#
7ed6de99 |
| 05-Sep-2024 |
Tomas Mraz |
Copyright year updates Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes
|
#
c37e2176 |
| 21-Aug-2024 |
slontis |
Add FIPS indicators to X25519 and X448. X25519 and X448 are unapproved in FIPS 140-3 So always trigger the indicator callback if these Keys are used, and add "fips-indicator" getters that
Add FIPS indicators to X25519 and X448. X25519 and X448 are unapproved in FIPS 140-3 So always trigger the indicator callback if these Keys are used, and add "fips-indicator" getters that return 0. This has been added to keygen and key exchange. (KEM will also require it if ever becomes a FIPS algorithm). Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from https://github.com/openssl/openssl/pull/25246)
show more ...
|
#
f9e1117c |
| 14-Aug-2024 |
Pauli |
Revert "test: update EdDSA tests for FIPS and no pre-hashing" This reverts commit 09eaf16771fe5b5b57cac0ddfd6bf8ca3584134b. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> R
Revert "test: update EdDSA tests for FIPS and no pre-hashing" This reverts commit 09eaf16771fe5b5b57cac0ddfd6bf8ca3584134b. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25192)
show more ...
|
#
09eaf167 |
| 30-Jul-2024 |
Pauli |
test: update EdDSA tests for FIPS and no pre-hashing Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/o
test: update EdDSA tests for FIPS and no pre-hashing Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/25032)
show more ...
|
#
da1c088f |
| 07-Sep-2023 |
Matt Caswell |
Copyright year updates Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes
|
#
836080a8 |
| 16-Oct-2022 |
James Muir |
Support all five EdDSA instances from RFC 8032 Fixes #6277 Description: Make each of the five EdDSA instances defined in RFC 8032 -- Ed25519, Ed25519ctx, Ed25519ph, Ed448, E
Support all five EdDSA instances from RFC 8032 Fixes #6277 Description: Make each of the five EdDSA instances defined in RFC 8032 -- Ed25519, Ed25519ctx, Ed25519ph, Ed448, Ed448ph -- available via the EVP APIs. The desired EdDSA instance is specified via an OSSL_PARAM. All instances, except for Ed25519, allow context strings as input. Context strings are passed via an OSSL_PARAM. For Ed25519ctx, the context string must be nonempty. Ed25519, Ed25519ctx, Ed448 are PureEdDSA instances, which means that the full message (not a digest) must be passed to sign and verify operations. Ed25519ph, Ed448ph are HashEdDSA instances, which means that the input message is hashed before sign and verify. Testing: All 21 test vectors from RFC 8032 have been added to evppkey_ecx.txt (thanks to Shane Lontis for showing how to do that). Those 21 test vectors are exercised by evp_test.c and cover all five instances. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/19705)
show more ...
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13, openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11, openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7, OpenSSL_1_1_1h |
|
#
5ccada09 |
| 07-Aug-2020 |
Shane Lontis |
Add evp_test fixes. Changed many tests so they also test fips (and removed 'availablein = default' from some tests). Seperated the monolithic evppkey.txt file into smaller maintainable g
Add evp_test fixes. Changed many tests so they also test fips (and removed 'availablein = default' from some tests). Seperated the monolithic evppkey.txt file into smaller maintainable groups. Changed the availablein option so it must be first - this then skips the entire test before any fetching happens. Changed the code so that all the OPENSSL_NO_XXXX tests are done in code via methods such as is_cipher_disabled(alg), before the fetch happens. Added missing libctx's found by adding a libctx to test_evp. Broke up large data files for cipher, kdf's and mac's into smaller pieces so they no longer need 'AvailableIn = default' Added missing algorithm aliases for cipher/digests to the providers. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12236)
show more ...
|