#
7ed6de99 |
| 05-Sep-2024 |
Tomas Mraz |
Copyright year updates Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes
|
#
f68ba38e |
| 24-Jul-2024 |
Richard Levitte |
Refactor OpenSSL 'ECDSA' EVP_SIGNATURE to also include ECDSA+hash composites Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-b
Refactor OpenSSL 'ECDSA' EVP_SIGNATURE to also include ECDSA+hash composites Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24992)
show more ...
|
#
bb2be4f0 |
| 24-Jul-2024 |
Richard Levitte |
Refactor OpenSSL 'DSA' EVP_SIGNATURE to also include DSA+hash composites (in the code, "sigalg" is used to refer to these composite algorithms, which is a nod to libcrypto and libssl, wh
Refactor OpenSSL 'DSA' EVP_SIGNATURE to also include DSA+hash composites (in the code, "sigalg" is used to refer to these composite algorithms, which is a nod to libcrypto and libssl, where that term is commonly used for composite algorithms) Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24992)
show more ...
|
#
1751334f |
| 02-Feb-2024 |
Richard Levitte |
Refactor OpenSSL 'EdDSA' EVP_SIGNATURE to allow use with EVP_PKEY functions Add EVP_PKEY_{sign,verify}_message support for our Ed25519 and Ed448 implementations, including ph and ctx var
Refactor OpenSSL 'EdDSA' EVP_SIGNATURE to allow use with EVP_PKEY functions Add EVP_PKEY_{sign,verify}_message support for our Ed25519 and Ed448 implementations, including ph and ctx variants. Tests are added with test_evp stanzas. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24975)
show more ...
|
#
b02cf2fc |
| 10-Jul-2024 |
Richard Levitte |
Add new test types in test/evp_test.c, and a test for RSA sigalgs With these tests, we get to test: - EVP_PKEY_sign_init_ex() - EVP_PKEY_verify_init_ex2() - EVP_PKEY_verify_
Add new test types in test/evp_test.c, and a test for RSA sigalgs With these tests, we get to test: - EVP_PKEY_sign_init_ex() - EVP_PKEY_verify_init_ex2() - EVP_PKEY_verify_recover_init_ex2() - EVP_PKEY_sign_message_init() and friends - EVP_PKEY_verify_message_init() and friends A few test cases for RSA-{hash} are added, in test/recipes/30-test_evp_data/evppkey_rsa_sigalg.txt Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23416)
show more ...
|
#
da1c088f |
| 07-Sep-2023 |
Matt Caswell |
Copyright year updates Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes
|
#
4efd84fd |
| 11-Aug-2023 |
Matt Caswell |
Fix no-dsa in combination with no-err Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
Fix no-dsa in combination with no-err Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21722)
show more ...
|
#
4032cd9a |
| 17-Apr-2023 |
Yi Li |
configure: introduce no-ecx to remove ECX related feature This can effectively reduce the binary size for platforms that don't need ECX feature(~100KB). Signed-off-by: Yi Li <yi
configure: introduce no-ecx to remove ECX related feature This can effectively reduce the binary size for platforms that don't need ECX feature(~100KB). Signed-off-by: Yi Li <yi1.li@intel.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20781)
show more ...
|
#
6dfa998f |
| 27-Sep-2021 |
Čestmír Kalina |
providers: add Argon2 KDF https://datatracker.ietf.org/doc/rfc9106/ Signed-off-by: Čestmír Kalina <ckalina@redhat.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Revie
providers: add Argon2 KDF https://datatracker.ietf.org/doc/rfc9106/ Signed-off-by: Čestmír Kalina <ckalina@redhat.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12256)
show more ...
|
#
a5ad0158 |
| 27-Feb-2023 |
Pauli |
Don't do AES SIV tests with the FIPS provider Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.
Don't do AES SIV tests with the FIPS provider Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/20386)
show more ...
|
#
211c47ca |
| 15-Dec-2022 |
slontis |
Add KMAC support to KBKDF. Now that ACVP test vectors exist, support has been added for this mode. See https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-108r1.pdf
Add KMAC support to KBKDF. Now that ACVP test vectors exist, support has been added for this mode. See https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-108r1.pdf Note that the test vectors used fairly large values for the input key and the context, so the contraints for these has been increased from 256 to 512 bytes. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19916)
show more ...
|
#
6b3d2875 |
| 19-Jul-2022 |
slontis |
[test/recipes] Add RFC6979 deterministic DSA KATs in evptest format Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <h
[test/recipes] Add RFC6979 deterministic DSA KATs in evptest format Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18809)
show more ...
