|
 |
c4366c |
diff -up openssl-fips-0.9.8e/crypto/crypto.h.abi openssl-fips-0.9.8e/crypto/crypto.h
|
|
 |
c4366c |
--- openssl-fips-0.9.8e/crypto/crypto.h.abi 2008-09-04 12:38:01.000000000 +0200
|
|
 |
c4366c |
+++ openssl-fips-0.9.8e/crypto/crypto.h 2008-09-04 13:00:39.000000000 +0200
|
|
 |
c4366c |
@@ -343,7 +343,18 @@ DECLARE_STACK_OF(CRYPTO_EX_DATA_FUNCS)
|
|
 |
c4366c |
|
|
 |
c4366c |
/* Set standard debugging functions (not done by default
|
|
 |
c4366c |
* unless CRYPTO_MDEBUG is defined) */
|
|
 |
c4366c |
+#ifdef OPENSSL_USE_NEW_FUNCTIONS
|
|
 |
c4366c |
void CRYPTO_malloc_debug_init(void);
|
|
 |
c4366c |
+#else
|
|
 |
c4366c |
+#define CRYPTO_malloc_debug_init() do {\
|
|
 |
c4366c |
+ CRYPTO_set_mem_debug_functions(\
|
|
 |
c4366c |
+ CRYPTO_dbg_malloc,\
|
|
 |
c4366c |
+ CRYPTO_dbg_realloc,\
|
|
 |
c4366c |
+ CRYPTO_dbg_free,\
|
|
 |
c4366c |
+ CRYPTO_dbg_set_options,\
|
|
 |
c4366c |
+ CRYPTO_dbg_get_options);\
|
|
 |
c4366c |
+ } while(0)
|
|
 |
c4366c |
+#endif
|
|
 |
c4366c |
|
|
 |
c4366c |
int CRYPTO_mem_ctrl(int mode);
|
|
 |
c4366c |
int CRYPTO_is_mem_check_on(void);
|
|
 |
c4366c |
diff -up openssl-fips-0.9.8e/crypto/rsa/rsa.h.abi openssl-fips-0.9.8e/crypto/rsa/rsa.h
|
|
 |
c4366c |
--- openssl-fips-0.9.8e/crypto/rsa/rsa.h.abi 2008-09-04 12:38:01.000000000 +0200
|
|
 |
c4366c |
+++ openssl-fips-0.9.8e/crypto/rsa/rsa.h 2008-09-04 12:38:02.000000000 +0200
|
|
 |
c4366c |
@@ -226,7 +226,6 @@ struct rsa_st
|
|
 |
c4366c |
* operations and results in faster RSA
|
|
 |
c4366c |
* private key operations.
|
|
 |
c4366c |
*/
|
|
 |
c4366c |
-#ifndef OPENSSL_NO_DEPRECATED
|
|
 |
c4366c |
#define RSA_FLAG_NO_EXP_CONSTTIME RSA_FLAG_NO_CONSTTIME /* deprecated name for the flag*/
|
|
 |
c4366c |
/* new with 0.9.7h; the built-in RSA
|
|
 |
c4366c |
* implementation now uses constant time
|
|
 |
c4366c |
@@ -235,7 +234,6 @@ struct rsa_st
|
|
 |
c4366c |
* faster variable sliding window method to
|
|
 |
c4366c |
* be used for all exponents.
