...
Event: BIND sources include file named sha1.h
Message: ./fipscc_nios/bind9/lib/isc/hmacsha.c:31:#include
Event: ISC ISC library in BIND: HMAC-SHA1 hash init function isc_hmacsha1_init() which is a wrapper for HMAC_Init()
Message: ./fipscc_nios/bind9/lib/isc/hmacsha.c:44:isc_hmacsha1_init(isc_hmacsha1_t *ctx, const unsigned char *key,
...
Event: ISC library in BIND: HMAC-SHA1 context gets initialized in function isc_hmacsha1_init() by calling HAMC_Init() using hash function EVP_sha1() as an argument
Message: ./fipscc_nios/bind9/lib/isc/hmacsha.c:49: (int) len, EVP_sha1()) == 1);
Event: ISC ISC library in BIND: HMAC-SHA1 context gets initialized in function isc_hmacsha1_init() by calling HAMC_Init() using hash function EVP_sha1() as an argument
Message: ./fipscc_nios/bind9/lib/isc/hmacsha.c:51: HMAC_Init(ctx, (const void *) key, (int) len, EVP_sha1());
...
Event: BIND sources comment
Message: ./fipscc_nios/bind9/lib/isc/sha1.c:20:/* $NetBSD: sha1.c,v 1.5 2000/01/22 22:19:14 mycroft Exp $ */
Event: BIND BIND sources comment
Message: ./fipscc_nios/bind9/lib/isc/sha1.c:21:/* $OpenBSD: sha1.c,v 1.9 1997/07/23 21:12:32 kstailey Exp $ */
Event: BIND BIND sources comment
Message: ./fipscc_nios/bind9/lib/isc/sha1.c:24: * SHA-1 in C
Event: BIND BIND sources include file named sha1.h
Message: ./fipscc_nios/bind9/lib/isc/sha1.c:42:#include <isc/sha1.h>
Event: BIND BIND sources comment
Message: ./fipscc_nios/bind9/lib/isc/sha1.c:18:/* $Id: //IB/proj/fipscc_nios/bind9/lib/isc/sha1.c#1 $ */
Event: BIND BIND sources comment
Message: ./fipscc_nios/bind9/lib/isc/sha1.c:20:/* $NetBSD: sha1.c,v 1.5 2000/01/22 22:19:14 mycroft Exp $ */
Event: BIND BIND sources comment
Message: ./fipscc_nios/bind9/lib/isc/sha1.c:21:/* $OpenBSD: sha1.c,v 1.9 1997/07/23 21:12:32 kstailey Exp $ */
Event: . BIND sources comment
Message: ./fipscc_nios/bind9/lib/isc/sha1.c:24: * SHA-1 in C
Event: BIND BIND sources include file named sha1.h
Message: ./fipscc_nios/bind9/lib/isc/sha1.c:42:#include <isc/sha1.h>
Event: Function Function isc_sha1_init definition
Message: ./fipscc_nios/bind9/lib/isc/sha1.c:54:isc_sha1_init(isc_sha1_t *context)
Event: Argument Argument of EVP_DigestInit call
Message: ./fipscc_nios/bind9/lib/isc/sha1.c:58: RUNTIME_CHECK(EVP_DigestInit(context, EVP_sha1()) == 1);
Event: Function Function isc_sha1_invalidate definition
Message: ./fipscc_nios/bind9/lib/isc/sha1.c:62:isc_sha1_invalidate(isc_sha1_t *context) {
Event: Function Function isc_sha1_update definition
Message: ./fipscc_nios/bind9/lib/isc/sha1.c:67:isc_sha1_update(isc_sha1_t *context, const unsigned char *data,
Event: Function Function isc_sha1_final definition
Message:./fipscc_nios/bind9/lib/isc/sha1.c:79:isc_sha1_final(isc_sha1_t *context, unsigned char *digest) {
...
Event: Function isc_sha1_invalidate definition
Message: ./fipscc_nios/bind9/lib/isc/sha1.c:99:isc_sha1_invalidate(isc_sha1_t *ctx) {
Event: Local Local variables in function isc_sha1_invalidate
Message: ./fipscc_nios/bind9/lib/isc/sha1.c:
...
