openssl

Author	SHA1	Message	Date
Dr. Stephen Henson	5904882eaa	Typo.	2011-03-18 18:17:55 +00:00
Dr. Stephen Henson	1e803100de	Implement continuous RNG test for SP800-90 DRBGs.	2011-03-17 18:53:33 +00:00
Dr. Stephen Henson	96ec46f7c0	Implement health checks needed by SP800-90. Fix warnings. Instantiate DRBGs at maximum strength.	2011-03-17 16:55:24 +00:00
Dr. Stephen Henson	fbbabb646c	Add extensive DRBG selftest data and option to corrupt it in fips_test_suite.	2011-03-16 15:52:12 +00:00
Dr. Stephen Henson	1b76fac5ae	Check requested security strength in DRBG. Add function to retrieve the security strength.	2011-03-11 17:42:11 +00:00
Dr. Stephen Henson	1acc24a8ba	Make no-ec2m work again.	2011-03-10 01:00:30 +00:00
Dr. Stephen Henson	f52e552a93	Add a few more symbol renames.	2011-03-09 23:53:41 +00:00
Dr. Stephen Henson	8857b380e2	Add ECDH to validated module.	2011-03-09 23:44:06 +00:00
Dr. Stephen Henson	a6de7133bb	Enter FIPS mode in fips_dhvs. Support file I/O in fips_ecdsavs.	2011-03-09 14:55:10 +00:00
Dr. Stephen Henson	0fa714a4f0	Update fips_dhvs to handle functional test by generating keys.	2011-03-09 14:39:54 +00:00
Dr. Stephen Henson	0392f94fbc	Typo.	2011-03-08 21:29:07 +00:00
Dr. Stephen Henson	11e80de3ee	New initial DH algorithm test driver.	2011-03-08 19:10:17 +00:00
Dr. Stephen Henson	a1e7883edb	Add meaningful error codes to DRBG.	2011-03-08 14:16:30 +00:00
Dr. Stephen Henson	dd0d2df562	Add file I/O to fips_drbgvs program.	2011-03-08 13:51:34 +00:00
Dr. Stephen Henson	ce57f0d5c2	Support I/O with files in new fips_gcmtest program.	2011-03-08 13:42:21 +00:00
Dr. Stephen Henson	c34a652e1e	Remove redirection from fipsalgtest.pl script.	2011-03-08 13:29:46 +00:00
Dr. Stephen Henson	12b77cbec3	Remove need for redirection on RNG and DSS algorithm test programs: some platforms don't support it.	2011-03-08 13:27:29 +00:00
Dr. Stephen Henson	e45c6c4e25	Uninstantiate and free functions for DRBG.	2011-03-07 16:51:17 +00:00
Dr. Stephen Henson	ff4a19a471	Fix couple of bugs in CTR DRBG implementation.	2011-03-06 13:10:37 +00:00
Dr. Stephen Henson	868f12988c	Updates to DRBG: fix bugs in infrastructure. Add initial experimental algorithm test generator.	2011-03-06 12:35:09 +00:00
Dr. Stephen Henson	591cbfae3c	Initial, provisional, subject to wholesale change, untested, probably not working, incomplete and unused SP800-90 DRBGs for CTR and Hash modes. Did I say this was untested?	2011-03-04 18:00:21 +00:00
Dr. Stephen Henson	949c6f8ccf	Stop warnings.	2011-02-23 16:06:33 +00:00
Dr. Stephen Henson	30ff3278ae	Add DllMain to fips symbols: will need to call this in FIPS capable OpenSSL.	2011-02-23 15:16:12 +00:00
Dr. Stephen Henson	071eb6b592	Add new symbols to fipssyms.h	2011-02-23 15:04:06 +00:00
Dr. Stephen Henson	b7056b6414	Update dependencies.	2011-02-21 17:51:59 +00:00
Dr. Stephen Henson	37eae9909a	Remove unnecessary dependencies.	2011-02-21 17:35:53 +00:00
Dr. Stephen Henson	3deb010dc0	x509v3.h header file not needed in fips algorithm test utilities.	2011-02-21 16:36:47 +00:00
Dr. Stephen Henson	947ff113d2	add ECDSA POST	2011-02-18 17:25:00 +00:00
Dr. Stephen Henson	acf254f86e	AES GCM selftests.	2011-02-18 17:09:33 +00:00
Dr. Stephen Henson	d47691ecfe	Correct fipssyms.h for more assembly language symbols.	2011-02-17 17:45:09 +00:00
