[mingw-openssl: 16/32] - Merged patches from native Fedora openssl (up to 1.0.0-0.16.beta4) - Dropped the patch to fix non-
Kalev Lember
kalev at fedoraproject.org
Tue Mar 6 20:07:35 UTC 2012
commit 45fb3a2724685762b803b552c94107432594ca24
Author: Kalev Lember <kalev at fedoraproject.org>
Date: Thu Nov 26 07:00:46 2009 +0000
- Merged patches from native Fedora openssl (up to 1.0.0-0.16.beta4)
- Dropped the patch to fix non-fips mingw build, as it's now merged into
fips patch from native openssl
mingw32-openssl-1.0.0-beta4-nofips.patch | 130 ---------
mingw32-openssl.spec | 12 +-
openssl-1.0.0-beta4-dtls-ipv6.patch | 219 ++++++++++++++++
openssl-1.0.0-beta4-fips.patch | 420 ++++++++++++++++--------------
4 files changed, 447 insertions(+), 334 deletions(-)
---
diff --git a/mingw32-openssl.spec b/mingw32-openssl.spec
index 3f8f216..a956103 100644
--- a/mingw32-openssl.spec
+++ b/mingw32-openssl.spec
@@ -31,7 +31,7 @@
Name: mingw32-openssl
Version: 1.0.0
-Release: 0.5.%{beta}%{?dist}
+Release: 0.6.%{beta}%{?dist}
Summary: MinGW port of the OpenSSL toolkit
License: OpenSSL
@@ -83,6 +83,7 @@ Patch60: openssl-1.0.0-beta4-reneg.patch
Patch61: openssl-1.0.0-beta4-client-reneg.patch
Patch62: openssl-1.0.0-beta4-backports.patch
Patch63: openssl-1.0.0-beta4-reneg-err.patch
+Patch64: openssl-1.0.0-beta4-dtls-ipv6.patch
# MinGW-specific patches.
# Use MINGW32_CFLAGS (set below) in Configure script
@@ -94,8 +95,6 @@ Patch102: mingw32-openssl-1.0.0-beta3-sfx.patch
# Ugly patch to fix a compilation error (the linker can't find
# some symbols mentioned in an autogenerated .def file)
Patch105: mingw32-openssl-1.0.0-beta3-linker-fix.patch
-# Fix build without fips
-Patch106: mingw32-openssl-1.0.0-beta4-nofips.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -189,12 +188,12 @@ Static version of the MinGW port of the OpenSSL toolkit.
%patch61 -p1 -b .client-reneg
%patch62 -p1 -b .backports
%patch63 -p1 -b .reneg-err
+%patch64 -p1 -b .dtls-ipv6
%patch100 -p1 -b .mingw-configure
%patch101 -p1 -b .mingw-libversion
%patch102 -p1 -b .mingw-sfx
%patch105 -p0 -b .mingw-linker-fix
-%patch106 -p1 -b .mingw-nofips
# Modify the various perl scripts to reference perl in the right location.
perl util/perlpath.pl `dirname %{__perl}`
@@ -353,6 +352,11 @@ rm -rf $RPM_BUILD_ROOT
%changelog
+* Thu Nov 26 2009 Kalev Lember <kalev at smartlink.ee> - 1.0.0-0.6.beta4
+- Merged patches from native Fedora openssl (up to 1.0.0-0.16.beta4)
+- Dropped the patch to fix non-fips mingw build,
+ as it's now merged into fips patch from native openssl
+
* Sun Nov 22 2009 Kalev Lember <kalev at smartlink.ee> - 1.0.0-0.5.beta4
- Updated to version 1.0.0 beta 4
- Merged patches from native Fedora openssl (up to 1.0.0-0.15.beta4)
diff --git a/openssl-1.0.0-beta4-dtls-ipv6.patch b/openssl-1.0.0-beta4-dtls-ipv6.patch
new file mode 100644
index 0000000..1173f1a
--- /dev/null
+++ b/openssl-1.0.0-beta4-dtls-ipv6.patch
@@ -0,0 +1,219 @@
+diff -up openssl-1.0.0-beta4/crypto/bio/b_sock.c.dtls-ipv6 openssl-1.0.0-beta4/crypto/bio/b_sock.c
+--- openssl-1.0.0-beta4/crypto/bio/b_sock.c.dtls-ipv6 2009-11-09 15:09:53.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/bio/b_sock.c 2009-11-23 08:50:45.000000000 +0100
+@@ -822,7 +822,8 @@ int BIO_accept(int sock, char **addr)
+ if (sizeof(sa.len.i)!=sizeof(sa.len.s) && sa.len.i==0)
+ {
+ OPENSSL_assert(sa.len.s<=sizeof(sa.from));
+- sa.len.i = (unsigned int)sa.len.s;
++ sa.len.i = (int)sa.len.s;
++ /* use sa.len.i from this point */
+ }
+ if (ret == INVALID_SOCKET)
+ {
+diff -up openssl-1.0.0-beta4/crypto/bio/bss_dgram.c.dtls-ipv6 openssl-1.0.0-beta4/crypto/bio/bss_dgram.c
+--- openssl-1.0.0-beta4/crypto/bio/bss_dgram.c.dtls-ipv6 2009-10-15 19:41:44.000000000 +0200
++++ openssl-1.0.0-beta4/crypto/bio/bss_dgram.c 2009-11-23 08:50:45.000000000 +0100
+@@ -108,11 +108,13 @@ static BIO_METHOD methods_dgramp=
+
+ typedef struct bio_dgram_data_st
+ {
++ union {
++ struct sockaddr sa;
++ struct sockaddr_in sa_in;
+ #if OPENSSL_USE_IPV6
+- struct sockaddr_storage peer;
+-#else
+- struct sockaddr_in peer;
++ struct sockaddr_in6 sa_in6;
+ #endif
++ } peer;
+ unsigned int connected;
+ unsigned int _errno;
+ unsigned int mtu;
+@@ -278,28 +280,38 @@ static int dgram_read(BIO *b, char *out,
+ int ret=0;
+ bio_dgram_data *data = (bio_dgram_data *)b->ptr;
+
++ struct {
++ /*
++ * See commentary in b_sock.c. <appro>
++ */
++ union { size_t s; int i; } len;
++ union {
++ struct sockaddr sa;
++ struct sockaddr_in sa_in;
+ #if OPENSSL_USE_IPV6
+- struct sockaddr_storage peer;
+-#else
+- struct sockaddr_in peer;
++ struct sockaddr_in6 sa_in6;
+ #endif
+- int peerlen = sizeof(peer);
++ } peer;
++ } sa;
++
++ sa.len.s=0;
++ sa.len.i=sizeof(sa.peer);
+
+ if (out != NULL)
+ {
+ clear_socket_error();
+- memset(&peer, 0x00, peerlen);
+- /* Last arg in recvfrom is signed on some platforms and
+- * unsigned on others. It is of type socklen_t on some
+- * but this is not universal. Cast to (void *) to avoid
+- * compiler warnings.
+- */
++ memset(&sa.peer, 0x00, sizeof(sa.peer));
+ dgram_adjust_rcv_timeout(b);
+- ret=recvfrom(b->num,out,outl,0,(struct sockaddr *)&peer,(void *)&peerlen);
++ ret=recvfrom(b->num,out,outl,0,&sa.peer.sa,(void *)&sa.len);
++ if (sizeof(sa.len.i)!=sizeof(sa.len.s) && sa.len.i==0)
++ {
++ OPENSSL_assert(sa.len.s<=sizeof(sa.peer));
++ sa.len.i = (int)sa.len.s;
++ }
+ dgram_reset_rcv_timeout(b);
+
+ if ( ! data->connected && ret >= 0)
+- BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, &peer);
++ BIO_ctrl(b, BIO_CTRL_DGRAM_SET_PEER, 0, &sa.peer);
+
+ BIO_clear_retry_flags(b);
+ if (ret < 0)
+@@ -323,25 +335,10 @@ static int dgram_write(BIO *b, const cha
+ if ( data->connected )
+ ret=writesocket(b->num,in,inl);
+ else
+-#if OPENSSL_USE_IPV6
+- if (data->peer.ss_family == AF_INET)
+ #if defined(NETWARE_CLIB) && defined(NETWARE_BSDSOCK)
+- ret=sendto(b->num, (char *)in, inl, 0, (const struct sockaddr *)&data->peer, sizeof(struct sockaddr_in));
++ ret=sendto(b->num, (char *)in, inl, 0, &data->peer.sa, sizeof(data->peer));
+ #else
+- ret=sendto(b->num, in, inl, 0, (const struct sockaddr *)&data->peer, sizeof(struct sockaddr_in));
+-#endif
+- else
+-#if defined(NETWARE_CLIB) && defined(NETWARE_BSDSOCK)
+- ret=sendto(b->num, (char *)in, inl, 0, (const struct sockaddr *)&data->peer, sizeof(struct sockaddr_in6));
+-#else
+- ret=sendto(b->num, in, inl, 0, (const struct sockaddr *)&data->peer, sizeof(struct sockaddr_in6));
+-#endif
+-#else
+-#if defined(NETWARE_CLIB) && defined(NETWARE_BSDSOCK)
+- ret=sendto(b->num, (char *)in, inl, 0, (const struct sockaddr *)&data->peer, sizeof(struct sockaddr_in));
+-#else
+- ret=sendto(b->num, in, inl, 0, (const struct sockaddr *)&data->peer, sizeof(struct sockaddr_in));
+-#endif
++ ret=sendto(b->num, in, inl, 0, &data->peer.sa, sizeof(data->peer));
+ #endif
+
+ BIO_clear_retry_flags(b);
+@@ -428,11 +425,20 @@ static long dgram_ctrl(BIO *b, int cmd,
+ else
+ {
+ #endif
++ switch (to->sa_family)
++ {
++ case AF_INET:
++ memcpy(&data->peer,to,sizeof(data->peer.sa_in));
++ break;
+ #if OPENSSL_USE_IPV6
+- memcpy(&(data->peer),to, sizeof(struct sockaddr_storage));
+-#else
+- memcpy(&(data->peer),to, sizeof(struct sockaddr_in));
+-#endif
++ case AF_INET6:
++ memcpy(&data->peer,to,sizeof(data->peer.sa_in6));
++ break;
++#endif
++ default:
++ memcpy(&data->peer,to,sizeof(data->peer.sa));
++ break;
++ }
+ #if 0
+ }
+ #endif
+@@ -537,41 +543,60 @@ static long dgram_ctrl(BIO *b, int cmd,
+ if ( to != NULL)
+ {
+ data->connected = 1;
++ switch (to->sa_family)
++ {
++ case AF_INET:
++ memcpy(&data->peer,to,sizeof(data->peer.sa_in));
++ break;
+ #if OPENSSL_USE_IPV6
+- memcpy(&(data->peer),to, sizeof(struct sockaddr_storage));
+-#else
+- memcpy(&(data->peer),to, sizeof(struct sockaddr_in));
+-#endif
++ case AF_INET6:
++ memcpy(&data->peer,to,sizeof(data->peer.sa_in6));
++ break;
++#endif
++ default:
++ memcpy(&data->peer,to,sizeof(data->peer.sa));
++ break;
++ }
+ }
+ else
+ {
+ data->connected = 0;
+-#if OPENSSL_USE_IPV6
+- memset(&(data->peer), 0x00, sizeof(struct sockaddr_storage));
+-#else
+- memset(&(data->peer), 0x00, sizeof(struct sockaddr_in));
+-#endif
++ memset(&(data->peer), 0x00, sizeof(data->peer));
+ }
+ break;
+ case BIO_CTRL_DGRAM_GET_PEER:
+ to = (struct sockaddr *) ptr;
+-
++ switch (to->sa_family)
++ {
++ case AF_INET:
++ memcpy(to,&data->peer,(ret=sizeof(data->peer.sa_in)));
++ break;
+ #if OPENSSL_USE_IPV6
+- memcpy(to, &(data->peer), sizeof(struct sockaddr_storage));
+- ret = sizeof(struct sockaddr_storage);
+-#else
+- memcpy(to, &(data->peer), sizeof(struct sockaddr_in));
+- ret = sizeof(struct sockaddr_in);
+-#endif
++ case AF_INET6:
++ memcpy(to,&data->peer,(ret=sizeof(data->peer.sa_in6)));
++ break;
++#endif
++ default:
++ memcpy(to,&data->peer,(ret=sizeof(data->peer.sa)));
++ break;
++ }
+ break;
+ case BIO_CTRL_DGRAM_SET_PEER:
+ to = (struct sockaddr *) ptr;
+-
++ switch (to->sa_family)
++ {
++ case AF_INET:
++ memcpy(&data->peer,to,sizeof(data->peer.sa_in));
++ break;
+ #if OPENSSL_USE_IPV6
+- memcpy(&(data->peer), to, sizeof(struct sockaddr_storage));
+-#else
+- memcpy(&(data->peer), to, sizeof(struct sockaddr_in));
+-#endif
++ case AF_INET6:
++ memcpy(&data->peer,to,sizeof(data->peer.sa_in6));
++ break;
++#endif
++ default:
++ memcpy(&data->peer,to,sizeof(data->peer.sa));
++ break;
++ }
+ break;
+ case BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT:
+ memcpy(&(data->next_timeout), ptr, sizeof(struct timeval));
diff --git a/openssl-1.0.0-beta4-fips.patch b/openssl-1.0.0-beta4-fips.patch
index bc81d71..41b3d1f 100644
--- a/openssl-1.0.0-beta4-fips.patch
+++ b/openssl-1.0.0-beta4-fips.patch
@@ -1,6 +1,6 @@
diff -up openssl-1.0.0-beta4/Configure.fips openssl-1.0.0-beta4/Configure
---- openssl-1.0.0-beta4/Configure.fips 2009-11-12 12:36:50.000000000 +0100
-+++ openssl-1.0.0-beta4/Configure 2009-11-12 12:36:50.000000000 +0100
+--- openssl-1.0.0-beta4/Configure.fips 2009-11-23 08:32:31.000000000 +0100
++++ openssl-1.0.0-beta4/Configure 2009-11-23 08:32:31.000000000 +0100
@@ -660,6 +660,7 @@ my $cmll_enc="camellia.o cmll_misc.o cml
my $processor="";
my $default_ranlib;
@@ -45,7 +45,7 @@ diff -up openssl-1.0.0-beta4/Configure.fips openssl-1.0.0-beta4/Configure
s/^SHARED_LIBS=.*/SHARED_LIBS=\$(SHARED_CRYPTO) \$(SHARED_SSL)/ if (!$no_shared);
diff -up openssl-1.0.0-beta4/crypto/bf/bf_skey.c.fips openssl-1.0.0-beta4/crypto/bf/bf_skey.c
--- openssl-1.0.0-beta4/crypto/bf/bf_skey.c.fips 2008-11-12 04:57:52.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/bf/bf_skey.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/bf/bf_skey.c 2009-11-23 08:32:31.000000000 +0100
@@ -59,10 +59,15 @@
#include <stdio.h>
#include <string.h>
@@ -64,8 +64,8 @@ diff -up openssl-1.0.0-beta4/crypto/bf/bf_skey.c.fips openssl-1.0.0-beta4/crypto
int i;
BF_LONG *p,ri,in[2];
