Dr. Stephen Henson [Thu, 21 Apr 2011 16:58:51 +0000 (16:58 +0000)]
Make fipscanisteronly auto detect work on WIN32.
Dr. Stephen Henson [Thu, 21 Apr 2011 14:54:33 +0000 (14:54 +0000)]
Fix WIN32 warning.
Dr. Stephen Henson [Thu, 21 Apr 2011 14:54:13 +0000 (14:54 +0000)]
Update ordinals.
Dr. Stephen Henson [Thu, 21 Apr 2011 14:17:15 +0000 (14:17 +0000)]
Add continuous RNG test to entropy source. Entropy callbacks now need
to specify a "block length".
Dr. Stephen Henson [Wed, 20 Apr 2011 18:05:05 +0000 (18:05 +0000)]
Update DRBG to use new POST scheme.
Dr. Stephen Henson [Wed, 20 Apr 2011 17:06:38 +0000 (17:06 +0000)]
Add periodic DRBG health checks as required by SP800-90.
Dr. Stephen Henson [Wed, 20 Apr 2011 15:06:44 +0000 (15:06 +0000)]
Add partial GCM tests to fipsalgtest.pl
Dr. Stephen Henson [Wed, 20 Apr 2011 14:33:39 +0000 (14:33 +0000)]
Add partial DH and ECDH primitives only testing to fipsalgtest.pl
Dr. Stephen Henson [Wed, 20 Apr 2011 13:20:31 +0000 (13:20 +0000)]
Warn if lines are truncated in algorithm test utilities.
Support for new test files: DRBG and CCM.
Andy Polyakov [Wed, 20 Apr 2011 08:13:58 +0000 (08:13 +0000)]
xts128.c: minor optimization and clarified prototype.
Andy Polyakov [Tue, 19 Apr 2011 19:09:18 +0000 (19:09 +0000)]
perlasm/x86gas.pl: make OPENSSL_instrument_bus[2] compile.
Dr. Stephen Henson [Tue, 19 Apr 2011 18:57:58 +0000 (18:57 +0000)]
Add AES CCM selftest.
Dr. Stephen Henson [Tue, 19 Apr 2011 11:10:54 +0000 (11:10 +0000)]
Use 0 for tbslen to perform strlen.
Dr. Stephen Henson [Mon, 18 Apr 2011 23:30:59 +0000 (23:30 +0000)]
Add fips/cmac directory to WIN32 build.
Dr. Stephen Henson [Mon, 18 Apr 2011 22:48:40 +0000 (22:48 +0000)]
Fix EVP CCM decrypt. Add decrypt support to algorithm test program.
Dr. Stephen Henson [Mon, 18 Apr 2011 21:01:24 +0000 (21:01 +0000)]
Typo.
Andy Polyakov [Mon, 18 Apr 2011 20:19:23 +0000 (20:19 +0000)]
ccm128.c: fix Win32 compiler warning.
Andy Polyakov [Mon, 18 Apr 2011 20:18:03 +0000 (20:18 +0000)]
perlasm/x86[nm]asm.pl: make OPENSSL_instrument_bus[2] compile.
Andy Polyakov [Mon, 18 Apr 2011 19:17:28 +0000 (19:17 +0000)]
ccm128.c: fix STRICT_ALIGNMENT another bug in CRYPTO_ccm128_decrypt.
Dr. Stephen Henson [Mon, 18 Apr 2011 17:31:28 +0000 (17:31 +0000)]
Override flag for XTS length limit.
Dr. Stephen Henson [Mon, 18 Apr 2011 16:31:11 +0000 (16:31 +0000)]
CCM encrypt algorithm test support.
Dr. Stephen Henson [Mon, 18 Apr 2011 14:25:11 +0000 (14:25 +0000)]
Initial untested CCM support via EVP.
Dr. Stephen Henson [Mon, 18 Apr 2011 13:15:37 +0000 (13:15 +0000)]
Compile ccm128.c, move some structures to modes_lcl.h add prototypes.
Dr. Stephen Henson [Mon, 18 Apr 2011 11:28:41 +0000 (11:28 +0000)]
Don't need separate tag buffer for GCM mode: use EVP_CIPHER_CTX buf
field which is not unused for custom ciphers.
Dr. Stephen Henson [Sun, 17 Apr 2011 15:39:47 +0000 (15:39 +0000)]
Remove shlib_wrap.sh as it is not needed (all algorithm tests are
staticly linked to fipscanister.o). Add option to generate a shell
script to run all tests: this is useful for platforms that don't have
perl.
Andy Polyakov [Sun, 17 Apr 2011 12:46:00 +0000 (12:46 +0000)]
Multiple assembler packs: add experimental memory bus instrumentation.