101: CK_ULONG len = ISC_SHA1_DIGESTLENGTH;
Event: Function Function isc_sha1_update definition
Message: ./fipscc_nios/bind9/lib/isc/sha1.c:111:isc_sha1_update(isc_sha1_t *ctx, const unsigned char *buf, unsigned int len) {
Event: Function Function isc_sha1_final definition
Message: ./fipscc_nios/bind9/lib/isc/sha1.c:121:isc_sha1_final(isc_sha1_t *ctx, unsigned char *digest) {
Event: Local Local variable in function isc_sha1_final
Message: ./fipscc_nios/bind9/lib/isc/sha1.c:123: CK_ULONG len = ISC_SHA1_DIGESTLENGTH;
Event: Comment Comment to macros R0, R1, R2, R3, R4
Message: ./fipscc_nios/bind9/lib/isc/sha1.c:155: * (R0+R1), R2, R3, R4 are the different operations (rounds) used in SHA1
Event: Comment Comment to function isc_sha1_init
Message: ./fipscc_nios/bind9/lib/isc/sha1.c:315: * isc_sha1_init - Initialize new context
Event: ISC ISC BIND library function to init SHA-1
Message: ./fipscc_nios/bind9/lib/isc/sha1.c:318:isc_sha1_init(isc_sha1_t *context)
Event: BIND BIND sources comment
Message: ./fipscc_nios/bind9/lib/isc/sha1.c:322: /* SHA1 initialization constants */
Event: Function Function isc_sha1_invalidate definition
Message: ./fipscc_nios/bind9/lib/isc/sha1.c:333:isc_sha1_invalidate(isc_sha1_t *context) {
Event: Code Code of function isc_sha1_invalidate
Message: ./fipscc_nios/bind9/lib/isc/sha1.c:334: memset(context, 0, sizeof(isc_sha1_t));
Event: Function Function isc_sha1_update definition
Message: ./fipscc_nios/bind9/lib/isc/sha1.c:341:isc_sha1_update(isc_sha1_t *context, const unsigned char *data,
Event: Function Function isc_sha1_final definition
Message: ./fipscc_nios/bind9/lib/isc/sha1.c:375:isc_sha1_final(isc_sha1_t *context, unsigned char *digest) {
Event: Function Function isc_sha1_update definition
Message: ./fipscc_nios/bind9/lib/isc/sha1.c:389: isc_sha1_update(context, &final_200, 1);
Event: Code Code in function isc_sha1_update
Message: ./fipscc_nios/bind9/lib/isc/sha1.c:
391: isc_sha1_update(context, &final_0, 1);
393: isc_sha1_update(context, finalcount, 8);
402: memset(context, 0, sizeof(isc_sha1_t));
Event: Assign Assign local variable alg in function set_key
Message: ./fipscc_nios/bind9/lib/samples/resolve.c:136: alg = DNS_KEYALG_RSASHA1;
...
896: } else if (dns_name_equal(algorithm, DNS_TSIG_HMACSHA1_NAME)) {
902: result = dst_key_frombuffer(name, DST_ALG_HMACSHA1,
Event: Check algorithm type in function dns_tsig_verify
Message: ./fipscc_nios/bind9/lib/dns/tsig.c:1523: if (alg == DST_ALG_HMACMD5 || alg == DST_ALG_HMACSHA1 ||
Event: BIND BIND sources include file named sha1.h
Message: ./fipscc_nios/bind9/lib/dns/openssldsa_link.c:45:#include <isc/sha1.h>
Event: Code Code of function openssldsa_createctx
Message: ./fipscc_nios/bind9/lib/dns/openssldsa_link.c:
...
Event: BIND sources comment
Message: ./fipscc_nios/bind9/lib/dns/validator.c:1828: * need to ignore DNS_DSDIGEST_SHA1 if a DNS_DSDIGEST_SHA256
Event: BIND sources macro name
Message: ./fipscc_nios/bind9/lib/dns/validator.c:1847: digest_types[DNS_DSDIGEST_SHA1] = 0;
...
Event: BIND sources comment
Message: ./fipscc_nios/bind9/lib/dns/validator.c:2179: * it over DNS_DSDIGEST_SHA1.
Event: BIND sources comment
Message: ./fipscc_nios/bind9/lib/dns/validator.c:2180: * need to ignore DNS_DSDIGEST_SHA1 if a DNS_DSDIGEST_SHA256
...
Event: BIND sources macro name
Message: ./fipscc_nios/bind9/lib/dns/validator.c:2199: digest_types[DNS_DSDIGEST_SHA1] = 0;
...
356: case DST_ALG_RSASHA1:
357: case DST_ALG_NSEC3RSASHA1:
373: case DST_ALG_HMACSHA1:
374: return (check_hmac_sha(priv, HMACSHA1_NTAGS, alg));
Event: Cases Cases of switch (dst_key_alg(key)) in function dst__privstruct_writefile
Message: ./fipscc_nios/bind9/lib/dns/dst_parse.c:
682: case DST_ALG_RSASHA1:
683: fprintf(fp, "(RSASHA1)\n");
685: case DST_ALG_NSEC3RSASHA1:
686: fprintf(fp, "(NSEC3RSASHA1)\n");
709: case DST_ALG_HMACSHA1:
710: fprintf(fp, "(HMAC_SHA1)\n");
Event: Code Code in function dst_lib_init2
Message: ./fipscc_nios/bind9/lib/dns/dst_api.c:
207: RETERR(dst__hmacsha1_init(&dst_t_func[DST_ALG_HMACSHA1]));
216: RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_RSASHA1],
217: DST_ALG_RSASHA1));
218: RETERR(dst__opensslrsa_init(&dst_t_func[DST_ALG_NSEC3RSASHA1],
219: DST_ALG_NSEC3RSASHA1));
239: RETERR(dst__pkcs11rsa_init(&dst_t_func[DST_ALG_RSASHA1]));
240: RETERR(dst__pkcs11rsa_init(&dst_t_func[DST_ALG_NSEC3RSASHA1]));
Event: Code Code in function dst_ds_digest_supported
Message: ./fipscc_nios/bind9/lib/dns/dst_api.c:
...
