#
bb2be4f0 |
| 24-Jul-2024 |
Richard Levitte |
Refactor OpenSSL 'DSA' EVP_SIGNATURE to also include DSA+hash composites (in the code, "sigalg" is used to refer to these composite algorithms, which is a nod to libcrypto and libssl, wh
Refactor OpenSSL 'DSA' EVP_SIGNATURE to also include DSA+hash composites (in the code, "sigalg" is used to refer to these composite algorithms, which is a nod to libcrypto and libssl, where that term is commonly used for composite algorithms) Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24992)
show more ...
|
#
976dd358 |
| 26-Aug-2024 |
slontis |
Update code to use EVP_MD_xof() Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25285)
|
#
c37e2176 |
| 21-Aug-2024 |
slontis |
Add FIPS indicators to X25519 and X448. X25519 and X448 are unapproved in FIPS 140-3 So always trigger the indicator callback if these Keys are used, and add "fips-indicator" getters that
Add FIPS indicators to X25519 and X448. X25519 and X448 are unapproved in FIPS 140-3 So always trigger the indicator callback if these Keys are used, and add "fips-indicator" getters that return 0. This has been added to keygen and key exchange. (KEM will also require it if ever becomes a FIPS algorithm). Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from https://github.com/openssl/openssl/pull/25246)
show more ...
|
#
f2a5c80c |
| 22-Aug-2024 |
slontis |
Revert evp_test change that made "FIPSversion" skip the default provider. Fixes #25199 This should be done using "Availablein" if required. Reviewed-by: Neil Horman <nhorman@ope
Revert evp_test change that made "FIPSversion" skip the default provider. Fixes #25199 This should be done using "Availablein" if required. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25267)
show more ...
|
#
390f00a1 |
| 31-Jul-2024 |
slontis |
Add HMAC FIPS keysize check. HMAC has been changed to use a FIPS indicator for its key check. HKDF and Single Step use a salt rather than a key when using HMAC, so we need a mec
Add HMAC FIPS keysize check. HMAC has been changed to use a FIPS indicator for its key check. HKDF and Single Step use a salt rather than a key when using HMAC, so we need a mechanism to bypass this check in HMAC. A seperate 'internal' query table has been added to the FIPS provider for MACS. Giving HMAC a seprate dispatch table allows KDF's to ignore the key check. If a KDF requires the key check then it must do the check itself. The normal MAC dipatch table is used if the user fetches HMAC directly. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from https://github.com/openssl/openssl/pull/25049)
show more ...
|
#
523187df |
| 19-Aug-2024 |
Richard Levitte |
Enable RSA-SM3 in the default provider It turns out that we didn't allow the combination RSA + SM3 anywhere. This is perfectly reasonable in the FIPS module, but less so in the defa
Enable RSA-SM3 in the default provider It turns out that we didn't allow the combination RSA + SM3 anywhere. This is perfectly reasonable in the FIPS module, but less so in the default provider. This change enables it in the default provider, and adds a simple evp_test stanza for the RSA-SM3 signature scheme. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23416)
show more ...
|
#
b02cf2fc |
| 10-Jul-2024 |
Richard Levitte |
Add new test types in test/evp_test.c, and a test for RSA sigalgs With these tests, we get to test: - EVP_PKEY_sign_init_ex() - EVP_PKEY_verify_init_ex2() - EVP_PKEY_verify_
Add new test types in test/evp_test.c, and a test for RSA sigalgs With these tests, we get to test: - EVP_PKEY_sign_init_ex() - EVP_PKEY_verify_init_ex2() - EVP_PKEY_verify_recover_init_ex2() - EVP_PKEY_sign_message_init() and friends - EVP_PKEY_verify_message_init() and friends A few test cases for RSA-{hash} are added, in test/recipes/30-test_evp_data/evppkey_rsa_sigalg.txt Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23416)
show more ...
|
#
a595d624 |
| 26-Jul-2024 |
slontis |
Change existing evp_test KeyGen Ctrls to use provider algorithm parameter names. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged
Change existing evp_test KeyGen Ctrls to use provider algorithm parameter names. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from https://github.com/openssl/openssl/pull/25008)
show more ...
