mirrors/wolfssl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
17,477 Commits 5 Branches 162 Tags
Commit Graph

56 Commits

Author SHA1 Message Date
David Garske
b9be5c2c24 Update to FIPS v5-ready will use latest master. Support for FIPS in core hash using SHA2-256 and SHA2-384 in fips_test.h. Fixes for MATH_INT_T. Fix error: ‘tls13_kdf_test’ declared ‘static’ but never defined. 2022-07-01 15:40:21 -07:00
Kaleb Himes
0e8066dda0
Fix typo 2022-03-03 11:45:42 -07:00
kaleb-himes
27c445235c Add a cert 3389 ready option 2022-02-25 13:50:06 -07:00
Daniel Pouzzner
5c9510d92e fips_check.sh: for linuxv2 add COPY_DIRECT with wolfcrypt/src/{aes_asm.S,aes_asm.asm}; for linuxv5 add wolfcrypt/src/aes_gcm_asm.S to COPY_DIRECT; fix whitespace. 2022-02-10 16:01:08 -06:00
John Safranek
68e58bb321
Update configure and fips-check.sh for FIPS RC12. 2021-12-30 15:21:44 -08:00
Daniel Pouzzner
951eb72ecb fips-check.sh: update+streamline flavors -- add linuxv5-dev (checks out fips master same as old linuxv5-ready) , drop linuxv5-RC8, linuxv5-RC9, linuxv5-RC10, and the desupported/unbuildable fips-v3-ready; update linuxv5 and linuxv5-ready to use WCv5.0-RC11; use the term "flavor" consistently for the fips key (versus "version" or "platform"); cleanup to satisfy shellcheck. 2021-12-22 17:32:36 -06:00
John Safranek
158ebcaa0a
Add v5-RC10 to the list of allowed versions 2021-11-16 16:36:38 -08:00
John Safranek
3384159cb9
Add WCv5.0-RC10 to fips-check script. Remove some new whitespace from sniffer. 2021-11-12 14:10:58 -08:00
Daniel Pouzzner
46ecf752b4 fips-check.sh: update wolfSSL remote & tag for linuxv5 aka linuxv5-RC9. 2021-10-27 18:17:57 -05:00
Daniel Pouzzner
d105256330 fips-check.sh: remap fips-ready target to be ready flavor of 140-3, temporarily with FIPS_VERSION="master"; add fips-v3-ready target with FIPS_VERSION="v4.1.1"; add linuxv5|linuxv5-RC9 target to be updated after merge with tags. 2021-10-26 20:24:29 -05:00
Daniel Pouzzner
8bdae98a93 fips-check.sh: temporarily arrange for "linuxv5" to be an alias of "linuxv5-ready", to arrange for Jenkins testing of wolfcrypt code in the PR in FIPS mode. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
a3435ca062 fips-check.sh: exit (fatal error) if git fails. 2021-10-26 20:24:28 -05:00
Daniel Pouzzner
14f39f07a2 fips-check.sh: add linuxv5-ready (--enable-fips=v5-ready). 2021-10-26 20:24:27 -05:00
Daniel Pouzzner
834efe4ff6 fips-check.sh: update to test 140-3 using --enable-fips=v5-RC8 and the WCv5.0-RC8 version tags. 2021-10-26 20:24:27 -05:00
John Safranek
f69b6ac5eb Add missing verify curves into configure. Copy the kdf files when building for FIPSv5. 2021-10-26 20:24:25 -05:00
John Safranek
a562db82ef 1. Rename and relabel the FIPS 140-3 option as wolfCrypt v5. 
2. Make sure the correct SHA assembly files are copied over for the latest FIPS build.
 2021-10-26 20:24:25 -05:00
John Safranek
bffe4f64dd Add option to fips-check script to checkout specific named files from the FIPS tag. 2021-10-26 20:24:25 -05:00
John Safranek
a5032e8087 Update the fips-check script to pull the sources from GitHub rather than 
from a directory on a local machine.
