Dr. Stephen Henson
de2132de93
Delete strength parameter from FIPS_drbg_generate. It isn't very useful
...
(strength can be queried using FIPS_drbg_get_strength ) and adds a
substantial extra overhead to health check (need to check every combination
of parameters).
2011-09-12 13:20:57 +00:00
Dr. Stephen Henson
9e56c99e1a
Check we recognise DRBG type in fips_drbgvs.c initialised DRBG_CTX if we
...
don't set type in FIPS_drbg_new().
2011-09-12 12:56:20 +00:00
Andy Polyakov
543dfa9f0e
vpaes-x86[_64]*.pl: fix typo.
2011-09-12 12:50:00 +00:00
Andy Polyakov
a87ff751b7
Add so called Vector Permutation AES x86[_64] assembler, see
...
http://crypto.stanford.edu/vpaes/ for background information.
It's not integrated into build system yet.
2011-09-12 08:25:14 +00:00
Dr. Stephen Henson
288fe07a6e
Fix 3DES Monte Carlo test file output which previously outputted
...
extra bogus lines. Update fipsalgtest.pl to tolerate the old format.
2011-09-11 18:05:40 +00:00
Dr. Stephen Henson
7fdcb45745
Add support for Dual EC DRBG from SP800-90. Include updates to algorithm
...
tests and POST code.
2011-09-09 17:16:43 +00:00
Dr. Stephen Henson
e4588dc486
Add /fixed option to linker with fips builds.
2011-09-08 13:55:47 +00:00
Dr. Stephen Henson
d98360392a
Put quick DRBG selftest return after first generate operation.
2011-09-07 10:26:38 +00:00
Andy Polyakov
33987f2f45
engines/asm/e_padlock-x86_64.pl: name it right and fix small bug.
2011-09-06 22:53:34 +00:00
Dr. Stephen Henson
bbb19418e6
Add error codes for DRBG KAT failures.
...
Add abbreviated DRBG KAT for POST which only performs a single generate
operations instead of four.
2011-09-06 20:46:27 +00:00
Andy Polyakov
ed28aef8b4
Padlock engine: make it independent of inline assembler.
2011-09-06 20:45:36 +00:00
Dr. Stephen Henson
0486cce653
Initialise X509_STORE_CTX properly so CRLs with nextUpdate date in the past
...
produce an error (CVE-2011-3207)
2011-09-06 15:15:09 +00:00
Dr. Stephen Henson
0f8d4d49dc
Update FAQ.
2011-09-06 13:55:22 +00:00
Andy Polyakov
f952716745
config: don't add -Wa options with no-asm.
2011-09-05 16:31:51 +00:00
Andy Polyakov
dd83d0f4a7
crypto/bn/bn_gf2m.c: make it work with BN_DEBUG.
2011-09-05 16:14:43 +00:00
Dr. Stephen Henson
ea17b0feec
Check reseed interval before generating output.
2011-09-05 15:45:13 +00:00
Dr. Stephen Henson
7634137b8a
Place DRBG in error state if health check fails.
2011-09-05 15:32:32 +00:00
Bodo Möller
2c472780c0
oops
2011-09-05 13:43:56 +00:00
Bodo Möller
c519e89f5c
Fix session handling.
2011-09-05 13:36:23 +00:00
Bodo Möller
612fcfbd29
Fix d2i_SSL_SESSION.
2011-09-05 13:31:17 +00:00
Bodo Möller
e7928282d0
(EC)DH memory handling fixes.
...
Submitted by: Adam Langley
2011-09-05 10:25:31 +00:00
Bodo Möller
837e1b6812
Fix memory leak on bad inputs.
2011-09-05 09:57:20 +00:00
Bodo Möller
ae53b299fa
make update
2011-09-05 09:46:15 +00:00
Bodo Möller
03a64ef56d
Fix expected DEFFLAG for default config.
2011-09-05 09:43:44 +00:00
Bodo Möller
f0ecb86666
Fix error codes.
2011-09-05 09:42:34 +00:00
Bodo Möller
acb4ab34a4
Synchronize with 1.0.1 CHANGES file.
