enable\-fips (full) in projects: third_party

Project(s)

Full Search
Definition
Symbol
File Path
History
Type

Searched +full:enable +full:- +full:fips (Results 1 – 25 of 51) sorted by relevance

12 3

/third_party/openssl/
D	README-FIPS.md	1 OpenSSL FIPS support 5 FIPS 140-2 validated. The module is implemented as an OpenSSL provider. 7 cryptographic algorithms, see the [README-PROVIDERS](README-PROVIDERS.md) file 10 A cryptographic module is only FIPS validated after it has gone through the complex 11 FIPS 140 validation process. As this process takes a very long time, it is not 13 If you need a FIPS validated module then you must ONLY generate a FIPS provider 14 using OpenSSL versions that have valid FIPS certificates. A FIPS certificate 16 in the Security Policy in order to be FIPS compliant. 18 FIPS certificates and Security Policies. 22 legacy providers) without any restrictions, but the FIPS provider must be built [all …]
D	INSTALL.md	`11 - [Prerequisites](#prerequisites) 12 - [Notational Conventions](#notational-conventions) 13 - [Quick Installation Guide](#quick-installation-guide) 14 - [Building OpenSSL](#building-openssl) 15 - [Installing OpenSSL](#installing-openssl) 16 - [Configuration Options](#configuration-options) 17 - [API Level](#api-level) 18 - [Cross Compile Prefix](#cross-compile-prefix) 19 - [Build Type](#build-type) 20 - [Directories](#directories) [all …]`
D	NOTES-NONSTOP.md	5 ------------------- 11 Specify the `--with-rand-seed=rdcpu` option to the `./Configure` script. 13 be used if FIPS is selected. 15 specify the `--with-rand-seed=egd` option to the `./Configure` script. 18 ------------------ 27 ---------------- 31 the TNS/X (L-Series) platform: 33 * `nonstop-nsx` or default will select an unthreaded build. 34 * `nonstop-nsx_put` selects the PUT build. 35 * `nonstop-nsx_64_put` selects the 64 bit file length PUT build. [all …]
D	appveyor.yml	`2 - Visual Studio 2017 5 - x64 6 - x86 11 - VSVER: 15 14 - shared 15 - minimal 18 - 21 - master 23 - shared 24 - plain [all …]`
D	CHANGES.md	`4 This is a high-level summary of the most important changes. 11 ---------------- 13 - [OpenSSL 3.0](#openssl-30) 14 - [OpenSSL 1.1.1](#openssl-111) 15 - [OpenSSL 1.1.0](#openssl-110) 16 - [OpenSSL 1.0.2](#openssl-102) 17 - [OpenSSL 1.0.1](#openssl-101) 18 - [OpenSSL 1.0.0](#openssl-100) 19 - [OpenSSL 0.9.x](#openssl-09x) 22 ----------- [all …]`
D	Configure	2 # -- mode: perl; -- 3 # Copyright 2016-2023 The OpenSSL Project Authors. All Rights Reserved. 10 ## Configure -- OpenSSL source tree configuration script 30 …-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lxxx] [-Lxxx] [-fxxx] [-Kxxx] [no-hw-xxx\|no-hw] [[n… 42 * perl configdata.pm --dump * 52 # --config add the given configuration file, which will be read after 55 # --prefix prefix for the OpenSSL installation, which includes the 59 # --openssldir OpenSSL data area, such as openssl.cnf, certificates and keys. 61 # given with --prefix. 64 # --banner=".." Output specified text instead of default completion banner [all …]
D	NEWS.md	`8 ---------------- 10 - [OpenSSL 3.0](#openssl-30) 11 - [OpenSSL 1.1.1](#openssl-111) 12 - [OpenSSL 1.1.0](#openssl-110) 13 - [OpenSSL 1.0.2](#openssl-102) 14 - [OpenSSL 1.0.1](#openssl-101) 15 - [OpenSSL 1.0.0](#openssl-100) 16 - [OpenSSL 0.9.x](#openssl-09x) 19 ----------- 24 IDENTIFIER sub-identities. ([CVE-2023-2650]) [all …]`
/third_party/openssl/doc/man3/
