2
0

ChangeLog.0_9_7-stable_not-in-head_FIPS 52 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494
  1. See file ChangeLog.0_9_7-stable_not-in-head for explanations.
  2. This is the "FIPS"-related part.
  3. 2003-07-27 19:00 ben
  4. Changed:
  5. Configure (1.314.2.85), "Exp", lines: +2 -0
  6. Makefile.org (1.154.2.67), "Exp", lines: +12 -3
  7. crypto/cryptlib.c (1.32.2.9), "Exp", lines: +5 -0
  8. crypto/md32_common.h (1.22.2.4), "Exp", lines: +11 -0
  9. crypto/aes/Makefile.ssl (1.4.2.6), "Exp", lines: +2 -1
  10. crypto/aes/aes_core.c (1.1.2.4), "Exp", lines: +4 -0
  11. crypto/des/des.h (1.40.2.4), "Exp", lines: +1 -1
  12. crypto/des/des_old.c (1.11.2.4), "Exp", lines: +1 -1
  13. crypto/des/destest.c (1.30.2.6), "Exp", lines: +2 -2
  14. crypto/des/ecb3_enc.c (1.8.2.1), "Exp", lines: +1 -3
  15. crypto/dsa/Makefile.ssl (1.49.2.5), "Exp", lines: +7 -4
  16. crypto/dsa/dsa_ossl.c (1.12.2.4), "Exp", lines: +2 -0
  17. crypto/dsa/dsa_sign.c (1.10.2.3), "Exp", lines: +12 -0
  18. crypto/dsa/dsa_vrf.c (1.10.2.3), "Exp", lines: +8 -0
  19. crypto/engine/engine.h (1.36.2.6), "Exp", lines: +4 -0
  20. crypto/err/err.h (1.35.2.3), "Exp", lines: +2 -0
  21. crypto/err/err_all.c (1.17.2.2), "Exp", lines: +4 -0
  22. crypto/err/openssl.ec (1.11.2.1), "Exp", lines: +1 -0
  23. crypto/evp/Makefile.ssl (1.64.2.8), "Exp", lines: +8 -7
  24. crypto/evp/c_all.c (1.7.8.7), "Exp", lines: +1 -0
  25. crypto/evp/e_aes.c (1.6.2.4), "Exp", lines: +12 -4
  26. crypto/evp/e_des3.c (1.8.2.2), "Exp", lines: +1 -1
  27. crypto/evp/evp.h (1.86.2.10), "Exp", lines: +2 -0
  28. crypto/evp/evp_err.c (1.23.2.1), "Exp", lines: +3 -1
  29. crypto/md4/Makefile.ssl (1.6.2.4), "Exp", lines: +7 -4
  30. crypto/md5/Makefile.ssl (1.33.2.7), "Exp", lines: +7 -4
  31. crypto/rand/Makefile.ssl (1.56.2.4), "Exp", lines: +17 -15
  32. crypto/rand/md_rand.c (1.69.2.2), "Exp", lines: +9 -0
  33. crypto/rand/rand.h (1.26.2.5), "Exp", lines: +2 -0
  34. crypto/rand/rand_err.c (1.6.2.1), "Exp", lines: +3 -1
  35. crypto/rand/rand_lib.c (1.15.2.2), "Exp", lines: +11 -0
  36. crypto/ripemd/Makefile.ssl (1.25.2.5), "Exp", lines: +7 -2
  37. crypto/sha/Makefile.ssl (1.26.2.5), "Exp", lines: +16 -6
  38. fips/.cvsignore (1.1.2.1), "Exp", lines: +1 -0
  39. fips/Makefile.ssl (1.1.2.1), "Exp", lines: +155 -0
  40. fips/fingerprint.sha1 (1.1.2.1), "Exp", lines: +3 -0
  41. fips/fips.c (1.1.2.1), "Exp", lines: +74 -0
  42. fips/fips.h (1.1.2.1), "Exp", lines: +85 -0
  43. fips/fips_check_sha1 (1.1.2.1), "Exp", lines: +7 -0
  44. fips/fips_err.c (1.1.2.1), "Exp", lines: +96 -0
  45. fips/fips_make_sha1 (1.1.2.1), "Exp", lines: +21 -0
  46. fips/lib (1.1.2.1), "Exp", lines: +0 -0
  47. fips/aes/.cvsignore (1.1.2.1), "Exp", lines: +4 -0
  48. fips/aes/Makefile.ssl (1.1.2.1), "Exp", lines: +95 -0
  49. fips/aes/fingerprint.sha1 (1.1.2.1), "Exp", lines: +2 -0
  50. fips/aes/fips_aes_core.c (1.1.2.1), "Exp", lines: +1260 -0
  51. fips/aes/fips_aes_locl.h (1.1.2.1), "Exp", lines: +85 -0
  52. fips/aes/fips_aesavs.c (1.1.2.1), "Exp", lines: +896 -0
  53. fips/dsa/.cvsignore (1.1.2.1), "Exp", lines: +2 -0
  54. fips/dsa/Makefile.ssl (1.1.2.1), "Exp", lines: +95 -0
  55. fips/dsa/fingerprint.sha1 (1.1.2.1), "Exp", lines: +1 -0
  56. fips/dsa/fips_dsa_ossl.c (1.1.2.1), "Exp", lines: +366 -0
  57. fips/dsa/fips_dsatest.c (1.1.2.1), "Exp", lines: +252 -0
  58. fips/rand/.cvsignore (1.1.2.1), "Exp", lines: +2 -0
  59. fips/rand/Makefile.ssl (1.1.2.1), "Exp", lines: +94 -0
  60. fips/rand/fingerprint.sha1 (1.1.2.1), "Exp", lines: +2 -0
  61. fips/rand/fips_rand.c (1.1.2.1), "Exp", lines: +236 -0
  62. fips/rand/fips_rand.h (1.1.2.1), "Exp", lines: +55 -0
  63. fips/rand/fips_randtest.c (1.1.2.1), "Exp", lines: +348 -0
  64. fips/sha1/.cvsignore (1.1.2.1), "Exp", lines: +3 -0
  65. fips/sha1/Makefile.ssl (1.1.2.1), "Exp", lines: +94 -0
  66. fips/sha1/fingerprint.sha1 (1.1.2.1), "Exp", lines: +3 -0
  67. fips/sha1/fips_md32_common.h (1.1.2.1), "Exp", lines: +637 -0
  68. fips/sha1/fips_sha1dgst.c (1.1.2.1), "Exp", lines: +76 -0
  69. fips/sha1/fips_sha1test.c (1.1.2.1), "Exp", lines: +128 -0
  70. fips/sha1/fips_sha_locl.h (1.1.2.1), "Exp", lines: +472 -0
  71. fips/sha1/fips_standalone_sha1.c (1.1.2.1), "Exp", lines: +101 -0
  72. fips/sha1/standalone.sha1 (1.1.2.1), "Exp", lines: +4 -0
  73. test/Makefile.ssl (1.84.2.29), "Exp", lines: +81 -13
  74. util/mkerr.pl (1.18.2.4), "Exp", lines: +2 -1
  75. Unfinished FIPS stuff for review/improvement.
  76. 2003-07-27 19:19 ben
  77. Changed:
  78. fips/fips_check_sha1 (1.1.2.2), "Exp", lines: +1 -1
  79. Use unified diff.
  80. 2003-07-27 19:23 ben
  81. Changed:
  82. fips/Makefile.ssl (1.1.2.2), "Exp", lines: +3 -3
  83. fips/fingerprint.sha1 (1.1.2.2), "Exp", lines: +2 -1
  84. fips/fips_make_sha1 (1.1.2.2), "Exp", lines: +1 -1
  85. Build in non-FIPS mode.
  86. 2003-07-27 23:13 ben
  87. Changed:
  88. Makefile.org (1.154.2.68), "Exp", lines: +1 -1
  89. fips/fips_check_sha1 (1.1.2.3), "Exp", lines: +2 -1
  90. fips/aes/fips_aesavs.c (1.1.2.2), "Exp", lines: +2 -0
  91. fips/dsa/fips_dsa_ossl.c (1.1.2.2), "Exp", lines: +8 -0
  92. fips/dsa/fips_dsatest.c (1.1.2.2), "Exp", lines: +2 -1
  93. fips/sha1/fingerprint.sha1 (1.1.2.2), "Exp", lines: +1 -1
  94. fips/sha1/fips_sha1dgst.c (1.1.2.2), "Exp", lines: +5 -1
  95. fips/sha1/fips_standalone_sha1.c (1.1.2.2), "Exp", lines: +2 -0
  96. fips/sha1/standalone.sha1 (1.1.2.2), "Exp", lines: +1 -1
  97. Build when not FIPS.
  98. 2003-07-28 11:56 ben
  99. Changed:
  100. fips/dsa/fingerprint.sha1 (1.1.2.2), "Exp", lines: +1 -1
  101. fips/sha1/standalone.sha1 (1.1.2.3), "Exp", lines: +1 -1
  102. New fingerprints.
  103. 2003-07-29 16:06 ben
  104. Changed:
  105. fips/aes/fips_aesavs.c (1.1.2.5), "Exp", lines: +295 -303
  106. Reformat.
  107. 2003-07-29 16:34 ben
  108. Changed:
  109. fips/aes/fips_aesavs.c (1.1.2.6), "Exp", lines: +43 -17
  110. MMT for CFB1
  111. 2003-07-29 17:17 ben
  112. Changed:
  113. fips/fips_err_wrapper.c (1.1.2.1), "Exp", lines: +5 -0
  114. fips/sha1/sha1hashes.txt (1.1.2.1), "Exp", lines: +342 -0
  115. fips/sha1/sha1vectors.txt (1.1.2.1), "Exp", lines: +2293 -0
  116. Missing files.
  117. 2003-07-31 23:30 levitte
  118. Changed:
  119. Makefile.org (1.154.2.71), "Exp", lines: +2 -0
  120. If FDIRS is to be treated like SDIRS, let's not forget to
  121. initialize it in Makefile.org.
  122. 2003-07-31 23:41 levitte
  123. Changed:
  124. fips/sha1/fips_sha1test.c (1.1.2.2), "Exp", lines: +3 -3
  125. No C++ comments in C programs!
  126. 2003-08-01 15:07 steve
  127. Changed:
  128. fips/aes/fips_aesavs.c (1.1.2.8), "Exp", lines: +3 -3
  129. Replace C++ style comments.
  130. 2003-08-03 14:22 ben
  131. Changed:
  132. fips/des/fips_desmovs.c (1.1.2.2), "Exp", lines: +55 -37
  133. Make tests work (CFB1 still doesn't produce the right answers,
  134. strangely).
  135. 2003-08-08 12:08 levitte
  136. Changed:
  137. fips/des/fips_des_enc.c (1.1.2.2), "Exp", lines: +9 -0
  138. Avoid clashing with the regular DES functions when not compiling
  139. with -DFIPS. This is basically only visible when building with
  140. shared library supoort...
