Age | Commit message (Collapse) | Author | |
---|---|---|---|
2014-07-11 | Remove Dual EC DRBG again...OpenSSL-fips-2_0_8 | Dr. Stephen Henson | |
Dual EC DRBG removal now accepted for 2.0.8 onwards. | |||
2014-05-12 | Revert "Remove Dual EC DRBG from FIPS module." | Dr. Stephen Henson | |
Revert Dual EC DRBG removal commit as it was not accepted for 2.0.7 version of the module. This reverts commit 200f249b8c3b6439e0200d01caadc24806f1a983. | |||
2013-12-16 | Remove Dual EC DRBG from FIPS module. | Dr. Stephen Henson | |
2011-11-02 | Remove duplicate test from health check. Fix memory leaks by uninstantiating | Dr. Stephen Henson | |
DRBG before reinitialising it. | |||
2011-10-20 | Fix error codes. | Dr. Stephen Henson | |
2011-09-22 | Typo. | Dr. Stephen Henson | |
2011-09-22 | Use function name FIPS_drbg_health_check() for health check function. | Dr. Stephen Henson | |
Add explanatory comments to health check code. | |||
2011-09-21 | Remove unused variable. | Dr. Stephen Henson | |
2011-09-21 | Perform health check on all reseed operations not associated with | Dr. Stephen Henson | |
prediction resistance requests. Although SP 800-90 is arguably unclear on whether this is necessary adding an additional check has minimal penalty (very few applications will make an explicit reseed request). | |||
2011-09-21 | Revise DRBG to split between internal and external flags. | Dr. Stephen Henson | |
One demand health check function. Perform generation test in fips_test_suite. Option to skip dh test if fips_test_suite. | |||
2011-09-12 | More extensive DRBG health check. New function to call health check | Dr. Stephen Henson | |
for all DRBG combinations. | |||
2011-09-12 | Delete strength parameter from FIPS_drbg_generate. It isn't very useful | Dr. Stephen Henson | |
(strength can be queried using FIPS_drbg_get_strength ) and adds a substantial extra overhead to health check (need to check every combination of parameters). | |||
2011-09-09 | Add support for Dual EC DRBG from SP800-90. Include updates to algorithm | Dr. Stephen Henson | |
tests and POST code. | |||
2011-09-07 | Put quick DRBG selftest return after first generate operation. | Dr. Stephen Henson | |
2011-09-06 | Add error codes for DRBG KAT failures. | Dr. Stephen Henson | |
Add abbreviated DRBG KAT for POST which only performs a single generate operations instead of four. | |||
2011-09-04 | Don't perform full DRBG health check on all DRBG types on power up, just | Dr. Stephen Henson | |
one shorter KAT per mechanism. | |||
2011-09-04 | Extension of DRBG selftests using new data. | Dr. Stephen Henson | |
Test PR and no PR and test initial generate before the reseed too. Move selftest data to separate fips_drbg_selftest.h header file. | |||
2011-08-08 | Add HMAC DRBG from SP800-90 | Dr. Stephen Henson | |
2011-04-21 | Add continuous RNG test to entropy source. Entropy callbacks now need | Dr. Stephen Henson | |
to specify a "block length". | |||
2011-04-20 | Update DRBG to use new POST scheme. | Dr. Stephen Henson | |
2011-04-12 | Fix memory leaks: uninstantiate DRBG during health checks. Cleanup md_ctx | Dr. Stephen Henson | |
when performing ECDSA selftest. | |||
2011-04-01 | Only zeroise sensitive parts of DRBG context, so the type and flags | Dr. Stephen Henson | |
are undisturbed. Allow setting of "rand" callbacks for DRBG. | |||
2011-03-31 | Remove redundant definitions. Give error code if DRBG sefltest fails. | Dr. Stephen Henson | |
2011-03-31 | Reorganise DRBG API so the entropy and nonce callbacks can return a | Dr. Stephen Henson | |
pointer to a buffer instead of copying to a fixed length buffer. This removes the entropy and nonce length restrictions. | |||
2011-03-25 | Allow setting of get_entropy and get_nonce callbacks outside test mode. | Dr. Stephen Henson | |
Test mode is now set when a DRBG context is initialised. | |||
2011-03-21 | Free DRBG context in self tests. | Dr. Stephen Henson | |
2011-03-18 | Typo. | Dr. Stephen Henson | |
2011-03-17 | Implement health checks needed by SP800-90. | Dr. Stephen Henson | |
Fix warnings. Instantiate DRBGs at maximum strength. | |||
2011-03-16 | Add extensive DRBG selftest data and option to corrupt it in fips_test_suite. | Dr. Stephen Henson | |