diff -up openssl-1.0.0-beta4/crypto/bf/blowfish.h.fips openssl-1.0.0-beta4/crypto/bf/blowfish.h
---- openssl-1.0.0-beta4/crypto/bf/blowfish.h.fips 2009-11-12 12:36:49.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/bf/blowfish.h 2009-11-12 12:36:50.000000000 +0100
+--- openssl-1.0.0-beta4/crypto/bf/blowfish.h.fips 2009-11-23 08:32:30.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/bf/blowfish.h 2009-11-23 08:32:31.000000000 +0100
@@ -104,7 +104,9 @@ typedef struct bf_key_st
BF_LONG S[4*256];
} BF_KEY;
@@ -78,8 +78,8 @@ diff -up openssl-1.0.0-beta4/crypto/bf/blowfish.h.fips openssl-1.0.0-beta4/crypt
void BF_encrypt(BF_LONG *data,const BF_KEY *key);
diff -up openssl-1.0.0-beta4/crypto/bn/bn.h.fips openssl-1.0.0-beta4/crypto/bn/bn.h
---- openssl-1.0.0-beta4/crypto/bn/bn.h.fips 2009-11-12 12:36:50.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/bn/bn.h 2009-11-12 12:36:50.000000000 +0100
+--- openssl-1.0.0-beta4/crypto/bn/bn.h.fips 2009-11-23 08:32:31.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/bn/bn.h 2009-11-23 08:32:31.000000000 +0100
@@ -540,6 +540,17 @@ int BN_is_prime_ex(const BIGNUM *p,int n
int BN_is_prime_fasttest_ex(const BIGNUM *p,int nchecks, BN_CTX *ctx,
int do_trial_division, BN_GENCB *cb);
@@ -99,8 +99,8 @@ diff -up openssl-1.0.0-beta4/crypto/bn/bn.h.fips openssl-1.0.0-beta4/crypto/bn/b
void BN_MONT_CTX_init(BN_MONT_CTX *ctx);
int BN_mod_mul_montgomery(BIGNUM *r,const BIGNUM *a,const BIGNUM *b,
diff -up /dev/null openssl-1.0.0-beta4/crypto/bn/bn_x931p.c
---- /dev/null 2009-11-04 12:00:58.801002276 +0100
-+++ openssl-1.0.0-beta4/crypto/bn/bn_x931p.c 2009-11-12 12:36:50.000000000 +0100
+--- /dev/null 2009-11-20 08:30:43.534002215 +0100
++++ openssl-1.0.0-beta4/crypto/bn/bn_x931p.c 2009-11-23 08:32:31.000000000 +0100
@@ -0,0 +1,272 @@
+/* bn_x931p.c */
+/* Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
@@ -376,7 +376,7 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/bn/bn_x931p.c
+
diff -up openssl-1.0.0-beta4/crypto/bn/Makefile.fips openssl-1.0.0-beta4/crypto/bn/Makefile
--- openssl-1.0.0-beta4/crypto/bn/Makefile.fips 2008-11-12 09:19:02.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/bn/Makefile 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/bn/Makefile 2009-11-23 08:32:31.000000000 +0100
@@ -26,13 +26,13 @@ LIBSRC= bn_add.c bn_div.c bn_exp.c bn_li
bn_print.c bn_rand.c bn_shift.c bn_word.c bn_blind.c \
bn_kron.c bn_sqrt.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_asm.c \
@@ -395,7 +395,7 @@ diff -up openssl-1.0.0-beta4/crypto/bn/Makefile.fips openssl-1.0.0-beta4/crypto/
diff -up openssl-1.0.0-beta4/crypto/camellia/asm/cmll-x86.pl.fips openssl-1.0.0-beta4/crypto/camellia/asm/cmll-x86.pl
--- openssl-1.0.0-beta4/crypto/camellia/asm/cmll-x86.pl.fips 2009-04-06 16:25:02.000000000 +0200
-+++ openssl-1.0.0-beta4/crypto/camellia/asm/cmll-x86.pl 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/camellia/asm/cmll-x86.pl 2009-11-23 08:32:31.000000000 +0100
@@ -722,12 +722,15 @@ my $bias=int(@T[0])?shift(@T):0;
}
&function_end("Camellia_Ekeygen");
@@ -423,8 +423,8 @@ diff -up openssl-1.0.0-beta4/crypto/camellia/asm/cmll-x86.pl.fips openssl-1.0.0-
@SBOX=(
diff -up openssl-1.0.0-beta4/crypto/camellia/camellia.h.fips openssl-1.0.0-beta4/crypto/camellia/camellia.h
---- openssl-1.0.0-beta4/crypto/camellia/camellia.h.fips 2009-11-12 12:36:49.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/camellia/camellia.h 2009-11-12 12:36:50.000000000 +0100
+--- openssl-1.0.0-beta4/crypto/camellia/camellia.h.fips 2009-11-23 08:32:30.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/camellia/camellia.h 2009-11-23 08:32:31.000000000 +0100
@@ -88,6 +88,11 @@ struct camellia_key_st
};
typedef struct camellia_key_st CAMELLIA_KEY;
@@ -438,8 +438,8 @@ diff -up openssl-1.0.0-beta4/crypto/camellia/camellia.h.fips openssl-1.0.0-beta4
CAMELLIA_KEY *key);
diff -up /dev/null openssl-1.0.0-beta4/crypto/camellia/cmll_fblk.c
---- /dev/null 2009-11-04 12:00:58.801002276 +0100
-+++ openssl-1.0.0-beta4/crypto/camellia/cmll_fblk.c 2009-11-12 12:36:50.000000000 +0100
+--- /dev/null 2009-11-20 08:30:43.534002215 +0100
++++ openssl-1.0.0-beta4/crypto/camellia/cmll_fblk.c 2009-11-23 08:32:31.000000000 +0100
@@ -0,0 +1,68 @@
+/* crypto/camellia/camellia_misc.c -*- mode:C; c-file-style: "eay" -*- */
+/* ====================================================================
@@ -511,7 +511,7 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/camellia/cmll_fblk.c
+#endif
diff -up openssl-1.0.0-beta4/crypto/camellia/cmll_misc.c.fips openssl-1.0.0-beta4/crypto/camellia/cmll_misc.c
--- openssl-1.0.0-beta4/crypto/camellia/cmll_misc.c.fips 2008-10-28 13:13:52.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/camellia/cmll_misc.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/camellia/cmll_misc.c 2009-11-23 08:32:31.000000000 +0100
@@ -52,11 +52,20 @@
#include <openssl/opensslv.h>
#include <openssl/camellia.h>
@@ -535,7 +535,7 @@ diff -up openssl-1.0.0-beta4/crypto/camellia/cmll_misc.c.fips openssl-1.0.0-beta
return -1;
diff -up openssl-1.0.0-beta4/crypto/camellia/Makefile.fips openssl-1.0.0-beta4/crypto/camellia/Makefile
--- openssl-1.0.0-beta4/crypto/camellia/Makefile.fips 2008-12-23 12:33:00.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/camellia/Makefile 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/camellia/Makefile 2009-11-23 08:32:31.000000000 +0100
@@ -23,9 +23,9 @@ APPS=
LIB=$(TOP)/libcrypto.a
@@ -549,8 +549,8 @@ diff -up openssl-1.0.0-beta4/crypto/camellia/Makefile.fips openssl-1.0.0-beta4/c
SRC= $(LIBSRC)
diff -up openssl-1.0.0-beta4/crypto/cast/cast.h.fips openssl-1.0.0-beta4/crypto/cast/cast.h
---- openssl-1.0.0-beta4/crypto/cast/cast.h.fips 2009-11-12 12:36:49.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/cast/cast.h 2009-11-12 12:36:50.000000000 +0100
+--- openssl-1.0.0-beta4/crypto/cast/cast.h.fips 2009-11-23 08:32:30.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/cast/cast.h 2009-11-23 08:32:31.000000000 +0100
@@ -83,7 +83,9 @@ typedef struct cast_key_st
int short_key; /* Use reduced rounds for short key */
} CAST_KEY;
@@ -564,7 +564,7 @@ diff -up openssl-1.0.0-beta4/crypto/cast/cast.h.fips openssl-1.0.0-beta4/crypto/
int enc);
diff -up openssl-1.0.0-beta4/crypto/cast/c_skey.c.fips openssl-1.0.0-beta4/crypto/cast/c_skey.c
--- openssl-1.0.0-beta4/crypto/cast/c_skey.c.fips 2000-06-03 16:13:35.000000000 +0200
-+++ openssl-1.0.0-beta4/crypto/cast/c_skey.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/cast/c_skey.c 2009-11-23 08:32:31.000000000 +0100
@@ -57,6 +57,11 @@
*/
@@ -587,8 +587,8 @@ diff -up openssl-1.0.0-beta4/crypto/cast/c_skey.c.fips openssl-1.0.0-beta4/crypt
CAST_LONG x[16];
CAST_LONG z[16];
diff -up openssl-1.0.0-beta4/crypto/crypto.h.fips openssl-1.0.0-beta4/crypto/crypto.h
---- openssl-1.0.0-beta4/crypto/crypto.h.fips 2009-11-12 12:36:49.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/crypto.h 2009-11-12 12:36:50.000000000 +0100
+--- openssl-1.0.0-beta4/crypto/crypto.h.fips 2009-11-23 08:32:30.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/crypto.h 2009-11-23 08:32:31.000000000 +0100
@@ -546,12 +546,69 @@ void OpenSSLDie(const char *file,int lin
unsigned long *OPENSSL_ia32cap_loc(void);
#define OPENSSL_ia32cap (*(OPENSSL_ia32cap_loc()))
@@ -661,7 +661,7 @@ diff -up openssl-1.0.0-beta4/crypto/crypto.h.fips openssl-1.0.0-beta4/crypto/cry
/* Function codes. */
diff -up openssl-1.0.0-beta4/crypto/dh/dh_err.c.fips openssl-1.0.0-beta4/crypto/dh/dh_err.c
--- openssl-1.0.0-beta4/crypto/dh/dh_err.c.fips 2006-11-21 22:29:37.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/dh/dh_err.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/dh/dh_err.c 2009-11-23 08:32:31.000000000 +0100
@@ -73,6 +73,8 @@ static ERR_STRING_DATA DH_str_functs[]=
{ERR_FUNC(DH_F_COMPUTE_KEY), "COMPUTE_KEY"},
{ERR_FUNC(DH_F_DHPARAMS_PRINT_FP), "DHparams_print_fp"},
@@ -681,7 +681,7 @@ diff -up openssl-1.0.0-beta4/crypto/dh/dh_err.c.fips openssl-1.0.0-beta4/crypto/
{ERR_REASON(DH_R_NO_PARAMETERS_SET) ,"no parameters set"},
diff -up openssl-1.0.0-beta4/crypto/dh/dh_gen.c.fips openssl-1.0.0-beta4/crypto/dh/dh_gen.c
--- openssl-1.0.0-beta4/crypto/dh/dh_gen.c.fips 2005-04-26 20:53:15.000000000 +0200
-+++ openssl-1.0.0-beta4/crypto/dh/dh_gen.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/dh/dh_gen.c 2009-11-23 08:32:31.000000000 +0100
@@ -65,6 +65,10 @@
#include "cryptlib.h"
#include <openssl/bn.h>
@@ -715,8 +715,8 @@ diff -up openssl-1.0.0-beta4/crypto/dh/dh_gen.c.fips openssl-1.0.0-beta4/crypto/
if (ctx == NULL) goto err;
BN_CTX_start(ctx);
diff -up openssl-1.0.0-beta4/crypto/dh/dh.h.fips openssl-1.0.0-beta4/crypto/dh/dh.h
---- openssl-1.0.0-beta4/crypto/dh/dh.h.fips 2009-11-12 12:36:49.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/dh/dh.h 2009-11-12 12:36:50.000000000 +0100
+--- openssl-1.0.0-beta4/crypto/dh/dh.h.fips 2009-11-23 08:32:30.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/dh/dh.h 2009-11-23 08:32:31.000000000 +0100
@@ -77,6 +77,8 @@
# define OPENSSL_DH_MAX_MODULUS_BITS 10000
#endif
@@ -745,7 +745,7 @@ diff -up openssl-1.0.0-beta4/crypto/dh/dh.h.fips openssl-1.0.0-beta4/crypto/dh/d
}
diff -up openssl-1.0.0-beta4/crypto/dh/dh_key.c.fips openssl-1.0.0-beta4/crypto/dh/dh_key.c
--- openssl-1.0.0-beta4/crypto/dh/dh_key.c.fips 2007-03-28 02:15:23.000000000 +0200
-+++ openssl-1.0.0-beta4/crypto/dh/dh_key.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/dh/dh_key.c 2009-11-23 08:32:31.000000000 +0100
@@ -61,6 +61,9 @@
#include <openssl/bn.h>
#include <openssl/rand.h>
@@ -797,7 +797,7 @@ diff -up openssl-1.0.0-beta4/crypto/dh/dh_key.c.fips openssl-1.0.0-beta4/crypto/
}
diff -up openssl-1.0.0-beta4/crypto/dsa/dsa_gen.c.fips openssl-1.0.0-beta4/crypto/dsa/dsa_gen.c
--- openssl-1.0.0-beta4/crypto/dsa/dsa_gen.c.fips 2008-12-26 18:17:21.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/dsa/dsa_gen.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/dsa/dsa_gen.c 2009-11-23 08:32:31.000000000 +0100
@@ -77,8 +77,12 @@
#include "cryptlib.h"
#include <openssl/evp.h>
@@ -834,8 +834,8 @@ diff -up openssl-1.0.0-beta4/crypto/dsa/dsa_gen.c.fips openssl-1.0.0-beta4/crypt
qsize != SHA256_DIGEST_LENGTH)
/* invalid q size */
diff -up openssl-1.0.0-beta4/crypto/dsa/dsa.h.fips openssl-1.0.0-beta4/crypto/dsa/dsa.h
---- openssl-1.0.0-beta4/crypto/dsa/dsa.h.fips 2009-11-12 12:36:49.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/dsa/dsa.h 2009-11-12 12:36:50.000000000 +0100
+--- openssl-1.0.0-beta4/crypto/dsa/dsa.h.fips 2009-11-23 08:32:30.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/dsa/dsa.h 2009-11-23 08:32:31.000000000 +0100
@@ -88,6 +88,8 @@
# define OPENSSL_DSA_MAX_MODULUS_BITS 10000
#endif
@@ -894,14 +894,16 @@ diff -up openssl-1.0.0-beta4/crypto/dsa/dsa.h.fips openssl-1.0.0-beta4/crypto/ds
#ifdef __cplusplus