  141. 2003-08-11 11:36 levitte
  142. Deleted:
  143. fips/sha1/.cvsignore (1.1.2.2)
  144. fips/sha1/Makefile.ssl (1.1.2.3)
  145. fips/sha1/fingerprint.sha1 (1.1.2.3)
  146. fips/sha1/fips_md32_common.h (1.1.2.2)
  147. fips/sha1/fips_sha1dgst.c (1.1.2.3)
  148. fips/sha1/fips_sha1test.c (1.1.2.3)
  149. fips/sha1/fips_sha_locl.h (1.1.2.2)
  150. fips/sha1/fips_standalone_sha1.c (1.1.2.3)
  151. fips/sha1/sha1hashes.txt (1.1.2.2)
  152. fips/sha1/sha1vectors.txt (1.1.2.2)
  153. fips/sha1/standalone.sha1 (1.1.2.4)
  154. fips/dsa/.cvsignore (1.1.2.2)
  155. fips/dsa/Makefile.ssl (1.1.2.2)
  156. fips/dsa/fingerprint.sha1 (1.1.2.3)
  157. fips/dsa/fips_dsa_ossl.c (1.1.2.3)
  158. fips/dsa/fips_dsatest.c (1.1.2.3)
  159. fips/rand/.cvsignore (1.1.2.2)
  160. fips/rand/Makefile.ssl (1.1.2.2)
  161. fips/rand/fingerprint.sha1 (1.1.2.2)
  162. fips/rand/fips_rand.c (1.1.2.2)
  163. fips/rand/fips_rand.h (1.1.2.2)
  164. fips/rand/fips_randtest.c (1.1.2.2)
  165. fips/des/.cvsignore (1.1.2.2)
  166. fips/des/Makefile.ssl (1.1.2.3)
  167. fips/des/fingerprint.sha1 (1.1.2.2)
  168. fips/des/fips_des_enc.c (1.1.2.3)
  169. fips/des/fips_des_locl.h (1.1.2.2)
  170. fips/des/fips_desmovs.c (1.1.2.3)
  171. fips/aes/.cvsignore (1.1.2.2)
  172. fips/aes/Makefile.ssl (1.1.2.5)
  173. fips/aes/fingerprint.sha1 (1.1.2.2)
  174. fips/aes/fips_aes_core.c (1.1.2.2)
  175. fips/aes/fips_aes_locl.h (1.1.2.2)
  176. fips/aes/fips_aesavs.c (1.1.2.9)
  177. fips/.cvsignore (1.1.2.2)
  178. fips/Makefile.ssl (1.1.2.6)
  179. fips/fingerprint.sha1 (1.1.2.3)
  180. fips/fips.c (1.1.2.2)
  181. fips/fips.h (1.1.2.2)
  182. fips/fips_check_sha1 (1.1.2.4)
  183. fips/fips_err.c (1.1.2.2)
  184. fips/fips_err_wrapper.c (1.1.2.2)
  185. fips/fips_make_sha1 (1.1.2.4)
  186. fips/lib (1.1.2.2)
  187. Changed:
  188. util/libeay.num (1.173.2.16), "Exp", lines: +11 -38
  189. util/mkerr.pl (1.18.2.5), "Exp", lines: +1 -2
  190. test/Makefile.ssl (1.84.2.31), "Exp", lines: +54 -180
  191. crypto/ripemd/Makefile.ssl (1.25.2.6), "Exp", lines: +2 -7
  192. crypto/sha/Makefile.ssl (1.26.2.6), "Exp", lines: +6 -16
  193. crypto/rand/Makefile.ssl (1.56.2.5), "Exp", lines: +15 -17
  194. crypto/rand/md_rand.c (1.69.2.3), "Exp", lines: +0 -9
  195. crypto/rand/rand.h (1.26.2.6), "Exp", lines: +0 -2
  196. crypto/rand/rand_err.c (1.6.2.2), "Exp", lines: +1 -3
  197. crypto/rand/rand_lib.c (1.15.2.3), "Exp", lines: +0 -11
  198. crypto/objects/obj_dat.h (1.49.2.18), "Exp", lines: +3 -27
  199. crypto/objects/obj_mac.h (1.19.2.18), "Exp", lines: +0 -32
  200. crypto/objects/obj_mac.num (1.15.2.14), "Exp", lines: +0 -8
  201. crypto/objects/objects.txt (1.20.2.19), "Exp", lines: +0 -11
  202. crypto/md4/Makefile.ssl (1.6.2.5), "Exp", lines: +4 -7
  203. crypto/md5/Makefile.ssl (1.33.2.8), "Exp", lines: +4 -7
  204. crypto/evp/Makefile.ssl (1.64.2.9), "Exp", lines: +7 -8
  205. crypto/evp/c_allc.c (1.8.2.6), "Exp", lines: +0 -4
  206. crypto/evp/e_aes.c (1.6.2.9), "Exp", lines: +4 -22
  207. crypto/evp/e_des.c (1.5.2.5), "Exp", lines: +2 -43
  208. crypto/evp/e_des3.c (1.8.2.4), "Exp", lines: +3 -3
  209. crypto/evp/evp.h (1.86.2.13), "Exp", lines: +11 -36
  210. crypto/evp/evp_err.c (1.23.2.2), "Exp", lines: +1 -3
  211. crypto/evp/evp_lib.c (1.6.8.3), "Exp", lines: +0 -24
  212. crypto/evp/evp_locl.h (1.7.2.5), "Exp", lines: +2 -11
  213. crypto/evp/evp_test.c (1.14.2.12), "Exp", lines: +8 -17
  214. crypto/evp/evptests.txt (1.9.2.6), "Exp", lines: +1 -106
  215. crypto/dsa/Makefile.ssl (1.49.2.7), "Exp", lines: +6 -10
  216. crypto/dsa/dsa_ossl.c (1.12.2.5), "Exp", lines: +0 -2
  217. crypto/dsa/dsa_sign.c (1.10.2.4), "Exp", lines: +0 -12
  218. crypto/dsa/dsa_vrf.c (1.10.2.4), "Exp", lines: +0 -8
  219. crypto/err/Makefile.ssl (1.48.2.5), "Exp", lines: +16 -17
  220. crypto/err/err.h (1.35.2.4), "Exp", lines: +0 -2
  221. crypto/err/err_all.c (1.17.2.3), "Exp", lines: +0 -4
  222. crypto/err/openssl.ec (1.11.2.2), "Exp", lines: +0 -1
  223. crypto/des/des.h (1.40.2.5), "Exp", lines: +1 -1
  224. crypto/des/des_enc.c (1.11.2.3), "Exp", lines: +0 -4
  225. crypto/des/des_old.c (1.11.2.5), "Exp", lines: +1 -1
  226. crypto/des/destest.c (1.30.2.7), "Exp", lines: +2 -2
  227. crypto/des/ecb3_enc.c (1.8.2.2), "Exp", lines: +3 -1
  228. crypto/aes/Makefile.ssl (1.4.2.7), "Exp", lines: +1 -2
  229. crypto/aes/aes.h (1.1.2.8), "Exp", lines: +0 -9
  230. crypto/aes/aes_cfb.c (1.1.2.8), "Exp", lines: +0 -93
  231. crypto/aes/aes_core.c (1.1.2.5), "Exp", lines: +0 -4
  232. crypto/cryptlib.c (1.32.2.10), "Exp", lines: +0 -5
  233. crypto/md32_common.h (1.22.2.5), "Exp", lines: +0 -11
  234. Configure (1.314.2.86), "Exp", lines: +0 -2
  235. Makefile.org (1.154.2.72), "Exp", lines: +8 -34
  236. TABLE (1.99.2.30), "Exp", lines: +0 -50
  237. A new branch for FIPS-related changes has been created with the
  238. name OpenSSL-fips-0_9_7-stable.
