summaryrefslogtreecommitdiffstats
path: root/fips/fips.c
AgeCommit message (Collapse)Author
2014-12-08Remove fipscanister from Configure, delete fips directoryDr. Stephen Henson
Reviewed-by: Tim Hudson <tjh@openssl.org>
2011-10-21fips.c: remove preprocessor artefact.Andy Polyakov
2011-10-21fix (?) AVX clearingDr. Stephen Henson
2011-10-20fips.c: x86[_64] capability masking.Andy Polyakov
2011-10-19add authentication parameter to FIPS_module_mode_setDr. Stephen Henson
2011-09-14Allow for dynamic base in Win64 FIPS module.Andy Polyakov
2011-07-25Fix warnings.Dr. Stephen Henson
2011-07-04Add functions to return FIPS module version.Dr. Stephen Henson
2011-05-12Fix error discrepancy.Dr. Stephen Henson
2011-05-11Set FIPS mode for values other than 1. The only current effectDr. Stephen Henson
is to return a consistent value. So calling FIPS_module_mode_set(n) for n != 0 will result in FIPS_module_mode() returning n. This will support future expansion of more FIPS modes e.g. a Suite B mode.
2011-05-11Rename FIPS_mode_set and FIPS_mode. Theses symbols will be defined inDr. Stephen Henson
the FIPS capable OpenSSL.
2011-04-14Initial incomplete POST overhaul: add support for POST callback toDr. Stephen Henson
allow status of POST to be monitored and/or failures induced.
2011-04-12Update fips_pkey_signature_test: use fixed string if supplies tbs isDr. Stephen Henson
NULL. Always allocate signature buffer. Update ECDSA selftest to use fips_pkey_signature_test. Add copyright notice to file.
2011-04-12Update RSA selftest code to use a 2048 bit RSA and only a single KATDr. Stephen Henson
for PSS+SHA256
2011-04-11Update copyright year.Dr. Stephen Henson
Zero ciphertext and plaintext temporary buffers. Check FIPS_cipher() return value.
2011-04-05Extensive reorganisation of PRNG handling in FIPS module: all callsDr. Stephen Henson
now use an internal RAND_METHOD. All dependencies to OpenSSL standard PRNG are now removed: it is the applications resposibility to setup the FIPS PRNG and initalise it. Initial OpenSSL RAND_init_fips() function that will setup the DRBG for the "FIPS capable OpenSSL".
2011-04-05Rename deprecated FIPS_rand functions to FIPS_x931. These shouldn't beDr. Stephen Henson
used by applications directly and the X9.31 PRNG is deprecated by new FIPS140-2 rules anyway.
2011-04-04Change FIPS locking functions to macros so we get useful line information.Dr. Stephen Henson
Set fips_thread_set properly.
2011-04-01Initial switch to DRBG base PRNG in FIPS mode. Include bogus seeding forDr. Stephen Henson
test applications.
2011-03-24Implement FIPS CMAC.Richard Levitte
* fips/cmac/*: Implement the basis for FIPS CMAC, using FIPS HMAC as an example. * crypto/cmac/cmac.c: Enable the FIPS API. Change to use M_EVP macros where possible. * crypto/evp/evp.h: (some of the macros get added with this change) * fips/fips.h, fips/utl/fips_enc.c: Add a few needed functions and use macros to have cmac.c use these functions. * Makefile.org, fips/Makefile, fips/fips.c: Hook it in.
2011-03-16Add extensive DRBG selftest data and option to corrupt it in fips_test_suite.Dr. Stephen Henson
2011-02-18add ECDSA POSTDr. Stephen Henson
2011-02-18AES GCM selftests.Dr. Stephen Henson
2011-02-16Experimental FIPS symbol renaming.Dr. Stephen Henson
Fixups under fips/ to make symbol renaming work.
2011-02-15Add pairwise consistency test to EC.Dr. Stephen Henson
2011-02-15Update pairwise consistency checks to use SHA-256.Dr. Stephen Henson
2011-02-13Remove dependency of dsa_sign.o and dsa_vrf.o: new functions FIPS_dsa_sig_newDr. Stephen Henson
and FIPS_dsa_sig_free, reimplment DSA_SIG_new and DSA_SIG_free from ASN1 library.
2011-02-12Change FIPS source and utilities to use the "FIPS_" names directlyDr. Stephen Henson
instead of using regular OpenSSL API names.
2011-02-04Remove unneeded functions, make some functions and variables static.Dr. Stephen Henson
2011-01-27Change OPENSSL_FIPSEVP to OPENSSL_FIPSAPI as it doesn't just referDr. Stephen Henson
to EVP any more. Move locking #define into fips.h. Set FIPS locking callbacks at same time as OpenSSL locking callbacks.
2011-01-26And so it begins... again.Dr. Stephen Henson
Initial FIPS 140-2 code ported to HEAD. Doesn't even compile yet, may have missing files, extraneous files and other nastiness. In other words: it's experimental ATM, OK?
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-13 12:29:07 +0000