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13, openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11, openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7, OpenSSL_1_1_1h, openssl-3.0.0-alpha6, openssl-3.0.0-alpha5, openssl-3.0.0-alpha4, openssl-3.0.0-alpha3, openssl-3.0.0-alpha2, openssl-3.0.0-alpha1, OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e, OpenSSL_1_0_2u, OpenSSL_1_0_2t, OpenSSL_1_1_0l, OpenSSL_1_1_1d |
|
#
5375fd8e |
| 29-Jun-2019 |
Billy Brumley |
[test/recipes] RFC6979 deterministic ECDSA KATs in evptest format Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hla
[test/recipes] RFC6979 deterministic ECDSA KATs in evptest format Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18809)
show more ...
|
#
f3090fc7 |
| 15-Jul-2022 |
slontis |
Implement deterministic ECDSA sign (RFC6979) This PR is based off the contributions in PR #9223 by Jemmy1228. It has been modified and reworked to: (1) Work with providers (
Implement deterministic ECDSA sign (RFC6979) This PR is based off the contributions in PR #9223 by Jemmy1228. It has been modified and reworked to: (1) Work with providers (2) Support ECDSA and DSA (3) Add a KDF HMAC_DRBG implementation that shares code with the RAND HMAC_DRBG. A nonce_type is passed around inside the Signing API's, in order to support any future deterministic algorithms. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18809)
show more ...
|
#
9ba4f489 |
| 29-Nov-2022 |
Pauli |
evp_test: fix rebase mistake with no_gost Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/op
evp_test: fix rebase mistake with no_gost Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19785)
show more ...
|
#
edaab86d |
| 28-Nov-2022 |
Pauli |
aes: add AES-GCM-SIV modes to the FIPS provider Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/ope
aes: add AES-GCM-SIV modes to the FIPS provider Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/19777)
show more ...
|
#
d5e1fe9c |
| 23-Nov-2022 |
Tomas Mraz |
Drop incorrect skipping of some evp_test testcases with no-gost Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Matt Caswel
Drop incorrect skipping of some evp_test testcases with no-gost Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19739)
show more ...
|
#
c69cf38e |
| 08-Nov-2022 |
Pauli |
Revert "Move DES based test cases out of FIPS territory" This reverts commit c511953a0828e126b80a9ea8cee12d001d685ba8. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Review
Revert "Move DES based test cases out of FIPS territory" This reverts commit c511953a0828e126b80a9ea8cee12d001d685ba8. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19631)
show more ...
|
#
c511953a |
| 22-Sep-2022 |
Pauli |
Move DES based test cases out of FIPS territory Co-authored-by: Randall Steck <rsteck@thinqsoft.com> Co-authored-by: Mark J. Minnoch <mark@keypair.us> Co-authored-by: Steve Weymann <
Move DES based test cases out of FIPS territory Co-authored-by: Randall Steck <rsteck@thinqsoft.com> Co-authored-by: Mark J. Minnoch <mark@keypair.us> Co-authored-by: Steve Weymann <steve@keypair.us> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/19510)
show more ...
|
#
0113ec84 |
| 28-Apr-2022 |
Todd Short |
Implement AES-GCM-SIV (RFC8452) Fixes #16721 This uses AES-ECB to create a counter mode AES-CTR32 (32bit counter, I could not get AES-CTR to work as-is), and GHASH to implement
Implement AES-GCM-SIV (RFC8452) Fixes #16721 This uses AES-ECB to create a counter mode AES-CTR32 (32bit counter, I could not get AES-CTR to work as-is), and GHASH to implement POLYVAL. Optimally, there would be separate polyval assembly implementation(s), but the only one I could find (and it was SSE2 x86_64 code) was not Apache 2.0 licensed. This implementation lives only in the default provider; there is no legacy implementation. The code offered in #16721 is not used; that implementation sits on top of OpenSSL, this one is embedded inside OpenSSL. Full test vectors from RFC8452 are included, except the 0 length plaintext; that is not supported; and I'm not sure it's worthwhile to do so. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18693)
show more ...
|
#
0648ec1c |
| 04-Jul-2022 |
Mingjun.Yang |
feat: add hmac-sm3 test cases from GM/T 0042-2015 Appendix D.3 Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.c
feat: add hmac-sm3 test cases from GM/T 0042-2015 Appendix D.3 Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18714)
show more ...
|
#
0e9a265e |
| 18-Nov-2021 |
Patrick Uiterwijk |
Support different R_BITS lengths for KBKDF Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull
Support different R_BITS lengths for KBKDF Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17063)
show more ...
|
#
7f5a9399 |
| 12-Aug-2021 |
Shane Lontis |
Add support for camellia cbc cts mode Fixes #16276 Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16286)
|
#
d209fc6c |
| 04-Aug-2021 |
Pauli |
evp_test: add TLS 1.3 KDF test suite Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
evp_test: add TLS 1.3 KDF test suite Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/16203)
show more ...
|
#
f53c079f |
| 18-Jun-2021 |
Tomas Mraz |
evp_test: Support testing of stitched TLS ciphers Add a few testcases. Fixes #15749 Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <pauli@ope
evp_test: Support testing of stitched TLS ciphers Add a few testcases. Fixes #15749 Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15827)
show more ...
|