- Jun 21, 2016
-
-
Andy Polyakov authored
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
-
- May 20, 2015
-
-
Andy Polyakov authored
While ARMv7 in general is capable of unaligned access, not all instructions actually are. And trouble is that compiler doesn't seem to differentiate those capable and incapable of unaligned access. Side effect is that kernel goes into endless loop retrying same instruction triggering unaligned trap. Problem was observed in xts128.c and ccm128.c modules. It's possible to resolve it by using (volatile u32*) casts, but letting STRICT_ALIGNMENT be feels more appropriate. (cherry picked from commit 3bdd8052 ) Reviewed-by: Dr. Stephen Henson <steve@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org>
-
- May 13, 2015
-
-
Andy Polyakov authored
As for complementary fips.c modification. Goal is to ensure that FIPS_signature does not end up in .bss segment, one guaranteed to be zeroed upon program start-up. One would expect explicitly initialized values to end up in .data segment, but it turned out that values explicitly initialized with zeros can end up in .bss. The modification does not affect program flow, because first byte was the only one of significance [to FINGERPRINT_premain]. Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit 34f39b06)
-
Andy Polyakov authored
Special note about additional -pie flag in android-armv7. The initial reason for adding it is that Android 5 refuses to execute non-PIE binaries. But what about older systems and previously validated platforms? It should be noted that flag is not used when compiling object code, fipscanister.o in this context, only when linking applications, *supplementary* fips_algvs used during validation procedure. Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit 6db8e3bd) Resolved conflicts: test/fips_algvs.c
-
Andy Polyakov authored
Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit 50e2a0ea)
-
Andy Polyakov authored
Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit 97fbb0c8) Resolved conflicts: Configure config
-
Andy Polyakov authored
Normally it would be generated from a perlasm module, but doing so would affect existing armv4cpuid.S, which in turn would formally void previously validated platforms. Hense separate module is generated. Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit 5837e90f)
-
Andy Polyakov authored
This is achieved by filtering perlasm output through arm-xlate.pl. But note that it's done only if "flavour" argument is not 'void'. As 'void' is default value for other ARM targets, permasm output is not actually filtered on previously validated platforms. Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit 874faf2f)
-
Andy Polyakov authored
Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit c6d10905) Resolved Conflicts: Configure
-
Andy Polyakov authored
Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit 083ed53d)
-
Andy Polyakov authored
Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit b84813ec)
-
- Oct 23, 2014
-
-
Andy Polyakov authored
Reviewed-by: Steve Marquess <marquess@openssl.org> (cherry picked from commit b06f7d9a)
-
Andy Polyakov authored
Reviewed-by: Steve Marquess <marquess@openssl.org>
-
- Sep 08, 2014
-
-
Rich Salz authored
In the current code, the check isn't redundant. And in fact the REAL check was missing. This avoids a NULL-deref crash. Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
-
- Jul 11, 2014
-
-
Dr. Stephen Henson authored
Internal pointers in CCM, GCM and XTS contexts should either be NULL or set to point to the appropriate key schedule. This needs to be adjusted when copying contexts. Combination of 2 commits: 370bf1d7 c2fd5d79
-
- Jul 05, 2014
-
-
Dr. Stephen Henson authored
PR#2339
-
Alan Hryngle authored
PR#3418. (cherry picked from commit d4909f9a8dbbda9c5d140476b34a8f80b02b51f3)
-
- Apr 02, 2014
-
-
Andy Polyakov authored
-
- Jan 23, 2013
-
-
Dr. Stephen Henson authored
all operations. Add ecdsa test. Test crypto operations are inhibited on test failures. Test on demand POST.
-
- Jan 16, 2013
-
-
Dr. Stephen Henson authored
-
- Jan 10, 2013
-
-
Dr. Stephen Henson authored
-
- Dec 28, 2012
-
-
Dr. Stephen Henson authored
failure. Make fips_test_suite induced failure work on every possible subtest instead of just categories of subtest.
-
- Dec 16, 2012
-
-
Andy Polyakov authored
Submitted by: Pierre Delaage
-
- Oct 29, 2012
-
-
Andy Polyakov authored
-
- Oct 19, 2012
-
-
Dr. Stephen Henson authored
-
- Oct 16, 2012
-
-
Dr. Stephen Henson authored
(backport from HEAD)
-
Dr. Stephen Henson authored
-
- Oct 15, 2012
-
-
Dr. Stephen Henson authored
PR: 2874 Submitted by: Tomas Mraz (backport from HEAD)
-
- Oct 14, 2012
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
(backport from HEAD)
-
Dr. Stephen Henson authored
PR: 2859 Submitted by: John Foley (backport from HEAD)
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- Oct 04, 2012
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-