Age | Commit message (Collapse) | Author | |
---|---|---|---|
2011-04-23 | Always return multiple of block length bytes from default DRBG seed | Dr. Stephen Henson | |
callback. Handle case where no multiple of the block size is in the interval [min_len, max_len]. | |||
2011-04-21 | Add continuous RNG test to entropy source. Entropy callbacks now need | Dr. Stephen Henson | |
to specify a "block length". | |||
2011-04-06 | Update OpenSSL DRBG support code. Use date time vector as additional data. | Dr. Stephen Henson | |
Set FIPS RAND_METHOD at same time as OpenSSL RAND_METHOD. | |||
2011-04-05 | Extensive reorganisation of PRNG handling in FIPS module: all calls | Dr. Stephen Henson | |
now use an internal RAND_METHOD. All dependencies to OpenSSL standard PRNG are now removed: it is the applications resposibility to setup the FIPS PRNG and initalise it. Initial OpenSSL RAND_init_fips() function that will setup the DRBG for the "FIPS capable OpenSSL". | |||
2011-03-24 | make update | Richard Levitte | |
2011-03-19 | After some adjustments, apply the changes OpenSSL 1.0.0d on OpenVMS | Richard Levitte | |
submitted by Steven M. Schweda <sms@antinode.info> | |||
2011-03-12 | Add SRP support. | Ben Laurie | |
2011-02-21 | Update dependencies. | Dr. Stephen Henson | |
2011-02-16 | Include openssl/crypto.h first in several other files so FIPS renaming | Dr. Stephen Henson | |
is picked up. | |||
2011-02-16 | Experimental symbol renaming to avoid clashes with regular OpenSSL. | Dr. Stephen Henson | |
Make sure crypto.h is included first in any affected files. | |||
2011-02-03 | Add FIPS support to the WIN32 build system. | Dr. Stephen Henson | |
2011-01-27 | Update source files to handle new FIPS_lock() location. Add FIPS_lock() | Dr. Stephen Henson | |
definition. Remove stale function references from fips.h | |||
2011-01-27 | Change OPENSSL_FIPSEVP to OPENSSL_FIPSAPI as it doesn't just refer | Dr. Stephen Henson | |
to EVP any more. Move locking #define into fips.h. Set FIPS locking callbacks at same time as OpenSSL locking callbacks. | |||
2011-01-26 | Change AR to ARX to allow exclusion of fips object modules | Dr. Stephen Henson | |
2011-01-26 | add new RAND errors | Dr. Stephen Henson | |
2011-01-26 | FIPS mode changes to make RNG compile (this will need updating later as we | Dr. Stephen Henson | |
need a whole new PRNG for FIPS). 1. avoid use of ERR_peek(). 2. If compiling with FIPS use small FIPS EVP and disable ENGINE | |||
2010-11-18 | PR: 2372 | Dr. Stephen Henson | |
Submitted by: "W.C.A. Wijngaards" <wouter@nlnetlabs.nl> Reviewed by: steve Fix OpenBSD compilation failure. | |||
2010-07-08 | rand_nw.c: compensate for gcc bug (using %edx instead of %eax at -O3). | Andy Polyakov | |
PR: 2296 | |||
2010-06-16 | clarify comment | Dr. Stephen Henson | |
2010-06-12 | Fix warnings. | Ben Laurie | |
2010-03-22 | rand_win.c: fix logical bug in readscreen. | Andy Polyakov | |
2010-02-17 | PR: 2100 | Dr. Stephen Henson | |
Submitted by: James Baker <jbaker@tableausoftware.com> et al. Workaround for slow Heap32Next on some versions of Windows. | |||
2010-01-26 | PR: 2138 | Dr. Stephen Henson | |
Submitted by: Kevin Regan <k.regan@f5.com> Clear stat structure if -DPURIFY is set to avoid problems on some platforms which include unitialised fields. | |||
2010-01-19 | rand_win.c: fix time limit logic. | Andy Polyakov | |
2010-01-19 | rand_win.c: handle GetTickCount wrap-around. | Andy Polyakov | |
2009-09-23 | Audit libcrypto for unchecked return values: fix all cases enountered | Dr. Stephen Henson | |
2009-09-20 | Don't use __try+__except unless on VC++ | Dr. Stephen Henson | |
2009-07-24 | Update from 0.9.8-stable. | Dr. Stephen Henson | |
2009-06-13 | PR: 1952 | Dr. Stephen Henson | |
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve@openssl.org ECDH negotiation bug. | |||
