mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-02-05 14:10:53 +08:00
Code Issues Packages Projects Releases Wiki Activity
1bfc8d17f3
openssl/crypto
History
Dimitri John Ledkov 1bfc8d17f3 rsa-oaep: block SHAKE usage in FIPS mode 
NIST SP 800-56 rev2 only allows using approved hash algorithms in
OAEP. Unlike FIPS 186-5 it doesn't have text allowing to use XOF SHAKE
functions. Maybe future revisions of SP 800-56 will adopt similar text
to FIPS 186-5 and allow XOF as MD and MGF (not MGF1).

RFC documents do not specify if SHAKE is allowed or blocked for usage
(i.e. there is no equivalent of RFC 8692 or RFC 8702 for OAEP). Status
quo allows their usage.

Add test cases for SHAKE in RSA-OAEP as allowed in default provider,
and blocked in fips.

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24387)
2024-05-22 15:31:00 +02:00
..
aes Unable to run asm code on OpenBSD (amd64) 2024-04-17 09:38:06 +02:00
aria
asn1 Move ossl_asn1_string_to_time_t() to libtestutil 2024-05-07 12:07:49 +02:00
async posix_async: FreeBSD also defines {make|swap|get|set}context 2024-04-04 08:45:13 +02:00
bf
bio Remove all references to FLOSS for NonStop Builds. 2024-04-24 09:35:29 +02:00
bn Optimizated calculation of shared power of 2 in bn_gcd 2024-05-15 13:37:48 +02:00
buffer
camellia Unable to run asm code on OpenBSD (amd64) 2024-04-17 09:38:06 +02:00
cast
chacha chacha-riscv64-v-zbb.pl: better format 2024-05-08 11:10:45 +02:00
cmac Copyright year updates 2024-04-09 13:43:26 +02:00
cmp CMP: Improvements of the support for requesting CRL 2024-05-01 14:59:39 +02:00
cms Fix error handling in CMS_EncryptedData_encrypt 2024-05-06 10:13:20 +02:00
comp
conf Do not overwrite conf diagnostics in OSSL_LIB_CTX if not set in config file 2024-05-09 09:20:58 +02:00
crmf
ct
des
dh Copyright year updates 2024-04-09 13:43:26 +02:00
dsa Check DSA parameters for excessive sizes before validating 2024-05-16 15:44:40 +02:00
dso Copyright year updates 2024-04-09 13:43:26 +02:00
ec fips: zeroization of public security parameters (PSPs) 2024-05-13 11:14:11 +02:00
encode_decode Copyright year updates 2024-04-09 13:43:26 +02:00
engine Copyright year updates 2024-04-09 13:43:26 +02:00
err Add reason codes with the correct offset for two alerts 2024-05-14 15:27:17 +02:00
ess ess_lib.c: Changed ERR_LIB_CMS to ERR_LIB_ESS 2024-04-30 09:21:30 +02:00
evp Intentionally break EVP_DigestFinal for SHAKE128 and SHAKE256 2024-05-15 12:10:32 +02:00
ffc fips: zeroization of public security parameters (PSPs) 2024-05-13 11:14:11 +02:00
hashtable Fix coverity-1596616 2024-04-26 17:09:06 +02:00
hmac
hpke Copyright year updates 2024-04-09 13:43:26 +02:00
http Copyright year updates 2024-04-09 13:43:26 +02:00
idea
kdf
lhash Copyright year updates 2024-04-09 13:43:26 +02:00
md2
md4
md5 md5: add assembly implementation for loongarch64 2023-12-27 10:15:29 +01:00
mdc2
modes Unable to run asm code on OpenBSD (amd64) 2024-04-17 09:38:06 +02:00
objects Typo fixes 2024-05-13 11:10:35 +02:00
ocsp
pem Copyright year updates 2023-09-28 14:23:29 +01:00
perlasm fix crash in ecp_nistz256_point_add_affine() 2024-05-22 15:15:04 +02:00
pkcs7 Copyright year updates 2024-04-09 13:43:26 +02:00
pkcs12 Copyright year updates 2024-04-09 13:43:26 +02:00
poly1305 poly1305.c: fix typo on POLY1305_BLOCK_SIZE 2024-04-17 09:41:14 +02:00
property Copyright year updates 2024-04-09 13:43:26 +02:00
rand internal/common.h: rename macro (un)likely to ossl_(un)likely 2023-11-03 21:08:22 +01:00
rc2
rc4
rc5
ripemd
rsa rsa-oaep: block SHAKE usage in FIPS mode 2024-05-22 15:31:00 +02:00
seed
sha Intentionally break EVP_DigestFinal for SHAKE128 and SHAKE256 2024-05-15 12:10:32 +02:00
siphash
sm2 fix sm2 encryption implementation bug. 2024-05-15 11:17:14 +02:00