  239. Since the 0.9.7-stable branch is supposed to be in freeze
  240. and should only contain bug corrections, this change removes the
  241. FIPS changes from that branch.
  242. 2004-05-11 14:44 ben
  243. Deleted:
  244. apps/Makefile.ssl (1.100.2.27)
  245. crypto/Makefile.ssl (1.84.2.12)
  246. crypto/aes/Makefile.ssl (1.4.2.9)
  247. crypto/asn1/Makefile.ssl (1.77.2.7)
  248. crypto/bf/Makefile.ssl (1.25.2.6)
  249. crypto/bio/Makefile.ssl (1.52.2.4)
  250. crypto/bn/Makefile.ssl (1.65.2.9)
  251. crypto/buffer/Makefile.ssl (1.32.2.4)
  252. crypto/cast/Makefile.ssl (1.31.2.6)
  253. crypto/comp/Makefile.ssl (1.32.2.4)
  254. crypto/conf/Makefile.ssl (1.38.2.8)
  255. crypto/des/Makefile.ssl (1.61.2.13)
  256. crypto/dh/Makefile.ssl (1.43.2.5)
  257. crypto/dsa/Makefile.ssl (1.49.2.9)
  258. crypto/dso/Makefile.ssl (1.11.2.4)
  259. crypto/ec/Makefile.ssl (1.7.2.4)
  260. crypto/engine/Makefile.ssl (1.30.2.13)
  261. crypto/err/Makefile.ssl (1.48.2.7)
  262. crypto/evp/Makefile.ssl (1.64.2.12)
  263. crypto/hmac/Makefile.ssl (1.33.2.6)
  264. crypto/idea/Makefile.ssl (1.20.2.4)
  265. crypto/krb5/Makefile.ssl (1.5.2.6)
  266. crypto/lhash/Makefile.ssl (1.28.2.4)
  267. crypto/md2/Makefile.ssl (1.29.2.5)
  268. crypto/md4/Makefile.ssl (1.6.2.7)
  269. crypto/md5/Makefile.ssl (1.33.2.10)
  270. crypto/mdc2/Makefile.ssl (1.30.2.4)
  271. crypto/objects/Makefile.ssl (1.46.2.6)
  272. crypto/ocsp/Makefile.ssl (1.19.2.7)
  273. crypto/pem/Makefile.ssl (1.51.2.5)
  274. crypto/pkcs12/Makefile.ssl (1.37.2.5)
  275. crypto/pkcs7/Makefile.ssl (1.47.2.5)
  276. crypto/rand/Makefile.ssl (1.56.2.8)
  277. crypto/rc2/Makefile.ssl (1.20.2.4)
  278. crypto/rc4/Makefile.ssl (1.25.2.6)
  279. crypto/rc5/Makefile.ssl (1.22.2.6)
  280. crypto/ripemd/Makefile.ssl (1.25.2.9)
  281. crypto/rsa/Makefile.ssl (1.53.2.6)
  282. crypto/sha/Makefile.ssl (1.26.2.9)
  283. crypto/stack/Makefile.ssl (1.28.2.4)
  284. crypto/txt_db/Makefile.ssl (1.26.2.4)
  285. crypto/ui/Makefile.ssl (1.10.2.6)
  286. crypto/x509/Makefile.ssl (1.56.2.5)
  287. crypto/x509v3/Makefile.ssl (1.62.2.5)
  288. ssl/Makefile.ssl (1.53.2.11)
  289. test/Makefile.ssl (1.84.2.36)
  290. tools/Makefile.ssl (1.9.2.4)
  291. Changed:
  292. .cvsignore (1.7.6.2), "Exp", lines: +2 -1
  293. Configure (1.314.2.92), "Exp", lines: +38 -8
  294. FAQ (1.61.2.31), "Exp", lines: +1 -1
  295. INSTALL (1.45.2.9), "Exp", lines: +2 -2
  296. INSTALL.W32 (1.30.2.14), "Exp", lines: +9 -4
  297. Makefile.org (1.154.2.78), "Exp", lines: +51 -19
  298. PROBLEMS (1.4.2.10), "Exp", lines: +2 -2
  299. e_os.h (1.56.2.17), "Exp", lines: +20 -1
  300. apps/.cvsignore (1.5.8.1), "Exp", lines: +1 -0
  301. apps/Makefile (1.1.4.1), "Exp", lines: +1147 -0
  302. apps/apps.c (1.49.2.27), "Exp", lines: +0 -10
  303. apps/ca.c (1.102.2.31), "Exp", lines: +0 -10
  304. apps/dgst.c (1.23.2.10), "Exp", lines: +39 -11
  305. apps/openssl.c (1.48.2.9), "Exp", lines: +19 -0
  306. crypto/Makefile (1.1.4.1), "Exp", lines: +217 -0
  307. crypto/cryptlib.c (1.32.2.11), "Exp", lines: +5 -0
  308. crypto/crypto-lib.com (1.53.2.12), "Exp", lines: +1 -1
  309. crypto/md32_common.h (1.22.2.6), "Exp", lines: +12 -0
  310. crypto/aes/Makefile (1.1.4.1), "Exp", lines: +102 -0
  311. crypto/aes/aes.h (1.1.2.9), "Exp", lines: +9 -0
  312. crypto/aes/aes_cfb.c (1.1.2.9), "Exp", lines: +93 -0
  313. crypto/aes/aes_core.c (1.1.2.6), "Exp", lines: +4 -0
  314. crypto/asn1/Makefile (1.1.4.1), "Exp", lines: +1150 -0
  315. crypto/bf/Makefile (1.1.4.1), "Exp", lines: +113 -0
  316. crypto/bio/Makefile (1.1.4.1), "Exp", lines: +214 -0
  317. crypto/bio/bio.h (1.56.2.6), "Exp", lines: +1 -0
  318. crypto/bn/Makefile (1.1.4.1), "Exp", lines: +324 -0
  319. crypto/bn/bntest.c (1.55.2.4), "Exp", lines: +1 -1
  320. crypto/buffer/Makefile (1.1.4.1), "Exp", lines: +92 -0
  321. crypto/cast/Makefile (1.1.4.1), "Exp", lines: +118 -0
  322. crypto/cast/asm/.cvsignore (1.2.8.1), "Exp", lines: +1 -0
  323. crypto/comp/Makefile (1.1.4.1), "Exp", lines: +112 -0
  324. crypto/conf/Makefile (1.1.4.1), "Exp", lines: +181 -0
  325. crypto/des/Makefile (1.1.4.1), "Exp", lines: +314 -0
  326. crypto/des/cfb64ede.c (1.6.2.4), "Exp", lines: +111 -0
  327. crypto/des/des.h (1.40.2.6), "Exp", lines: +5 -1
  328. crypto/des/des_enc.c (1.11.2.4), "Exp", lines: +8 -0
  329. crypto/des/des_old.c (1.11.2.6), "Exp", lines: +1 -1
  330. crypto/des/destest.c (1.30.2.8), "Exp", lines: +2 -2
  331. crypto/des/ecb3_enc.c (1.8.2.3), "Exp", lines: +1 -3
  332. crypto/des/set_key.c (1.18.2.2), "Exp", lines: +4 -0
  333. crypto/dh/Makefile (1.1.4.1), "Exp", lines: +131 -0
  334. crypto/dsa/Makefile (1.1.4.1), "Exp", lines: +173 -0
  335. crypto/dsa/dsa_gen.c (1.19.2.1), "Exp", lines: +4 -1
  336. crypto/dsa/dsa_key.c (1.9.2.1), "Exp", lines: +2 -0
  337. crypto/dsa/dsa_ossl.c (1.12.2.6), "Exp", lines: +2 -0
  338. crypto/dsa/dsa_sign.c (1.10.2.5), "Exp", lines: +12 -0
  339. crypto/dsa/dsa_vrf.c (1.10.2.5), "Exp", lines: +8 -0
  340. crypto/dso/Makefile (1.1.4.1), "Exp", lines: +140 -0
  341. crypto/ec/Makefile (1.1.4.1), "Exp", lines: +126 -0
  342. crypto/engine/Makefile (1.1.4.1), "Exp", lines: +536 -0
  343. crypto/engine/hw_cryptodev.c (1.1.2.6), "Exp", lines: +6 -2
  344. crypto/err/Makefile (1.1.4.1), "Exp", lines: +118 -0
  345. crypto/err/err.h (1.35.2.6), "Exp", lines: +2 -0
  346. crypto/err/err_all.c (1.17.2.4), "Exp", lines: +4 -0
  347. crypto/err/openssl.ec (1.11.2.3), "Exp", lines: +1 -0
  348. crypto/evp/Makefile (1.1.4.1), "Exp", lines: +1057 -0
  349. crypto/evp/bio_md.c (1.11.2.1), "Exp", lines: +6 -0
  350. crypto/evp/c_allc.c (1.8.2.7), "Exp", lines: +8 -0
  351. crypto/evp/e_aes.c (1.6.2.10), "Exp", lines: +22 -4
  352. crypto/evp/e_des.c (1.5.2.8), "Exp", lines: +36 -3
  353. crypto/evp/e_des3.c (1.8.2.7), "Exp", lines: +43 -4
  354. crypto/evp/evp.h (1.86.2.15), "Exp", lines: +39 -11
  355. crypto/evp/evp_err.c (1.23.2.3), "Exp", lines: +3 -1
  356. crypto/evp/evp_lib.c (1.6.8.4), "Exp", lines: +24 -0
  357. crypto/evp/evp_locl.h (1.7.2.6), "Exp", lines: +11 -2
  358. crypto/evp/evp_test.c (1.14.2.13), "Exp", lines: +17 -8
  359. crypto/evp/evptests.txt (1.9.2.7), "Exp", lines: +106 -1
  360. crypto/hmac/Makefile (1.1.4.1), "Exp", lines: +99 -0
  361. crypto/idea/Makefile (1.1.4.1), "Exp", lines: +89 -0
  362. crypto/krb5/Makefile (1.1.4.1), "Exp", lines: +88 -0
  363. crypto/lhash/Makefile (1.1.4.1), "Exp", lines: +91 -0
  364. crypto/md2/Makefile (1.1.4.1), "Exp", lines: +91 -0
  365. crypto/md4/Makefile (1.1.4.1), "Exp", lines: +93 -0
  366. crypto/md5/Makefile (1.1.4.1), "Exp", lines: +129 -0
  367. crypto/mdc2/Makefile (1.1.4.1), "Exp", lines: +96 -0
  368. crypto/objects/Makefile (1.1.4.1), "Exp", lines: +121 -0
  369. crypto/objects/obj_dat.h (1.49.2.19), "Exp", lines: +33 -3
  370. crypto/objects/obj_mac.h (1.19.2.19), "Exp", lines: +40 -0
  371. crypto/objects/obj_mac.num (1.15.2.15), "Exp", lines: +10 -0
  372. crypto/objects/objects.txt (1.20.2.20), "Exp", lines: +13 -0
  373. crypto/ocsp/Makefile (1.1.4.1), "Exp", lines: +291 -0
  374. crypto/pem/Makefile (1.1.4.1), "Exp", lines: +334 -0
  375. crypto/pkcs12/Makefile (1.1.4.1), "Exp", lines: +415 -0