1884: if (alg == DST_ALG_RSAMD5 || alg == DST_ALG_RSASHA1 ||
1887: alg == DST_ALG_NSEC3RSASHA1 ||
Event: BIND sources include file named sha1.h
Message: ./fipscc_nios/bind9/lib/dns/pkcs11dsa_link.c:25:#include <isc/sha1.h>
...
805: if (r.length < ISC_SHA1_DIGESTLENGTH + 3 * p_bytes) {
812: isc_region_consume(&r, ISC_SHA1_DIGESTLENGTH);
825: isc_buffer_forward(data, 1 + ISC_SHA1_DIGESTLENGTH + 3 * p_bytes);
842: attr[1].pValue = isc_mem_get(key->mctx, ISC_SHA1_DIGESTLENGTH);
845: memmove(attr[1].pValue, subprime, ISC_SHA1_DIGESTLENGTH);
846: attr[1].ulValueLen = ISC_SHA1_DIGESTLENGTH;
Event: BIND sources include file named sha1.h
Message: ./fipscc_nios/bind9/lib/dns/opensslrsa_link.c:36:#include <isc/sha1.h>
...
331: case DST_ALG_RSASHA1:
332: case DST_ALG_NSEC3RSASHA1:
334: isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx;
336: isc_sha1_update(sha1ctx, data->base, data->length);
EventEvent: Require Assertion in function opensslrsa_sign
Message: ./fipscc_nios/bind9/lib/dns/opensslrsa_link.c:
397: dctx->key->key_alg == DST_ALG_RSASHA1 ||
398: dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 ||
EventEvent: Cases of switch (dctx->key->key_alg) in function opensslrsa_sign
Message: ./fipscc_nios/bind9/lib/dns/opensslrsa_link.c:
427: case DST_ALG_RSASHA1:
428: case DST_ALG_NSEC3RSASHA1:
430: isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx;
432: isc_sha1_final(sha1ctx, digest);
433: type = NID_sha1;
434: digestlen = ISC_SHA1_DIGESTLENGTH;
EventEvent: Cases of switch (dctx->key->key_alg) in function opensslrsa_sign
Message: ./fipscc_nios/bind9/lib/dns/opensslrsa_link.c:
472: case DST_ALG_RSASHA1:
473: case DST_ALG_NSEC3RSASHA1:
EventEvent: Require Assertion in function opensslrsa_verify2
Message: ./fipscc_nios/bind9/lib/dns/opensslrsa_link.c:
536: dctx->key->key_alg == DST_ALG_RSASHA1 ||
537: dctx->key->key_alg == DST_ALG_NSEC3RSASHA1 ||
EventEvent: Cases Cases of switch (dctx->key->key_alg) in function opensslrsa_verify2
Message: ./fipscc_nios/bind9/lib/dns/opensslrsa_link.c:
575: case DST_ALG_RSASHA1:
576: case DST_ALG_NSEC3RSASHA1:
578: isc_sha1_t *sha1ctx = dctx->ctxdata.sha1ctx;
580: isc_sha1_final(sha1ctx, digest);
581: type = NID_sha1;
582: digestlen = ISC_SHA1_DIGESTLENGTH;
EventEvent: Cases of switch (dctx->key->key_alg) in function opensslrsa_verify2
Message: ./fipscc_nios/bind9/lib/dns/opensslrsa_link.c:
623: case DST_ALG_RSASHA1:
624: case DST_ALG_NSEC3RSASHA1:
Event: Code Event: Code in function compute_cc
Message: ./fipscc_nios/bind9/lib/dns/resolver.c:
2318:#ifdef HMAC_SHA1_SIT
2319: unsigned char digest[ISC_SHA1_DIGESTLENGTH];
2321: isc_hmacsha1_t hmacsha1;
2325: isc_hmacsha1_init(&hmacsha1, query->fctx->res->view->secret,
2326: ISC_SHA1_DIGESTLENGTH);
2330: isc_hmacsha1_update(&hmacsha1,
2334: isc_hmacsha1_update(&hmacsha1,
2338: isc_hmacsha1_sign(&hmacsha1, digest, sizeof(digest));
2340: isc_hmacsha1_invalidate(&hmacsha1);
EventEvent: Case of switch (dst_key_alg(key)) in function dns_tsec_create
Message: ./fipscc_nios/bind9/lib/dns/tsec.c:
71: case DST_ALG_HMACSHA1:
72: algname = dns_tsig_hmacsha1_name;
...
EventEvent: Check Check and set algorithm type in function zone_check_dnskeys
Message: ./fipscc_nios/bind9/lib/dns/zone.c:
5247: if ((dnskey.algorithm == DST_ALG_RSASHA1 ||
5252: if (dnskey.algorithm == DST_ALG_RSASHA1) {
5255: algorithm = "RSASHA1";
...