Dr. Stephen Henson	01ad8195aa	Remove debugging command. Reorder fipssyms.h to include assembly language symbols at the end.	2011-02-17 15:33:32 +00:00
Dr. Stephen Henson	017bc57bf9	Experimental FIPS symbol renaming. Fixups under fips/ to make symbol renaming work.	2011-02-16 14:49:50 +00:00
Dr. Stephen Henson	0fbf8f447b	Add pairwise consistency test to EC.	2011-02-15 16:58:28 +00:00
Dr. Stephen Henson	c81f8f59be	Use SHA-256 in fips_test_suite.	2011-02-15 16:58:06 +00:00
Dr. Stephen Henson	225a9e296b	Update pairwise consistency checks to use SHA-256.	2011-02-15 16:18:18 +00:00
Dr. Stephen Henson	25c6542944	Add non-FIPS algorithm blocking and selftest checking.	2011-02-15 16:03:47 +00:00
Dr. Stephen Henson	fe082202c0	Ignore final '\n' when checking if hex line length is odd.	2011-02-15 15:56:13 +00:00
Dr. Stephen Henson	fbc164ec2f	Add support for SigGen and KeyPair tests.	2011-02-15 14:16:57 +00:00
Dr. Stephen Henson	943a0ceed0	Update ECDSA test program to handle ECDSA2 format files. Correctly handle hex strings with an odd number of digits.	2011-02-14 19:42:49 +00:00
Dr. Stephen Henson	5d2f1538a0	Add .cvsignore.	2011-02-14 17:28:28 +00:00
Dr. Stephen Henson	fe26d066ff	Add ECDSA functionality to fips module. Initial very incomplete version of algorithm test program.	2011-02-14 17:14:55 +00:00
Dr. Stephen Henson	c876a4b7b1	Include support for an add_lock callback to tiny FIPS locking API.	2011-02-14 17:05:42 +00:00
Dr. Stephen Henson	e990b4f838	Remove dependency of dsa_sign.o and dsa_vrf.o: new functions FIPS_dsa_sig_new and FIPS_dsa_sig_free, reimplment DSA_SIG_new and DSA_SIG_free from ASN1 library.	2011-02-13 18:45:41 +00:00
Dr. Stephen Henson	e47af46cd8	Change FIPS source and utilities to use the "FIPS_" names directly instead of using regular OpenSSL API names.	2011-02-12 18:25:18 +00:00
Dr. Stephen Henson	30b56225cc	New "fispcanisteronly" build option: only build fipscanister.o and associated utilities. This functionality will be used by the validated tarball.	2011-02-11 19:02:34 +00:00
Dr. Stephen Henson	a4113c52b2	Disable FIPS restrictions when doing GCM testing.	2011-02-10 01:46:25 +00:00
Dr. Stephen Henson	b3d8022edd	Add GCM IV generator. Add some FIPS restrictions to GCM. Update fips_gcmtest.	2011-02-09 16:21:43 +00:00
Dr. Stephen Henson	f4bfe97fc9	Equally experimental encrypt side for fips_gcmtest. Currently this uses IVs in the request file need to update it to generate IVs once we have an IV generator in place.	2011-02-08 19:25:24 +00:00
Dr. Stephen Henson	9afe95099d	Set values to NULL after freeing them.	2011-02-08 18:25:57 +00:00
Dr. Stephen Henson	9dd346c90d	Experimental incomplete AES GCM algorithm test program.	2011-02-08 18:15:59 +00:00
Dr. Stephen Henson	f4001a0d19	Link GCM into FIPS module. Check return value in EVP gcm.	2011-02-08 15:10:42 +00:00
Dr. Stephen Henson	634b66186a	Typo.	2011-02-07 14:36:55 +00:00
Dr. Stephen Henson	7e95116064	Remove unneeded functions, make some functions and variables static.	2011-02-04 17:56:57 +00:00
Dr. Stephen Henson	14ae26f2e4	Transfer error redirection to fips.h, add OPENSSL_FIPSAPI to source files that use it.	2011-02-03 17:00:24 +00:00
Dr. Stephen Henson	c2a459315a	Use single X931 key generation source file for FIPS and non-FIPS builds.	2011-02-03 12:47:56 +00:00
Bodo Möller	2440d8b1db	Fix error codes.	2011-02-03 10:03:23 +00:00