|
|
 |
c4366c |
*/
|
|
 |
c4366c |
-#endif
|
|
 |
c4366c |
|
|
 |
c4366c |
|
|
 |
c4366c |
#define RSA_PKCS1_PADDING 1
|
|
 |
c4366c |
diff -up openssl-fips-0.9.8e/crypto/evp/e_des3.c.abi openssl-fips-0.9.8e/crypto/evp/e_des3.c
|
|
 |
c4366c |
--- openssl-fips-0.9.8e/crypto/evp/e_des3.c.abi 2007-07-01 19:58:14.000000000 +0200
|
|
 |
c4366c |
+++ openssl-fips-0.9.8e/crypto/evp/e_des3.c 2008-09-04 12:38:02.000000000 +0200
|
|
 |
c4366c |
@@ -87,6 +87,7 @@ typedef struct
|
|
 |
c4366c |
static int des_ede_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
|
 |
c4366c |
const unsigned char *in, unsigned int inl)
|
|
 |
c4366c |
{
|
|
 |
c4366c |
+ /* FIPS selftest embedded in the loop macro */
|
|
 |
c4366c |
BLOCK_CIPHER_ecb_loop()
|
|
 |
c4366c |
DES_ecb3_encrypt((const_DES_cblock *)(in + i),
|
|
 |
c4366c |
(DES_cblock *)(out + i),
|
|
 |
c4366c |
@@ -99,6 +100,9 @@ static int des_ede_ecb_cipher(EVP_CIPHER
|
|
 |
c4366c |
static int des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
|
 |
c4366c |
const unsigned char *in, unsigned int inl)
|
|
 |
c4366c |
{
|
|
 |
c4366c |
+#ifdef OPENSSL_FIPS
|
|
 |
c4366c |
+ FIPS_selftest_check();
|
|
 |
c4366c |
+#endif
|
|
 |
c4366c |
DES_ede3_ofb64_encrypt(in, out, (long)inl,
|
|
 |
c4366c |
&data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
|
|
 |
c4366c |
(DES_cblock *)ctx->iv, &ctx->num);
|
|
 |
c4366c |
@@ -108,6 +112,9 @@ static int des_ede_ofb_cipher(EVP_CIPHER
|
|
 |
c4366c |
static int des_ede_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
|
 |
c4366c |
const unsigned char *in, unsigned int inl)
|
|
 |
c4366c |
{
|
|
 |
c4366c |
+#ifdef OPENSSL_FIPS
|
|
 |
c4366c |
+ FIPS_selftest_check();
|
|
 |
c4366c |
+#endif
|
|
 |
c4366c |
#ifdef KSSL_DEBUG
|
|
 |
c4366c |
{
|
|
 |
c4366c |
int i;
|
|
 |
c4366c |
@@ -128,6 +135,9 @@ static int des_ede_cbc_cipher(EVP_CIPHER
|
|
 |
c4366c |
static int des_ede_cfb64_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
|
 |
c4366c |
const unsigned char *in, unsigned int inl)
|
|
 |
c4366c |
{
|
|
 |
c4366c |
+#ifdef OPENSSL_FIPS
|
|
 |
c4366c |
+ FIPS_selftest_check();
|
|
 |
c4366c |
+#endif
|
|
 |
c4366c |
DES_ede3_cfb64_encrypt(in, out, (long)inl,
|
|
 |
c4366c |
&data(ctx)->ks1, &data(ctx)->ks2, &data(ctx)->ks3,
|
|
 |
c4366c |
(DES_cblock *)ctx->iv, &ctx->num, ctx->encrypt);
|
|
 |
c4366c |
@@ -142,6 +152,9 @@ static int des_ede3_cfb1_cipher(EVP_CIPH
|
|
 |
c4366c |
unsigned int n;
|
|
 |
c4366c |
unsigned char c[1],d[1];
|
|
 |
c4366c |
|
|
 |
c4366c |
+#ifdef OPENSSL_FIPS
|
|
 |
c4366c |
+ FIPS_selftest_check();
|
|
 |
c4366c |
+#endif
|
|
 |
c4366c |
for(n=0 ; n < inl ; ++n)
|
|
 |
c4366c |
{
|
|
 |
c4366c |
c[0]=(in[n/8]&(1 << (7-n%8))) ? 0x80 : 0;
|
|
 |
c4366c |
@@ -157,6 +170,9 @@ static int des_ede3_cfb1_cipher(EVP_CIPH
|
|
 |
c4366c |
static int des_ede3_cfb8_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
|
 |
c4366c |
const unsigned char *in, unsigned int inl)
|
|
 |
c4366c |
{
|
|
 |
c4366c |
+#ifdef OPENSSL_FIPS
|
|
 |
c4366c |
+ FIPS_selftest_check();
|
|
 |
c4366c |
+#endif
|
|
 |
c4366c |
