#
59eaa8c4 |
| 03-Sep-2024 |
Pauli |
rand: remove unused field in DRBG structure Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/op
rand: remove unused field in DRBG structure Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25415)
show more ...
|
#
ff157ee2 |
| 04-Sep-2024 |
Pauli |
drbg: Fix typo Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25415)
|
#
f6a296c3 |
| 12-Aug-2024 |
slontis |
Cleanups for FIPS options.. The options in fipsprov.c are now generated using macros with fips_indicator_params.inc. This should keep the naming consistent. Some FIPS related he
Cleanups for FIPS options.. The options in fipsprov.c are now generated using macros with fips_indicator_params.inc. This should keep the naming consistent. Some FIPS related headers have moved to providers/fips/include so that they can use fips_indicator_params.inc. securitycheck.h now includes fipsindicator.h, and fipsindicator.h includes fipscommon.h. fipsinstall.c uses OSSL_PROV_PARAM_ for the configurable FIPS options rather than using OSSL_PROV_FIPS_PARAM_* as this was confusing as to which one should be used. fips_names.h just uses aliases now for existing public names. Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25162)
show more ...
|
#
c13ddf0a |
| 01-Jul-2024 |
slontis |
Change all existing FIPS configurable checks to use FIPS indicators. This changes the logic to always do the security checks and then decide what to do based on if this passes or not. Fa
Change all existing FIPS configurable checks to use FIPS indicators. This changes the logic to always do the security checks and then decide what to do based on if this passes or not. Failure of a check causes either a failure OR the FIPS indicator callback to be triggered. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24623)
show more ...
|
#
b6461792 |
| 20-Mar-2024 |
Richard Levitte |
Copyright year updates Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes (cherry picked from commit 0ce7d1f355c1240653e320a3f6f8109c1f05f8c0) Reviewed-by: Hugo Lan
Copyright year updates Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes (cherry picked from commit 0ce7d1f355c1240653e320a3f6f8109c1f05f8c0) Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24034)
show more ...
|
#
cb4f7a6e |
| 07-Feb-2024 |
Tomas Mraz |
Fix memory leaks on error cases during drbg initializations Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> (Merged from https://github.
Fix memory leaks on error cases during drbg initializations Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> (Merged from https://github.com/openssl/openssl/pull/23503)
show more ...
|
#
10fe5e29 |
| 13-Sep-2023 |
Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com> |
Fix new typos found by codespell Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged fro
Fix new typos found by codespell Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22098)
show more ...
|
#
da1c088f |
| 07-Sep-2023 |
Matt Caswell |
Copyright year updates Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes
|
#
61f11cad |
| 15-May-2023 |
Matt Caswell |
Enable obtaining certain DRBG params without a lock Even if a DRBG has locking enabled on it, there are certain parameters which are still safe to obtain even without a lock. The max_req
Enable obtaining certain DRBG params without a lock Even if a DRBG has locking enabled on it, there are certain parameters which are still safe to obtain even without a lock. The max_request value is constant for all our DRBGs. The reseed_counter does not matter if we get it wrong - so it is safe to avoid the lock. So if all we are reading are those parameters then we take no lock at all. Partially fixes #20286 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20970)
show more ...
|
#
189ad3ab |
| 15-May-2023 |
Matt Caswell |
Refactor the DRBG implementations to manage locking themselves Previously the EVP layer would call lock and unlock functions on the underlying DRBG implementation to say when a lock shou
Refactor the DRBG implementations to manage locking themselves Previously the EVP layer would call lock and unlock functions on the underlying DRBG implementation to say when a lock should be acquired and released. This gives the DRBG implementation no say as to what kind of lock should obtained (e.g. read/write) or even whether a lock is actually needed or not. In reality we know whether a DRBG is supposed to be in locking mode or not because the "enable_locking()" function will have been called if locks should be used. Therefore we re-interpret the lock and unlock functions as "hints" from the EVP layer which we ignore. Instead we acquire locks only when we need them. By knowing the context we can obtain either a read or a write lock as appropriate. This may mean that in some rare cases we acquire the locks more than once for a single EVP call, if the EVP call makes several calls to the underlying DRBG. But in practice almost all EVP calls only make one such call. EVP_RAND_generate() is an example of a call where multiple DRBG calls may be made. One of these gets the "max_request" parameter (which is constant for all of our own DRBGs) and it may make several calls to the DRBG generate call - but only if the requested size is very large which will rarely be the case. Partially fixes #20286 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20970)
show more ...