  376. crypto/pkcs7/Makefile (1.1.4.1), "Exp", lines: +241 -0
  377. crypto/rand/Makefile (1.1.4.1), "Exp", lines: +196 -0
  378. crypto/rand/md_rand.c (1.69.2.4), "Exp", lines: +9 -0
  379. crypto/rand/rand.h (1.26.2.7), "Exp", lines: +3 -0
  380. crypto/rand/rand_err.c (1.6.2.3), "Exp", lines: +4 -1
  381. crypto/rand/rand_lib.c (1.15.2.4), "Exp", lines: +11 -0
  382. crypto/rc2/Makefile (1.1.4.1), "Exp", lines: +89 -0
  383. crypto/rc4/Makefile (1.1.4.1), "Exp", lines: +108 -0
  384. crypto/rc5/Makefile (1.1.4.1), "Exp", lines: +106 -0
  385. crypto/ripemd/Makefile (1.1.4.1), "Exp", lines: +111 -0
  386. crypto/rsa/Makefile (1.1.4.1), "Exp", lines: +239 -0
  387. crypto/rsa/rsa_eay.c (1.28.2.9), "Exp", lines: +1 -1
  388. crypto/rsa/rsa_gen.c (1.8.6.1), "Exp", lines: +3 -0
  389. crypto/sha/Makefile (1.1.4.1), "Exp", lines: +118 -0
  390. crypto/sha/sha1dgst.c (1.21.2.1), "Exp", lines: +8 -0
  391. crypto/stack/Makefile (1.1.4.1), "Exp", lines: +86 -0
  392. crypto/txt_db/Makefile (1.1.4.1), "Exp", lines: +86 -0
  393. crypto/ui/Makefile (1.1.4.1), "Exp", lines: +115 -0
  394. crypto/x509/Makefile (1.1.4.1), "Exp", lines: +592 -0
  395. crypto/x509v3/Makefile (1.1.4.1), "Exp", lines: +601 -0
  396. fips/Makefile (1.1.4.1), "Exp", lines: +202 -0
  397. fips/fingerprint.sha1 (1.1.2.4), "Exp", lines: +4 -4
  398. fips/fips.c (1.1.2.3), "Exp", lines: +120 -5
  399. fips/fips.h (1.1.2.3), "Exp", lines: +42 -2
  400. fips/fips_check_sha1 (1.1.2.5), "Exp", lines: +2 -2
  401. fips/fips_err.h (1.1.4.1), "Exp", lines: +117 -0
  402. fips/fips_err_wrapper.c (1.1.2.3), "Exp", lines: +4 -2
  403. fips/fips_locl.h (1.1.4.1), "Exp", lines: +62 -0
  404. fips/fips_make_sha1 (1.1.2.5), "Exp", lines: +9 -6
  405. fips/fips_test_suite.c (1.1.4.1), "Exp", lines: +302 -0
  406. fips/openssl_fips_fingerprint (1.1.4.1), "Exp", lines: +25 -0
  407. fips/aes/Makefile (1.1.4.1), "Exp", lines: +131 -0
  408. fips/aes/fingerprint.sha1 (1.1.2.3), "Exp", lines: +3 -2
  409. fips/aes/fips_aes_core.c (1.1.2.3), "Exp", lines: +5 -2
  410. fips/aes/fips_aes_locl.h (1.1.2.3), "Exp", lines: +0 -0
  411. fips/aes/fips_aes_selftest.c (1.1.4.1), "Exp", lines: +112 -0
  412. fips/aes/fips_aesavs.c (1.1.2.10), "Exp", lines: +12 -6
  413. fips/des/Makefile (1.1.4.1), "Exp", lines: +155 -0
  414. fips/des/fingerprint.sha1 (1.1.2.3), "Exp", lines: +5 -2
  415. fips/des/fips_des_enc.c (1.1.2.4), "Exp", lines: +16 -3
  416. fips/des/fips_des_locl.h (1.1.2.3), "Exp", lines: +1 -1
  417. fips/des/fips_des_selftest.c (1.1.4.1), "Exp", lines: +200 -0
  418. fips/des/fips_desmovs.c (1.1.2.4), "Exp", lines: +186 -79
  419. fips/des/fips_set_key.c (1.1.4.1), "Exp", lines: +415 -0
  420. fips/des/asm/fips-dx86-elf.s (1.1.4.1), "Exp", lines: +2697 -0
  421. fips/dsa/Makefile (1.1.4.1), "Exp", lines: +159 -0
  422. fips/dsa/fingerprint.sha1 (1.1.2.4), "Exp", lines: +3 -1
  423. fips/dsa/fips_dsa_gen.c (1.1.4.1), "Exp", lines: +373 -0
  424. fips/dsa/fips_dsa_ossl.c (1.1.2.4), "Exp", lines: +16 -3
  425. fips/dsa/fips_dsa_selftest.c (1.1.4.1), "Exp", lines: +168 -0
  426. fips/dsa/fips_dsatest.c (1.1.2.4), "Exp", lines: +10 -6
  427. fips/dsa/fips_dssvs.c (1.1.4.1), "Exp", lines: +306 -0
  428. fips/rand/Makefile (1.1.4.1), "Exp", lines: +104 -0
  429. fips/rand/fingerprint.sha1 (1.1.2.3), "Exp", lines: +2 -2
  430. fips/rand/fips_rand.c (1.1.2.3), "Exp", lines: +60 -10
  431. fips/rand/fips_rand.h (1.1.2.3), "Exp", lines: +19 -1
  432. fips/rand/fips_randtest.c (1.1.2.3), "Exp", lines: +31 -10
  433. fips/rsa/Makefile (1.1.4.1), "Exp", lines: +112 -0
  434. fips/rsa/fingerprint.sha1 (1.1.4.1), "Exp", lines: +3 -0
  435. fips/rsa/fips_rsa_eay.c (1.1.4.1), "Exp", lines: +735 -0
  436. fips/rsa/fips_rsa_gen.c (1.1.4.1), "Exp", lines: +249 -0
  437. fips/rsa/fips_rsa_selftest.c (1.1.4.1), "Exp", lines: +207 -0
  438. fips/sha1/.cvsignore (1.1.2.3), "Exp", lines: +1 -2
  439. fips/sha1/Makefile (1.1.4.1), "Exp", lines: +158 -0
  440. fips/sha1/fingerprint.sha1 (1.1.2.4), "Exp", lines: +5 -3
  441. fips/sha1/fips_md32_common.h (1.1.2.3), "Exp", lines: +0 -0
  442. fips/sha1/fips_sha1_selftest.c (1.1.4.1), "Exp", lines: +97 -0
  443. fips/sha1/fips_sha1dgst.c (1.1.2.4), "Exp", lines: +4 -4
  444. fips/sha1/fips_sha1test.c (1.1.2.4), "Exp", lines: +17 -0
  445. fips/sha1/fips_sha_locl.h (1.1.2.3), "Exp", lines: +7 -0
  446. fips/sha1/fips_standalone_sha1.c (1.1.2.4), "Exp", lines: +60 -7
  447. fips/sha1/sha1hashes.txt (1.1.2.3), "Exp", lines: +0 -0
  448. fips/sha1/sha1vectors.txt (1.1.2.3), "Exp", lines: +0 -0
  449. fips/sha1/standalone.sha1 (1.1.2.5), "Exp", lines: +6 -4
  450. fips/sha1/asm/sx86-elf.s (1.1.4.1), "Exp", lines: +1568 -0
  451. ms/do_masm.bat (1.1.8.2), "Exp", lines: +12 -10
  452. ms/do_ms.bat (1.4.8.2), "Exp", lines: +11 -11
  453. ms/do_nasm.bat (1.1.8.2), "Exp", lines: +12 -11
  454. ms/do_nt.bat (1.2.8.1), "Exp", lines: +4 -4
  455. shlib/hpux10-cc.sh (1.3.2.2), "Exp", lines: +3 -3
  456. ssl/Makefile (1.1.4.1), "Exp", lines: +1019 -0
  457. ssl/s3_clnt.c (1.53.2.16), "Exp", lines: +10 -0
  458. ssl/s3_srvr.c (1.85.2.21), "Exp", lines: +9 -0
  459. ssl/ssl_cert.c (1.48.2.7), "Exp", lines: +9 -0
  460. ssl/ssl_lib.c (1.110.2.12), "Exp", lines: +13 -1
  461. ssl/ssltest.c (1.53.2.23), "Exp", lines: +33 -1
  462. ssl/t1_enc.c (1.27.2.8), "Exp", lines: +19 -1
  463. test/.cvsignore (1.4.8.1), "Exp", lines: +4 -0
  464. test/Makefile (1.1.4.1), "Exp", lines: +941 -0
  465. test/bctest (1.14.2.1), "Exp", lines: +1 -1
  466. test/testenc (1.3.8.1), "Exp", lines: +1 -1
  467. test/testfipsssl (1.1.4.1), "Exp", lines: +113 -0
  468. tools/Makefile (1.1.4.1), "Exp", lines: +61 -0
  469. util/cygwin.sh (1.1.2.5), "Exp", lines: +3 -3
  470. util/domd (1.6.2.3), "Exp", lines: +5 -5
  471. util/fixNT.sh (1.1.1.2.8.1), "Exp", lines: +3 -3
  472. util/libeay.num (1.173.2.19), "Exp", lines: +55 -11
  473. util/mk1mf.pl (1.41.2.10), "Exp", lines: +6 -4
  474. util/mkdef.pl (1.67.2.7), "Exp", lines: +11 -4
  475. util/mkerr.pl (1.18.2.6), "Exp", lines: +2 -1
  476. util/mkfiles.pl (1.12.2.1), "Exp", lines: +8 -1
  477. util/pod2mantest (1.1.2.7), "Exp", lines: +1 -1
  478. util/selftest.pl (1.18.2.1), "Exp", lines: +2 -2
  479. util/pl/BC-16.pl (1.2.2.1), "Exp", lines: +1 -1
  480. util/pl/BC-32.pl (1.11.2.4), "Exp", lines: +1 -1
  481. util/pl/Mingw32.pl (1.12.6.5), "Exp", lines: +1 -1
  482. util/pl/OS2-EMX.pl (1.1.2.3), "Exp", lines: +1 -1
  483. util/pl/VC-16.pl (1.3.2.1), "Exp", lines: +2 -2
  484. util/pl/VC-32.pl (1.11.2.3), "Exp", lines: +2 -2
  485. util/pl/VC-CE.pl (1.1.2.5), "Exp", lines: +1 -1
  486. util/pl/ultrix.pl (1.2.8.1), "Exp", lines: +1 -1
  487. Pull FIPS back into stable.
  488. 2004-05-12 10:27 levitte
  489. Changed:
  490. apps/Makefile (1.1.4.2), "Exp", lines: +3 -1
  491. Only check for FIPS signatures when FIPS is enabled.
  492. 2004-05-12 10:28 levitte
  493. Changed:
  494. crypto/des/FILES0 (1.1.4.2), "Exp", lines: +1 -1
  495. Makefile.ssl changed name to Makefile.
  496. 2004-05-12 10:28 levitte
  497. Changed:
  498. fips/rand/fips_rand.c (1.1.2.4), "Exp", lines: +5 -1
  499. Only really build this file when OPENSSL_FIPS is defined. And oh,
  500. let's keep internal variables static.
