#
7ed6de99 |
| 05-Sep-2024 |
Tomas Mraz |
Copyright year updates Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes
|
#
32b43b91 |
| 22-Aug-2024 |
slontis |
Update new FIPS indicator evp_tests to use FIPSversion + Availablein options. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: To
Update new FIPS indicator evp_tests to use FIPSversion + Availablein options. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25267)
show more ...
|
#
2a538309 |
| 26-Jul-2024 |
slontis |
Update evp_test KeyGen The EVP_PKEY_CTX is now created in keygen_test_run(). keygen_test_parse() inserts all values into KEYGEN_TEST_DATA. The 'Ctrl' parameters have been changed to
Update evp_test KeyGen The EVP_PKEY_CTX is now created in keygen_test_run(). keygen_test_parse() inserts all values into KEYGEN_TEST_DATA. The 'Ctrl' parameters have been changed to just be settables, rather than using legacy controls. Added EC keygen tests Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from https://github.com/openssl/openssl/pull/25008)
show more ...
|
#
05681e0e |
| 08-Aug-2024 |
slontis |
Add FIPS Indicator for ECDH cofactor. FIPS KAS requires use of ECC CDH. The EC 'B' and 'K' curves have a cofactor that is not 1, and this MUST be multiplied by the private key w
Add FIPS Indicator for ECDH cofactor. FIPS KAS requires use of ECC CDH. The EC 'B' and 'K' curves have a cofactor that is not 1, and this MUST be multiplied by the private key when deriving the shared secret. Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25139)
show more ...
|
#
06da1473 |
| 03-Jul-2024 |
slontis |
Add FIPS indicators to evp_test evp_test code needed to be modified to defer setting algorithm contexts until the run phase. The parse functions also defer setting into the context u
Add FIPS indicators to evp_test evp_test code needed to be modified to defer setting algorithm contexts until the run phase. The parse functions also defer setting into the context until the run phase, which allows the context to initialize in a controlled order. This allows params to be passed into the algorithm init function. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24623)
show more ...
|
#
77a30b70 |
| 22-Apr-2024 |
Trust-Worthy |
evp_test: Added the special private key that triggers bug (CVE-2011-4354) The bug triggers in 32 bit linux distros running openssl 0.9.8g. This adds a regression test case.
evp_test: Added the special private key that triggers bug (CVE-2011-4354) The bug triggers in 32 bit linux distros running openssl 0.9.8g. This adds a regression test case. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24235)
show more ...
|
#
38fc02a7 |
| 17-Jun-2021 |
Matt Caswell |
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15801)
|
#
15fd6c23 |
| 28-May-2021 |
Matt Caswell |
Mark some priv/public key paris as only available in the default provider Now that we actually load public keys from providers we need to mark some key paris in the evp tests as only ava
Mark some priv/public key paris as only available in the default provider Now that we actually load public keys from providers we need to mark some key paris in the evp tests as only available there. Otherwise we get test failures when only the FIPS Provider is loaded. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15504)
show more ...
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13, openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11, openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7, OpenSSL_1_1_1h |
|
#
7a810fac |
| 04-Sep-2020 |
Shane Lontis |
Add 'fips-securitychecks' option and plumb this into the actual fips checks Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12745)
|
#
96b92410 |
| 29-Aug-2020 |
Richard Levitte |
Revert "TEST: separate out NIST ECC tests from non-NIST" This file split turned out to be a mistake as soon as the fetching error reporting got properly sorted. This reverts com
Revert "TEST: separate out NIST ECC tests from non-NIST" This file split turned out to be a mistake as soon as the fetching error reporting got properly sorted. This reverts commit e6ed04a9dcc2ead94e35c4a7400b9c998b5ad9ac. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12587)
show more ...
|
#
e6ed04a9 |
| 18-Aug-2020 |
Richard Levitte |
TEST: separate out NIST ECC tests from non-NIST ECC keys with non-NIST group names aren't supported when running with the FIPS provider. Keys with such groups that are included
TEST: separate out NIST ECC tests from non-NIST ECC keys with non-NIST group names aren't supported when running with the FIPS provider. Keys with such groups that are included in evp_test stanza files aren't even possible to decode if provider side decoders are used, since those depend on available EVP_KEYMGMT implementations and what they support. Those keys could only be decoded because the legacy decoders were used. To make these tests future proof, we separate out the stanzas having keys with NIST approved group names into separate files, and adjust the file lists in test/recipes/30-test_evp.t aaccordingly. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12672)
show more ...
