Dr. Stephen Henson
9f7b2c76b1
Include crypto.h in ppccap.c
2011-05-01 16:54:24 +00:00
Dr. Stephen Henson
9a85e53813
no need to include memory.h
2011-04-30 23:37:42 +00:00
Dr. Stephen Henson
7c50694f05
Fix warning.
2011-04-24 12:40:26 +00:00
Andy Polyakov
3f0d14055b
gcm128.c: minor optimization.
2011-04-24 11:10:54 +00:00
Andy Polyakov
f855b9d719
ccm128.c: add CRYPTO_ccm128_[en|de]crypt_ccm64 and minor optimization.
2011-04-24 11:10:14 +00:00
Richard Levitte
ce67647605
fips_check_dsa_prng() should only be built when OPENSSL_FIPS is defined.
2011-04-24 10:07:17 +00:00
Richard Levitte
171edf7ff4
Error discrepancy corrected.
2011-04-24 08:59:15 +00:00
Dr. Stephen Henson
69a80f7d5e
More fixes for DSA FIPS overrides.
2011-04-23 21:59:12 +00:00
Dr. Stephen Henson
dc03504d09
Make sure overrides work for RSA/DSA.
2011-04-23 21:15:05 +00:00
Dr. Stephen Henson
383bc117bb
Oops, work out expanded buffer length before allocating it...
2011-04-23 20:24:55 +00:00
Dr. Stephen Henson
e0d1a2f80a
Always return multiple of block length bytes from default DRBG seed
...
callback.
Handle case where no multiple of the block size is in the interval
[min_len, max_len].
2011-04-23 20:05:19 +00:00
Dr. Stephen Henson
cac4fb58e0
Add PRNG security strength checking.
2011-04-23 19:55:55 +00:00
Andy Polyakov
9e5fe439b4
xts128.c: fix bug introduced in commit#20704. Bug affected encryption of
...
vectors whose lenght was not multiples of 16 bytes.
2011-04-23 09:15:03 +00:00
Dr. Stephen Henson
74fac927b0
Return errors instead of aborting when selftest fails.
2011-04-22 11:12:56 +00:00
Dr. Stephen Henson
84ed90f88b
Fix WIN32 warning.
2011-04-21 14:54:33 +00:00
Dr. Stephen Henson
b8b6a13a56
Add continuous RNG test to entropy source. Entropy callbacks now need
...
to specify a "block length".
2011-04-21 14:17:15 +00:00
Dr. Stephen Henson
14264b19de
Add periodic DRBG health checks as required by SP800-90.
2011-04-20 17:06:38 +00:00
Andy Polyakov
daaf5088fd
xts128.c: minor optimization and clarified prototype.
2011-04-20 08:13:58 +00:00
Andy Polyakov
e382e4e603
perlasm/x86gas.pl: make OPENSSL_instrument_bus[2] compile.
2011-04-19 19:09:18 +00:00
Dr. Stephen Henson
cb1b3aa151
Add AES CCM selftest.
2011-04-19 18:57:58 +00:00
Dr. Stephen Henson
8c7096835b
Use 0 for tbslen to perform strlen.
2011-04-19 11:10:54 +00:00
Dr. Stephen Henson
b5dd178740
Fix EVP CCM decrypt. Add decrypt support to algorithm test program.
2011-04-18 22:48:40 +00:00
Dr. Stephen Henson
98279c1629
Typo.
2011-04-18 21:01:24 +00:00
Andy Polyakov
a0cc46f8e4
ccm128.c: fix Win32 compiler warning.
2011-04-18 20:19:23 +00:00
Andy Polyakov
70d01a7f82
perlasm/x86[nm]asm.pl: make OPENSSL_instrument_bus[2] compile.
2011-04-18 20:18:03 +00:00
Andy Polyakov
5f1b10ed2e
ccm128.c: fix STRICT_ALIGNMENT another bug in CRYPTO_ccm128_decrypt.
2011-04-18 19:17:28 +00:00
Dr. Stephen Henson
62dc7ed67c
Override flag for XTS length limit.
2011-04-18 17:31:28 +00:00
Dr. Stephen Henson
2391681082
Initial untested CCM support via EVP.
2011-04-18 14:25:11 +00:00
Dr. Stephen Henson
6386b1b34d
Compile ccm128.c, move some structures to modes_lcl.h add prototypes.