|
#
f553c0f0 |
| 16-Mar-2023 |
Pauli |
DRBG: restrict the digests that can be used with HMAC and Hash DRBGs. According to FIP 140-3 IG D.R: https://csrc.nist.gov/CSRC/media/Projects/cryptographic-module-validation-program/documen
DRBG: restrict the digests that can be used with HMAC and Hash DRBGs. According to FIP 140-3 IG D.R: https://csrc.nist.gov/CSRC/media/Projects/cryptographic-module-validation-program/documents/fips%20140-3/FIPS%20140-3%20IG.pdf Outside of FIPS, there remains no restriction other than not allowing XOF digests. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/20521)
show more ...
|
#
f3090fc7 |
| 15-Jul-2022 |
slontis |
Implement deterministic ECDSA sign (RFC6979) This PR is based off the contributions in PR #9223 by Jemmy1228. It has been modified and reworked to: (1) Work with providers (
Implement deterministic ECDSA sign (RFC6979) This PR is based off the contributions in PR #9223 by Jemmy1228. It has been modified and reworked to: (1) Work with providers (2) Support ECDSA and DSA (3) Add a KDF HMAC_DRBG implementation that shares code with the RAND HMAC_DRBG. A nonce_type is passed around inside the Signing API's, in order to support any future deterministic algorithms. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18809)
show more ...
|
#
44e47328 |
| 01-Sep-2022 |
Todd Short |
Cleanup EBCDIC string defintions Use a single definiton for protocol string defintions. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.or
Cleanup EBCDIC string defintions Use a single definiton for protocol string defintions. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19122)
show more ...
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13, openssl-3.0.0-alpha12 |
|
#
a28d06f3 |
| 18-Feb-2021 |
Matt Caswell |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14235)
|
Revision tags: OpenSSL_1_1_1j |
|
#
335e85f5 |
| 12-Feb-2021 |
Pauli |
rand: update DRBGs to use the get_entropy call for seeding Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14162)
|
Revision tags: openssl-3.0.0-alpha11, openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8 |
|
#
08edd447 |
| 30-Oct-2020 |
Pauli |
prov: move the entropy source out of the FIPS provider Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https
prov: move the entropy source out of the FIPS provider Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/13226)
show more ...
|
#
b24d6c33 |
| 16-Nov-2020 |
Pauli |
Rename internal drbg_ functions so they have an ossl_ prefix. These functions are: drbg_enable_locking(), drbg_get_ctx_params(), drbg_lock(), drbg_set_ctx_params() and drbg_unlock().
Rename internal drbg_ functions so they have an ossl_ prefix. These functions are: drbg_enable_locking(), drbg_get_ctx_params(), drbg_lock(), drbg_set_ctx_params() and drbg_unlock(). Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13417)
show more ...
|
#
1dc188ba |
| 16-Nov-2020 |
Pauli |
Provide side RNG functions renamed to have an ossl_ prefix. These are: prov_crngt_cleanup_entropy(), prov_crngt_get_entropy(), prov_pool_acquire_entropy(), prov_pool_add_nonce_data(),
Provide side RNG functions renamed to have an ossl_ prefix. These are: prov_crngt_cleanup_entropy(), prov_crngt_get_entropy(), prov_pool_acquire_entropy(), prov_pool_add_nonce_data(), prov_rand_drbg_free() and prov_rand_drbg_new(). Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13417)
show more ...
|
Revision tags: openssl-3.0.0-alpha7 |
|
#
7d6766cb |
| 28-Sep-2020 |
Pauli |
prov: prefix provider internal functions with ossl_ Also convert the names to lower case. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/open
prov: prefix provider internal functions with ossl_ Also convert the names to lower case. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13014)
show more ...
|
Revision tags: OpenSSL_1_1_1h |
|
#
b0614f0a |
| 13-Sep-2020 |
Dr. Matthias St. Pierre |
drbg: revert renamings of the generate and reseed counter The original names were more intuitive: the generate_counter counts the number of generate requests, and the reseed_counter coun
drbg: revert renamings of the generate and reseed counter The original names were more intuitive: the generate_counter counts the number of generate requests, and the reseed_counter counts the number of reseedings (of the principal DRBG). reseed_gen_counter -> generate_counter reseed_prop_counter -> reseed_counter This is the anologue to commit 8380f453ec81 on the 1.1.1 stable branch. The only difference is that the second renaming has already been reverted on the master branch. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12941)
show more ...