 2021-10-26 20:24:24 -05:00
John Safranek
df859d30f3 FIPS 140-3 
1. Change the internal version number for the FIPS 140-3 changes as v4.
2. Insert v3 as an alias for FIPS Ready.
3. Use the correct directory for the FIPS old files sources. (For local
   testing of 140-3 builds.)
4. Change back the check for the FIPS version in internal.c for
   EccMakeKey().
 2021-10-26 20:24:24 -05:00
John Safranek
1683644e77 FIPS 140-3 
1. Fix issue with FIPS Ready and FIPS 140-3. FR acts at the latest
   version in the code, but that leaves DES3 out of the build. The code
   was still including the header. Force DES3 disabled in FIPS Ready
   builds.
 2021-10-26 20:24:24 -05:00
John Safranek
f1bd79ac50 FIPS 140-3 
1. Added enable option for FIPS 140-3 in configure script.
2. Modify DES3 source to disallow DES3 for the new option.
3. Added the new constants to fips_test.h.
4. Added some new test functions.
5. Added API for doing the POST.
6. Added a processing state for the CASTs.
7. Delete some unused prototypes from FIPS test API.
 2021-10-26 20:24:24 -05:00
John Safranek
ef5271dd9f
fips-check script shouldn't force FIPS-ready build to be v2. 2020-08-14 14:31:50 -07:00
Chris Conlon
7861a22d28 add marvell-linux-selftest target to fips-check.sh 2020-07-29 15:10:47 -06:00
John Safranek
ba9fd89314 Script Portability 
1. The openssl interop test script should check that it should run before
doing anything else.
2. The process to create a random port number was using a non-portable
option to the head command. Changed to use the od tool reading from
/dev/random.
3. Ran into a sed that doesn't use the -i option, so changed it to cp its
own bak file and sed from that.
 2020-05-18 09:04:41 -07:00
Tesfa Mael
f894d4c0d2 FIPS on Solaris 2020-05-14 10:11:54 -07:00
Chris Conlon
fd6328aa8e adjust NETBSD selftest tag in fips-check.sh for CAVP version API 2019-10-11 14:29:41 -06:00
John Safranek
e8986f389f wolfRand 
1. Updated fips-check.sh to make an archive for wolfRand.
2. Updated configure.ac to provide a wolfRand build.
 2019-08-16 09:33:41 -07:00
kaleb-himes
fdeb65dec8 WCv4.0.1-stable changes 
CHAR_BIT to 8, simplify logic from peer review

Update build script
 2019-07-16 15:58:56 -06:00
John Safranek
f1af32b783 No-FIPS/FIPS Build 
Update the fips-check script to create an archive with the current revision of the parts.
 2019-03-11 17:13:02 -07:00
David Garske
ed79aa1dc5 Fix to resolve issue with fips_check.sh after --depth=1 change in PR #1920. Fixes Jenkins report error: pathspec 'v3.6.0' did not match any file(s) known to git. 2018-11-13 06:30:05 -08:00
David Garske
533f4a5c77 Speedups for the git clone calls in check scripts to use --depth 1. 
```
BEFORE CHANGE:

time ./fips-check.sh windows keep
Receiving objects: 100% (18408/18408), 12.61 MiB | 625.00 KiB/s, done.
Receiving objects: 100% (7045/7045), 110.48 MiB | 488.00 KiB/s, done.

real	5m4.604s
user	1m38.039s
sys	0m25.984s

AFTER CHANGE:
time ./fips-check.sh windows keep
Receiving objects: 100% (642/642), 1.02 MiB | 1.26 MiB/s, done.
Receiving objects: 100% (767/767), 24.15 MiB | 487.00 KiB/s, done.

