Commit graph

10800 commits

Author SHA1 Message Date
Dr. Stephen Henson
e9093c9832 PR: 2499
Submitted by: "James 'J.C.' Jones" <james.jc.jones@gmail.com>

Typos.
2011-05-02 23:29:57 +00:00
Dr. Stephen Henson
2e2a962aad Fix do_fips script. 2011-05-02 17:11:54 +00:00
Dr. Stephen Henson
9243a86d75 Use faster curves for ECDSA self test. 2011-05-02 12:13:04 +00:00
Dr. Stephen Henson
fc98a4377d Use more portable clock_gettime() for fips_test_suite timing.
Output times of each subtest.
2011-05-02 11:09:38 +00:00
Dr. Stephen Henson
fd600c0037 Stop warning in VxWorks. 2011-05-01 20:55:05 +00:00
Dr. Stephen Henson
a32ad6891b Quick hack to time POST. 2011-05-01 20:54:42 +00:00
Dr. Stephen Henson
2325315ba3 Two more symbol renames. 2011-05-01 19:07:16 +00:00
Dr. Stephen Henson
8a2024ea59 Handle multiple CPUID_OBJ correctly. 2011-05-01 19:06:39 +00:00
Dr. Stephen Henson
42c7c6764e Rename some more symbols. 2011-05-01 17:51:40 +00:00
Dr. Stephen Henson
9f7b2c76b1 Include crypto.h in ppccap.c 2011-05-01 16:54:24 +00:00
Dr. Stephen Henson
1c6807c9d6 Add ppc_cap.c to restricted tarball. 2011-05-01 16:46:28 +00:00
Dr. Stephen Henson
bd4b0137fc For FIPS algorithm test utilities use our own version of strcasecmp and
strncasecmp to cover cases where platforms don't support them.
2011-05-01 16:18:52 +00:00
Dr. Stephen Henson
2f6efd6acb Some changes to support VxWorks in the validted module. 2011-05-01 15:36:54 +00:00
Dr. Stephen Henson
823df31be7 Disable SHA256 if not supported. 2011-05-01 15:36:16 +00:00
Dr. Stephen Henson
ee872e99f7 Update symbol translation table. 2011-05-01 14:33:59 +00:00
Dr. Stephen Henson
9a85e53813 no need to include memory.h 2011-04-30 23:37:42 +00:00
Dr. Stephen Henson
7409d7ad51 Initial incomplete TLS v1.2 support. New ciphersuites added, new version
checking added, SHA256 PRF support added.

At present only RSA key exchange ciphersuites work with TLS v1.2 as the
new signature format is not yet implemented.
2011-04-29 22:56:51 +00:00
Dr. Stephen Henson
08557cf22c Initial "opaque SSL" framework. If an application defines
OPENSSL_NO_SSL_INTERN all ssl related structures are opaque
and internals cannot be directly accessed. Many applications
will need some modification to support this and most likely some
additional functions added to OpenSSL.

The advantage of this option is that any application supporting
it will still be binary compatible if SSL structures change.
2011-04-29 22:37:12 +00:00
Dr. Stephen Henson
c4d162873f Don't assume version of rm supports -rf: use RM instead. 2011-04-28 20:52:21 +00:00
Dr. Stephen Henson
1eb8939695 Stop warnings about undefined _exit on Android.
Additional script output options to fipsalgtest.pl
2011-04-28 12:20:12 +00:00
Dr. Stephen Henson
7c50694f05 Fix warning. 2011-04-24 12:40:26 +00:00
Dr. Stephen Henson
7979626995 Recognise invalid enable/disable options.
Option to shut up bogus warnings.
2011-04-24 12:13:32 +00:00
Dr. Stephen Henson
c36ce81cf5 Clarification. 2011-04-24 11:38:22 +00:00
Andy Polyakov
3f0d14055b gcm128.c: minor optimization. 2011-04-24 11:10:54 +00:00
Andy Polyakov
f855b9d719 ccm128.c: add CRYPTO_ccm128_[en|de]crypt_ccm64 and minor optimization. 2011-04-24 11:10:14 +00:00
Richard Levitte
ce67647605 fips_check_dsa_prng() should only be built when OPENSSL_FIPS is defined. 2011-04-24 10:07:17 +00:00
Richard Levitte
171edf7ff4 Error discrepancy corrected. 2011-04-24 08:59:15 +00:00
Dr. Stephen Henson
69a80f7d5e More fixes for DSA FIPS overrides. 2011-04-23 21:59:12 +00:00
Dr. Stephen Henson
dc03504d09 Make sure overrides work for RSA/DSA. 2011-04-23 21:15:05 +00:00
Dr. Stephen Henson
383bc117bb Oops, work out expanded buffer length before allocating it... 2011-04-23 20:24:55 +00:00
Dr. Stephen Henson
e0d1a2f80a Always return multiple of block length bytes from default DRBG seed
callback.