|
#
5ccada09 |
| 07-Aug-2020 |
Shane Lontis |
Add evp_test fixes. Changed many tests so they also test fips (and removed 'availablein = default' from some tests). Seperated the monolithic evppkey.txt file into smaller maintainable g
Add evp_test fixes. Changed many tests so they also test fips (and removed 'availablein = default' from some tests). Seperated the monolithic evppkey.txt file into smaller maintainable groups. Changed the availablein option so it must be first - this then skips the entire test before any fetching happens. Changed the code so that all the OPENSSL_NO_XXXX tests are done in code via methods such as is_cipher_disabled(alg), before the fetch happens. Added missing libctx's found by adding a libctx to test_evp. Broke up large data files for cipher, kdf's and mac's into smaller pieces so they no longer need 'AvailableIn = default' Added missing algorithm aliases for cipher/digests to the providers. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12236)
show more ...
|
Revision tags: openssl-3.0.0-alpha6, openssl-3.0.0-alpha5, openssl-3.0.0-alpha4, openssl-3.0.0-alpha3, openssl-3.0.0-alpha2, openssl-3.0.0-alpha1, OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e, OpenSSL_1_0_2u, OpenSSL_1_0_2t, OpenSSL_1_1_0l, OpenSSL_1_1_1d |
|
#
aac96e27 |
| 31-May-2019 |
Rich Salz |
Remove function name from errors Deprecate all xxx_F_ defines. Removed some places that tested for a specific function. Use empty field for the function names in output. Update d
Remove function name from errors Deprecate all xxx_F_ defines. Removed some places that tested for a specific function. Use empty field for the function names in output. Update documentation. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9058)
show more ...
|
Revision tags: OpenSSL_1_1_1c, OpenSSL_1_1_0k, OpenSSL_1_0_2s, OpenSSL_1_0_2r, OpenSSL_1_1_1b, OpenSSL_1_0_2q, OpenSSL_1_1_0j, OpenSSL_1_1_1a, OpenSSL_1_1_1 |
|
#
bfb10b97 |
| 22-Aug-2018 |
Billy Brumley |
[test] throw error from wrapper function instead of an EC_METHOD specific one Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged
[test] throw error from wrapper function instead of an EC_METHOD specific one Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7028)
show more ...
|
#
30c41bfb |
| 22-Aug-2018 |
Billy Brumley |
[test] ECC: make sure negative tests pass for the right reasons Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://
[test] ECC: make sure negative tests pass for the right reasons Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7028)
show more ...
|
Revision tags: OpenSSL_1_1_1-pre9 |
|
#
5d92b853 |
| 17-Aug-2018 |
Nicola Tuveri |
Replace GFp ladder implementation with ladd-2002-it-4 from EFD The EFD database does not state that the "ladd-2002-it-3" algorithm assumes X1 != 0. Consequently the current implement
Replace GFp ladder implementation with ladd-2002-it-4 from EFD The EFD database does not state that the "ladd-2002-it-3" algorithm assumes X1 != 0. Consequently the current implementation, based on it, fails to compute correctly if the affine x coordinate of the scalar multiplication input point is 0. We replace this implementation using the alternative algorithm based on Eq. (9) and (10) from the same paper, which being derived from the additive relation of (6) does not incur in this problem, but costs one extra field multiplication. The EFD entry for this algorithm is at https://hyperelliptic.org/EFD/g1p/auto-shortw-xz.html#ladder-ladd-2002-it-4 and the code to implement it was generated with tooling. Regression tests add one positive test for each named curve that has such a point. The `SharedSecret` was generated independently from the OpenSSL codebase with sage. This bug was originally reported by Dmitry Belyavsky on the openssl-users maling list: https://mta.openssl.org/pipermail/openssl-users/2018-August/008540.html Co-authored-by: Billy Brumley <bbrumley@gmail.com> Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7000)
show more ...
|
Revision tags: OpenSSL_1_0_2p, OpenSSL_1_1_0i |
|
#
249330de |
| 28-Jun-2018 |
Billy Brumley |
More EVP ECC testing: positive and negative 1. For every named curve, two "golden" keypair positive tests. 2. Also two "golden" stock ECDH positive tests. 3. For named curves with no
More EVP ECC testing: positive and negative 1. For every named curve, two "golden" keypair positive tests. 2. Also two "golden" stock ECDH positive tests. 3. For named curves with non-trivial cofactors, additionally two "golden" ECC CDH positive tests. 4. For named curves with non-trivial cofactors, additionally two negative tests. There is some overlap with existing EVP tests, especially for the NIST curves (for example, positive testing ECC CDH KATs for NIST curves). "Golden" here means all the values are independent from OpenSSL's ECC code. I used sage to calculate them. What comes from OpenSSL is: 1. The OIDs (parsed by tooling) 2. The curve parameters (parsing ecparam output with tooling) The values inside the PEMs (private keys, public keys) and shared keys are from sage. The PEMs themselves are the output of asn1parse, with input taken from sage. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6608)
show more ...
|