generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
10,522 Commits 16 Branches 258 Tags
Commit Graph

286 Commits

Author SHA1 Message Date
Dr. Stephen Henson
41a846c694 Don't use TPREFIX shell variable for minimal script. 2011-10-14 15:15:20 +00:00
Dr. Stephen Henson
3335b6f265 Add usage messages. 2011-10-14 13:00:08 +00:00
Dr. Stephen Henson
5936521495 Print curve type for signature tests. 2011-10-12 22:41:33 +00:00
Dr. Stephen Henson
98bc806749 Skip ECDH sanity check. Add --compare-all to run comparison tests on 
all files instead of sanity checks.
 2011-10-12 17:18:38 +00:00
Dr. Stephen Henson
a2b6dc97f6 Handle partial test where H is absent: needed to check g generation. 2011-10-12 17:03:15 +00:00
Dr. Stephen Henson
e15acd9d9e Updates to handle some verification of v2 tests. 
Now enable v2 by default and require a --disable-v2 option to run the
old v1 tests.
 2011-10-12 15:33:54 +00:00
Dr. Stephen Henson
a854818ea9 Handle broken test on verify too. 2011-10-12 15:32:57 +00:00
Dr. Stephen Henson
c1f63b5cb3 ECDH POST selftest failure inducing support. 2011-10-12 13:17:19 +00:00
Dr. Stephen Henson
cf61940534 Fix warnings. 2011-10-12 13:06:45 +00:00
Dr. Stephen Henson
dafd5b5d74 Only include one ECDH selftest. 2011-10-12 12:55:58 +00:00
Dr. Stephen Henson
4cc2bbab67 Make fips algorithm test utilities use RESP_EOL for end of line character(s). 
This should be CRLF even under *nix.
 2011-10-01 20:42:52 +00:00
Dr. Stephen Henson
10465aca60 Never echo Num lines for PQGGen DSA2 test. 2011-09-30 11:58:59 +00:00
Dr. Stephen Henson
3f1ebb8f42 make depend 2011-09-29 23:17:59 +00:00
Dr. Stephen Henson
2bfeb7dc83 Add FIPS selftests for ECDH algorithm. 2011-09-29 23:08:23 +00:00
Dr. Stephen Henson
55831cd6ee Remove s = s * P deferral. 2011-09-29 18:22:37 +00:00
Dr. Stephen Henson
884c33b5c4 Check return codes properly. 2011-09-29 16:24:00 +00:00
Dr. Stephen Henson
54bb3f68e1 Fix output format for DSA2 parameter generation. 2011-09-28 22:35:30 +00:00
Dr. Stephen Henson
a846a7ff32 Add a --disable-all option to disable all tests. 2011-09-25 22:12:39 +00:00
Dr. Stephen Henson
bac3db9cc1 Handle provable prime parameters for canonical g generation which are 
sometimes erroneously included.
 2011-09-25 22:04:43 +00:00
Dr. Stephen Henson
af70f1a35d Run PQGVer test before DSA2 tests. 2011-09-23 01:03:37 +00:00
Dr. Stephen Henson
ddf00ffab8 Typo. 2011-09-22 14:15:07 +00:00
Dr. Stephen Henson
cb71870dfa Use function name FIPS_drbg_health_check() for health check function. 
Add explanatory comments to health check code.
 2011-09-22 14:01:25 +00:00
Dr. Stephen Henson
456d883a25 Don't print out errors in cases where errors are expected: testing 
DSA parameter validity and EC public key validity.
 2011-09-21 18:42:12 +00:00
Dr. Stephen Henson
d57cc97f24 Remove unused variable. 2011-09-21 18:36:53 +00:00
Dr. Stephen Henson
05272d4c51 Perform health check on all reseed operations not associated with 
prediction resistance requests. Although SP 800-90 is arguably unclear
on whether this is necessary adding an additional check has minimal
penalty (very few applications will make an explicit reseed request).
 2011-09-21 18:24:12 +00:00
Dr. Stephen Henson
4420b3b17a Revise DRBG to split between internal and external flags. 
One demand health check function.

Perform generation test in fips_test_suite.

