| Age | Commit message (Collapse) | Author |
|---|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Conflicts:
crypto/dsa/dsa.h
demos/engines/ibmca/hw_ibmca.c
ssl/ssl_locl.h
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Conflicts:
crypto/hmac/hmac.h
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Sometimes it fails to format them very well, and sometimes it corrupts them!
This commit moves some particularly problematic ones.
Conflicts:
crypto/bn/bn.h
crypto/ec/ec_lcl.h
crypto/rsa/rsa.h
demos/engines/ibmca/hw_ibmca.c
ssl/ssl.h
ssl/ssl3.h
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
indent will not alter them when reformatting comments
(cherry picked from commit 1d97c8435171a7af575f73c526d79e1ef0ee5960)
Conflicts:
crypto/bn/bn_lcl.h
crypto/bn/bn_prime.c
crypto/engine/eng_all.c
crypto/rc4/rc4_utl.c
crypto/sha/sha.h
ssl/kssl.c
ssl/t1_lib.c
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
This facilitates "universal" builds, ones that target multiple
architectures, e.g. ARMv5 through ARMv7. See commentary in
Configure for details.
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit c1669e1c205dc8e695fb0c10a655f434e758b9f7)
|
|
Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit 03af843039af758fc9bbb4ae6c09ec2bc715f2c5)
|
|
Causes more problems than it fixes: even though error codes
are not part of the stable API, several users rely on the
specific error code, and the change breaks them. Conversely,
we don't have any concrete use-cases for constant-time behaviour here.
This reverts commit 738911cde68b2b3706e502cf8daf5b14738f2f42.
Reviewed-by: Andy Polyakov <appro@openssl.org>
|
|
Reviewed-by: Andy Polyakov <appro@openssl.org>
|
|
The different -I compiler parameters will take care of the rest...
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Do the final padding check in EVP_DecryptFinal_ex in constant time to
avoid a timing leak from padding failure.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 4aac102f75b517bdb56b1bcfd0a856052d559f6e)
Conflicts:
crypto/evp/evp_enc.c
|
|
Reviewed-by: Andy Polyakov <appro@openssl.org>
(cherry picked from commit da92be4d68bec81030838e3228ef0238c565af85)
|
|
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
(cherry picked from commit 2893a302a9b6a70161d1859d985a52af11b2195d)
|
|
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 58f4698f67c33b723a9e99bed1101161a59eea73)
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit d12eef15016e49fc09d6c96653c61624e032d1a3)
|
|
Internal pointers in CCM, GCM and XTS contexts should either be
NULL or set to point to the appropriate key schedule. This needs
to be adjusted when copying contexts.
(cherry picked from commit c2fd5d79ffc4fc9d120a0faad579ce96473e6a2f)
|
|
|
|
Add patch originally accidentally omitted to allow CMAC to work with
EVP_PKEY APIs.
|
|
PR#3272
(cherry picked from commit 370bf1d708e6d7af42e1752fb078d0822c9bc73d)
|
|
In EVP_PBE_alg_add don't use the underlying NID for the cipher
as it may have a non-standard key size.
PR#3206
(cherry picked from commit efb7caef637a1de8468ca109efd355a9d0e73a45)
|
|
(cherry picked from commit 50cc4f7b3d64621b6062ad1f16a7630b7c730d9b)
|
|
(cherry picked from commit 1f61d8b5b1bda282015236fe9860d2f6de127356)
|
|
(cherry picked from commit ce00c64df9eb78402950e179b54e7745210b04f2)
|
|
|
|
This patch resolves RT ticket #2608.
Thanks to Robert Dugal for originally spotting this, and to David
Ramos for noticing that the ball had been dropped.
Signed-off-by: Geoff Thorpe <geoff@openssl.org>
|
|
PR#3289
PR#3345
(cherry picked from commit 3ba1e406c2309adb427ced9815ebf05f5b58d155)
|
|
A short PEM encoded sequence if passed to the BIO, and the file
had 2 \n following would fail.
PR#3289
(cherry picked from commit 10378fb5f4c67270b800e8f7c600cd0548874811)
|
|
|
|
|
|
Add a few special case digests not returned by FIPS_get_digestbynid().
Thanks to Roumen Petrov <openssl@roumenpetrov.info> for reporting this
issue.
|
|
Don't set the fips flags in cipher and digests as the implementations
aren't suitable for FIPS mode and will be redirected to the FIPS module
versions anyway.
Return EVP_CIPH_FLAG_FIPS or EVP_MD_FLAG_FIPS if a FIPS implementation
exists when calling EVP_CIPHER_flags and EVP_MD_flags repectively.
Remove unused FIPS code from e_aes.c: the 1.0.2 branch will never be
used to build a FIPS module.
|
|
The file evp_fips.c isn't used in OpenSSL 1.0.2 as FIPS and non-FIPS
implementations of algorithms can coexist.
|
|
|
|
(cherry picked from commit 701134320a94908d8c0ac513741cab41e215a7b5)
|
|
(cherry picked from commit 9587429fa07a34066107e926fbc8708220f058fa)
|
|
|
|
|
|
|
|
Add Vector Permutation AES and little-endian support.
|
|
(cherry picked from commit a6c62f0c25a756c263a80ce52afbae888028e986)
|
|
It worked because it was never called.
(cherry picked from commit e9c80e04c1a3b5a0de8e666155ab4ecb2697a77d)
|
|
|
|
|
|
|
|
PR: 3165
(cherry picked from commit d1cf23ac86c05b22b8780e2c03b67230564d2d34)
|
|
(cherry picked from commit 16bc45ba956fdf07c7cda7feda88de597569df63)
|
|
|
|
<christian@python.org>.
|
|
Submitted by: Yuriy Kaminskiy
(cherry picked from commit 524b00c0da42b129ed8622dfb3f5eab9cc5d6617)
|
