wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
10060 commits 20 branches 302 tags 153 MiB
Commit graph

5295 commits

Author SHA1 Message Date
Dr. Stephen Henson
b8b6a13a56 Add continuous RNG test to entropy source. Entropy callbacks now need 
to specify a "block length".
 2011-04-21 14:17:15 +00:00
Dr. Stephen Henson
14264b19de Add periodic DRBG health checks as required by SP800-90. 2011-04-20 17:06:38 +00:00
Andy Polyakov
daaf5088fd xts128.c: minor optimization and clarified prototype. 2011-04-20 08:13:58 +00:00
Andy Polyakov
e382e4e603 perlasm/x86gas.pl: make OPENSSL_instrument_bus[2] compile. 2011-04-19 19:09:18 +00:00
Dr. Stephen Henson
cb1b3aa151 Add AES CCM selftest. 2011-04-19 18:57:58 +00:00
Dr. Stephen Henson
8c7096835b Use 0 for tbslen to perform strlen. 2011-04-19 11:10:54 +00:00
Dr. Stephen Henson
b5dd178740 Fix EVP CCM decrypt. Add decrypt support to algorithm test program. 2011-04-18 22:48:40 +00:00
Dr. Stephen Henson
98279c1629 Typo. 2011-04-18 21:01:24 +00:00
Andy Polyakov
a0cc46f8e4 ccm128.c: fix Win32 compiler warning. 2011-04-18 20:19:23 +00:00
Andy Polyakov
70d01a7f82 perlasm/x86[nm]asm.pl: make OPENSSL_instrument_bus[2] compile. 2011-04-18 20:18:03 +00:00
Andy Polyakov
5f1b10ed2e ccm128.c: fix STRICT_ALIGNMENT another bug in CRYPTO_ccm128_decrypt. 2011-04-18 19:17:28 +00:00
Dr. Stephen Henson
62dc7ed67c Override flag for XTS length limit. 2011-04-18 17:31:28 +00:00
Dr. Stephen Henson
2391681082 Initial untested CCM support via EVP. 2011-04-18 14:25:11 +00:00
Dr. Stephen Henson
6386b1b34d Compile ccm128.c, move some structures to modes_lcl.h add prototypes. 2011-04-18 13:15:37 +00:00
Dr. Stephen Henson
3b4a855778 Don't need separate tag buffer for GCM mode: use EVP_CIPHER_CTX buf 
field which is not unused for custom ciphers.
 2011-04-18 11:28:41 +00:00
Andy Polyakov
5fabb88a78 Multiple assembler packs: add experimental memory bus instrumentation. 2011-04-17 12:46:00 +00:00
Andy Polyakov
7e5b4d6779 ccm128.c: minor optimization and bugfix in CRYPTO_ccm128_[en|de]crypt. 2011-04-16 22:57:58 +00:00
Dr. Stephen Henson
45321c41e2 Add length limitation from SP800-38E. 2011-04-15 12:01:53 +00:00
Dr. Stephen Henson
bf8131f79f Add XTS selftest, include in fips_test_suite. 2011-04-15 11:30:19 +00:00
Dr. Stephen Henson
06b7e5a0e4 Add algorithm driver for XTS mode. Fix several bugs in EVP XTS implementation. 2011-04-15 02:49:30 +00:00
Dr. Stephen Henson
a6311f856b Remove several of the old obsolete FIPS_corrupt_*() functions. 2011-04-14 11:30:51 +00:00
Dr. Stephen Henson
ac892b7aa6 Initial incomplete POST overhaul: add support for POST callback to 
allow status of POST to be monitored and/or failures induced.
 2011-04-14 11:15:10 +00:00
Dr. Stephen Henson
77394d7e8f Remove duplicate flag. 2011-04-13 00:11:53 +00:00
Dr. Stephen Henson
32a2d8ddfe Provisional AES XTS support. 2011-04-12 23:21:33 +00:00
Dr. Stephen Henson
49cb5e0b40 Fix memory leaks: uninstantiate DRBG during health checks. Cleanup md_ctx 
when performing ECDSA selftest.
 2011-04-12 14:28:06 +00:00
Dr. Stephen Henson
364ce53cef No need to disable leak checking for FIPS builds now we use internal 
memory callbacks.
 2011-04-12 13:01:40 +00:00
Dr. Stephen Henson
48da9b8f2a Fix warning. 2011-04-11 14:52:59 +00:00
Dr. Stephen Henson
1f91af5e56 remove ENGINE dependency from ecdh 2011-04-10 01:14:25 +00:00
Dr. Stephen Henson
55e328f580 Add error for health check failure. 
Rebuild all FIPS error codes to clean out old obsolete codes.
 2011-04-09 17:46:31 +00:00
Dr. Stephen Henson
31360957fb DH keys have an (until now) unused 'q' parameter. When creating 
from DSA copy q across and if q present generate DH key in the
correct range.
 2011-04-07 15:01:48 +00:00
Dr. Stephen Henson
d80399a357 Only use fake rand once per operation. This stops the EC 
pairwise consistency test interfering with the test.
 2011-04-06 23:42:55 +00:00
Dr. Stephen Henson
6653c6f2e8 Update OpenSSL DRBG support code. Use date time vector as additional data. 
Set FIPS RAND_METHOD at same time as OpenSSL RAND_METHOD.
 2011-04-06 23:40:22 +00:00
Dr. Stephen Henson
4c8855b975 Add missing error code strings. 2011-04-06 18:17:05 +00:00
Dr. Stephen Henson
acd410dc15 check buffer is larger enough before overwriting 2011-04-06 18:06:41 +00:00
Dr. Stephen Henson
05e24c87dd Extensive reorganisation of PRNG handling in FIPS module: all calls 
now use an internal RAND_METHOD. All dependencies to OpenSSL standard
PRNG are now removed: it is the applications resposibility to setup
the FIPS PRNG and initalise it.

