summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)Author
2017-08-30c6x/* "facelift":OpenSSL-fips-2_0-devAndy Polyakov
- make scripts executable; - "parameterize" platform selection in c6x/do_fips; - add c6x/fips_algvs.mak; - add c6x/run6x.js launcher for more recent CCS versions; Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Stephen Henson <steve@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4265)
2017-08-30Add some C64x assembly modules [by minor adjustments of C64x+ modules].Andy Polyakov
AES, SHA256 and SHA512 modules can actually replace corresponding C64x+ modules. This is because C64x+ instructions don't actually provide "killer-argument" advantage in these modules. As for SHA1, even though its performance exactly same, C64x+ module is more responsive to interrupts, i.e. doesn't inhibit them for as long periods as C64x module. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Stephen Henson <steve@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4265)
2017-08-21Add "wishlist" of desired but possibly unobtainable fixes/improvementsSteve Marquess
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Stephen Henson <steve@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4208)
2017-08-16Add linux-mips32be target for new platformSteve Marquess
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3300)
2016-07-01FIPS MIPS assembly pack refresh.Andy Polyakov
Backport CVE-2014-3570 bug and postability fixes. Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-21PowerPC assembly pack: add POWER8 support.Andy Polyakov
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2015-05-20crypto/modes/modes_lcl.h: let STRICT_ALIGNMENT be on ARMv7.Andy Polyakov
While ARMv7 in general is capable of unaligned access, not all instructions actually are. And trouble is that compiler doesn't seem to differentiate those capable and incapable of unaligned access. Side effect is that kernel goes into endless loop retrying same instruction triggering unaligned trap. Problem was observed in xts128.c and ccm128.c modules. It's possible to resolve it by using (volatile u32*) casts, but letting STRICT_ALIGNMENT be feels more appropriate. (cherry picked from commit 3bdd80521a81d50ade4214053cd9b293f920a77b) Reviewed-by: Dr. Stephen Henson <steve@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-05-13util/incore update that allows FINGERPRINT_premain-free build.Andy Polyakov
As for complementary fips.c modification. Goal is to ensure that FIPS_signature does not end up in .bss segment, one guaranteed to be zeroed upon program start-up. One would expect explicitly initialized values to end up in .data segment, but it turned out that values explicitly initialized with zeros can end up in .bss. The modification does not affect program flow, because first byte was the only one of significance [to FINGERPRINT_premain]. Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit 34f39b062c76fbd3082521b26edee7f53afc061d)
2015-05-13Add support for Android 5, both 32- and 64-bit cases.Andy Polyakov
Special note about additional -pie flag in android-armv7. The initial reason for adding it is that Android 5 refuses to execute non-PIE binaries. But what about older systems and previously validated platforms? It should be noted that flag is not used when compiling object code, fipscanister.o in this context, only when linking applications, *supplementary* fips_algvs used during validation procedure. Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit 6db8e3bdc9ef83d83b83f3eec9722c96daa91f82) Resolved conflicts: test/fips_algvs.c
2015-05-13Additional vxWorks target.Andy Polyakov
Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit 50e2a0ea4615124aa159e8f43317dedcf0cfcaa2)
2015-05-13Configure: add ios-cross target with ARM assembly support.Andy Polyakov
Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit 97fbb0c88c2f601f98e25e57b9f6f9679d14f3a8) Resolved conflicts: Configure config
2015-05-13Add iOS-specific armv4cpud.S module.Andy Polyakov
Normally it would be generated from a perlasm module, but doing so would affect existing armv4cpuid.S, which in turn would formally void previously validated platforms. Hense separate module is generated. Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit 5837e90f08ffcf5ad84933793bc285630018ce26)
2015-05-13Adapt ARM assembly pack for iOS.Andy Polyakov
This is achieved by filtering perlasm output through arm-xlate.pl. But note that it's done only if "flavour" argument is not 'void'. As 'void' is default value for other ARM targets, permasm output is not actually filtered on previously validated platforms. Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit 874faf2ffb22187ad5483d9691a3a2eb7112f161)
2015-05-13Configure: engage ARMv8 assembly pack in ios64-cross target.Andy Polyakov
Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit c6d109051d1c2b9a453427a2a53ad3d40acc9276) Resolved Conflicts: Configure
2015-05-13Engage ARMv8 assembly pack.Andy Polyakov
Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit 083ed53defb42ab4d3488bc7f80d9170d22293e7)
2015-05-13Add ARMv8 assembly pack.Andy Polyakov
Reviewed-by: Dr. Stephen Henson <steve@openssl.org> (cherry picked from commit b84813ec017cb03b8dd0b85bce2bb3e021c45685)
2014-10-23Configure: add ios64 target.Andy Polyakov
Reviewed-by: Steve Marquess <marquess@openssl.org> (cherry picked from commit b06f7d9ac0752083e7443dddc9e5ac3e198063d4)
2014-10-23Add iOS-specific FIPS addendum code.Andy Polyakov
Reviewed-by: Steve Marquess <marquess@openssl.org>
2014-09-08RT2849: Redundant check of "dsa" variable.Rich Salz
In the current code, the check isn't redundant. And in fact the REAL check was missing. This avoids a NULL-deref crash. Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2014-07-11Fix copy for CCM, GCM and XTS.Dr. Stephen Henson
Internal pointers in CCM, GCM and XTS contexts should either be NULL or set to point to the appropriate key schedule. This needs to be adjusted when copying contexts. Combination of 2 commits: 370bf1d708e6d7af42e1752fb078d0822c9bc73d c2fd5d79ffc4fc9d120a0faad579ce96473e6a2f
2014-07-05Only cleanse sbuf if it is not NULL.Dr. Stephen Henson
PR#2339
2014-07-05Check return smaller of ret and f.Alan Hryngle
PR#3418. (cherry picked from commit d4909f9a8dbbda9c5d140476b34a8f80b02b51f3)
2014-04-02cryptlib.c: fix typo in WIN32 version of OPENSSL_showfatal.Andy Polyakov
2013-01-23Add verbose option to fips_test_suite to give additional details ofDr. Stephen Henson
all operations. Add ecdsa test. Test crypto operations are inhibited on test failures. Test on demand POST.
