FL
 #ifdef OPENSSL_FIPS
-#define OPENSSL_VERSION_TEXT	"OpenSSL 0.9.7f-fips-dev XX xxx XXXX"
+#define OPENSSL_VERSION_TEXT	"OpenSSL 0.9.7f-fips 22 Mar 2005"
 #else
-#define OPENSSL_VERSION_TEXT	"OpenSSL 0.9.7f-dev XX xxx XXXX"
+#define OPENSSL_VERSION_TEXT	"OpenSSL 0.9.7f 22 Mar 2005"
 #endif
 #define OPENSSL_VERSION_PTEXT	" part of " OPENSSL_VERSION_TEXT
 

crypto/pem/pem_lib.c

@@ -73,7 +73,7 @@ const char *PEM_version="PEM" OPENSSL_VERSION_PTEXT;
 
 #define MIN_LENGTH	4
 
-static int load_iv(unsigned char **fromp,unsigned char *to, int num);
+static int load_iv(char **fromp,unsigned char *to, int num);
 static int check_pem(const char *nm, const char *name);
 
 int PEM_def_callback(char *buf, int num, int w, void *key)
@@ -432,6 +432,7 @@ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
 	int o;
 	const EVP_CIPHER *enc=NULL;
 	char *p,c;
+	char **header_pp = &header;
 
 	cipher->cipher=NULL;
 	if ((header == NULL) || (*header == '\0') || (*header == '\n'))
@@ -478,15 +479,16 @@ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
 		PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_UNSUPPORTED_ENCRYPTION);
 		return(0);
 		}
-	if (!load_iv((unsigned char **)&header,&(cipher->iv[0]),enc->iv_len)) return(0);
+	if (!load_iv(header_pp,&(cipher->iv[0]),enc->iv_len))
+		return(0);
 
 	return(1);
 	}
 
-static int load_iv(unsigned char **fromp, unsigned char *to, int num)
+static int load_iv(char **fromp, unsigned char *to, int num)
 	{
 	int v,i;
-	unsigned char *from;
+	char *from;
 
 	from= *fromp;
 	for (i=0; i<num; i++) to[i]=0;
@@ -623,6 +625,9 @@ int PEM_read_bio(BIO *bp, char **name, char **header, unsigned char **data,
 	dataB=BUF_MEM_new();
 	if ((nameB == NULL) || (headerB == NULL) || (dataB == NULL))
 		{
+		BUF_MEM_free(nameB);
+		BUF_MEM_free(headerB);
+		BUF_MEM_free(dataB);
 		PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
 		return(0);
 		}

crypto/pkcs7/pk7_smime.c

@@ -155,7 +155,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
 	char buf[4096];
 	int i, j=0, k, ret = 0;
 	BIO *p7bio;
-	BIO *tmpout;
+	BIO *tmpin, *tmpout;
 
 	if(!p7) {
 		PKCS7err(PKCS7_F_PKCS7_VERIFY,PKCS7_R_INVALID_NULL_POINTER);
@@ -228,7 +228,30 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
 		/* Check for revocation status here */
 	}
 
-	p7bio=PKCS7_dataInit(p7,indata);
+	/* Performance optimization: if the content is a memory BIO then
+	 * store its contents in a temporary read only memory BIO. This
+	 * avoids potentially large numbers of slow copies of data which will
+	 * occur when reading from a read write memory BIO when signatures
+	 * are calculated.
+	 */
+
+	if (indata && (BIO_method_type(indata) == BIO_TYPE_MEM))
+		{
+		char *ptr;
+		long len;
+		len = BIO_get_mem_data(indata, &ptr);
+		tmpin = BIO_new_mem_buf(ptr, len);
+		if (tmpin == NULL)
+			{
+			PKCS7err(PKCS7_F_PKCS7_VERIFY,ERR_R_MALLOC_FAILURE);
+			return 0;
+			}
+		}
+	else
+		tmpin = indata;
+		
+
+	p7bio=PKCS7_dataInit(p7,tmpin);
 
 	if(flags & PKCS7_TEXT) {
 		if(!(tmpout = BIO_new(BIO_s_mem()))) {
@@ -270,9 +293,15 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
 	ret = 1;
 
 	err:
+	
+	if (tmpin == indata)
+		{
+		if(indata) BIO_pop(p7bio);
+		BIO_free_all(p7bio);
+		}
+	else
+		BIO_free_all(tmpin);
 