Event: Check algorithm type in function dnskey_sane
Message: ./fipscc_nios/bind9/lib/dns/zone.c:21643: if (alg == DST_ALG_RSAMD5 || alg == DST_ALG_RSASHA1 ||
Event
Event: Check algorithm type in function dns_nsec_nseconly
Message: ./fipscc_nios/bind9/lib/dns/nsec.c:249: dnskey.algorithm == DST_ALG_RSASHA1 ||
EventEvent: Items Items of enum gssd_etype_t
Message: ./fipscc_nios/bind9/lib/dns/infoblox_gssdiag_counters.h:
16: GSSD_ETYPE_AES128_CTS_HMAC_SHA1_96,
17: GSSD_ETYPE_AES256_CTS_HMAC_SHA1_96,
Event: BIND Event: BIND sources include file named sha1.h
Message: ./fipscc_nios/bind9/lib/dns/dst_internal.h:45:#include <isc/sha1.h>
EventEvent: Type dst_hmacsha1_key_t definition
Message: ./fipscc_nios/bind9/lib/dns/dst_internal.h:81:typedef struct dst_hmacsha1_key dst_hmacsha1_key_t;
Event: Field
Event: Field in struct dst_key
Message: ./fipscc_nios/bind9/lib/dns/dst_internal.h:125: dst_hmacsha1_key_t *hmacsha1;
EventEvent: Fields of union ctxdata in struct dst_context
Message: ./fipscc_nios/bind9/lib/dns/dst_internal.h:
158: isc_sha1_t *sha1ctx;
162: isc_hmacsha1_t *hmacsha1ctx;
EventEvent: dst__hmacsha1_init function declaration
Message: ./fipscc_nios/bind9/lib/dns/dst_internal.h:228:isc_result_t dst__hmacsha1_init(struct dst_func **funcp);
EventEvent: BIND BIND sources include file named sha1.h
Message: ./fipscc_nios/bind9/lib/dns/ds.c:28:#include <isc/sha1.h>
EventEvent: Local variable in function dns_ds_buildrdata
Message: ./fipscc_nios/bind9/lib/dns/ds.c:56: isc_sha1_t sha1; Event
Event: Case of switch (digest_type) in function dns_ds_buildrdata
Message: ./fipscc_nios/bind9/lib/dns/ds.c:
77: case DNS_DSDIGEST_SHA1:
78: isc_sha1_init(&sha1);
80: isc_sha1_update(&sha1, r.base, r.length);
83: isc_sha1_update(&sha1, r.base, r.length);
84: isc_sha1_final(&sha1, digest);
...
Event: Case of switch (digest_type) in function dns_ds_buildrdata
Message: ./fipscc_nios/bind9/lib/dns/ds.c:
136: case DNS_DSDIGEST_SHA1:
137: ds.length = ISC_SHA1_DIGESTLENGTH;
EventEvent: BIND sources comment
Message: ./fipscc_nios/bind9/lib/dns/dst_parse.h:54:/* These are used by both RSA-MD5 and RSA-SHA1 */
EventEvent: BIND sources macro definition
Message: ./fipscc_nios/bind9/lib/dns/dst_parse.h:94:#define HMACSHA1_NTAGS 2
Event
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/lib/dns/dst_parse.h:95:#define TAG_HMACSHA1_KEY ((DST_ALG_HMACSHA1 << TAG_SHIFT) + 0)
EventEvent: BIND sources macro definition
Message: ./fipscc_nios/bind9/lib/dns/dst_parse.h:96:#define TAG_HMACSHA1_BITS ((DST_ALG_HMACSHA1 << TAG_SHIFT) + 1)
EventEvent: BIND sources macro definition
Message: ./fipscc_nios/bind9/lib/dns/rcode.c:109: { DNS_KEYALG_RSASHA1, "RSASHA1", 0 }, \
EventEvent: BIND sources macro definition
Message: ./fipscc_nios/bind9/lib/dns/rcode.c:110: { DNS_KEYALG_NSEC3RSASHA1, "NSEC3RSASHA1", 0 }, \
Event
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/lib/dns/rcode.c:133: { 1, "SHA-1", 0 }, \
EventEvent: BIND sources macro definition
Message: ./fipscc_nios/bind9/lib/dns/rcode.c:139: { DNS_DSDIGEST_SHA1, "SHA-1", 0 }, \
EventEvent: Cases Cases of switch(tsd->etype) in function gssd_format_crypto
Message: ./fipscc_nios/bind9/lib/dns/infoblox_gssdiag.c:
256: case ETYPE_AES128_CTS_HMAC_SHA1_96: etype = "aes128-cts-hmac-sha1-96"; break;
257: case ETYPE_AES256_CTS_HMAC_SHA1_96: etype = "aes256-cts-hmac-sha1-96"; break;
EventEvent: Cases of switch(tsd->etype) in function gssd_end_reporting
Message: ./fipscc_nios/bind9/lib/dns/infoblox_gssdiag.c:
329: GSSD_ETYPE(ETYPE_AES128_CTS_HMAC_SHA1_96);
330: GSSD_ETYPE(ETYPE_AES256_CTS_HMAC_SHA1_96);
...
Event: BIND sources include file named sha1.h
Message: ./fipscc_nios/bind9/lib/dns/pkcs11rsa_link.c:25:#include <isc/sha1.h>h>
EventEvent: Require Assertion in function pkcs11rsa_createctx_sign
Message: ./fipscc_nios/bind9/lib/dns/pkcs11rsa_link.c:
87: key->key_alg == DST_ALG_RSASHA1 ||
88: key->key_alg == DST_ALG_NSEC3RSASHA1 ||
...