DES_ede3_cfb_encrypt(in,out,8,inl,
|
|
 |
c4366c |
&data(ctx)->ks1,&data(ctx)->ks2,&data(ctx)->ks3,
|
|
 |
c4366c |
(DES_cblock *)ctx->iv,ctx->encrypt);
|
|
 |
c4366c |
diff -up openssl-fips-0.9.8e/crypto/evp/evp_locl.h.abi openssl-fips-0.9.8e/crypto/evp/evp_locl.h
|
|
 |
c4366c |
--- openssl-fips-0.9.8e/crypto/evp/evp_locl.h.abi 2008-09-04 12:38:02.000000000 +0200
|
|
 |
c4366c |
+++ openssl-fips-0.9.8e/crypto/evp/evp_locl.h 2008-09-04 12:38:02.000000000 +0200
|
|
 |
c4366c |
@@ -60,8 +60,10 @@
|
|
 |
c4366c |
|
|
 |
c4366c |
/* Wrapper functions for each cipher mode */
|
|
 |
c4366c |
|
|
 |
c4366c |
+#ifdef OPENSSL_FIPS
|
|
 |
c4366c |
#define BLOCK_CIPHER_ecb_loop() \
|
|
 |
c4366c |
unsigned int i, bl; \
|
|
 |
c4366c |
+ FIPS_selftest_check(); \
|
|
 |
c4366c |
bl = ctx->cipher->block_size;\
|
|
 |
c4366c |
if(inl < bl) return 1;\
|
|
 |
c4366c |
inl -= bl; \
|
|
 |
c4366c |
@@ -78,6 +80,7 @@ static int cname##_ecb_cipher(EVP_CIPHER
|
|
 |
c4366c |
#define BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) \
|
|
 |
c4366c |
static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
|
|
 |
c4366c |
{\
|
|
 |
c4366c |
+ FIPS_selftest_check(); \
|
|
 |
c4366c |
cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num);\
|
|
 |
c4366c |
return 1;\
|
|
 |
c4366c |
}
|
|
 |
c4366c |
@@ -85,6 +88,7 @@ static int cname##_ofb_cipher(EVP_CIPHER
|
|
 |
c4366c |
#define BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
|
|
 |
c4366c |
static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
|
|
 |
c4366c |
{\
|
|
 |
c4366c |
+ FIPS_selftest_check(); \
|
|
 |
c4366c |
cprefix##_cbc_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, ctx->encrypt);\
|
|
 |
c4366c |
return 1;\
|
|
 |
c4366c |
}
|
|
 |
c4366c |
@@ -92,9 +96,47 @@ static int cname##_cbc_cipher(EVP_CIPHER
|
|
 |
c4366c |
#define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
|
|
 |
c4366c |
static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
|
|
 |
c4366c |
{\
|
|
 |
c4366c |
+ FIPS_selftest_check(); \
|
|
 |
c4366c |
cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ?inl*8:inl), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\
|
|
 |
c4366c |
return 1;\
|
|
 |
c4366c |
}
|
|
 |
c4366c |
+#else
|
|
 |
c4366c |
+#define BLOCK_CIPHER_ecb_loop() \
|
|
 |
c4366c |
+ unsigned int i, bl; \
|
|
 |
c4366c |
+ bl = ctx->cipher->block_size;\
|
|
 |
c4366c |
+ if(inl < bl) return 1;\
|
|
 |
c4366c |
+ inl -= bl; \
|
|
 |
c4366c |
+ for(i=0; i <= inl; i+=bl)
|
|
 |
c4366c |
+
|
|
 |
c4366c |
+#define BLOCK_CIPHER_func_ecb(cname, cprefix, kstruct, ksched) \
|
|
 |
c4366c |
+static int cname##_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
|
|
 |
c4366c |
+{\
|
|
 |
c4366c |
+ BLOCK_CIPHER_ecb_loop() \
|
|
 |
c4366c |
+ cprefix##_ecb_encrypt(in + i, out + i, &((kstruct *)ctx->cipher_data)->ksched, ctx->encrypt);\
|
|
 |
c4366c |
+ return 1;\
|
|
 |
c4366c |
+}
|
|
 |
c4366c |
+
|
|
 |
c4366c |
+#define BLOCK_CIPHER_func_ofb(cname, cprefix, cbits, kstruct, ksched) \
|
|
 |
c4366c |
+static int cname##_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
|
|
 |
