Commit graph

9811 commits

Author SHA1 Message Date
Andy Polyakov
01be5db64e xts128.c: initial draft. 2011-02-10 21:16:21 +00:00
Dr. Stephen Henson
a4113c52b2 Disable FIPS restrictions when doing GCM testing. 2011-02-10 01:46:25 +00:00
Dr. Stephen Henson
b3d8022edd Add GCM IV generator. Add some FIPS restrictions to GCM. Update fips_gcmtest. 2011-02-09 16:21:43 +00:00
Andy Polyakov
632d83f0a3 ccm128.c: initialize ctx->block (what I was smoking?). 2011-02-08 23:08:02 +00:00
Andy Polyakov
d3fad7cb51 ccm128.c: initial draft. 2011-02-08 23:02:45 +00:00
Dr. Stephen Henson
f4bfe97fc9 Equally experimental encrypt side for fips_gcmtest. Currently this uses IVs
in the request file need to update it to generate IVs once we have an IV
generator in place.
2011-02-08 19:25:24 +00:00
Bodo Möller
c415adc26f Sync with 1.0.1 branch.
(CVE-2011-0014 OCSP stapling fix has been applied to HEAD as well.)
2011-02-08 19:09:08 +00:00
Dr. Stephen Henson
9afe95099d Set values to NULL after freeing them. 2011-02-08 18:25:57 +00:00
Dr. Stephen Henson
9dd346c90d Experimental incomplete AES GCM algorithm test program. 2011-02-08 18:15:59 +00:00
Bodo Möller
9770924f9b OCSP stapling fix (OpenSSL 0.9.8r/1.0.0d)
Submitted by: Neel Mehta, Adam Langley, Bodo Moeller
2011-02-08 17:48:57 +00:00
Dr. Stephen Henson
f4001a0d19 Link GCM into FIPS module. Check return value in EVP gcm. 2011-02-08 15:10:42 +00:00
Bodo Möller
cea73f9db3 Synchronize with 1.0.0 branch 2011-02-08 08:48:51 +00:00
Andy Polyakov
1f2502eb58 gcm128.c: add boundary condition checks. 2011-02-07 19:11:13 +00:00
Dr. Stephen Henson
bdaa54155c Initial *very* experimental EVP support for AES-GCM. Note: probably very
broken and subject to change.
2011-02-07 18:16:33 +00:00
Dr. Stephen Henson
fd3dbc1dbf Add CRYPTO_gcm128_tag() function to retrieve the tag. 2011-02-07 18:05:27 +00:00
Dr. Stephen Henson
d45087c672 Use 0 not -1 (since type is size_t) for finalisation argument to do_cipher:
the NULL value for the input buffer is sufficient to notice this case.
2011-02-07 18:04:27 +00:00
Dr. Stephen Henson
634b66186a Typo. 2011-02-07 14:36:55 +00:00
Dr. Stephen Henson
3da0ca796c New flags EVP_CIPH_FLAG_CUSTOM_CIPHER in cipher structures if an underlying
cipher handles all cipher symantics itself.
2011-02-07 14:36:08 +00:00
Dr. Stephen Henson
f9678b8b57 Fix memory leak. 2011-02-07 13:34:00 +00:00
Dr. Stephen Henson
83e9c36261 Use default ASN1 if flag set. 2011-02-07 12:47:16 +00:00
Andy Polyakov
b68c13154e gcm128.c: allow multiple calls to CRYPTO_gcm128_aad. 2011-02-06 23:50:05 +00:00
Andy Polyakov
68e2586bd3 gcm128.c: fix bug in OPENSSL_SMALL_FOOTPRINT decrypt.
PR: 2432
Submitted by: Michael Heyman
2011-02-06 23:48:32 +00:00
Dr. Stephen Henson
61f477f4ab Fix duplicate code and typo. 2011-02-06 00:51:05 +00:00
Dr. Stephen Henson
7e95116064 Remove unneeded functions, make some functions and variables static. 2011-02-04 17:56:57 +00:00
Dr. Stephen Henson
06b433acad Add FIPS support to the WIN32 build system. 2011-02-03 23:12:04 +00:00
Dr. Stephen Henson
14ae26f2e4 Transfer error redirection to fips.h, add OPENSSL_FIPSAPI to source files
that use it.
2011-02-03 17:00:24 +00:00
Dr. Stephen Henson
3710d1aae9 Rename crypto/fips_err.c to fips_ers.c to avoid clash with other fips_err.c 2011-02-03 16:16:30 +00:00
Dr. Stephen Henson
cc5c772abd Include fips header file in err_all.c if needed. 2011-02-03 16:03:21 +00:00
Dr. Stephen Henson
65041aa27e Add FIPS error codes. 2011-02-03 15:58:43 +00:00
Dr. Stephen Henson
7dbbd4b357 add -stripcr option to copy.pl from 0.9.8 2011-02-03 14:57:51 +00:00
Dr. Stephen Henson
544c84b720 Add Windows FIPS build utilities. 2011-02-03 14:20:59 +00:00
Dr. Stephen Henson
65847ca378 For now disable EC_GFp_nistp224_method() for WIN32 so the WIN32 build
completes without linker errors.
2011-02-03 13:00:08 +00:00
Dr. Stephen Henson
53f7633739 Add FIPS support to mkdef.pl script, update ordinals. 2011-02-03 12:59:01 +00:00
Dr. Stephen Henson
c2a459315a Use single X931 key generation source file for FIPS and non-FIPS builds. 2011-02-03 12:47:56 +00:00
Bodo Möller
e2b798c8b3 Assorted bugfixes:
- safestack macro changes for C++ were incomplete
- RLE decompression boundary case
- SSL 2.0 key arg length check