2013-01-16Now GMAC is fixed remove workaround.Dr. Stephen Henson
2013-01-10Add .gitignoreDr. Stephen Henson
2012-12-28Make DES3 and ECDSA self tests continue with remaining cases onDr. Stephen Henson
failure. Make fips_test_suite induced failure work on every possible subtest instead of just categories of subtest.
2012-12-16VC-32.pl: fix typo [from HEAD].Andy Polyakov
Submitted by: Pierre Delaage
2012-10-29Cumulative updates from HEAD.Andy Polyakov
2012-10-19update DRBG to handle new file formatOpenSSL-fips-2_0-pl1Dr. Stephen Henson
2012-10-16aix[64]-cc: get MT support right (gcc targets are not affected).Dr. Stephen Henson
(backport from HEAD)
2012-10-16Don't require tag before ciphertext in AESGCM modeDr. Stephen Henson
2012-10-15e_aes.c: uninitialized variable in aes_ccm_init_key.Dr. Stephen Henson
PR: 2874 Submitted by: Tomas Mraz (backport from HEAD)
2012-10-14reset ctx->num for CTR mode for FIPS EVPDr. Stephen Henson
2012-10-14sha1-armv4-large.pl: comply with ABI.Dr. Stephen Henson
(backport from HEAD)
2012-10-14gcm128.c: fix AAD-only case with AAD length not divisible by 16.Dr. Stephen Henson
PR: 2859 Submitted by: John Foley (backport from HEAD)
2012-10-14optimize make_kn (from HEAD, by Andy)Dr. Stephen Henson
2012-10-14CMAC reset fix (from HEAD)Dr. Stephen Henson
2012-10-14Add BSD-ppc85xx support and avoid copying overlapping buffers in fips_dssvs.cDr. Stephen Henson
2012-10-04Add support for Windows CE and C64+ to FIPS module. (from fips2-stable)Dr. Stephen Henson
2012-10-04file TI_CGTOOLS.pl was added on branch OpenSSL-fips-2_0-dev on 2012-10-04 ↵Dr. Stephen Henson
14:27:39 +0000
2012-10-04file fips_standalone_sha1 was added on branch OpenSSL-fips-2_0-dev on ↵Dr. Stephen Henson
2012-10-04 14:27:38 +0000
2012-10-04file run6x was added on branch OpenSSL-fips-2_0-dev on 2012-10-04 14:27:33 +0000Dr. Stephen Henson
2012-10-04file incore6x was added on branch OpenSSL-fips-2_0-dev on 2012-10-04 ↵Dr. Stephen Henson
14:27:33 +0000
2012-10-04file hmac_sha1.pl was added on branch OpenSSL-fips-2_0-dev on 2012-10-04 ↵Dr. Stephen Henson
14:27:33 +0000
2012-10-04file fipscanister.cmd was added on branch OpenSSL-fips-2_0-dev on 2012-10-04 ↵Dr. Stephen Henson
14:27:33 +0000
2012-10-04file fips_standalone_sha1 was added on branch OpenSSL-fips-2_0-dev on ↵Dr. Stephen Henson
2012-10-04 14:27:33 +0000
2012-10-04file env was added on branch OpenSSL-fips-2_0-dev on 2012-10-04 14:27:33 +0000Dr. Stephen Henson
2012-10-04file do_fips was added on branch OpenSSL-fips-2_0-dev on 2012-10-04 14:27:33 ↵Dr. Stephen Henson
+0000
2012-06-07automatically make output directory is using minimal scriptDr. Stephen Henson
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-03 07:23:03 +0000