Event: Cases of switch (dctx->key->key_alg) in function pkcs11rsa_createctx_sign
Message: ./fipscc_nios/bind9/lib/dns/pkcs11rsa_link.c:
213: case DST_ALG_RSASHA1:
214: case DST_ALG_NSEC3RSASHA1:
215: mech.mechanism = CKM_SHA1_RSA_PKCS;
...
Event: Require Require Assertion in function pkcs11rsa_createctx_verify
Message: ./fipscc_nios/bind9/lib/dns/pkcs11rsa_link.c:
287: key->key_alg == DST_ALG_RSASHA1 ||
288: key->key_alg == DST_ALG_NSEC3RSASHA1 ||
EventEvent: Cases of switch (dctx->key->key_alg) in function pkcs11rsa_createctx_verify
Message: ./fipscc_nios/bind9/lib/dns/pkcs11rsa_link.c:
345: case DST_ALG_RSASHA1:
346: case DST_ALG_NSEC3RSASHA1:
347: mech.mechanism = CKM_SHA1_RSA_PKCS;
EventEvent: Case of switch (hashalg) in function dns_nsec3_buildrdatbuildrdata
Message: ./fipscc_nios/bind9/lib/dns/nsec3.c:
92: case dns_hash_sha1:
93: REQUIRE(hash_length == ISC_SHA1_DIGESTLENGTH);
...
EventEvent: Case of switch (hash) in function dns_nsec3_hashlength
Message: ./fipscc_nios/bind9/lib/dns/nsec3.c:
285: case dns_hash_sha1:
286: return(ISC_SHA1_DIGESTLENGTH);
EventEvent: Case of switch (hash) in function dns_nsec3_supportedhash
Message: ./fipscc_nios/bind9/lib/dns/nsec3.c:294: case dns_hash_sha1: Event
Event: BIND sources include file named sha1.h
Message: ./fipscc_nios/bind9/lib/dns/hmac_link.c:43:#include <isc/sha1.h>
EventEvent: Function hmacsha1_fromdns declaration
Message: ./fipscc_nios/bind9/lib/dns/hmac_link.c:350:static isc_result_t hmacsha1_fromdns(dst_key_t *key, isc_buffer_t *data);
EventEvent: struct dst_hmacsha1_key definition
Message: ./fipscc_nios/bind9/lib/dns/hmac_link.c:
352:struct dst_hmacsha1_key {
353: unsigned char key[ISC_SHA1_BLOCK_LENGTH];
...
Event: Code of function hmacsha1_createctx
Message: ./fipscc_nios/bind9/lib/dns/hmac_link.c:
357:hmacsha1_createctx(dst_key_t *key, dst_context_t *dctx) {
358: isc_hmacsha1_t *hmacsha1ctx;
359: dst_hmacsha1_key_t *hkey = key->keydata.hmacsha1;
361: hmacsha1ctx = isc_mem_get(dctx->mctx, sizeof(isc_hmacsha1_t));
362: if (hmacsha1ctx == NULL)
364: isc_hmacsha1_init(hmacsha1ctx, hkey->key, ISC_SHA1_BLOCK_LENGTH);
365: dctx->ctxdata.hmacsha1ctx = hmacsha1ctx;
...
Event: Code of function hmacsha1_destroyctx
Message: ./fipscc_nios/bind9/lib/dns/hmac_link.c:
370:hmacsha1_destroyctx(dst_context_t *dctx) {
371: isc_hmacsha1_t *hmacsha1ctx = dctx->ctxdata.hmacsha1ctx;
373: if (hmacsha1ctx != NULL) {
374: isc_hmacsha1_invalidate(hmacsha1ctx);
375: isc_mem_put(dctx->mctx, hmacsha1ctx, sizeof(isc_hmacsha1_t));
376: dctx->ctxdata.hmacsha1ctx = NULL;
EventEvent: Code of function hmacsha1_adddata
Message: ./fipscc_nios/bind9/lib/dns/hmac_link.c:
381:hmacsha1_adddata(dst_context_t *dctx, const isc_region_t *data) {
382: isc_hmacsha1_t *hmacsha1ctx = dctx->ctxdata.hmacsha1ctx;
384: isc_hmacsha1_update(hmacsha1ctx, data->base, data->length);
EventEvent: Code of function hmacsha1_sign
Message: ./fipscc_nios/bind9/lib/dns/hmac_link.c:
389:hmacsha1_sign(dst_context_t *dctx, isc_buffer_t *sig) {
390: isc_hmacsha1_t *hmacsha1ctx = dctx->ctxdata.hmacsha1ctx;
393: if (isc_buffer_availablelength(sig) < ISC_SHA1_DIGESTLENGTH)
396: isc_hmacsha1_sign(hmacsha1ctx, digest, ISC_SHA1_DIGESTLENGTH);
397: isc_buffer_add(sig, ISC_SHA1_DIGESTLENGTH);
...
EventEvent: Code of function hmacsha1_verify
Message: ./fipscc_nios/bind9/lib/dns/hmac_link.c:
403:hmacsha1_verify(dst_context_t *dctx, const isc_region_t *sig) {
404: isc_hmacsha1_t *hmacsha1ctx = dctx->ctxdata.hmacsha1ctx;
406: if (sig->length > ISC_SHA1_DIGESTLENGTH || sig->length == 0)
409: if (isc_hmacsha1_verify(hmacsha1ctx, sig->base, sig->length))
...
