Commit graph

322 commits

Author SHA1 Message Date
Dr. Stephen Henson
e2abfd58cc Stop warning and fix memory leaks. 2011-04-12 13:02:56 +00:00
Dr. Stephen Henson
6223352683 Update ECDSA selftest to use hard coded private keys. Include tests for
prime and binary fields.
2011-04-12 11:49:35 +00:00
Dr. Stephen Henson
1a4d93bfb5 Update fips_premain.c fingerprint. 2011-04-12 11:48:00 +00:00
Dr. Stephen Henson
63c82f8abb Update copyright year.
Zero ciphertext and plaintext temporary buffers.

Check FIPS_cipher() return value.
2011-04-11 21:32:51 +00:00
Dr. Stephen Henson
6909dccc32 Set length to 41 (40 hex characters + null). 2011-04-11 14:50:11 +00:00
Dr. Stephen Henson
ac319dd82b Typo: fix duplicate call. 2011-04-10 23:32:19 +00:00
Dr. Stephen Henson
55e328f580 Add error for health check failure.
Rebuild all FIPS error codes to clean out old obsolete codes.
2011-04-09 17:46:31 +00:00
Dr. Stephen Henson
f3823ddfcf Before initalising a live DRBG (i.e. not in test mode) run a complete health
check on a DRBG of the same type.
2011-04-09 17:27:07 +00:00
Dr. Stephen Henson
68ea88b8d1 New function to return security strength of PRNG. 2011-04-09 16:49:59 +00:00
Dr. Stephen Henson
6653c6f2e8 Update OpenSSL DRBG support code. Use date time vector as additional data.
Set FIPS RAND_METHOD at same time as OpenSSL RAND_METHOD.
2011-04-06 23:40:22 +00:00
Dr. Stephen Henson
42bd0a6b3c Update fipssyms.h to keep all symbols in FIPS,fips namespace.
Rename drbg_cprng_test to fips_drbg_cprng_test.

Remove rand files from Makefile.fips.
2011-04-05 15:48:05 +00:00
Dr. Stephen Henson
05e24c87dd Extensive reorganisation of PRNG handling in FIPS module: all calls
now use an internal RAND_METHOD. All dependencies to OpenSSL standard
PRNG are now removed: it is the applications resposibility to setup
the FIPS PRNG and initalise it.

Initial OpenSSL RAND_init_fips() function that will setup the DRBG
for the "FIPS capable OpenSSL".
2011-04-05 15:24:10 +00:00
Dr. Stephen Henson
cab0595c14 Rename deprecated FIPS_rand functions to FIPS_x931. These shouldn't be
used by applications directly and the X9.31 PRNG is deprecated by new
FIPS140-2 rules anyway.
2011-04-05 12:42:31 +00:00
Dr. Stephen Henson
f4bd65dae3 Set error code is additional data callback fails. 2011-04-04 17:03:35 +00:00
Dr. Stephen Henson
8776ef63c1 Change FIPS locking functions to macros so we get useful line information.
Set fips_thread_set properly.
2011-04-04 15:38:21 +00:00
Dr. Stephen Henson
ded1999702 Change RNG test to block oriented instead of request oriented, add option
to test a "stuck" DRBG.
2011-04-04 14:47:31 +00:00
Dr. Stephen Henson
7d48743b95 restore .cvsignore 2011-04-01 18:40:30 +00:00
Dr. Stephen Henson
b26f324824 delete lib file 2011-04-01 18:40:05 +00:00
Dr. Stephen Henson
02eb92abad temporarily update .cvsignore 2011-04-01 18:38:51 +00:00
Dr. Stephen Henson
e5cadaf8db Only zeroise sensitive parts of DRBG context, so the type and flags
are undisturbed.

