Commit graph

10800 commits

Author SHA1 Message Date
Richard Levitte
3a660e7364 Corrections to the VMS build system.
Submitted by Steven M. Schweda <sms@antinode.info>
2011-03-25 16:20:35 +00:00
Dr. Stephen Henson
dad7851485 Allow setting of get_entropy and get_nonce callbacks outside test mode.
Test mode is now set when a DRBG context is initialised.
2011-03-25 14:38:37 +00:00
Dr. Stephen Henson
9db6974f77 Add .cvsignore 2011-03-25 14:26:23 +00:00
Dr. Stephen Henson
8e5dbc23df Remove unused function. 2011-03-25 14:24:23 +00:00
Dr. Stephen Henson
bd7e6bd44b Fix compiler warnings. 2011-03-25 12:36:02 +00:00
Dr. Stephen Henson
97057a1a7d Make some Unix builds work again. 2011-03-25 12:09:29 +00:00
Dr. Stephen Henson
8e51aef611 Typo. 2011-03-25 12:00:16 +00:00
Richard Levitte
4ec3e8ca51 For VMS, implement the possibility to choose 64-bit pointers with
different options:
"64"		The build system will choose /POINTER_SIZE=64=ARGV if
		the compiler supports it, otherwise /POINTER_SIZE=64.
"64="		The build system will force /POINTER_SIZE=64.
"64=ARGV"	The build system will force /POINTER_SIZE=64=ARGV.
2011-03-25 09:40:48 +00:00
Richard Levitte
5d0137aa14 make update 2011-03-25 09:30:52 +00:00
Richard Levitte
30fafdebf3 * Configure, crypto/ec/ec.h, crypto/ec/ecp_nistp224.c, util/mkdef.pl:
Have EC_NISTP224_64_GCC_128 treated like any algorithm, and have
  disabled by default.  If we don't do it this way, it screws up
  libeay.num.
* util/libeay.num: make update
2011-03-25 09:29:46 +00:00
Richard Levitte
e775bbc464 * fips/cmac/fips_cmac_selftest.c: Because the examples in SP_800-38B
aren't trustworthy (see examples 13 and 14, they have the same mac,
  as do examples 17 and 18), use examples from official test vectors
  instead.
2011-03-25 09:24:02 +00:00
Richard Levitte
d8ba2a42e9 * fips/fipsalgtest.pl: Test the testvectors for all the CMAC ciphers
we support.
2011-03-25 08:48:26 +00:00
Richard Levitte
af267e4315 * fips/cmac/fips_cmactest.c: Some say TDEA, others say TDES. Support
both names.
2011-03-25 08:44:37 +00:00
Richard Levitte
d15467d582 * fips/cmac/fips_cmactest.c: Changed to accept all the ciphers we
support (Two Key TDEA is not supported), to handle really big
  messages (some of the test vectors have messages 65536 bytes long),
  and to handle cases where there are several keys (Three Key TDEA)
2011-03-25 08:40:33 +00:00
Richard Levitte
9507979228 * Makefile.fips: Update and add details about cmac. 2011-03-25 07:17:17 +00:00
Richard Levitte
c6dbe90895 make update 2011-03-24 22:59:02 +00:00
Richard Levitte
37942b93af Implement FIPS CMAC.
* fips/fips_test_suite.c, fips/fipsalgtest.pl, test/Makefile: Hook in
  test cases and build test program.
2011-03-24 22:57:52 +00:00
Richard Levitte
399aa6b5ff Implement FIPS CMAC.
* fips/cmac/*: Implement the basis for FIPS CMAC, using FIPS HMAC as
  an example.
* crypto/cmac/cmac.c: Enable the FIPS API.  Change to use M_EVP macros
  where possible.
* crypto/evp/evp.h: (some of the macros get added with this change)
* fips/fips.h, fips/utl/fips_enc.c: Add a few needed functions and use
  macros to have cmac.c use these functions.
* Makefile.org, fips/Makefile, fips/fips.c: Hook it in.
2011-03-24 22:55:02 +00:00
Richard Levitte
487b023f3d make update (1.1.0-dev)
This meant alarger renumbering in util/libeay.num due to symbols
appearing in 1.0.0-stable and 1.0.1-stable.  However, since there's
been no release on this branch yet, it should be harmless.
2011-03-23 00:11:32 +00:00
Richard Levitte
1f9c2b3f71 * crypto/crypto-lib.com: Add a few more missing modules. 2011-03-23 00:10:16 +00:00
Richard Levitte
486ec55503 * util/mkdef.pl: Add crypto/o_str.h and crypto/o_time.h. Maybe some
more need to be added...
2011-03-22 23:54:18 +00:00
Dr. Stephen Henson
4fc02f1229 Use a signed value to check return value of do_cipher(). 2011-03-21 17:37:27 +00:00
Dr. Stephen Henson
beb895083c Free DRBG context in self tests. 2011-03-21 14:40:57 +00:00
Richard Levitte
2d1122b802 * apps/makeapps.com: Add srp. 2011-03-20 17:34:04 +00:00
Richard Levitte
f0d9196237 * apps/makeapps.com: Forgot to end the check for /POINTER_SIZE=64=ARGV
with turning trapping back on.
* test/maketests.com: Do the same check for /POINTER_SIZE=64=ARGV
  here.
* test/clean-test.com: A new script for cleaning up.
2011-03-20 14:02:20 +00:00
Richard Levitte
8ecef24a66 * apps/openssl.c: For VMS, take care of copying argv if needed much earlier,
directly in main().  'if needed' also includes when argv is a 32 bit
  pointer in an otherwise 64 bit environment.
* apps/makeapps.com: When using /POINTER_SIZE=64, try to use the additional
  =ARGV, but only if it's supported.  Fortunately, DCL is very helpful
  telling us in this case.
2011-03-20 13:15:33 +00:00
Richard Levitte
3d62b1f22d A few more long symbols need shortening. 2011-03-20 10:23:51 +00:00
Richard Levitte
9e67d24743 Add missing source. Also, have the compile also use [.MODES] as
include directory, as other parts (notably, EVP) seem to need it.
2011-03-20 10:23:27 +00:00
Richard Levitte
537c982306 After some adjustments, apply the changes OpenSSL 1.0.0d on OpenVMS
submitted by Steven M. Schweda <sms@antinode.info>
2011-03-19 10:58:14 +00:00
Dr. Stephen Henson
5904882eaa Typo. 2011-03-18 18:17:55 +00:00
Dr. Stephen Henson
1e803100de Implement continuous RNG test for SP800-90 DRBGs. 2011-03-17 18:53:33 +00:00
Dr. Stephen Henson
96ec46f7c0 Implement health checks needed by SP800-90.
Fix warnings.

