Dr. Stephen Henson [Sun, 4 Sep 2011 18:35:33 +0000 (18:35 +0000)]
Extension of DRBG selftests using new data.
Test PR and no PR and test initial generate before the reseed too.
Move selftest data to separate fips_drbg_selftest.h header file.
Dr. Stephen Henson [Fri, 2 Sep 2011 15:10:54 +0000 (15:10 +0000)]
Rename some more symbols for fips module.
Dr. Stephen Henson [Fri, 2 Sep 2011 11:28:27 +0000 (11:28 +0000)]
Don't use *from++ in tolower as this is implemented as a macro on some
platforms. Thanks to Shayne Murray <Shayne.Murray@Polycom.com> for
reporting this issue.
Dr. Stephen Henson [Fri, 2 Sep 2011 11:20:15 +0000 (11:20 +0000)]
PR: 2576
Submitted by: Doug Goldstein <cardoe@gentoo.org>
Reviewed by: steve
Include header file stdlib.h which is needed on some platforms to get
getenv() declaration.
Dr. Stephen Henson [Thu, 1 Sep 2011 17:12:35 +0000 (17:12 +0000)]
Sync ordinals with 1.0.1-stable.
Dr. Stephen Henson [Thu, 1 Sep 2011 15:01:35 +0000 (15:01 +0000)]
PR: 2340
Submitted by: "Mauro H. Leggieri" <mxmauro@caiman.com.ar>
Reviewed by: steve
Stop warnings if OPENSSL_NO_DGRAM is defined.
Dr. Stephen Henson [Thu, 1 Sep 2011 14:23:09 +0000 (14:23 +0000)]
make timing attack protection unconditional
Dr. Stephen Henson [Thu, 1 Sep 2011 14:15:47 +0000 (14:15 +0000)]
Stop warnings.
Dr. Stephen Henson [Thu, 1 Sep 2011 14:02:23 +0000 (14:02 +0000)]
PR: 2573
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS buffering and decryption bug.
Dr. Stephen Henson [Thu, 1 Sep 2011 13:52:48 +0000 (13:52 +0000)]
PR: 2589
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve
Initialise p pointer.
Dr. Stephen Henson [Thu, 1 Sep 2011 13:49:16 +0000 (13:49 +0000)]
PR: 2588
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve
Close file pointer.
Dr. Stephen Henson [Thu, 1 Sep 2011 13:45:46 +0000 (13:45 +0000)]
PR: 2586
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve
Zero structure fields properly.
Dr. Stephen Henson [Thu, 1 Sep 2011 13:37:37 +0000 (13:37 +0000)]
PR: 2586
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve
Fix brace mismatch.
Dr. Stephen Henson [Mon, 29 Aug 2011 16:09:07 +0000 (16:09 +0000)]
Print private key component is -exout parameter is given.
Dr. Stephen Henson [Mon, 29 Aug 2011 15:35:35 +0000 (15:35 +0000)]
Fix ecdh primitives test command line.
Andy Polyakov [Sat, 27 Aug 2011 19:38:55 +0000 (19:38 +0000)]
bn_exp.c: improve portability.
Andy Polyakov [Sat, 27 Aug 2011 19:37:25 +0000 (19:37 +0000)]
util/incore: fix typo.
Dr. Stephen Henson [Sat, 27 Aug 2011 12:30:47 +0000 (12:30 +0000)]
Add support for DSA2 PQG generation of g parameter.
Dr. Stephen Henson [Fri, 26 Aug 2011 14:51:49 +0000 (14:51 +0000)]
Add support for canonical generation of DSA parameter g.
Modify fips_dssvs to support appropriate file format.
Dr. Stephen Henson [Thu, 25 Aug 2011 19:50:51 +0000 (19:50 +0000)]
Fix warning.
Dr. Stephen Henson [Tue, 23 Aug 2011 23:35:30 +0000 (23:35 +0000)]
Don't use some object files in FIPS build.
Dr. Stephen Henson [Tue, 23 Aug 2011 21:06:44 +0000 (21:06 +0000)]
Rename sparc symbols.
Andy Polyakov [Tue, 23 Aug 2011 20:51:38 +0000 (20:51 +0000)]
Add RC4-MD5 and AESNI-SHA1 "stitched" implementations.
Andy Polyakov [Mon, 22 Aug 2011 19:01:16 +0000 (19:01 +0000)]
eng_rsax.c: improve portability.
Dr. Stephen Henson [Fri, 19 Aug 2011 23:25:10 +0000 (23:25 +0000)]
Correct maximum request length. SP800-90 quotes maximum bits, not bytes.