  501. 2004-05-12 10:42 levitte
  502. Changed:
  503. fips/rand/fingerprint.sha1 (1.1.2.4), "Exp", lines: +1 -1
  504. I forgot to modify the signature for fips_rand.c...
  505. 2004-05-12 10:46 levitte
  506. Changed:
  507. fips/rsa/.cvsignore (1.1.4.1), "Exp", lines: +1 -0
  508. fips/.cvsignore (1.1.2.3), "Exp", lines: +1 -1
  509. fips/aes/.cvsignore (1.1.2.3), "Exp", lines: +0 -3
  510. fips/des/.cvsignore (1.1.2.3), "Exp", lines: +0 -2
  511. fips/dsa/.cvsignore (1.1.2.3), "Exp", lines: +0 -1
  512. fips/rand/.cvsignore (1.1.2.3), "Exp", lines: +0 -1
  513. Ignore the 'lib' timestamp file.
  514. 2004-05-12 12:07 levitte
  515. Changed:
  516. fips/.cvsignore (1.1.2.4), "Exp", lines: +1 -0
  517. fips/aes/.cvsignore (1.1.2.4), "Exp", lines: +1 -0
  518. fips/des/.cvsignore (1.1.2.4), "Exp", lines: +1 -0
  519. fips/dsa/.cvsignore (1.1.2.4), "Exp", lines: +1 -0
  520. fips/rand/.cvsignore (1.1.2.4), "Exp", lines: +1 -0
  521. fips/rsa/.cvsignore (1.1.4.2), "Exp", lines: +1 -0
  522. fips/sha1/.cvsignore (1.1.2.4), "Exp", lines: +1 -0
  523. Ignore 'Makefile.save'
  524. 2004-05-12 16:11 ben
  525. Changed:
  526. crypto/rand/rand.h (1.26.2.8), "Exp", lines: +2 -0
  527. crypto/rand/rand_err.c (1.6.2.4), "Exp", lines: +2 -0
  528. fips/fingerprint.sha1 (1.1.2.5), "Exp", lines: +1 -1
  529. fips/fips.c (1.1.2.4), "Exp", lines: +5 -1
  530. fips/rand/fingerprint.sha1 (1.1.2.5), "Exp", lines: +1 -1
  531. fips/rand/fips_rand.c (1.1.2.5), "Exp", lines: +29 -0
  532. Blow up in people's faces if they don't reseed.
  533. 2004-05-15 19:51 ben
  534. Changed:
  535. crypto/dh/dh.h (1.23.2.6), "Exp", lines: +1 -0
  536. crypto/dh/dh_err.c (1.6.2.3), "Exp", lines: +2 -1
  537. crypto/dh/dh_gen.c (1.8.8.2), "Exp", lines: +9 -0
  538. fips/fips_test_suite.c (1.1.4.2), "Exp", lines: +4 -3
  539. fips/aes/fips_aesavs.c (1.1.2.11), "Exp", lines: +49 -1
  540. fips/des/fingerprint.sha1 (1.1.2.4), "Exp", lines: +1 -1
  541. fips/des/fips_desmovs.c (1.1.2.5), "Exp", lines: +49 -1
  542. fips/des/fips_set_key.c (1.1.4.2), "Exp", lines: +2 -0
  543. fips/sha1/fingerprint.sha1 (1.1.2.5), "Exp", lines: +1 -1
  544. fips/sha1/fips_md32_common.h (1.1.2.4), "Exp", lines: +3 -0
  545. fips/sha1/standalone.sha1 (1.1.2.6), "Exp", lines: +1 -1
  546. Fix self-tests, ban some things in FIPS mode, fix copyrights.
  547. 2004-05-17 06:28 levitte
  548. Changed:
  549. util/mk1mf.pl (1.41.2.11), "Exp", lines: +8 -2
  550. util/pl/BC-16.pl (1.2.2.2), "Exp", lines: +9 -4
  551. util/pl/BC-32.pl (1.11.2.5), "Exp", lines: +8 -3
  552. util/pl/Mingw32.pl (1.12.6.6), "Exp", lines: +7 -2
  553. util/pl/OS2-EMX.pl (1.1.2.4), "Exp", lines: +7 -2
  554. util/pl/VC-16.pl (1.3.2.2), "Exp", lines: +7 -2
  555. util/pl/VC-32.pl (1.11.2.4), "Exp", lines: +7 -2
  556. util/pl/VC-CE.pl (1.1.2.6), "Exp", lines: +7 -2
  557. util/pl/linux.pl (1.3.6.1), "Exp", lines: +7 -2
  558. util/pl/ultrix.pl (1.2.8.2), "Exp", lines: +7 -2
  559. util/pl/unix.pl (1.2.8.1), "Exp", lines: +7 -2
  560. Generate SHA1 files on Windows and other platforms supported by
  561. mk1mf.pl, when building in FIPS mode.
  562. Note: UNTESTED!
  563. 2004-05-17 06:30 levitte
  564. Changed:
  565. apps/apps.h (1.44.2.14), "Exp", lines: +3 -0
  566. apps/openssl.c (1.48.2.10), "Exp", lines: +9 -5
  567. Make sure the applications know when we are running in FIPS mode.
  568. We can't use the variable in libcrypto, since it's supposedly
  569. unknown.
  570. Note: currently only supported in MONOLITH mode.
  571. 2004-05-17 06:31 levitte
  572. Changed:
  573. apps/enc.c (1.35.2.9), "Exp", lines: +10 -1
  574. When in FIPS mode, use SHA1 to digest the key, rather than MD5, as
  575. MD5 isn't a FIPS-approved algorithm.
  576. Note: this means the user needs to keep track of this, and
  577. we need to add support for that...
  578. 2004-05-19 16:16 levitte
  579. Changed:
  580. fips/rsa/fingerprint.sha1 (1.1.4.2), "Exp", lines: +2 -2
  581. fips/rsa/fips_rsa_eay.c (1.1.4.2), "Exp", lines: +8 -8
  582. fips/rsa/fips_rsa_gen.c (1.1.4.2), "Exp", lines: +1 -1
  583. fips/dsa/fingerprint.sha1 (1.1.2.5), "Exp", lines: +2 -2
  584. fips/dsa/fips_dsa_gen.c (1.1.4.2), "Exp", lines: +2 -2
  585. fips/dsa/fips_dsa_ossl.c (1.1.2.5), "Exp", lines: +4 -4
  586. fips/aes/fingerprint.sha1 (1.1.2.4), "Exp", lines: +1 -1
  587. fips/aes/fips_aes_core.c (1.1.2.4), "Exp", lines: +5 -5
  588. crypto/rsa/rsa.h (1.36.2.11), "Exp", lines: +4 -0
  589. crypto/aes/aes.h (1.1.2.10), "Exp", lines: +6 -0
  590. crypto/dsa/dsa.h (1.26.2.5), "Exp", lines: +4 -0
  591. Define FIPS_*_SIZE_T for AES, DSA and RSA as well, in preparation
  592. for size_t-ification of those algorithms in future version of
  593. OpenSSL...
  594. 2004-05-27 11:33 levitte
  595. Changed:
  596. makevms.com (1.35.2.3), "Exp", lines: +27 -0
  597. Copy the FIPS files to the temporary openssl include directory.
  598. 2004-05-27 12:04 levitte
  599. Changed:
  600. fips/fips-lib.com (1.1.2.1), "Exp", lines: +1179 -0
  601. makevms.com (1.35.2.4), "Exp", lines: +8 -0
  602. Compile the FIPS directory on VMS as well. fips-lib.com is
  603. essentially a copy of crypto-lib.com, with just a few edits.
  604. 2004-05-27 12:07 levitte
  605. Changed:
  606. fips/install.com (1.1.2.1), "Exp", lines: +55 -0
  607. install.com (1.4.2.2), "Exp", lines: +6 -6
  608. Run an installation of FIPS stuff as well.
  609. 2004-05-27 12:19 levitte
  610. Changed:
  611. test/maketests.com (1.13.2.5), "Exp", lines: +3 -3
  612. apps/makeapps.com (1.18.2.5), "Exp", lines: +3 -3
  613. Make sure o_str.h is reachable.
  614. 2004-06-19 15:15 ben
  615. Changed:
  616. Makefile.org (1.154.2.80), "Exp", lines: +1 -1
  617. crypto/dh/dh.h (1.23.2.7), "Exp", lines: +0 -1
  618. crypto/dh/dh_check.c (1.6.2.1), "Exp", lines: +4 -0
  619. crypto/dh/dh_err.c (1.6.2.4), "Exp", lines: +0 -1
  620. crypto/dh/dh_gen.c (1.8.8.3), "Exp", lines: +5 -9
  621. crypto/dh/dh_key.c (1.16.2.3), "Exp", lines: +4 -0
  622. fips/Makefile (1.1.4.2), "Exp", lines: +13 -14
  623. fips/fingerprint.sha1 (1.1.2.6), "Exp", lines: +2 -2
  624. fips/fips.h (1.1.2.4), "Exp", lines: +1 -0
  625. fips/fips_err.h (1.1.4.2), "Exp", lines: +1 -0
  626. fips/fips_make_sha1 (1.1.2.6), "Exp", lines: +3 -0
  627. fips/fips_test_suite.c (1.1.4.3), "Exp", lines: +13 -9
  628. fips/openssl_fips_fingerprint (1.1.4.2), "Exp", lines: +1 -2
  629. The version that was actually submitted for FIPS testing.
  630. 2004-06-19 15:16 ben
  631. Changed:
  632. fips/dh/Makefile (1.1.2.1), "Exp", lines: +92 -0
  633. fips/dh/fingerprint.sha1 (1.1.2.1), "Exp", lines: +3 -0
  634. fips/dh/fips_dh_check.c (1.1.2.1), "Exp", lines: +119 -0
  635. fips/dh/fips_dh_gen.c (1.1.2.1), "Exp", lines: +182 -0
  636. fips/dh/fips_dh_key.c (1.1.2.1), "Exp", lines: +222 -0
  637. Add Diffie-Hellman to FIPS.
  638. 2004-06-19 15:18 ben
  639. Changed:
  640. fips/.cvsignore (1.1.2.5), "Exp", lines: +2 -0
  641. fips/dh/.cvsignore (1.1.2.1), "Exp", lines: +1 -0
  642. Update ignores.
  643. 2004-06-21 11:07 levitte
  644. Changed:
  645. fips/aes/Makefile (1.1.4.2), "Exp", lines: +7 -5
  646. fips/des/Makefile (1.1.4.2), "Exp", lines: +7 -5
  647. fips/dh/Makefile (1.1.2.2), "Exp", lines: +7 -6
  648. fips/dsa/Makefile (1.1.4.2), "Exp", lines: +7 -6
  649. fips/rsa/Makefile (1.1.4.2), "Exp", lines: +7 -6
  650. fips/sha1/Makefile (1.1.4.2), "Exp", lines: +7 -5
  651. Make sure we don't try to loop over an empty EXHEADER. In the
  652. Makefiles where this was fixed by commenting away code, change it
  653. to check for an empty EXHEADER instead, so we have less hassle in a
  654. future where EXHEADER changes.
  655. PR: 900
  656. 2004-06-21 20:05 levitte
  657. Changed:
  658. Makefile.org (1.154.2.82), "Exp", lines: +3 -1
  659. Standard sh doesn't tolerate ! as part of the conditional command.
  660. PR: 900
  661. 2004-06-28 22:33 levitte
  662. Changed:
  663. fips/dh/fips_dh_check.c (1.1.2.2), "Exp", lines: +6 -0
  664. fips/dh/fips_dh_gen.c (1.1.2.2), "Exp", lines: +6 -2
  665. fips/dh/fips_dh_key.c (1.1.2.2), "Exp", lines: +8 -0
  666. Make sure the FIPS stuff is only really compiled when in FIPS mode.
  667. 2004-07-12 19:59 ben
  668. Changed:
  669. fips/fips_test_suite.c (1.1.4.4), "Exp", lines: +39 -6
  670. fips/dh/fingerprint.sha1 (1.1.2.2), "Exp", lines: +3 -3
  671. Corrected test program.
  672. 2004-07-17 14:48 appro
  673. Changed:
  674. fips/des/Makefile (1.1.4.3), "Exp", lines: +1 -1
  675. Eliminate enforced -g from CFLAGS. It switches off optimization
  676. with some compilers, e.g. DEC C.
  677. 2004-07-21 19:41 steve
  678. Changed:
  679. crypto/pem/pem_all.c (1.20.2.1), "Exp", lines: +119 -0
  680. When in FIPS mode write private keys in PKCS#8 and PBES2 format to
  681. avoid use of prohibited MD5 algorithm.
  682. 2004-07-23 15:20 ben
  683. Changed:
  684. fips/rand/fingerprint.sha1 (1.1.2.7), "Exp", lines: +1 -1
  685. fips/rand/fips_rand.c (1.1.2.7), "Exp", lines: +22 -7
  686. fips/rand/fips_randtest.c (1.1.2.5), "Exp", lines: +2 -2
  687. Convert to X9.31.
  688. 2004-07-21 19:35 steve
  689. Changed:
  690. fips/fingerprint.sha1 (1.1.2.7), "Exp", lines: +1 -1
  691. fips/fips.c (1.1.2.5), "Exp", lines: +3 -3
  692. fips/rsa/fingerprint.sha1 (1.1.4.3), "Exp", lines: +1 -1
  693. fips/rsa/fips_rsa_selftest.c (1.1.4.2), "Exp", lines: +8 -8
  694. Avoid compiler warnings.
  695. 2004-07-27 02:17 steve
  696. Changed:
  697. fips/fips_test_suite.c (1.1.4.5), "Exp", lines: +9 -8
  698. Stop compiler warnings.
  699. 2004-07-27 02:20 steve
  700. Changed:
  701. crypto/err/err.c (1.51.2.6), "Exp", lines: +1 -0
  702. Add FIPS name to error library.
  703. 2004-07-27 14:22 steve
  704. Changed:
  705. Makefile.org (1.154.2.84), "Exp", lines: +3 -3
  706. fips/fips_check_sha1 (1.1.2.6), "Exp", lines: +1 -1
  707. fips/openssl_fips_fingerprint (1.1.4.3), "Exp", lines: +1 -1
  708. Rename libcrypto.sha1 to libcrypto.a.sha1
  709. 2004-07-27 20:28 steve
  710. Changed:
  711. ssl/s3_lib.c (1.57.2.11), "Exp", lines: +33 -33
  712. ssl/ssl.h (1.126.2.20), "Exp", lines: +1 -0
  713. ssl/ssl_ciph.c (1.33.2.9), "Exp", lines: +11 -0
  714. ssl/ssl_locl.h (1.47.2.3), "Exp", lines: +2 -1
  715. New cipher "strength" FIPS which specifies that a cipher suite is
  716. FIPS compatible.
  717. New cipherstring "FIPS" is all FIPS compatible ciphersuites
  718. except eNULL.