Instantiate DRBGs at maximum strength.
2011-03-17 16:55:24 +00:00
Dr. Stephen Henson
27131fe8f7 Fix warnings about ignored return values. 2011-03-17 14:43:13 +00:00
Dr. Stephen Henson
23bc7961d2 Fix broken SRP error/function code assignment. 2011-03-16 16:17:46 +00:00
Dr. Stephen Henson
fbbabb646c Add extensive DRBG selftest data and option to corrupt it in fips_test_suite. 2011-03-16 15:52:12 +00:00
Ben Laurie
8cd3d99f57 Missing SRP files. 2011-03-16 11:50:33 +00:00
Ben Laurie
d4f3dd5fb6 Fix Tom Wu's email. 2011-03-16 11:28:43 +00:00
Dr. Stephen Henson
aa24c4a736 PR: 2469
Submitted by: Jim Studt <jim@studt.net>
Reviewed by: steve

Check mac is present before trying to retrieve mac iteration count.
2011-03-13 18:20:01 +00:00
Dr. Stephen Henson
d70fcb96ac Fix warnings: signed/unisgned comparison, shadowing (in some cases global
functions such as rand() ).
2011-03-12 17:27:03 +00:00
Dr. Stephen Henson
5e374d2ee8 Remove redundant check to stop compiler warning. 2011-03-12 17:06:35 +00:00
Ben Laurie
0deea0e03c Note SRP support. 2011-03-12 17:04:07 +00:00
Ben Laurie
edc032b5e3 Add SRP support. 2011-03-12 17:01:19 +00:00
Ben Laurie
0c4e67102e Fix warning. 2011-03-12 13:55:24 +00:00
Dr. Stephen Henson
1b76fac5ae Check requested security strength in DRBG. Add function to retrieve the
security strength.
2011-03-11 17:42:11 +00:00
Dr. Stephen Henson
329c744f51 make no-dsa work again 2011-03-10 18:26:50 +00:00
Dr. Stephen Henson
4d5d28675e Update status. 2011-03-10 14:01:34 +00:00
Dr. Stephen Henson
1acc24a8ba Make no-ec2m work again. 2011-03-10 01:00:30 +00:00
Dr. Stephen Henson
f52e552a93 Add a few more symbol renames. 2011-03-09 23:53:41 +00:00
Dr. Stephen Henson
8857b380e2 Add ECDH to validated module. 2011-03-09 23:44:06 +00:00
Dr. Stephen Henson
a6de7133bb Enter FIPS mode in fips_dhvs. Support file I/O in fips_ecdsavs. 2011-03-09 14:55:10 +00:00