Dr. Stephen Henson
|
868f12988c
|
Updates to DRBG: fix bugs in infrastructure. Add initial experimental
algorithm test generator.
|
2011-03-06 12:35:09 +00:00 |
|
Dr. Stephen Henson
|
591cbfae3c
|
Initial, provisional, subject to wholesale change, untested, probably
not working, incomplete and unused SP800-90 DRBGs for CTR and Hash modes.
Did I say this was untested?
|
2011-03-04 18:00:21 +00:00 |
|
Dr. Stephen Henson
|
949c6f8ccf
|
Stop warnings.
|
2011-02-23 16:06:33 +00:00 |
|
Dr. Stephen Henson
|
30ff3278ae
|
Add DllMain to fips symbols: will need to call this in FIPS capable OpenSSL.
|
2011-02-23 15:16:12 +00:00 |
|
Dr. Stephen Henson
|
071eb6b592
|
Add new symbols to fipssyms.h
|
2011-02-23 15:04:06 +00:00 |
|
Dr. Stephen Henson
|
b7056b6414
|
Update dependencies.
|
2011-02-21 17:51:59 +00:00 |
|
Dr. Stephen Henson
|
37eae9909a
|
Remove unnecessary dependencies.
|
2011-02-21 17:35:53 +00:00 |
|
Dr. Stephen Henson
|
3deb010dc0
|
x509v3.h header file not needed in fips algorithm test utilities.
|
2011-02-21 16:36:47 +00:00 |
|
Dr. Stephen Henson
|
947ff113d2
|
add ECDSA POST
|
2011-02-18 17:25:00 +00:00 |
|
Dr. Stephen Henson
|
acf254f86e
|
AES GCM selftests.
|
2011-02-18 17:09:33 +00:00 |
|
Dr. Stephen Henson
|
d47691ecfe
|
Correct fipssyms.h for more assembly language symbols.
|
2011-02-17 17:45:09 +00:00 |
|
Dr. Stephen Henson
|
01ad8195aa
|
Remove debugging command.
Reorder fipssyms.h to include assembly language symbols at the end.
|
2011-02-17 15:33:32 +00:00 |
|
Dr. Stephen Henson
|
017bc57bf9
|
Experimental FIPS symbol renaming.
Fixups under fips/ to make symbol renaming work.
|
2011-02-16 14:49:50 +00:00 |
|
Dr. Stephen Henson
|
0fbf8f447b
|
Add pairwise consistency test to EC.
|
2011-02-15 16:58:28 +00:00 |
|
Dr. Stephen Henson
|
c81f8f59be
|
Use SHA-256 in fips_test_suite.
|
2011-02-15 16:58:06 +00:00 |
|
Dr. Stephen Henson
|
225a9e296b
|
Update pairwise consistency checks to use SHA-256.
|
2011-02-15 16:18:18 +00:00 |
|
Dr. Stephen Henson
|
25c6542944
|
Add non-FIPS algorithm blocking and selftest checking.
|
2011-02-15 16:03:47 +00:00 |
|
Dr. Stephen Henson
|
fe082202c0
|
Ignore final '\n' when checking if hex line length is odd.
|
2011-02-15 15:56:13 +00:00 |
|
Dr. Stephen Henson
|
fbc164ec2f
|
Add support for SigGen and KeyPair tests.
|
2011-02-15 14:16:57 +00:00 |
|
Dr. Stephen Henson
|
943a0ceed0
|
Update ECDSA test program to handle ECDSA2 format files.
Correctly handle hex strings with an odd number of digits.
|
2011-02-14 19:42:49 +00:00 |
|
Dr. Stephen Henson
|
5d2f1538a0
|
Add .cvsignore.
|
2011-02-14 17:28:28 +00:00 |
|
Dr. Stephen Henson
|
fe26d066ff
|
Add ECDSA functionality to fips module. Initial very incomplete version
of algorithm test program.
|
2011-02-14 17:14:55 +00:00 |
|
Dr. Stephen Henson
|
c876a4b7b1
|
Include support for an add_lock callback to tiny FIPS locking API.
|
2011-02-14 17:05:42 +00:00 |
|
Dr. Stephen Henson
|
e990b4f838
|
Remove dependency of dsa_sign.o and dsa_vrf.o: new functions FIPS_dsa_sig_new
and FIPS_dsa_sig_free, reimplment DSA_SIG_new and DSA_SIG_free from ASN1
library.
|
2011-02-13 18:45:41 +00:00 |
|
Dr. Stephen Henson
|
e47af46cd8
|
Change FIPS source and utilities to use the "FIPS_" names directly
instead of using regular OpenSSL API names.
|
2011-02-12 18:25:18 +00:00 |
|
Dr. Stephen Henson
|
30b56225cc
|
New "fispcanisteronly" build option: only build fipscanister.o and
associated utilities. This functionality will be used by the validated
tarball.
