Alan Hryngle
fdea4fff8f
Return smaller of ret and f.
...
PR#3418.
2014-07-05 22:37:41 +01:00
Martin Kaiser
1c4575ebc3
remove duplicate 0x for default RSASSA-PSS salt len
2014-05-29 14:33:32 +01:00
Dr. Stephen Henson
2514fa79ac
Add functions returning security bits.
...
Add functions to return the "bits of security" for various public key
algorithms. Based on SP800-57.
2014-03-28 14:49:04 +00:00
Dr. Stephen Henson
3a98f9cf20
Workaround for some CMS signature formats.
...
Some CMS SignedData structure use a signature algorithm OID such
as SHA1WithRSA instead of the RSA algorithm OID. Workaround this
case by tolerating the signature if we recognise the OID.
2014-03-19 17:28:01 +00:00
Dr. Stephen Henson
4cfeb00be9
make depend
2014-02-19 20:09:08 +00:00
Dr. Stephen Henson
534e5fabad
Check for missing components in RSA_check.
2013-11-09 15:09:23 +00:00
Dr. Stephen Henson
41b920ef01
Return correct enveloped data type in ASN1 methods.
...
For RSA and DSA keys return an appropriate RecipientInfo type. By setting
CMS_RECIPINFO_NONE for DSA keys an appropriate error is returned if
an attempt is made to use DSA with enveloped data.
2013-07-17 21:45:01 +01:00
Dr. Stephen Henson
0574cadf85
CMS RSA-OAEP and RSA-PSS support.
...
Extend RSA ASN1 method to support CMS PSS signatures for both sign
and verify.
For signing the EVP_PKEY_CTX parameters are read and the appropriate
CMS structures set up.
For verification the CMS structures are analysed and the corresponding
parameters in the EVP_PKEY_CTX set.
Also add RSA-OAEP support.
For encrypt the EVP_PKEY_CTX parameters are used.
For decrypt the CMS structure is uses to set the appropriate EVP_PKEY_CTX
parameters.
2013-06-21 23:43:05 +01:00
Dr. Stephen Henson
211a14f627
Update to OAEP support.
...
Add OAEP ctrls to retrieve MD and label. Return errors if
an attempt is made to set or retrieve OAEP parameters when
padding mode is not OAEP.
2013-06-21 21:33:00 +01:00
Dr. Stephen Henson
810639536c
Add control to retrieve signature MD.
2013-06-21 21:33:00 +01:00
Dr. Stephen Henson
271fef0ef3
Exetended OAEP support.
...
Extend OAEP support. Generalise the OAEP padding functions to support
arbitrary digests. Extend EVP_PKEY RSA method to handle the new OAEP
padding functions and add ctrls to set the additional parameters.
2013-06-12 18:48:17 +01:00
Dr. Stephen Henson
2f58cda4ce
Fix PSS signature printing.
...
Fix PSS signature printing: consistently use 0x prefix for hex values for
padding length and trailer fields.
2013-06-05 15:06:03 +01:00
Dr. Stephen Henson
0ded2a0689
Typo.
2013-03-31 17:42:46 +01:00
Ben Laurie
7c770d572a
Add and use a constant-time memcmp.
...
This change adds CRYPTO_memcmp, which compares two vectors of bytes in
an amount of time that's independent of their contents. It also changes
several MAC compares in the code to use this over the standard memcmp,
which may leak information about the size of a matching prefix.
(cherry picked from commit 2ee798880a
)
2013-02-06 14:16:55 +00:00
Ben Laurie
71fa451343
Version skew reduction: trivia (I hope).
2012-06-03 22:00:21 +00:00
Dr. Stephen Henson
5863163732
Additional compatibility fix for MDC2 signature format.
...
Update RSA EVP_PKEY_METHOD to use the OCTET STRING form of MDC2 signature:
this will make all versions of MDC2 signature equivalent.
2012-02-15 14:27:25 +00:00
Dr. Stephen Henson
83cb7c4635
An incompatibility has always existed between the format used for RSA
...
signatures and MDC2 using EVP or RSA_sign. This has become more apparent
when the dgst utility in OpenSSL 1.0.0 and later switched to using the
EVP_DigestSign functions which call RSA_sign.
This means that the signature format OpenSSL 1.0.0 and later used with
dgst -sign and MDC2 is incompatible with previous versions.
Add detection in RSA_verify so either format works.
Note: MDC2 is disabled by default in OpenSSL and very rarely used in practice.
2012-02-15 14:04:00 +00:00
Dr. Stephen Henson
b333905011
incomplete provisional OAEP CMS decrypt support
2012-01-02 18:25:37 +00:00
Bodo Möller
e5641d7f05
BN_BLINDING multi-threading fix.
...
Submitted by: Emilia Kasper (Google)
2011-10-19 14:59:27 +00:00
Andy Polyakov
03e389cf04
Allow for dynamic base in Win64 FIPS module.