Dr. Stephen Henson [Sat, 16 Apr 2011 23:54:19 +0000 (23:54 +0000)]
Remove PSS salt length detection hack from fipslagtest.pl by allowing a regexp
search of the file to determine its type. This will be needed for other tests
later...
Andy Polyakov [Sat, 16 Apr 2011 22:57:58 +0000 (22:57 +0000)]
ccm128.c: minor optimization and bugfix in CRYPTO_ccm128_[en|de]crypt.
Dr. Stephen Henson [Fri, 15 Apr 2011 20:09:34 +0000 (20:09 +0000)]
Add "post" option to fips_test_suite to run the POST only and exit.
Dr. Stephen Henson [Fri, 15 Apr 2011 12:01:53 +0000 (12:01 +0000)]
Add length limitation from SP800-38E.
Dr. Stephen Henson [Fri, 15 Apr 2011 11:30:19 +0000 (11:30 +0000)]
Add XTS selftest, include in fips_test_suite.
Dr. Stephen Henson [Fri, 15 Apr 2011 02:49:30 +0000 (02:49 +0000)]
Add algorithm driver for XTS mode. Fix several bugs in EVP XTS implementation.
Dr. Stephen Henson [Thu, 14 Apr 2011 18:29:49 +0000 (18:29 +0000)]
Add new POST support to X9.31 PRNG.
Dr. Stephen Henson [Thu, 14 Apr 2011 16:38:20 +0000 (16:38 +0000)]
Report each cipher used with CMAC tests.
Only add one error to error queue if a specific test type fails.
Dr. Stephen Henson [Thu, 14 Apr 2011 16:14:41 +0000 (16:14 +0000)]
Revise fips_test_suite to use table of IDs for human readable strings.
Modify HMAC selftest callbacks to notify each digest type used.
Dr. Stephen Henson [Thu, 14 Apr 2011 13:10:00 +0000 (13:10 +0000)]
Update CMAC, HMAC, GCM to use new POST system.
Fix crash if callback not set.
Dr. Stephen Henson [Thu, 14 Apr 2011 11:30:51 +0000 (11:30 +0000)]
Remove several of the old obsolete FIPS_corrupt_*() functions.
Dr. Stephen Henson [Thu, 14 Apr 2011 11:15:10 +0000 (11:15 +0000)]
Initial incomplete POST overhaul: add support for POST callback to
allow status of POST to be monitored and/or failures induced.
Dr. Stephen Henson [Wed, 13 Apr 2011 00:11:53 +0000 (00:11 +0000)]
Remove duplicate flag.
Dr. Stephen Henson [Tue, 12 Apr 2011 23:59:05 +0000 (23:59 +0000)]
Use consistent FIPS tarball name.
Add XTS to FIPS build.
Hide XTS symbol names.
Dr. Stephen Henson [Tue, 12 Apr 2011 23:21:33 +0000 (23:21 +0000)]
Provisional AES XTS support.
Dr. Stephen Henson [Tue, 12 Apr 2011 17:41:53 +0000 (17:41 +0000)]
Update fips_pkey_signature_test: use fixed string if supplies tbs is
NULL. Always allocate signature buffer.
Update ECDSA selftest to use fips_pkey_signature_test. Add copyright notice
to file.
Dr. Stephen Henson [Tue, 12 Apr 2011 16:26:52 +0000 (16:26 +0000)]
Complete rewrite of FIPS_selftest_dsa(). Use hardcoded 2048 bit DSA key
and SHA384. Use fips_pkey_signature_test().
Dr. Stephen Henson [Tue, 12 Apr 2011 15:38:34 +0000 (15:38 +0000)]
Update RSA selftest code to use a 2048 bit RSA and only a single KAT
for PSS+SHA256
Dr. Stephen Henson [Tue, 12 Apr 2011 14:28:06 +0000 (14:28 +0000)]
Fix memory leaks: uninstantiate DRBG during health checks. Cleanup md_ctx
when performing ECDSA selftest.
Dr. Stephen Henson [Tue, 12 Apr 2011 13:02:56 +0000 (13:02 +0000)]
Stop warning and fix memory leaks.
Dr. Stephen Henson [Tue, 12 Apr 2011 13:01:40 +0000 (13:01 +0000)]
No need to disable leak checking for FIPS builds now we use internal
memory callbacks.
Dr. Stephen Henson [Tue, 12 Apr 2011 11:49:35 +0000 (11:49 +0000)]
Update ECDSA selftest to use hard coded private keys. Include tests for
prime and binary fields.
Dr. Stephen Henson [Tue, 12 Apr 2011 11:48:00 +0000 (11:48 +0000)]
Update fips_premain.c fingerprint.
Dr. Stephen Henson [Mon, 11 Apr 2011 21:32:51 +0000 (21:32 +0000)]
Update copyright year.
