- Jun 06, 2011
-
-
Dr. Stephen Henson authored
Also use FIPS EC methods unconditionally for now: might want to use them only in FIPS mode or with a switch later.
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
Move compression, point2oct and oct2point functions into separate files. Add a flags field to EC_METHOD. Add a flag EC_FLAGS_DEFAULT_OCT to use the default compession and oct functions (all existing methods do this). This removes dependencies from EC_METHOD while keeping original functionality. Backport from HEAD with minor changes.
-
Dr. Stephen Henson authored
New option to disable characteristic two fields in EC code. Make no-ec2m work on Win32 build.
-
Dr. Stephen Henson authored
-
- Jun 05, 2011
-
-
Dr. Stephen Henson authored
use of assembly language routines: rename the assembly language function to the private_* variant unconditionally and perform tests from a small C wrapper.
-
- Jun 03, 2011
-
-
Dr. Stephen Henson authored
of assuming they will always suceed.
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
New function X509_ALGOR_set_md() to set X509_ALGOR (DigestAlgorithmIdentifier) from a digest algorithm (backport from HEAD).
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- Jun 02, 2011
-
-
Dr. Stephen Henson authored
Digest sign, verify operations are not redirected at this stage.
-
Dr. Stephen Henson authored
This is needed to handle FIPS redirection fully.
-
- Jun 01, 2011
-
-
Dr. Stephen Henson authored
Not complete: ciphers with assembly language key setup are not covered yet.
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- May 31, 2011
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
digest in use: this caused the PRF to fail for an odd premaster secret length.
-
- May 30, 2011
-
-
Dr. Stephen Henson authored
-
- May 29, 2011
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
Call OPENSSL_init() in a few more places to make sure it is always called at least once. Initial cipher API redirection (incomplete).
-
Dr. Stephen Henson authored
-
- May 28, 2011
-
-
Dr. Stephen Henson authored
Use FIPS API when initialising digests. Sync header file evp.h and error codes with HEAD for necessary FIPS definitions.
-
- May 26, 2011
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
to libcrypto.a so linking to libcrypto.a works.
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
Add static build support to openssl utility. Add new "fips" option to Configure. Make use of installed fipsld and fips_standalone_sha1 Initialise FIPS error callbacks, locking and DRBG. Doesn't do anything much yet: no crypto is redirected to the FIPS module. Doesn't completely build either but the openssl utility can enter FIPS mode: which doesn't do anything much either.
-
- May 25, 2011
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve Setting SSL_MODE_RELEASE_BUFFERS should be ignored for DTLS, but instead causes the program to crash. This is due to missing version checks and is fixed with this patch.
-
Dr. Stephen Henson authored
Submitted by: Marcus Meissner <meissner@suse.de> Reviewed by: steve Call ssl_new() to reallocate SSL BIO internals if we want to replace the existing internal SSL structure.
-
Dr. Stephen Henson authored
Submitted by: Marcus Meissner <meissner@suse.de> Reviewed by: steve Set cnf to NULL to avoid possible double free.
-
Dr. Stephen Henson authored
http://eprint.iacr.org/2011/232.pdf Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for bringing this to our attention.
-
Dr. Stephen Henson authored
http://eprint.iacr.org/2011/232.pdf Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for bringing this to our attention.
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve Fix BIO_accept so it can be bound to IPv4 or IPv6 sockets consistently.
-