2011-09-14 20:48:49 +00:00
Bodo Möller
ae53b299fa
make update
2011-09-05 09:46:15 +00:00
Dr. Stephen Henson
9945b460e2
Give parameters names in prototypes.
2011-06-17 16:47:41 +00:00
Dr. Stephen Henson
2280dc7c43
Remove FIPS RSA functions from crypto/rsa.
2011-06-02 17:52:39 +00:00
Dr. Stephen Henson
c2fd598994
Rename FIPS_mode_set and FIPS_mode. Theses symbols will be defined in
...
the FIPS capable OpenSSL.
2011-05-11 14:43:38 +00:00
Dr. Stephen Henson
dc03504d09
Make sure overrides work for RSA/DSA.
2011-04-23 21:15:05 +00:00
Dr. Stephen Henson
cac4fb58e0
Add PRNG security strength checking.
2011-04-23 19:55:55 +00:00
Dr. Stephen Henson
74fac927b0
Return errors instead of aborting when selftest fails.
2011-04-22 11:12:56 +00:00
Dr. Stephen Henson
8c7096835b
Use 0 for tbslen to perform strlen.
2011-04-19 11:10:54 +00:00
Dr. Stephen Henson
a6311f856b
Remove several of the old obsolete FIPS_corrupt_*() functions.
2011-04-14 11:30:51 +00:00
Dr. Stephen Henson
ac892b7aa6
Initial incomplete POST overhaul: add support for POST callback to
...
allow status of POST to be monitored and/or failures induced.
2011-04-14 11:15:10 +00:00
Richard Levitte
c6dbe90895
make update
2011-03-24 22:59:02 +00:00
Ben Laurie
edc032b5e3
Add SRP support.
2011-03-12 17:01:19 +00:00
Dr. Stephen Henson
b7056b6414
Update dependencies.
2011-02-21 17:51:59 +00:00
Dr. Stephen Henson
37eae9909a
Remove unnecessary dependencies.
2011-02-21 17:35:53 +00:00
Dr. Stephen Henson
225a9e296b
Update pairwise consistency checks to use SHA-256.
2011-02-15 16:18:18 +00:00
Dr. Stephen Henson
14ae26f2e4
Transfer error redirection to fips.h, add OPENSSL_FIPSAPI to source files
...
that use it.
2011-02-03 17:00:24 +00:00
Dr. Stephen Henson
c2a459315a
Use single X931 key generation source file for FIPS and non-FIPS builds.
2011-02-03 12:47:56 +00:00
Bodo Möller
9d0397e977
make update
2011-02-03 10:17:53 +00:00
Bodo Möller
2440d8b1db
Fix error codes.
2011-02-03 10:03:23 +00:00
Dr. Stephen Henson
a5b196a22c
Add sign/verify digest API to handle an explicit digest instead of finalising
...
a context.
2011-02-02 14:21:33 +00:00
Dr. Stephen Henson
7edfe67456
Move all FIPSAPI renames into fips.h header file, include early in
...
crypto.h if needed.
Modify source tree to handle change.
2011-01-27 19:10:56 +00:00
Dr. Stephen Henson
7cc684f4f7
Redirect FIPS memory allocation to FIPS_malloc() routine, remove
...
OpenSSL malloc dependencies.
2011-01-27 17:23:43 +00:00
Dr. Stephen Henson
7c8ced94c3
Change OPENSSL_FIPSEVP to OPENSSL_FIPSAPI as it doesn't just refer
...
to EVP any more.
Move locking #define into fips.h.
Set FIPS locking callbacks at same time as OpenSSL locking callbacks.
2011-01-27 15:22:26 +00:00
Dr. Stephen Henson
a27de7b7fd
use FIPSEVP in some bn and rsa files
2011-01-27 14:24:42 +00:00
Dr. Stephen Henson
c553721e8b
FIPS mode RSA changes:
...
Check for selftest failures.
Pairwise consistency test for RSA key generation.
Use some EVP macros instead of EVP functions.
Use minimal FIPS EVP where needed.
2011-01-26 15:37:41 +00:00
Dr. Stephen Henson
72a267331a
Move RSA encryption functions to new file crypto/rsa/rsa_crpt.c to separate
...
crypto and ENGINE dependencies in RSA library.
2011-01-25 17:35:10 +00:00
Dr. Stephen Henson
776654adff
PR: 2295
...
Submitted by: Alexei Khlebnikov <alexei.khlebnikov@opera.com>
Reviewed by: steve
OOM checking. Leak in OOM fix. Fall-through comment. Duplicate code
elimination.
2010-10-11 23:49:22 +00:00
Dr. Stephen Henson
8ec3fa0597
fix signature printing routines
2010-10-04 13:58:41 +00:00
Dr. Stephen Henson
0b789adc67
PR: 2315
...
Use consistent calculation for PSS salt length.
2010-08-10 13:01:49 +00:00
Dr. Stephen Henson
3cbb15ee81
add CVE-2010-0742 and CVS-2010-1633 fixes
2010-06-01 14:39:01 +00:00