2009-04-23 | Merge from 1.0.0-stable branch. | Dr. Stephen Henson | |
2009-04-07 | Changes from 1.0.0-stable. | Dr. Stephen Henson | |
2009-02-15 | Use new common flags and fix resulting warnings. | Ben Laurie | |
2009-01-03 | VMS stuff I forgot... | Richard Levitte | |
2008-12-22 | This _WIN32-specific patch makes it possible to "wrap" OpenSSL in another | Andy Polyakov | |
.DLL, in particular static build. The issue has been discussed in RT#1230 and later on openssl-dev, and mutually exclusive approaches were suggested. This completes compromise solution suggested in RT#1230. PR: 1230 | |||
2008-11-12 | Revert commit #17603, it should have been part of #17617. | Andy Polyakov | |
2008-11-12 | Revert the size_t modifications from HEAD that had led to more | Geoff Thorpe | |
knock-on work than expected - they've been extracted into a patch series that can be completed elsewhere, or in a different branch, before merging back to HEAD. | |||
2008-11-05 | PR: 1777 | Dr. Stephen Henson | |
Submitted by: "Alon Bar-Lev" <alon.barlev@gmail.com> Approved by: steve@openssl.org Fix some size_t issues. | |||
2008-11-04 | Only one of these needs to be signed. | Ben Laurie | |
2008-11-02 | Not sure about this one... seems to be needed to make 64 bit release | Dr. Stephen Henson | |
builds work properly... | |||
2008-11-01 | More size_tification. | Ben Laurie | |
2008-10-28 | randfile.c: .rnd can become orphaned on VMS. | Andy Polyakov | |
Submitted by: David North | |||
2008-08-06 | Remove the dual-callback scheme for numeric and pointer thread IDs, | Geoff Thorpe | |
deprecate the original (numeric-only) scheme, and replace with the CRYPTO_THREADID object. This hides the platform-specifics and should reduce the possibility for programming errors (where failing to explicitly check both thread ID forms could create subtle, platform-specific bugs). Thanks to Bodo, for invaluable review and feedback. | |||
2008-07-03 | Revert my earlier CRYPTO_THREADID commit, I will commit a reworked | Geoff Thorpe | |
version some time soon. | |||
2008-06-04 | More type-checking. | Ben Laurie | |
2008-05-20 | Correctly adjust location of comment | Lutz Jänicke | |
Submitted by: Ben Laurie <ben@links.org> | |||
2008-05-16 | Another occurance of possible valgrind/purify "uninitialized memory" | Lutz Jänicke | |
complaint related to the PRNG: with PURIFY policy don't feed uninitialized memory into the PRNG. Submitted by: Bodo Moeller <bmoeller@openssl.org> :-) | |||
2008-03-28 | There was a need to support thread ID types that couldn't be reliably cast | Geoff Thorpe | |
to 'unsigned long' (ie. odd platforms/compilers), so a pointer-typed version was added but it required portable code to check *both* modes to determine equality. This commit maintains the availability of both thread ID types, but deprecates the type-specific accessor APIs that invoke the callbacks - instead a single type-independent API is used. This simplifies software that calls into this interface, and should also make it less error-prone - as forgetting to call and compare *both* thread ID accessors could have led to hard-to-debug/infrequent bugs (that might only affect certain platforms or thread implementations). As the CHANGES note says, there were corresponding deprecations and replacements in the thread-related functions for BN_BLINDING and ERR too. | |||
2008-01-03 | Netware support. | Dr. Stephen Henson | |
Submitted by: Guenter Knauf <eflash@gmx.net> | |||
2007-09-24 | Port from 0.9.8-stable | Lutz Jänicke | |
2007-03-02 | Initialize "buf" to 0 to make valgrind happy :-) | Lutz Jänicke | |
Note: the RAND_bytes() manual page says: RAND_bytes() puts num cryptographically strong pseudo-random bytes into buf. It does not talk about using the previous contents of buf so we are working as documented. |