Loading CHANGES +5 −2 Original line number Original line Diff line number Diff line Loading @@ -4,10 +4,13 @@ Changes between 1.0.1 and 1.1.0 [xx XXX xxxx] Changes between 1.0.1 and 1.1.0 [xx XXX xxxx] *) Add selftest checks and algorithm block of non-fips algorithms in FIPS mode. Remove DES2 from selftests. [Steve Henson] *) Add ECDSA code to fips module. Add tiny fips_ecdsa_check to just *) Add ECDSA code to fips module. Add tiny fips_ecdsa_check to just return internal method without any ENGINE dependencies. Add new return internal method without any ENGINE dependencies. Add new tiny fips sign and verify functions. Initial incomplete algorithm tiny fips sign and verify functions. test program. [Steve Henson] [Steve Henson] *) New build option no-ec2m to disable characteristic 2 code. *) New build option no-ec2m to disable characteristic 2 code. Loading crypto/evp/evp.h +1 −0 Original line number Original line Diff line number Diff line Loading @@ -1319,6 +1319,7 @@ void ERR_load_EVP_strings(void); #define EVP_R_DECODE_ERROR 114 #define EVP_R_DECODE_ERROR 114 #define EVP_R_DIFFERENT_KEY_TYPES 101 #define EVP_R_DIFFERENT_KEY_TYPES 101 #define EVP_R_DIFFERENT_PARAMETERS 153 #define EVP_R_DIFFERENT_PARAMETERS 153 #define EVP_R_DISABLED_FOR_FIPS 163 #define EVP_R_ENCODE_ERROR 115 #define EVP_R_ENCODE_ERROR 115 #define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119 #define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119 #define EVP_R_EXPECTING_AN_RSA_KEY 127 #define EVP_R_EXPECTING_AN_RSA_KEY 127 Loading crypto/evp/evp_err.c +1 −0 Original line number Original line Diff line number Diff line Loading @@ -162,6 +162,7 @@ static ERR_STRING_DATA EVP_str_reasons[]= {ERR_REASON(EVP_R_DECODE_ERROR) ,"decode error"}, {ERR_REASON(EVP_R_DECODE_ERROR) ,"decode error"}, {ERR_REASON(EVP_R_DIFFERENT_KEY_TYPES) ,"different key types"}, {ERR_REASON(EVP_R_DIFFERENT_KEY_TYPES) ,"different key types"}, {ERR_REASON(EVP_R_DIFFERENT_PARAMETERS) ,"different parameters"}, {ERR_REASON(EVP_R_DIFFERENT_PARAMETERS) ,"different parameters"}, {ERR_REASON(EVP_R_DISABLED_FOR_FIPS) ,"disabled for fips"}, {ERR_REASON(EVP_R_ENCODE_ERROR) ,"encode error"}, {ERR_REASON(EVP_R_ENCODE_ERROR) ,"encode error"}, {ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR),"evp pbe cipherinit error"}, {ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR),"evp pbe cipherinit error"}, {ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY) ,"expecting an rsa key"}, {ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY) ,"expecting an rsa key"}, Loading crypto/fips_err.h +2 −0 Original line number Original line Diff line number Diff line Loading @@ -80,6 +80,8 @@ static ERR_STRING_DATA