c4366c |
+{\
|
|
 |
c4366c |
+ cprefix##_ofb##cbits##_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num);\
|
|
 |
c4366c |
+ return 1;\
|
|
 |
c4366c |
+}
|
|
 |
c4366c |
+
|
|
 |
c4366c |
+#define BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
|
|
 |
c4366c |
+static int cname##_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
|
|
 |
c4366c |
+{\
|
|
 |
c4366c |
+ cprefix##_cbc_encrypt(in, out, (long)inl, &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, ctx->encrypt);\
|
|
 |
c4366c |
+ return 1;\
|
|
 |
c4366c |
+}
|
|
 |
c4366c |
+
|
|
 |
c4366c |
+#define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits, kstruct, ksched) \
|
|
 |
c4366c |
+static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl) \
|
|
 |
c4366c |
+{\
|
|
 |
c4366c |
+ cprefix##_cfb##cbits##_encrypt(in, out, (long)((cbits==1) && !(ctx->flags & EVP_CIPH_FLAG_LENGTH_BITS) ?inl*8:inl), &((kstruct *)ctx->cipher_data)->ksched, ctx->iv, &ctx->num, ctx->encrypt);\
|
|
 |
c4366c |
+ return 1;\
|
|
 |
c4366c |
+}
|
|
 |
c4366c |
+#endif
|
|
 |
c4366c |
|
|
 |
c4366c |
#define BLOCK_CIPHER_all_funcs(cname, cprefix, cbits, kstruct, ksched) \
|
|
 |
c4366c |
BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \
|
|
 |
c4366c |
diff -up openssl-fips-0.9.8e/crypto/evp/enc_min.c.abi openssl-fips-0.9.8e/crypto/evp/enc_min.c
|
|
 |
c4366c |
--- openssl-fips-0.9.8e/crypto/evp/enc_min.c.abi 2007-08-19 14:49:07.000000000 +0200
|
|
 |
c4366c |
+++ openssl-fips-0.9.8e/crypto/evp/enc_min.c 2008-09-04 12:38:02.000000000 +0200
|
|
 |
c4366c |
@@ -347,9 +347,6 @@ int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CT
|
|
 |
c4366c |
|
|
 |
c4366c |
int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl)
|
|
 |
c4366c |
{
|
|
 |
c4366c |
-#ifdef OPENSSL_FIPS
|
|
 |
c4366c |
- FIPS_selftest_check();
|
|
 |
c4366c |
-#endif
|
|
 |
c4366c |
return ctx->cipher->do_cipher(ctx,out,in,inl);
|
|
 |
c4366c |
}
|
|
 |
c4366c |
|
|
 |
c4366c |
diff -up openssl-fips-0.9.8e/crypto/evp/evp.h.abi openssl-fips-0.9.8e/crypto/evp/evp.h
|
|
 |
c4366c |
--- openssl-fips-0.9.8e/crypto/evp/evp.h.abi 2008-09-04 12:38:02.000000000 +0200
|
|
 |
c4366c |
+++ openssl-fips-0.9.8e/crypto/evp/evp.h 2008-09-04 13:00:16.000000000 +0200
|
|
 |
c4366c |
@@ -448,6 +448,7 @@ typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_
|
|
 |
c4366c |
#define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a))
|
|
 |
c4366c |
#define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a))
|
|
 |
c4366c |
|
|
 |
c4366c |
+#ifdef OPENSSL_USE_NEW_FUNCTIONS
|
|
 |
c4366c |
/* Macros to reduce FIPS dependencies: do NOT use in applications */
|
|
 |
c4366c |
#define M_EVP_MD_size(e) ((e)->md_size)
|
|
 |
c4366c |
#define M_EVP_MD_block_size(e) ((e)->block_size)
|
|
 |
c4366c |
@@ -490,6 +491,38 @@ void EVP_CIPHER_CTX_set_app_data(EVP_CIP
|
|
 |
c4366c |
#define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
|
|
 |
c4366c |
unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx);
|
|
 |
c4366c |
#define EVP_CIPHER_CTX_mode(e) (EVP_CIPHER_CTX_flags(e) & EVP_CIPH_MODE)
|
|
 |
c4366c |