D	EVP_set_default_properties.pod	7 - Set default properties for future algorithm fetches 14 int EVP_default_properties_enable_fips(OSSL_LIB_CTX *libctx, int enable); 31 EVP_default_properties_enable_fips() sets the 'fips=yes' to be a default property 32 if I<enable> is non zero, otherwise it clears 'fips' from the default property 33 query for the given I<libctx>. It merges the fips default property query with any 36 EVP_default_properties_is_fips_enabled() indicates if 'fips=yes' is a default 51 EVP_default_properties_is_fips_enabled() returns 1 if the 'fips=yes' default 64 Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
D	SSL_CTX_set_options.pod	7 SSL_get_secure_renegotiation_support - manipulate SSL options 26 SSL_CTX_set_options() adds the options set via bit-mask in B<options> to B<ctx>. 29 SSL_set_options() adds the options set via bit-mask in B<options> to B<ssl>. 32 SSL_CTX_clear_options() clears the options set via bit-mask in B<options> 35 SSL_clear_options() clears the options set via bit-mask in B<options> to B<ssl>. 48 The options are coded as bit-masks and can be combined by a bitwise B<or> 67 Add server-hello extension from the early version of cryptopro draft 80 Don't prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS X. 81 OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers. 95 It is usually safe to use B<SSL_OP_ALL> to enable the bug workaround [all …]
D	EC_GROUP_copy.pod	17 - Functions for manipulating EC_GROUP objects 86 n-1 where n is the B<order>. The B<order> multiplied by the B<cofactor> gives the number of points … 145 does not use this seed value but does enable you to inspect it using EC_GROUP_get0_seed(). This ret… 147 built-in curves within the library provide seed values that can be obtained. It is also possible to… 165 the correct order. For the OpenSSL FIPS provider it uses EC_GROUP_check_named_curve() to conform to… 167 …d_curve() determines if the group's domain parameters match one of the built-in curves supported b… 170 … lookup the name of the curve that matches the group domain parameters. The built-in curves contain 173 If B<nist_only> is 1 it will only look for NIST approved curves, otherwise it searches all built-in… 222 …) returns the nid of the matching named curve, otherwise it returns 0 for no match, or -1 on error. 236 EC_GROUP_cmp() returns 0 if the curves are equal, 1 if they are not equal, or -1 on error. [all …]
D	EVP_PKEY_CTX_ctrl.pod	73 - algorithm specific control operations 198 type used must match I<keytype> if it is not -1. The parameter I<optype> is a 216 command line pages for the option I<-pkeyopt> which is supported by the 332 EVP_MD object instead. Note that only known, built-in EVP_MD objects will be 355 EVP_MD object instead. Note that only known, built-in EVP_MD objects will be 371 pre-master secret in a TLS ClientKeyExchange message. It is the same as 400 parameter generation to I<md>. If not specified, one of SHA-1, SHA-224, or 401 SHA-256 is selected to match the bit length of I<q> above. 406 If not specified, I<md_name> will be set to one of SHA-1, SHA-224, or 407 SHA-256 depending on the bit length of I<q> above. I<md_properties> is a [all …]
/third_party/rust/crates/rust-openssl/openssl/src/
D	fips.rs	`1 //! FIPS 140-2 support. 5 //! [OpenSSL's documentation]: https://www.openssl.org/docs/fips/UserGuide-2.0.pdf 10 /// Moves the library into or out of the FIPS 140-2 mode of operation. 12 pub fn enable(enabled: bool) -> Result<(), ErrorStack> { in enable() function 17 /// Determines if the library is running in the FIPS 140-2 mode of operation. 19 pub fn enabled() -> bool { in enabled()`
/third_party/openssl/doc/man7/