2011-09-05 09:30:50 +00:00
Dr. Stephen Henson
74c40744ca
Don't perform full DRBG health check on all DRBG types on power up, just
...
one shorter KAT per mechanism.
2011-09-04 22:48:06 +00:00
Dr. Stephen Henson
1567b3904c
Update dependencies.
2011-09-04 18:44:28 +00:00
Dr. Stephen Henson
06e771b580
Add header to Makefile.
2011-09-04 18:36:20 +00:00
Dr. Stephen Henson
eb9e63df61
Extension of DRBG selftests using new data.
...
Test PR and no PR and test initial generate before the reseed too.
Move selftest data to separate fips_drbg_selftest.h header file.
2011-09-04 18:35:33 +00:00
Dr. Stephen Henson
fa85c1dbf5
Rename some more symbols for fips module.
2011-09-02 15:10:54 +00:00
Dr. Stephen Henson
a60cc6b4f0
Don't use *from++ in tolower as this is implemented as a macro on some
...
platforms. Thanks to Shayne Murray <Shayne.Murray@Polycom.com> for
reporting this issue.
2011-09-02 11:28:27 +00:00
Dr. Stephen Henson
2c1f5ce4b1
PR: 2576
...
Submitted by: Doug Goldstein <cardoe@gentoo.org>
Reviewed by: steve
Include header file stdlib.h which is needed on some platforms to get
getenv() declaration.
2011-09-02 11:20:15 +00:00
Dr. Stephen Henson
c41b505459
Sync ordinals with 1.0.1-stable.
2011-09-01 17:12:35 +00:00
Dr. Stephen Henson
74e056edbc
PR: 2340
...
Submitted by: "Mauro H. Leggieri" <mxmauro@caiman.com.ar>
Reviewed by: steve
Stop warnings if OPENSSL_NO_DGRAM is defined.
2011-09-01 15:01:35 +00:00
Dr. Stephen Henson
ff7231043f
make timing attack protection unconditional
2011-09-01 14:23:09 +00:00
Dr. Stephen Henson
5e92fd244c
Stop warnings.
2011-09-01 14:15:47 +00:00
Dr. Stephen Henson
d41ce00b8c
PR: 2573
...
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de>
Reviewed by: steve
Fix DTLS buffering and decryption bug.
2011-09-01 14:02:23 +00:00
Dr. Stephen Henson
04485c5bc0
PR: 2589
...
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve
Initialise p pointer.
2011-09-01 13:52:48 +00:00
Dr. Stephen Henson
d77a970669
PR: 2588
...
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve
Close file pointer.
2011-09-01 13:49:16 +00:00
Dr. Stephen Henson
f7924634d4
PR: 2586
...
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve
Zero structure fields properly.
2011-09-01 13:45:46 +00:00
Dr. Stephen Henson
d3f6a5a01d
PR: 2586
...
Submitted by: Thomas Jarosch <thomas.jarosch@intra2net.com>
Reviewed by: steve
Fix brace mismatch.
2011-09-01 13:37:37 +00:00
Dr. Stephen Henson
d35c284b73
Print private key component is -exout parameter is given.
2011-08-29 16:09:07 +00:00
Dr. Stephen Henson
00220f8111
Fix ecdh primitives test command line.
2011-08-29 15:35:35 +00:00
Andy Polyakov
cfdbff23ab
bn_exp.c: improve portability.
2011-08-27 19:38:55 +00:00
Andy Polyakov
f7eb0ab9ac
util/incore: fix typo.
2011-08-27 19:37:25 +00:00
Dr. Stephen Henson
2abaa9caaf
Add support for DSA2 PQG generation of g parameter.
2011-08-27 12:30:47 +00:00
Dr. Stephen Henson
f55f5f775e
Add support for canonical generation of DSA parameter g.
...
Modify fips_dssvs to support appropriate file format.
2011-08-26 14:51:49 +00:00
Dr. Stephen Henson
7daf0efad9
Fix warning.
2011-08-25 19:50:51 +00:00
Dr. Stephen Henson
edd4d402c6
Don't use some object files in FIPS build.
2011-08-23 23:35:30 +00:00