sm3 riscv: Support sm3 on platforms with vlen >= 128. 2023-10-26 15:55:50 +01:00
sm4 Copyright year updates 2024-04-09 13:43:26 +02:00
srp Copyright year updates 2023-09-28 14:23:29 +01:00
stack Copyright year updates 2024-04-09 13:43:26 +02:00
store Adding missing NULL pointer check 2024-04-15 10:29:14 +02:00
thread
ts ts/ts_rsp_sign.c: Add the check for the EVP_MD_CTX_get_size() 2024-04-09 20:47:00 +02:00
txt_db
ui
whrlpool Unable to run asm code on OpenBSD (amd64) 2024-04-17 09:38:06 +02:00
x509 fix: extension critical definition to default false 2024-05-14 16:04:51 +02:00
alphacpuid.pl
arm64cpuid.pl
arm_arch.h Copyright year updates 2024-04-09 13:43:26 +02:00
armcap.c Copyright year updates 2024-04-09 13:43:26 +02:00
armv4cpuid.pl
asn1_dsa.c
bsearch.c
build.info Introduce new internal hashtable implementation 2024-04-24 12:03:30 +10:00
c64xpluscpuid.pl
context.c Do not use bit fields for context data flag variables 2024-05-09 09:20:58 +02:00
core_algorithm.c
core_fetch.c
core_namemap.c
cpt_err.c
cpuid.c Copyright year updates 2023-09-28 14:23:29 +01:00
cryptlib.c
ctype.c
cversion.c
der_writer.c
deterministic_nonce.c Correct top for EC/DSA nonces if BN_DEBUG is on 2024-05-02 09:21:30 +02:00
dllmain.c
ebcdic.c
ex_data.c Fix error handling in CRYPTO_get_ex_new_index 2023-09-21 14:43:08 +02:00
getenv.c
ia64cpuid.S
info.c Print CPUINFO also for riscv processors 2024-05-09 10:50:42 +02:00
init.c Copyright year updates 2024-04-09 13:43:26 +02:00
initthread.c crypto/initthread.c: fix misspelled OSSL_provider_init() in comment 2023-10-26 15:45:41 +01:00
loongarch64cpuid.pl LoongArch64 assembly pack: Really implement OPENSSL_rdtsc 2023-12-19 18:34:34 +01:00
loongarch_arch.h
loongarchcap.c
LPdir_nyi.c
LPdir_unix.c
LPdir_vms.c
LPdir_win32.c
LPdir_win.c
LPdir_wince.c
mem_clr.c
mem_sec.c Add locking to CRYPTO_secure_used 2023-12-01 09:03:04 -05:00
mem.c Introduce new internal hashtable implementation 2024-04-24 12:03:30 +10:00
mips_arch.h
o_dir.c
o_fopen.c
o_init.c
o_str.c Copyright year updates 2024-04-09 13:43:26 +02:00
o_time.c
packet.c
param_build_set.c ossl_param_build_set_multi_key_bn(): Do not set NULL BIGNUMs 2023-10-18 18:07:13 +02:00
param_build.c params: drop INT_MAX checks 2023-12-29 10:21:10 +01:00
params_dup.c
params_from_text.c Copyright year updates 2024-04-09 13:43:26 +02:00
params_idx.c.in
params.c Copyright year updates 2024-04-09 13:43:26 +02:00
pariscid.pl
passphrase.c
ppccap.c
ppccpuid.pl
provider_child.c
provider_conf.c Fix remaining provider config settings to be decisive in value 2023-12-27 09:32:48 +01:00
provider_core.c Fix up path generation to use OPENSSL_MODULES 2024-04-18 18:38:56 +02:00
provider_local.h
provider_predefined.c
provider.c
punycode.c
quic_vlint.c
rcu_internal.h Copyright year updates 2024-04-09 13:43:26 +02:00
README-sparse_array.md
riscv32cpuid.pl Implement riscv_vlen_asm for riscv32 2024-05-10 17:02:49 +02:00
riscv64cpuid.pl riscv: Add basic vector extension support 2023-10-26 15:55:49 +01:00
riscvcap.c crypto/riscvcap: fix function declaration for hwprobe_to_cap 2024-05-14 15:24:26 +02:00
s390x_arch.h
s390xcap.c
s390xcpuid.pl
self_test_core.c
sleep.c For Unix, refactor OSSL_sleep() to use nanosleep() instead of usleep() 2024-05-22 09:59:32 +02:00
sparccpuid.S
sparcv9cap.c
sparse_array.c typo fix 2024-04-04 08:34:17 +02:00
threads_lib.c
threads_none.c Add CRYPTO_atomic_store api 2024-04-24 12:03:03 +10:00
threads_pthread.c Add CRYPTO_atomic_store api 2024-04-24 12:03:03 +10:00
threads_win.c threads_win: fix build error with VS2010 2024-05-14 15:25:38 +02:00
time.c
trace.c "foo * bar" should be "foo *bar" 2023-09-11 10:15:30 +02:00
uid.c
vms_rms.h
x86_64cpuid.pl
x86cpuid.pl