|
#
82a7b2fb |
| 07-Aug-2020 |
Dr. Matthias St. Pierre |
rand: fix typo in parameter name Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from ht
rand: fix typo in parameter name Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/12608)
show more ...
|
Revision tags: openssl-3.0.0-alpha6 |
|
#
7d615e21 |
| 22-Jul-2020 |
Pauli |
rand_drbg: remove RAND_DRBG. The RAND_DRBG API did not fit well into the new provider concept as implemented by EVP_RAND and EVP_RAND_CTX. The main reason is that the RAND_DRBG API i
rand_drbg: remove RAND_DRBG. The RAND_DRBG API did not fit well into the new provider concept as implemented by EVP_RAND and EVP_RAND_CTX. The main reason is that the RAND_DRBG API is a mixture of 'front end' and 'back end' API calls and some of its API calls are rather low-level. This holds in particular for the callback mechanism (RAND_DRBG_set_callbacks()) and the RAND_DRBG type changing mechanism (RAND_DRBG_set()). Adding a compatibility layer to continue supporting the RAND_DRBG API as a legacy API for a regular deprecation period turned out to come at the price of complicating the new provider API unnecessarily. Since the RAND_DRBG API exists only since version 1.1.1, it was decided by the OMC to drop it entirely. Other related changes: Use RNG instead of DRBG in EVP_RAND documentation. The documentation was using DRBG in places where it should have been RNG or CSRNG. Move the RAND_DRBG(7) documentation to EVP_RAND(7). Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/12509)
show more ...
|
Revision tags: openssl-3.0.0-alpha5, openssl-3.0.0-alpha4 |
|
#
363b1e5d |
| 20-Jun-2020 |
Dr. Matthias St. Pierre |
Make the naming scheme for dispatched functions more consistent The new naming scheme consistently usese the `OSSL_FUNC_` prefix for all functions which are dispatched between the core a
Make the naming scheme for dispatched functions more consistent The new naming scheme consistently usese the `OSSL_FUNC_` prefix for all functions which are dispatched between the core and providers. This change includes in particular all up- and downcalls, i.e., the dispatched functions passed from core to provider and vice versa. - OSSL_core_ -> OSSL_FUNC_core_ - OSSL_provider_ -> OSSL_FUNC_core_ For operations and their function dispatch tables, the following convention is used: Type | Name (evp_generic_fetch(3)) | ---------------------|-----------------------------------| operation | OSSL_OP_FOO | function id | OSSL_FUNC_FOO_FUNCTION_NAME | function "name" | OSSL_FUNC_foo_function_name | function typedef | OSSL_FUNC_foo_function_name_fn | function ptr getter | OSSL_FUNC_foo_function_name | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12222)
show more ...
|
Revision tags: openssl-3.0.0-alpha3, openssl-3.0.0-alpha2 |
|
#
f000e828 |
| 08-May-2020 |
Pauli |
CTR, HASH and HMAC DRBGs in provider Move the three different DRBGs to the provider. As part of the move, the DRBG specific data was pulled out of a common structure and into th
CTR, HASH and HMAC DRBGs in provider Move the three different DRBGs to the provider. As part of the move, the DRBG specific data was pulled out of a common structure and into their own structures. Only these smaller structures are securely allocated. This saves quite a bit of secure memory: +-------------------------------+ | DRBG | Bytes | Secure | +--------------+-------+--------+ | HASH | 376 | 512 | | HMAC | 168 | 256 | | CTR | 176 | 256 | | Common (new) | 320 | 0 | | Common (old) | 592 | 1024 | +--------------+-------+--------+ Bytes is the structure size on the X86/64. Secure is the number of bytes of secure memory used (power of two allocator). Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/11682)
show more ...
|
#
714a1bb3 |
| 08-May-2020 |
Pauli |
rand: set up EVP and DRBG infrastructure for RAND from providers. Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/116
rand: set up EVP and DRBG infrastructure for RAND from providers. Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/11682)
show more ...
|