summaryrefslogtreecommitdiffstats
path: root/fips/rand
AgeCommit message (Collapse)Author
2011-05-23PR: 2522Dr. Stephen Henson
Submitted by: Henrik Grindal Bakken <henribak@cisco.com> Don't compare past end of buffer.
2011-05-11Rename FIPS_mode_set and FIPS_mode. Theses symbols will be defined inDr. Stephen Henson
the FIPS capable OpenSSL.
2011-05-06Return error codes for selftest failure instead of hard assertion errors.Dr. Stephen Henson
2011-05-04Remove superfluous PRNG self tests.Dr. Stephen Henson
Print timer resolution.
2011-05-01Some changes to support VxWorks in the validted module.Dr. Stephen Henson
2011-04-23Always return multiple of block length bytes from default DRBG seedDr. Stephen Henson
callback. Handle case where no multiple of the block size is in the interval [min_len, max_len].
2011-04-21Add continuous RNG test to entropy source. Entropy callbacks now needDr. Stephen Henson
to specify a "block length".
2011-04-20Update DRBG to use new POST scheme.Dr. Stephen Henson
2011-04-20Add periodic DRBG health checks as required by SP800-90.Dr. Stephen Henson
2011-04-14Add new POST support to X9.31 PRNG.Dr. Stephen Henson
2011-04-12Fix memory leaks: uninstantiate DRBG during health checks. Cleanup md_ctxDr. Stephen Henson
when performing ECDSA selftest.
2011-04-10Typo: fix duplicate call.Dr. Stephen Henson
2011-04-09Add error for health check failure.Dr. Stephen Henson
Rebuild all FIPS error codes to clean out old obsolete codes.
2011-04-09Before initalising a live DRBG (i.e. not in test mode) run a complete healthDr. Stephen Henson
check on a DRBG of the same type.
2011-04-09New function to return security strength of PRNG.Dr. Stephen Henson
2011-04-06Update OpenSSL DRBG support code. Use date time vector as additional data.Dr. Stephen Henson
Set FIPS RAND_METHOD at same time as OpenSSL RAND_METHOD.
2011-04-05Update fipssyms.h to keep all symbols in FIPS,fips namespace.Dr. Stephen Henson
Rename drbg_cprng_test to fips_drbg_cprng_test. Remove rand files from Makefile.fips.
2011-04-05Extensive reorganisation of PRNG handling in FIPS module: all callsDr. Stephen Henson
now use an internal RAND_METHOD. All dependencies to OpenSSL standard PRNG are now removed: it is the applications resposibility to setup the FIPS PRNG and initalise it. Initial OpenSSL RAND_init_fips() function that will setup the DRBG for the "FIPS capable OpenSSL".
2011-04-05Rename deprecated FIPS_rand functions to FIPS_x931. These shouldn't beDr. Stephen Henson
used by applications directly and the X9.31 PRNG is deprecated by new FIPS140-2 rules anyway.
2011-04-04Set error code is additional data callback fails.Dr. Stephen Henson
2011-04-04Change RNG test to block oriented instead of request oriented, add optionDr. Stephen Henson
to test a "stuck" DRBG.
2011-04-01Only zeroise sensitive parts of DRBG context, so the type and flagsDr. Stephen Henson
are undisturbed. Allow setting of "rand" callbacks for DRBG.
2011-04-01Initial switch to DRBG base PRNG in FIPS mode. Include bogus seeding forDr. Stephen Henson
test applications.
2011-03-31Unused, untested, provisional RAND interface for DRBG.Dr. Stephen Henson
2011-03-31Remove redundant definitions. Give error code if DRBG sefltest fails.Dr. Stephen Henson
2011-03-31Reorganise DRBG API so the entropy and nonce callbacks can return aDr. Stephen Henson
pointer to a buffer instead of copying to a fixed length buffer. This removes the entropy and nonce length restrictions.
2011-03-25Have all algorithm test programs call fips_algtest_init() at startup:Dr. Stephen Henson
this will perform all standalone operations such as setting error callbacks, entering FIPS mode etc.
2011-03-25Allow setting of get_entropy and get_nonce callbacks outside test mode.Dr. Stephen Henson
Test mode is now set when a DRBG context is initialised.
2011-03-24make updateRichard Levitte
2011-03-21Free DRBG context in self tests.Dr. Stephen Henson
2011-03-18Typo.Dr. Stephen Henson
2011-03-17Implement continuous RNG test for SP800-90 DRBGs.Dr. Stephen Henson
2011-03-17Implement health checks needed by SP800-90.Dr. Stephen Henson
Fix warnings. Instantiate DRBGs at maximum strength.
2011-03-16Add extensive DRBG selftest data and option to corrupt it in fips_test_suite.Dr. Stephen Henson
2011-03-11Check requested security strength in DRBG. Add function to retrieve theDr. Stephen Henson
security strength.
2011-03-08Add meaningful error codes to DRBG.Dr. Stephen Henson
2011-03-08Add file I/O to fips_drbgvs program.Dr. Stephen Henson
2011-03-08Remove need for redirection on RNG and DSS algorithm test programs: someDr. Stephen Henson
platforms don't support it.
2011-03-07Uninstantiate and free functions for DRBG.Dr. Stephen Henson
2011-03-06Fix couple of bugs in CTR DRBG implementation.Dr. Stephen Henson
2011-03-06Updates to DRBG: fix bugs in infrastructure. Add initial experimentalDr. Stephen Henson
algorithm test generator.
2011-03-04Initial, provisional, subject to wholesale change, untested, probablyDr. Stephen Henson
not working, incomplete and unused SP800-90 DRBGs for CTR and Hash modes. Did I say this was untested?
2011-02-21Update dependencies.Dr. Stephen Henson
2011-02-21x509v3.h header file not needed in fips algorithm test utilities.Dr. Stephen Henson
2011-02-16Experimental FIPS symbol renaming.Dr. Stephen Henson
Fixups under fips/ to make symbol renaming work.
2011-02-03Transfer error redirection to fips.h, add OPENSSL_FIPSAPI to source filesDr. Stephen Henson
that use it.
2011-01-27Move all FIPSAPI renames into fips.h header file, include early inDr. Stephen Henson
crypto.h if needed. Modify source tree to handle change.
2011-01-27Redirect FIPS memory allocation to FIPS_malloc() routine, removeDr. Stephen Henson
OpenSSL malloc dependencies.
2011-01-27Change OPENSSL_FIPSEVP to OPENSSL_FIPSAPI as it doesn't just referDr. Stephen Henson
to EVP any more. Move locking #define into fips.h. Set FIPS locking callbacks at same time as OpenSSL locking callbacks.
2011-01-27New FIPS_lock() function for minimal FIPS locking API: to avoid dependenciesDr. Stephen Henson
on OpenSSL locking code. Use API in some internal FIPS files. Remove redundant ENGINE defines from fips.h
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-05 01:17:49 +0000