root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity
9,840 Commits 32 Branches 398 Tags 545 MiB
Commit Graph

9840 Commits

Author SHA1 Message Date
Dr. Stephen Henson c81f8f59be Use SHA-256 in fips_test_suite. 2011-02-15 16:58:06 +00:00
Dr. Stephen Henson 225a9e296b Update pairwise consistency checks to use SHA-256. 2011-02-15 16:18:18 +00:00
Dr. Stephen Henson 25c6542944 Add non-FIPS algorithm blocking and selftest checking. 2011-02-15 16:03:47 +00:00
Dr. Stephen Henson 14567b1451 Add FIPS flags to AES ciphers and SHA* digests. 2011-02-15 15:57:54 +00:00
Dr. Stephen Henson fe082202c0 Ignore final '\n' when checking if hex line length is odd. 2011-02-15 15:56:13 +00:00
Dr. Stephen Henson fbc164ec2f Add support for SigGen and KeyPair tests. 2011-02-15 14:16:57 +00:00
Dr. Stephen Henson 943a0ceed0 Update ECDSA test program to handle ECDSA2 format files. 
Correctly handle hex strings with an odd number of digits.
 2011-02-14 19:42:49 +00:00
Dr. Stephen Henson 5d2f1538a0 Add .cvsignore. 2011-02-14 17:28:28 +00:00
Dr. Stephen Henson fe26d066ff Add ECDSA functionality to fips module. Initial very incomplete version 
of algorithm test program.
 2011-02-14 17:14:55 +00:00
Dr. Stephen Henson c876a4b7b1 Include support for an add_lock callback to tiny FIPS locking API. 2011-02-14 17:05:42 +00:00
Dr. Stephen Henson c966120412 Don't use FIPS api for ec2_oct.c 2011-02-14 16:55:28 +00:00
Dr. Stephen Henson 84b08eee4b Reorganise ECC code for inclusion in FIPS module. 
Move compression, point2oct and oct2point functions into separate files.

Add a flags field to EC_METHOD.

