aboutsummaryrefslogtreecommitdiff
path: root/crypto
AgeCommit message (Collapse)AuthorFilesLines
2011-02-15Add FIPS flags to AES ciphers and SHA* digests.Dr. Stephen Henson2-11/+14
2011-02-14Add ECDSA functionality to fips module. Initial very incomplete versionDr. Stephen Henson3-1/+45
of algorithm test program.
2011-02-14Include support for an add_lock callback to tiny FIPS locking API.Dr. Stephen Henson1-2/+2
2011-02-14Don't use FIPS api for ec2_oct.cDr. Stephen Henson1-2/+0
2011-02-14Reorganise ECC code for inclusion in FIPS module.Dr. Stephen Henson14-782/+1055
Move compression, point2oct and oct2point functions into separate files. Add a flags field to EC_METHOD. Add a flag EC_FLAGS_DEFAULT_OCT to use the default compession and oct functions (all existing methods do this). This removes dependencies from EC_METHOD while keeping original functionality.
2011-02-14Use BN_nist_mod_func to avoid need to peek error queue.Dr. Stephen Henson1-31/+7
2011-02-14New function BN_nist_mod_func which returns an appropriate functionDr. Stephen Henson2-0/+17
if the passed prime is a NIST prime.
2011-02-13Remove dependency of dsa_sign.o and dsa_vrf.o: new functions FIPS_dsa_sig_newDr. Stephen Henson3-27/+2
and FIPS_dsa_sig_free, reimplment DSA_SIG_new and DSA_SIG_free from ASN1 library.
2011-02-12Disable some functions in headers with no-ec2mDr. Stephen Henson2-0/+6
2011-02-12New option to disable characteristic two fields in EC code.Dr. Stephen Henson17-30/+91
2011-02-12dso_dlfcn.c: make it work on Tru64 4.0.Andy Polyakov1-0/+1
PR: 2316
2011-02-12gcm128.c: make it work with no-sse2.Andy Polyakov1-0/+2
2011-02-11In FIPS mode only use "Generation by Testing Candidates" equivalent.Dr. Stephen Henson1-0/+8
2011-02-11Return security strength for supported DSA parameters: will be usedDr. Stephen Henson1-7/+10
later.
2011-02-11Free keys if DSA pairwise error.Dr. Stephen Henson1-1/+5
2011-02-10x86gas.pl: make data_short work on legacy systems.Andy Polyakov1-1/+1
2011-02-10xts128.c: initial draft.Andy Polyakov1-0/+189
2011-02-09Add GCM IV generator. Add some FIPS restrictions to GCM. Update fips_gcmtest.Dr. Stephen Henson2-10/+75
2011-02-08ccm128.c: initialize ctx->block (what I was smoking?).Andy Polyakov1-1/+2
2011-02-08ccm128.c: initial draft.Andy Polyakov1-0/+303
2011-02-08Link GCM into FIPS module. Check return value in EVP gcm.Dr. Stephen Henson2-3/+14
2011-02-07gcm128.c: add boundary condition checks.Andy Polyakov2-30/+64
2011-02-07Initial *very* experimental EVP support for AES-GCM. Note: probably veryDr. Stephen Henson2-1/+216
broken and subject to change.
2011-02-07Add CRYPTO_gcm128_tag() function to retrieve the tag.Dr. Stephen Henson2-0/+7
2011-02-07Use 0 not -1 (since type is size_t) for finalisation argument to do_cipher:Dr. Stephen Henson1-3/+3
the NULL value for the input buffer is sufficient to notice this case.
2011-02-07New flags EVP_CIPH_FLAG_CUSTOM_CIPHER in cipher structures if an underlyingDr. Stephen Henson2-1/+48
cipher handles all cipher symantics itself.
2011-02-07Fix memory leak.Dr. Stephen Henson1-0/+2
2011-02-07Use default ASN1 if flag set.Dr. Stephen Henson1-0/+2
2011-02-06gcm128.c: allow multiple calls to CRYPTO_gcm128_aad.Andy Polyakov1-22/+64
2011-02-06gcm128.c: fix bug in OPENSSL_SMALL_FOOTPRINT decrypt.Andy Polyakov1-5/+7
PR: 2432 Submitted by: Michael Heyman
2011-02-03Add FIPS support to the WIN32 build system.Dr. Stephen Henson3-1/+5
2011-02-03Transfer error redirection to fips.h, add OPENSSL_FIPSAPI to source filesDr. Stephen Henson18-12/+32
that use it.
2011-02-03Rename crypto/fips_err.c to fips_ers.c to avoid clash with other fips_err.cDr. Stephen Henson2-2/+9
2011-02-03Include fips header file in err_all.c if needed.Dr. Stephen Henson1-0/+3
2011-02-03Add FIPS error codes.Dr. Stephen Henson4-2/+150
2011-02-03For now disable EC_GFp_nistp224_method() for WIN32 so the WIN32 buildDr. Stephen Henson1-0/+2
completes without linker errors.
2011-02-03Use single X931 key generation source file for FIPS and non-FIPS builds.Dr. Stephen Henson2-2/+285
2011-02-03Assorted bugfixes:Bodo Möller2-32/+31
- safestack macro changes for C++ were incomplete - RLE decompression boundary case - SSL 2.0 key arg length check Submitted by: Google (Adam Langley, Neel Mehta, Bodo Moeller)
2011-02-03make updateBodo Möller9-25/+99
2011-02-03Fix error codes.Bodo Möller9-31/+41
2011-02-02Make no-asm work in fips mode. Add android platform.Dr. Stephen Henson1-1/+2
2011-02-02Add sign/verify digest API to handle an explicit digest instead of finalisingDr. Stephen Henson2-0/+11
a context.
2011-02-01fixes for DSA2 parameter generationDr. Stephen Henson1-4/+5
2011-02-01Since FIPS 186-3 specifies we use the leftmost bits of the digestDr. Stephen Henson1-18/+0
we shouldn't reject digest lengths larger than SHA256: the FIPS algorithm tests include SHA384 and SHA512 tests.
2011-01-31Provisional, experimental support for DSA2 parameter generation algorithm.Dr. Stephen Henson5-2/+278
Not properly integrated or tested yet.
2011-01-30stop warnings about no previous prototype when compiling shared enginesDr. Stephen Henson1-0/+3
2011-01-27Move all FIPSAPI renames into fips.h header file, include early inDr. Stephen Henson13-102/+24
crypto.h if needed. Modify source tree to handle change.
2011-01-27Redirect FIPS memory allocation to FIPS_malloc() routine, removeDr. Stephen Henson11-0/+52
OpenSSL malloc dependencies.
2011-01-27Update source files to handle new FIPS_lock() location. Add FIPS_lock()Dr. Stephen Henson2-0/+8
definition. Remove stale function references from fips.h
2011-01-27Change OPENSSL_FIPSEVP to OPENSSL_FIPSAPI as it doesn't just referDr. Stephen Henson10-12/+17
to EVP any more. Move locking #define into fips.h. Set FIPS locking callbacks at same time as OpenSSL locking callbacks.
generated by cgit v1.1 at 2024-08-11 13:32:32 +0000