Dr. Stephen Henson	ee9884654b	Cope with new DSA2 file format where some p/q only tests are made.	2011-02-02 17:48:03 +00:00
Dr. Stephen Henson	a5b196a22c	Add sign/verify digest API to handle an explicit digest instead of finalising a context.	2011-02-02 14:21:33 +00:00
Dr. Stephen Henson	b6104f9ad8	Remove DSA parameter generation from DSA selftest. It is unnecessary and can be very slow on embedded platforms. Hard code DSA parameters instead.	2011-02-02 14:20:45 +00:00
Dr. Stephen Henson	96d5997f5b	Don't try to set pmd if it is NULL.	2011-02-01 19:15:12 +00:00
Dr. Stephen Henson	92eb4c551d	Add DSA2 support to final algorithm tests: keypair and keyver.	2011-02-01 18:53:48 +00:00
Dr. Stephen Henson	89f63d06f8	Support more DSA2 tests.	2011-02-01 17:54:23 +00:00
Dr. Stephen Henson	2ecc150530	Tolerate mixed case and leading zeroes when comparing.	2011-02-01 17:15:53 +00:00
Dr. Stephen Henson	7f64c26588	Since FIPS 186-3 specifies we use the leftmost bits of the digest we shouldn't reject digest lengths larger than SHA256: the FIPS algorithm tests include SHA384 and SHA512 tests.	2011-02-01 12:52:01 +00:00
Dr. Stephen Henson	3dd9b31dc4	Provisional, experimental support for DSA2 parameter generation algorithm. Not properly integrated or tested yet.	2011-01-31 19:44:09 +00:00
Dr. Stephen Henson	7edfe67456	Move all FIPSAPI renames into fips.h header file, include early in crypto.h if needed. Modify source tree to handle change.	2011-01-27 19:10:56 +00:00
Dr. Stephen Henson	d8ad2e6112	add .cvsignore	2011-01-27 18:11:36 +00:00
Dr. Stephen Henson	1097bde192	add FIPS API malloc/free	2011-01-27 18:09:05 +00:00
Dr. Stephen Henson	7cc684f4f7	Redirect FIPS memory allocation to FIPS_malloc() routine, remove OpenSSL malloc dependencies.	2011-01-27 17:23:43 +00:00
Dr. Stephen Henson	e36d6b8f79	add fips_dsatest.c file	2011-01-27 16:52:49 +00:00
Dr. Stephen Henson	aa87945f47	Update source files to handle new FIPS_lock() location. Add FIPS_lock() definition. Remove stale function references from fips.h	2011-01-27 15:57:31 +00:00
Dr. Stephen Henson	7c8ced94c3	Change OPENSSL_FIPSEVP to OPENSSL_FIPSAPI as it doesn't just refer to EVP any more. Move locking #define into fips.h. Set FIPS locking callbacks at same time as OpenSSL locking callbacks.	2011-01-27 15:22:26 +00:00
Dr. Stephen Henson	6ff9c48811	New FIPS_lock() function for minimal FIPS locking API: to avoid dependencies on OpenSSL locking code. Use API in some internal FIPS files. Remove redundant ENGINE defines from fips.h	2011-01-27 14:29:48 +00:00
Dr. Stephen Henson	c11845a4ab	add fips_premain.c.sha1	2011-01-26 01:15:54 +00:00
Dr. Stephen Henson	ec3657f81f	add fips_sha1_selftest.c	2011-01-26 01:11:12 +00:00
Dr. Stephen Henson	d69c6653ef	add fips/sha files	2011-01-26 01:09:52 +00:00
Dr. Stephen Henson	aaff7a0464	add fips/aes/Makefile	2011-01-26 01:05:48 +00:00
Dr. Stephen Henson	1d44454d6d	add fips/des/Makefile	2011-01-26 01:04:53 +00:00
Dr. Stephen Henson	5d3bfb9066	add fips/Makefile	2011-01-26 01:03:54 +00:00
Dr. Stephen Henson	aeb8996c38	add some missing fips files	2011-01-26 00:58:09 +00:00
Dr. Stephen Henson	2b4b28dc32	And so it begins... again. Initial FIPS 140-2 code ported to HEAD. Doesn't even compile yet, may have missing files, extraneous files and other nastiness. In other words: it's experimental ATM, OK?	2011-01-26 00:56:19 +00:00

1 2 3 4 5

231 commits