Age | Commit message (Collapse) | Author | |
---|---|---|---|
2011-11-25 | return error if counter exceeds limit and seed value supplied | Dr. Stephen Henson | |
2011-11-25 | check counter value against 4 * L, not 4096 | Dr. Stephen Henson | |
2011-11-05 | Add single call public key sign and verify functions. | Dr. Stephen Henson | |
2011-10-16 | L=3072, N=256 provides 128 bits of security not 112. | Dr. Stephen Henson | |
2011-09-14 | Allow for dynamic base in Win64 FIPS module. | Andy Polyakov | |
2011-09-05 | make update | Bodo Möller | |
2011-08-27 | Add support for DSA2 PQG generation of g parameter. | Dr. Stephen Henson | |
2011-08-26 | Add support for canonical generation of DSA parameter g. | Dr. Stephen Henson | |
Modify fips_dssvs to support appropriate file format. | |||
2011-06-20 | make EVP_dss() work for DSA signing | Dr. Stephen Henson | |
2011-05-11 | Rename FIPS_mode_set and FIPS_mode. Theses symbols will be defined in | Dr. Stephen Henson | |
the FIPS capable OpenSSL. | |||
2011-05-08 | allow SHA384, SHA512 wit DSA | Dr. Stephen Henson | |
2011-04-24 | Fix warning. | Dr. Stephen Henson | |
2011-04-24 | fips_check_dsa_prng() should only be built when OPENSSL_FIPS is defined. | Richard Levitte | |
2011-04-23 | More fixes for DSA FIPS overrides. | Dr. Stephen Henson | |
2011-04-23 | Make sure overrides work for RSA/DSA. | Dr. Stephen Henson | |
2011-04-23 | Add PRNG security strength checking. | Dr. Stephen Henson | |
2011-04-19 | Use 0 for tbslen to perform strlen. | Dr. Stephen Henson | |
2011-04-14 | Remove several of the old obsolete FIPS_corrupt_*() functions. | Dr. Stephen Henson | |
2011-04-14 | Initial incomplete POST overhaul: add support for POST callback to | Dr. Stephen Henson | |
allow status of POST to be monitored and/or failures induced. | |||
2011-04-07 | DH keys have an (until now) unused 'q' parameter. When creating | Dr. Stephen Henson | |
from DSA copy q across and if q present generate DH key in the correct range. | |||
2011-04-04 | check RAND_pseudo_bytes return value | Dr. Stephen Henson | |
2011-03-24 | make update | Richard Levitte | |
2011-03-12 | Add SRP support. | Ben Laurie | |
2011-02-21 | Update dependencies. | Dr. Stephen Henson | |
2011-02-15 | Update pairwise consistency checks to use SHA-256. | Dr. Stephen Henson | |
2011-02-13 | Remove dependency of dsa_sign.o and dsa_vrf.o: new functions FIPS_dsa_sig_new | Dr. Stephen Henson | |
and FIPS_dsa_sig_free, reimplment DSA_SIG_new and DSA_SIG_free from ASN1 library. | |||
2011-02-11 | Return security strength for supported DSA parameters: will be used | Dr. Stephen Henson | |
later. | |||
2011-02-11 | Free keys if DSA pairwise error. | Dr. Stephen Henson | |
2011-02-03 | Transfer error redirection to fips.h, add OPENSSL_FIPSAPI to source files | Dr. Stephen Henson | |
that use it. | |||
2011-02-03 | make update | Bodo Möller | |
2011-02-02 | Add sign/verify digest API to handle an explicit digest instead of finalising | Dr. Stephen Henson | |
a context. | |||
2011-02-01 | fixes for DSA2 parameter generation | Dr. Stephen Henson | |
2011-02-01 | Since FIPS 186-3 specifies we use the leftmost bits of the digest | Dr. Stephen Henson | |
we shouldn't reject digest lengths larger than SHA256: the FIPS algorithm tests include SHA384 and SHA512 tests. | |||
2011-01-31 | Provisional, experimental support for DSA2 parameter generation algorithm. | Dr. Stephen Henson | |
Not properly integrated or tested yet. | |||
2011-01-27 | Move all FIPSAPI renames into fips.h header file, include early in | Dr. Stephen Henson | |
crypto.h if needed. Modify source tree to handle change. | |||
2011-01-27 | Redirect FIPS memory allocation to FIPS_malloc() routine, remove | Dr. Stephen Henson | |
OpenSSL malloc dependencies. | |||
2011-01-27 | Change OPENSSL_FIPSEVP to OPENSSL_FIPSAPI as it doesn't just refer | Dr. Stephen Henson | |
to EVP any more. Move locking #define into fips.h. Set FIPS locking callbacks at same time as OpenSSL locking callbacks. | |||
2011-01-26 | FIPS mode DSA changes: | Dr. Stephen Henson | |
Check for selftest failures. Pairwise consistency test for RSA key generation. Use some EVP macros instead of EVP functions. Use minimal FIPS EVP where needed. Key size restrictions. | |||
2011-01-25 | Move DSA_sign, DSA_verify to dsa_asn1.c and include separate versions of | Dr. Stephen Henson | |
DSA_SIG_new() and DSA_SIG_free() to remove ASN1 dependencies from DSA_do_sign() and DSA_do_verify(). | |||
2011-01-25 | recalculate DSA signature if r or s is zero (FIPS 186-3 requirement) | Dr. Stephen Henson | |
2011-01-19 | Add additional parameter to dsa_builtin_paramgen to output the generated | Dr. Stephen Henson | |
seed to: this doesn't introduce any binary compatibility issues as the function is only used internally. The seed output is needed for FIPS 140-2 algorithm testing: the functionality used to be in DSA_generate_parameters_ex() but was removed in OpenSSL 1.0.0 | |||
2010-10-11 | PR: 2295 | Dr. Stephen Henson | |
Submitted by: Alexei Khlebnikov <alexei.khlebnikov@opera.com> Reviewed by: steve OOM checking. Leak in OOM fix. Fall-through comment. Duplicate code elimination. | |||
2010-10-04 | fix signature printing routines | Dr. Stephen Henson | |
2010-06-12 | Fix warnings. | Ben Laurie | |
2010-04-20 | PR: 2241 | Dr. Stephen Henson | |
Submitted By: Artemy Lebedev <vagran.ast@gmail.com> Typo. | |||
2010-03-08 | correct error code | Dr. Stephen Henson | |
2010-03-06 | Add algorithm specific signature printing. An individual ASN1 method can | Dr. Stephen Henson | |
now print out signatures instead of the standard hex dump. More complex signatures (e.g. PSS) can print out more meaningful information. Sample DSA version included that prints out the signature parameters r, s. [Note EVP_PKEY_ASN1_METHOD is an application opaque structure so adding new fields in the middle has no compatibility issues] | |||
2010-01-22 | Tolerate PKCS#8 DSA format with negative private key. | Dr. Stephen Henson | |
2009-12-01 | check DSA_sign() return value properly | Dr. Stephen Henson | |
2009-10-18 | make update | Dr. Stephen Henson | |