diff -up openssl-1.0.0-beta4/crypto/dsa/dsa_key.c.fips openssl-1.0.0-beta4/crypto/dsa/dsa_key.c
--- openssl-1.0.0-beta4/crypto/dsa/dsa_key.c.fips 2007-03-28 02:15:25.000000000 +0200
-+++ openssl-1.0.0-beta4/crypto/dsa/dsa_key.c 2009-11-12 12:36:50.000000000 +0100
-@@ -63,9 +63,53 @@
++++ openssl-1.0.0-beta4/crypto/dsa/dsa_key.c 2009-11-23 08:33:32.000000000 +0100
+@@ -63,9 +63,55 @@
#include <openssl/bn.h>
#include <openssl/dsa.h>
#include <openssl/rand.h>
+#include <openssl/err.h>
+#include <openssl/evp.h>
++#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
++#endif
+#include "fips_locl.h"
static int dsa_builtin_keygen(DSA *dsa);
@@ -949,7 +951,7 @@ diff -up openssl-1.0.0-beta4/crypto/dsa/dsa_key.c.fips openssl-1.0.0-beta4/crypt
int DSA_generate_key(DSA *dsa)
{
if(dsa->meth->dsa_keygen)
-@@ -79,6 +123,14 @@ static int dsa_builtin_keygen(DSA *dsa)
+@@ -79,6 +125,14 @@ static int dsa_builtin_keygen(DSA *dsa)
BN_CTX *ctx=NULL;
BIGNUM *pub_key=NULL,*priv_key=NULL;
@@ -964,7 +966,7 @@ diff -up openssl-1.0.0-beta4/crypto/dsa/dsa_key.c.fips openssl-1.0.0-beta4/crypt
if ((ctx=BN_CTX_new()) == NULL) goto err;
if (dsa->priv_key == NULL)
-@@ -117,6 +169,15 @@ static int dsa_builtin_keygen(DSA *dsa)
+@@ -117,6 +171,15 @@ static int dsa_builtin_keygen(DSA *dsa)
dsa->priv_key=priv_key;
dsa->pub_key=pub_key;
@@ -982,7 +984,7 @@ diff -up openssl-1.0.0-beta4/crypto/dsa/dsa_key.c.fips openssl-1.0.0-beta4/crypt
err:
diff -up openssl-1.0.0-beta4/crypto/dsa/dsa_ossl.c.fips openssl-1.0.0-beta4/crypto/dsa/dsa_ossl.c
--- openssl-1.0.0-beta4/crypto/dsa/dsa_ossl.c.fips 2007-03-28 02:15:26.000000000 +0200
-+++ openssl-1.0.0-beta4/crypto/dsa/dsa_ossl.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/dsa/dsa_ossl.c 2009-11-23 08:32:31.000000000 +0100
@@ -65,6 +65,9 @@
#include <openssl/dsa.h>
#include <openssl/rand.h>
@@ -1056,7 +1058,7 @@ diff -up openssl-1.0.0-beta4/crypto/dsa/dsa_ossl.c.fips openssl-1.0.0-beta4/cryp
}
diff -up openssl-1.0.0-beta4/crypto/err/err_all.c.fips openssl-1.0.0-beta4/crypto/err/err_all.c
--- openssl-1.0.0-beta4/crypto/err/err_all.c.fips 2009-08-09 16:58:05.000000000 +0200
-+++ openssl-1.0.0-beta4/crypto/err/err_all.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/err/err_all.c 2009-11-23 08:32:31.000000000 +0100
@@ -96,6 +96,9 @@
#include <openssl/ocsp.h>
#include <openssl/err.h>
@@ -1079,7 +1081,7 @@ diff -up openssl-1.0.0-beta4/crypto/err/err_all.c.fips openssl-1.0.0-beta4/crypt
#endif
diff -up openssl-1.0.0-beta4/crypto/evp/digest.c.fips openssl-1.0.0-beta4/crypto/evp/digest.c
--- openssl-1.0.0-beta4/crypto/evp/digest.c.fips 2008-11-04 13:06:09.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/evp/digest.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/evp/digest.c 2009-11-23 08:32:31.000000000 +0100
@@ -116,6 +116,7 @@
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
@@ -1180,7 +1182,7 @@ diff -up openssl-1.0.0-beta4/crypto/evp/digest.c.fips openssl-1.0.0-beta4/crypto
ret=ctx->digest->final(ctx,md);
diff -up openssl-1.0.0-beta4/crypto/evp/e_aes.c.fips openssl-1.0.0-beta4/crypto/evp/e_aes.c
--- openssl-1.0.0-beta4/crypto/evp/e_aes.c.fips 2004-01-28 20:05:33.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/evp/e_aes.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/evp/e_aes.c 2009-11-23 08:32:31.000000000 +0100
@@ -69,32 +69,29 @@ typedef struct
IMPLEMENT_BLOCK_CIPHER(aes_128, ks, AES, EVP_AES_KEY,
@@ -1235,7 +1237,7 @@ diff -up openssl-1.0.0-beta4/crypto/evp/e_aes.c.fips openssl-1.0.0-beta4/crypto/
const unsigned char *iv, int enc)
diff -up openssl-1.0.0-beta4/crypto/evp/e_camellia.c.fips openssl-1.0.0-beta4/crypto/evp/e_camellia.c
--- openssl-1.0.0-beta4/crypto/evp/e_camellia.c.fips 2006-08-31 22:56:20.000000000 +0200
-+++ openssl-1.0.0-beta4/crypto/evp/e_camellia.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/evp/e_camellia.c 2009-11-23 08:32:31.000000000 +0100
@@ -93,7 +93,7 @@ IMPLEMENT_BLOCK_CIPHER(camellia_256, ks,
EVP_CIPHER_get_asn1_iv,
NULL)
@@ -1247,7 +1249,7 @@ diff -up openssl-1.0.0-beta4/crypto/evp/e_camellia.c.fips openssl-1.0.0-beta4/cr
IMPLEMENT_CAMELLIA_CFBR(192,1)
diff -up openssl-1.0.0-beta4/crypto/evp/e_des3.c.fips openssl-1.0.0-beta4/crypto/evp/e_des3.c
--- openssl-1.0.0-beta4/crypto/evp/e_des3.c.fips 2008-12-29 13:35:47.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/evp/e_des3.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/evp/e_des3.c 2009-11-23 08:32:31.000000000 +0100
@@ -206,9 +206,9 @@ static int des_ede3_cfb8_cipher(EVP_CIPH
}
@@ -1294,7 +1296,7 @@ diff -up openssl-1.0.0-beta4/crypto/evp/e_des3.c.fips openssl-1.0.0-beta4/crypto
static int des_ede_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
diff -up openssl-1.0.0-beta4/crypto/evp/e_null.c.fips openssl-1.0.0-beta4/crypto/evp/e_null.c
--- openssl-1.0.0-beta4/crypto/evp/e_null.c.fips 2008-10-31 20:48:24.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/evp/e_null.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/evp/e_null.c 2009-11-23 08:32:31.000000000 +0100
@@ -69,7 +69,7 @@ static const EVP_CIPHER n_cipher=
{
NID_undef,
@@ -1306,7 +1308,7 @@ diff -up openssl-1.0.0-beta4/crypto/evp/e_null.c.fips openssl-1.0.0-beta4/crypto
NULL,
diff -up openssl-1.0.0-beta4/crypto/evp/evp_enc.c.fips openssl-1.0.0-beta4/crypto/evp/evp_enc.c
--- openssl-1.0.0-beta4/crypto/evp/evp_enc.c.fips 2008-11-12 04:58:00.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/evp/evp_enc.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/evp/evp_enc.c 2009-11-23 08:32:31.000000000 +0100
@@ -68,8 +68,53 @@
const char EVP_version[]="EVP" OPENSSL_VERSION_PTEXT;
@@ -1401,7 +1403,7 @@ diff -up openssl-1.0.0-beta4/crypto/evp/evp_enc.c.fips openssl-1.0.0-beta4/crypt
}
diff -up openssl-1.0.0-beta4/crypto/evp/evp_err.c.fips openssl-1.0.0-beta4/crypto/evp/evp_err.c
--- openssl-1.0.0-beta4/crypto/evp/evp_err.c.fips 2008-12-29 17:11:54.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/evp/evp_err.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/evp/evp_err.c 2009-11-23 08:32:31.000000000 +0100
@@ -154,6 +154,7 @@ static ERR_STRING_DATA EVP_str_reasons[]
{ERR_REASON(EVP_R_DECODE_ERROR) ,"decode error"},
{ERR_REASON(EVP_R_DIFFERENT_KEY_TYPES) ,"different key types"},
@@ -1411,8 +1413,8 @@ diff -up openssl-1.0.0-beta4/crypto/evp/evp_err.c.fips openssl-1.0.0-beta4/crypt
{ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR),"evp pbe cipherinit error"},
{ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY) ,"expecting an rsa key"},
diff -up openssl-1.0.0-beta4/crypto/evp/evp.h.fips openssl-1.0.0-beta4/crypto/evp/evp.h
---- openssl-1.0.0-beta4/crypto/evp/evp.h.fips 2009-11-12 12:36:49.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/evp/evp.h 2009-11-12 12:36:50.000000000 +0100
+--- openssl-1.0.0-beta4/crypto/evp/evp.h.fips 2009-11-23 08:32:30.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/evp/evp.h 2009-11-23 08:32:31.000000000 +0100
@@ -75,6 +75,10 @@
#include <openssl/bio.h>
#endif
@@ -1491,7 +1493,7 @@ diff -up openssl-1.0.0-beta4/crypto/evp/evp.h.fips openssl-1.0.0-beta4/crypto/ev
#define EVP_R_EXPECTING_AN_RSA_KEY 127
diff -up openssl-1.0.0-beta4/crypto/evp/evp_lib.c.fips openssl-1.0.0-beta4/crypto/evp/evp_lib.c
--- openssl-1.0.0-beta4/crypto/evp/evp_lib.c.fips 2009-04-10 12:30:27.000000000 +0200
-+++ openssl-1.0.0-beta4/crypto/evp/evp_lib.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/evp/evp_lib.c 2009-11-23 08:32:31.000000000 +0100
@@ -67,6 +67,8 @@ int EVP_CIPHER_param_to_asn1(EVP_CIPHER_
if (c->cipher->set_asn1_parameters != NULL)
@@ -1540,8 +1542,8 @@ diff -up openssl-1.0.0-beta4/crypto/evp/evp_lib.c.fips openssl-1.0.0-beta4/crypt
+ return (ctx->flags & flags);
+ }
diff -up openssl-1.0.0-beta4/crypto/evp/evp_locl.h.fips openssl-1.0.0-beta4/crypto/evp/evp_locl.h
---- openssl-1.0.0-beta4/crypto/evp/evp_locl.h.fips 2009-11-12 12:36:49.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/evp/evp_locl.h 2009-11-12 12:36:50.000000000 +0100
+--- openssl-1.0.0-beta4/crypto/evp/evp_locl.h.fips 2009-11-23 08:32:30.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/evp/evp_locl.h 2009-11-23 08:32:31.000000000 +0100
@@ -111,11 +111,11 @@ static int cname##_cbc_cipher(EVP_CIPHER
static int cname##_cfb##cbits##_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) \
{\
@@ -1593,7 +1595,7 @@ diff -up openssl-1.0.0-beta4/crypto/evp/evp_locl.h.fips openssl-1.0.0-beta4/cryp
{
diff -up openssl-1.0.0-beta4/crypto/evp/m_dss.c.fips openssl-1.0.0-beta4/crypto/evp/m_dss.c
--- openssl-1.0.0-beta4/crypto/evp/m_dss.c.fips 2006-04-19 19:05:57.000000000 +0200
-+++ openssl-1.0.0-beta4/crypto/evp/m_dss.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/evp/m_dss.c 2009-11-23 08:32:31.000000000 +0100
@@ -81,7 +81,7 @@ static const EVP_MD dsa_md=
NID_dsaWithSHA,
NID_dsaWithSHA,
@@ -1605,7 +1607,7 @@ diff -up openssl-1.0.0-beta4/crypto/evp/m_dss.c.fips openssl-1.0.0-beta4/crypto/
final,
diff -up openssl-1.0.0-beta4/crypto/evp/m_dss1.c.fips openssl-1.0.0-beta4/crypto/evp/m_dss1.c
--- openssl-1.0.0-beta4/crypto/evp/m_dss1.c.fips 2006-04-19 19:05:57.000000000 +0200
-+++ openssl-1.0.0-beta4/crypto/evp/m_dss1.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/evp/m_dss1.c 2009-11-23 08:32:31.000000000 +0100
@@ -82,7 +82,7 @@ static const EVP_MD dss1_md=
NID_dsa,
NID_dsaWithSHA1,
@@ -1617,7 +1619,7 @@ diff -up openssl-1.0.0-beta4/crypto/evp/m_dss1.c.fips openssl-1.0.0-beta4/crypto
final,
diff -up openssl-1.0.0-beta4/crypto/evp/m_sha1.c.fips openssl-1.0.0-beta4/crypto/evp/m_sha1.c
--- openssl-1.0.0-beta4/crypto/evp/m_sha1.c.fips 2008-03-12 22:14:24.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/evp/m_sha1.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/evp/m_sha1.c 2009-11-23 08:32:31.000000000 +0100
@@ -82,7 +82,8 @@ static const EVP_MD sha1_md=
NID_sha1,
NID_sha1WithRSAEncryption,
@@ -1670,7 +1672,7 @@ diff -up openssl-1.0.0-beta4/crypto/evp/m_sha1.c.fips openssl-1.0.0-beta4/crypto
final512,
diff -up openssl-1.0.0-beta4/crypto/evp/names.c.fips openssl-1.0.0-beta4/crypto/evp/names.c
--- openssl-1.0.0-beta4/crypto/evp/names.c.fips 2009-04-10 12:30:27.000000000 +0200
-+++ openssl-1.0.0-beta4/crypto/evp/names.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/evp/names.c 2009-11-23 08:32:31.000000000 +0100
@@ -66,6 +66,10 @@ int EVP_add_cipher(const EVP_CIPHER *c)
{
int r;
@@ -1695,7 +1697,7 @@ diff -up openssl-1.0.0-beta4/crypto/evp/names.c.fips openssl-1.0.0-beta4/crypto/
if (r == 0) return(0);
diff -up openssl-1.0.0-beta4/crypto/evp/p_sign.c.fips openssl-1.0.0-beta4/crypto/evp/p_sign.c
--- openssl-1.0.0-beta4/crypto/evp/p_sign.c.fips 2006-05-24 15:29:30.000000000 +0200
-+++ openssl-1.0.0-beta4/crypto/evp/p_sign.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/evp/p_sign.c 2009-11-23 08:32:31.000000000 +0100
@@ -61,6 +61,7 @@
#include <openssl/evp.h>