|
#
2a538309 |
| 26-Jul-2024 |
slontis |
Update evp_test KeyGen The EVP_PKEY_CTX is now created in keygen_test_run(). keygen_test_parse() inserts all values into KEYGEN_TEST_DATA. The 'Ctrl' parameters have been changed to
Update evp_test KeyGen The EVP_PKEY_CTX is now created in keygen_test_run(). keygen_test_parse() inserts all values into KEYGEN_TEST_DATA. The 'Ctrl' parameters have been changed to just be settables, rather than using legacy controls. Added EC keygen tests Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from https://github.com/openssl/openssl/pull/25008)
show more ...
|
#
05681e0e |
| 08-Aug-2024 |
slontis |
Add FIPS Indicator for ECDH cofactor. FIPS KAS requires use of ECC CDH. The EC 'B' and 'K' curves have a cofactor that is not 1, and this MUST be multiplied by the private key w
Add FIPS Indicator for ECDH cofactor. FIPS KAS requires use of ECC CDH. The EC 'B' and 'K' curves have a cofactor that is not 1, and this MUST be multiplied by the private key when deriving the shared secret. Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25139)
show more ...
|
#
f3c03be3 |
| 07-Aug-2024 |
pohsingwu |
Restrict salt length for RSA-PSS in the FIPS provider Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/o
Restrict salt length for RSA-PSS in the FIPS provider Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25115)
show more ...
|
#
f98e49b3 |
| 24-Jul-2024 |
slontis |
Add FIPS DSA Keygen tests Adjust the existing tests to disable DSA keygen in FIPS mode. Allow evp_test to load DSA 'KeyParams' that can then be used to perform a DSA KeyGen.
Add FIPS DSA Keygen tests Adjust the existing tests to disable DSA keygen in FIPS mode. Allow evp_test to load DSA 'KeyParams' that can then be used to perform a DSA KeyGen. Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24978)
show more ...
|
#
7f8ff7ab |
| 05-Aug-2024 |
slontis |
Fix evp_test HKDF failure in crosstest 3.1.2 FIPS provider with master Fixes #25089 The test to check if the FIPS indicator was correct failed in 3.1.2 since EVP_PKEY_CTX_get_params(
Fix evp_test HKDF failure in crosstest 3.1.2 FIPS provider with master Fixes #25089 The test to check if the FIPS indicator was correct failed in 3.1.2 since EVP_PKEY_CTX_get_params() returns 0 if there is no gettable/getter. The code has been modified to return 1 if there is no gettable. Manually reproduced and tested by copying the 3.1.2 FIPS provider to master. Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25093)
show more ...
|
#
ba977226 |
| 12-Jul-2024 |
pohsingwu |
Add FIPS indicator tests for KDFs Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from https://github.com/openssl/openssl/pull/2
Add FIPS indicator tests for KDFs Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from https://github.com/openssl/openssl/pull/23900)
show more ...
|
#
07e4d7f4 |
| 29-Jul-2024 |
slontis |
Add RSA Signature restrictions for X9.31 padding in the FIPS provider. In FIPS 140-3, RSA Signing with X9.31 padding is not approved, but verification is allowed for legacy purposes. An
Add RSA Signature restrictions for X9.31 padding in the FIPS provider. In FIPS 140-3, RSA Signing with X9.31 padding is not approved, but verification is allowed for legacy purposes. An indicator has been added for RSA signing with X9.31 padding. A strict restriction on the size of the RSA modulus has been added i.e. It must be 1024 + 256 * s (which is part of the ANSI X9.31 spec). Added implementation comments to the X9.31 padding code Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from https://github.com/openssl/openssl/pull/24021)
show more ...
|
#
bc431587 |
| 22-Jul-2024 |
slontis |
Add FIPS indicator support for Triple-DES encryption. This leaves 3DES with the FIPS query "FIPS=yes", which allows Triple-DES to be used for Decryption by default. Disallow CMA
Add FIPS indicator support for Triple-DES encryption. This leaves 3DES with the FIPS query "FIPS=yes", which allows Triple-DES to be used for Decryption by default. Disallow CMAC using Triple-DES in FIPS. This does not use a FIPS indicator. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from https://github.com/openssl/openssl/pull/24960)
show more ...
