Dr. Stephen Henson
6cdcb92513
Initial FIPS capable OpenSSL information
2011-06-17 21:08:15 +00:00
Dr. Stephen Henson
9945b460e2
Give parameters names in prototypes.
2011-06-17 16:47:41 +00:00
Dr. Stephen Henson
b234848879
Option "fipscheck" which checks to see if FIPS is autodetected in
...
a build. Use this for WIN32 builds.
2011-06-16 16:27:36 +00:00
Dr. Stephen Henson
fdb65c836c
Don't include des.h any more: it is not needed.
2011-06-16 14:12:42 +00:00
Dr. Stephen Henson
c3de647e7d
Update to mk1mf.pl and ms\do_fips.bat to install relevant files for
...
WIN32 FIPS builds.
2011-06-15 21:04:09 +00:00
Bodo Möller
e66cb363d6
Fix the version history: changes going into 1.1.0 that are also going
...
into 1.0.1 should not be listed as "changes between 1.0.1 and 1.0.0".
This makes the OpenSSL_1_0_1-stable and HEAD versions of this file
consistent with each other (the HEAD version has the additional 1.1.0
section, but doesn't otherwise differ).
2011-06-15 14:49:17 +00:00
Dr. Stephen Henson
70051b1d88
set FIPS allow before initialising ctx
2011-06-14 15:25:21 +00:00
Dr. Stephen Henson
bd6386f59c
make sure custom cipher flag doesn't use any mode bits
2011-06-13 23:06:43 +00:00
Dr. Stephen Henson
1d55dd86dd
Allow applications to specify alternative FIPS RAND methods if they
...
are sure they are OK.
API to retrieve FIPS rand method.
2011-06-13 20:28:45 +00:00
Dr. Stephen Henson
38f90d06d7
sync and update ordinals
2011-06-12 15:40:06 +00:00
Dr. Stephen Henson
19cd2049f7
Don't export functions marked as FIPSCAPABLE.
2011-06-12 15:38:36 +00:00
Dr. Stephen Henson
b08e372bf6
Use FIPSCAPABLE for FIPS module functions used in FIPS capable OpenSSL.
2011-06-12 15:37:51 +00:00
Dr. Stephen Henson
0435dc1902
HMAC fips prototypes
2011-06-12 15:02:53 +00:00
Dr. Stephen Henson
e6e7b4e825
CMAC FIPS prototypes.
2011-06-12 14:11:57 +00:00
Dr. Stephen Henson
f41154b206
#undef bn_div_words as it is defined for FIPS builds.
2011-06-10 14:03:27 +00:00
Dr. Stephen Henson
3096d53b46
Update dependencies for m_dss.c too.
2011-06-10 14:00:02 +00:00
Dr. Stephen Henson
068291cd44
Remove x509.h from SHA1 clone digests, update dependencies.
2011-06-10 13:52:44 +00:00
Dr. Stephen Henson
a1a8a71cf7
Install FIPS module in FIPSDIR if set.
2011-06-09 21:52:44 +00:00
Dr. Stephen Henson
603bc9395c
more prototypes in fips.h
2011-06-09 15:18:55 +00:00
Dr. Stephen Henson
da9234130a
Add more prototypes.
2011-06-09 13:50:53 +00:00
Dr. Stephen Henson
ca9335760b
fix memory leak
2011-06-08 15:55:43 +00:00
Dr. Stephen Henson
4960411e1f
Add flags for DH FIPS method.
...
Update/fix prototypes in fips.h
2011-06-08 15:53:08 +00:00
Dr. Stephen Henson
6b6abd627c
Set flags in ECDH and ECDSA methods for FIPS.
2011-06-08 13:52:36 +00:00
Andy Polyakov
7eabad423c
rc4_skey.c: remove dead/redundant code (it's never compiled) and
...
misleading/obsolete comment.
2011-06-06 20:02:26 +00:00
Dr. Stephen Henson
7f0d1be3a6
Add prototypes for some FIPS EC functions.