#include <openssl/objects.h>
@@ -1729,7 +1731,7 @@ diff -up openssl-1.0.0-beta4/crypto/evp/p_sign.c.fips openssl-1.0.0-beta4/crypto
*siglen = sltmp;
diff -up openssl-1.0.0-beta4/crypto/evp/p_verify.c.fips openssl-1.0.0-beta4/crypto/evp/p_verify.c
--- openssl-1.0.0-beta4/crypto/evp/p_verify.c.fips 2008-11-12 04:58:01.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/evp/p_verify.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/evp/p_verify.c 2009-11-23 08:32:31.000000000 +0100
@@ -61,6 +61,7 @@
#include <openssl/evp.h>
#include <openssl/objects.h>
@@ -1762,8 +1764,8 @@ diff -up openssl-1.0.0-beta4/crypto/evp/p_verify.c.fips openssl-1.0.0-beta4/cryp
err:
EVP_PKEY_CTX_free(pkctx);
diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/cavs/fips_aesavs.c
---- /dev/null 2009-11-04 12:00:58.801002276 +0100
-+++ openssl-1.0.0-beta4/crypto/fips/cavs/fips_aesavs.c 2009-11-12 12:36:50.000000000 +0100
+--- /dev/null 2009-11-20 08:30:43.534002215 +0100
++++ openssl-1.0.0-beta4/crypto/fips/cavs/fips_aesavs.c 2009-11-23 08:32:31.000000000 +0100
@@ -0,0 +1,939 @@
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
@@ -2705,8 +2707,8 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/cavs/fips_aesavs.c
+
+#endif
diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/cavs/fips_desmovs.c
---- /dev/null 2009-11-04 12:00:58.801002276 +0100
-+++ openssl-1.0.0-beta4/crypto/fips/cavs/fips_desmovs.c 2009-11-12 12:36:50.000000000 +0100
+--- /dev/null 2009-11-20 08:30:43.534002215 +0100
++++ openssl-1.0.0-beta4/crypto/fips/cavs/fips_desmovs.c 2009-11-23 08:32:31.000000000 +0100
@@ -0,0 +1,702 @@
+/* ====================================================================
+ * Copyright (c) 2004 The OpenSSL Project. All rights reserved.
@@ -3411,8 +3413,8 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/cavs/fips_desmovs.c
+
+#endif
diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/cavs/fips_dssvs.c
---- /dev/null 2009-11-04 12:00:58.801002276 +0100
-+++ openssl-1.0.0-beta4/crypto/fips/cavs/fips_dssvs.c 2009-11-12 12:36:50.000000000 +0100
+--- /dev/null 2009-11-20 08:30:43.534002215 +0100
++++ openssl-1.0.0-beta4/crypto/fips/cavs/fips_dssvs.c 2009-11-23 08:32:31.000000000 +0100
@@ -0,0 +1,537 @@
+#include <openssl/opensslconf.h>
+
@@ -3952,8 +3954,8 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/cavs/fips_dssvs.c
+
+#endif
diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/cavs/fips_rngvs.c
---- /dev/null 2009-11-04 12:00:58.801002276 +0100
-+++ openssl-1.0.0-beta4/crypto/fips/cavs/fips_rngvs.c 2009-11-12 12:36:50.000000000 +0100
+--- /dev/null 2009-11-20 08:30:43.534002215 +0100
++++ openssl-1.0.0-beta4/crypto/fips/cavs/fips_rngvs.c 2009-11-23 08:32:31.000000000 +0100
@@ -0,0 +1,230 @@
+/*
+ * Crude test driver for processing the VST and MCT testvector files
@@ -4186,8 +4188,8 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/cavs/fips_rngvs.c
+ }
+#endif
diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/cavs/fips_rsagtest.c
---- /dev/null 2009-11-04 12:00:58.801002276 +0100
-+++ openssl-1.0.0-beta4/crypto/fips/cavs/fips_rsagtest.c 2009-11-12 12:36:50.000000000 +0100
+--- /dev/null 2009-11-20 08:30:43.534002215 +0100
++++ openssl-1.0.0-beta4/crypto/fips/cavs/fips_rsagtest.c 2009-11-23 08:32:31.000000000 +0100
@@ -0,0 +1,390 @@
+/* fips_rsagtest.c */
+/* Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
@@ -4580,8 +4582,8 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/cavs/fips_rsagtest.c
+
+#endif
diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/cavs/fips_rsastest.c
---- /dev/null 2009-11-04 12:00:58.801002276 +0100
-+++ openssl-1.0.0-beta4/crypto/fips/cavs/fips_rsastest.c 2009-11-12 12:36:50.000000000 +0100
+--- /dev/null 2009-11-20 08:30:43.534002215 +0100
++++ openssl-1.0.0-beta4/crypto/fips/cavs/fips_rsastest.c 2009-11-23 08:32:31.000000000 +0100
@@ -0,0 +1,370 @@
+/* fips_rsastest.c */
+/* Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
@@ -4954,8 +4956,8 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/cavs/fips_rsastest.c
+ }
+#endif
diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/cavs/fips_rsavtest.c
---- /dev/null 2009-11-04 12:00:58.801002276 +0100
-+++ openssl-1.0.0-beta4/crypto/fips/cavs/fips_rsavtest.c 2009-11-12 12:36:50.000000000 +0100
+--- /dev/null 2009-11-20 08:30:43.534002215 +0100
++++ openssl-1.0.0-beta4/crypto/fips/cavs/fips_rsavtest.c 2009-11-23 08:32:31.000000000 +0100
@@ -0,0 +1,377 @@
+/* fips_rsavtest.c */
+/* Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
@@ -5335,8 +5337,8 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/cavs/fips_rsavtest.c
+ }
+#endif
diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/cavs/fips_shatest.c
---- /dev/null 2009-11-04 12:00:58.801002276 +0100
-+++ openssl-1.0.0-beta4/crypto/fips/cavs/fips_shatest.c 2009-11-12 12:36:50.000000000 +0100
+--- /dev/null 2009-11-20 08:30:43.534002215 +0100
++++ openssl-1.0.0-beta4/crypto/fips/cavs/fips_shatest.c 2009-11-23 08:32:31.000000000 +0100
@@ -0,0 +1,388 @@
+/* fips_shatest.c */
+/* Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
@@ -5727,8 +5729,8 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/cavs/fips_shatest.c
+
+#endif
diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/cavs/fips_utl.h
---- /dev/null 2009-11-04 12:00:58.801002276 +0100
-+++ openssl-1.0.0-beta4/crypto/fips/cavs/fips_utl.h 2009-11-12 12:36:50.000000000 +0100
+--- /dev/null 2009-11-20 08:30:43.534002215 +0100
++++ openssl-1.0.0-beta4/crypto/fips/cavs/fips_utl.h 2009-11-23 08:32:31.000000000 +0100
@@ -0,0 +1,343 @@
+/* ====================================================================
+ * Copyright (c) 2007 The OpenSSL Project. All rights reserved.
@@ -6074,8 +6076,8 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/cavs/fips_utl.h
+ }
+
diff -up /dev/null openssl-1.0.0-beta4/crypto/fips_err.c
---- /dev/null 2009-11-04 12:00:58.801002276 +0100
-+++ openssl-1.0.0-beta4/crypto/fips_err.c 2009-11-12 12:36:50.000000000 +0100
+--- /dev/null 2009-11-20 08:30:43.534002215 +0100
++++ openssl-1.0.0-beta4/crypto/fips_err.c 2009-11-23 08:32:31.000000000 +0100
@@ -0,0 +1,7 @@
+#include <openssl/opensslconf.h>
+
@@ -6085,8 +6087,8 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips_err.c
+static void *dummy=&dummy;
+#endif
diff -up /dev/null openssl-1.0.0-beta4/crypto/fips_err.h
---- /dev/null 2009-11-04 12:00:58.801002276 +0100
-+++ openssl-1.0.0-beta4/crypto/fips_err.h 2009-11-12 12:36:50.000000000 +0100
+--- /dev/null 2009-11-20 08:30:43.534002215 +0100
++++ openssl-1.0.0-beta4/crypto/fips_err.h 2009-11-23 08:32:31.000000000 +0100
@@ -0,0 +1,137 @@
+/* crypto/fips_err.h */
+/* ====================================================================
@@ -6226,9 +6228,9 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips_err.h
+#endif
+ }
diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_aes_selftest.c
---- /dev/null 2009-11-04 12:00:58.801002276 +0100
-+++ openssl-1.0.0-beta4/crypto/fips/fips_aes_selftest.c 2009-11-12 12:36:50.000000000 +0100
-@@ -0,0 +1,101 @@
+--- /dev/null 2009-11-20 08:30:43.534002215 +0100
++++ openssl-1.0.0-beta4/crypto/fips/fips_aes_selftest.c 2009-11-23 08:33:32.000000000 +0100
+@@ -0,0 +1,103 @@
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
+ *
@@ -6280,7 +6282,9 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_aes_selftest.c
+
+#include <string.h>
+#include <openssl/err.h>
++#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
++#endif
+#include <openssl/evp.h>
+
+#ifdef OPENSSL_FIPS
@@ -6331,8 +6335,8 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_aes_selftest.c
+ }
+#endif
diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips.c
---- /dev/null 2009-11-04 12:00:58.801002276 +0100
-+++ openssl-1.0.0-beta4/crypto/fips/fips.c 2009-11-12 12:36:50.000000000 +0100
+--- /dev/null 2009-11-20 08:30:43.534002215 +0100
++++ openssl-1.0.0-beta4/crypto/fips/fips.c 2009-11-23 08:32:31.000000000 +0100
@@ -0,0 +1,419 @@
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
@@ -6754,9 +6758,9 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips.c
+
+#endif
diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_des_selftest.c
---- /dev/null 2009-11-04 12:00:58.801002276 +0100
-+++ openssl-1.0.0-beta4/crypto/fips/fips_des_selftest.c 2009-11-12 12:36:50.000000000 +0100
-@@ -0,0 +1,137 @@
+--- /dev/null 2009-11-20 08:30:43.534002215 +0100
++++ openssl-1.0.0-beta4/crypto/fips/fips_des_selftest.c 2009-11-23 08:33:32.000000000 +0100
+@@ -0,0 +1,139 @@
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
+ *
@@ -6808,7 +6812,9 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_des_selftest.c
+
+#include <string.h>
+#include <openssl/err.h>
++#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
++#endif
+#include <openssl/evp.h>
+#include <openssl/opensslconf.h>
+
@@ -6895,9 +6901,9 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_des_selftest.c
+ }
+#endif
diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_dsa_selftest.c
---- /dev/null 2009-11-04 12:00:58.801002276 +0100
-+++ openssl-1.0.0-beta4/crypto/fips/fips_dsa_selftest.c 2009-11-12 12:36:50.000000000 +0100
-@@ -0,0 +1,184 @@
+--- /dev/null 2009-11-20 08:30:43.534002215 +0100
++++ openssl-1.0.0-beta4/crypto/fips/fips_dsa_selftest.c 2009-11-23 08:33:32.000000000 +0100
+@@ -0,0 +1,186 @@
+/* crypto/dsa/dsatest.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
@@ -6959,7 +6965,9 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_dsa_selftest.c
+#include <string.h>
+#include <openssl/crypto.h>
+#include <openssl/dsa.h>
++#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
++#endif
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/bn.h>
@@ -7083,8 +7091,8 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_dsa_selftest.c
+ }
+#endif
diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips.h
---- /dev/null 2009-11-04 12:00:58.801002276 +0100
-+++ openssl-1.0.0-beta4/crypto/fips/fips.h 2009-11-12 12:36:50.000000000 +0100
+--- /dev/null 2009-11-20 08:30:43.534002215 +0100
++++ openssl-1.0.0-beta4/crypto/fips/fips.h 2009-11-23 08:32:31.000000000 +0100
@@ -0,0 +1,163 @@
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
@@ -7250,9 +7258,9 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips.h
+#endif
+#endif
diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_hmac_selftest.c
---- /dev/null 2009-11-04 12:00:58.801002276 +0100
-+++ openssl-1.0.0-beta4/crypto/fips/fips_hmac_selftest.c 2009-11-12 12:36:50.000000000 +0100
-@@ -0,0 +1,135 @@
+--- /dev/null 2009-11-20 08:30:43.534002215 +0100
++++ openssl-1.0.0-beta4/crypto/fips/fips_hmac_selftest.c 2009-11-23 08:33:32.000000000 +0100
+@@ -0,0 +1,137 @@
+/* ====================================================================
+ * Copyright (c) 2005 The OpenSSL Project. All rights reserved.
