wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
10208 commits 20 branches 302 tags 153 MiB
Commit graph

187 commits

Author SHA1 Message Date
Dr. Stephen Henson
f87ff24bc4 Add prototypes for FIPS EVP implementations: for use in FIPS capable 
OpenSSL.
 2011-05-28 21:03:31 +00:00
Dr. Stephen Henson
9a205e5981 Rename many internal only module functions from FIPS_* to fips_*. 2011-05-27 21:11:54 +00:00
Dr. Stephen Henson
eb62cd807b Typo. 2011-05-26 22:01:49 +00:00
Dr. Stephen Henson
64f5178d67 Use FIPSLD_LIBCRYPTO for consistency with other env variables in fipsld. 
Use current directory for fips_premain_dso
 2011-05-26 21:20:14 +00:00
Dr. Stephen Henson
e558c2aa3f In fipsld use FIPSLIBCRYPTO environment variable to specify an alternative 
location for libcrypto.a, support shared library builds in different
source tree.
 2011-05-26 21:15:45 +00:00
Dr. Stephen Henson
ed0a35f222 Install fips_standalone_sha1 and make use of it in fipsld script. 2011-05-26 13:59:11 +00:00
Dr. Stephen Henson
ecfe2d1753 More symbol renaming. 2011-05-25 16:01:37 +00:00
Dr. Stephen Henson
73ab341130 PR: 2522 
Submitted by: Henrik Grindal Bakken <henribak@cisco.com>

Don't compare past end of buffer.
 2011-05-23 12:27:43 +00:00
Dr. Stephen Henson
f76b1baf86 Fix error discrepancy. 2011-05-12 14:28:09 +00:00
Andy Polyakov
f24e95b72c fips_canister.c: pick more neutral macro name. 2011-05-11 20:17:06 +00:00
Dr. Stephen Henson
2f38b38986 Set FIPS mode for values other than 1. The only current effect 
is to return a consistent value. So calling FIPS_module_mode_set(n)
for n != 0 will result in FIPS_module_mode() returning n. This
will support future expansion of more FIPS modes e.g. a Suite B mode.
 2011-05-11 14:49:01 +00:00
Dr. Stephen Henson
c2fd598994 Rename FIPS_mode_set and FIPS_mode. Theses symbols will be defined in 
the FIPS capable OpenSSL.
 2011-05-11 14:43:38 +00:00
Dr. Stephen Henson
7919c07947 Typo. 2011-05-10 10:57:03 +00:00
Andy Polyakov
ab67c517ae fips_canister.c: fix typo. 2011-05-10 10:03:23 +00:00
Andy Polyakov
31b46ebb62 fips_canister.c: initial support for cross-compiling. "Initial" refers 
to the two-entry list of verified platforms in #ifndef
FIPS_REF_POINT_IS_SAFE_TO_CROSS_COMPILE pre-processor section.
 2011-05-10 09:53:59 +00:00
Dr. Stephen Henson
dc7995eeb8 Initialise rc. 2011-05-09 21:21:29 +00:00
Dr. Stephen Henson
ad4784953d Return error codes for selftest failure instead of hard assertion errors. 2011-05-06 17:38:39 +00:00
Dr. Stephen Henson
c184711124 Hide more symbols. 2011-05-05 23:10:32 +00:00
Dr. Stephen Henson
6313d628da Remove superfluous PRNG self tests. 
Print timer resolution.
 2011-05-04 23:17:29 +00:00
Dr. Stephen Henson
d16765919d Fix warning. 2011-05-04 14:34:36 +00:00
Dr. Stephen Henson
a95bbadb57 Include fipssyms.h for ARM builds to translate symbols. 
Translate arm symbol to fips_*.
 2011-05-04 14:16:03 +00:00
Dr. Stephen Henson
e350458a63 Remove useless setting. 2011-05-04 01:09:52 +00:00
Dr. Stephen Henson
9243a86d75 Use faster curves for ECDSA self test. 2011-05-02 12:13:04 +00:00
Dr. Stephen Henson
fc98a4377d Use more portable clock_gettime() for fips_test_suite timing. 
Output times of each subtest.
 2011-05-02 11:09:38 +00:00
Dr. Stephen Henson
fd600c0037 Stop warning in VxWorks. 2011-05-01 20:55:05 +00:00
Dr. Stephen Henson
a32ad6891b Quick hack to time POST. 2011-05-01 20:54:42 +00:00
Dr. Stephen Henson
2325315ba3 Two more symbol renames. 2011-05-01 19:07:16 +00:00
Dr. Stephen Henson
8a2024ea59 Handle multiple CPUID_OBJ correctly. 2011-05-01 19:06:39 +00:00
Dr. Stephen Henson
42c7c6764e Rename some more symbols. 2011-05-01 17:51:40 +00:00
Dr. Stephen Henson
bd4b0137fc For FIPS algorithm test utilities use our own version of strcasecmp and 
strncasecmp to cover cases where platforms don't support them.
 2011-05-01 16:18:52 +00:00
Dr. Stephen Henson
2f6efd6acb Some changes to support VxWorks in the validted module. 2011-05-01 15:36:54 +00:00
Dr. Stephen Henson
ee872e99f7 Update symbol translation table. 2011-05-01 14:33:59 +00:00
Dr. Stephen Henson
c4d162873f Don't assume version of rm supports -rf: use RM instead. 2011-04-28 20:52:21 +00:00
Dr. Stephen Henson
1eb8939695 Stop warnings about undefined _exit on Android. 
Additional script output options to fipsalgtest.pl
 2011-04-28 12:20:12 +00:00
Dr. Stephen Henson
7979626995 Recognise invalid enable/disable options. 
Option to shut up bogus warnings.
 2011-04-24 12:13:32 +00:00
Dr. Stephen Henson
e0d1a2f80a Always return multiple of block length bytes from default DRBG seed 
callback.