  719. Only allow FIPS ciphersuites in FIPS mode.
  720. 2004-07-28 04:24 levitte
  721. Changed:
  722. makevms.com (1.35.2.6), "Exp", lines: +2 -2
  723. From the FIPS directory, darnit!
  724. 2004-07-28 15:47 levitte
  725. Changed:
  726. makevms.com (1.35.2.7), "Exp", lines: +5 -1
  727. Define OPENSSL_FIPS in opensslconf.h if a logical name with the
  728. same name is defined.
  729. Go up one directory level before dealing with FIPS stuff.
  730. 2004-07-30 00:26 levitte
  731. Changed:
  732. fips/fips-lib.com (1.1.2.2), "Exp", lines: +3 -3
  733. We're building crypto stuff, not ssl stuff. Additionally, we're in
  734. the fips subdirectory, not the crypto one...
  735. 2004-07-30 16:37 levitte
  736. Changed:
  737. fips/sha1/fingerprint.sha1 (1.1.2.7), "Exp", lines: +2 -2
  738. fips/sha1/fips_md32_common.h (1.1.2.6), "Exp", lines: +1 -1
  739. fips/sha1/fips_sha_locl.h (1.1.2.5), "Exp", lines: +2 -2
  740. fips/sha1/fips_standalone_sha1.c (1.1.2.5), "Exp", lines: +1 -1
  741. fips/sha1/standalone.sha1 (1.1.2.8), "Exp", lines: +3 -3
  742. ssl/ssl_ciph.c (1.33.2.10), "Exp", lines: +2 -2
  743. fips/rsa/fingerprint.sha1 (1.1.4.4), "Exp", lines: +2 -2
  744. fips/rsa/fips_rsa_eay.c (1.1.4.3), "Exp", lines: +1 -1
  745. fips/rsa/fips_rsa_gen.c (1.1.4.3), "Exp", lines: +1 -1
  746. fips/dh/fingerprint.sha1 (1.1.2.3), "Exp", lines: +1 -1
  747. fips/dh/fips_dh_gen.c (1.1.2.3), "Exp", lines: +1 -1
  748. fips/dsa/fingerprint.sha1 (1.1.2.6), "Exp", lines: +2 -2
  749. fips/dsa/fips_dsa_gen.c (1.1.4.3), "Exp", lines: +4 -3
  750. fips/dsa/fips_dsa_ossl.c (1.1.2.6), "Exp", lines: +2 -2
  751. fips/des/fingerprint.sha1 (1.1.2.5), "Exp", lines: +2 -2
  752. fips/des/fips_des_enc.c (1.1.2.5), "Exp", lines: +2 -2
  753. fips/des/fips_set_key.c (1.1.4.3), "Exp", lines: +3 -3
  754. fips/fingerprint.sha1 (1.1.2.8), "Exp", lines: +2 -2
  755. fips/fips.c (1.1.2.6), "Exp", lines: +76 -23
  756. fips/fips.h (1.1.2.5), "Exp", lines: +2 -3
  757. fips/fips_locl.h (1.1.4.2), "Exp", lines: +7 -2
  758. fips/aes/fingerprint.sha1 (1.1.2.5), "Exp", lines: +1 -1
  759. fips/aes/fips_aes_core.c (1.1.2.5), "Exp", lines: +1 -1
  760. crypto/rand/md_rand.c (1.69.2.5), "Exp", lines: +1 -1
  761. crypto/rand/rand_lib.c (1.15.2.5), "Exp", lines: +2 -1
  762. crypto/dsa/dsa_sign.c (1.10.2.6), "Exp", lines: +2 -2
  763. crypto/dsa/dsa_vrf.c (1.10.2.6), "Exp", lines: +1 -1
  764. crypto/pem/pem_all.c (1.20.2.2), "Exp", lines: +2 -2
  765. crypto/cryptlib.c (1.32.2.12), "Exp", lines: +122 -6
  766. crypto/crypto.h (1.62.2.8), "Exp", lines: +8 -1
  767. crypto/md32_common.h (1.22.2.7), "Exp", lines: +2 -2
  768. To protect FIPS-related global variables, add locking mechanisms
  769. around them.
  770. NOTE: because two new locks are added, this adds potential
  771. binary incompatibility with earlier versions in the 0.9.7 series.
  772. However, those locks will only ever be touched when FIPS_mode_set()
  773. is called and after, thanks to a variable that's only changed from
  774. 0 to 1 once (when FIPS_mode_set() is called). So basically, as
  775. long as FIPS mode hasn't been engaged explicitely by the calling
  776. application, the new locks are treated as if they didn't exist at
  777. all, thus not becoming a problem. Applications that are built or
  778. rebuilt to use FIPS functionality will need to be recompiled in any
  779. case, thus not being a problem either.
  780. 2004-08-02 16:15 levitte
  781. Changed:
  782. crypto/cryptlib.c (1.32.2.13), "Exp", lines: +4 -4
  783. Let's lock a write lock when changing values, shall we?
  784. Thanks to Dr Stephen Henson <shenson@drh-consultancy.co.uk>
  785. for making me aware of this error.
  786. 2004-08-05 20:11 steve
  787. Changed:
  788. fips/fingerprint.sha1 (1.1.2.9), "Exp", lines: +1 -1
  789. fips/fips.c (1.1.2.7), "Exp", lines: +1 -1
  790. Stop compiler giving bogus shadow warning.
  791. 2004-08-09 14:13 levitte
  792. Changed:
  793. makevms.com (1.35.2.8), "Exp", lines: +1 -1
  794. In the fips directory, we use FIPS-LIB.COM, not CRYPTO-LIB.COM...
  795. 2004-08-09 14:14 levitte
  796. Changed:
  797. fips/fips-lib.com (1.1.2.3), "Exp", lines: +4 -4
  798. Correct typos and include directory specifications.
  799. 2004-08-10 11:11 levitte
  800. Changed:
  801. fips/fips-lib.com (1.1.2.4), "Exp", lines: +2 -1
  802. Update the VMS fips library builder with the DH library.
  803. 2004-08-10 12:04 levitte
  804. Changed:
  805. fips/rand/fingerprint.sha1 (1.1.2.8), "Exp", lines: +1 -1
  806. fips/rand/fips_rand.c (1.1.2.8), "Exp", lines: +7 -1
  807. With DEC C in ANSI C mode, we need to define _XOPEN_SOURCE_EXTENDED
  808. to get struct timeval and gettimeofday().
  809. 2004-09-06 16:19 levitte
  810. Changed:
  811. fips/fips.c (1.1.2.8), "Exp", lines: +5 -4
  812. Replace the bogus checks of n with proper uses of feof(), ferror()
  813. and clearerr().
  814. 2004-09-06 16:21 levitte
  815. Changed:
  816. fips/sha1/fips_sha_locl.h (1.1.2.6), "Exp", lines: +2 -2
  817. num is an unsigned long, but since it was transfered from
  818. crypto/sha/sha_locl.h, where it is in fact an int, we need to check
  819. for less-than-zero as if it was an int...
  820. 2004-10-08 12:03 ben
  821. Changed:
  822. fips/fingerprint.sha1 (1.1.2.10), "Exp", lines: +1 -1
  823. fips/sha1/fingerprint.sha1 (1.1.2.8), "Exp", lines: +1 -1
  824. fips/sha1/standalone.sha1 (1.1.2.9), "Exp", lines: +1 -1
  825. Update fingerprints.
  826. 2004-10-14 07:51 levitte
  827. Changed:
  828. VMS/mkshared.com (1.3.2.1), "Exp", lines: +8 -0
  829. We need to check for OPENSSL_FIPS when building shared libraries,
  830. so we get correct transfer vectors for those functions when
  831. required.
  832. 2004-10-26 13:47 steve
  833. Changed:
  834. util/mkfiles.pl (1.12.2.2), "Exp", lines: +1 -0
  835. Add fips/dh directory to mkfiles.pl
  836. 2004-10-26 14:17 levitte
  837. Changed:
  838. fips/sha1/Makefile (1.1.4.4), "Exp", lines: +3 -1
  839. util/mkfiles.pl (1.12.2.3), "Exp", lines: +1 -0
  840. fips/Makefile (1.1.4.5), "Exp", lines: +7 -1
  841. crypto/sha/Makefile (1.1.4.4), "Exp", lines: +1 -7
  842. fips/dh was missing in mkfiles.pl. make update
  843. 2004-10-26 15:01 steve
  844. Changed:
  845. util/mkfiles.pl (1.12.2.4), "Exp", lines: +0 -1
  846. Only add fips/dh once...
  847. 2004-11-01 09:20 levitte
  848. Changed:
  849. fips/rand/fingerprint.sha1 (1.1.2.9), "Exp", lines: +1 -1
  850. fips/rand/fips_rand.c (1.1.2.9), "Exp", lines: +3 -1
  851. Make sure _XOPEN_SOURCE_EXTENDED is correctly defined, and only if
  852. not already defined.
  853. 2004-12-09 19:03 appro
  854. vChanged:
  855. crypto/Makefile (1.1.4.4), "Exp", lines: +2 -0
  856. Postpone linking of shared libcrypto in FIPS build.
  857. 2004-12-09 19:13 appro
  858. Changed:
  859. fips/fingerprint.sha1 (1.1.2.11), "Exp", lines: +1 -1
  860. fips/fips.c (1.1.2.9), "Exp", lines: +13 -1
  861. fips/openssl_fips_fingerprint (1.1.4.4), "Exp", lines: +4 -2
  862. Cygwin specific FIPS fix-ups.
  863. 2004-12-09 23:43 appro
  864. Changed:
  865. Configure (1.314.2.100), "Exp", lines: +2 -3
  866. crypto/des/des_enc.c (1.11.2.5), "Exp", lines: +2 -2
  867. Eliminate false dependency on 386 config option is FIPS context.
  868. At the same time limit assembler support to ELF platforms [that's
  869. what is there, ELF modules].
  870. 2004-12-10 12:37 appro
  871. Changed:
  872. Configure (1.314.2.101), "Exp", lines: +10 -3
  873. crypto/des/des_enc.c (1.11.2.6), "Exp", lines: +2 -2
  874. Respect no-asm with fips option and disable FIPS DES assembler in
  875. shared context [because it's not PIC].