Submitted by: Google (Adam Langley, Neel Mehta, Bodo Moeller)
2011-02-03 12:03:51 +00:00
Bodo Möller
9bda745876 fix omissions 2011-02-03 11:13:29 +00:00
Bodo Möller
88f2a4cf9c CVE-2010-4180 fix (from OpenSSL_1_0_0-stable) 2011-02-03 10:43:00 +00:00
Bodo Möller
9d0397e977 make update 2011-02-03 10:17:53 +00:00
Bodo Möller
2440d8b1db Fix error codes. 2011-02-03 10:03:23 +00:00
Dr. Stephen Henson
ee9884654b Cope with new DSA2 file format where some p/q only tests are made. 2011-02-02 17:48:03 +00:00
Dr. Stephen Henson
5f885f1ea4 Fix target config errors. 2011-02-02 15:11:40 +00:00
Dr. Stephen Henson
7a4ec19a5f Make no-asm work in fips mode. Add android platform. 2011-02-02 15:07:13 +00:00
Dr. Stephen Henson
a5b196a22c Add sign/verify digest API to handle an explicit digest instead of finalising
a context.
2011-02-02 14:21:33 +00:00
Dr. Stephen Henson
b6104f9ad8 Remove DSA parameter generation from DSA selftest. It is unnecessary and
can be very slow on embedded platforms. Hard code DSA parameters instead.
2011-02-02 14:20:45 +00:00
Dr. Stephen Henson
96d5997f5b Don't try to set pmd if it is NULL. 2011-02-01 19:15:12 +00:00
Dr. Stephen Henson
92eb4c551d Add DSA2 support to final algorithm tests: keypair and keyver. 2011-02-01 18:53:48 +00:00
Dr. Stephen Henson
89f63d06f8 Support more DSA2 tests. 2011-02-01 17:54:23 +00:00
Dr. Stephen Henson
2ecc150530 Tolerate mixed case and leading zeroes when comparing. 2011-02-01 17:15:53 +00:00
Dr. Stephen Henson
3c2c4cc5f2 fixes for DSA2 parameter generation 2011-02-01 17:15:19 +00:00
Dr. Stephen Henson
5eedacc904 update README.FIPS 2011-02-01 17:14:07 +00:00