wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
10093 commits 20 branches 302 tags 153 MiB
Commit graph

160 commits

Author SHA1 Message Date
Dr. Stephen Henson
8a2024ea59 Handle multiple CPUID_OBJ correctly. 2011-05-01 19:06:39 +00:00
Dr. Stephen Henson
42c7c6764e Rename some more symbols. 2011-05-01 17:51:40 +00:00
Dr. Stephen Henson
bd4b0137fc For FIPS algorithm test utilities use our own version of strcasecmp and 
strncasecmp to cover cases where platforms don't support them.
 2011-05-01 16:18:52 +00:00
Dr. Stephen Henson
2f6efd6acb Some changes to support VxWorks in the validted module. 2011-05-01 15:36:54 +00:00
Dr. Stephen Henson
ee872e99f7 Update symbol translation table. 2011-05-01 14:33:59 +00:00
Dr. Stephen Henson
c4d162873f Don't assume version of rm supports -rf: use RM instead. 2011-04-28 20:52:21 +00:00
Dr. Stephen Henson
1eb8939695 Stop warnings about undefined _exit on Android. 
Additional script output options to fipsalgtest.pl
 2011-04-28 12:20:12 +00:00
Dr. Stephen Henson
7979626995 Recognise invalid enable/disable options. 
Option to shut up bogus warnings.
 2011-04-24 12:13:32 +00:00
Dr. Stephen Henson
e0d1a2f80a Always return multiple of block length bytes from default DRBG seed 
callback.

Handle case where no multiple of the block size is in the interval
[min_len, max_len].
 2011-04-23 20:05:19 +00:00
Dr. Stephen Henson
cac4fb58e0 Add PRNG security strength checking. 2011-04-23 19:55:55 +00:00
Dr. Stephen Henson
74fac927b0 Return errors instead of aborting when selftest fails. 2011-04-22 11:12:56 +00:00
Dr. Stephen Henson
da9ead8db2 Add XTS test vector support to fipsalgtest.pl 2011-04-22 01:05:53 +00:00
Dr. Stephen Henson
bef5013961 Rewrite OutputValue to avoid use of buffer when printing out hex values. 
Delete unused functions from fips_utl.h.

Increase xts line buffer.
 2011-04-22 00:41:35 +00:00
Dr. Stephen Henson
b8b6a13a56 Add continuous RNG test to entropy source. Entropy callbacks now need 
to specify a "block length".
 2011-04-21 14:17:15 +00:00
Dr. Stephen Henson
7608978861 Update DRBG to use new POST scheme. 2011-04-20 18:05:05 +00:00
Dr. Stephen Henson
14264b19de Add periodic DRBG health checks as required by SP800-90. 2011-04-20 17:06:38 +00:00
Dr. Stephen Henson
8da18ea1a5 Add partial GCM tests to fipsalgtest.pl 2011-04-20 15:06:44 +00:00
Dr. Stephen Henson
7aaa88e55c Add partial DH and ECDH primitives only testing to fipsalgtest.pl 2011-04-20 14:33:39 +00:00
Dr. Stephen Henson
84c7a8f7dc Warn if lines are truncated in algorithm test utilities. 
Support for new test files: DRBG and CCM.
 2011-04-20 13:20:31 +00:00
Dr. Stephen Henson
cb1b3aa151 Add AES CCM selftest. 2011-04-19 18:57:58 +00:00
Dr. Stephen Henson
b5dd178740 Fix EVP CCM decrypt. Add decrypt support to algorithm test program. 2011-04-18 22:48:40 +00:00
Dr. Stephen Henson
b3a45e7db5 CCM encrypt algorithm test support. 2011-04-18 16:31:11 +00:00
Dr. Stephen Henson
ca8630ba81 Remove shlib_wrap.sh as it is not needed (all algorithm tests are 
staticly linked to fipscanister.o). Add option to generate a shell
script to run all tests: this is useful for platforms that don't have
perl.
 2011-04-17 15:39:47 +00:00
Dr. Stephen Henson
764ef43962 Remove PSS salt length detection hack from fipslagtest.pl by allowing a regexp 
search of the file to determine its type. This will be needed for other tests
later...
 2011-04-16 23:54:19 +00:00
Dr. Stephen Henson
75707a324f Add "post" option to fips_test_suite to run the POST only and exit. 2011-04-15 20:09:34 +00:00
Dr. Stephen Henson
bf8131f79f Add XTS selftest, include in fips_test_suite. 2011-04-15 11:30:19 +00:00
Dr. Stephen Henson
06b7e5a0e4 Add algorithm driver for XTS mode. Fix several bugs in EVP XTS implementation. 2011-04-15 02:49:30 +00:00
Dr. Stephen Henson
706735aea3 Add new POST support to X9.31 PRNG. 2011-04-14 18:29:49 +00:00
Dr. Stephen Henson
8f331999f5 Report each cipher used with CMAC tests. 
Only add one error to error queue if a specific test type fails.
 2011-04-14 16:38:20 +00:00
Dr. Stephen Henson
9338f290d1 Revise fips_test_suite to use table of IDs for human readable strings. 
Modify HMAC selftest callbacks to notify each digest type used.
 2011-04-14 16:14:41 +00:00
Dr. Stephen Henson
8038511c27 Update CMAC, HMAC, GCM to use new POST system. 
Fix crash if callback not set.
 2011-04-14 13:10:00 +00:00
Dr. Stephen Henson
a6311f856b Remove several of the old obsolete FIPS_corrupt_*() functions. 2011-04-14 11:30:51 +00:00
Dr. Stephen Henson
ac892b7aa6 Initial incomplete POST overhaul: add support for POST callback to 
allow status of POST to be monitored and/or failures induced.
 2011-04-14 11:15:10 +00:00
Dr. Stephen Henson
114c8e220b Use consistent FIPS tarball name. 
Add XTS to FIPS build.