FIPS_str_functs[]= {ERR_FUNC(FIPS_F_FIPS_CHECK_DSA), "FIPS_CHECK_DSA"}, {ERR_FUNC(FIPS_F_FIPS_CHECK_DSA), "FIPS_CHECK_DSA"}, {ERR_FUNC(FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT), "FIPS_check_incore_fingerprint"}, {ERR_FUNC(FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT), "FIPS_check_incore_fingerprint"}, {ERR_FUNC(FIPS_F_FIPS_CHECK_RSA), "fips_check_rsa"}, {ERR_FUNC(FIPS_F_FIPS_CHECK_RSA), "fips_check_rsa"}, {ERR_FUNC(FIPS_F_FIPS_CIPHERINIT), "FIPS_CIPHERINIT"}, {ERR_FUNC(FIPS_F_FIPS_DIGESTINIT), "FIPS_DIGESTINIT"}, {ERR_FUNC(FIPS_F_FIPS_DSA_CHECK), "FIPS_DSA_CHECK"}, {ERR_FUNC(FIPS_F_FIPS_DSA_CHECK), "FIPS_DSA_CHECK"}, {ERR_FUNC(FIPS_F_FIPS_MODE_SET), "FIPS_mode_set"}, {ERR_FUNC(FIPS_F_FIPS_MODE_SET), "FIPS_mode_set"}, {ERR_FUNC(FIPS_F_FIPS_PKEY_SIGNATURE_TEST), "fips_pkey_signature_test"}, {ERR_FUNC(FIPS_F_FIPS_PKEY_SIGNATURE_TEST), "fips_pkey_signature_test"}, Loading fips/des/fips_des_selftest.c +0 −8 Original line number Original line Diff line number Diff line Loading @@ -111,14 +111,6 @@ int FIPS_selftest_des() int n, ret = 0; int n, ret = 0; EVP_CIPHER_CTX ctx; EVP_CIPHER_CTX ctx; FIPS_cipher_ctx_init(&ctx); FIPS_cipher_ctx_init(&ctx); /* Encrypt/decrypt with 2-key 3DES and compare to known answers */ for(n=0 ; n < 2 ; ++n) { if (!fips_cipher_test(&ctx, EVP_des_ede_ecb(), tests2[n].key, NULL, tests2[n].plaintext, tests2[n].ciphertext, 8)) goto err; } /* Encrypt/decrypt with 3DES and compare to known answers */ /* Encrypt/decrypt with 3DES and compare to known answers */ for(n=0 ; n < 2 ; ++n) for(n=0 ; n < 2 ; ++n) Loading Loading
CHANGES +5 −2 Original line number Original line Diff line number Diff line Loading @@ -4,10 +4,13 @@ Changes between 1.0.1 and 1.1.0 [xx XXX xxxx] Changes between 1.0.1 and 1.1.0 [xx XXX xxxx] *) Add selftest checks and algorithm block of non-fips algorithms in FIPS mode. Remove DES2 from selftests. [Steve Henson] *) Add ECDSA code to fips module. Add tiny fips_ecdsa_check to just *) Add ECDSA code to fips module. Add tiny fips_ecdsa_check to just return internal method without any ENGINE dependencies. Add new return internal method without any ENGINE dependencies. Add new tiny fips sign and verify functions. Initial incomplete algorithm tiny fips sign and verify functions. test program. [Steve Henson] [Steve Henson] *) New build option no-ec2m to disable characteristic 2 code. *) New build option no-ec2m to disable characteristic 2 code. Loading
crypto/evp/evp.h +1 −0 Original line number Original line Diff line number Diff line Loading @@ -1319,6 +1319,7 @@ void ERR_load_EVP_strings(void); #define EVP_R_DECODE_ERROR 114 #define EVP_R_DECODE_ERROR 114 #define EVP_R_DIFFERENT_KEY_TYPES 101 #define EVP_R_DIFFERENT_KEY_TYPES 101 #define EVP_R_DIFFERENT_PARAMETERS 153 #define EVP_R_DIFFERENT_PARAMETERS 153 #define EVP_R_DISABLED_FOR_FIPS 163 #define EVP_R_ENCODE_ERROR 115 #define EVP_R_ENCODE_ERROR 115 #define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119 #define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119 #define EVP_R_EXPECTING_AN_RSA_KEY 127 #define EVP_R_EXPECTING_AN_RSA_KEY 127 Loading