+ *
@@ -7304,7 +7312,9 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_hmac_selftest.c
+
+#include <string.h>
+#include <openssl/err.h>
++#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
++#endif
+#include <openssl/hmac.h>
+
+#ifdef OPENSSL_FIPS
@@ -7389,9 +7399,9 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_hmac_selftest.c
+ }
+#endif
diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_rand.c
---- /dev/null 2009-11-04 12:00:58.801002276 +0100
-+++ openssl-1.0.0-beta4/crypto/fips/fips_rand.c 2009-11-12 12:36:50.000000000 +0100
-@@ -0,0 +1,410 @@
+--- /dev/null 2009-11-20 08:30:43.534002215 +0100
++++ openssl-1.0.0-beta4/crypto/fips/fips_rand.c 2009-11-23 08:33:32.000000000 +0100
+@@ -0,0 +1,412 @@
+/* ====================================================================
+ * Copyright (c) 2007 The OpenSSL Project. All rights reserved.
+ *
@@ -7470,7 +7480,9 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_rand.c
+# endif
+#endif
+#include <string.h>
++#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
++#endif
+#include "fips_locl.h"
+
+#ifdef OPENSSL_FIPS
@@ -7803,8 +7815,8 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_rand.c
+
+#endif
diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_rand.h
---- /dev/null 2009-11-04 12:00:58.801002276 +0100
-+++ openssl-1.0.0-beta4/crypto/fips/fips_rand.h 2009-11-12 12:36:50.000000000 +0100
+--- /dev/null 2009-11-20 08:30:43.534002215 +0100
++++ openssl-1.0.0-beta4/crypto/fips/fips_rand.h 2009-11-23 08:32:31.000000000 +0100
@@ -0,0 +1,77 @@
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
@@ -7884,9 +7896,9 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_rand.h
+#endif
+#endif
diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_rand_selftest.c
---- /dev/null 2009-11-04 12:00:58.801002276 +0100
-+++ openssl-1.0.0-beta4/crypto/fips/fips_rand_selftest.c 2009-11-12 12:36:50.000000000 +0100
-@@ -0,0 +1,371 @@
+--- /dev/null 2009-11-20 08:30:43.534002215 +0100
++++ openssl-1.0.0-beta4/crypto/fips/fips_rand_selftest.c 2009-11-23 08:33:32.000000000 +0100
+@@ -0,0 +1,373 @@
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
+ *
@@ -7938,7 +7950,9 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_rand_selftest.c
+
+#include <string.h>
+#include <openssl/err.h>
++#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
++#endif
+#include <openssl/rand.h>
+#include <openssl/fips_rand.h>
+
@@ -8259,8 +8273,8 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_rand_selftest.c
+
+#endif
diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_randtest.c
---- /dev/null 2009-11-04 12:00:58.801002276 +0100
-+++ openssl-1.0.0-beta4/crypto/fips/fips_randtest.c 2009-11-12 12:36:50.000000000 +0100
+--- /dev/null 2009-11-20 08:30:43.534002215 +0100
++++ openssl-1.0.0-beta4/crypto/fips/fips_randtest.c 2009-11-23 08:32:31.000000000 +0100
@@ -0,0 +1,248 @@
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
+ * All rights reserved.
@@ -8511,9 +8525,9 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_randtest.c
+
+#endif
diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_rsa_selftest.c
---- /dev/null 2009-11-04 12:00:58.801002276 +0100
-+++ openssl-1.0.0-beta4/crypto/fips/fips_rsa_selftest.c 2009-11-12 12:36:50.000000000 +0100
-@@ -0,0 +1,439 @@
+--- /dev/null 2009-11-20 08:30:43.534002215 +0100
++++ openssl-1.0.0-beta4/crypto/fips/fips_rsa_selftest.c 2009-11-23 08:33:32.000000000 +0100
+@@ -0,0 +1,441 @@
+/* ====================================================================
+ * Copyright (c) 2003-2007 The OpenSSL Project. All rights reserved.
+ *
@@ -8565,7 +8579,9 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_rsa_selftest.c
+
+#include <string.h>
+#include <openssl/err.h>
++#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
++#endif
+#include <openssl/rsa.h>
+#include <openssl/evp.h>
+#include <openssl/bn.h>
@@ -8954,8 +8970,8 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_rsa_selftest.c
+
+#endif /* def OPENSSL_FIPS */
diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_rsa_x931g.c
---- /dev/null 2009-11-04 12:00:58.801002276 +0100
-+++ openssl-1.0.0-beta4/crypto/fips/fips_rsa_x931g.c 2009-11-12 12:36:50.000000000 +0100
+--- /dev/null 2009-11-20 08:30:43.534002215 +0100
++++ openssl-1.0.0-beta4/crypto/fips/fips_rsa_x931g.c 2009-11-23 08:32:31.000000000 +0100
@@ -0,0 +1,281 @@
+/* crypto/rsa/rsa_gen.c */
+/* Copyright (C) 1995-1998 Eric Young (eay at cryptsoft.com)
@@ -9239,9 +9255,9 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_rsa_x931g.c
+
+ }
diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_sha1_selftest.c
---- /dev/null 2009-11-04 12:00:58.801002276 +0100
-+++ openssl-1.0.0-beta4/crypto/fips/fips_sha1_selftest.c 2009-11-12 12:36:50.000000000 +0100
-@@ -0,0 +1,97 @@
+--- /dev/null 2009-11-20 08:30:43.534002215 +0100
++++ openssl-1.0.0-beta4/crypto/fips/fips_sha1_selftest.c 2009-11-23 08:33:32.000000000 +0100
+@@ -0,0 +1,99 @@
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
+ *
@@ -9293,7 +9309,9 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_sha1_selftest.c
+
+#include <string.h>
+#include <openssl/err.h>
++#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
++#endif
+#include <openssl/evp.h>
+#include <openssl/sha.h>
+
@@ -9340,8 +9358,8 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_sha1_selftest.c
+
+#endif
diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_standalone_sha1.c
---- /dev/null 2009-11-04 12:00:58.801002276 +0100
-+++ openssl-1.0.0-beta4/crypto/fips/fips_standalone_sha1.c 2009-11-12 12:36:50.000000000 +0100
+--- /dev/null 2009-11-20 08:30:43.534002215 +0100
++++ openssl-1.0.0-beta4/crypto/fips/fips_standalone_sha1.c 2009-11-23 08:32:31.000000000 +0100
@@ -0,0 +1,173 @@
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
@@ -9517,8 +9535,8 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_standalone_sha1.c
+
+
diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_test_suite.c
---- /dev/null 2009-11-04 12:00:58.801002276 +0100
-+++ openssl-1.0.0-beta4/crypto/fips/fips_test_suite.c 2009-11-12 12:36:50.000000000 +0100
+--- /dev/null 2009-11-20 08:30:43.534002215 +0100
++++ openssl-1.0.0-beta4/crypto/fips/fips_test_suite.c 2009-11-23 08:32:31.000000000 +0100
@@ -0,0 +1,588 @@
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
@@ -10109,8 +10127,8 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/fips_test_suite.c
+
+#endif
diff -up /dev/null openssl-1.0.0-beta4/crypto/fips_locl.h
---- /dev/null 2009-11-04 12:00:58.801002276 +0100
-+++ openssl-1.0.0-beta4/crypto/fips_locl.h 2009-11-12 12:36:50.000000000 +0100
+--- /dev/null 2009-11-20 08:30:43.534002215 +0100
++++ openssl-1.0.0-beta4/crypto/fips_locl.h 2009-11-23 08:32:31.000000000 +0100
@@ -0,0 +1,72 @@
+/* ====================================================================
+ * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
@@ -10185,8 +10203,8 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips_locl.h
+#endif
+#endif
diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/Makefile
---- /dev/null 2009-11-04 12:00:58.801002276 +0100
-+++ openssl-1.0.0-beta4/crypto/fips/Makefile 2009-11-12 12:36:50.000000000 +0100
+--- /dev/null 2009-11-20 08:30:43.534002215 +0100
++++ openssl-1.0.0-beta4/crypto/fips/Makefile 2009-11-23 08:32:31.000000000 +0100
@@ -0,0 +1,81 @@
+#
+# OpenSSL/crypto/fips/Makefile
@@ -10271,7 +10289,7 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/fips/Makefile
+
diff -up openssl-1.0.0-beta4/crypto/hmac/hmac.c.fips openssl-1.0.0-beta4/crypto/hmac/hmac.c
--- openssl-1.0.0-beta4/crypto/hmac/hmac.c.fips 2008-11-12 04:58:02.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/hmac/hmac.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/hmac/hmac.c 2009-11-23 08:32:31.000000000 +0100
@@ -77,6 +77,13 @@ int HMAC_Init_ex(HMAC_CTX *ctx, const vo
if (key != NULL)
@@ -10298,8 +10316,8 @@ diff -up openssl-1.0.0-beta4/crypto/hmac/hmac.c.fips openssl-1.0.0-beta4/crypto/
+ }
+
diff -up openssl-1.0.0-beta4/crypto/hmac/hmac.h.fips openssl-1.0.0-beta4/crypto/hmac/hmac.h
---- openssl-1.0.0-beta4/crypto/hmac/hmac.h.fips 2009-11-12 12:36:49.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/hmac/hmac.h 2009-11-12 12:36:50.000000000 +0100
+--- openssl-1.0.0-beta4/crypto/hmac/hmac.h.fips 2009-11-23 08:32:30.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/hmac/hmac.h 2009-11-23 08:32:31.000000000 +0100
@@ -101,6 +101,7 @@ unsigned char *HMAC(const EVP_MD *evp_md
unsigned int *md_len);
int HMAC_CTX_copy(HMAC_CTX *dctx, HMAC_CTX *sctx);
@@ -10310,7 +10328,7 @@ diff -up openssl-1.0.0-beta4/crypto/hmac/hmac.h.fips openssl-1.0.0-beta4/crypto/
}
diff -up openssl-1.0.0-beta4/crypto/Makefile.fips openssl-1.0.0-beta4/crypto/Makefile
--- openssl-1.0.0-beta4/crypto/Makefile.fips 2009-04-06 16:31:35.000000000 +0200
-+++ openssl-1.0.0-beta4/crypto/Makefile 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/Makefile 2009-11-23 08:32:31.000000000 +0100
@@ -34,14 +34,14 @@ GENERAL=Makefile README crypto-lib.com i
LIB= $(TOP)/libcrypto.a
@@ -10331,7 +10349,7 @@ diff -up openssl-1.0.0-beta4/crypto/Makefile.fips openssl-1.0.0-beta4/crypto/Mak
diff -up openssl-1.0.0-beta4/crypto/mdc2/mdc2dgst.c.fips openssl-1.0.0-beta4/crypto/mdc2/mdc2dgst.c
--- openssl-1.0.0-beta4/crypto/mdc2/mdc2dgst.c.fips 2004-07-25 21:10:41.000000000 +0200
-+++ openssl-1.0.0-beta4/crypto/mdc2/mdc2dgst.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/mdc2/mdc2dgst.c 2009-11-23 08:32:31.000000000 +0100
@@ -61,6 +61,11 @@
#include <string.h>
#include <openssl/des.h>
@@ -10354,8 +10372,8 @@ diff -up openssl-1.0.0-beta4/crypto/mdc2/mdc2dgst.c.fips openssl-1.0.0-beta4/cry
c->num=0;
c->pad_type=1;
diff -up openssl-1.0.0-beta4/crypto/mdc2/mdc2.h.fips openssl-1.0.0-beta4/crypto/mdc2/mdc2.h
---- openssl-1.0.0-beta4/crypto/mdc2/mdc2.h.fips 2009-11-12 12:36:50.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/mdc2/mdc2.h 2009-11-12 12:36:50.000000000 +0100
+--- openssl-1.0.0-beta4/crypto/mdc2/mdc2.h.fips 2009-11-23 08:32:31.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/mdc2/mdc2.h 2009-11-23 08:32:31.000000000 +0100
@@ -80,7 +80,9 @@ typedef struct mdc2_ctx_st
int pad_type; /* either 1 or 2, default 1 */
} MDC2_CTX;
@@ -10369,7 +10387,7 @@ diff -up openssl-1.0.0-beta4/crypto/mdc2/mdc2.h.fips openssl-1.0.0-beta4/crypto/
int MDC2_Final(unsigned char *md, MDC2_CTX *c);