2011-04-18 13:15:37 +00:00
Dr. Stephen Henson
3b4a855778
Don't need separate tag buffer for GCM mode: use EVP_CIPHER_CTX buf
...
field which is not unused for custom ciphers.
2011-04-18 11:28:41 +00:00
Andy Polyakov
5fabb88a78
Multiple assembler packs: add experimental memory bus instrumentation.
2011-04-17 12:46:00 +00:00
Andy Polyakov
7e5b4d6779
ccm128.c: minor optimization and bugfix in CRYPTO_ccm128_[en|de]crypt.
2011-04-16 22:57:58 +00:00
Dr. Stephen Henson
45321c41e2
Add length limitation from SP800-38E.
2011-04-15 12:01:53 +00:00
Dr. Stephen Henson
bf8131f79f
Add XTS selftest, include in fips_test_suite.
2011-04-15 11:30:19 +00:00
Dr. Stephen Henson
06b7e5a0e4
Add algorithm driver for XTS mode. Fix several bugs in EVP XTS implementation.
2011-04-15 02:49:30 +00:00
Dr. Stephen Henson
a6311f856b
Remove several of the old obsolete FIPS_corrupt_*() functions.
2011-04-14 11:30:51 +00:00
Dr. Stephen Henson
ac892b7aa6
Initial incomplete POST overhaul: add support for POST callback to
...
allow status of POST to be monitored and/or failures induced.
2011-04-14 11:15:10 +00:00
Dr. Stephen Henson
77394d7e8f
Remove duplicate flag.
2011-04-13 00:11:53 +00:00
Dr. Stephen Henson
32a2d8ddfe
Provisional AES XTS support.
2011-04-12 23:21:33 +00:00
Dr. Stephen Henson
49cb5e0b40
Fix memory leaks: uninstantiate DRBG during health checks. Cleanup md_ctx
...
when performing ECDSA selftest.
2011-04-12 14:28:06 +00:00
Dr. Stephen Henson
364ce53cef
No need to disable leak checking for FIPS builds now we use internal
...
memory callbacks.
2011-04-12 13:01:40 +00:00
Dr. Stephen Henson
48da9b8f2a
Fix warning.
2011-04-11 14:52:59 +00:00
Dr. Stephen Henson
1f91af5e56
remove ENGINE dependency from ecdh
2011-04-10 01:14:25 +00:00
Dr. Stephen Henson
55e328f580
Add error for health check failure.
...
Rebuild all FIPS error codes to clean out old obsolete codes.
2011-04-09 17:46:31 +00:00
Dr. Stephen Henson
31360957fb
DH keys have an (until now) unused 'q' parameter. When creating
...
from DSA copy q across and if q present generate DH key in the
correct range.
2011-04-07 15:01:48 +00:00
Dr. Stephen Henson
d80399a357
Only use fake rand once per operation. This stops the EC
...
pairwise consistency test interfering with the test.
2011-04-06 23:42:55 +00:00
Dr. Stephen Henson
6653c6f2e8
Update OpenSSL DRBG support code. Use date time vector as additional data.
...
Set FIPS RAND_METHOD at same time as OpenSSL RAND_METHOD.
2011-04-06 23:40:22 +00:00
Dr. Stephen Henson
4c8855b975
Add missing error code strings.
2011-04-06 18:17:05 +00:00
Dr. Stephen Henson
acd410dc15
check buffer is larger enough before overwriting
2011-04-06 18:06:41 +00:00
Dr. Stephen Henson
05e24c87dd
Extensive reorganisation of PRNG handling in FIPS module: all calls
...
now use an internal RAND_METHOD. All dependencies to OpenSSL standard
PRNG are now removed: it is the applications resposibility to setup
the FIPS PRNG and initalise it.
Initial OpenSSL RAND_init_fips() function that will setup the DRBG
for the "FIPS capable OpenSSL".
2011-04-05 15:24:10 +00:00
Dr. Stephen Henson
ab1415d2f5
Updated error codes for FIPS library.
2011-04-04 17:05:09 +00:00
Andy Polyakov
7af0400297
gcm128.c: fix shadow warnings.
2011-04-04 15:24:09 +00:00
Dr. Stephen Henson
1d59fe5267
Disable test fprintf.