-	if(indata) BIO_pop(p7bio);
-	BIO_free_all(p7bio);
 	sk_X509_free(signers);
 
 	return ret;
@@ -296,10 +325,6 @@ STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags)
 		PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,PKCS7_R_WRONG_CONTENT_TYPE);
 		return NULL;
 	}
-	if(!(signers = sk_X509_new_null())) {
-		PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,ERR_R_MALLOC_FAILURE);
-		return NULL;
-	}
 
 	/* Collect all the signers together */
 
@@ -310,6 +335,11 @@ STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags)
 		return 0;
 	}
 
+	if(!(signers = sk_X509_new_null())) {
+		PKCS7err(PKCS7_F_PKCS7_GET0_SIGNERS,ERR_R_MALLOC_FAILURE);
+		return NULL;
+	}
+
 	for (i = 0; i < sk_PKCS7_SIGNER_INFO_num(sinfos); i++)
 	{
 	    si = sk_PKCS7_SIGNER_INFO_value(sinfos, i);

crypto/rand/rand_egd.c

@@ -216,7 +216,9 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
 	    while (numbytes != 1)
 		{
 	        num = read(fd, egdbuf, 1);
-	        if (num >= 0)
+	        if (num == 0)
+			goto err;	/* descriptor closed */
+		else if (num > 0)
 		    numbytes += num;
 	    	else
 		    {
@@ -246,7 +248,9 @@ int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes)
 	    while (numbytes != egdbuf[0])
 		{
 	        num = read(fd, retrievebuf + numbytes, egdbuf[0] - numbytes);
-	        if (num >= 0)
+		if (num == 0)
+			goto err;	/* descriptor closed */
+	        else if (num > 0)
 		    numbytes += num;
 	    	else
 		    {

crypto/rand/rand_unix.c

@@ -120,6 +120,7 @@
 #include <sys/types.h>
 #include <sys/time.h>
 #include <sys/times.h>
+#include <sys/stat.h>
 #include <fcntl.h>
 #include <unistd.h>
 #include <time.h>
@@ -151,9 +152,9 @@ int RAND_poll(void)
 	int n = 0;
 #endif
 #ifdef DEVRANDOM
-	static const char *randomfiles[] = { DEVRANDOM, NULL };
-	const char **randomfile = NULL;
-	int fd;
+	static const char *randomfiles[] = { DEVRANDOM };
+	struct stat randomstats[sizeof(randomfiles)/sizeof(randomfiles[0])];
+	int fd,i;
 #endif
 #ifdef DEVRANDOM_EGD
 	static const char *egdsockets[] = { DEVRANDOM_EGD, NULL };
@@ -161,26 +162,42 @@ int RAND_poll(void)
 #endif
 
 #ifdef DEVRANDOM
+	memset(randomstats,0,sizeof(randomstats));
 	/* Use a random entropy pool device. Linux, FreeBSD and OpenBSD
 	 * have this. Use /dev/urandom if you can as /dev/random may block
 	 * if it runs out of random entries.  */
 
-	for (randomfile = randomfiles; *randomfile && n < ENTROPY_NEEDED; randomfile++)
+	for (i=0; i<sizeof(randomfiles)/sizeof(randomfiles[0]) && n < ENTROPY_NEEDED; i++)
 		{
-		if ((fd = open(*randomfile, O_RDONLY|O_NONBLOCK
+		if ((fd = open(randomfiles[i], O_RDONLY
+#ifdef O_NONBLOCK
+			|O_NONBLOCK
+#endif
+#ifdef O_BINARY
+			|O_BINARY
+#endif
 #ifdef O_NOCTTY /* If it happens to be a TTY (god forbid), do not make it
 		   our controlling tty */
 			|O_NOCTTY
-#endif
-#ifdef O_NOFOLLOW /* Fail if the file is a symbolic link */
-			|O_NOFOLLOW
 #endif
 			)) >= 0)
 			{
 			struct timeval t = { 0, 10*1000 }; /* Spend 10ms on
 							      each file. */
-			int r;
+			int r,j;
 			fd_set fset;
+			struct stat *st=&randomstats[i];
+
+			/* Avoid using same input... Used to be O_NOFOLLOW
+			 * above, but it's not universally appropriate... */
+			if (fstat(fd,st) != 0)	{ close(fd); continue; }
+			for (j=0;j<i;j++)
+				{
+				if (randomstats[j].st_ino==st->st_ino &&
+				    randomstats[j].st_dev==st->st_dev)
+					break;
+				}
+			if (j<i)		{ close(fd); continue; }
 