diff -up openssl-1.0.0-beta4/crypto/md2/md2_dgst.c.fips openssl-1.0.0-beta4/crypto/md2/md2_dgst.c
--- openssl-1.0.0-beta4/crypto/md2/md2_dgst.c.fips 2007-08-31 12:12:35.000000000 +0200
-+++ openssl-1.0.0-beta4/crypto/md2/md2_dgst.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/md2/md2_dgst.c 2009-11-23 08:32:31.000000000 +0100
@@ -62,6 +62,11 @@
#include <openssl/md2.h>
#include <openssl/opensslv.h>
@@ -10392,8 +10410,8 @@ diff -up openssl-1.0.0-beta4/crypto/md2/md2_dgst.c.fips openssl-1.0.0-beta4/cryp
c->num=0;
memset(c->state,0,sizeof c->state);
diff -up openssl-1.0.0-beta4/crypto/md2/md2.h.fips openssl-1.0.0-beta4/crypto/md2/md2.h
---- openssl-1.0.0-beta4/crypto/md2/md2.h.fips 2009-11-12 12:36:49.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/md2/md2.h 2009-11-12 12:36:50.000000000 +0100
+--- openssl-1.0.0-beta4/crypto/md2/md2.h.fips 2009-11-23 08:32:30.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/md2/md2.h 2009-11-23 08:32:31.000000000 +0100
@@ -81,6 +81,9 @@ typedef struct MD2state_st
} MD2_CTX;
@@ -10406,7 +10424,7 @@ diff -up openssl-1.0.0-beta4/crypto/md2/md2.h.fips openssl-1.0.0-beta4/crypto/md
int MD2_Final(unsigned char *md, MD2_CTX *c);
diff -up openssl-1.0.0-beta4/crypto/md4/md4_dgst.c.fips openssl-1.0.0-beta4/crypto/md4/md4_dgst.c
--- openssl-1.0.0-beta4/crypto/md4/md4_dgst.c.fips 2007-01-21 14:07:11.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/md4/md4_dgst.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/md4/md4_dgst.c 2009-11-23 08:32:31.000000000 +0100
@@ -59,6 +59,11 @@
#include <stdio.h>
#include "md4_locl.h"
@@ -10429,8 +10447,8 @@ diff -up openssl-1.0.0-beta4/crypto/md4/md4_dgst.c.fips openssl-1.0.0-beta4/cryp
memset (c,0,sizeof(*c));
c->A=INIT_DATA_A;
diff -up openssl-1.0.0-beta4/crypto/md4/md4.h.fips openssl-1.0.0-beta4/crypto/md4/md4.h
---- openssl-1.0.0-beta4/crypto/md4/md4.h.fips 2009-11-12 12:36:49.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/md4/md4.h 2009-11-12 12:36:50.000000000 +0100
+--- openssl-1.0.0-beta4/crypto/md4/md4.h.fips 2009-11-23 08:32:30.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/md4/md4.h 2009-11-23 08:32:31.000000000 +0100
@@ -105,6 +105,9 @@ typedef struct MD4state_st
unsigned int num;
} MD4_CTX;
@@ -10443,7 +10461,7 @@ diff -up openssl-1.0.0-beta4/crypto/md4/md4.h.fips openssl-1.0.0-beta4/crypto/md
int MD4_Final(unsigned char *md, MD4_CTX *c);
diff -up openssl-1.0.0-beta4/crypto/md5/md5_dgst.c.fips openssl-1.0.0-beta4/crypto/md5/md5_dgst.c
--- openssl-1.0.0-beta4/crypto/md5/md5_dgst.c.fips 2007-01-21 14:07:11.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/md5/md5_dgst.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/md5/md5_dgst.c 2009-11-23 08:32:31.000000000 +0100
@@ -59,6 +59,11 @@
#include <stdio.h>
#include "md5_locl.h"
@@ -10466,8 +10484,8 @@ diff -up openssl-1.0.0-beta4/crypto/md5/md5_dgst.c.fips openssl-1.0.0-beta4/cryp
memset (c,0,sizeof(*c));
c->A=INIT_DATA_A;
diff -up openssl-1.0.0-beta4/crypto/md5/md5.h.fips openssl-1.0.0-beta4/crypto/md5/md5.h
---- openssl-1.0.0-beta4/crypto/md5/md5.h.fips 2009-11-12 12:36:49.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/md5/md5.h 2009-11-12 12:36:50.000000000 +0100
+--- openssl-1.0.0-beta4/crypto/md5/md5.h.fips 2009-11-23 08:32:30.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/md5/md5.h 2009-11-23 08:32:31.000000000 +0100
@@ -105,6 +105,9 @@ typedef struct MD5state_st
unsigned int num;
} MD5_CTX;
@@ -10480,7 +10498,7 @@ diff -up openssl-1.0.0-beta4/crypto/md5/md5.h.fips openssl-1.0.0-beta4/crypto/md
int MD5_Final(unsigned char *md, MD5_CTX *c);
diff -up openssl-1.0.0-beta4/crypto/mem.c.fips openssl-1.0.0-beta4/crypto/mem.c
--- openssl-1.0.0-beta4/crypto/mem.c.fips 2008-11-12 04:57:47.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/mem.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/mem.c 2009-11-23 08:32:31.000000000 +0100
@@ -101,7 +101,7 @@ static void (*free_locked_func)(void *)
/* may be changed as long as 'allow_customize_debug' is set */
@@ -10491,8 +10509,8 @@ diff -up openssl-1.0.0-beta4/crypto/mem.c.fips openssl-1.0.0-beta4/crypto/mem.c
static void (*malloc_debug_func)(void *,int,const char *,int,int)
= CRYPTO_dbg_malloc;
diff -up /dev/null openssl-1.0.0-beta4/crypto/o_init.c
---- /dev/null 2009-11-04 12:00:58.801002276 +0100
-+++ openssl-1.0.0-beta4/crypto/o_init.c 2009-11-12 12:36:50.000000000 +0100
+--- /dev/null 2009-11-20 08:30:43.534002215 +0100
++++ openssl-1.0.0-beta4/crypto/o_init.c 2009-11-23 08:32:31.000000000 +0100
@@ -0,0 +1,80 @@
+/* o_init.c */
+/* Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
@@ -10576,7 +10594,7 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/o_init.c
+
diff -up openssl-1.0.0-beta4/crypto/opensslconf.h.in.fips openssl-1.0.0-beta4/crypto/opensslconf.h.in
--- openssl-1.0.0-beta4/crypto/opensslconf.h.in.fips 2005-12-16 11:37:23.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/opensslconf.h.in 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/opensslconf.h.in 2009-11-23 08:32:31.000000000 +0100
@@ -1,5 +1,20 @@
/* crypto/opensslconf.h.in */
@@ -10600,7 +10618,7 @@ diff -up openssl-1.0.0-beta4/crypto/opensslconf.h.in.fips openssl-1.0.0-beta4/cr
diff -up openssl-1.0.0-beta4/crypto/pkcs12/p12_crt.c.fips openssl-1.0.0-beta4/crypto/pkcs12/p12_crt.c
--- openssl-1.0.0-beta4/crypto/pkcs12/p12_crt.c.fips 2009-03-09 14:08:04.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/pkcs12/p12_crt.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/pkcs12/p12_crt.c 2009-11-23 08:32:31.000000000 +0100
@@ -59,6 +59,10 @@
#include <stdio.h>
#include "cryptlib.h"
@@ -10629,7 +10647,7 @@ diff -up openssl-1.0.0-beta4/crypto/pkcs12/p12_crt.c.fips openssl-1.0.0-beta4/cr
if (!iter)
diff -up openssl-1.0.0-beta4/crypto/rand/md_rand.c.fips openssl-1.0.0-beta4/crypto/rand/md_rand.c
--- openssl-1.0.0-beta4/crypto/rand/md_rand.c.fips 2009-01-03 10:25:32.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/rand/md_rand.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/rand/md_rand.c 2009-11-23 08:32:31.000000000 +0100
@@ -126,6 +126,10 @@
#include <openssl/crypto.h>
@@ -10658,7 +10676,7 @@ diff -up openssl-1.0.0-beta4/crypto/rand/md_rand.c.fips openssl-1.0.0-beta4/cryp
{
diff -up openssl-1.0.0-beta4/crypto/rand/rand_err.c.fips openssl-1.0.0-beta4/crypto/rand/rand_err.c
--- openssl-1.0.0-beta4/crypto/rand/rand_err.c.fips 2006-11-21 22:29:41.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/rand/rand_err.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/rand/rand_err.c 2009-11-23 08:32:31.000000000 +0100
@@ -70,6 +70,13 @@
static ERR_STRING_DATA RAND_str_functs[]=
@@ -10692,8 +10710,8 @@ diff -up openssl-1.0.0-beta4/crypto/rand/rand_err.c.fips openssl-1.0.0-beta4/cry
};
diff -up openssl-1.0.0-beta4/crypto/rand/rand.h.fips openssl-1.0.0-beta4/crypto/rand/rand.h
---- openssl-1.0.0-beta4/crypto/rand/rand.h.fips 2009-11-12 12:36:49.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/rand/rand.h 2009-11-12 12:36:50.000000000 +0100
+--- openssl-1.0.0-beta4/crypto/rand/rand.h.fips 2009-11-23 08:32:30.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/rand/rand.h 2009-11-23 08:32:31.000000000 +0100
@@ -128,11 +128,28 @@ void ERR_load_RAND_strings(void);
/* Error codes for the RAND functions. */
@@ -10725,7 +10743,7 @@ diff -up openssl-1.0.0-beta4/crypto/rand/rand.h.fips openssl-1.0.0-beta4/crypto/
}
diff -up openssl-1.0.0-beta4/crypto/rand/rand_lib.c.fips openssl-1.0.0-beta4/crypto/rand/rand_lib.c
--- openssl-1.0.0-beta4/crypto/rand/rand_lib.c.fips 2008-11-12 04:58:04.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/rand/rand_lib.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/rand/rand_lib.c 2009-11-23 08:32:31.000000000 +0100
@@ -60,6 +60,12 @@
#include <time.h>
#include "cryptlib.h"
@@ -10760,8 +10778,8 @@ diff -up openssl-1.0.0-beta4/crypto/rand/rand_lib.c.fips openssl-1.0.0-beta4/cry
}
diff -up openssl-1.0.0-beta4/crypto/rc2/rc2.h.fips openssl-1.0.0-beta4/crypto/rc2/rc2.h
---- openssl-1.0.0-beta4/crypto/rc2/rc2.h.fips 2009-11-12 12:36:49.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/rc2/rc2.h 2009-11-12 12:36:50.000000000 +0100
+--- openssl-1.0.0-beta4/crypto/rc2/rc2.h.fips 2009-11-23 08:32:30.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/rc2/rc2.h 2009-11-23 08:32:31.000000000 +0100
@@ -79,7 +79,9 @@ typedef struct rc2_key_st
RC2_INT data[64];
} RC2_KEY;
@@ -10775,7 +10793,7 @@ diff -up openssl-1.0.0-beta4/crypto/rc2/rc2.h.fips openssl-1.0.0-beta4/crypto/rc
int enc);
diff -up openssl-1.0.0-beta4/crypto/rc2/rc2_skey.c.fips openssl-1.0.0-beta4/crypto/rc2/rc2_skey.c
--- openssl-1.0.0-beta4/crypto/rc2/rc2_skey.c.fips 2007-09-18 23:10:32.000000000 +0200
-+++ openssl-1.0.0-beta4/crypto/rc2/rc2_skey.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/rc2/rc2_skey.c 2009-11-23 08:32:31.000000000 +0100
@@ -57,6 +57,11 @@
*/
@@ -10811,7 +10829,7 @@ diff -up openssl-1.0.0-beta4/crypto/rc2/rc2_skey.c.fips openssl-1.0.0-beta4/cryp
RC2_INT *ki;
diff -up openssl-1.0.0-beta4/crypto/rc4/asm/rc4-s390x.pl.fips openssl-1.0.0-beta4/crypto/rc4/asm/rc4-s390x.pl
--- openssl-1.0.0-beta4/crypto/rc4/asm/rc4-s390x.pl.fips 2009-02-12 15:48:49.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/rc4/asm/rc4-s390x.pl 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/rc4/asm/rc4-s390x.pl 2009-11-23 08:32:31.000000000 +0100
@@ -202,4 +202,6 @@ RC4_options:
.string "rc4(8x,char)"
___
@@ -10821,7 +10839,7 @@ diff -up openssl-1.0.0-beta4/crypto/rc4/asm/rc4-s390x.pl.fips openssl-1.0.0-beta
print $code;
diff -up openssl-1.0.0-beta4/crypto/rc4/asm/rc4-x86_64.pl.fips openssl-1.0.0-beta4/crypto/rc4/asm/rc4-x86_64.pl
--- openssl-1.0.0-beta4/crypto/rc4/asm/rc4-x86_64.pl.fips 2009-04-27 21:31:04.000000000 +0200
-+++ openssl-1.0.0-beta4/crypto/rc4/asm/rc4-x86_64.pl 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/rc4/asm/rc4-x86_64.pl 2009-11-23 08:32:31.000000000 +0100
@@ -499,6 +499,8 @@ ___
$code =~ s/#([bwd])/$1/gm;
@@ -10833,7 +10851,7 @@ diff -up openssl-1.0.0-beta4/crypto/rc4/asm/rc4-x86_64.pl.fips openssl-1.0.0-bet
close STDOUT;
diff -up openssl-1.0.0-beta4/crypto/rc4/asm/rc4-586.pl.fips openssl-1.0.0-beta4/crypto/rc4/asm/rc4-586.pl
--- openssl-1.0.0-beta4/crypto/rc4/asm/rc4-586.pl.fips 2007-12-02 22:32:03.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/rc4/asm/rc4-586.pl 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/rc4/asm/rc4-586.pl 2009-11-23 08:32:31.000000000 +0100