Allow setting of "rand" callbacks for DRBG.
2011-04-01 17:49:45 +00:00
Dr. Stephen Henson
8cf88778ea Allow FIPS malloc callback setting. Automatically set some callbacks
in OPENSSL_init().
2011-04-01 16:23:16 +00:00
Dr. Stephen Henson
011c865640 Initial switch to DRBG base PRNG in FIPS mode. Include bogus seeding for
test applications.
2011-04-01 14:46:07 +00:00
Dr. Stephen Henson
212a08080c Unused, untested, provisional RAND interface for DRBG. 2011-03-31 18:06:07 +00:00
Dr. Stephen Henson
e06de4dd35 Remove redundant definitions. Give error code if DRBG sefltest fails. 2011-03-31 17:23:12 +00:00
Dr. Stephen Henson
52b6ee8245 Reorganise DRBG API so the entropy and nonce callbacks can return a
pointer to a buffer instead of copying to a fixed length buffer. This
removes the entropy and nonce length restrictions.
2011-03-31 17:15:54 +00:00
Dr. Stephen Henson
bb61a6c80d fix warnings 2011-03-31 17:12:49 +00:00
Dr. Stephen Henson
5198009885 Add .cvsignore 2011-03-25 16:37:30 +00:00
Dr. Stephen Henson
cd22dfbf01 Have all algorithm test programs call fips_algtest_init() at startup:
this will perform all standalone operations such as setting error
callbacks, entering FIPS mode etc.
2011-03-25 16:36:46 +00:00
Dr. Stephen Henson
d4178c8fb1 Disable cmac tests by default so the old algorithm test vectors work. 2011-03-25 16:34:20 +00:00
Dr. Stephen Henson
dad7851485 Allow setting of get_entropy and get_nonce callbacks outside test mode.
Test mode is now set when a DRBG context is initialised.
2011-03-25 14:38:37 +00:00
Dr. Stephen Henson
9db6974f77 Add .cvsignore 2011-03-25 14:26:23 +00:00
Dr. Stephen Henson
8e5dbc23df Remove unused function. 2011-03-25 14:24:23 +00:00
Dr. Stephen Henson
bd7e6bd44b Fix compiler warnings. 2011-03-25 12:36:02 +00:00
Richard Levitte
e775bbc464 * fips/cmac/fips_cmac_selftest.c: Because the examples in SP_800-38B
aren't trustworthy (see examples 13 and 14, they have the same mac,
  as do examples 17 and 18), use examples from official test vectors
  instead.
2011-03-25 09:24:02 +00:00
Richard Levitte
d8ba2a42e9 * fips/fipsalgtest.pl: Test the testvectors for all the CMAC ciphers
we support.
2011-03-25 08:48:26 +00:00
Richard Levitte
af267e4315 * fips/cmac/fips_cmactest.c: Some say TDEA, others say TDES. Support
both names.
2011-03-25 08:44:37 +00:00
Richard Levitte
d15467d582 * fips/cmac/fips_cmactest.c: Changed to accept all the ciphers we
support (Two Key TDEA is not supported), to handle really big
  messages (some of the test vectors have messages 65536 bytes long),
  and to handle cases where there are several keys (Three Key TDEA)
2011-03-25 08:40:33 +00:00
Richard Levitte
c6dbe90895 make update 2011-03-24 22:59:02 +00:00
Richard Levitte
37942b93af Implement FIPS CMAC.
* fips/fips_test_suite.c, fips/fipsalgtest.pl, test/Makefile: Hook in
  test cases and build test program.
2011-03-24 22:57:52 +00:00
Richard Levitte
399aa6b5ff Implement FIPS CMAC.
* fips/cmac/*: Implement the basis for FIPS CMAC, using FIPS HMAC as
  an example.
* crypto/cmac/cmac.c: Enable the FIPS API.  Change to use M_EVP macros
  where possible.
* crypto/evp/evp.h: (some of the macros get added with this change)
* fips/fips.h, fips/utl/fips_enc.c: Add a few needed functions and use
  macros to have cmac.c use these functions.
* Makefile.org, fips/Makefile, fips/fips.c: Hook it in.
2011-03-24 22:55:02 +00:00
Dr. Stephen Henson
beb895083c Free DRBG context in self tests. 2011-03-21 14:40:57 +00:00
Dr. Stephen Henson
5904882eaa Typo. 2011-03-18 18:17:55 +00:00
Dr. Stephen Henson
1e803100de Implement continuous RNG test for SP800-90 DRBGs. 2011-03-17 18:53:33 +00:00
Dr. Stephen Henson
96ec46f7c0 Implement health checks needed by SP800-90.
Fix warnings.