2011-06-06 15:24:02 +00:00
Dr. Stephen Henson
1c13c122d8
Set SSL_FIPS flag in ECC ciphersuites.
2011-06-06 14:14:41 +00:00
Dr. Stephen Henson
644ce07ecd
Move function prototype to fips.h
2011-06-06 11:56:58 +00:00
Andy Polyakov
17f121de9d
e_aes.c: move AES-NI run-time switch and implement the switch for remaining modes.
2011-06-06 11:40:03 +00:00
Andy Polyakov
4d01f2761d
x86_64cpuid.pl: fix typo.
2011-06-04 13:08:25 +00:00
Andy Polyakov
301799b803
x86[_64]cpuid.pl: add function accessing rdrand instruction.
2011-06-04 12:20:45 +00:00
Richard Levitte
8d515259e2
No spaces in assignements in a shell script...
2011-06-04 09:00:59 +00:00
Dr. Stephen Henson
4f8f8bf3a4
fix error discrepancy
2011-06-03 18:50:24 +00:00
Dr. Stephen Henson
b8b90804b6
license correction, no EAY code included in this file
2011-06-03 17:56:17 +00:00
Dr. Stephen Henson
549c4ad35b
Add "OPENSSL_FIPSCAPABLE" define for a version of OpenSSL which is
...
FIPS capable: i.e. FIPS module is supplied externally.
2011-06-03 16:26:58 +00:00
Dr. Stephen Henson
267229b141
Constify RSA signature buffer.
2011-06-03 12:38:18 +00:00
Dr. Stephen Henson
946f57105f
Typo.
2011-06-02 18:20:55 +00:00
Dr. Stephen Henson
2280dc7c43
Remove FIPS RSA functions from crypto/rsa.
2011-06-02 17:52:39 +00:00
Dr. Stephen Henson
0cabe4e172
Move FIPS RSA function definitions to fips.h
...
New function to lookup digests by NID in module.
Minor optimisation: if supplied hash is NULL to FIPS RSA functions and
we are using PKCS padding get digest NID from otherwise unused saltlen
parameter instead.
2011-06-02 17:30:22 +00:00
Dr. Stephen Henson
b6df360b9e
Simple automated certificate creation demo.
2011-06-01 18:36:49 +00:00
Dr. Stephen Henson
e7ee10d3dc
Clone digest prototypes.
2011-06-01 14:18:28 +00:00
Dr. Stephen Henson
bce1af7762
Add DSA and ECDSA "clone digests" to module for compatibility with old
...
applications.
2011-06-01 14:07:32 +00:00
Dr. Stephen Henson
654ac273c1
typo
2011-06-01 11:10:35 +00:00
Dr. Stephen Henson
8f119a0357
set FIPS permitted flag before initalising digest
2011-05-31 16:24:19 +00:00
Dr. Stephen Henson
06843f826f
Fake CPU caps so fips_standalone_sha1 compiles.
...
Initialise update function for bad digest inits.
2011-05-31 16:22:21 +00:00
Dr. Stephen Henson
1b2047c5c0
Don't round up partitioned premaster secret length if there is only one
...
digest in use: this caused the PRF to fail for an odd premaster secret
length.
2011-05-31 10:34:43 +00:00
Dr. Stephen Henson
eda3766b53
Output supported curves in preference order instead of numerically.
2011-05-30 17:58:13 +00:00
Andy Polyakov
62b6c5c404
e_aes.c: fix typo.
2011-05-30 10:13:42 +00:00
Andy Polyakov
e76cbcf686
e_aes.c: fix aes_cfb1_cipher.
2011-05-30 10:10:05 +00:00
Andy Polyakov
d1fff483d6
e_aes.c: integrate AESNI directly into EVP.
2011-05-30 09:16:01 +00:00
Andy Polyakov
8da721ee2b
aesni-x86[_64].pl: relax alignment requirement.
2011-05-30 09:15:16 +00:00