D	EVP_MAC-KMAC.pod	5 EVP_MAC-KMAC, EVP_MAC-KMAC128, EVP_MAC-KMAC256 6 - The KMAC EVP_MAC implementations 19 =item "KMAC-128", "provider=default" or "provider=fips" 21 =item "KMAC-256", "provider=default" or "provider=fips" 34 Likewise, the "block-size" parameter can be retrieved with 54 By default, it is 16 for C<KMAC-128> and 32 for C<KMAC-256>. 56 =item "block-size" (B<OSSL_MAC_PARAM_SIZE>) <unsigned integer> 59 By default, it is 168 for C<KMAC-128> and 136 for C<KMAC-256>. 63 The "xof" parameter value is expected to be 1 or 0. Use 1 to enable XOF mode. 89 mac = EVP_MAC_fetch(NULL, "KMAC-128", NULL); [all …]
D	migration_guide.pod	5 migration_guide - OpenSSL migration guide 32 OpenSSL 3.0 such as the availability of the FIPS module. 37 licenses\|https://www.openssl.org/source/license-openssl-ssleay.txt> 39 L<Apache License v2\|https://www.openssl.org/source/apache-license-2.0.txt>. 41 =head3 Providers and FIPS support 53 One of the standard providers available is the FIPS provider. This makes 54 available FIPS validated cryptographic algorithms. 55 The FIPS provider is disabled by default and needs to be enabled explicitly 56 at configuration time using the C<enable-fips> option. If it is enabled, 57 the FIPS provider gets built and installed in addition to the other standard [all …]
D	EVP_KDF-PBKDF2.pod	5 EVP_KDF-PBKDF2 - The PBKDF2 EVP_KDF implementation 9 Support for computing the B<PBKDF2> password-based KDF through the B<EVP_KDF> 12 The EVP_KDF-PBKDF2 algorithm implements the PBKDF2 password-based key 13 derivation function, as described in SP800-132; it derives a key from a password 43 This parameter can be used to enable or disable SP800-132 compliance checks. 50 =item - the iteration count is at least 1000. 52 =item - the salt length is at least 128 bits. 54 =item - the derived key length is at least 112 bits. 59 and the FIPS provider uses a default mode of 0. 80 SP800-132 [all …]
D	EVP_PKEY-EC.pod	5 EVP_PKEY-EC, 6 EVP_KEYMGMT-EC 7 - EVP_PKEY EC keytype and algorithm support 17 used that specify "field-type", "p", "a", "b", "generator" and "order". 23 built-in EC algorithm: 31 =item "field-type" (B<OSSL_PKEY_PARAM_EC_FIELD_TYPE>) <UTF8 string> 33 The value should be either "prime-field" or "characteristic-two-field", 39 represents the irreducible polynomial - each bit represents a term in the 67 I<order> - 1. 71 =item "decoded-from-explicit" (B<OSSL_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAMS>) <integer> [all …]
/third_party/openssl/Configurations/
D	unix-Makefile.tmpl	`4 ## {- join("\n## ", @autowarntext) -} 5 {- 9 our $makedepcmd = platform->makedepcmd(); 17 our $sover_dirname = platform->shlib_version_as_filename(); 29 $COLUMNS = int($COLUMNS) - 2; # 2 to leave space for ending ' \' 61 -} 62 PLATFORM={- $config{target} -} 63 OPTIONS={- $config{options} -} 64 CONFIGURE_ARGS=({- join(", ",quotify_l(@{$config{perlargv}})) -}) 65 SRCDIR={- $config{sourcedir} -} [all …]`
D	windows-makefile.tmpl	`4 ## {- join("\n## ", @autowarntext) -} 5 {- 9 our $sover_dirname = platform->shlib_version_as_filename(); 12 my $install_flavour = $build_scheme->[$#$build_scheme]; # last element 14 $install_flavour eq "VC-WOW" ? "ProgramFiles(x86)" 17 $install_flavour eq "VC-WOW" ? "CommonProgramFiles(x86)" 36 -} 38 PLATFORM={- $config{target} -} 39 SRCDIR={- $config{sourcedir} -} 40 BLDDIR={- $config{builddir} -} [all …]`
/third_party/openssl/crypto/evp/