2011-04-04 14:52:20 +00:00
Dr. Stephen Henson
ded1999702
Change RNG test to block oriented instead of request oriented, add option
...
to test a "stuck" DRBG.
2011-04-04 14:47:31 +00:00
Dr. Stephen Henson
a255e5bc98
check RAND_pseudo_bytes return value
2011-04-04 14:43:20 +00:00
Andy Polyakov
e512375186
ARM assembler pack: add missing arm_arch.h.
2011-04-01 21:09:09 +00:00
Andy Polyakov
1e86318091
ARM assembler pack: profiler-assisted optimizations and NEON support.
2011-04-01 20:58:34 +00:00
Andy Polyakov
d8d958323b
gcm128.c: tidy up, minor optimization, rearrange gcm128_context.
2011-04-01 20:52:35 +00:00
Dr. Stephen Henson
30b26b551f
restore .cvsignore
2011-04-01 18:49:24 +00:00
Dr. Stephen Henson
02eb92abad
temporarily update .cvsignore
2011-04-01 18:38:51 +00:00
Dr. Stephen Henson
8cf88778ea
Allow FIPS malloc callback setting. Automatically set some callbacks
...
in OPENSSL_init().
2011-04-01 16:23:16 +00:00
Dr. Stephen Henson
c4acfb1fd0
Add additional OPENSSL_init() handling add dummy call to (hopefully)
...
ensure OPENSSL_init() is always linked into an application.
2011-04-01 15:46:03 +00:00
Dr. Stephen Henson
3f7468318d
Provisional support for auto called OPENSSL_init() function. This can be
...
used to set up any appropriate functions such as FIPS callbacks without
requiring an explicit application call.
2011-04-01 14:49:30 +00:00
Dr. Stephen Henson
e06de4dd35
Remove redundant definitions. Give error code if DRBG sefltest fails.
2011-03-31 17:23:12 +00:00
Richard Levitte
3a660e7364
Corrections to the VMS build system.
...
Submitted by Steven M. Schweda <sms@antinode.info>
2011-03-25 16:20:35 +00:00
Dr. Stephen Henson
97057a1a7d
Make some Unix builds work again.
2011-03-25 12:09:29 +00:00
Richard Levitte
4ec3e8ca51
For VMS, implement the possibility to choose 64-bit pointers with
...
different options:
"64" The build system will choose /POINTER_SIZE=64=ARGV if
the compiler supports it, otherwise /POINTER_SIZE=64.
"64=" The build system will force /POINTER_SIZE=64.
"64=ARGV" The build system will force /POINTER_SIZE=64=ARGV.
2011-03-25 09:40:48 +00:00
Richard Levitte
5d0137aa14
make update
2011-03-25 09:30:52 +00:00
Richard Levitte
30fafdebf3
* Configure, crypto/ec/ec.h, crypto/ec/ecp_nistp224.c, util/mkdef.pl:
...
Have EC_NISTP224_64_GCC_128 treated like any algorithm, and have
disabled by default. If we don't do it this way, it screws up
libeay.num.
* util/libeay.num: make update
2011-03-25 09:29:46 +00:00
Richard Levitte
c6dbe90895
make update
2011-03-24 22:59:02 +00:00
Richard Levitte
399aa6b5ff
Implement FIPS CMAC.
...
* fips/cmac/*: Implement the basis for FIPS CMAC, using FIPS HMAC as
an example.
* crypto/cmac/cmac.c: Enable the FIPS API. Change to use M_EVP macros
where possible.
* crypto/evp/evp.h: (some of the macros get added with this change)
* fips/fips.h, fips/utl/fips_enc.c: Add a few needed functions and use
macros to have cmac.c use these functions.
* Makefile.org, fips/Makefile, fips/fips.c: Hook it in.
2011-03-24 22:55:02 +00:00
Richard Levitte
487b023f3d
make update (1.1.0-dev)
...
This meant alarger renumbering in util/libeay.num due to symbols
appearing in 1.0.0-stable and 1.0.1-stable. However, since there's
been no release on this branch yet, it should be harmless.
2011-03-23 00:11:32 +00:00
Richard Levitte
1f9c2b3f71
* crypto/crypto-lib.com: Add a few more missing modules.
