summaryrefslogtreecommitdiffstats
path: root/fips/fips.h (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Remove fipscanister from Configure, delete fips directoryDr. Stephen Henson2014-12-081-480/+0
| | | | Reviewed-by: Tim Hudson <tjh@openssl.org>
* make post failure simulation reversible in all casesDr. Stephen Henson2011-11-051-3/+2
|
* Add single call public key sign and verify functions.Dr. Stephen Henson2011-11-051-0/+10
|
* Check for selftest failure in various places.Dr. Stephen Henson2011-10-221-0/+4
|
* Update error codes.Dr. Stephen Henson2011-10-211-0/+1
|
* Fix error codes.Dr. Stephen Henson2011-10-201-1/+2
|
* add authentication parameter to FIPS_module_mode_setDr. Stephen Henson2011-10-201-1/+5
|
* Add FIPS selftests for ECDH algorithm.Dr. Stephen Henson2011-09-301-0/+3
|
* new function to lookup FIPS supported ciphers by NIDDr. Stephen Henson2011-09-141-0/+2
|
* More extensive DRBG health check. New function to call health checkDr. Stephen Henson2011-09-121-0/+3
| | | | for all DRBG combinations.
* Add error codes for DRBG KAT failures.Dr. Stephen Henson2011-09-061-0/+4
| | | | | Add abbreviated DRBG KAT for POST which only performs a single generate operations instead of four.
* Add functions to return FIPS module version.Dr. Stephen Henson2011-07-051-0/+3
|
* Now the FIPS capable OpenSSL is available simplify the various FIPS testDr. Stephen Henson2011-06-221-55/+0
| | | | | | | | | | | build options. All fispcanisterbuild builds only build fipscanister.o and include symbol renaming. Move all renamed symbols to fipssyms.h Update README.FIPS
* Add prototype for null cipher.Dr. Stephen Henson2011-06-211-0/+1
|
* Use FIPSCAPABLE for FIPS module functions used in FIPS capable OpenSSL.Dr. Stephen Henson2011-06-121-1/+1
|
* HMAC fips prototypesDr. Stephen Henson2011-06-121-0/+9
|
* CMAC FIPS prototypes.Dr. Stephen Henson2011-06-121-0/+8
|
* more prototypes in fips.hDr. Stephen Henson2011-06-091-1/+4
|
* Add more prototypes.Dr. Stephen Henson2011-06-091-0/+10
|
* Add flags for DH FIPS method.Dr. Stephen Henson2011-06-081-6/+9
| | | | Update/fix prototypes in fips.h
* Add prototypes for some FIPS EC functions.Dr. Stephen Henson2011-06-061-0/+12
|
* Move function prototype to fips.hDr. Stephen Henson2011-06-061-0/+5
|
* Add "OPENSSL_FIPSCAPABLE" define for a version of OpenSSL which isDr. Stephen Henson2011-06-031-0/+5
| | | | FIPS capable: i.e. FIPS module is supplied externally.
* Constify RSA signature buffer.Dr. Stephen Henson2011-06-031-2/+2
|
* Move FIPS RSA function definitions to fips.hDr. Stephen Henson2011-06-021-0/+28
| | | | | | | | New function to lookup digests by NID in module. Minor optimisation: if supplied hash is NULL to FIPS RSA functions and we are using PKCS padding get digest NID from otherwise unused saltlen parameter instead.
* Clone digest prototypes.Dr. Stephen Henson2011-06-011-0/+3
|
* Add more cipher prototypes.Dr. Stephen Henson2011-05-291-0/+3
|
* Prototypes for more FIPS functions for use in FIPS capable OpenSSL.Dr. Stephen Henson2011-05-291-1/+7
|
* Add FIPS_digestinit prototype for FIPS capable OpenSSL.Dr. Stephen Henson2011-05-291-0/+2
|
* Add prototypes for FIPS EVP implementations: for use in FIPS capableDr. Stephen Henson2011-05-281-0/+51
| | | | OpenSSL.
* Fix error discrepancy.Dr. Stephen Henson2011-05-121-1/+1
|
* Rename FIPS_mode_set and FIPS_mode. Theses symbols will be defined inDr. Stephen Henson2011-05-111-2/+2
| | | | the FIPS capable OpenSSL.
* Return error codes for selftest failure instead of hard assertion errors.Dr. Stephen Henson2011-05-061-0/+9
|
* Add PRNG security strength checking.Dr. Stephen Henson2011-04-231-0/+9
|
* Return errors instead of aborting when selftest fails.Dr. Stephen Henson2011-04-221-0/+2
|
* Add continuous RNG test to entropy source. Entropy callbacks now needDr. Stephen Henson2011-04-211-0/+2
| | | | to specify a "block length".
* Add periodic DRBG health checks as required by SP800-90.Dr. Stephen Henson2011-04-201-0/+1
|
* Add AES CCM selftest.Dr. Stephen Henson2011-04-191-0/+2
|
* Add XTS selftest, include in fips_test_suite.Dr. Stephen Henson2011-04-151-0/+2
|
* Add new POST support to X9.31 PRNG.Dr. Stephen Henson2011-04-141-1/+0
|
* Update CMAC, HMAC, GCM to use new POST system.Dr. Stephen Henson2011-04-141-1/+0
| | | | Fix crash if callback not set.
* Remove several of the old obsolete FIPS_corrupt_*() functions.Dr. Stephen Henson2011-04-141-9/+0
|
* Initial incomplete POST overhaul: add support for POST callback toDr. Stephen Henson2011-04-141-14/+59
| | | | allow status of POST to be monitored and/or failures induced.
* Update fips_pkey_signature_test: use fixed string if supplies tbs isDr. Stephen Henson2011-04-121-2/+2
| | | | | | | NULL. Always allocate signature buffer. Update ECDSA selftest to use fips_pkey_signature_test. Add copyright notice to file.
* Fix memory leaks: uninstantiate DRBG during health checks. Cleanup md_ctxDr. Stephen Henson2011-04-121-0/+1
| | | | when performing ECDSA selftest.
* Add error for health check failure.Dr. Stephen Henson2011-04-091-93/+83
| | | | Rebuild all FIPS error codes to clean out old obsolete codes.
* Update OpenSSL DRBG support code. Use date time vector as additional data.Dr. Stephen Henson2011-04-071-0/+2
| | | | Set FIPS RAND_METHOD at same time as OpenSSL RAND_METHOD.
* Extensive reorganisation of PRNG handling in FIPS module: all callsDr. Stephen Henson2011-04-051-0/+13
| | | | | | | | | now use an internal RAND_METHOD. All dependencies to OpenSSL standard PRNG are now removed: it is the applications resposibility to setup the FIPS PRNG and initalise it. Initial OpenSSL RAND_init_fips() function that will setup the DRBG for the "FIPS capable OpenSSL".
* Rename deprecated FIPS_rand functions to FIPS_x931. These shouldn't beDr. Stephen Henson2011-04-051-3/+3
| | | | | used by applications directly and the X9.31 PRNG is deprecated by new FIPS140-2 rules anyway.
* Set error code is additional data callback fails.Dr. Stephen Henson2011-04-041-0/+2
|
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-15 13:43:06 +0100