Andy Polyakov [Fri, 19 Aug 2011 06:30:32 +0000 (06:30 +0000)]
modexp512-x86_64.pl: make it work with ml64.
Dr. Stephen Henson [Thu, 18 Aug 2011 16:06:24 +0000 (16:06 +0000)]
Fix fipsalgtest.pl to still work with old test vectors.
Dr. Stephen Henson [Tue, 16 Aug 2011 12:45:26 +0000 (12:45 +0000)]
typo
Dr. Stephen Henson [Tue, 16 Aug 2011 11:25:56 +0000 (11:25 +0000)]
Update instructions to recommend use of included incore script.
Andy Polyakov [Tue, 16 Aug 2011 08:56:07 +0000 (08:56 +0000)]
Makefile.org: get commit#21249 right.
Dr. Stephen Henson [Mon, 15 Aug 2011 20:38:16 +0000 (20:38 +0000)]
Delete library install from Makefile.fips: it isn't used.
Revert change to Makefile.org: it breaks install.
Dr. Stephen Henson [Mon, 15 Aug 2011 18:16:55 +0000 (18:16 +0000)]
quote LIBS to copy with empty string
Dr. Stephen Henson [Mon, 15 Aug 2011 14:50:00 +0000 (14:50 +0000)]
Enable rsa-pss0 for non-v2 tests.
Dr. Stephen Henson [Sun, 14 Aug 2011 13:45:19 +0000 (13:45 +0000)]
Remove hard coded ecdsaWithSHA1 hack in ssl routines and check for RSA
using OBJ xref utilities instead of string comparison with OID name.
This removes the arbitrary restriction on using SHA1 only with some ECC
ciphersuites.
Andy Polyakov [Sun, 14 Aug 2011 11:31:35 +0000 (11:31 +0000)]
bn_div.c: remove duplicate code by merging BN_div and BN_div_no_branch.
Andy Polyakov [Sun, 14 Aug 2011 09:06:06 +0000 (09:06 +0000)]
x86_64-mont5.pl: add missing Win64 support.
Andy Polyakov [Sun, 14 Aug 2011 08:30:56 +0000 (08:30 +0000)]
eng_rdrand.c: make it link in './config 386' case.
Andy Polyakov [Sat, 13 Aug 2011 12:38:41 +0000 (12:38 +0000)]
armv4-mont.pl: profiler-assisted optimization gives 8%-14% improvement
(more for longer keys) on RSA/DSA.
Andy Polyakov [Fri, 12 Aug 2011 21:38:19 +0000 (21:38 +0000)]
SPARC assembler pack: fix FIPS linking errors.
Andy Polyakov [Fri, 12 Aug 2011 21:24:19 +0000 (21:24 +0000)]
x86_64-xlate.pl: fix movzw.
Andy Polyakov [Fri, 12 Aug 2011 16:44:32 +0000 (16:44 +0000)]
This commit completes recent modular exponentiation optimizations on
x86_64 platform. It targets specifically RSA1024 sign (using ideas
from http://eprint.iacr.org/2011/239) and adds more than 10% on most
platforms. Overall performance improvement relative to 1.0.0 is ~40%
in average, with best result of 54% on Westmere. Incidentally ~40%
is average improvement even for longer key lengths.
Andy Polyakov [Fri, 12 Aug 2011 12:28:52 +0000 (12:28 +0000)]
alphacpuid.pl: fix alignment bug.
alpha-mont.pl: fix typo.
PR: 2577
Dr. Stephen Henson [Thu, 11 Aug 2011 23:06:19 +0000 (23:06 +0000)]
aesni TLS GCM support
Dr. Stephen Henson [Thu, 11 Aug 2011 21:12:17 +0000 (21:12 +0000)]
prevent compilation errors and warnings
Dr. Stephen Henson [Thu, 11 Aug 2011 17:30:07 +0000 (17:30 +0000)]
Include armcap.c in fips tarball.
Dr. Stephen Henson [Thu, 11 Aug 2011 13:22:04 +0000 (13:22 +0000)]
Remove redundant assignment.
Andy Polyakov [Wed, 10 Aug 2011 18:52:42 +0000 (18:52 +0000)]
Add provisory support for RDRAND instruction.
Andy Polyakov [Tue, 9 Aug 2011 13:05:05 +0000 (13:05 +0000)]
x86_64-mont.pl: futher optimization resulting in up to 48% improvement
(4096-bit RSA sign benchmark on Core2) in comparison to initial version
from 2005.
Dr. Stephen Henson [Mon, 8 Aug 2011 22:07:38 +0000 (22:07 +0000)]
Add HMAC DRBG from SP800-90
Dr. Stephen Henson [Mon, 8 Aug 2011 18:06:40 +0000 (18:06 +0000)]
Use "resp" for default directory name for .rsp files.