Add a flag EC_FLAGS_DEFAULT_OCT to use the default compession and oct
functions (all existing methods do this). This removes dependencies from
EC_METHOD while keeping original functionality.
 2011-02-14 16:52:12 +00:00
Dr. Stephen Henson bf2546f947 Use BN_nist_mod_func to avoid need to peek error queue. 2011-02-14 16:45:28 +00:00
Dr. Stephen Henson 133291f8e7 New function BN_nist_mod_func which returns an appropriate function 
if the passed prime is a NIST prime.
 2011-02-14 16:44:29 +00:00
Dr. Stephen Henson e990b4f838 Remove dependency of dsa_sign.o and dsa_vrf.o: new functions FIPS_dsa_sig_new 
and FIPS_dsa_sig_free, reimplment DSA_SIG_new and DSA_SIG_free from ASN1
library.
 2011-02-13 18:45:41 +00:00
Dr. Stephen Henson e47af46cd8 Change FIPS source and utilities to use the "FIPS_" names directly 
instead of using regular OpenSSL API names.
 2011-02-12 18:25:18 +00:00
Dr. Stephen Henson 36246be915 Make no-ec2m work on Win32 build. Add nexprotoneg support too. 2011-02-12 17:38:40 +00:00
Dr. Stephen Henson c9a90645a5 Disable some functions in headers with no-ec2m 2011-02-12 17:38:06 +00:00
Dr. Stephen Henson b331016124 New option to disable characteristic two fields in EC code. 2011-02-12 17:23:32 +00:00
Andy Polyakov afb4191304 dso_dlfcn.c: make it work on Tru64 4.0. 
PR: 2316
 2011-02-12 16:43:41 +00:00
Andy Polyakov 874b0bd968 Configure: engage assembler in Android target. 2011-02-12 16:13:59 +00:00
Andy Polyakov a6d915e0ef gcm128.c: make it work with no-sse2. 2011-02-12 11:47:55 +00:00
Dr. Stephen Henson 975138edaa Add Makefile.fips. 2011-02-11 20:56:24 +00:00
Dr. Stephen Henson 30b56225cc New "fispcanisteronly" build option: only build fipscanister.o and 
associated utilities. This functionality will be used by the validated
tarball.
 2011-02-11 19:02:34 +00:00
Dr. Stephen Henson dc527a62a1 Make Windows build work with GCM. 2011-02-11 16:49:01 +00:00
Dr. Stephen Henson ed12c2f7ca In FIPS mode only use "Generation by Testing Candidates" equivalent. 2011-02-11 15:19:54 +00:00
Dr. Stephen Henson 16a7fcc447 Return security strength for supported DSA parameters: will be used 
later.
 2011-02-11 14:38:39 +00:00
Dr. Stephen Henson a1a5885b64 Free keys if DSA pairwise error. 2011-02-11 14:21:01 +00:00
Andy Polyakov f84a8ea526 x86gas.pl: make data_short work on legacy systems. 2011-02-10 21:24:24 +00:00
Andy Polyakov 01be5db64e xts128.c: initial draft. 2011-02-10 21:16:21 +00:00
Dr. Stephen Henson a4113c52b2 Disable FIPS restrictions when doing GCM testing. 2011-02-10 01:46:25 +00:00
Dr. Stephen Henson b3d8022edd Add GCM IV generator. Add some FIPS restrictions to GCM. Update fips_gcmtest. 2011-02-09 16:21:43 +00:00
Andy Polyakov 632d83f0a3 ccm128.c: initialize ctx->block (what I was smoking?). 2011-02-08 23:08:02 +00:00
Andy Polyakov d3fad7cb51 ccm128.c: initial draft. 2011-02-08 23:02:45 +00:00
Dr. Stephen Henson f4bfe97fc9 Equally experimental encrypt side for fips_gcmtest. Currently this uses IVs 
in the request file need to update it to generate IVs once we have an IV
generator in place.
 2011-02-08 19:25:24 +00:00
Bodo Möller c415adc26f Sync with 1.0.1 branch. 
(CVE-2011-0014 OCSP stapling fix has been applied to HEAD as well.)
 2011-02-08 19:09:08 +00:00
Dr. Stephen Henson 9afe95099d Set values to NULL after freeing them. 2011-02-08 18:25:57 +00:00
Dr. Stephen Henson 9dd346c90d Experimental incomplete AES GCM algorithm test program. 2011-02-08 18:15:59 +00:00
Bodo Möller 9770924f9b OCSP stapling fix (OpenSSL 0.9.8r/1.0.0d) 
Submitted by: Neel Mehta, Adam Langley, Bodo Moeller
 2011-02-08 17:48:57 +00:00
Dr. Stephen Henson f4001a0d19 Link GCM into FIPS module. Check return value in EVP gcm. 2011-02-08 15:10:42 +00:00
Bodo Möller cea73f9db3 Synchronize with 1.0.0 branch 2011-02-08 08:48:51 +00:00
Andy Polyakov 1f2502eb58 gcm128.c: add boundary condition checks. 2011-02-07 19:11:13 +00:00
Dr. Stephen Henson bdaa54155c Initial *very* experimental EVP support for AES-GCM. Note: probably very 
broken and subject to change.
 2011-02-07 18:16:33 +00:00
Dr. Stephen Henson fd3dbc1dbf Add CRYPTO_gcm128_tag() function to retrieve the tag. 2011-02-07 18:05:27 +00:00
Dr. Stephen Henson d45087c672 Use 0 not -1 (since type is size_t) for finalisation argument to do_cipher: 
the NULL value for the input buffer is sufficient to notice this case.
 2011-02-07 18:04:27 +00:00
Dr. Stephen Henson 634b66186a Typo. 2011-02-07 14:36:55 +00:00
Dr. Stephen Henson 3da0ca796c New flags EVP_CIPH_FLAG_CUSTOM_CIPHER in cipher structures if an underlying 
cipher handles all cipher symantics itself.
 2011-02-07 14:36:08 +00:00
Dr. Stephen Henson f9678b8b57 Fix memory leak. 2011-02-07 13:34:00 +00:00
Dr. Stephen Henson 83e9c36261 Use default ASN1 if flag set. 2011-02-07 12:47:16 +00:00
Andy Polyakov b68c13154e gcm128.c: allow multiple calls to CRYPTO_gcm128_aad. 2011-02-06 23:50:05 +00:00