Instantiate DRBGs at maximum strength.
2011-03-17 16:55:24 +00:00
Dr. Stephen Henson
fbbabb646c Add extensive DRBG selftest data and option to corrupt it in fips_test_suite. 2011-03-16 15:52:12 +00:00
Dr. Stephen Henson
1b76fac5ae Check requested security strength in DRBG. Add function to retrieve the
security strength.
2011-03-11 17:42:11 +00:00
Dr. Stephen Henson
1acc24a8ba Make no-ec2m work again. 2011-03-10 01:00:30 +00:00
Dr. Stephen Henson
f52e552a93 Add a few more symbol renames. 2011-03-09 23:53:41 +00:00
Dr. Stephen Henson
8857b380e2 Add ECDH to validated module. 2011-03-09 23:44:06 +00:00
Dr. Stephen Henson
a6de7133bb Enter FIPS mode in fips_dhvs. Support file I/O in fips_ecdsavs. 2011-03-09 14:55:10 +00:00
Dr. Stephen Henson
0fa714a4f0 Update fips_dhvs to handle functional test by generating keys. 2011-03-09 14:39:54 +00:00
Dr. Stephen Henson
0392f94fbc Typo. 2011-03-08 21:29:07 +00:00
Dr. Stephen Henson
11e80de3ee New initial DH algorithm test driver. 2011-03-08 19:10:17 +00:00
Dr. Stephen Henson
a1e7883edb Add meaningful error codes to DRBG. 2011-03-08 14:16:30 +00:00
Dr. Stephen Henson
dd0d2df562 Add file I/O to fips_drbgvs program. 2011-03-08 13:51:34 +00:00
Dr. Stephen Henson
ce57f0d5c2 Support I/O with files in new fips_gcmtest program. 2011-03-08 13:42:21 +00:00
Dr. Stephen Henson
c34a652e1e Remove redirection from fipsalgtest.pl script. 2011-03-08 13:29:46 +00:00
Dr. Stephen Henson
12b77cbec3 Remove need for redirection on RNG and DSS algorithm test programs: some
platforms don't support it.
2011-03-08 13:27:29 +00:00
Dr. Stephen Henson
e45c6c4e25 Uninstantiate and free functions for DRBG. 2011-03-07 16:51:17 +00:00
Dr. Stephen Henson
ff4a19a471 Fix couple of bugs in CTR DRBG implementation. 2011-03-06 13:10:37 +00:00
Dr. Stephen Henson
868f12988c Updates to DRBG: fix bugs in infrastructure. Add initial experimental
algorithm test generator.
2011-03-06 12:35:09 +00:00
Dr. Stephen Henson
591cbfae3c Initial, provisional, subject to wholesale change, untested, probably
not working, incomplete and unused SP800-90 DRBGs for CTR and Hash modes.