|
2011-02-11 19:02:34 +00:00 |
|
Dr. Stephen Henson
|
a4113c52b2
|
Disable FIPS restrictions when doing GCM testing.
|
2011-02-10 01:46:25 +00:00 |
|
Dr. Stephen Henson
|
b3d8022edd
|
Add GCM IV generator. Add some FIPS restrictions to GCM. Update fips_gcmtest.
|
2011-02-09 16:21:43 +00:00 |
|
Dr. Stephen Henson
|
f4bfe97fc9
|
Equally experimental encrypt side for fips_gcmtest. Currently this uses IVs
in the request file need to update it to generate IVs once we have an IV
generator in place.
|
2011-02-08 19:25:24 +00:00 |
|
Dr. Stephen Henson
|
9afe95099d
|
Set values to NULL after freeing them.
|
2011-02-08 18:25:57 +00:00 |
|
Dr. Stephen Henson
|
9dd346c90d
|
Experimental incomplete AES GCM algorithm test program.
|
2011-02-08 18:15:59 +00:00 |
|
Dr. Stephen Henson
|
f4001a0d19
|
Link GCM into FIPS module. Check return value in EVP gcm.
|
2011-02-08 15:10:42 +00:00 |
|
Dr. Stephen Henson
|
634b66186a
|
Typo.
|
2011-02-07 14:36:55 +00:00 |
|
Dr. Stephen Henson
|
7e95116064
|
Remove unneeded functions, make some functions and variables static.
|
2011-02-04 17:56:57 +00:00 |
|
Dr. Stephen Henson
|
14ae26f2e4
|
Transfer error redirection to fips.h, add OPENSSL_FIPSAPI to source files
that use it.
|
2011-02-03 17:00:24 +00:00 |
|
Dr. Stephen Henson
|
c2a459315a
|
Use single X931 key generation source file for FIPS and non-FIPS builds.
|
2011-02-03 12:47:56 +00:00 |
|
Bodo Möller
|
2440d8b1db
|
Fix error codes.
|
2011-02-03 10:03:23 +00:00 |
|
Dr. Stephen Henson
|
ee9884654b
|
Cope with new DSA2 file format where some p/q only tests are made.
|
2011-02-02 17:48:03 +00:00 |
|
Dr. Stephen Henson
|
a5b196a22c
|
Add sign/verify digest API to handle an explicit digest instead of finalising
a context.
|
2011-02-02 14:21:33 +00:00 |
|
Dr. Stephen Henson
|
b6104f9ad8
|
Remove DSA parameter generation from DSA selftest. It is unnecessary and
can be very slow on embedded platforms. Hard code DSA parameters instead.
|
2011-02-02 14:20:45 +00:00 |
|
Dr. Stephen Henson
|
96d5997f5b
|
Don't try to set pmd if it is NULL.
|
2011-02-01 19:15:12 +00:00 |
|
Dr. Stephen Henson
|
92eb4c551d
|
Add DSA2 support to final algorithm tests: keypair and keyver.
|
2011-02-01 18:53:48 +00:00 |
|
Dr. Stephen Henson
|
89f63d06f8
|
Support more DSA2 tests.
|
2011-02-01 17:54:23 +00:00 |
|
Dr. Stephen Henson
|
2ecc150530
|
Tolerate mixed case and leading zeroes when comparing.
|
2011-02-01 17:15:53 +00:00 |
|
Dr. Stephen Henson
|
7f64c26588
|
Since FIPS 186-3 specifies we use the leftmost bits of the digest
we shouldn't reject digest lengths larger than SHA256: the FIPS
algorithm tests include SHA384 and SHA512 tests.
|
2011-02-01 12:52:01 +00:00 |
|
Dr. Stephen Henson
|
3dd9b31dc4
|
Provisional, experimental support for DSA2 parameter generation algorithm.
Not properly integrated or tested yet.
|
2011-01-31 19:44:09 +00:00 |
|
Dr. Stephen Henson
|
7edfe67456
|
Move all FIPSAPI renames into fips.h header file, include early in
crypto.h if needed.
Modify source tree to handle change.
|
2011-01-27 19:10:56 +00:00 |
|
Dr. Stephen Henson
|
d8ad2e6112
|
add .cvsignore
|
2011-01-27 18:11:36 +00:00 |
|
Dr. Stephen Henson
|
1097bde192
|
add FIPS API malloc/free
|
2011-01-27 18:09:05 +00:00 |
|
Dr. Stephen Henson
|
7cc684f4f7
|
Redirect FIPS memory allocation to FIPS_malloc() routine, remove
OpenSSL malloc dependencies.
|
2011-01-27 17:23:43 +00:00 |
|