Dr. Stephen Henson
|
b3a45e7db5
|
CCM encrypt algorithm test support.
|
2011-04-18 16:31:11 +00:00 |
|
Dr. Stephen Henson
|
2391681082
|
Initial untested CCM support via EVP.
|
2011-04-18 14:25:11 +00:00 |
|
Dr. Stephen Henson
|
6386b1b34d
|
Compile ccm128.c, move some structures to modes_lcl.h add prototypes.
|
2011-04-18 13:15:37 +00:00 |
|
Dr. Stephen Henson
|
3b4a855778
|
Don't need separate tag buffer for GCM mode: use EVP_CIPHER_CTX buf
field which is not unused for custom ciphers.
|
2011-04-18 11:28:41 +00:00 |
|
Dr. Stephen Henson
|
ca8630ba81
|
Remove shlib_wrap.sh as it is not needed (all algorithm tests are
staticly linked to fipscanister.o). Add option to generate a shell
script to run all tests: this is useful for platforms that don't have
perl.
|
2011-04-17 15:39:47 +00:00 |
|
Andy Polyakov
|
5fabb88a78
|
Multiple assembler packs: add experimental memory bus instrumentation.
|
2011-04-17 12:46:00 +00:00 |
|
Dr. Stephen Henson
|
764ef43962
|
Remove PSS salt length detection hack from fipslagtest.pl by allowing a regexp
search of the file to determine its type. This will be needed for other tests
later...
|
2011-04-16 23:54:19 +00:00 |
|
Andy Polyakov
|
7e5b4d6779
|
ccm128.c: minor optimization and bugfix in CRYPTO_ccm128_[en|de]crypt.
|
2011-04-16 22:57:58 +00:00 |
|
Dr. Stephen Henson
|
75707a324f
|
Add "post" option to fips_test_suite to run the POST only and exit.
|
2011-04-15 20:09:34 +00:00 |
|
Dr. Stephen Henson
|
45321c41e2
|
Add length limitation from SP800-38E.
|
2011-04-15 12:01:53 +00:00 |
|
Dr. Stephen Henson
|
bf8131f79f
|
Add XTS selftest, include in fips_test_suite.
|
2011-04-15 11:30:19 +00:00 |
|
Dr. Stephen Henson
|
06b7e5a0e4
|
Add algorithm driver for XTS mode. Fix several bugs in EVP XTS implementation.
|
2011-04-15 02:49:30 +00:00 |
|
Dr. Stephen Henson
|
706735aea3
|
Add new POST support to X9.31 PRNG.
|
2011-04-14 18:29:49 +00:00 |
|
Dr. Stephen Henson
|
8f331999f5
|
Report each cipher used with CMAC tests.
Only add one error to error queue if a specific test type fails.
|
2011-04-14 16:38:20 +00:00 |
|
Dr. Stephen Henson
|
9338f290d1
|
Revise fips_test_suite to use table of IDs for human readable strings.
Modify HMAC selftest callbacks to notify each digest type used.
|
2011-04-14 16:14:41 +00:00 |
|
Dr. Stephen Henson
|
8038511c27
|
Update CMAC, HMAC, GCM to use new POST system.
Fix crash if callback not set.
|
2011-04-14 13:10:00 +00:00 |
|
Dr. Stephen Henson
|
a6311f856b
|
Remove several of the old obsolete FIPS_corrupt_*() functions.
|
2011-04-14 11:30:51 +00:00 |
|
Dr. Stephen Henson
|
ac892b7aa6
|
Initial incomplete POST overhaul: add support for POST callback to
allow status of POST to be monitored and/or failures induced.
|
2011-04-14 11:15:10 +00:00 |
|
Dr. Stephen Henson
|
77394d7e8f
|
Remove duplicate flag.
|
2011-04-13 00:11:53 +00:00 |
|
Dr. Stephen Henson
|
114c8e220b
|
Use consistent FIPS tarball name.
Add XTS to FIPS build.
Hide XTS symbol names.
|
2011-04-12 23:59:05 +00:00 |
|
Dr. Stephen Henson
|
32a2d8ddfe
|
Provisional AES XTS support.
|
2011-04-12 23:21:33 +00:00 |
|
Dr. Stephen Henson
|
4bd1e895fa
|
Update fips_pkey_signature_test: use fixed string if supplies tbs is
NULL. Always allocate signature buffer.