Zero ciphertext and plaintext temporary buffers.
Check FIPS_cipher() return value.
Dr. Stephen Henson [Mon, 11 Apr 2011 14:55:19 +0000 (14:55 +0000)]
Use correct version number.
Dr. Stephen Henson [Mon, 11 Apr 2011 14:53:40 +0000 (14:53 +0000)]
Add mem_clr.c explicity for no-asm builds.
Dr. Stephen Henson [Mon, 11 Apr 2011 14:52:59 +0000 (14:52 +0000)]
Fix warning.
Dr. Stephen Henson [Mon, 11 Apr 2011 14:50:11 +0000 (14:50 +0000)]
Set length to 41 (40 hex characters + null).
Dr. Stephen Henson [Mon, 11 Apr 2011 14:01:33 +0000 (14:01 +0000)]
Reorder headers to get definitions before they are used.
Dr. Stephen Henson [Mon, 11 Apr 2011 00:22:42 +0000 (00:22 +0000)]
Don't give dependency warning for fips builds.
Give error for "make depend" in restricted tarball builds.
Document how restricted tarballs work.
Dr. Stephen Henson [Sun, 10 Apr 2011 23:32:19 +0000 (23:32 +0000)]
Typo: fix duplicate call.
Dr. Stephen Henson [Sun, 10 Apr 2011 23:28:24 +0000 (23:28 +0000)]
fix fipscanisteronly autodetect
Dr. Stephen Henson [Sun, 10 Apr 2011 18:30:13 +0000 (18:30 +0000)]
Auto detect no-ec2m add option to make no-ec2m tarball.
Dr. Stephen Henson [Sun, 10 Apr 2011 17:31:03 +0000 (17:31 +0000)]
set OPENSSL_FIPSSYMS for restricted buils and auto detect no-ec2m
Dr. Stephen Henson [Sun, 10 Apr 2011 16:23:31 +0000 (16:23 +0000)]
Clarify README.FIPS.
Dr. Stephen Henson [Sun, 10 Apr 2011 16:18:19 +0000 (16:18 +0000)]
Auto configure for fips is from restricted tarball.
Remove more unnecessary files form fips tarball.
Dr. Stephen Henson [Sun, 10 Apr 2011 01:14:58 +0000 (01:14 +0000)]
Remove unused build targets from Makefile.fips, add cmac to dist list.
Dr. Stephen Henson [Sun, 10 Apr 2011 01:14:25 +0000 (01:14 +0000)]
remove ENGINE dependency from ecdh
Dr. Stephen Henson [Sat, 9 Apr 2011 17:46:31 +0000 (17:46 +0000)]
Add error for health check failure.
Rebuild all FIPS error codes to clean out old obsolete codes.
Dr. Stephen Henson [Sat, 9 Apr 2011 17:27:07 +0000 (17:27 +0000)]
Before initalising a live DRBG (i.e. not in test mode) run a complete health
check on a DRBG of the same type.
Dr. Stephen Henson [Sat, 9 Apr 2011 16:49:59 +0000 (16:49 +0000)]
New function to return security strength of PRNG.
Dr. Stephen Henson [Thu, 7 Apr 2011 15:01:48 +0000 (15:01 +0000)]
DH keys have an (until now) unused 'q' parameter. When creating
from DSA copy q across and if q present generate DH key in the
correct range.
Dr. Stephen Henson [Wed, 6 Apr 2011 23:42:55 +0000 (23:42 +0000)]
Only use fake rand once per operation. This stops the EC
pairwise consistency test interfering with the test.
Dr. Stephen Henson [Wed, 6 Apr 2011 23:41:19 +0000 (23:41 +0000)]
Update CHANGES.
Dr. Stephen Henson [Wed, 6 Apr 2011 23:40:46 +0000 (23:40 +0000)]
Add fips hmac key to dgst utility.
Dr. Stephen Henson [Wed, 6 Apr 2011 23:40:22 +0000 (23:40 +0000)]
Update OpenSSL DRBG support code. Use date time vector as additional data.
Set FIPS RAND_METHOD at same time as OpenSSL RAND_METHOD.
Dr. Stephen Henson [Wed, 6 Apr 2011 18:17:05 +0000 (18:17 +0000)]
Add missing error code strings.
Dr. Stephen Henson [Wed, 6 Apr 2011 18:16:44 +0000 (18:16 +0000)]
Remove rand files from fipscanister.o
Dr. Stephen Henson [Wed, 6 Apr 2011 18:06:41 +0000 (18:06 +0000)]
check buffer is larger enough before overwriting
Dr. Stephen Henson [Wed, 6 Apr 2011 13:40:36 +0000 (13:40 +0000)]
updated FIPS status
Dr. Stephen Henson [Tue, 5 Apr 2011 15:48:05 +0000 (15:48 +0000)]
Update fipssyms.h to keep all symbols in FIPS,fips namespace.