2011-03-23 00:10:16 +00:00
Dr. Stephen Henson
4fc02f1229
Use a signed value to check return value of do_cipher().
2011-03-21 17:37:27 +00:00
Richard Levitte
3d62b1f22d
A few more long symbols need shortening.
2011-03-20 10:23:51 +00:00
Richard Levitte
9e67d24743
Add missing source. Also, have the compile also use [.MODES] as
...
include directory, as other parts (notably, EVP) seem to need it.
2011-03-20 10:23:27 +00:00
Richard Levitte
537c982306
After some adjustments, apply the changes OpenSSL 1.0.0d on OpenVMS
...
submitted by Steven M. Schweda <sms@antinode.info>
2011-03-19 10:58:14 +00:00
Dr. Stephen Henson
1e803100de
Implement continuous RNG test for SP800-90 DRBGs.
2011-03-17 18:53:33 +00:00
Dr. Stephen Henson
96ec46f7c0
Implement health checks needed by SP800-90.
...
Fix warnings.
Instantiate DRBGs at maximum strength.
2011-03-17 16:55:24 +00:00
Dr. Stephen Henson
fbbabb646c
Add extensive DRBG selftest data and option to corrupt it in fips_test_suite.
2011-03-16 15:52:12 +00:00
Dr. Stephen Henson
d70fcb96ac
Fix warnings: signed/unisgned comparison, shadowing (in some cases global
...
functions such as rand() ).
2011-03-12 17:27:03 +00:00
Ben Laurie
edc032b5e3
Add SRP support.
2011-03-12 17:01:19 +00:00
Dr. Stephen Henson
1b76fac5ae
Check requested security strength in DRBG. Add function to retrieve the
...
security strength.
2011-03-11 17:42:11 +00:00
Dr. Stephen Henson
1acc24a8ba
Make no-ec2m work again.
2011-03-10 01:00:30 +00:00
Dr. Stephen Henson
8857b380e2
Add ECDH to validated module.
2011-03-09 23:44:06 +00:00
Dr. Stephen Henson
bc91494e06
New SP 800-56A compliant version of DH_compute_key().
2011-03-08 19:07:26 +00:00
Dr. Stephen Henson
a1e7883edb
Add meaningful error codes to DRBG.
2011-03-08 14:16:30 +00:00
Andy Polyakov
a000759a5c
ia64-mont.pl: optimize short-key performance.
2011-03-04 13:27:29 +00:00
Andy Polyakov
bc5b136c5c
ghash-x86.pl: optimize for Sandy Bridge.
2011-03-04 13:21:41 +00:00
Andy Polyakov
16cb0d9591
xts128.c: minor optimization.
2011-03-04 13:17:19 +00:00
Andy Polyakov
0ab8fd58e1
s390x assembler pack: tune-up and support for new z196 hardware.
2011-03-04 13:09:16 +00:00
Dr. Stephen Henson
949c6f8ccf
Stop warnings.
2011-02-23 16:06:33 +00:00
Dr. Stephen Henson
324abf1d20
Add modes_lcl.h to header list.
2011-02-22 14:06:54 +00:00
Dr. Stephen Henson
3e446ba347
Make "make links" work in fipscanisteronly builds.
2011-02-22 12:34:46 +00:00
Dr. Stephen Henson
b7056b6414
Update dependencies.
2011-02-21 17:51:59 +00:00
Dr. Stephen Henson
37eae9909a
Remove unnecessary dependencies.
2011-02-21 17:35:53 +00:00
Dr. Stephen Henson
eead69f5ed
Make fipscanisteronly build only required files.
2011-02-21 14:07:15 +00:00
Dr. Stephen Henson
ab8a4e54db
Move gcm128_context definition to modes_lcl.h (along with some related
...
definitions) so we can use it in EVP GCM code avoiding need to allocate
it.
2011-02-19 22:16:52 +00:00
Dr. Stephen Henson
947ff113d2
add ECDSA POST
2011-02-18 17:25:00 +00:00
Dr. Stephen Henson
acf254f86e
AES GCM selftests.
2011-02-18 17:09:33 +00:00
Dr. Stephen Henson
a3654f0586
Include openssl/crypto.h first in several other files so FIPS renaming
...
is picked up.