+#else
|
|
 |
c4366c |
+#define EVP_MD_type(e) ((e)->type)
|
|
 |
c4366c |
+#define EVP_MD_nid(e) EVP_MD_type(e)
|
|
 |
c4366c |
+#define EVP_MD_name(e) OBJ_nid2sn(EVP_MD_nid(e))
|
|
 |
c4366c |
+#define EVP_MD_pkey_type(e) ((e)->pkey_type)
|
|
 |
c4366c |
+#define EVP_MD_size(e) ((e)->md_size)
|
|
 |
c4366c |
+#define EVP_MD_block_size(e) ((e)->block_size)
|
|
 |
c4366c |
+
|
|
 |
c4366c |
+#define EVP_MD_CTX_md(e) ((e)->digest)
|
|
 |
c4366c |
+#define EVP_MD_CTX_size(e) EVP_MD_size((e)->digest)
|
|
 |
c4366c |
+#define EVP_MD_CTX_block_size(e) EVP_MD_block_size((e)->digest)
|
|
 |
c4366c |
+#define EVP_MD_CTX_type(e) EVP_MD_type((e)->digest)
|
|
 |
c4366c |
+
|
|
 |
c4366c |
+#define EVP_CIPHER_nid(e) ((e)->nid)
|
|
 |
c4366c |
+#define EVP_CIPHER_name(e) OBJ_nid2sn(EVP_CIPHER_nid(e))
|
|
 |
c4366c |
+#define EVP_CIPHER_block_size(e) ((e)->block_size)
|
|
 |
c4366c |
+#define EVP_CIPHER_key_length(e) ((e)->key_len)
|
|
 |
c4366c |
+#define EVP_CIPHER_iv_length(e) ((e)->iv_len)
|
|
 |
c4366c |
+#define EVP_CIPHER_flags(e) ((e)->flags)
|
|
 |
c4366c |
+#define EVP_CIPHER_mode(e) (((e)->flags) & EVP_CIPH_MODE)
|
|
 |
c4366c |
+
|
|
 |
c4366c |
+#define EVP_CIPHER_CTX_cipher(e) ((e)->cipher)
|
|
 |
c4366c |
+#define EVP_CIPHER_CTX_nid(e) ((e)->cipher->nid)
|
|
 |
c4366c |
+#define EVP_CIPHER_CTX_block_size(e) ((e)->cipher->block_size)
|
|
 |
c4366c |
+#define EVP_CIPHER_CTX_key_length(e) ((e)->key_len)
|
|
 |
c4366c |
+#define EVP_CIPHER_CTX_iv_length(e) ((e)->cipher->iv_len)
|
|
 |
c4366c |
+#define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data)
|
|
 |
c4366c |
+#define EVP_CIPHER_CTX_set_app_data(e,d) ((e)->app_data=(char *)(d))
|
|
 |
c4366c |
+#define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c))
|
|
 |
c4366c |
+#define EVP_CIPHER_CTX_flags(e) ((e)->cipher->flags)
|
|
 |
c4366c |
+#define EVP_CIPHER_CTX_mode(e) ((e)->cipher->flags & EVP_CIPH_MODE)
|
|
 |
c4366c |
+#endif
|
|
 |
c4366c |
|
|
 |
c4366c |
#define EVP_ENCODE_LENGTH(l) (((l+2)/3*4)+(l/48+1)*2+80)
|
|
 |
c4366c |
#define EVP_DECODE_LENGTH(l) ((l+3)/4*3+80)
|
|
 |
c4366c |
@@ -514,10 +547,14 @@ void BIO_set_md(BIO *,const EVP_MD *md);
|
|
 |
c4366c |
#define BIO_get_cipher_status(b) BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL)
|
|
 |
c4366c |
#define BIO_get_cipher_ctx(b,c_pp) BIO_ctrl(b,BIO_C_GET_CIPHER_CTX,0,(char *)c_pp)
|
|
 |
c4366c |
|
|
 |
c4366c |
+#ifdef OPENSSL_USE_NEW_FUNCTIONS
|
|
 |
c4366c |
int EVP_Cipher(EVP_CIPHER_CTX *c,
|
|
 |
c4366c |
unsigned char *out,
|
|
 |
c4366c |
const unsigned char *in,
|
|
 |
c4366c |
unsigned int inl);
|
|
 |
c4366c |
+#else
|
|
 |
c4366c |
+#define EVP_Cipher(c,o,i,l) (c)->cipher->do_cipher((c),(o),(i),(l))
|
|
 |
c4366c |
+#endif
|
|
 |
c4366c |
|
|
 |
c4366c |
#define EVP_add_cipher_alias(n,alias) \
|
|
 |
c4366c |
OBJ_NAME_add((alias),OBJ_NAME_TYPE_CIPHER_METH|OBJ_NAME_ALIAS,(n))
|
|
 |
c4366c |
@@ -533,9 +570,15 @@ int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx);
|
|
 |
c4366c |
EVP_MD_CTX *EVP_MD_CTX_create(void);
|
|
 |
c4366c |
void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
