summaryrefslogtreecommitdiffstats
path: root/crypto/dsa
AgeCommit message (Collapse)Author
2011-11-25return error if counter exceeds limit and seed value suppliedDr. Stephen Henson
2011-11-25check counter value against 4 * L, not 4096Dr. Stephen Henson
2011-11-05Add single call public key sign and verify functions.Dr. Stephen Henson
2011-10-16L=3072, N=256 provides 128 bits of security not 112.Dr. Stephen Henson
2011-09-14Allow for dynamic base in Win64 FIPS module.Andy Polyakov
2011-09-05make updateBodo Möller
2011-08-27Add support for DSA2 PQG generation of g parameter.Dr. Stephen Henson
2011-08-26Add support for canonical generation of DSA parameter g.Dr. Stephen Henson
Modify fips_dssvs to support appropriate file format.
2011-06-20make EVP_dss() work for DSA signingDr. Stephen Henson
2011-05-11Rename FIPS_mode_set and FIPS_mode. Theses symbols will be defined inDr. Stephen Henson
the FIPS capable OpenSSL.
2011-05-08allow SHA384, SHA512 wit DSADr. Stephen Henson
2011-04-24Fix warning.Dr. Stephen Henson
2011-04-24fips_check_dsa_prng() should only be built when OPENSSL_FIPS is defined.Richard Levitte
2011-04-23More fixes for DSA FIPS overrides.Dr. Stephen Henson
2011-04-23Make sure overrides work for RSA/DSA.Dr. Stephen Henson
2011-04-23Add PRNG security strength checking.Dr. Stephen Henson
2011-04-19Use 0 for tbslen to perform strlen.Dr. Stephen Henson
2011-04-14Remove several of the old obsolete FIPS_corrupt_*() functions.Dr. Stephen Henson
2011-04-14Initial incomplete POST overhaul: add support for POST callback toDr. Stephen Henson
allow status of POST to be monitored and/or failures induced.
2011-04-07DH keys have an (until now) unused 'q' parameter. When creatingDr. Stephen Henson
from DSA copy q across and if q present generate DH key in the correct range.
2011-04-04check RAND_pseudo_bytes return valueDr. Stephen Henson
2011-03-24make updateRichard Levitte
2011-03-12Add SRP support.Ben Laurie
2011-02-21Update dependencies.Dr. Stephen Henson
2011-02-15Update pairwise consistency checks to use SHA-256.Dr. Stephen Henson
2011-02-13Remove dependency of dsa_sign.o and dsa_vrf.o: new functions FIPS_dsa_sig_newDr. Stephen Henson
and FIPS_dsa_sig_free, reimplment DSA_SIG_new and DSA_SIG_free from ASN1 library.
2011-02-11Return security strength for supported DSA parameters: will be usedDr. Stephen Henson
later.
2011-02-11Free keys if DSA pairwise error.Dr. Stephen Henson
2011-02-03Transfer error redirection to fips.h, add OPENSSL_FIPSAPI to source filesDr. Stephen Henson
that use it.
2011-02-03make updateBodo Möller
2011-02-02Add sign/verify digest API to handle an explicit digest instead of finalisingDr. Stephen Henson
a context.
2011-02-01fixes for DSA2 parameter generationDr. Stephen Henson
2011-02-01Since FIPS 186-3 specifies we use the leftmost bits of the digestDr. Stephen Henson
we shouldn't reject digest lengths larger than SHA256: the FIPS algorithm tests include SHA384 and SHA512 tests.
2011-01-31Provisional, experimental support for DSA2 parameter generation algorithm.Dr. Stephen Henson
Not properly integrated or tested yet.
2011-01-27Move all FIPSAPI renames into fips.h header file, include early inDr. Stephen Henson
crypto.h if needed. Modify source tree to handle change.
2011-01-27Redirect FIPS memory allocation to FIPS_malloc() routine, removeDr. Stephen Henson
OpenSSL malloc dependencies.
2011-01-27Change OPENSSL_FIPSEVP to OPENSSL_FIPSAPI as it doesn't just referDr. Stephen Henson
to EVP any more. Move locking #define into fips.h. Set FIPS locking callbacks at same time as OpenSSL locking callbacks.
2011-01-26FIPS mode DSA changes:Dr. Stephen Henson
Check for selftest failures. Pairwise consistency test for RSA key generation. Use some EVP macros instead of EVP functions. Use minimal FIPS EVP where needed. Key size restrictions.
2011-01-25Move DSA_sign, DSA_verify to dsa_asn1.c and include separate versions ofDr. Stephen Henson
DSA_SIG_new() and DSA_SIG_free() to remove ASN1 dependencies from DSA_do_sign() and DSA_do_verify().
2011-01-25recalculate DSA signature if r or s is zero (FIPS 186-3 requirement)Dr. Stephen Henson
2011-01-19Add additional parameter to dsa_builtin_paramgen to output the generatedDr. Stephen Henson
seed to: this doesn't introduce any binary compatibility issues as the function is only used internally. The seed output is needed for FIPS 140-2 algorithm testing: the functionality used to be in DSA_generate_parameters_ex() but was removed in OpenSSL 1.0.0
2010-10-11PR: 2295Dr. Stephen Henson
Submitted by: Alexei Khlebnikov <alexei.khlebnikov@opera.com> Reviewed by: steve OOM checking. Leak in OOM fix. Fall-through comment. Duplicate code elimination.
2010-10-04fix signature printing routinesDr. Stephen Henson
2010-06-12Fix warnings.Ben Laurie
2010-04-20PR: 2241Dr. Stephen Henson
Submitted By: Artemy Lebedev <vagran.ast@gmail.com> Typo.
2010-03-08correct error codeDr. Stephen Henson
2010-03-06Add algorithm specific signature printing. An individual ASN1 method canDr. Stephen Henson
now print out signatures instead of the standard hex dump. More complex signatures (e.g. PSS) can print out more meaningful information. Sample DSA version included that prints out the signature parameters r, s. [Note EVP_PKEY_ASN1_METHOD is an application opaque structure so adding new fields in the middle has no compatibility issues]
2010-01-22Tolerate PKCS#8 DSA format with negative private key.Dr. Stephen Henson
2009-12-01check DSA_sign() return value properlyDr. Stephen Henson
2009-10-18make updateDr. Stephen Henson
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-30 11:16:17 +0000