  876. 2004-12-10 14:15 appro
  877. Changed:
  878. fips/sha1/fingerprint.sha1 (1.1.2.10), "Exp", lines: +1 -1
  879. fips/sha1/standalone.sha1 (1.1.2.11), "Exp", lines: +1 -1
  880. fips/sha1/asm/sx86-elf.s (1.1.4.3), "Exp", lines: +32 -32
  881. Solaris x86 assembler update.
  882. 2004-12-10 17:30 appro
  883. Changed:
  884. fips/fips_check_sha1 (1.1.2.7), "Exp", lines: +1 -1
  885. fips/openssl_fips_fingerprint (1.1.4.5), "Exp", lines: +1 -1
  886. fips/sha1/Makefile (1.1.4.6), "Exp", lines: +1 -1
  887. Adapt FIPS sub-tree for mingw.
  888. 2005-01-03 18:46 steve
  889. Changed:
  890. fips/rsa/fingerprint.sha1 (1.1.4.5), "Exp", lines: +1 -1
  891. fips/rsa/fips_rsa_selftest.c (1.1.4.3), "Exp", lines: +55 -11
  892. RSA KAT.
  893. 2005-01-11 17:54 levitte
  894. Changed:
  895. fips/rsa/fingerprint.sha1 (1.1.4.6), "Exp", lines: +1 -1
  896. fips/rsa/fips_rsa_selftest.c (1.1.4.4), "Exp", lines: +2 -2
  897. Clear signed vs. unsigned conflicts. Change the fingerprint
  898. accordingly.
  899. 2005-01-11 19:25 levitte
  900. Changed:
  901. ssl/ssltest.c (1.53.2.24), "Exp", lines: +2 -2
  902. fips/rand/fips_randtest.c (1.1.2.6), "Exp", lines: +3 -3
  903. fips/sha1/fips_sha1test.c (1.1.2.5), "Exp", lines: +10 -4
  904. fips/des/fips_desmovs.c (1.1.2.6), "Exp", lines: +8 -7
  905. fips/dsa/fips_dsatest.c (1.1.2.5), "Exp", lines: +2 -2
  906. apps/openssl.c (1.48.2.12), "Exp", lines: +1 -1
  907. fips/aes/fips_aesavs.c (1.1.2.12), "Exp", lines: +8 -7
  908. Use EXIT() instead of exit().
  909. 2005-01-26 21:00 steve
  910. Changed:
  911. apps/dgst.c (1.23.2.13), "Exp", lines: +10 -0
  912. apps/pkcs12.c (1.60.2.13), "Exp", lines: +8 -1
  913. crypto/crypto.h (1.62.2.9), "Exp", lines: +49 -0
  914. crypto/md32_common.h (1.22.2.9), "Exp", lines: +1 -1
  915. crypto/bf/bf_skey.c (1.6.2.1), "Exp", lines: +2 -1
  916. crypto/bf/blowfish.h (1.9.2.1), "Exp", lines: +4 -1
  917. crypto/cast/c_skey.c (1.5.6.1), "Exp", lines: +3 -1
  918. crypto/cast/cast.h (1.7.2.1), "Exp", lines: +4 -1
  919. crypto/evp/bio_md.c (1.11.2.3), "Exp", lines: +2 -7
  920. crypto/evp/digest.c (1.21.2.7), "Exp", lines: +11 -0
  921. crypto/evp/e_aes.c (1.6.2.11), "Exp", lines: +11 -11
  922. crypto/evp/e_des.c (1.5.2.9), "Exp", lines: +5 -3
  923. crypto/evp/e_des3.c (1.8.2.8), "Exp", lines: +6 -6
  924. crypto/evp/evp.h (1.86.2.16), "Exp", lines: +17 -0
  925. crypto/evp/evp_enc.c (1.28.2.11), "Exp", lines: +15 -1
  926. crypto/evp/evp_err.c (1.23.2.4), "Exp", lines: +6 -1
  927. crypto/evp/evp_locl.h (1.7.2.7), "Exp", lines: +17 -2
  928. crypto/evp/m_dss.c (1.8.2.1), "Exp", lines: +1 -1
  929. crypto/evp/m_md2.c (1.9.2.1), "Exp", lines: +1 -0
  930. crypto/evp/m_md4.c (1.8.2.1), "Exp", lines: +1 -0
  931. crypto/evp/m_md5.c (1.9.2.1), "Exp", lines: +1 -0
  932. crypto/evp/m_mdc2.c (1.9.2.1), "Exp", lines: +1 -0
  933. crypto/evp/m_sha.c (1.8.2.2), "Exp", lines: +1 -0
  934. crypto/evp/m_sha1.c (1.8.2.1), "Exp", lines: +1 -1
  935. crypto/evp/names.c (1.7.2.1), "Exp", lines: +3 -0
  936. crypto/hmac/hmac.c (1.12.2.3), "Exp", lines: +7 -0
  937. crypto/hmac/hmac.h (1.14.2.2), "Exp", lines: +1 -0
  938. crypto/idea/i_skey.c (1.5.6.1), "Exp", lines: +13 -0
  939. crypto/idea/idea.h (1.10.2.1), "Exp", lines: +4 -0
  940. crypto/md2/md2.h (1.11.2.1), "Exp", lines: +3 -0
  941. crypto/md2/md2_dgst.c (1.13.2.4), "Exp", lines: +3 -1
  942. crypto/md4/md4.h (1.3.2.1), "Exp", lines: +3 -0
  943. crypto/md4/md4_dgst.c (1.2.2.2), "Exp", lines: +1 -1
  944. crypto/md5/md5.h (1.10.2.3), "Exp", lines: +3 -0
  945. crypto/md5/md5_dgst.c (1.16.2.2), "Exp", lines: +1 -1
  946. crypto/mdc2/mdc2.h (1.9.2.1), "Exp", lines: +3 -1
  947. crypto/mdc2/mdc2dgst.c (1.13.2.1), "Exp", lines: +3 -1
  948. crypto/rc2/rc2.h (1.10.2.1), "Exp", lines: +4 -1
  949. crypto/rc2/rc2_skey.c (1.4.6.1), "Exp", lines: +13 -0
  950. crypto/rc4/rc4.h (1.10.2.2), "Exp", lines: +3 -0
  951. crypto/rc4/rc4_skey.c (1.10.8.2), "Exp", lines: +2 -1
  952. crypto/rc5/rc5.h (1.5.2.1), "Exp", lines: +4 -1
  953. crypto/rc5/rc5_skey.c (1.4.6.1), "Exp", lines: +14 -0
  954. crypto/ripemd/ripemd.h (1.8.2.1), "Exp", lines: +3 -0
  955. crypto/ripemd/rmd_dgst.c (1.13.2.2), "Exp", lines: +2 -1
  956. crypto/sha/sha.h (1.11.2.2), "Exp", lines: +3 -0
  957. crypto/sha/sha_locl.h (1.16.2.3), "Exp", lines: +4 -0
  958. crypto/x509/x509_cmp.c (1.22.2.4), "Exp", lines: +7 -1
  959. crypto/x509/x509_vfy.c (1.56.2.13), "Exp", lines: +1 -1
  960. ssl/s3_clnt.c (1.53.2.18), "Exp", lines: +2 -0
  961. ssl/s3_enc.c (1.31.2.9), "Exp", lines: +3 -0
  962. ssl/s3_srvr.c (1.85.2.23), "Exp", lines: +2 -0
  963. ssl/t1_enc.c (1.27.2.9), "Exp", lines: +2 -0
  964. FIPS algorithm blocking.
  965. Non FIPS algorithms are not normally allowed in FIPS mode.
  966. Any attempt to use them via high level functions will
  967. return an error.
  968. The low level non-FIPS algorithm functions cannot return
  969. errors so they produce assertion failures. HMAC also has to give an
  970. assertion error because it (erroneously) can't return an error
  971. either.
  972. There are exceptions (such as MD5 in TLS and non
  973. cryptographic use of algorithms) and applications can override the
  974. blocking and use non FIPS algorithms anyway.
  975. For low level functions the override is perfomed by
  976. prefixing the algorithm initalization function with "private_" for
  977. example private_MD5_Init().
  978. For high level functions an override is performed by
  979. setting a flag in the context.
  980. 2005-01-27 02:49 steve
  981. Changed:
  982. apps/dgst.c (1.23.2.14), "Exp", lines: +9 -5
  983. crypto/crypto.h (1.62.2.10), "Exp", lines: +3 -0
  984. crypto/evp/digest.c (1.21.2.8), "Exp", lines: +34 -0
  985. crypto/hmac/hmac.c (1.12.2.4), "Exp", lines: +9 -0
  986. More FIPS algorithm blocking.
  987. Catch attempted use of non FIPS algorithms with HMAC.
  988. Give an assertion error for applications that ignore FIPS
  989. digest errors.
  990. Make -non-fips-allow work with dgst and HMAC.
  991. 2005-01-28 15:03 steve
  992. Changed:
  993. apps/dgst.c (1.23.2.15), "Exp", lines: +2 -1
  994. apps/enc.c (1.35.2.13), "Exp", lines: +38 -4
  995. crypto/evp/e_rc4.c (1.11.2.2), "Exp", lines: +1 -0
  996. crypto/evp/evp.h (1.86.2.17), "Exp", lines: +3 -0
  997. crypto/evp/evp_enc.c (1.28.2.12), "Exp", lines: +60 -15
  998. crypto/evp/evp_locl.h (1.7.2.8), "Exp", lines: +1 -0
  999. test/testenc (1.3.8.2), "Exp", lines: +8 -8
  1000. Further FIPS algorithm blocking.
  1001. Fixes to cipher blocking and enabling code.
  1002. Add option -non-fips-allow to 'enc' and update testenc.
  1003. 2005-01-31 02:33 steve
  1004. Changed:
  1005. ssl/s23_clnt.c (1.20.2.7), "Exp", lines: +16 -0
  1006. ssl/s23_srvr.c (1.41.2.6), "Exp", lines: +9 -0
  1007. ssl/s3_clnt.c (1.53.2.19), "Exp", lines: +0 -8
  1008. ssl/s3_enc.c (1.31.2.10), "Exp", lines: +1 -0
  1009. ssl/s3_srvr.c (1.85.2.24), "Exp", lines: +0 -8
  1010. ssl/ssl.h (1.126.2.21), "Exp", lines: +1 -0
  1011. ssl/ssl_cert.c (1.48.2.10), "Exp", lines: +0 -8
  1012. ssl/ssl_err.c (1.41.2.4), "Exp", lines: +2 -1
  1013. ssl/ssl_lib.c (1.110.2.13), "Exp", lines: +8 -9
  1014. ssl/t1_enc.c (1.27.2.10), "Exp", lines: +0 -18
  1015. Only allow TLS is FIPS mode.
  1016. Remove old FIPS_allow_md5() calls.
  1017. 2005-02-05 19:24 steve
  1018. Changed:
  1019. apps/req.c (1.88.2.18), "Exp", lines: +8 -1
  1020. apps/x509.c (1.67.2.20), "Exp", lines: +8 -1
  1021. In FIPS mode use SHA1 as default digest in x509 and req utilities.
  1022. 2005-03-15 10:46 appro
  1023. Changed:
  1024. Makefile.org (1.154.2.96), "Exp", lines: +1 -1
  1025. crypto/Makefile (1.1.4.6), "Exp", lines: +2 -3
  1026. fips/Makefile (1.1.4.8), "Exp", lines: +4 -1
  1027. Real Bourne shell doesn't accept ! as in "if ! grep ..." Fix this
  1028. in crypto/Makefile and make Makefile.org and fips/Makefile more
  1029. discreet.