crypto/evp/evp_err.c +1 −0 Original line number Original line Diff line number Diff line Loading @@ -162,6 +162,7 @@ static ERR_STRING_DATA EVP_str_reasons[]= {ERR_REASON(EVP_R_DECODE_ERROR) ,"decode error"}, {ERR_REASON(EVP_R_DECODE_ERROR) ,"decode error"}, {ERR_REASON(EVP_R_DIFFERENT_KEY_TYPES) ,"different key types"}, {ERR_REASON(EVP_R_DIFFERENT_KEY_TYPES) ,"different key types"}, {ERR_REASON(EVP_R_DIFFERENT_PARAMETERS) ,"different parameters"}, {ERR_REASON(EVP_R_DIFFERENT_PARAMETERS) ,"different parameters"}, {ERR_REASON(EVP_R_DISABLED_FOR_FIPS) ,"disabled for fips"}, {ERR_REASON(EVP_R_ENCODE_ERROR) ,"encode error"}, {ERR_REASON(EVP_R_ENCODE_ERROR) ,"encode error"}, {ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR),"evp pbe cipherinit error"}, {ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR),"evp pbe cipherinit error"}, {ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY) ,"expecting an rsa key"}, {ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY) ,"expecting an rsa key"}, Loading
crypto/fips_err.h +2 −0 Original line number Original line Diff line number Diff line Loading @@ -80,6 +80,8 @@ static ERR_STRING_DATA FIPS_str_functs[]= {ERR_FUNC(FIPS_F_FIPS_CHECK_DSA), "FIPS_CHECK_DSA"}, {ERR_FUNC(FIPS_F_FIPS_CHECK_DSA), "FIPS_CHECK_DSA"}, {ERR_FUNC(FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT), "FIPS_check_incore_fingerprint"}, {ERR_FUNC(FIPS_F_FIPS_CHECK_INCORE_FINGERPRINT), "FIPS_check_incore_fingerprint"}, {ERR_FUNC(FIPS_F_FIPS_CHECK_RSA), "fips_check_rsa"}, {ERR_FUNC(FIPS_F_FIPS_CHECK_RSA), "fips_check_rsa"}, {ERR_FUNC(FIPS_F_FIPS_CIPHERINIT), "FIPS_CIPHERINIT"}, {ERR_FUNC(FIPS_F_FIPS_DIGESTINIT), "FIPS_DIGESTINIT"}, {ERR_FUNC(FIPS_F_FIPS_DSA_CHECK), "FIPS_DSA_CHECK"}, {ERR_FUNC(FIPS_F_FIPS_DSA_CHECK), "FIPS_DSA_CHECK"}, {ERR_FUNC(FIPS_F_FIPS_MODE_SET), "FIPS_mode_set"}, {ERR_FUNC(FIPS_F_FIPS_MODE_SET), "FIPS_mode_set"}, {ERR_FUNC(FIPS_F_FIPS_PKEY_SIGNATURE_TEST), "fips_pkey_signature_test"}, {ERR_FUNC(FIPS_F_FIPS_PKEY_SIGNATURE_TEST), "fips_pkey_signature_test"}, Loading
fips/des/fips_des_selftest.c +0 −8 Original line number Original line Diff line number Diff line Loading @@ -111,14 +111,6 @@ int FIPS_selftest_des() int n, ret = 0; int n, ret = 0; EVP_CIPHER_CTX ctx; EVP_CIPHER_CTX ctx; FIPS_cipher_ctx_init(&ctx); FIPS_cipher_ctx_init(&ctx); /* Encrypt/decrypt with 2-key 3DES and compare to known answers */ for(n=0 ; n < 2 ; ++n) { if (!fips_cipher_test(&ctx, EVP_des_ede_ecb(), tests2[n].key, NULL, tests2[n].plaintext, tests2[n].ciphertext, 8)) goto err; } /* Encrypt/decrypt with 3DES and compare to known answers */ /* Encrypt/decrypt with 3DES and compare to known answers */ for(n=0 ; n < 2 ; ++n) for(n=0 ; n < 2 ; ++n) Loading