Event: Code of function hmacsha1_compare
Message: ./fipscc_nios/bind9/lib/dns/hmac_link.c:
416:hmacsha1_compare(const dst_key_t *key1, const dst_key_t *key2) {
417: dst_hmacsha1_key_t *hkey1, *hkey2;
419: hkey1 = key1->keydata.hmacsha1;
420: hkey2 = key2->keydata.hmacsha1;
427: if (isc_safe_memequal(hkey1->key, hkey2->key, ISC_SHA1_BLOCK_LENGTH))
EventEvent: Code Code of function hmacsha1_generate
Message: ./fipscc_nios/bind9/lib/dns/hmac_link.c:
434:hmacsha1_generate(dst_key_t *key, int pseudorandom_ok, void (*callback)(int)) {
438: unsigned char data[ISC_SHA1_BLOCK_LENGTH];
443: if (bytes > ISC_SHA1_BLOCK_LENGTH) {
444: bytes = ISC_SHA1_BLOCK_LENGTH;
445: key->key_size = ISC_SHA1_BLOCK_LENGTH * 8;
448: memset(data, 0, ISC_SHA1_BLOCK_LENGTH);
456: ret = hmacsha1_fromdns(key, &b);
457: memset(data, 0, ISC_SHA1_BLOCK_LENGTH);
EventEvent: Function hmacsha1_isprivate definition
Message: ./fipscc_nios/bind9/lib/dns/hmac_link.c:463:hmacsha1_isprivate(const dst_key_t *key) {
EventEvent: Code of function hmacsha1_destroy
Message: ./fipscc_nios/bind9/lib/dns/hmac_link.c:
469:hmacsha1_destroy(dst_key_t *key) {
470: dst_hmacsha1_key_t *hkey = key->keydata.hmacsha1;
472: memset(hkey, 0, sizeof(dst_hmacsha1_key_t));
473: isc_mem_put(key->mctx, hkey, sizeof(dst_hmacsha1_key_t));
474: key->keydata.hmacsha1 = NULL;
EventEvent: Code Code of function hmacsha1_todns
Message: ./fipscc_nios/bind9/lib/dns/hmac_link.c:
478:hmacsha1_todns(const dst_key_t *key, isc_buffer_t *data) {
479: dst_hmacsha1_key_t *hkey;
482: REQUIRE(key->keydata.hmacsha1 != NULL);
484: hkey = key->keydata.hmacsha1;
EventEvent: Code of function hmacsha1_fromdns
Message: ./fipscc_nios/bind9/lib/dns/hmac_link.c:
495:hmacsha1_fromdns(dst_key_t *key, isc_buffer_t *data) {
496: dst_hmacsha1_key_t *hkey;
499: isc_sha1_t sha1ctx;
505: hkey = isc_mem_get(key->mctx, sizeof(dst_hmacsha1_key_t));
511: if (r.length > ISC_SHA1_BLOCK_LENGTH) {
512: isc_sha1_init(&sha1ctx);
513: isc_sha1_update(&sha1ctx, r.base, r.length);
514: isc_sha1_final(&sha1ctx, hkey->key);
515: keylen = ISC_SHA1_DIGESTLENGTH;
522: key->keydata.hmacsha1 = hkey;
...
Event: Code of function hmacsha1_tofile
Message: ./fipscc_nios/bind9/lib/dns/hmac_link.c:
530:hmacsha1_tofile(const dst_key_t *key, const char *directory) {
532: dst_hmacsha1_key_t *hkey;
537: if (key->keydata.hmacsha1 == NULL)
543: hkey = key->keydata.hmacsha1;
545: priv.elements[cnt].tag = TAG_HMACSHA1_KEY;
551: priv.elements[cnt].tag = TAG_HMACSHA1_BITS;
EventEvent: Code of function hmacsha1_parse
Message: ./fipscc_nios/bind9/lib/dns/hmac_link.c:
560:hmacsha1_parse(dst_key_t *key, isc_lex_t *lexer, dst_key_t *pub) {
569: result = dst__privstruct_parse(key, DST_ALG_HMACSHA1, lexer, mctx,
580: case TAG_HMACSHA1_KEY:
584: tresult = hmacsha1_fromdns(key, &b);
588: case TAG_HMACSHA1_BITS:
...
Event: hmacsha1_functions - instance of struct dst_func_t /* Context functions */
Message: ./fipscc_nios/bind9/lib/dns/hmac_link.c:
603:static dst_func_t hmacsha1_functions = {
604: hmacsha1_createctx,
606: hmacsha1_destroyctx,
607: hmacsha1_adddata,
608: hmacsha1_sign,
609: hmacsha1_verify,
612: hmacsha1_compare,
614: hmacsha1_generate,
615: hmacsha1_isprivate,
616: hmacsha1_destroy,
617: hmacsha1_todns,
618: hmacsha1_fromdns,
619: hmacsha1_tofile,
620: hmacsha1_parse,
EventEvent: Code of function dst__hmacsha1_init
Message: ./fipscc_nios/bind9/lib/dns/hmac_link.c:
628:dst__hmacsha1_init(dst_func_t **funcp) {
631: *funcp = &hmacsha1_functions;
...