|
#
4a002f51 |
| 17-Jul-2024 |
Pauli |
evp_test: check MAC FIPS approved flag Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> (Merged from https://github.com/openssl/op
evp_test: check MAC FIPS approved flag Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> (Merged from https://github.com/openssl/openssl/pull/24917)
show more ...
|
#
85caa417 |
| 04-Jul-2024 |
slontis |
Disable DSA signing in the FIPS provider. This is a FIPS 140-3 requirement. This uses a FIP indicator if either the FIPS configurable "dsa_sign_disabled" is set to 0, OR OSSL_SIGNATU
Disable DSA signing in the FIPS provider. This is a FIPS 140-3 requirement. This uses a FIP indicator if either the FIPS configurable "dsa_sign_disabled" is set to 0, OR OSSL_SIGNATURE_PARAM_FIPS_SIGN_CHECK is set to 0 in the dsa signing context. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24799)
show more ...
|
#
98845685 |
| 11-Jul-2024 |
Neil Horman |
Fix coverity-1510058 coverity noted a recent change made a call to OSSL_PARAM_get_size_t without checking the return code, as is practice in all other call sites. Just add t
Fix coverity-1510058 coverity noted a recent change made a call to OSSL_PARAM_get_size_t without checking the return code, as is practice in all other call sites. Just add the check. Fixes openssl/private#551 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24860)
show more ...
|
#
06da1473 |
| 03-Jul-2024 |
slontis |
Add FIPS indicators to evp_test evp_test code needed to be modified to defer setting algorithm contexts until the run phase. The parse functions also defer setting into the context u
Add FIPS indicators to evp_test evp_test code needed to be modified to defer setting algorithm contexts until the run phase. The parse functions also defer setting into the context until the run phase, which allows the context to initialize in a controlled order. This allows params to be passed into the algorithm init function. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24623)
show more ...
|
#
b6a5e801 |
| 01-Dec-2023 |
Rajeev Ranjan |
Add support for integrity-only cipher suites for TLS v1.3 - add test vectors for tls1_3 integrity-only ciphers - recmethod_local.h: add new member for MAC - tls13_meth.c: add MAC onl
Add support for integrity-only cipher suites for TLS v1.3 - add test vectors for tls1_3 integrity-only ciphers - recmethod_local.h: add new member for MAC - tls13_meth.c: add MAC only to tls 1.3 - tls13_enc.c: extend function to add MAC only - ssl_local.h: add ssl_cipher_get_evp_md_mac() - s3_lib.c: add the new ciphers and add #ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS - ssl_ciph.c : add ssl_cipher_get_evp_md_mac() and use it - tls13secretstest.c: add dummy test function - Configure: add integrity-only-ciphers option - document the new ciphers Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22903)
show more ...
|
#
deaa83af |
| 06-May-2024 |
Tomas Mraz |
Fix Coverity issues 1596850, 1596851 and 1596852 These are newly introduced memory leaks and UAF in evp_test.c Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul D
Fix Coverity issues 1596850, 1596851 and 1596852 These are newly introduced memory leaks and UAF in evp_test.c Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24339)
show more ...
|
#
fedbfff4 |
| 08-Aug-2023 |
Veronika Hanulíková |
Add processing by chunks to mac tests Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pu
Add processing by chunks to mac tests Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21727)
show more ...
|
#
5f4983f9 |
| 02-Aug-2023 |
Veronika Hanulíková |
Add processing by chunks to encoding tests Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/opens
Add processing by chunks to encoding tests Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21727)
show more ...
|
#
1208d526 |
| 28-Jul-2023 |
Veronika Hanulíková |
Add processing by chunks to digest, sign, verify tests Input value is parsed into chunks, which are separately stored in the buffer stack. When chunk size is set, "Count" and "Copy"
Add processing by chunks to digest, sign, verify tests Input value is parsed into chunks, which are separately stored in the buffer stack. When chunk size is set, "Count" and "Copy" parameters are skipped. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21727)
show more ...
|