2011-02-16 17:25:01 +00:00
Dr. Stephen Henson
d749e1080a
Experimental symbol renaming to avoid clashes with regular OpenSSL.
...
Make sure crypto.h is included first in any affected files.
2011-02-16 14:40:06 +00:00
Dr. Stephen Henson
0fbf8f447b
Add pairwise consistency test to EC.
2011-02-15 16:58:28 +00:00
Dr. Stephen Henson
225a9e296b
Update pairwise consistency checks to use SHA-256.
2011-02-15 16:18:18 +00:00
Dr. Stephen Henson
25c6542944
Add non-FIPS algorithm blocking and selftest checking.
2011-02-15 16:03:47 +00:00
Dr. Stephen Henson
14567b1451
Add FIPS flags to AES ciphers and SHA* digests.
2011-02-15 15:57:54 +00:00
Dr. Stephen Henson
fe26d066ff
Add ECDSA functionality to fips module. Initial very incomplete version
...
of algorithm test program.
2011-02-14 17:14:55 +00:00
Dr. Stephen Henson
c876a4b7b1
Include support for an add_lock callback to tiny FIPS locking API.
2011-02-14 17:05:42 +00:00
Dr. Stephen Henson
c966120412
Don't use FIPS api for ec2_oct.c
2011-02-14 16:55:28 +00:00
Dr. Stephen Henson
84b08eee4b
Reorganise ECC code for inclusion in FIPS module.
...
Move compression, point2oct and oct2point functions into separate files.
Add a flags field to EC_METHOD.
Add a flag EC_FLAGS_DEFAULT_OCT to use the default compession and oct
functions (all existing methods do this). This removes dependencies from
EC_METHOD while keeping original functionality.
2011-02-14 16:52:12 +00:00
Dr. Stephen Henson
bf2546f947
Use BN_nist_mod_func to avoid need to peek error queue.
2011-02-14 16:45:28 +00:00
Dr. Stephen Henson
133291f8e7
New function BN_nist_mod_func which returns an appropriate function
...
if the passed prime is a NIST prime.
2011-02-14 16:44:29 +00:00
Dr. Stephen Henson
e990b4f838
Remove dependency of dsa_sign.o and dsa_vrf.o: new functions FIPS_dsa_sig_new
...
and FIPS_dsa_sig_free, reimplment DSA_SIG_new and DSA_SIG_free from ASN1
library.
2011-02-13 18:45:41 +00:00
Dr. Stephen Henson
c9a90645a5
Disable some functions in headers with no-ec2m
2011-02-12 17:38:06 +00:00
Dr. Stephen Henson
b331016124
New option to disable characteristic two fields in EC code.
2011-02-12 17:23:32 +00:00
Andy Polyakov
afb4191304
dso_dlfcn.c: make it work on Tru64 4.0.
...
PR: 2316
2011-02-12 16:43:41 +00:00
Andy Polyakov
a6d915e0ef
gcm128.c: make it work with no-sse2.
2011-02-12 11:47:55 +00:00
Dr. Stephen Henson
ed12c2f7ca
In FIPS mode only use "Generation by Testing Candidates" equivalent.
2011-02-11 15:19:54 +00:00
Dr. Stephen Henson
16a7fcc447
Return security strength for supported DSA parameters: will be used
...
later.
2011-02-11 14:38:39 +00:00
Dr. Stephen Henson
a1a5885b64
Free keys if DSA pairwise error.
2011-02-11 14:21:01 +00:00
Andy Polyakov
f84a8ea526
x86gas.pl: make data_short work on legacy systems.
2011-02-10 21:24:24 +00:00
Andy Polyakov
01be5db64e
xts128.c: initial draft.
2011-02-10 21:16:21 +00:00
Dr. Stephen Henson
b3d8022edd
Add GCM IV generator. Add some FIPS restrictions to GCM. Update fips_gcmtest.
2011-02-09 16:21:43 +00:00
Andy Polyakov
632d83f0a3
ccm128.c: initialize ctx->block (what I was smoking?).
2011-02-08 23:08:02 +00:00
Andy Polyakov
d3fad7cb51
ccm128.c: initial draft.
2011-02-08 23:02:45 +00:00
Dr. Stephen Henson
f4001a0d19
Link GCM into FIPS module. Check return value in EVP gcm.