|
|
 |
c4366c |
int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in);
|
|
 |
c4366c |
+#ifdef OPENSSL_USE_NEW_FUNCTIONS
|
|
 |
c4366c |
void EVP_MD_CTX_set_flags(EVP_MD_CTX *ctx, int flags);
|
|
 |
c4366c |
void EVP_MD_CTX_clear_flags(EVP_MD_CTX *ctx, int flags);
|
|
 |
c4366c |
int EVP_MD_CTX_test_flags(const EVP_MD_CTX *ctx,int flags);
|
|
 |
c4366c |
+#else
|
|
 |
c4366c |
+#define EVP_MD_CTX_set_flags(ctx,flgs) ((ctx)->flags|=(flgs))
|
|
 |
c4366c |
+#define EVP_MD_CTX_clear_flags(ctx,flgs) ((ctx)->flags&=~(flgs))
|
|
 |
c4366c |
+#define EVP_MD_CTX_test_flags(ctx,flgs) ((ctx)->flags&(flgs))
|
|
 |
c4366c |
+#endif
|
|
 |
c4366c |
int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
|
|
 |
c4366c |
int EVP_DigestUpdate(EVP_MD_CTX *ctx,const void *d,
|
|
 |
c4366c |
size_t cnt);
|
|
 |
c4366c |
diff -up openssl-fips-0.9.8e/crypto/bio/bio.h.abi openssl-fips-0.9.8e/crypto/bio/bio.h
|
|
 |
c4366c |
--- openssl-fips-0.9.8e/crypto/bio/bio.h.abi 2008-09-04 12:38:02.000000000 +0200
|
|
 |
c4366c |
+++ openssl-fips-0.9.8e/crypto/bio/bio.h 2008-09-04 13:00:32.000000000 +0200
|
|
 |
c4366c |
@@ -198,6 +198,7 @@ extern "C" {
|
|
 |
c4366c |
|
|
 |
c4366c |
typedef struct bio_st BIO;
|
|
 |
c4366c |
|
|
 |
c4366c |
+#ifdef OPENSSL_USE_NEW_FUNCTIONS
|
|
 |
c4366c |
void BIO_set_flags(BIO *b, int flags);
|
|
 |
c4366c |
int BIO_test_flags(const BIO *b, int flags);
|
|
 |
c4366c |
void BIO_clear_flags(BIO *b, int flags);
|
|
 |
c4366c |
@@ -222,6 +223,30 @@ void BIO_clear_flags(BIO *b, int flags);
|
|
 |
c4366c |
#define BIO_should_io_special(a) BIO_test_flags(a, BIO_FLAGS_IO_SPECIAL)
|
|
 |
c4366c |
#define BIO_retry_type(a) BIO_test_flags(a, BIO_FLAGS_RWS)
|
|
 |
c4366c |
#define BIO_should_retry(a) BIO_test_flags(a, BIO_FLAGS_SHOULD_RETRY)
|
|
 |
c4366c |
+#else
|
|
 |
c4366c |
+#define BIO_set_flags(b,f) ((b)->flags|=(f))
|
|
 |
c4366c |
+#define BIO_get_flags(b) ((b)->flags)
|
|
 |
c4366c |
+#define BIO_set_retry_special(b) \
|
|
 |
c4366c |
+ ((b)->flags|=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
|
|
 |
c4366c |
+#define BIO_set_retry_read(b) \
|
|
 |
c4366c |
+ ((b)->flags|=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
|
|
 |
c4366c |
+#define BIO_set_retry_write(b) \
|
|
 |
c4366c |
+ ((b)->flags|=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
|
|
 |
c4366c |
+
|
|
 |
c4366c |
+/* These are normally used internally in BIOs */
|
|
 |
c4366c |
+#define BIO_clear_flags(b,f) ((b)->flags&= ~(f))
|
|
 |
c4366c |
+#define BIO_clear_retry_flags(b) \
|
|
 |
c4366c |
+ ((b)->flags&= ~(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
|
|
 |
c4366c |
+#define BIO_get_retry_flags(b) \
|
|
 |
c4366c |
+ ((b)->flags&(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
|
|
 |
c4366c |
+
|
|
 |
c4366c |
+/* These should be used by the application to tell why we should retry */
|
|
 |
c4366c |
+#define BIO_should_read(a) ((a)->flags & BIO_FLAGS_READ)
|
|
 |
c4366c |
+#define BIO_should_write(a) ((a)->flags & BIO_FLAGS_WRITE)
|
|
 |
c4366c |
+#define BIO_should_io_special(a) ((a)->flags & BIO_FLAGS_IO_SPECIAL)