Did I say this was untested?
2011-03-04 18:00:21 +00:00
Dr. Stephen Henson
949c6f8ccf Stop warnings. 2011-02-23 16:06:33 +00:00
Dr. Stephen Henson
30ff3278ae Add DllMain to fips symbols: will need to call this in FIPS capable OpenSSL. 2011-02-23 15:16:12 +00:00
Dr. Stephen Henson
071eb6b592 Add new symbols to fipssyms.h 2011-02-23 15:04:06 +00:00
Dr. Stephen Henson
b7056b6414 Update dependencies. 2011-02-21 17:51:59 +00:00
Dr. Stephen Henson
37eae9909a Remove unnecessary dependencies. 2011-02-21 17:35:53 +00:00
Dr. Stephen Henson
3deb010dc0 x509v3.h header file not needed in fips algorithm test utilities. 2011-02-21 16:36:47 +00:00
Dr. Stephen Henson
947ff113d2 add ECDSA POST 2011-02-18 17:25:00 +00:00
Dr. Stephen Henson
acf254f86e AES GCM selftests. 2011-02-18 17:09:33 +00:00
Dr. Stephen Henson
d47691ecfe Correct fipssyms.h for more assembly language symbols. 2011-02-17 17:45:09 +00:00
Dr. Stephen Henson
01ad8195aa Remove debugging command.
Reorder fipssyms.h to include assembly language symbols at the end.
2011-02-17 15:33:32 +00:00
Dr. Stephen Henson
017bc57bf9 Experimental FIPS symbol renaming.
Fixups under fips/ to make symbol renaming work.
2011-02-16 14:49:50 +00:00
Dr. Stephen Henson
0fbf8f447b Add pairwise consistency test to EC. 2011-02-15 16:58:28 +00:00
Dr. Stephen Henson
c81f8f59be Use SHA-256 in fips_test_suite. 2011-02-15 16:58:06 +00:00
Dr. Stephen Henson
225a9e296b Update pairwise consistency checks to use SHA-256. 2011-02-15 16:18:18 +00:00
Dr. Stephen Henson
25c6542944 Add non-FIPS algorithm blocking and selftest checking. 2011-02-15 16:03:47 +00:00
Dr. Stephen Henson
fe082202c0 Ignore final '\n' when checking if hex line length is odd. 2011-02-15 15:56:13 +00:00
Dr. Stephen Henson
fbc164ec2f Add support for SigGen and KeyPair tests. 2011-02-15 14:16:57 +00:00
Dr. Stephen Henson
943a0ceed0 Update ECDSA test program to handle ECDSA2 format files.
Correctly handle hex strings with an odd number of digits.
2011-02-14 19:42:49 +00:00
Dr. Stephen Henson
5d2f1538a0 Add .cvsignore. 2011-02-14 17:28:28 +00:00
Dr. Stephen Henson
fe26d066ff Add ECDSA functionality to fips module. Initial very incomplete version
of algorithm test program.
2011-02-14 17:14:55 +00:00
Dr. Stephen Henson
c876a4b7b1 Include support for an add_lock callback to tiny FIPS locking API. 2011-02-14 17:05:42 +00:00
Dr. Stephen Henson
e990b4f838 Remove dependency of dsa_sign.o and dsa_vrf.o: new functions FIPS_dsa_sig_new
and FIPS_dsa_sig_free, reimplment DSA_SIG_new and DSA_SIG_free from ASN1
library.
2011-02-13 18:45:41 +00:00
Dr. Stephen Henson
e47af46cd8 Change FIPS source and utilities to use the "FIPS_" names directly
instead of using regular OpenSSL API names.
2011-02-12 18:25:18 +00:00
Dr. Stephen Henson
30b56225cc New "fispcanisteronly" build option: only build fipscanister.o and
associated utilities. This functionality will be used by the validated
tarball.
2011-02-11 19:02:34 +00:00
Dr. Stephen Henson
a4113c52b2 Disable FIPS restrictions when doing GCM testing. 2011-02-10 01:46:25 +00:00
Dr. Stephen Henson
b3d8022edd Add GCM IV generator. Add some FIPS restrictions to GCM. Update fips_gcmtest. 2011-02-09 16:21:43 +00:00
Dr. Stephen Henson
f4bfe97fc9 Equally experimental encrypt side for fips_gcmtest. Currently this uses IVs
in the request file need to update it to generate IVs once we have an IV
generator in place.
2011-02-08 19:25:24 +00:00
Dr. Stephen Henson
9afe95099d Set values to NULL after freeing them. 2011-02-08 18:25:57 +00:00
Dr. Stephen Henson
9dd346c90d Experimental incomplete AES GCM algorithm test program. 2011-02-08 18:15:59 +00:00
Dr. Stephen Henson
f4001a0d19 Link GCM into FIPS module. Check return value in EVP gcm. 2011-02-08 15:10:42 +00:00
Dr. Stephen Henson
634b66186a Typo. 2011-02-07 14:36:55 +00:00
Dr. Stephen Henson
7e95116064 Remove unneeded functions, make some functions and variables static. 2011-02-04 17:56:57 +00:00
Dr. Stephen Henson
14ae26f2e4 Transfer error redirection to fips.h, add OPENSSL_FIPSAPI to source files
that use it.
2011-02-03 17:00:24 +00:00
Dr. Stephen Henson
c2a459315a Use single X931 key generation source file for FIPS and non-FIPS builds. 2011-02-03 12:47:56 +00:00
Bodo Möller
2440d8b1db Fix error codes. 2011-02-03 10:03:23 +00:00
Dr. Stephen Henson
ee9884654b Cope with new DSA2 file format where some p/q only tests are made. 2011-02-02 17:48:03 +00:00
Dr. Stephen Henson
a5b196a22c Add sign/verify digest API to handle an explicit digest instead of finalising
a context.
2011-02-02 14:21:33 +00:00
Dr. Stephen Henson
b6104f9ad8 Remove DSA parameter generation from DSA selftest. It is unnecessary and
can be very slow on embedded platforms. Hard code DSA parameters instead.
2011-02-02 14:20:45 +00:00
Dr. Stephen Henson
96d5997f5b Don't try to set pmd if it is NULL. 2011-02-01 19:15:12 +00:00
Dr. Stephen Henson
92eb4c551d Add DSA2 support to final algorithm tests: keypair and keyver. 2011-02-01 18:53:48 +00:00
Dr. Stephen Henson
89f63d06f8 Support more DSA2 tests. 2011-02-01 17:54:23 +00:00
Dr. Stephen Henson
2ecc150530 Tolerate mixed case and leading zeroes when comparing. 2011-02-01 17:15:53 +00:00
Dr. Stephen Henson
7f64c26588 Since FIPS 186-3 specifies we use the leftmost bits of the digest
we shouldn't reject digest lengths larger than SHA256: the FIPS
algorithm tests include SHA384 and SHA512 tests.
2011-02-01 12:52:01 +00:00
Dr. Stephen Henson
3dd9b31dc4 Provisional, experimental support for DSA2 parameter generation algorithm.
Not properly integrated or tested yet.
2011-01-31 19:44:09 +00:00
Dr. Stephen Henson
7edfe67456 Move all FIPSAPI renames into fips.h header file, include early in
crypto.h if needed.

