| #
7ed6de99 |
| 05-Sep-2024 |
Tomas Mraz |
Copyright year updates
Reviewed-by: Neil Horman <nhorman@openssl.org>
Release: yes
|
| #
df32ba9e |
| 11-Jul-2024 |
Pauli |
Add unit tests for the TEST-RAND FIPS indicator
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/o
Add unit tests for the TEST-RAND FIPS indicator
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/24851)
show more ...
|
| #
ae9fe65d |
| 05-Nov-2023 |
Neil Horman |
Augment rand argument parsing to allow scaling
Instead of just accepting a number of bytes, allows openssl rand to
accept a k|m|g suffix to scale to kbytes/mbytes/gbytes
Fixes #
Augment rand argument parsing to allow scaling
Instead of just accepting a number of bytes, allows openssl rand to
accept a k|m|g suffix to scale to kbytes/mbytes/gbytes
Fixes #22622
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22624)
show more ...
|
| #
715242b1 |
| 10-Oct-2023 |
Richard Levitte |
test/recipes/05-test_rand.t: replace 'and' with '&&'
The lower priority 'and' seems to have some "interesting" interactions with
function argument parsing in some perl versions (presumab
test/recipes/05-test_rand.t: replace 'and' with '&&'
The lower priority 'and' seems to have some "interesting" interactions with
function argument parsing in some perl versions (presumably because 'and' is
lower priority than the comma).
For the lines that are changed here, perl v5.20.1 says this:
Useless use of string eq in void context at [.test.recipes]05-test_rand.t line 33.
Useless use of numeric eq (==) in void context at [.test.recipes]05-test_rand.t line 39.
Replacing 'and' with '&&' in these two cases fixes the problem.
Replacing
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22331)
show more ...
|
| #
bd363ef3 |
| 02-Apr-2022 |
Bernd Edlinger |
Add a test case for the engine crash with AES-256-CTR
Implement the AES-256-CTR cipher in the dasync engine.
Use that to reproduce the reported problems with the
devcrypto engin
Add a test case for the engine crash with AES-256-CTR
Implement the AES-256-CTR cipher in the dasync engine.
Use that to reproduce the reported problems with the
devcrypto engine in our normal test environment.
See #17995 and #17532 for details.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19386)
show more ...
|
| #
d4dfd983 |
| 25-Oct-2021 |
Pauli |
test-rand: return failure on not enough data, allow parent
The test-rand RNG was returning success when it had some but insufficient data.
Now, it returns failure and doesn't advance the
test-rand: return failure on not enough data, allow parent
The test-rand RNG was returning success when it had some but insufficient data.
Now, it returns failure and doesn't advance the data pointer.
The test-rand RNG was failing when a parent was specified. This case is now
ignored.
Fixes #16785
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16905)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13, openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11, openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7, OpenSSL_1_1_1h |
|
| #
4516bf74 |
| 26-Aug-2020 |
Pauli |
rand: instantiate the DRBGs upon first use.
Fixes #12714
[skip ci]
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierr
rand: instantiate the DRBGs upon first use.
Fixes #12714
[skip ci]
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12717)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha6 |
|
| #
7d615e21 |
| 22-Jul-2020 |
Pauli |
rand_drbg: remove RAND_DRBG.
The RAND_DRBG API did not fit well into the new provider concept as
implemented by EVP_RAND and EVP_RAND_CTX. The main reason is that the
RAND_DRBG API i
rand_drbg: remove RAND_DRBG.
The RAND_DRBG API did not fit well into the new provider concept as
implemented by EVP_RAND and EVP_RAND_CTX. The main reason is that the
RAND_DRBG API is a mixture of 'front end' and 'back end' API calls
and some of its API calls are rather low-level. This holds in particular
for the callback mechanism (RAND_DRBG_set_callbacks()) and the RAND_DRBG
type changing mechanism (RAND_DRBG_set()).
Adding a compatibility layer to continue supporting the RAND_DRBG API as
a legacy API for a regular deprecation period turned out to come at the
price of complicating the new provider API unnecessarily. Since the
RAND_DRBG API exists only since version 1.1.1, it was decided by the OMC
to drop it entirely.
Other related changes:
Use RNG instead of DRBG in EVP_RAND documentation. The documentation was
using DRBG in places where it should have been RNG or CSRNG.
Move the RAND_DRBG(7) documentation to EVP_RAND(7).
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12509)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha5, openssl-3.0.0-alpha4, openssl-3.0.0-alpha3, openssl-3.0.0-alpha2, openssl-3.0.0-alpha1 |
|
| #
33388b44 |
| 23-Apr-2020 |
Matt Caswell |
Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11616)
|
|
Revision tags: OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e |
|
| #
4d6d787c |
| 22-Feb-2020 |
Patrick Steuer |
AES CTR-DRGB: add test for 32-bit counter overflow
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https
AES CTR-DRGB: add test for 32-bit counter overflow
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10457)
show more ...