Handle case where no multiple of the block size is in the interval
[min_len, max_len].
 2011-04-23 20:05:19 +00:00
Dr. Stephen Henson
cac4fb58e0 Add PRNG security strength checking. 2011-04-23 19:55:55 +00:00
Dr. Stephen Henson
74fac927b0 Return errors instead of aborting when selftest fails. 2011-04-22 11:12:56 +00:00
Dr. Stephen Henson
da9ead8db2 Add XTS test vector support to fipsalgtest.pl 2011-04-22 01:05:53 +00:00
Dr. Stephen Henson
bef5013961 Rewrite OutputValue to avoid use of buffer when printing out hex values. 
Delete unused functions from fips_utl.h.

Increase xts line buffer.
 2011-04-22 00:41:35 +00:00
Dr. Stephen Henson
b8b6a13a56 Add continuous RNG test to entropy source. Entropy callbacks now need 
to specify a "block length".
 2011-04-21 14:17:15 +00:00
Dr. Stephen Henson
7608978861 Update DRBG to use new POST scheme. 2011-04-20 18:05:05 +00:00
Dr. Stephen Henson
14264b19de Add periodic DRBG health checks as required by SP800-90. 2011-04-20 17:06:38 +00:00
Dr. Stephen Henson
8da18ea1a5 Add partial GCM tests to fipsalgtest.pl 2011-04-20 15:06:44 +00:00
Dr. Stephen Henson
7aaa88e55c Add partial DH and ECDH primitives only testing to fipsalgtest.pl 2011-04-20 14:33:39 +00:00
Dr. Stephen Henson
84c7a8f7dc Warn if lines are truncated in algorithm test utilities. 
Support for new test files: DRBG and CCM.
 2011-04-20 13:20:31 +00:00
Dr. Stephen Henson
cb1b3aa151 Add AES CCM selftest. 2011-04-19 18:57:58 +00:00
Dr. Stephen Henson
b5dd178740 Fix EVP CCM decrypt. Add decrypt support to algorithm test program. 2011-04-18 22:48:40 +00:00
Dr. Stephen Henson
b3a45e7db5 CCM encrypt algorithm test support. 2011-04-18 16:31:11 +00:00
Dr. Stephen Henson
ca8630ba81 Remove shlib_wrap.sh as it is not needed (all algorithm tests are 
staticly linked to fipscanister.o). Add option to generate a shell
script to run all tests: this is useful for platforms that don't have
perl.
 2011-04-17 15:39:47 +00:00