Rename drbg_cprng_test to fips_drbg_cprng_test.
Remove rand files from Makefile.fips.
Dr. Stephen Henson [Tue, 5 Apr 2011 15:24:10 +0000 (15:24 +0000)]
Extensive reorganisation of PRNG handling in FIPS module: all calls
now use an internal RAND_METHOD. All dependencies to OpenSSL standard
PRNG are now removed: it is the applications resposibility to setup
the FIPS PRNG and initalise it.
Initial OpenSSL RAND_init_fips() function that will setup the DRBG
for the "FIPS capable OpenSSL".
Dr. Stephen Henson [Tue, 5 Apr 2011 12:42:31 +0000 (12:42 +0000)]
Rename deprecated FIPS_rand functions to FIPS_x931. These shouldn't be
used by applications directly and the X9.31 PRNG is deprecated by new
FIPS140-2 rules anyway.
Dr. Stephen Henson [Mon, 4 Apr 2011 17:16:28 +0000 (17:16 +0000)]
FIPS mode support for openssl utility: doesn't work properly yet due
to missing DRBG support in libcrypto.
Dr. Stephen Henson [Mon, 4 Apr 2011 17:05:09 +0000 (17:05 +0000)]
Updated error codes for FIPS library.
Dr. Stephen Henson [Mon, 4 Apr 2011 17:03:35 +0000 (17:03 +0000)]
Set error code is additional data callback fails.
Dr. Stephen Henson [Mon, 4 Apr 2011 17:01:58 +0000 (17:01 +0000)]
Use environment when builds libcrypto shared library so CC value is picked up
in FIPS builds.
Dr. Stephen Henson [Mon, 4 Apr 2011 15:38:21 +0000 (15:38 +0000)]
Change FIPS locking functions to macros so we get useful line information.
Set fips_thread_set properly.
Andy Polyakov [Mon, 4 Apr 2011 15:24:09 +0000 (15:24 +0000)]
gcm128.c: fix shadow warnings.
Dr. Stephen Henson [Mon, 4 Apr 2011 14:52:20 +0000 (14:52 +0000)]
Disable test fprintf.
Dr. Stephen Henson [Mon, 4 Apr 2011 14:47:31 +0000 (14:47 +0000)]
Change RNG test to block oriented instead of request oriented, add option
to test a "stuck" DRBG.
Dr. Stephen Henson [Mon, 4 Apr 2011 14:43:20 +0000 (14:43 +0000)]
check RAND_pseudo_bytes return value
Dr. Stephen Henson [Sun, 3 Apr 2011 17:14:35 +0000 (17:14 +0000)]
PR: 2462
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS Retransmission Buffer Bug
Dr. Stephen Henson [Sun, 3 Apr 2011 16:25:29 +0000 (16:25 +0000)]
PR: 2458
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Don't change state when answering DTLS ClientHello.
Dr. Stephen Henson [Sun, 3 Apr 2011 15:47:58 +0000 (15:47 +0000)]
PR: 2457
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS fragment reassembly bug.
Dr. Stephen Henson [Sat, 2 Apr 2011 16:51:04 +0000 (16:51 +0000)]
Make WIN32 static builds work again.
Andy Polyakov [Fri, 1 Apr 2011 21:09:09 +0000 (21:09 +0000)]
ARM assembler pack: add missing arm_arch.h.
Andy Polyakov [Fri, 1 Apr 2011 20:58:34 +0000 (20:58 +0000)]
ARM assembler pack: profiler-assisted optimizations and NEON support.
Andy Polyakov [Fri, 1 Apr 2011 20:52:35 +0000 (20:52 +0000)]
gcm128.c: tidy up, minor optimization, rearrange gcm128_context.
Dr. Stephen Henson [Fri, 1 Apr 2011 18:49:24 +0000 (18:49 +0000)]
restore .cvsignore
Dr. Stephen Henson [Fri, 1 Apr 2011 18:40:30 +0000 (18:40 +0000)]
restore .cvsignore
Dr. Stephen Henson [Fri, 1 Apr 2011 18:40:05 +0000 (18:40 +0000)]
delete lib file
Dr. Stephen Henson [Fri, 1 Apr 2011 18:38:51 +0000 (18:38 +0000)]
temporarily update .cvsignore
Dr. Stephen Henson [Fri, 1 Apr 2011 17:49:45 +0000 (17:49 +0000)]
Only zeroise sensitive parts of DRBG context, so the type and flags
are undisturbed.
Allow setting of "rand" callbacks for DRBG.