@@ -166,8 +166,12 @@ $idx="edx";
&external_label("OPENSSL_ia32cap_P");
@@ -10859,7 +10877,7 @@ diff -up openssl-1.0.0-beta4/crypto/rc4/asm/rc4-586.pl.fips openssl-1.0.0-beta4/
&function_begin_B("RC4_options");
diff -up openssl-1.0.0-beta4/crypto/rc4/Makefile.fips openssl-1.0.0-beta4/crypto/rc4/Makefile
--- openssl-1.0.0-beta4/crypto/rc4/Makefile.fips 2009-02-11 11:01:36.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/rc4/Makefile 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/rc4/Makefile 2009-11-23 08:32:31.000000000 +0100
@@ -21,8 +21,8 @@ TEST=rc4test.c
APPS=
@@ -10872,8 +10890,8 @@ diff -up openssl-1.0.0-beta4/crypto/rc4/Makefile.fips openssl-1.0.0-beta4/crypto
SRC= $(LIBSRC)
diff -up /dev/null openssl-1.0.0-beta4/crypto/rc4/rc4_fblk.c
---- /dev/null 2009-11-04 12:00:58.801002276 +0100
-+++ openssl-1.0.0-beta4/crypto/rc4/rc4_fblk.c 2009-11-12 12:36:50.000000000 +0100
+--- /dev/null 2009-11-20 08:30:43.534002215 +0100
++++ openssl-1.0.0-beta4/crypto/rc4/rc4_fblk.c 2009-11-23 08:32:31.000000000 +0100
@@ -0,0 +1,75 @@
+/* crypto/rc4/rc4_fblk.c */
+/* Written by Dr Stephen N Henson (steve at openssl.org) for the OpenSSL
@@ -10951,8 +10969,8 @@ diff -up /dev/null openssl-1.0.0-beta4/crypto/rc4/rc4_fblk.c
+#endif
+
diff -up openssl-1.0.0-beta4/crypto/rc4/rc4.h.fips openssl-1.0.0-beta4/crypto/rc4/rc4.h
---- openssl-1.0.0-beta4/crypto/rc4/rc4.h.fips 2009-11-12 12:36:50.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/rc4/rc4.h 2009-11-12 12:36:50.000000000 +0100
+--- openssl-1.0.0-beta4/crypto/rc4/rc4.h.fips 2009-11-23 08:32:31.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/rc4/rc4.h 2009-11-23 08:32:31.000000000 +0100
@@ -78,6 +78,9 @@ typedef struct rc4_key_st
@@ -10965,7 +10983,7 @@ diff -up openssl-1.0.0-beta4/crypto/rc4/rc4.h.fips openssl-1.0.0-beta4/crypto/rc
unsigned char *outdata);
diff -up openssl-1.0.0-beta4/crypto/rc4/rc4_skey.c.fips openssl-1.0.0-beta4/crypto/rc4/rc4_skey.c
--- openssl-1.0.0-beta4/crypto/rc4/rc4_skey.c.fips 2007-01-21 14:07:13.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/rc4/rc4_skey.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/rc4/rc4_skey.c 2009-11-23 08:32:31.000000000 +0100
@@ -59,6 +59,11 @@
#include <openssl/rc4.h>
#include "rc4_locl.h"
@@ -11004,8 +11022,8 @@ diff -up openssl-1.0.0-beta4/crypto/rc4/rc4_skey.c.fips openssl-1.0.0-beta4/cryp
for (i=0;i<256;i++) cp[i]=i;
diff -up openssl-1.0.0-beta4/crypto/ripemd/ripemd.h.fips openssl-1.0.0-beta4/crypto/ripemd/ripemd.h
---- openssl-1.0.0-beta4/crypto/ripemd/ripemd.h.fips 2009-11-12 12:36:50.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/ripemd/ripemd.h 2009-11-12 12:36:50.000000000 +0100
+--- openssl-1.0.0-beta4/crypto/ripemd/ripemd.h.fips 2009-11-23 08:32:30.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/ripemd/ripemd.h 2009-11-23 08:32:31.000000000 +0100
@@ -91,6 +91,9 @@ typedef struct RIPEMD160state_st
unsigned int num;
} RIPEMD160_CTX;
@@ -11018,7 +11036,7 @@ diff -up openssl-1.0.0-beta4/crypto/ripemd/ripemd.h.fips openssl-1.0.0-beta4/cry
int RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX *c);
diff -up openssl-1.0.0-beta4/crypto/ripemd/rmd_dgst.c.fips openssl-1.0.0-beta4/crypto/ripemd/rmd_dgst.c
--- openssl-1.0.0-beta4/crypto/ripemd/rmd_dgst.c.fips 2007-01-21 14:07:13.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/ripemd/rmd_dgst.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/ripemd/rmd_dgst.c 2009-11-23 08:32:31.000000000 +0100
@@ -59,6 +59,11 @@
#include <stdio.h>
#include "rmd_locl.h"
@@ -11042,17 +11060,19 @@ diff -up openssl-1.0.0-beta4/crypto/ripemd/rmd_dgst.c.fips openssl-1.0.0-beta4/c
c->A=RIPEMD160_A;
diff -up openssl-1.0.0-beta4/crypto/rsa/rsa_eay.c.fips openssl-1.0.0-beta4/crypto/rsa/rsa_eay.c
--- openssl-1.0.0-beta4/crypto/rsa/rsa_eay.c.fips 2008-09-14 15:51:44.000000000 +0200
-+++ openssl-1.0.0-beta4/crypto/rsa/rsa_eay.c 2009-11-12 12:36:50.000000000 +0100
-@@ -114,6 +114,8 @@
++++ openssl-1.0.0-beta4/crypto/rsa/rsa_eay.c 2009-11-23 08:33:32.000000000 +0100
+@@ -114,6 +114,10 @@
#include <openssl/bn.h>
#include <openssl/rsa.h>
#include <openssl/rand.h>
+#include <openssl/err.h>
++#ifdef OPENSSL_FIPS
+#include <openssl/fips.h>
++#endif
#ifndef RSA_NULL
-@@ -138,7 +140,7 @@ static RSA_METHOD rsa_pkcs1_eay_meth={
+@@ -138,7 +142,7 @@ static RSA_METHOD rsa_pkcs1_eay_meth={
BN_mod_exp_mont, /* XXX probably we should not use Montgomery if e == 3 */
RSA_eay_init,
RSA_eay_finish,
@@ -11061,7 +11081,7 @@ diff -up openssl-1.0.0-beta4/crypto/rsa/rsa_eay.c.fips openssl-1.0.0-beta4/crypt
NULL,
0, /* rsa_sign */
0, /* rsa_verify */
-@@ -150,6 +152,16 @@ const RSA_METHOD *RSA_PKCS1_SSLeay(void)
+@@ -150,6 +154,16 @@ const RSA_METHOD *RSA_PKCS1_SSLeay(void)
return(&rsa_pkcs1_eay_meth);
}
@@ -11078,7 +11098,7 @@ diff -up openssl-1.0.0-beta4/crypto/rsa/rsa_eay.c.fips openssl-1.0.0-beta4/crypt
static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
unsigned char *to, RSA *rsa, int padding)
{
-@@ -158,6 +170,23 @@ static int RSA_eay_public_encrypt(int fl
+@@ -158,6 +172,23 @@ static int RSA_eay_public_encrypt(int fl
unsigned char *buf=NULL;
BN_CTX *ctx=NULL;
@@ -11102,7 +11122,7 @@ diff -up openssl-1.0.0-beta4/crypto/rsa/rsa_eay.c.fips openssl-1.0.0-beta4/crypt
if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS)
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT, RSA_R_MODULUS_TOO_LARGE);
-@@ -223,9 +252,7 @@ static int RSA_eay_public_encrypt(int fl
+@@ -223,9 +254,7 @@ static int RSA_eay_public_encrypt(int fl
goto err;
}
@@ -11113,7 +11133,7 @@ diff -up openssl-1.0.0-beta4/crypto/rsa/rsa_eay.c.fips openssl-1.0.0-beta4/crypt
if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx,
rsa->_method_mod_n)) goto err;
-@@ -355,6 +382,23 @@ static int RSA_eay_private_encrypt(int f
+@@ -355,6 +384,23 @@ static int RSA_eay_private_encrypt(int f
int local_blinding = 0;
BN_BLINDING *blinding = NULL;
@@ -11137,7 +11157,7 @@ diff -up openssl-1.0.0-beta4/crypto/rsa/rsa_eay.c.fips openssl-1.0.0-beta4/crypt
if ((ctx=BN_CTX_new()) == NULL) goto err;
BN_CTX_start(ctx);
f = BN_CTX_get(ctx);
-@@ -432,9 +476,7 @@ static int RSA_eay_private_encrypt(int f
+@@ -432,9 +478,7 @@ static int RSA_eay_private_encrypt(int f
else
d= rsa->d;
@@ -11148,7 +11168,7 @@ diff -up openssl-1.0.0-beta4/crypto/rsa/rsa_eay.c.fips openssl-1.0.0-beta4/crypt
if (!rsa->meth->bn_mod_exp(ret,f,d,rsa->n,ctx,
rsa->_method_mod_n)) goto err;
-@@ -488,6 +530,23 @@ static int RSA_eay_private_decrypt(int f
+@@ -488,6 +532,23 @@ static int RSA_eay_private_decrypt(int f
int local_blinding = 0;
BN_BLINDING *blinding = NULL;
@@ -11172,7 +11192,7 @@ diff -up openssl-1.0.0-beta4/crypto/rsa/rsa_eay.c.fips openssl-1.0.0-beta4/crypt
if((ctx = BN_CTX_new()) == NULL) goto err;
BN_CTX_start(ctx);
f = BN_CTX_get(ctx);
-@@ -555,9 +614,7 @@ static int RSA_eay_private_decrypt(int f
+@@ -555,9 +616,7 @@ static int RSA_eay_private_decrypt(int f
else
d = rsa->d;
@@ -11183,7 +11203,7 @@ diff -up openssl-1.0.0-beta4/crypto/rsa/rsa_eay.c.fips openssl-1.0.0-beta4/crypt
if (!rsa->meth->bn_mod_exp(ret,f,d,rsa->n,ctx,
rsa->_method_mod_n))
goto err;
-@@ -617,6 +674,23 @@ static int RSA_eay_public_decrypt(int fl
+@@ -617,6 +676,23 @@ static int RSA_eay_public_decrypt(int fl
unsigned char *buf=NULL;
BN_CTX *ctx=NULL;
@@ -11207,7 +11227,7 @@ diff -up openssl-1.0.0-beta4/crypto/rsa/rsa_eay.c.fips openssl-1.0.0-beta4/crypt
if (BN_num_bits(rsa->n) > OPENSSL_RSA_MAX_MODULUS_BITS)
{
RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT, RSA_R_MODULUS_TOO_LARGE);
-@@ -667,9 +741,7 @@ static int RSA_eay_public_decrypt(int fl
+@@ -667,9 +743,7 @@ static int RSA_eay_public_decrypt(int fl
goto err;
}
@@ -11218,7 +11238,7 @@ diff -up openssl-1.0.0-beta4/crypto/rsa/rsa_eay.c.fips openssl-1.0.0-beta4/crypt
if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx,
rsa->_method_mod_n)) goto err;
-@@ -717,6 +789,7 @@ static int RSA_eay_mod_exp(BIGNUM *r0, c
+@@ -717,6 +791,7 @@ static int RSA_eay_mod_exp(BIGNUM *r0, c
BIGNUM *r1,*m1,*vrfy;
BIGNUM local_dmp1,local_dmq1,local_c,local_r1;
BIGNUM *dmp1,*dmq1,*c,*pr1;
@@ -11226,7 +11246,7 @@ diff -up openssl-1.0.0-beta4/crypto/rsa/rsa_eay.c.fips openssl-1.0.0-beta4/crypt
int ret=0;
BN_CTX_start(ctx);
-@@ -724,41 +797,31 @@ static int RSA_eay_mod_exp(BIGNUM *r0, c
+@@ -724,41 +799,31 @@ static int RSA_eay_mod_exp(BIGNUM *r0, c
m1 = BN_CTX_get(ctx);
vrfy = BN_CTX_get(ctx);
@@ -11291,7 +11311,7 @@ diff -up openssl-1.0.0-beta4/crypto/rsa/rsa_eay.c.fips openssl-1.0.0-beta4/crypt
/* compute I mod q */
if (!(rsa->flags & RSA_FLAG_NO_CONSTTIME))
-@@ -875,6 +938,9 @@ err:
+@@ -875,6 +940,9 @@ err:
static int RSA_eay_init(RSA *rsa)
{
@@ -11303,7 +11323,7 @@ diff -up openssl-1.0.0-beta4/crypto/rsa/rsa_eay.c.fips openssl-1.0.0-beta4/crypt
}
diff -up openssl-1.0.0-beta4/crypto/rsa/rsa_err.c.fips openssl-1.0.0-beta4/crypto/rsa/rsa_err.c
--- openssl-1.0.0-beta4/crypto/rsa/rsa_err.c.fips 2008-12-29 17:11:56.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/rsa/rsa_err.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/rsa/rsa_err.c 2009-11-23 08:32:31.000000000 +0100
@@ -111,8 +111,12 @@ static ERR_STRING_DATA RSA_str_functs[]=
{ERR_FUNC(RSA_F_RSA_PRINT_FP), "RSA_print_fp"},
{ERR_FUNC(RSA_F_RSA_PRIV_DECODE), "RSA_PRIV_DECODE"},
@@ -11332,7 +11352,7 @@ diff -up openssl-1.0.0-beta4/crypto/rsa/rsa_err.c.fips openssl-1.0.0-beta4/crypt
{ERR_REASON(RSA_R_P_NOT_PRIME) ,"p not prime"},
diff -up openssl-1.0.0-beta4/crypto/rsa/rsa_gen.c.fips openssl-1.0.0-beta4/crypto/rsa/rsa_gen.c
--- openssl-1.0.0-beta4/crypto/rsa/rsa_gen.c.fips 2007-03-28 02:15:27.000000000 +0200
-+++ openssl-1.0.0-beta4/crypto/rsa/rsa_gen.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/rsa/rsa_gen.c 2009-11-23 08:32:31.000000000 +0100
@@ -67,6 +67,82 @@
#include "cryptlib.h"
#include <openssl/bn.h>
@@ -11459,8 +11479,8 @@ diff -up openssl-1.0.0-beta4/crypto/rsa/rsa_gen.c.fips openssl-1.0.0-beta4/crypt
err:
if (ok == -1)
diff -up openssl-1.0.0-beta4/crypto/rsa/rsa.h.fips openssl-1.0.0-beta4/crypto/rsa/rsa.h
---- openssl-1.0.0-beta4/crypto/rsa/rsa.h.fips 2009-11-12 12:36:49.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/rsa/rsa.h 2009-11-12 12:36:50.000000000 +0100
+--- openssl-1.0.0-beta4/crypto/rsa/rsa.h.fips 2009-11-23 08:32:30.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/rsa/rsa.h 2009-11-23 08:32:31.000000000 +0100
@@ -74,6 +74,21 @@
#error RSA is disabled.