 			do
 				{

crypto/rand/rand_vms.c

@@ -101,11 +101,12 @@ int RAND_poll(void)
 	pitem = item;
 
 	/* Setup */
-	while (pitems_data->length)
+	while (pitems_data->length
+		&& (total_length + pitems_data->length <= 256))
 		{
 		pitem->length = pitems_data->length;
 		pitem->code = pitems_data->code;
-		pitem->buffer = (long *)data_buffer[total_length];
+		pitem->buffer = (long *)&data_buffer[total_length];
 		pitem->retlen = 0;
 		total_length += pitems_data->length;
 		pitems_data++;

crypto/rand/rand_win.c

@@ -113,7 +113,7 @@
 #include <openssl/rand.h>
 #include "rand_lcl.h"
 
-#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32)
+#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN32_CYGWIN)
 #include <windows.h>
 #ifndef _WIN32_WINNT
 # define _WIN32_WINNT 0x0400
@@ -680,7 +680,7 @@ static void readtimer(void)
 
 static void readscreen(void)
 {
-#ifndef OPENSSL_SYS_WINCE
+#if !defined(OPENSSL_SYS_WINCE) && !defined(OPENSSL_SYS_WIN32_CYGWIN)
   HDC		hScrDC;		/* screen DC */
   HDC		hMemDC;		/* memory DC */
   HBITMAP	hBitmap;	/* handle for our bitmap */

crypto/rc2/Makefile

@@ -81,8 +81,11 @@ rc2_cbc.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
 rc2_cbc.o: rc2_cbc.c rc2_locl.h
 rc2_ecb.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
 rc2_ecb.o: ../../include/openssl/rc2.h rc2_ecb.c rc2_locl.h
-rc2_skey.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
-rc2_skey.o: rc2_locl.h rc2_skey.c
+rc2_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rc2_skey.o: ../../include/openssl/opensslconf.h
+rc2_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/rc2.h
+rc2_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rc2_skey.o: ../../include/openssl/symhacks.h rc2_locl.h rc2_skey.c
 rc2cfb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h
 rc2cfb64.o: rc2_locl.h rc2cfb64.c
 rc2ofb64.o: ../../include/openssl/opensslconf.h ../../include/openssl/rc2.h

crypto/rc2/rc2.h

@@ -79,7 +79,10 @@ typedef struct rc2_key_st
 	RC2_INT data[64];
 	} RC2_KEY;
 
- 
+#ifdef OPENSSL_FIPS 
+void private_RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,
+								int bits);
+#endif
 void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,int bits);
 void RC2_ecb_encrypt(const unsigned char *in,unsigned char *out,RC2_KEY *key,
 		     int enc);

crypto/rc2/rc2_skey.c

@@ -57,6 +57,7 @@
  */
 
 #include <openssl/rc2.h>
+#include <openssl/crypto.h>
 #include "rc2_locl.h"
 
 static unsigned char key_table[256]={
@@ -90,7 +91,19 @@ static unsigned char key_table[256]={
  * BSAFE uses the 'retarded' version.  What I previously shipped is
  * the same as specifying 1024 for the 'bits' parameter.  Bsafe uses
  * a version where the bits parameter is the same as len*8 */
+
+#ifdef OPENSSL_FIPS
 void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits)
+	{
+	if (FIPS_mode())
+		FIPS_BAD_ABORT(RC2)
+	private_RC2_set_key(key, len, data, bits);
+	}
+void private_RC2_set_key(RC2_KEY *key, int len, const unsigned char *data,
+								int bits)
+#else
+void RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits)
+#endif
 	{
 	int i,j;
 	unsigned char *k;