Initial OpenSSL RAND_init_fips() function that will setup the DRBG
for the "FIPS capable OpenSSL".
 2011-04-05 15:24:10 +00:00
Dr. Stephen Henson
ab1415d2f5 Updated error codes for FIPS library. 2011-04-04 17:05:09 +00:00
Andy Polyakov
7af0400297 gcm128.c: fix shadow warnings. 2011-04-04 15:24:09 +00:00
Dr. Stephen Henson
1d59fe5267 Disable test fprintf. 2011-04-04 14:52:20 +00:00
Dr. Stephen Henson
ded1999702 Change RNG test to block oriented instead of request oriented, add option 
to test a "stuck" DRBG.
 2011-04-04 14:47:31 +00:00
Dr. Stephen Henson
a255e5bc98 check RAND_pseudo_bytes return value 2011-04-04 14:43:20 +00:00
Andy Polyakov
e512375186 ARM assembler pack: add missing arm_arch.h. 2011-04-01 21:09:09 +00:00
Andy Polyakov
1e86318091 ARM assembler pack: profiler-assisted optimizations and NEON support. 2011-04-01 20:58:34 +00:00
Andy Polyakov
d8d958323b gcm128.c: tidy up, minor optimization, rearrange gcm128_context. 2011-04-01 20:52:35 +00:00
Dr. Stephen Henson
30b26b551f restore .cvsignore 2011-04-01 18:49:24 +00:00
Dr. Stephen Henson
02eb92abad temporarily update .cvsignore 2011-04-01 18:38:51 +00:00
Dr. Stephen Henson
8cf88778ea Allow FIPS malloc callback setting. Automatically set some callbacks 
in OPENSSL_init().
 2011-04-01 16:23:16 +00:00
Dr. Stephen Henson
c4acfb1fd0 Add additional OPENSSL_init() handling add dummy call to (hopefully) 
ensure OPENSSL_init() is always linked into an application.
 2011-04-01 15:46:03 +00:00
Dr. Stephen Henson
3f7468318d Provisional support for auto called OPENSSL_init() function. This can be 
used to set up any appropriate functions such as FIPS callbacks without
requiring an explicit application call.
 2011-04-01 14:49:30 +00:00
Dr. Stephen Henson
e06de4dd35 Remove redundant definitions. Give error code if DRBG sefltest fails. 2011-03-31 17:23:12 +00:00
Richard Levitte
3a660e7364 Corrections to the VMS build system. 
Submitted by Steven M. Schweda <sms@antinode.info>
 2011-03-25 16:20:35 +00:00