|
|
 |
c4366c |
+#define BIO_retry_type(a) ((a)->flags & BIO_FLAGS_RWS)
|
|
 |
c4366c |
+#define BIO_should_retry(a) ((a)->flags & BIO_FLAGS_SHOULD_RETRY)
|
|
 |
c4366c |
+#endif
|
|
 |
c4366c |
|
|
 |
c4366c |
/* The next three are used in conjunction with the
|
|
 |
c4366c |
* BIO_should_io_special() condition. After this returns true,
|
|
 |
c4366c |
@@ -250,6 +275,7 @@ void BIO_clear_flags(BIO *b, int flags);
|
|
 |
c4366c |
#define BIO_cb_pre(a) (!((a)&BIO_CB_RETURN))
|
|
 |
c4366c |
#define BIO_cb_post(a) ((a)&BIO_CB_RETURN)
|
|
 |
c4366c |
|
|
 |
c4366c |
+#ifdef OPENSSL_USE_NEW_FUNCTIONS
|
|
 |
c4366c |
long (*BIO_get_callback(const BIO *b)) (struct bio_st *,int,const char *,int, long,long);
|
|
 |
c4366c |
void BIO_set_callback(BIO *b,
|
|
 |
c4366c |
long (*callback)(struct bio_st *,int,const char *,int, long,long));
|
|
 |
c4366c |
@@ -258,6 +284,14 @@ void BIO_set_callback_arg(BIO *b, char *
|
|
 |
c4366c |
|
|
 |
c4366c |
const char * BIO_method_name(const BIO *b);
|
|
 |
c4366c |
int BIO_method_type(const BIO *b);
|
|
 |
c4366c |
+#else
|
|
 |
c4366c |
+#define BIO_set_callback(b,cb) ((b)->callback=(cb))
|
|
 |
c4366c |
+#define BIO_set_callback_arg(b,arg) ((b)->cb_arg=(char *)(arg))
|
|
 |
c4366c |
+#define BIO_get_callback_arg(b) ((b)->cb_arg)
|
|
 |
c4366c |
+#define BIO_get_callback(b) ((b)->callback)
|
|
 |
c4366c |
+#define BIO_method_name(b) ((b)->method->name)
|
|
 |
c4366c |
+#define BIO_method_type(b) ((b)->method->type)
|
|
 |
c4366c |
+#endif
|
|
 |
c4366c |
|
|
 |
c4366c |
typedef void bio_info_cb(struct bio_st *, int, const char *, int, long, long);
|
|
 |
c4366c |
|
|
 |
c4366c |
diff -up openssl-fips-0.9.8e/crypto/bn/bn.h.abi openssl-fips-0.9.8e/crypto/bn/bn.h
|
|
 |
c4366c |
--- openssl-fips-0.9.8e/crypto/bn/bn.h.abi 2008-09-04 12:38:02.000000000 +0200
|
|
 |
c4366c |
+++ openssl-fips-0.9.8e/crypto/bn/bn.h 2008-09-04 12:38:02.000000000 +0200
|
|
 |
c4366c |
@@ -251,11 +251,9 @@ extern "C" {
|
|
 |
c4366c |
* BN_mod_inverse() will call BN_mod_inverse_no_branch.
|
|
 |
c4366c |
*/
|
|
 |
c4366c |
|
|
 |
c4366c |
-#ifndef OPENSSL_NO_DEPRECATED
|
|
 |
c4366c |
#define BN_FLG_EXP_CONSTTIME BN_FLG_CONSTTIME /* deprecated name for the flag */
|
|
 |
c4366c |
/* avoid leaking exponent information through timings
|
|
 |
c4366c |
* (BN_mod_exp_mont() will call BN_mod_exp_mont_consttime) */
|
|
 |
c4366c |
-#endif
|
|
 |
c4366c |
|
|
 |
c4366c |
#ifndef OPENSSL_NO_DEPRECATED
|
|
 |
c4366c |
#define BN_FLG_FREE 0x8000 /* used for debuging */
|
|
 |
c4366c |
diff -up openssl-fips-0.9.8e/crypto/opensslv.h.abi openssl-fips-0.9.8e/crypto/opensslv.h
|
|
 |
c4366c |
--- openssl-fips-0.9.8e/crypto/opensslv.h.abi 2008-09-04 12:38:01.000000000 +0200
|
|
 |
c4366c |
+++ openssl-fips-0.9.8e/crypto/opensslv.h 2008-09-04 12:38:02.000000000 +0200
|
|
 |
c4366c |
@@ -25,11 +25,11 @@
|
|
 |
c4366c |
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
|
|
 |
c4366c |
* major minor fix final patch/beta)
|
|
 |
c4366c |
*/
|
|
 |
c4366c |
-#define OPENSSL_VERSION_NUMBER 0x00908060L
|
|
 |
c4366c |
+#define OPENSSL_VERSION_NUMBER 0x0090802fL