Event: BIND BIND sources include file named sha1.h
Message: ./fipscc_nios/bind9/lib/dns/rdata/generic/dlv_32769.c:26:#include <isc/sha1.h>
Event
Event: Case of switch (c) /*Digest*/ in function fromtext_dlv
Message: ./fipscc_nios/bind9/lib/dns/rdata/generic/dlv_32769.c:
79: case DNS_DSDIGEST_SHA1:
80: length = ISC_SHA1_DIGESTLENGTH;
EventEvent: Check Check and copy digest lengths if we know them in function fromwire_dlv
Message: ./fipscc_nios/bind9/lib/dns/rdata/generic/dlv_32769.c:
173: (sr.base[3] == DNS_DSDIGEST_SHA1 &&
174: sr.length < 4 + ISC_SHA1_DIGESTLENGTH) ||
190: if (sr.base[3] == DNS_DSDIGEST_SHA1)
191: sr.length = 4 + ISC_SHA1_DIGESTLENGTH;
...
Event: Case of switch (dlv->digest_type) in function fromstruct_dlv
Message: ./fipscc_nios/bind9/lib/dns/rdata/generic/dlv_32769.c:
243: case DNS_DSDIGEST_SHA1:
244: REQUIRE(dlv->length == ISC_SHA1_DIGESTLENGTH);
...
Event: BIND BIND sources include file named sha1.h
Message: ./fipscc_nios/bind9/lib/dns/rdata/generic/cds_59.c:24:#include <isc/sha1.h>
Event: Case
Event: Case of switch (c) in function fromtext_cds
Message: ./fipscc_nios/bind9/lib/dns/rdata/generic/cds_59.c:
74: case DNS_DSDIGEST_SHA1:
75: length = ISC_SHA1_DIGESTLENGTH;
EventEvent: Check and copy digest lengths if we know them in function fromwire_cds
Message: ./fipscc_nios/bind9/lib/dns/rdata/generic/cds_59.c:
168: (sr.base[3] == DNS_DSDIGEST_SHA1 &&
169: sr.length < 4 + ISC_SHA1_DIGESTLENGTH) ||
185: if (sr.base[3] == DNS_DSDIGEST_SHA1)
186: sr.length = 4 + ISC_SHA1_DIGESTLENGTH;
...
Event: Case of switch (ds->digest_type) in function fromstruct_cds
Message: ./fipscc_nios/bind9/lib/dns/rdata/generic/cds_59.c:
238: case DNS_DSDIGEST_SHA1:
239: REQUIRE(ds->length == ISC_SHA1_DIGESTLENGTH);
Event: Require Assertion
Message: ./fipscc_nios/bind9/lib/dns/rdata/generic/nsec3_50.c:357: REQUIRE(nsec3->hash == dns_hash_sha1); Event:
BIND Event: BIND sources include file named sha1.h
Message: ./fipscc_nios/bind9/lib/dns/rdata/generic/ds_43.c:28:#include <isc/sha1.h>
EventEvent: Case of switch (c) in function fromtext_ds
Message: ./fipscc_nios/bind9/lib/dns/rdata/generic/ds_43.c:
78: case DNS_DSDIGEST_SHA1:
79: length = ISC_SHA1_DIGESTLENGTH;
...
Event: Check Check and copy digest lengths if we know them in function fromwire_ds
Message: ./fipscc_nios/bind9/lib/dns/rdata/generic/ds_43.c:
172: (sr.base[3] == DNS_DSDIGEST_SHA1 &&
173: sr.length < 4 + ISC_SHA1_DIGESTLENGTH) ||
189: if (sr.base[3] == DNS_DSDIGEST_SHA1)
190: sr.length = 4 + ISC_SHA1_DIGESTLENGTH;
...
Event: Case of switch (ds->digest_type) in function fromstruct_ds
Message: ./fipscc_nios/bind9/lib/dns/rdata/generic/ds_43.c:
242: case DNS_DSDIGEST_SHA1:
243: REQUIRE(ds->length == ISC_SHA1_DIGESTLENGTH);
EventEvent: BIND sources macro definition
Message: ./fipscc_nios/bind9/lib/dns/include/dst/dst.h:59:#define DST_ALG_RSASHA1 5
Event Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/lib/dns/include/dst/dst.h:61:#define DST_ALG_NSEC3RSASHA1 7
Event Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/lib/dns/include/dst/dst.h:69:#define DST_ALG_HMACSHA1 161 /* XXXMPA */
Event Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/lib/dns/include/dns/ds.h:27:#define DNS_DSDIGEST_SHA1 (1)
Event Event: BIND sources: part (name dns_hash_sha1) of enumerated type dns_hash_t being defined
Message: ./fipscc_nios/bind9/lib/dns/include/dns/types.h:170: dns_hash_sha1 = 1
Event Event: BIND sources comment
Message: ./fipscc_nios/bind9/lib/dns/include/dns/nsec3.h:44: * Test "unknown" algorithm. Is mapped to dns_hash_sha1.