D	evp_fetch.c	2 * Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved. 69 if (methdata->tmp_store == NULL) in get_tmp_evp_method_store() 70 methdata->tmp_store = ossl_method_store_new(methdata->libctx); in get_tmp_evp_method_store() 71 return methdata->tmp_store; in get_tmp_evp_method_store() 91 && (store = get_evp_method_store(methdata->libctx)) == NULL) in reserve_evp_method_store() 102 && (store = get_evp_method_store(methdata->libctx)) == NULL) in unreserve_evp_method_store() 113 * The resulting identity is a 31-bit integer, composed like this: 115 * +---------23 bits--------+-8 bits-+ 117 * +------------------------+--------+ 126 #define METHOD_ID_OPERATION_MAX ((1 << 8) - 1) [all …]
D	evp_rand.c	2 * Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved. 58 return CRYPTO_UP_REF(&rand->refcnt, &ref, rand->refcnt_lock); in evp_rand_up_ref() 69 CRYPTO_DOWN_REF(&rand->refcnt, &ref, rand->refcnt_lock); in evp_rand_free() 72 OPENSSL_free(rand->type_name); in evp_rand_free() 73 ossl_provider_free(rand->prov); in evp_rand_free() 74 CRYPTO_THREAD_lock_free(rand->refcnt_lock); in evp_rand_free() 83 \|\| (rand->refcnt_lock = CRYPTO_THREAD_lock_new()) == NULL) { in evp_rand_new() 87 rand->refcnt = 1; in evp_rand_new() 91 /* Enable locking of the underlying DRBG/RAND if available */ 94 if (rand->meth->enable_locking != NULL) in EVP_RAND_enable_locking() [all …]
/third_party/python/Tools/ssl/
D	multissltests.py	`23 (c) 2013-2017 Christian Heimes <christian@python.org> 75 '--debug', 77 help="Enable debug logging", 80 '--disable-ancient', 85 '--openssl', 94 '--libressl', 103 '--tests', 109 '--base-directory', 114 '--no-network', 120 '--steps', [all …]`
/third_party/wpa_supplicant/wpa_supplicant-2.9/wpa_supplicant/
D	ChangeLog	`3 2019-08-07 - v2.9 5 - disable use of groups using Brainpool curves 6 - improved protection against side channel attacks 7 [https://w1.fi/security/2019-6/] 8 * EAP-pwd changes 9 - disable use of groups using Brainpool curves 10 - allow the set of groups to be configured (eap_pwd_groups) 11 - improved protection against side channel attacks 12 [https://w1.fi/security/2019-6/] 13 * fixed FT-EAP initial mobility domain association using PMKSA caching [all …]`
/third_party/wpa_supplicant/wpa_supplicant-2.9_standard/wpa_supplicant/
D	ChangeLog	`3 2024-07-20 - v2.11 4 * Wi-Fi Easy Connect 5 - add support for DPP release 3 6 - allow Configurator parameters to be provided during config exchange 8 - add support for GCM-AES-256 cipher suite 9 - remove incorrect EAP Session-Id length constraint 10 - add hardware offload support for additional drivers 11 * HE/IEEE 802.11ax/Wi-Fi 6 12 - support BSS color updates 13 - various fixes [all …]`
/third_party/openssl/test/
D	acvp_test.c	2 * Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved. 14 * providers/fips/self_test_kats.c 34 OPT_ERR = -1, 41 int enable; member 125 self_test_args.enable = 1; in ecdsa_keygen_test() 126 if (!TEST_ptr(pkey = EVP_PKEY_Q_keygen(libctx, NULL, "EC", tst->curve_name)) in ecdsa_keygen_test() 141 self_test_args.enable = 0; in ecdsa_keygen_test() 189 if (!TEST_true(ecdsa_create_pkey(&pkey, tst->curve_name, in ecdsa_pub_verify_test() 190 tst->pub, tst->pub_len, tst->pass))) in ecdsa_pub_verify_test() 193 if (tst->pass) { in ecdsa_pub_verify_test() [all …]
/third_party/mbedtls/include/mbedtls/
D	ecp.h	9 * <em>RFC-4492: Elliptic Curve Cryptography (ECC) Cipher Suites 12 * <em>RFC-2409: The Internet Key Exchange (IKE)</em> defines ECP 19 * SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 35 #define MBEDTLS_ERR_ECP_BAD_INPUT_DATA -0x4F80 37 #define MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL -0x4F00 39 #define MBEDTLS_ERR_ECP_FEATURE_UNAVAILABLE -0x4E80 41 #define MBEDTLS_ERR_ECP_VERIFY_FAILED -0x4E00 43 #define MBEDTLS_ERR_ECP_ALLOC_FAILED -0x4D80 45 #define MBEDTLS_ERR_ECP_RANDOM_FAILED -0x4D00 47 #define MBEDTLS_ERR_ECP_INVALID_KEY -0x4C80 [all …]

12 3