Commit graph

10643 commits

Author SHA1 Message Date
Dr. Stephen Henson
ff7231043f make timing attack protection unconditional 2011-09-01 14:23:09 +00:00
Dr. Stephen Henson
5e92fd244c Stop warnings. 2011-09-01 14:15:47 +00:00
Dr. Stephen Henson
d41ce00b8c PR: 2573
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve

Fix DTLS buffering and decryption bug.
2011-09-01 14:02:23 +00:00
Dr. Stephen Henson
04485c5bc0 PR: 2589
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve

Initialise p pointer.
2011-09-01 13:52:48 +00:00
Dr. Stephen Henson
d77a970669 PR: 2588
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve

Close file pointer.
2011-09-01 13:49:16 +00:00
Dr. Stephen Henson
f7924634d4 PR: 2586
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve

Zero structure fields properly.
2011-09-01 13:45:46 +00:00
Dr. Stephen Henson
d3f6a5a01d PR: 2586
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve

Fix brace mismatch.
2011-09-01 13:37:37 +00:00
Dr. Stephen Henson
d35c284b73 Print private key component is -exout parameter is given. 2011-08-29 16:09:07 +00:00
Dr. Stephen Henson
00220f8111 Fix ecdh primitives test command line. 2011-08-29 15:35:35 +00:00
Andy Polyakov
cfdbff23ab bn_exp.c: improve portability. 2011-08-27 19:38:55 +00:00
Andy Polyakov
f7eb0ab9ac util/incore: fix typo. 2011-08-27 19:37:25 +00:00
Dr. Stephen Henson
2abaa9caaf Add support for DSA2 PQG generation of g parameter. 2011-08-27 12:30:47 +00:00
Dr. Stephen Henson
f55f5f775e Add support for canonical generation of DSA parameter g.
Modify fips_dssvs to support appropriate file format.
2011-08-26 14:51:49 +00:00
Dr. Stephen Henson
7daf0efad9 Fix warning. 2011-08-25 19:50:51 +00:00
Dr. Stephen Henson
edd4d402c6 Don't use some object files in FIPS build. 2011-08-23 23:35:30 +00:00
Dr. Stephen Henson
e6133727fb Rename sparc symbols. 2011-08-23 21:06:44 +00:00
Andy Polyakov
c608171d9c Add RC4-MD5 and AESNI-SHA1 "stitched" implementations. 2011-08-23 20:51:38 +00:00
Andy Polyakov
c2d4c2867b eng_rsax.c: improve portability. 2011-08-22 19:01:16 +00:00
Dr. Stephen Henson
46883b67de Correct maximum request length. SP800-90 quotes maximum bits, not bytes. 2011-08-19 23:25:10 +00:00
Andy Polyakov
6c01cbb6a0 modexp512-x86_64.pl: make it work with ml64. 2011-08-19 06:30:32 +00:00
Dr. Stephen Henson
c20de0386a Fix fipsalgtest.pl to still work with old test vectors. 2011-08-18 16:06:24 +00:00
Dr. Stephen Henson
eea98320a0 typo 2011-08-16 12:45:26 +00:00
Dr. Stephen Henson
4c1d92c56f Update instructions to recommend use of included incore script. 2011-08-16 11:25:56 +00:00
Andy Polyakov
d341e40264 Makefile.org: get commit#21249 right. 2011-08-16 08:56:07 +00:00
Dr. Stephen Henson
142625b534 Delete library install from Makefile.fips: it isn't used.
Revert change to Makefile.org: it breaks install.
2011-08-15 20:38:16 +00:00
Dr. Stephen Henson
7cbab63f5a quote LIBS to copy with empty string 2011-08-15 18:16:55 +00:00
Dr. Stephen Henson
9015ee1826 Enable rsa-pss0 for non-v2 tests. 2011-08-15 14:50:00 +00:00
Dr. Stephen Henson
1f59a84308 Remove hard coded ecdsaWithSHA1 hack in ssl routines and check for RSA
using OBJ xref utilities instead of string comparison with OID name.