Update ECDSA selftest to use fips_pkey_signature_test. Add copyright notice
to file.
|
2011-04-12 17:41:53 +00:00 |
|
Dr. Stephen Henson
|
9b08dbe903
|
Complete rewrite of FIPS_selftest_dsa(). Use hardcoded 2048 bit DSA key
and SHA384. Use fips_pkey_signature_test().
|
2011-04-12 16:26:52 +00:00 |
|
Dr. Stephen Henson
|
3d607309e6
|
Update RSA selftest code to use a 2048 bit RSA and only a single KAT
for PSS+SHA256
|
2011-04-12 15:38:34 +00:00 |
|
Dr. Stephen Henson
|
49cb5e0b40
|
Fix memory leaks: uninstantiate DRBG during health checks. Cleanup md_ctx
when performing ECDSA selftest.
|
2011-04-12 14:28:06 +00:00 |
|
Dr. Stephen Henson
|
e2abfd58cc
|
Stop warning and fix memory leaks.
|
2011-04-12 13:02:56 +00:00 |
|
Dr. Stephen Henson
|
364ce53cef
|
No need to disable leak checking for FIPS builds now we use internal
memory callbacks.
|
2011-04-12 13:01:40 +00:00 |
|
Dr. Stephen Henson
|
6223352683
|
Update ECDSA selftest to use hard coded private keys. Include tests for
prime and binary fields.
|
2011-04-12 11:49:35 +00:00 |
|
Dr. Stephen Henson
|
1a4d93bfb5
|
Update fips_premain.c fingerprint.
|
2011-04-12 11:48:00 +00:00 |
|
Dr. Stephen Henson
|
63c82f8abb
|
Update copyright year.
Zero ciphertext and plaintext temporary buffers.
Check FIPS_cipher() return value.
|
2011-04-11 21:32:51 +00:00 |
|
Dr. Stephen Henson
|
4fd7256b77
|
Use correct version number.
|
2011-04-11 14:55:19 +00:00 |
|
Dr. Stephen Henson
|
1ccc003b82
|
Add mem_clr.c explicity for no-asm builds.
|
2011-04-11 14:53:40 +00:00 |
|
Dr. Stephen Henson
|
48da9b8f2a
|
Fix warning.
|
2011-04-11 14:52:59 +00:00 |
|
Dr. Stephen Henson
|
6909dccc32
|
Set length to 41 (40 hex characters + null).
|
2011-04-11 14:50:11 +00:00 |
|
Dr. Stephen Henson
|
b93e331ba4
|
Reorder headers to get definitions before they are used.
|
2011-04-11 14:01:33 +00:00 |
|
Dr. Stephen Henson
|
f9bf6314ea
|
Don't give dependency warning for fips builds.
Give error for "make depend" in restricted tarball builds.
Document how restricted tarballs work.
|
2011-04-11 00:22:42 +00:00 |
|
Dr. Stephen Henson
|
ac319dd82b
|
Typo: fix duplicate call.
|
2011-04-10 23:32:19 +00:00 |
|
Dr. Stephen Henson
|
284e2d2b37
|
fix fipscanisteronly autodetect
|
2011-04-10 23:28:24 +00:00 |
|
Dr. Stephen Henson
|
4582626544
|
Auto detect no-ec2m add option to make no-ec2m tarball.
|
2011-04-10 18:30:13 +00:00 |
|
Dr. Stephen Henson
|
ccc5784e37
|
set OPENSSL_FIPSSYMS for restricted buils and auto detect no-ec2m
|
2011-04-10 17:31:03 +00:00 |
|
Dr. Stephen Henson
|
8742ae6e19
|
Clarify README.FIPS.
|
2011-04-10 16:23:31 +00:00 |
|
Dr. Stephen Henson
|
c105c96bac
|
Auto configure for fips is from restricted tarball.
Remove more unnecessary files form fips tarball.
|
2011-04-10 16:18:19 +00:00 |
|
Dr. Stephen Henson
|
6ceb1e8efb
|
Remove unused build targets from Makefile.fips, add cmac to dist list.
|
2011-04-10 01:14:58 +00:00 |
|
Dr. Stephen Henson
|
1f91af5e56
|
remove ENGINE dependency from ecdh
|
2011-04-10 01:14:25 +00:00 |
|
Dr. Stephen Henson
|
55e328f580
|
Add error for health check failure.
Rebuild all FIPS error codes to clean out old obsolete codes.
|
2011-04-09 17:46:31 +00:00 |
|
Dr. Stephen Henson
|
f3823ddfcf
|
Before initalising a live DRBG (i.e. not in test mode) run a complete health
check on a DRBG of the same type.
|
2011-04-09 17:27:07 +00:00 |
|
Dr. Stephen Henson
|
68ea88b8d1
|
New function to return security strength of PRNG.
|
2011-04-09 16:49:59 +00:00 |
|
Dr. Stephen Henson
|
31360957fb
|
DH keys have an (until now) unused 'q' parameter. When creating
from DSA copy q across and if q present generate DH key in the
correct range.
|
2011-04-07 15:01:48 +00:00 |
|
Dr. Stephen Henson
|
d80399a357
|
Only use fake rand once per operation. This stops the EC
pairwise consistency test interfering with the test.
|
2011-04-06 23:42:55 +00:00 |
|
Dr. Stephen Henson
|
d7a3ce989c
|
Update CHANGES.
|
2011-04-06 23:41:19 +00:00 |
|