#endif
@@ -11532,7 +11552,7 @@ diff -up openssl-1.0.0-beta4/crypto/rsa/rsa.h.fips openssl-1.0.0-beta4/crypto/rs
#define RSA_R_P_NOT_PRIME 128
diff -up openssl-1.0.0-beta4/crypto/rsa/rsa_lib.c.fips openssl-1.0.0-beta4/crypto/rsa/rsa_lib.c
--- openssl-1.0.0-beta4/crypto/rsa/rsa_lib.c.fips 2009-08-05 17:04:16.000000000 +0200
-+++ openssl-1.0.0-beta4/crypto/rsa/rsa_lib.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/rsa/rsa_lib.c 2009-11-23 08:32:31.000000000 +0100
@@ -80,6 +80,13 @@ RSA *RSA_new(void)
void RSA_set_default_method(const RSA_METHOD *meth)
@@ -11610,7 +11630,7 @@ diff -up openssl-1.0.0-beta4/crypto/rsa/rsa_lib.c.fips openssl-1.0.0-beta4/crypt
diff -up openssl-1.0.0-beta4/crypto/rsa/rsa_sign.c.fips openssl-1.0.0-beta4/crypto/rsa/rsa_sign.c
--- openssl-1.0.0-beta4/crypto/rsa/rsa_sign.c.fips 2007-04-24 03:05:42.000000000 +0200
-+++ openssl-1.0.0-beta4/crypto/rsa/rsa_sign.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/rsa/rsa_sign.c 2009-11-23 08:32:31.000000000 +0100
@@ -130,7 +130,8 @@ int RSA_sign(int type, const unsigned ch
i2d_X509_SIG(&sig,&p);
s=tmps;
@@ -11644,7 +11664,7 @@ diff -up openssl-1.0.0-beta4/crypto/rsa/rsa_sign.c.fips openssl-1.0.0-beta4/cryp
diff -up openssl-1.0.0-beta4/crypto/sha/sha_dgst.c.fips openssl-1.0.0-beta4/crypto/sha/sha_dgst.c
--- openssl-1.0.0-beta4/crypto/sha/sha_dgst.c.fips 2007-01-21 14:07:14.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/sha/sha_dgst.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/sha/sha_dgst.c 2009-11-23 08:32:31.000000000 +0100
@@ -57,6 +57,12 @@
*/
@@ -11659,8 +11679,8 @@ diff -up openssl-1.0.0-beta4/crypto/sha/sha_dgst.c.fips openssl-1.0.0-beta4/cryp
#undef SHA_1
diff -up openssl-1.0.0-beta4/crypto/sha/sha.h.fips openssl-1.0.0-beta4/crypto/sha/sha.h
---- openssl-1.0.0-beta4/crypto/sha/sha.h.fips 2009-11-12 12:36:49.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/sha/sha.h 2009-11-12 12:36:50.000000000 +0100
+--- openssl-1.0.0-beta4/crypto/sha/sha.h.fips 2009-11-23 08:32:30.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/sha/sha.h 2009-11-23 08:32:31.000000000 +0100
@@ -106,6 +106,9 @@ typedef struct SHAstate_st
} SHA_CTX;
@@ -11672,8 +11692,8 @@ diff -up openssl-1.0.0-beta4/crypto/sha/sha.h.fips openssl-1.0.0-beta4/crypto/sh
int SHA_Update(SHA_CTX *c, const void *data, size_t len);
int SHA_Final(unsigned char *md, SHA_CTX *c);
diff -up openssl-1.0.0-beta4/crypto/sha/sha_locl.h.fips openssl-1.0.0-beta4/crypto/sha/sha_locl.h
---- openssl-1.0.0-beta4/crypto/sha/sha_locl.h.fips 2009-11-12 12:36:49.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/sha/sha_locl.h 2009-11-12 12:36:50.000000000 +0100
+--- openssl-1.0.0-beta4/crypto/sha/sha_locl.h.fips 2009-11-23 08:32:30.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/sha/sha_locl.h 2009-11-23 08:32:31.000000000 +0100
@@ -122,8 +122,15 @@ void sha1_block_data_order (SHA_CTX *c,
#define INIT_DATA_h3 0x10325476UL
#define INIT_DATA_h4 0xc3d2e1f0UL
@@ -11692,7 +11712,7 @@ diff -up openssl-1.0.0-beta4/crypto/sha/sha_locl.h.fips openssl-1.0.0-beta4/cryp
c->h1=INIT_DATA_h1;
diff -up openssl-1.0.0-beta4/crypto/sha/sha1dgst.c.fips openssl-1.0.0-beta4/crypto/sha/sha1dgst.c
--- openssl-1.0.0-beta4/crypto/sha/sha1dgst.c.fips 2007-01-21 14:07:14.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/sha/sha1dgst.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/sha/sha1dgst.c 2009-11-23 08:32:31.000000000 +0100
@@ -63,6 +63,10 @@
#define SHA_1
@@ -11706,7 +11726,7 @@ diff -up openssl-1.0.0-beta4/crypto/sha/sha1dgst.c.fips openssl-1.0.0-beta4/cryp
diff -up openssl-1.0.0-beta4/crypto/sha/sha256.c.fips openssl-1.0.0-beta4/crypto/sha/sha256.c
--- openssl-1.0.0-beta4/crypto/sha/sha256.c.fips 2007-01-21 14:07:14.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/sha/sha256.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/sha/sha256.c 2009-11-23 08:32:31.000000000 +0100
@@ -12,12 +12,19 @@
#include <openssl/crypto.h>
@@ -11739,7 +11759,7 @@ diff -up openssl-1.0.0-beta4/crypto/sha/sha256.c.fips openssl-1.0.0-beta4/crypto
c->h[2]=0x3c6ef372UL; c->h[3]=0xa54ff53aUL;
diff -up openssl-1.0.0-beta4/crypto/sha/sha512.c.fips openssl-1.0.0-beta4/crypto/sha/sha512.c
--- openssl-1.0.0-beta4/crypto/sha/sha512.c.fips 2008-12-29 13:35:48.000000000 +0100
-+++ openssl-1.0.0-beta4/crypto/sha/sha512.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/crypto/sha/sha512.c 2009-11-23 08:32:31.000000000 +0100
@@ -5,6 +5,10 @@
* ====================================================================
*/
@@ -11781,8 +11801,8 @@ diff -up openssl-1.0.0-beta4/crypto/sha/sha512.c.fips openssl-1.0.0-beta4/crypto
: "=r"(ret) \
: "r"(a),"K"(n)); ret; })
diff -up openssl-1.0.0-beta4/Makefile.org.fips openssl-1.0.0-beta4/Makefile.org
---- openssl-1.0.0-beta4/Makefile.org.fips 2009-11-12 12:36:50.000000000 +0100
-+++ openssl-1.0.0-beta4/Makefile.org 2009-11-12 12:36:50.000000000 +0100
+--- openssl-1.0.0-beta4/Makefile.org.fips 2009-11-23 08:32:31.000000000 +0100
++++ openssl-1.0.0-beta4/Makefile.org 2009-11-23 08:32:31.000000000 +0100
@@ -110,6 +110,9 @@ LIBKRB5=
ZLIB_INCLUDE=
LIBZLIB=
@@ -11812,7 +11832,7 @@ diff -up openssl-1.0.0-beta4/Makefile.org.fips openssl-1.0.0-beta4/Makefile.org
# which in turn eliminates ambiguities in variable treatment with -e.
diff -up openssl-1.0.0-beta4/ssl/ssl_ciph.c.fips openssl-1.0.0-beta4/ssl/ssl_ciph.c
--- openssl-1.0.0-beta4/ssl/ssl_ciph.c.fips 2009-09-13 01:18:09.000000000 +0200
-+++ openssl-1.0.0-beta4/ssl/ssl_ciph.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/ssl/ssl_ciph.c 2009-11-23 08:32:31.000000000 +0100
@@ -727,6 +727,9 @@ static void ssl_cipher_collect_ciphers(c
!(c->algorithm_auth & disabled_auth) &&
!(c->algorithm_enc & disabled_enc) &&
@@ -11837,7 +11857,7 @@ diff -up openssl-1.0.0-beta4/ssl/ssl_ciph.c.fips openssl-1.0.0-beta4/ssl/ssl_cip
#ifdef CIPHER_DEBUG
diff -up openssl-1.0.0-beta4/ssl/ssl_lib.c.fips openssl-1.0.0-beta4/ssl/ssl_lib.c
--- openssl-1.0.0-beta4/ssl/ssl_lib.c.fips 2009-10-16 15:41:52.000000000 +0200
-+++ openssl-1.0.0-beta4/ssl/ssl_lib.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/ssl/ssl_lib.c 2009-11-23 08:32:31.000000000 +0100
@@ -1471,6 +1471,14 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *m
return(NULL);
}
@@ -11854,8 +11874,8 @@ diff -up openssl-1.0.0-beta4/ssl/ssl_lib.c.fips openssl-1.0.0-beta4/ssl/ssl_lib.
{
SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_X509_VERIFICATION_SETUP_PROBLEMS);
diff -up openssl-1.0.0-beta4/ssl/ssltest.c.fips openssl-1.0.0-beta4/ssl/ssltest.c
---- openssl-1.0.0-beta4/ssl/ssltest.c.fips 2009-11-12 12:36:50.000000000 +0100
-+++ openssl-1.0.0-beta4/ssl/ssltest.c 2009-11-12 12:36:50.000000000 +0100
+--- openssl-1.0.0-beta4/ssl/ssltest.c.fips 2009-11-23 08:32:31.000000000 +0100
++++ openssl-1.0.0-beta4/ssl/ssltest.c 2009-11-23 08:32:31.000000000 +0100
@@ -265,6 +265,9 @@ static void sv_usage(void)
{
fprintf(stderr,"usage: ssltest [args ...]\n");
@@ -11932,7 +11952,7 @@ diff -up openssl-1.0.0-beta4/ssl/ssltest.c.fips openssl-1.0.0-beta4/ssl/ssltest.
# endif
diff -up openssl-1.0.0-beta4/ssl/s23_clnt.c.fips openssl-1.0.0-beta4/ssl/s23_clnt.c
--- openssl-1.0.0-beta4/ssl/s23_clnt.c.fips 2009-08-05 17:29:14.000000000 +0200
-+++ openssl-1.0.0-beta4/ssl/s23_clnt.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/ssl/s23_clnt.c 2009-11-23 08:32:31.000000000 +0100
@@ -335,6 +335,14 @@ static int ssl23_client_hello(SSL *s)
version_major = TLS1_VERSION_MAJOR;
version_minor = TLS1_VERSION_MINOR;
@@ -11965,7 +11985,7 @@ diff -up openssl-1.0.0-beta4/ssl/s23_clnt.c.fips openssl-1.0.0-beta4/ssl/s23_cln
}
diff -up openssl-1.0.0-beta4/ssl/s23_srvr.c.fips openssl-1.0.0-beta4/ssl/s23_srvr.c
--- openssl-1.0.0-beta4/ssl/s23_srvr.c.fips 2008-06-03 04:48:34.000000000 +0200
-+++ openssl-1.0.0-beta4/ssl/s23_srvr.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/ssl/s23_srvr.c 2009-11-23 08:32:31.000000000 +0100
@@ -386,6 +386,15 @@ int ssl23_get_client_hello(SSL *s)
}
}
@@ -11984,7 +12004,7 @@ diff -up openssl-1.0.0-beta4/ssl/s23_srvr.c.fips openssl-1.0.0-beta4/ssl/s23_srv
/* we have SSLv3/TLSv1 in an SSLv2 header
diff -up openssl-1.0.0-beta4/ssl/s3_clnt.c.fips openssl-1.0.0-beta4/ssl/s3_clnt.c
--- openssl-1.0.0-beta4/ssl/s3_clnt.c.fips 2009-10-30 15:06:18.000000000 +0100
-+++ openssl-1.0.0-beta4/ssl/s3_clnt.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/ssl/s3_clnt.c 2009-11-23 08:32:31.000000000 +0100
@@ -156,6 +156,10 @@
#include <openssl/objects.h>
#include <openssl/evp.h>
@@ -12007,7 +12027,7 @@ diff -up openssl-1.0.0-beta4/ssl/s3_clnt.c.fips openssl-1.0.0-beta4/ssl/s3_clnt.
EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
diff -up openssl-1.0.0-beta4/ssl/s3_enc.c.fips openssl-1.0.0-beta4/ssl/s3_enc.c
--- openssl-1.0.0-beta4/ssl/s3_enc.c.fips 2009-04-16 19:22:50.000000000 +0200
-+++ openssl-1.0.0-beta4/ssl/s3_enc.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/ssl/s3_enc.c 2009-11-23 08:32:31.000000000 +0100
@@ -170,6 +170,7 @@ static int ssl3_generate_key_block(SSL *
#endif
k=0;
@@ -12035,7 +12055,7 @@ diff -up openssl-1.0.0-beta4/ssl/s3_enc.c.fips openssl-1.0.0-beta4/ssl/s3_enc.c
if (n < 0)
diff -up openssl-1.0.0-beta4/ssl/s3_srvr.c.fips openssl-1.0.0-beta4/ssl/s3_srvr.c
--- openssl-1.0.0-beta4/ssl/s3_srvr.c.fips 2009-10-30 14:22:44.000000000 +0100
-+++ openssl-1.0.0-beta4/ssl/s3_srvr.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/ssl/s3_srvr.c 2009-11-23 08:32:31.000000000 +0100
@@ -1679,6 +1679,8 @@ int ssl3_send_server_key_exchange(SSL *s
j=0;
for (num=2; num > 0; num--)
@@ -12047,7 +12067,7 @@ diff -up openssl-1.0.0-beta4/ssl/s3_srvr.c.fips openssl-1.0.0-beta4/ssl/s3_srvr.
EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
diff -up openssl-1.0.0-beta4/ssl/t1_enc.c.fips openssl-1.0.0-beta4/ssl/t1_enc.c
--- openssl-1.0.0-beta4/ssl/t1_enc.c.fips 2009-04-19 20:03:13.000000000 +0200
-+++ openssl-1.0.0-beta4/ssl/t1_enc.c 2009-11-12 12:36:50.000000000 +0100
++++ openssl-1.0.0-beta4/ssl/t1_enc.c 2009-11-23 08:32:31.000000000 +0100
@@ -169,6 +169,8 @@ static void tls1_P_hash(const EVP_MD *md
HMAC_CTX_init(&ctx);
More information about the scm-commits
mailing list