Dr. Stephen Henson [Mon, 8 Aug 2011 14:47:51 +0000 (14:47 +0000)]
Fix DSA to skip EOL test when parsing mod line.
Dr. Stephen Henson [Mon, 8 Aug 2011 14:47:04 +0000 (14:47 +0000)]
Initial support for tests for 2.0 module. Not complete and not all working
yet.
Allow test type to be determined by a regexp on the pathname. So tests like:
DSA/SigVer, DSA2/SigVer, ECDSA/SigVer, ECDSA2/SigVer can all be
distinguished.
Andy Polyakov [Sun, 7 Aug 2011 17:47:56 +0000 (17:47 +0000)]
aes/asm/aesni-*.pl: fix CCM and further optimize it.
modes/ccm128.c: minor branch optimization.
Dr. Stephen Henson [Wed, 3 Aug 2011 16:39:58 +0000 (16:39 +0000)]
fix memory leak
Dr. Stephen Henson [Wed, 3 Aug 2011 15:37:22 +0000 (15:37 +0000)]
Expand range of ctrls for AES GCM to support retrieval and setting of
invocation field.
Add complete support for AES GCM ciphersuites including all those in
RFC5288 and RFC5289.
Dr. Stephen Henson [Thu, 28 Jul 2011 14:40:01 +0000 (14:40 +0000)]
recognise ecdsaWithSHA1 OID
Dr. Stephen Henson [Mon, 25 Jul 2011 21:58:11 +0000 (21:58 +0000)]
Fix warnings.
Dr. Stephen Henson [Mon, 25 Jul 2011 21:43:57 +0000 (21:43 +0000)]
Update CHANGES.
Dr. Stephen Henson [Mon, 25 Jul 2011 21:38:41 +0000 (21:38 +0000)]
oops, remove debug option
Dr. Stephen Henson [Mon, 25 Jul 2011 20:41:32 +0000 (20:41 +0000)]
Add HMAC ECC ciphersuites from RFC5289. Include SHA384 PRF support and
prohibit use of these ciphersuites for TLS < 1.2
Andy Polyakov [Sat, 23 Jul 2011 12:10:26 +0000 (12:10 +0000)]
cryptlib.c: OPENSSL_ia32cap environment variable to interpret ~ as cpuid mask.
Dr. Stephen Henson [Fri, 22 Jul 2011 14:29:27 +0000 (14:29 +0000)]
More symbol renaming.
Dr. Stephen Henson [Fri, 22 Jul 2011 14:20:50 +0000 (14:20 +0000)]
Make sure OPENSSL_FIPSCANISTER is visible to ARM assembly language files.
Andy Polyakov [Fri, 22 Jul 2011 10:24:40 +0000 (10:24 +0000)]
util/incore: fix brown-bag bug.
Andy Polyakov [Fri, 22 Jul 2011 10:13:52 +0000 (10:13 +0000)]
util/incore: make transition smoother.
Andy Polyakov [Fri, 22 Jul 2011 09:42:11 +0000 (09:42 +0000)]
fips_canister.c: add support for embedded ppc linux.
Dr. Stephen Henson [Thu, 21 Jul 2011 13:45:06 +0000 (13:45 +0000)]
stop warnings
Dr. Stephen Henson [Thu, 21 Jul 2011 13:43:19 +0000 (13:43 +0000)]
Rename another symbol.
Andy Polyakov [Wed, 20 Jul 2011 22:16:27 +0000 (22:16 +0000)]
aes-ppc.pl: minor optimization favoring embedded processors (performance
of "big" processors is unaffected).
Andy Polyakov [Wed, 20 Jul 2011 21:49:46 +0000 (21:49 +0000)]
Add RSAX builtin engine. It optimizes RSA1024 sign benchmark.
Dr. Stephen Henson [Wed, 20 Jul 2011 15:22:11 +0000 (15:22 +0000)]
PR: 2559
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS socket error bug
Dr. Stephen Henson [Wed, 20 Jul 2011 15:17:51 +0000 (15:17 +0000)]
PR: 2555
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS sequence number bug
Dr. Stephen Henson [Wed, 20 Jul 2011 15:14:24 +0000 (15:14 +0000)]
PR: 2550
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS HelloVerifyRequest Timer bug
Andy Polyakov [Mon, 18 Jul 2011 11:34:07 +0000 (11:34 +0000)]
sha512-sparcv9.pl: minor optimization of sha256.
Dr. Stephen Henson [Mon, 18 Jul 2011 00:45:05 +0000 (00:45 +0000)]
Add support for ECCCDH test format.