Option to skip dh test if fips_test_suite.
 2011-09-21 17:04:56 +00:00
Dr. Stephen Henson
a5799bdc48 Allow reseed interval to be set. 2011-09-18 19:36:27 +00:00
Dr. Stephen Henson
45fcfcb99f clarify comment 2011-09-16 17:40:16 +00:00
Dr. Stephen Henson
e248740d67 Minor code tidy and bug fix: need to set t = s after first pass and 
t and s do not need to have independent values after the first pass
so set t = s.
 2011-09-16 17:35:40 +00:00
Dr. Stephen Henson
b889a6046b Make HMAC kat symbols static. 2011-09-15 14:28:46 +00:00
Dr. Stephen Henson
00b0f2cb3e Fix warning. 2011-09-15 14:08:24 +00:00
Andy Polyakov
03e389cf04 Allow for dynamic base in Win64 FIPS module. 2011-09-14 20:48:49 +00:00
Dr. Stephen Henson
93256bf5d1 Update CMAC/HMAC sefltests to use NIDs instead of function pointers. 
Simplify HMAC selftest as each test currently uses the same key and
hash data.
 2011-09-14 15:49:50 +00:00
Dr. Stephen Henson
15094852de new function to lookup FIPS supported ciphers by NID 2011-09-14 13:25:48 +00:00
Dr. Stephen Henson
a11f06b2dc More extensive DRBG health check. New function to call health check 
for all DRBG combinations.
 2011-09-12 18:47:39 +00:00
Dr. Stephen Henson
361d18a208 Check length of additional input in DRBG generate function. 2011-09-12 18:45:05 +00:00
Dr. Stephen Henson
de2132de93 Delete strength parameter from FIPS_drbg_generate. It isn't very useful 
(strength can be queried using FIPS_drbg_get_strength ) and adds a
substantial extra overhead to health check (need to check every combination
of parameters).
 2011-09-12 13:20:57 +00:00
Dr. Stephen Henson
9e56c99e1a Check we recognise DRBG type in fips_drbgvs.c initialised DRBG_CTX if we 
don't set type in FIPS_drbg_new().
 2011-09-12 12:56:20 +00:00
Dr. Stephen Henson
288fe07a6e Fix 3DES Monte Carlo test file output which previously outputted 
extra bogus lines. Update fipsalgtest.pl to tolerate the old format.
 2011-09-11 18:05:40 +00:00
Dr. Stephen Henson
7fdcb45745 Add support for Dual EC DRBG from SP800-90. Include updates to algorithm 
tests and POST code.
 2011-09-09 17:16:43 +00:00
Dr. Stephen Henson
d98360392a Put quick DRBG selftest return after first generate operation. 2011-09-07 10:26:38 +00:00
Dr. Stephen Henson
bbb19418e6 Add error codes for DRBG KAT failures. 
Add abbreviated DRBG KAT for POST which only performs a single generate
operations instead of four.
 2011-09-06 20:46:27 +00:00
Dr. Stephen Henson
ea17b0feec Check reseed interval before generating output. 2011-09-05 15:45:13 +00:00
Dr. Stephen Henson
7634137b8a Place DRBG in error state if health check fails. 2011-09-05 15:32:32 +00:00
Dr. Stephen Henson
74c40744ca Don't perform full DRBG health check on all DRBG types on power up, just 
one shorter KAT per mechanism.
 2011-09-04 22:48:06 +00:00
Dr. Stephen Henson
1567b3904c Update dependencies. 2011-09-04 18:44:28 +00:00
Dr. Stephen Henson
06e771b580 Add header to Makefile. 2011-09-04 18:36:20 +00:00
Dr. Stephen Henson
eb9e63df61 Extension of DRBG selftests using new data. 
Test PR and no PR and test initial generate before the reseed too.

Move selftest data to separate fips_drbg_selftest.h header file.
 2011-09-04 18:35:33 +00:00
Dr. Stephen Henson
fa85c1dbf5 Rename some more symbols for fips module. 2011-09-02 15:10:54 +00:00
Dr. Stephen Henson
d35c284b73 Print private key component is -exout parameter is given. 2011-08-29 16:09:07 +00:00