This removes the arbitrary restriction on using SHA1 only with some ECC
ciphersuites.
2011-08-14 13:45:19 +00:00
Andy Polyakov
bf3dfe7fee bn_div.c: remove duplicate code by merging BN_div and BN_div_no_branch. 2011-08-14 11:31:35 +00:00
Andy Polyakov
e7d1363d12 x86_64-mont5.pl: add missing Win64 support. 2011-08-14 09:06:06 +00:00
Andy Polyakov
f744bcfd73 eng_rdrand.c: make it link in './config 386' case. 2011-08-14 08:30:56 +00:00
Andy Polyakov
10bd69bf4f armv4-mont.pl: profiler-assisted optimization gives 8%-14% improvement
(more for longer keys) on RSA/DSA.
2011-08-13 12:38:41 +00:00
Andy Polyakov
ae8b47f07f SPARC assembler pack: fix FIPS linking errors. 2011-08-12 21:38:19 +00:00
Andy Polyakov
272ba87017 x86_64-xlate.pl: fix movzw. 2011-08-12 21:24:19 +00:00
Andy Polyakov
361512da0d This commit completes recent modular exponentiation optimizations on
x86_64 platform. It targets specifically RSA1024 sign (using ideas
from http://eprint.iacr.org/2011/239) and adds more than 10% on most
platforms. Overall performance improvement relative to 1.0.0 is ~40%
in average, with best result of 54% on Westmere. Incidentally ~40%
is average improvement even for longer key lengths.
2011-08-12 16:44:32 +00:00
Andy Polyakov
20735f4c81 alphacpuid.pl: fix alignment bug.
alpha-mont.pl: fix typo.
PR: 2577
2011-08-12 12:28:52 +00:00
Dr. Stephen Henson
ab1ec69843 aesni TLS GCM support 2011-08-11 23:06:19 +00:00
Dr. Stephen Henson
19ad345739 prevent compilation errors and warnings 2011-08-11 21:12:17 +00:00
Dr. Stephen Henson
513e28c0a4 Include armcap.c in fips tarball. 2011-08-11 17:30:07 +00:00
Dr. Stephen Henson
7f06921eca Remove redundant assignment. 2011-08-11 13:22:04 +00:00
Andy Polyakov
37f010e248 Add provisory support for RDRAND instruction. 2011-08-10 18:52:42 +00:00
Andy Polyakov
85ec54a417 x86_64-mont.pl: futher optimization resulting in up to 48% improvement
(4096-bit RSA sign benchmark on Core2) in comparison to initial version
from 2005.
2011-08-09 13:05:05 +00:00
Dr. Stephen Henson
20f12e63ff Add HMAC DRBG from SP800-90 2011-08-08 22:07:38 +00:00
Dr. Stephen Henson
b38fd40db4 Use "resp" for default directory name for .rsp files. 2011-08-08 18:06:40 +00:00
Dr. Stephen Henson
8d7fbd021b Fix DSA to skip EOL test when parsing mod line. 2011-08-08 14:47:51 +00:00
Dr. Stephen Henson
49e9b97885 Initial support for tests for 2.0 module. Not complete and not all working
yet.

Allow test type to be determined by a regexp on the pathname. So tests like:

DSA/SigVer, DSA2/SigVer, ECDSA/SigVer, ECDSA2/SigVer can all be
distinguished.
2011-08-08 14:47:04 +00:00
Andy Polyakov
267b481c47 aes/asm/aesni-*.pl: fix CCM and further optimize it.
modes/ccm128.c: minor branch optimization.
2011-08-07 17:47:56 +00:00
Dr. Stephen Henson
8a8cc84f74 fix memory leak 2011-08-03 16:39:58 +00:00
Dr. Stephen Henson
28dd49faec Expand range of ctrls for AES GCM to support retrieval and setting of
invocation field.

Add complete support for AES GCM ciphersuites including all those in
RFC5288 and RFC5289.
2011-08-03 15:37:22 +00:00
Dr. Stephen Henson
3699ec6056 recognise ecdsaWithSHA1 OID 2011-07-28 14:40:01 +00:00