real	1m43.194s
user	1m34.100s
sys	0m24.046s
```
 2018-11-09 09:36:41 -08:00
John Safranek
582cf3182e FIPSv2: RNG Update 
1. Update the SEED_BLOCK_SZ to 4 for non-FIPS builds.
2. Change fips-check.sh to skip copying over the random.{c,h} files for
now. Need the tagged versions of the other files and the new random for
now.
 2018-09-18 14:36:43 -07:00
John Safranek
c9434c5ad8 FIPS build and ECC fixes 
1. The fips-check script was missing the ecc file when building the FIPSv2 test directory. The correct file was sent in for testing.
2. When building with ECC import validation enabled, one usage of the ALLOC_CURVE_SPECS macro had an extra parameter. (copy-and-paste error)
 2018-07-19 10:02:14 -07:00
John Safranek
7827712fcc FIPS Revalidation (acceptance fixes) 
1. The Windows 10 wolfcrypt test project was missing the flag for USE_CERT_BUFFERS_256.
2. Add note to fips-check about using linuxv2 with Win10.
 2018-06-11 15:27:52 -07:00
John Safranek
df6fe0b07c FIPS Revalidation (acceptance fixes) 
1. Update the fips-check script to pull the FIPSv2 code from the main repositories.
2. Script cleanup.
3. Disable the api.test check of wc_ecc_mulmod() when WOLFSSL_VALIDATE_ECC_IMPORT is enabled.
 2018-06-08 10:36:28 -07:00
John Safranek
f6fe3744a7 FIPS Update 
1. Moved the rest of the FIPS algorithms to FIPSv2.
2. Updated the fips-check and autogen scripts.
3. Updated the automake include for the crypto files.
4. Updated the example server to use the wolfSSL API and wolfSSL-based OpenSSL compatibility layer.
5. Added error code for the SHA-3 KAT.
6. Updated an test case in the API test for AES-GCM encrypt that is now considered a success case, but the FIPS mode was still treating as a failure.
 2018-05-16 15:47:12 -04:00
Chris Conlon
d60b16c5b8
Merge pull request #1531 from kaleb-himes/FIPS-CHECK-SCRIPT 
revert to default but exclude for sgx/netos
 2018-05-01 15:14:00 -06:00
kaleb-himes
c5a39b9048 rever to default but exclude for sgx/netos projects 2018-04-30 15:17:58 -06:00
toddouska
8311628f93
Merge pull request #1508 from kaleb-himes/FIPS-CHECK-SCRIPT 
Fips check script
 2018-04-30 10:50:03 -07:00
kaleb-himes
3476a9b55a versions for Baxter updated, new tag in fips v3.12.6 2018-04-19 15:24:22 -06:00
kaleb-himes
effaa18b32 Fixing some kinks 2018-03-30 12:46:59 -06:00
Chris Conlon
9edaac8e1c update NetBSD fips-check version to include selftest ECDSA fix 2018-03-26 14:37:39 -06:00
kaleb-himes
323abafc1c backup updates for SGX and DB jobs 2018-03-16 15:34:30 -06:00
Chris Conlon
ad53037852 add CAVP selftest option for special build 2018-02-23 10:14:56 -07:00
toddouska
2b1b7632fc add keep option to fips-check.sh to keep FIPS temp folder around 2017-03-16 11:10:12 -07:00
toddouska
e3503b8f9b 3.10.3 rel 2017-02-17 14:49:18 -08:00
kaleb-himes
b2e4a50bf4 fips checkout for OpenRTOS v9.0.0 w/ wolfCrypt v3.9.2 on Atmels ATSAM4L CPU 2017-01-30 15:32:59 -07:00
toddouska
6041b117d6 fix fips-check freertos help string 2015-09-04 11:05:53 -07:00
John Safranek
6dd85815bf added freertos build to fips-check script 2015-09-03 14:05:09 -07:00
John Safranek
c34082b7ba updated fips-check script with proper win versions 2015-09-01 17:57:37 -07:00