crypto/rc4/rc4.h

@@ -81,6 +81,9 @@ typedef struct rc4_key_st
 
  
 const char *RC4_options(void);
+#ifdef OPENSSL_FIPS
+void private_RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
+#endif
 void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data);
 void RC4(RC4_KEY *key, unsigned long len, const unsigned char *indata,
 		unsigned char *outdata);

crypto/rc4/rc4_skey.c

@@ -57,6 +57,7 @@
  */
 
 #include <openssl/rc4.h>
+#include <openssl/crypto.h>
 #include "rc4_locl.h"
 #include <openssl/opensslv.h>
 
@@ -85,7 +86,7 @@ const char *RC4_options(void)
  * Date: Wed, 14 Sep 1994 06:35:31 GMT
  */
 
-void RC4_set_key(RC4_KEY *key, int len, const unsigned char *data)
+FIPS_NON_FIPS_VCIPHER_Init(RC4)
 	{
         register RC4_INT tmp;
         register int id1,id2;

crypto/rc5/Makefile

@@ -101,6 +101,10 @@ clean:
 rc5_ecb.o: ../../include/openssl/opensslv.h ../../include/openssl/rc5.h
 rc5_ecb.o: rc5_ecb.c rc5_locl.h
 rc5_enc.o: ../../include/openssl/rc5.h rc5_enc.c rc5_locl.h
-rc5_skey.o: ../../include/openssl/rc5.h rc5_locl.h rc5_skey.c
+rc5_skey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
+rc5_skey.o: ../../include/openssl/opensslconf.h
+rc5_skey.o: ../../include/openssl/opensslv.h ../../include/openssl/rc5.h
+rc5_skey.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rc5_skey.o: ../../include/openssl/symhacks.h rc5_locl.h rc5_skey.c
 rc5cfb64.o: ../../include/openssl/rc5.h rc5_locl.h rc5cfb64.c
 rc5ofb64.o: ../../include/openssl/rc5.h rc5_locl.h rc5ofb64.c

crypto/rc5/rc5.h

@@ -92,7 +92,10 @@ typedef struct rc5_key_st
 	RC5_32_INT data[2*(RC5_16_ROUNDS+1)];
 	} RC5_32_KEY;
 
- 
+#ifdef OPENSSL_FIPS 
+void private_RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data,
+	int rounds);
+#endif
 void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data,
 	int rounds);
 void RC5_32_ecb_encrypt(const unsigned char *in,unsigned char *out,RC5_32_KEY *key,

crypto/rc5/rc5_skey.c

@@ -56,12 +56,26 @@
  * [including the GNU Public Licence.]
  */
 
+#include <openssl/crypto.h>
 #include <openssl/rc5.h>
 #include "rc5_locl.h"
 
+
+#ifdef OPENSSL_FIPS
 void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data,
 		    int rounds)
 	{
+	if (FIPS_mode())
+		FIPS_BAD_ABORT(RC5)
+	private_RC5_32_set_key(key, len, data, rounds);
+	}
+void private_RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data,
+		    int rounds)
+#else
+void RC5_32_set_key(RC5_32_KEY *key, int len, const unsigned char *data,
+		    int rounds)
+#endif
+	{
 	RC5_32_INT L[64],l,ll,A,B,*S,k;
 	int i,j,m,c,t,ii,jj;
 

crypto/ripemd/ripemd.h

@@ -90,6 +90,9 @@ typedef struct RIPEMD160state_st
 	int num;
 	} RIPEMD160_CTX;
 
+#ifdef OPENSSL_FIPS
+int private_RIPEMD160_Init(RIPEMD160_CTX *c);
+#endif
 int RIPEMD160_Init(RIPEMD160_CTX *c);
 int RIPEMD160_Update(RIPEMD160_CTX *c, const void *data, unsigned long len);
 int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c);

crypto/ripemd/rmd_dgst.c

@@ -58,6 +58,7 @@
 
 #include <stdio.h>
 #include "rmd_locl.h"
+#include <openssl/fips.h>
 #include <openssl/opensslv.h>
 
 const char *RMD160_version="RIPE-MD160" OPENSSL_VERSION_PTEXT;
@@ -69,7 +70,7 @@ const char *RMD160_version="RIPE-MD160" OPENSSL_VERSION_PTEXT;
      void ripemd160_block(RIPEMD160_CTX *c, unsigned long *p,int num);
 #  endif
 