|
|
Revision tags: OpenSSL_1_0_2u, OpenSSL_1_0_2t, OpenSSL_1_1_0l, OpenSSL_1_1_1d, OpenSSL_1_1_1c, OpenSSL_1_1_0k, OpenSSL_1_0_2s, OpenSSL_1_0_2r, OpenSSL_1_1_1b |
|
| #
909f1a2e |
| 06-Dec-2018 |
Richard Levitte |
Following the license change, modify the boilerplates in test/
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7767)
|
|
Revision tags: OpenSSL_1_0_2q, OpenSSL_1_1_0j, OpenSSL_1_1_1a, OpenSSL_1_1_1, OpenSSL_1_1_1-pre9, OpenSSL_1_0_2p, OpenSSL_1_1_0i, OpenSSL_1_1_1-pre8, OpenSSL_1_1_1-pre7, OpenSSL_1_1_1-pre6, OpenSSL_1_1_1-pre5, OpenSSL_1_1_1-pre4 |
|
| #
c4d3c19b |
| 03-Apr-2018 |
Matt Caswell |
Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5851)
|
|
Revision tags: OpenSSL_1_0_2o, OpenSSL_1_1_0h, OpenSSL_1_1_1-pre3 |
|
| #
e613b1ef |
| 10-Mar-2018 |
Patrick Steuer |
aes ctr_drbg: add cavs tests
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #5
aes ctr_drbg: add cavs tests
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #5580
show more ...
|
|
Revision tags: OpenSSL_1_1_1-pre2, OpenSSL_1_1_1-pre1, OpenSSL_1_0_2n, OpenSSL_1_0_2m, OpenSSL_1_1_0g |
|
| #
75e2c877 |
| 03-Aug-2017 |
Rich Salz |
Switch from ossl_rand to DRBG rand
If RAND_add wraps around, XOR with existing. Add test to drbgtest that
does the wrap-around.
Re-order seeding and stop after first success.
Switch from ossl_rand to DRBG rand
If RAND_add wraps around, XOR with existing. Add test to drbgtest that
does the wrap-around.
Re-order seeding and stop after first success.
Add RAND_poll_ex()
Use the DF and therefore lower RANDOMNESS_NEEDED. Also, for child DRBG's,
mix in the address as the personalization bits.
Centralize the entropy callbacks, from drbg_lib to rand_lib.
(Conceptually, entropy is part of the enclosing application.)
Thanks to Dr. Matthias St Pierre for the suggestion.
Various code cleanups:
-Make state an enum; inline RANDerr calls.
-Add RAND_POLL_RETRIES (thanks Pauli for the idea)
-Remove most RAND_seed calls from rest of library
-Rename DRBG_CTX to RAND_DRBG, etc.
-Move some code from drbg_lib to drbg_rand; drbg_lib is now only the
implementation of NIST DRBG.
-Remove blocklength
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/4019)
show more ...
|
| #
12fb8c3d |
| 27-Jun-2017 |
Rich Salz |
Add DRBG random method
Ported from the last FIPS release, with DUAL_EC and SHA1 and the
self-tests removed. Since only AES-CTR is supported, other code
simplifications were done. R
Add DRBG random method
Ported from the last FIPS release, with DUAL_EC and SHA1 and the
self-tests removed. Since only AES-CTR is supported, other code
simplifications were done. Removed the "entropy blocklen" concept.
Moved internal functions to new include/internal/rand.h.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/3789)
show more ...
|
|
Revision tags: OpenSSL_1_0_2l, OpenSSL_1_1_0f, OpenSSL-fips-2_0_16, OpenSSL_1_1_0e, OpenSSL_1_0_2k, OpenSSL_1_1_0d, OpenSSL-fips-2_0_15, OpenSSL-fips-2_0_14, OpenSSL_1_1_0c, OpenSSL_1_0_2j, OpenSSL_1_1_0b, OpenSSL_1_0_1u, OpenSSL_1_0_2i, OpenSSL_1_1_0a, OpenSSL_1_1_0, OpenSSL_1_1_0-pre6, OpenSSL-fips-2_0_13, OpenSSL_1_0_1t, OpenSSL_1_0_2h |
|
| #
596d6b7e |
| 22-Apr-2016 |
Rich Salz |
Unified copyright for test recipes
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Revision tags: OpenSSL_1_1_0-pre5, OpenSSL_1_1_0-pre4, OpenSSL_1_0_1s, OpenSSL_1_0_2g, OpenSSL_1_1_0-pre3, OpenSSL-fips-2_0_12, OpenSSL_1_0_1r, OpenSSL_1_0_2f, OpenSSL_1_1_0-pre2, OpenSSL_1_1_0-pre1, OpenSSL_0_9_8zh, OpenSSL_1_0_0t, OpenSSL_1_0_1q, OpenSSL_1_0_2e, OpenSSL_1_0_1p, OpenSSL_1_0_2d, OpenSSL-fips-2_0_11, OpenSSL_1_0_1o, OpenSSL_1_0_2c, OpenSSL_0_9_8zg, OpenSSL_1_0_0s, OpenSSL_1_0_1n, OpenSSL_1_0_2b, OpenSSL-fips-2_0_10 |
|
| #
93de4f58 |
| 21-Apr-2015 |
Richard Levitte |
Simplify very simple test recipes further.
Very simple test recipes easily become tedious, so they might benefit
from being made as simple as possible. Therefore, OpenSSL::Test::Simple
Simplify very simple test recipes further.
Very simple test recipes easily become tedious, so they might benefit
from being made as simple as possible. Therefore, OpenSSL::Test::Simple
is born. It currently provides but one function, simple_test(), which
takes a minimum of two parameters (test name and program to run), with
the optional third, being the algorithm to be checked for before
running the test itself.
All recipes with that simple thing to do have been rewritten to be as
minimal as possible.
Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
| #
894025c6 |
| 17-Apr-2015 |
Richard Levitte |
Add recipes for individual block ciphers, stream ciphers and digests
These recipes all correspond to a compiled test program.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