2011-02-08 15:10:42 +00:00
Andy Polyakov
1f2502eb58
gcm128.c: add boundary condition checks.
2011-02-07 19:11:13 +00:00
Dr. Stephen Henson
bdaa54155c
Initial *very* experimental EVP support for AES-GCM. Note: probably very
...
broken and subject to change.
2011-02-07 18:16:33 +00:00
Dr. Stephen Henson
fd3dbc1dbf
Add CRYPTO_gcm128_tag() function to retrieve the tag.
2011-02-07 18:05:27 +00:00
Dr. Stephen Henson
d45087c672
Use 0 not -1 (since type is size_t) for finalisation argument to do_cipher:
...
the NULL value for the input buffer is sufficient to notice this case.
2011-02-07 18:04:27 +00:00
Dr. Stephen Henson
3da0ca796c
New flags EVP_CIPH_FLAG_CUSTOM_CIPHER in cipher structures if an underlying
...
cipher handles all cipher symantics itself.
2011-02-07 14:36:08 +00:00
Dr. Stephen Henson
f9678b8b57
Fix memory leak.
2011-02-07 13:34:00 +00:00
Dr. Stephen Henson
83e9c36261
Use default ASN1 if flag set.
2011-02-07 12:47:16 +00:00
Andy Polyakov
b68c13154e
gcm128.c: allow multiple calls to CRYPTO_gcm128_aad.
2011-02-06 23:50:05 +00:00
Andy Polyakov
68e2586bd3
gcm128.c: fix bug in OPENSSL_SMALL_FOOTPRINT decrypt.
...
PR: 2432
Submitted by: Michael Heyman
2011-02-06 23:48:32 +00:00
Dr. Stephen Henson
06b433acad
Add FIPS support to the WIN32 build system.
2011-02-03 23:12:04 +00:00
Dr. Stephen Henson
14ae26f2e4
Transfer error redirection to fips.h, add OPENSSL_FIPSAPI to source files
...
that use it.
2011-02-03 17:00:24 +00:00
Dr. Stephen Henson
3710d1aae9
Rename crypto/fips_err.c to fips_ers.c to avoid clash with other fips_err.c
2011-02-03 16:16:30 +00:00
Dr. Stephen Henson
cc5c772abd
Include fips header file in err_all.c if needed.
2011-02-03 16:03:21 +00:00
Dr. Stephen Henson
65041aa27e
Add FIPS error codes.
2011-02-03 15:58:43 +00:00
Dr. Stephen Henson
65847ca378
For now disable EC_GFp_nistp224_method() for WIN32 so the WIN32 build
...
completes without linker errors.
2011-02-03 13:00:08 +00:00
Dr. Stephen Henson
c2a459315a
Use single X931 key generation source file for FIPS and non-FIPS builds.
2011-02-03 12:47:56 +00:00
Bodo Möller
e2b798c8b3
Assorted bugfixes:
...
- safestack macro changes for C++ were incomplete
- RLE decompression boundary case
- SSL 2.0 key arg length check
Submitted by: Google (Adam Langley, Neel Mehta, Bodo Moeller)
2011-02-03 12:03:51 +00:00
Bodo Möller
9d0397e977
make update
2011-02-03 10:17:53 +00:00
Bodo Möller
2440d8b1db
Fix error codes.
2011-02-03 10:03:23 +00:00
Dr. Stephen Henson
7a4ec19a5f
Make no-asm work in fips mode. Add android platform.
2011-02-02 15:07:13 +00:00
Dr. Stephen Henson
a5b196a22c
Add sign/verify digest API to handle an explicit digest instead of finalising
...
a context.
2011-02-02 14:21:33 +00:00
Dr. Stephen Henson
3c2c4cc5f2
fixes for DSA2 parameter generation
2011-02-01 17:15:19 +00:00
Dr. Stephen Henson
7f64c26588
Since FIPS 186-3 specifies we use the leftmost bits of the digest
...
we shouldn't reject digest lengths larger than SHA256: the FIPS
algorithm tests include SHA384 and SHA512 tests.
2011-02-01 12:52:01 +00:00
Dr. Stephen Henson
3dd9b31dc4
Provisional, experimental support for DSA2 parameter generation algorithm.
...
Not properly integrated or tested yet.
2011-01-31 19:44:09 +00:00