-int RIPEMD160_Init(RIPEMD160_CTX *c)
+FIPS_NON_FIPS_MD_Init(RIPEMD160)
 	{
 	c->A=RIPEMD160_A;
 	c->B=RIPEMD160_B;

crypto/sha/Makefile

@@ -104,8 +104,14 @@ sha1_one.o: ../../include/openssl/opensslconf.h
 sha1_one.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
 sha1_one.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
 sha1_one.o: ../../include/openssl/symhacks.h sha1_one.c
+sha1dgst.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
+sha1dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+sha1dgst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h
 sha1dgst.o: ../../include/openssl/opensslconf.h
-sha1dgst.o: ../../include/openssl/opensslv.h sha1dgst.c
+sha1dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+sha1dgst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+sha1dgst.o: ../../include/openssl/symhacks.h ../md32_common.h sha1dgst.c
+sha1dgst.o: sha_locl.h
 sha_dgst.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h
 sha_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
 sha_dgst.o: ../../include/openssl/fips.h ../../include/openssl/lhash.h

crypto/sha/sha.h

@@ -105,6 +105,9 @@ typedef struct SHAstate_st
 	} SHA_CTX;
 
 #ifndef OPENSSL_NO_SHA0
+#ifdef OPENSSL_FIPS
+int private_SHA_Init(SHA_CTX *c);
+#endif
 int SHA_Init(SHA_CTX *c);
 int SHA_Update(SHA_CTX *c, const void *data, unsigned long len);
 int SHA_Final(unsigned char *md, SHA_CTX *c);

crypto/sha/sha_locl.h

@@ -143,7 +143,11 @@
 #define INIT_DATA_h3 0x10325476UL
 #define INIT_DATA_h4 0xc3d2e1f0UL
 
+#if defined(SHA_0) && defined(OPENSSL_FIPS)
+FIPS_NON_FIPS_MD_Init(SHA)
+#else
 int HASH_INIT (SHA_CTX *c)
+#endif
 	{
 	c->h0=INIT_DATA_h0;
 	c->h1=INIT_DATA_h1;

crypto/sha/shatest.c

@@ -62,10 +62,10 @@
 
 #include "../e_os.h"
 
-#ifdef OPENSSL_NO_SHA
+#if defined(OPENSSL_NO_SHA) || defined(OPENSSL_NO_SHA0)
 int main(int argc, char *argv[])
 {
-    printf("No SHA support\n");
+    printf("No SHA0 support\n");
     return(0);
 }
 #else

crypto/x509/x509_cmp.c

@@ -322,10 +322,16 @@ unsigned long X509_NAME_hash(X509_NAME *x)
 	{
 	unsigned long ret=0;
 	unsigned char md[16];
+	EVP_MD_CTX md_ctx;
 
 	/* Make sure X509_NAME structure contains valid cached encoding */
 	i2d_X509_NAME(x,NULL);
-	EVP_Digest(x->bytes->data, x->bytes->length, md, NULL, EVP_md5(), NULL);
+	EVP_MD_CTX_init(&md_ctx);
+	EVP_MD_CTX_set_flags(&md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+	EVP_DigestInit_ex(&md_ctx, EVP_md5(), NULL);
+	EVP_DigestUpdate(&md_ctx, x->bytes->data, x->bytes->length);
+	EVP_DigestFinal_ex(&md_ctx,md,NULL);
+	EVP_MD_CTX_cleanup(&md_ctx);
 
 	ret=(	((unsigned long)md[0]     )|((unsigned long)md[1]<<8L)|
 		((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)

crypto/x509/x509_vfy.c

@@ -365,7 +365,7 @@ static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
 	else
 		return 0;
 }
-	
+
 
 /* Check a certificate chains extensions for consistency
  * with the supplied purpose