Modify source tree to handle change.
2011-01-27 19:10:56 +00:00
Dr. Stephen Henson
d8ad2e6112 add .cvsignore 2011-01-27 18:11:36 +00:00
Dr. Stephen Henson
1097bde192 add FIPS API malloc/free 2011-01-27 18:09:05 +00:00
Dr. Stephen Henson
7cc684f4f7 Redirect FIPS memory allocation to FIPS_malloc() routine, remove
OpenSSL malloc dependencies.
2011-01-27 17:23:43 +00:00
Dr. Stephen Henson
e36d6b8f79 add fips_dsatest.c file 2011-01-27 16:52:49 +00:00
Dr. Stephen Henson
aa87945f47 Update source files to handle new FIPS_lock() location. Add FIPS_lock()
definition. Remove stale function references from fips.h
2011-01-27 15:57:31 +00:00
Dr. Stephen Henson
7c8ced94c3 Change OPENSSL_FIPSEVP to OPENSSL_FIPSAPI as it doesn't just refer
to EVP any more.

Move locking #define into fips.h.

Set FIPS locking callbacks at same time as OpenSSL locking callbacks.
2011-01-27 15:22:26 +00:00
Dr. Stephen Henson
6ff9c48811 New FIPS_lock() function for minimal FIPS locking API: to avoid dependencies
on OpenSSL locking code. Use API in some internal FIPS files.

Remove redundant ENGINE defines from fips.h
2011-01-27 14:29:48 +00:00
Dr. Stephen Henson
c11845a4ab add fips_premain.c.sha1 2011-01-26 01:15:54 +00:00
Dr. Stephen Henson
ec3657f81f add fips_sha1_selftest.c 2011-01-26 01:11:12 +00:00
Dr. Stephen Henson
d69c6653ef add fips/sha files 2011-01-26 01:09:52 +00:00
Dr. Stephen Henson
aaff7a0464 add fips/aes/Makefile 2011-01-26 01:05:48 +00:00
Dr. Stephen Henson
1d44454d6d add fips/des/Makefile 2011-01-26 01:04:53 +00:00
Dr. Stephen Henson
5d3bfb9066 add fips/Makefile 2011-01-26 01:03:54 +00:00
Dr. Stephen Henson
aeb8996c38 add some missing fips files 2011-01-26 00:58:09 +00:00
Dr. Stephen Henson
2b4b28dc32 And so it begins... again.
Initial FIPS 140-2 code ported to HEAD. Doesn't even compile yet, may have
missing files, extraneous files and other nastiness.

In other words: it's experimental ATM, OK?
2011-01-26 00:56:19 +00:00