|
|
 |
c4366c |
#ifdef OPENSSL_FIPS
|
|
 |
c4366c |
-#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8f-fips-dev xx XXXX xxxx"
|
|
 |
c4366c |
+#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008"
|
|
 |
c4366c |
#else
|
|
 |
c4366c |
-#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8f-dev xx XXXX xxxx"
|
|
 |
c4366c |
+#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8e-rhel5 01 Jul 2008"
|
|
 |
c4366c |
#endif
|
|
 |
c4366c |
#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
|
|
 |
c4366c |
|
|
 |
c4366c |
diff -up openssl-fips-0.9.8e/ssl/ssl.h.abi openssl-fips-0.9.8e/ssl/ssl.h
|
|
 |
c4366c |
--- openssl-fips-0.9.8e/ssl/ssl.h.abi 2008-09-04 12:38:02.000000000 +0200
|
|
 |
c4366c |
+++ openssl-fips-0.9.8e/ssl/ssl.h 2008-09-04 13:02:38.000000000 +0200
|
|
 |
c4366c |
@@ -789,6 +789,7 @@ struct ssl_ctx_st
|
|
 |
c4366c |
#define SSL_CTX_sess_cache_full(ctx) \
|
|
 |
c4366c |
SSL_CTX_ctrl(ctx,SSL_CTRL_SESS_CACHE_FULL,0,NULL)
|
|
 |
c4366c |
|
|
 |
c4366c |
+#ifdef OPENSSL_USE_NEW_FUNCTIONS
|
|
 |
c4366c |
void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx, int (*new_session_cb)(struct ssl_st *ssl,SSL_SESSION *sess));
|
|
 |
c4366c |
int (*SSL_CTX_sess_get_new_cb(SSL_CTX *ctx))(struct ssl_st *ssl, SSL_SESSION *sess);
|
|
 |
c4366c |
void SSL_CTX_sess_set_remove_cb(SSL_CTX *ctx, void (*remove_session_cb)(struct ssl_ctx_st *ctx,SSL_SESSION *sess));
|
|
 |
c4366c |
@@ -801,6 +802,20 @@ void SSL_CTX_set_client_cert_cb(SSL_CTX
|
|
 |
c4366c |
int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx))(SSL *ssl, X509 **x509, EVP_PKEY **pkey);
|
|
 |
c4366c |
void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx, int (*app_gen_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len));
|
|
 |
c4366c |
void SSL_CTX_set_cookie_verify_cb(SSL_CTX *ctx, int (*app_verify_cookie_cb)(SSL *ssl, unsigned char *cookie, unsigned int cookie_len));
|
|
 |
c4366c |
+#else
|
|
 |
c4366c |
+#define SSL_CTX_sess_set_new_cb(ctx,cb) ((ctx)->new_session_cb=(cb))
|
|
 |
c4366c |
+#define SSL_CTX_sess_get_new_cb(ctx) ((ctx)->new_session_cb)
|
|
 |
c4366c |
+#define SSL_CTX_sess_set_remove_cb(ctx,cb) ((ctx)->remove_session_cb=(cb))
|
|
 |
c4366c |
+#define SSL_CTX_sess_get_remove_cb(ctx) ((ctx)->remove_session_cb)
|
|
 |
c4366c |
+#define SSL_CTX_sess_set_get_cb(ctx,cb) ((ctx)->get_session_cb=(cb))
|
|
 |
c4366c |
+#define SSL_CTX_sess_get_get_cb(ctx) ((ctx)->get_session_cb)
|
|
 |
c4366c |
+#define SSL_CTX_set_info_callback(ctx,cb) ((ctx)->info_callback=(cb))
|
|
 |
c4366c |
+#define SSL_CTX_get_info_callback(ctx) ((ctx)->info_callback)
|
|
 |
c4366c |
+#define SSL_CTX_set_client_cert_cb(ctx,cb) ((ctx)->client_cert_cb=(cb))
|
|
 |
c4366c |
+#define SSL_CTX_get_client_cert_cb(ctx) ((ctx)->client_cert_cb)
|
|
 |
c4366c |
+#define SSL_CTX_set_cookie_generate_cb(ctx,cb) ((ctx)->app_gen_cookie_cb=(cb))
|
|
 |
c4366c |
+#define SSL_CTX_set_cookie_verify_cb(ctx,cb) ((ctx)->app_verify_cookie_cb=(cb))
|
|
 |
c4366c |
+#endif
|
|
 |
c4366c |
|
|
 |
c4366c |
#define SSL_NOTHING 1
|
|
 |
c4366c |
#define SSL_WRITING 2
|