prov: prefix provider internal functions with ossl_

Also convert the names to lower case.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/open

prov: prefix provider internal functions with ossl_

Also convert the names to lower case.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13014)

show more ...

Add self tests for rsa encryption

SP800-56br2 requires seperate KAT's (fips self tests) to be tested for both encryption and decryption
using the RSA primitive (i.e. no padding). This is

Add self tests for rsa encryption

SP800-56br2 requires seperate KAT's (fips self tests) to be tested for both encryption and decryption
using the RSA primitive (i.e. no padding). This is specified in FIPS140-2 IG D.9

A copy of the methods EVP_PKEY_encrypt_init(), EVP_PKEY_encrypt(), EVP_PKEY_decrypt_init(), EVP_PKEY_decrypt()
are now in the fips module.

Removed the #ifdef FIPS_MODULE in evp_pkey_ctx_free_old_ops().

Added corruption test

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12835)

show more ...

prov/drbg: cleanup some RAND_DRBG leftovers

These are leftovers from the RAND_DRBG removal (#12509).

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.co

prov/drbg: cleanup some RAND_DRBG leftovers

These are leftovers from the RAND_DRBG removal (#12509).

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12866)

show more ...

Revert "kdf: make function naming consistent."

The commit claimed to make things more consistent. In fact it makes it
less so. Revert back to the previous namig convention.

This

Revert "kdf: make function naming consistent."

The commit claimed to make things more consistent. In fact it makes it
less so. Revert back to the previous namig convention.

This reverts commit 765d04c9460a304c8119f57941341a149498b9db.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12186)

show more ...

fips rand: DRBG KAT self test updates to provider model.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)

kdf: make function naming consistent.

The EVP_KDF_CTX_* functions have been relocated to the EVP_KDF_* namespace
for consistency.

Reviewed-by: Richard Levitte <levitte@openssl.o

kdf: make function naming consistent.

The EVP_KDF_CTX_* functions have been relocated to the EVP_KDF_* namespace
for consistency.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11996)

show more ...

Amend references to "OpenSSL license"

A small number of files contain references to the "OpenSSL license"
which has been deprecated and replaced by the "Apache License 2.0".
Amend th

Amend references to "OpenSSL license"

A small number of files contain references to the "OpenSSL license"
which has been deprecated and replaced by the "Apache License 2.0".
Amend the occurences.

Fixes #11649

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11663)

show more ...

Add data driven SELF TEST code for signatures and key agreement

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11036)

Add pairwise consistency self tests to asym keygenerators

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10952)

Check that the DRBG's internal state has been zeroized after uninstantiation

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11111)

Add DRBG self tests

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11010)

Params: add argument to the _from_text calls to indicate if the param exists.

The extra argument is a integer pointer and is optional.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.o

Params: add argument to the _from_text calls to indicate if the param exists.

The extra argument is a integer pointer and is optional.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11049)

show more ...

Fix coverity issues CID 1457745...1457752, 1457853, 1457854

CID 1457854 - keymgmt_lib.c : OVERRUN
CID 1457853 - self_test_kats.c : UNINT
CID 1457752 - fipsprov.c RESOURCE_LEAK (code

Fix coverity issues CID 1457745...1457752, 1457853, 1457854

CID 1457854 - keymgmt_lib.c : OVERRUN
CID 1457853 - self_test_kats.c : UNINT
CID 1457752 - fipsprov.c RESOURCE_LEAK (code change in another PR removed this)
CID 1457751 - apps/pkcs12.c CHECKED_RETURN
CID 1457750 - dsa_ossl.c RESOURCE_LEAK (marked as false positive since tmp can not be NULL)
CID 1457749 - apps/nseq.c : CHECKED_RETURN
CID 1457748 - cipher_aes_cbc_hmac_sha.c : SIZEOF_MISMATCH
CID 1457747 - cipher_aes_cbc_hmac_sha.c : SIZEOF_MISMATCH
CID 1457746 - same as 1457752
CID 1457745 - apps/ocsp : CHECKED_RETURN

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10934)

show more ...

Add FIPS Self test kats for digests

Added an API to optionally set a self test callback.
The callback has the following 2 purposes
(1) Output information about the KAT tests.
(2)

Add FIPS Self test kats for digests

Added an API to optionally set a self test callback.
The callback has the following 2 purposes
(1) Output information about the KAT tests.
(2) Allow the ability to corrupt one of the KAT's
The fipsinstall program uses the API.

Some KATS are not included in this PR since the required functionality did not yet exist in the provider.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10374)

show more ...