Andy Polyakov [Sun, 17 Jul 2011 17:40:29 +0000 (17:40 +0000)]
ARM assembler pack: add platform run-time detection.
Dr. Stephen Henson [Thu, 14 Jul 2011 12:01:53 +0000 (12:01 +0000)]
PR: 2556 (partial)
Reported by: Daniel Marschall <daniel-marschall@viathinksoft.de>
Reviewed by: steve
Fix OID routines.
Check on encoding leading zero rejection should start at beginning of
encoding.
Allow for initial digit when testing when to use BIGNUMs which can increase
first value by 2 * 40.
Andy Polyakov [Wed, 13 Jul 2011 22:30:33 +0000 (22:30 +0000)]
fips/Makefile: HP-UX-specific update.
Andy Polyakov [Wed, 13 Jul 2011 14:54:38 +0000 (14:54 +0000)]
ms/uplink.c: fix Visual Studio 2010 warning.
Andy Polyakov [Wed, 13 Jul 2011 14:23:19 +0000 (14:23 +0000)]
config: detect if assembler supports --noexecstack and pass it down.
Andy Polyakov [Wed, 13 Jul 2011 06:20:30 +0000 (06:20 +0000)]
perlasm/cbc.pl: fix tail processing bug.
PR: 2557
Andy Polyakov [Mon, 11 Jul 2011 14:00:43 +0000 (14:00 +0000)]
ssl/ssl_ciph.c: allow to switch to predefined "composite" cipher/mac
combos that can be implemented as AEAD ciphers.
Andy Polyakov [Mon, 11 Jul 2011 13:58:59 +0000 (13:58 +0000)]
ssl/t1_enc.c: initial support for AEAD ciphers.
Andy Polyakov [Mon, 11 Jul 2011 13:54:53 +0000 (13:54 +0000)]
evp.h: add flag to distinguish AEAD ciphers and pair of control codes...
Bodo Möller [Mon, 11 Jul 2011 12:13:55 +0000 (12:13 +0000)]
Fix typo.
Submitted by: Jim Morrison
Richard Levitte [Tue, 5 Jul 2011 15:40:58 +0000 (15:40 +0000)]
Add a tool that (semi)automatically created the API documentation
required for FIPS.
Dr. Stephen Henson [Tue, 5 Jul 2011 11:12:41 +0000 (11:12 +0000)]
Rename symbol.
Andy Polyakov [Tue, 5 Jul 2011 09:21:03 +0000 (09:21 +0000)]
x86_64-mont.pl: add squaring procedure and improve RSA sign performance
by up to 38% (4096-bit benchmark on Core2).
Dr. Stephen Henson [Mon, 4 Jul 2011 23:38:16 +0000 (23:38 +0000)]
Add functions to return FIPS module version.
Andy Polyakov [Mon, 4 Jul 2011 13:10:50 +0000 (13:10 +0000)]
x86_64-xlate.pl: sha1 and md5 warnings made it to nasm 2.09, extend gnu
assembler workaround to all assemblers.
Andy Polyakov [Mon, 4 Jul 2011 13:00:24 +0000 (13:00 +0000)]
sha1-x86_64.pl: nasm 2.07 screws up labels if AVX path is compiled.
Andy Polyakov [Mon, 4 Jul 2011 11:20:33 +0000 (11:20 +0000)]
s390x-gf2m.pl: commentary update (final performance numbers turned to be
higher).
Dr. Stephen Henson [Sun, 3 Jul 2011 12:35:06 +0000 (12:35 +0000)]
If make clean fails it is not a fatal error.
Dr. Stephen Henson [Sat, 2 Jul 2011 15:57:35 +0000 (15:57 +0000)]
Additional error checking.
Andy Polyakov [Fri, 1 Jul 2011 21:23:13 +0000 (21:23 +0000)]
sha1-x86_64.pl: fix win64-specific typos and add masm support.
Andy Polyakov [Fri, 1 Jul 2011 21:21:14 +0000 (21:21 +0000)]
x86_64-xlate.pl: masm-specific update.
Dr. Stephen Henson [Fri, 1 Jul 2011 14:52:09 +0000 (14:52 +0000)]
Delete any EXARG value first.
Dr. Stephen Henson [Fri, 1 Jul 2011 14:43:34 +0000 (14:43 +0000)]
Add no-asm argument to Configure if needed.
Dr. Stephen Henson [Thu, 30 Jun 2011 19:18:41 +0000 (19:18 +0000)]
Recognise fipscheck option and call fipsas for WIN64 builds.
Andy Polyakov [Tue, 28 Jun 2011 12:55:39 +0000 (12:55 +0000)]
crypto/aes/Makefile: make it work on IRIX.