Hide XTS symbol names.
 2011-04-12 23:59:05 +00:00
Dr. Stephen Henson
4bd1e895fa Update fips_pkey_signature_test: use fixed string if supplies tbs is 
NULL. Always allocate signature buffer.

Update ECDSA selftest to use fips_pkey_signature_test. Add copyright notice
to file.
 2011-04-12 17:41:53 +00:00
Dr. Stephen Henson
9b08dbe903 Complete rewrite of FIPS_selftest_dsa(). Use hardcoded 2048 bit DSA key 
and SHA384. Use fips_pkey_signature_test().
 2011-04-12 16:26:52 +00:00
Dr. Stephen Henson
3d607309e6 Update RSA selftest code to use a 2048 bit RSA and only a single KAT 
for PSS+SHA256
 2011-04-12 15:38:34 +00:00
Dr. Stephen Henson
49cb5e0b40 Fix memory leaks: uninstantiate DRBG during health checks. Cleanup md_ctx 
when performing ECDSA selftest.
 2011-04-12 14:28:06 +00:00
Dr. Stephen Henson
e2abfd58cc Stop warning and fix memory leaks. 2011-04-12 13:02:56 +00:00
Dr. Stephen Henson
6223352683 Update ECDSA selftest to use hard coded private keys. Include tests for 
prime and binary fields.
 2011-04-12 11:49:35 +00:00
Dr. Stephen Henson
1a4d93bfb5 Update fips_premain.c fingerprint. 2011-04-12 11:48:00 +00:00
Dr. Stephen Henson
63c82f8abb Update copyright year. 
Zero ciphertext and plaintext temporary buffers.

Check FIPS_cipher() return value.
 2011-04-11 21:32:51 +00:00
Dr. Stephen Henson
6909dccc32 Set length to 41 (40 hex characters + null). 2011-04-11 14:50:11 +00:00
Dr. Stephen Henson
ac319dd82b Typo: fix duplicate call. 2011-04-10 23:32:19 +00:00
Dr. Stephen Henson
55e328f580 Add error for health check failure. 
Rebuild all FIPS error codes to clean out old obsolete codes.
 2011-04-09 17:46:31 +00:00
Dr. Stephen Henson
f3823ddfcf Before initalising a live DRBG (i.e. not in test mode) run a complete health 
check on a DRBG of the same type.
 2011-04-09 17:27:07 +00:00
Dr. Stephen Henson
68ea88b8d1 New function to return security strength of PRNG. 2011-04-09 16:49:59 +00:00
Dr. Stephen Henson
6653c6f2e8 Update OpenSSL DRBG support code. Use date time vector as additional data. 
Set FIPS RAND_METHOD at same time as OpenSSL RAND_METHOD.
 2011-04-06 23:40:22 +00:00
Dr. Stephen Henson
42bd0a6b3c Update fipssyms.h to keep all symbols in FIPS,fips namespace. 
Rename drbg_cprng_test to fips_drbg_cprng_test.

Remove rand files from Makefile.fips.
 2011-04-05 15:48:05 +00:00
Dr. Stephen Henson
05e24c87dd Extensive reorganisation of PRNG handling in FIPS module: all calls 
now use an internal RAND_METHOD. All dependencies to OpenSSL standard
PRNG are now removed: it is the applications resposibility to setup
the FIPS PRNG and initalise it.

Initial OpenSSL RAND_init_fips() function that will setup the DRBG
for the "FIPS capable OpenSSL".
 2011-04-05 15:24:10 +00:00