List Info

Thread: OpenSSL: OpenSSL-fips-0_9_8-stable: openssl/ CHANGES openssl/cry...
OpenSSL: OpenSSL-fips-0_9_8-stable: openssl/ CHANGES openssl/cry...
country flaguser name
Germany		 2007-12-26 13:04:58 
  OpenSSL CVS Repository
  http://cvs.openssl.org/
 
____________________________________________________________
________________

  Server: cvs.openssl.org                  Name:   Dr.
Stephen Henson
  Root:   /v/openssl/cvs                   Email:  steveopenssl.org
  Module: openssl                          Date:  
26-Dec-2007 20:04:58
  Branch: OpenSSL-fips-0_9_8-stable        Handle:
2007122619045701

  Modified files:           (Branch:
OpenSSL-fips-0_9_8-stable)
    openssl                 CHANGES
    openssl/crypto/evp      evp.h evp_locl.h
    openssl/fips/aes        fips_aesavs.c

  Log:
    Fixes to make CFB1 Monte Carlo test work.

  Summary:
    Revision    Changes     Path
    1.1238.2.65.2.27+4  -0      openssl/CHANGES
    1.112.2.4.2.9+3  -0      openssl/crypto/evp/evp.h
    1.10.2.1.2.4+1  -1      openssl/crypto/evp/evp_locl.h
    1.1.4.4     +4  -0      openssl/fips/aes/fips_aesavs.c
 
____________________________________________________________
________________

  patch -p0 <<' .'
  Index: openssl/CHANGES
 
============================================================
================
  $ cvs diff -u -r1.1238.2.65.2.26 -r1.1238.2.65.2.27
CHANGES
  --- openssl/CHANGES	14 Dec 2007 01:15:26
-0000	1.1238.2.65.2.26
  +++ openssl/CHANGES	26 Dec 2007 19:04:57
-0000	1.1238.2.65.2.27
   -4,6 +4,10 
   
    Changes between 0.9.8g and 0.9.8h-fips  [xx XXX xxxx]
   
  +  *) Add flag EVP_CIPH_FLAG_LENGTH_BITS to indicate that
input buffer length
  +     is in bits not bytes. The Monte Carlo FIPS140-2 CFB1
tests require this.
  +     [Steve Henson]
  +
     *) Add option --with-fipslibdir to specify location of
fipscanister.lib
        and friends. When combined with fips build option
fipscanister.lib is
        not built but linked from the supplied directory.
Always link fips
   .
  patch -p0 <<' .'
  Index: openssl/crypto/evp/evp.h
 
============================================================
================
  $ cvs diff -u -r1.112.2.4.2.8 -r1.112.2.4.2.9 evp.h
  --- openssl/crypto/evp/evp.h	14 Dec 2007 01:15:44
-0000	1.112.2.4.2.8
  +++ openssl/crypto/evp/evp.h	26 Dec 2007 19:04:57
-0000	1.112.2.4.2.9
   -378,6 +378,8 
   #define		EVP_CIPH_FLAG_NON_FIPS_ALLOW	0x800
   /* Allow use default ASN1 get/set iv */
   #define		EVP_CIPH_FLAG_DEFAULT_ASN1	0x1000
  +/* Buffer length in bits not bytes: CFB1 mode only */
  +#define		EVP_CIPH_FLAG_LENGTH_BITS	0x2000
   
   /* ctrl() values */
   
   -470,6 +472,7 
   #define
M_EVP_MD_CTX_type(e)		M_EVP_MD_type(M_EVP_MD_CTX_md(e))
   #define M_EVP_MD_CTX_md(e)			((e)->digest)
   
  +#define M_EVP_CIPHER_CTX_set_flags(ctx,flgs)
((ctx)->flags|=(flgs))
   
   int EVP_MD_type(const EVP_MD *md);
   #define EVP_MD_nid(e)			EVP_MD_type(e)
   .
  patch -p0 <<' .'
  Index: openssl/crypto/evp/evp_locl.h
 
============================================================
================
  $ cvs diff -u -r1.10.2.1.2.3 -r1.10.2.1.2.4 evp_locl.h
  --- openssl/crypto/evp/evp_locl.h	8 Jul 2007 19:20:48
-0000	1.10.2.1.2.3
  +++ openssl/crypto/evp/evp_locl.h	26 Dec 2007 19:04:57
-0000	1.10.2.1.2.4
   -92,7 +92,7 
   #define BLOCK_CIPHER_func_cfb(cname, cprefix, cbits,
kstruct, ksched) 
   static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX
*ctx, unsigned char *out, const unsigned char *in, unsigned
int inl) 
   {
  -	cprefix##_cfb##cbits##_encrypt(in, out,
(long)(cbits==1?inl*8:inl), &((kstruct
*)ctx->cipher_data)->ksched, ctx->iv,
&ctx->num, ctx->encrypt);
  +	cprefix##_cfb##cbits##_encrypt(in, out,
(long)((cbits==1) && !(ctx->flags &
EVP_CIPH_FLAG_LENGTH_BITS) ?inl*8:inl), &((kstruct
*)ctx->cipher_data)->ksched, ctx->iv,
&ctx->num, ctx->encrypt);
   	return 1;
   }
   
   .
  patch -p0 <<' .'
  Index: openssl/fips/aes/fips_aesavs.c
 
============================================================
================
  $ cvs diff -u -r1.1.4.3 -r1.1.4.4 fips_aesavs.c
  --- openssl/fips/aes/fips_aesavs.c	21 Sep 2007 18:00:23
-0000	1.1.4.3
  +++ openssl/fips/aes/fips_aesavs.c	26 Dec 2007 19:04:58
-0000	1.1.4.4
   -212,6 +212,8 
   	}
       if (EVP_CipherInit_ex(ctx, cipher, NULL, aKey, iVec,
dir) <= 0)
   	return 0;
  +    if(!strcasecmp(amode,"CFB1"))
  +	M_EVP_CIPHER_CTX_set_flags(ctx,
EVP_CIPH_FLAG_LENGTH_BITS);
       if (dir)
   		EVP_Cipher(ctx, ciphertext, plaintext, len);
   	else
   -377,9 +379,11 
   	    case CFB1:
   		if(j == 0)
   		    {
  +#if 0
   		    /* compensate for wrong endianness of input file
*/
   		    if(i == 0)
   			ptext[0][0]<<=7;
  +#endif
   		    ret =
AESTest(&ctx,amode,akeysz,key[i],iv[i],dir,
   				ptext[j], ctext[j], len);
   		    }
   .
____________________________________________________________
__________
OpenSSL Project                                 http://www.openssl.org
CVS Repository Commit List                    
openssl-cvsopenssl.org
Automated List Manager                          
majordomoopenssl.org
[1]

about | contact  Other archives ( Real Estate discussion Medical topics )