  1030. 2005-03-22 18:29 steve
  1031. Changed:
  1032. fips/fingerprint.sha1 (1.1.2.12), "Exp", lines: +1 -1
  1033. fips/fips.c (1.1.2.10), "Exp", lines: +1 -0
  1034. Fix memory leak.
  1035. 2005-03-27 05:36 steve
  1036. Changed:
  1037. crypto/evp/e_null.c (1.9.2.1), "Exp", lines: +1 -1
  1038. ssl/s3_lib.c (1.57.2.13), "Exp", lines: +3 -3
  1039. Allow 'null' cipher and appropriate Kerberos ciphersuites in FIPS
  1040. mode.
  1041. 2005-04-14 14:44 steve
  1042. Changed:
  1043. fips/fipshashes.sha1 (1.1.2.1), "Exp", lines: +29 -0
  1044. util/checkhash.pl (1.1.2.1), "Exp", lines: +181 -0
  1045. Perl script that checks or rebuilds FIPS hash files. This works on
  1046. both Unix and Windows.
  1047. Merge all FIPS hash files into a single hash file
  1048. fips/fips.sha1
  1049. 2005-04-15 05:27 steve
  1050. Changed:
  1051. fips/Makefile (1.1.4.9), "Exp", lines: +1 -1
  1052. fips/aes/Makefile (1.1.4.4), "Exp", lines: +1 -4
  1053. fips/des/Makefile (1.1.4.6), "Exp", lines: +1 -4
  1054. fips/dh/Makefile (1.1.2.5), "Exp", lines: +1 -4
  1055. fips/dsa/Makefile (1.1.4.4), "Exp", lines: +1 -4
  1056. fips/rand/Makefile (1.1.4.3), "Exp", lines: +1 -4
  1057. fips/rsa/Makefile (1.1.4.5), "Exp", lines: +1 -4
  1058. fips/sha1/Makefile (1.1.4.9), "Exp", lines: +1 -7
  1059. Update hash checking in makefiles to use new perl script.
  1060. 2005-04-17 06:37 steve
  1061. Changed:
  1062. util/checkhash.pl (1.1.2.2), "Exp", lines: +163 -127
  1063. Modify checkhash.pl so it can be run standalone or included as a
  1064. funtion in another perl script.
  1065. 2005-04-17 16:00 appro
  1066. Changed:
  1067. fips/sha1/Makefile (1.1.4.10), "Exp", lines: +9 -5
  1068. Bring back fips_standalone_sha1.
  1069. 2005-04-17 16:17 appro
  1070. Deleted:
  1071. fips/sha1/asm/sx86-elf.s (1.1.4.4)
  1072. Changed:
  1073. Configure (1.314.2.114), "Exp", lines: +1 -1
  1074. fips/fipshashes.sha1 (1.1.2.2), "Exp", lines: +1 -1
  1075. fips/sha1/Makefile (1.1.4.11), "Exp", lines: +1 -1
  1076. fips/sha1/standalone.sha1 (1.1.2.13), "Exp", lines: +1 -1
  1077. fips/sha1/asm/fips-sx86-elf.s (1.1.2.1), "Exp", lines: +1568 -0
  1078. Rename fips/sha1/sx86-elf.s to fips/sha1/fips-sx86-elf.s.
  1079. 2005-04-17 16:21 steve
  1080. Changed:
  1081. util/checkhash.pl (1.1.2.3), "Exp", lines: +2 -0
  1082. Return 0 for successful hash check.
  1083. 2005-04-17 16:54 appro
  1084. Changed:
  1085. Configure (1.314.2.116), "Exp", lines: +8 -1
  1086. Makefile.org (1.154.2.99), "Exp", lines: +3 -2
  1087. crypto/aes/aes_cbc.c (1.1.2.11), "Exp", lines: +2 -0
  1088. fips/fipshashes.sha1 (1.1.2.4), "Exp", lines: +1 -0
  1089. fips/aes/Makefile (1.1.4.5), "Exp", lines: +4 -2
  1090. fips/aes/asm/fips-ax86-elf.s (1.1.2.1), "Exp", lines: +1822 -0
  1091. Throw in fips/aes/asm/fips-ax86-elf.s.
  1092. 2005-04-17 16:35 appro
  1093. Changed:
  1094. Configure (1.314.2.115), "Exp", lines: +1 -1
  1095. fips/fipshashes.sha1 (1.1.2.3), "Exp", lines: +1 -1
  1096. fips/des/asm/fips-dx86-elf.s (1.1.4.2), "Exp", lines: +108 -98
  1097. Regenerate fips/des/asm/fips-dx86-elf.s with -fPIC flag.
  1098. 2005-04-17 17:26 appro
  1099. Changed:
  1100. crypto/cryptlib.c (1.32.2.18), "Exp", lines: +6 -55
  1101. crypto/crypto.h (1.62.2.11), "Exp", lines: +0 -3
  1102. fips/fips.c (1.1.2.11), "Exp", lines: +62 -8
  1103. fips/fips.h (1.1.2.7), "Exp", lines: +2 -3
  1104. fips/fips_locl.h (1.1.4.3), "Exp", lines: +6 -3
  1105. fips/fipshashes.sha1 (1.1.2.5), "Exp", lines: +4 -4
  1106. fips/rand/fips_rand.c (1.1.2.10), "Exp", lines: +3 -1
  1107. fips/rsa/fips_rsa_gen.c (1.1.4.4), "Exp", lines: +4 -2
  1108. Resolve minor binary compatibility issues in fips.
  1109. 2005-04-17 18:22 appro
  1110. Changed:
  1111. fips/fipshashes.sha1 (1.1.2.6), "Exp", lines: +12 -12
  1112. fips/des/fips_des_locl.h (1.1.2.4), "Exp", lines: +1 -1
  1113. fips/des/fips_set_key.c (1.1.4.4), "Exp", lines: +2 -2
  1114. fips/dh/fips_dh_key.c (1.1.2.3), "Exp", lines: +1 -1
  1115. fips/dsa/fips_dsa_ossl.c (1.1.2.7), "Exp", lines: +1 -1
  1116. fips/dsa/fips_dsa_selftest.c (1.1.4.2), "Exp", lines: +3 -3
  1117. fips/rand/fips_rand.c (1.1.2.11), "Exp", lines: +2 -2
  1118. fips/rand/fips_rand.h (1.1.2.5), "Exp", lines: +1 -1
  1119. fips/rsa/fips_rsa_eay.c (1.1.4.4), "Exp", lines: +1 -1
  1120. fips/rsa/fips_rsa_gen.c (1.1.4.5), "Exp", lines: +1 -1
  1121. fips/rsa/fips_rsa_selftest.c (1.1.4.5), "Exp", lines: +11 -11
  1122. fips/sha1/fips_sha1_selftest.c (1.1.4.2), "Exp", lines: +1 -1
  1123. fips/sha1/fips_sha1dgst.c (1.1.2.5), "Exp", lines: +1 -1
  1124. fips/sha1/standalone.sha1 (1.1.2.14), "Exp", lines: +2 -2
  1125. Minor fips const-ification.
  1126. 2005-04-18 07:02 steve
  1127. Changed:
  1128. crypto/bf/bf_skey.c (1.6.2.2), "Exp", lines: +1 -0
  1129. crypto/cast/c_skey.c (1.5.6.2), "Exp", lines: +1 -0
  1130. crypto/idea/i_skey.c (1.5.6.2), "Exp", lines: +1 -0
  1131. crypto/rc2/rc2_skey.c (1.4.6.2), "Exp", lines: +1 -0
  1132. crypto/rc4/rc4_skey.c (1.10.8.3), "Exp", lines: +1 -0
  1133. crypto/rc5/rc5_skey.c (1.4.6.2), "Exp", lines: +1 -0
  1134. Pick up definition of FIPS_mode() in fips.h to avoid warnings.
  1135. 2005-04-18 10:34 steve
  1136. Deleted:
  1137. fips/fingerprint.sha1 (1.1.2.14)
  1138. fips/fips_check_sha1 (1.1.2.8)
  1139. fips/fips_make_sha1 (1.1.2.7)
  1140. fips/aes/fingerprint.sha1 (1.1.2.7)
  1141. fips/des/fingerprint.sha1 (1.1.2.6)
  1142. fips/dh/fingerprint.sha1 (1.1.2.4)
  1143. fips/dsa/fingerprint.sha1 (1.1.2.7)
  1144. fips/rand/fingerprint.sha1 (1.1.2.10)
  1145. fips/rsa/fingerprint.sha1 (1.1.4.7)
  1146. fips/sha1/fingerprint.sha1 (1.1.2.12)
  1147. Changed:
  1148. fips/sha1/Makefile (1.1.4.12), "Exp", lines: +1 -4
  1149. Remove obsolete fingerprint.sha1 files and associated scripts.
  1150. Delete test in fips/sha1/Makefile: the top level test checks the
  1151. same files.
  1152. 2005-04-19 09:11 appro
  1153. Deleted:
  1154. fips/fipshashes.sha1 (1.1.2.7)
  1155. fips/sha1/standalone.sha1 (1.1.2.15)
  1156. Changed:
  1157. fips/fipshashes.c (1.1.2.1), "Exp", lines: +32 -0
  1158. util/checkhash.pl (1.1.2.4), "Exp", lines: +7 -4
  1159. Maintain fingerprint hashes as C source.
  1160. 2005-04-19 09:17 appro
  1161. Changed:
  1162. util/checkhash.pl (1.1.2.5), "Exp", lines: +1 -1
  1163. Complete the transition C-code hashes.
  1164. 2005-04-21 19:06 steve
  1165. Changed:
  1166. apps/openssl.c (1.48.2.13), "Exp", lines: +0 -2
  1167. fips/fips.c (1.1.2.12), "Exp", lines: +0 -27
  1168. fips/fips.h (1.1.2.8), "Exp", lines: +0 -2
  1169. fips/fipshashes.c (1.1.2.2), "Exp", lines: +2 -2
  1170. Remove defunct FIPS_allow_md5() and related functions.
  1171. 2005-04-22 06:15 appro
  1172. Changed:
  1173. fips/fips.c (1.1.2.13), "Exp", lines: +3 -3
  1174. fips/fips_err.h (1.1.4.4), "Exp", lines: +3 -3
  1175. fips/fipshashes.c (1.1.2.4), "Exp", lines: +2 -2
  1176. Move some variables to .bss.