Handle case where no multiple of the block size is in the interval
[min_len, max_len].
2011-04-23 20:05:19 +00:00
Dr. Stephen Henson
cac4fb58e0 Add PRNG security strength checking. 2011-04-23 19:55:55 +00:00
Andy Polyakov
9e5fe439b4 xts128.c: fix bug introduced in commit#20704. Bug affected encryption of
vectors whose lenght was not multiples of 16 bytes.
2011-04-23 09:15:03 +00:00
Dr. Stephen Henson
74fac927b0 Return errors instead of aborting when selftest fails. 2011-04-22 11:12:56 +00:00
Dr. Stephen Henson
da9ead8db2 Add XTS test vector support to fipsalgtest.pl 2011-04-22 01:05:53 +00:00
Dr. Stephen Henson
bef5013961 Rewrite OutputValue to avoid use of buffer when printing out hex values.
Delete unused functions from fips_utl.h.

Increase xts line buffer.
2011-04-22 00:41:35 +00:00
Dr. Stephen Henson
79170bc97a Initial do_fips.bat build script for WIN32 fipscanister. 2011-04-21 21:06:12 +00:00
Dr. Stephen Henson
95c9e774f9 Reconise no-ec-nistp224-64-gcc-128 option. 2011-04-21 20:55:35 +00:00
Dr. Stephen Henson
e161120eff Make fipscanisteronly auto detect work on WIN32. 2011-04-21 16:58:51 +00:00
Dr. Stephen Henson
84ed90f88b Fix WIN32 warning. 2011-04-21 14:54:33 +00:00
Dr. Stephen Henson
065d050e7a Update ordinals. 2011-04-21 14:54:13 +00:00
Dr. Stephen Henson
b8b6a13a56 Add continuous RNG test to entropy source. Entropy callbacks now need
to specify a "block length".
2011-04-21 14:17:15 +00:00
Dr. Stephen Henson
7608978861 Update DRBG to use new POST scheme. 2011-04-20 18:05:05 +00:00
Dr. Stephen Henson
14264b19de Add periodic DRBG health checks as required by SP800-90. 2011-04-20 17:06:38 +00:00
Dr. Stephen Henson
8da18ea1a5 Add partial GCM tests to fipsalgtest.pl 2011-04-20 15:06:44 +00:00
Dr. Stephen Henson
7aaa88e55c Add partial DH and ECDH primitives only testing to fipsalgtest.pl 2011-04-20 14:33:39 +00:00
Dr. Stephen Henson
84c7a8f7dc Warn if lines are truncated in algorithm test utilities.
Support for new test files: DRBG and CCM.
2011-04-20 13:20:31 +00:00
Andy Polyakov
daaf5088fd xts128.c: minor optimization and clarified prototype. 2011-04-20 08:13:58 +00:00
Andy Polyakov
e382e4e603 perlasm/x86gas.pl: make OPENSSL_instrument_bus[2] compile. 2011-04-19 19:09:18 +00:00
Dr. Stephen Henson
cb1b3aa151 Add AES CCM selftest. 2011-04-19 18:57:58 +00:00