openssl

mirror of https://github.com/openssl/openssl.git synced 2025-01-06 13:26:43 +08:00

Author	SHA1	Message	Date
Matt Caswell	a28d06f3e9	Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14235)	2021-02-18 15:05:17 +00:00
Shane Lontis	7b676cc8c6	Fix external symbols related to provider related security checks for keys and digests. Partial fix for #12964 This adds ossl_ names for the following symbols: digest_get_approved_nid, digest_get_approved_nid_with_sha1 digest_is_allowed, digest_md_to_nid, digest_rsa_sign_get_md_nid, securitycheck_enabled, dh_check_key, dsa_check_key, ec_check_key, Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14211)	2021-02-18 21:14:32 +10:00
Tomas Mraz	2741128e9d	Move the PROV_R reason codes to a public header The PROV_R codes can be returned to applications so it is useful to have some common set of provider reason codes for the applications or third party providers. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14086)	2021-02-11 09:34:31 +01:00
Shane Lontis	4605c5ab47	Fix dsa securitycheck for fips. Fixes #12627 Changed security check for DSA verification to match SP800-131Ar2 when the security strength is < 112. Fixed compilation error when using config opt 'no-fips-securitychecks' Removed TODO's from 20-test_cli_fips.t - there is no longer an TODO error. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13387)	2020-11-16 17:21:57 +10:00
Pauli	23b2fc0b50	rsa: add ossl_ prefix to internal rsa_ calls. The functions being: rsa_check_crt_components, rsa_check_key, rsa_check_pminusq_diff, rsa_check_prime_factor, rsa_check_prime_factor_range, rsa_check_private_exponent, rsa_check_public_exponent, rsa_digestinfo_encoding, rsa_fips186_4_gen_prob_primes, rsa_fromdata, rsa_get0_all_params, rsa_get0_libctx, rsa_get0_pss_params_30, rsa_get_lcm, rsa_mgf_nid2name, rsa_mp_coeff_names, rsa_mp_exp_names, rsa_mp_factor_names, rsa_new_with_ctx, rsa_oaeppss_md2nid, rsa_oaeppss_nid2name, rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx, rsa_padding_add_PKCS1_type_2_with_libctx, rsa_padding_add_SSLv23_with_libctx, rsa_padding_check_PKCS1_type_2_TLS, rsa_pkey_method, rsa_pss_params_30_copy, rsa_pss_params_30_fromdata, rsa_pss_params_30_hashalg, rsa_pss_params_30_is_unrestricted, rsa_pss_params_30_maskgenalg, rsa_pss_params_30_maskgenhashalg, rsa_pss_params_30_saltlen, rsa_pss_params_30_set_defaults, rsa_pss_params_30_set_hashalg, rsa_pss_params_30_set_maskgenalg, rsa_pss_params_30_set_maskgenhashalg, rsa_pss_params_30_set_saltlen, rsa_pss_params_30_set_trailerfield, rsa_pss_params_30_todata, rsa_pss_params_30_trailerfield, rsa_pss_pkey_method, rsa_set0_all_params, rsa_sp800_56b_check_keypair, rsa_sp800_56b_check_private, rsa_sp800_56b_check_public, rsa_sp800_56b_derive_params_from_pq, rsa_sp800_56b_generate_key, rsa_sp800_56b_pairwise_test, rsa_sp800_56b_validate_strength, rsa_todata, rsa_validate_pairwise, rsa_validate_private and rsa_validate_public. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13040)	2020-10-07 09:04:51 +10:00
Shane Lontis	991a6bb581	Add option to fipsinstall to disable fips security checks at run time. Changes merged from a patch by @richsalz. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12745)	2020-09-18 14:20:50 +01:00
Shane Lontis	7a810fac86	Add 'fips-securitychecks' option and plumb this into the actual fips checks Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12745)	2020-09-18 14:20:39 +01:00

7 Commits