Event Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/lib/dns/include/dns/keyvalues.h:69:#define DNS_KEYALG_RSASHA1 5
Event Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/lib/dns/include/dns/keyvalues.h:70:#define DNS_KEYALG_NSEC3RSASHA1 7
Event Event: BIND sources: external type declaration
Message: ./fipscc_nios/bind9/lib/dns/include/dns/tsig.h:45:LIBDNS_EXTERNAL_DATA extern dns_name_t *dns_tsig_hmacsha1_name;
Event Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/lib/dns/include/dns/tsig.h:46:#define DNS_TSIG_HMACSHA1_NAME dns_tsig_hmacsha1_name
Event Event: BIND sources comment
Message: ./fipscc_nios/bind9/config.h.in:467:/* Use HMAC-SHA1 for Source Identity Token generation */
Event Event: BIND sources: clear definition of HMAC_SHA1_SIT
Message: ./fipscc_nios/bind9/config.h.in:468:#undef HMAC_SHA1_SIT
Event Event: BIND sources comment
Message: ./fipscc_nios/bind9/config.h.win32:366:/* Use HMAC-SHA1 for Source Identity Token generation */
Event Event: BIND sources: literal in Win32 configuration file
Message: ./fipscc_nios/bind9/config.h.win32:367:@HMAC_SHA1_SIT@
Event Event: BIND configure script argument help
Message: ./fipscc_nios/bind9/configure.in:1377: [ --with-sit-alg=ALG choose the algorithm for SIT [[aes|sha1|sha256]]],
Event Event: BIND configure script internal variable set with "sha-1" literal
Message: ./fipscc_nios/bind9/configure.in:1384: with_sit_alg="sha1"
Event Event: BIND configure script internal variable value check
Message: ./fipscc_nios/bind9/configure.in:1845: sha1)
Event Event: BIND configure script parameter set
Message: ./fipscc_nios/bind9/configure.in:1850: AC_MSG_RESULT(sha1)
Event Event: BIND configure script parameter definition
Message: ./fipscc_nios/bind9/configure.in:1858: AC_DEFINE(HMAC_SHA1_SIT, 1,
Event Event: BIND configure script parameter definition
Message: ./fipscc_nios/bind9/configure.in:1859: [Use HMAC-SHA1 for Source Identity Token generation])
Event Event: BIND configure script help string
Message: ./fipscc_nios/bind9/win32utils/Configure:369: "HMAC_SHA1_SIT", literal
Event Event: BIND configure script help literal
Message: ./fipscc_nios/bind9/win32utils/Configure:556:" with-sit-alg choose the algorithm for SIT aes|sha1|sha256\n",
Event Event: BIND configure script literal in IF-statement to define the configuration
Message: ./fipscc_nios/bind9/win32utils/Configure:1865: if ($sit_algorithm eq "sha1") {
Event Event: BIND configure script literal in IF-statement to define the configuration
Message: ./fipscc_nios/bind9/win32utils/Configure:1866: $configdefh{"HMAC_SHA1_SIT"} = 1;
Event Event: BIND documentation
Message: ./fipscc_nios/bind9/doc/rfc/index:70:3110: RSA/SHA-1 SIGs and RSA KEYs in the Domain Name System (DNS)
Event Event: BIND documentation
Message: ./fipscc_nios/bind9/doc/misc/SIT:73:HMAC SHA1
Event Event: BIND documentation
Message: ./fipscc_nios/bind9/doc/misc/SIT:75: hash = trunc(hmacsha1(secret, client|nonce|when|address), 8);
Event Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/contrib/dnsperf-2.1.0.0-1/dns.c:79:#define TSIG_HMACSHA1_NAME "\011hmac-sha1"
Event Event: Item of enum hmac_type_t
Message: ./fipscc_nios/bind9/contrib/dnsperf-2.1.0.0-1/dns.c:87: TSIG_HMACSHA1,
Event Event: Item of union hmac_ctx_t
Message: ./fipscc_nios/bind9/contrib/dnsperf-2.1.0.0-1/dns.c:96: isc_hmacsha1_t hmacsha1;
Event Event: Check algorithm type and set key in function perf_dns_parsetsigkey
Message: ./fipscc_nios/bind9/contrib/dnsperf-2.1.0.0-1/dns.c:
244: } else if (strncasecmp(alg, "hmac-sha1:", 10) == 0) {
245: SET_KEY(tsigkey, SHA1);
Event Event: Case of switch (tsigkey->hmactype) in function hmac_init
Message: ./fipscc_nios/bind9/contrib/dnsperf-2.1.0.0-1/dns.c:
342: case TSIG_HMACSHA1:
343: isc_hmacsha1_init(&ctx->hmacsha1, secret, length);
Event Event: Case of switch (tsigkey->hmactype) in function hmac_update
Message: ./fipscc_nios/bind9/contrib/dnsperf-2.1.0.0-1/dns.c:
368: case TSIG_HMACSHA1:
369: isc_hmacsha1_update(&ctx->hmacsha1, data, length);
Event Event: Case of switch (tsigkey->hmactype) in function hmac_sign
Message: ./fipscc_nios/bind9/contrib/dnsperf-2.1.0.0-1/dns.c:
394: case TSIG_HMACSHA1:
395: isc_hmacsha1_sign(&ctx->hmacsha1, digest, digestlen);
Event Event: BIND sources comment
Message: ./fipscc_nios/bind9/contrib/zkt-1.1.3/zconf.h:70:/* # define KSK_ALGO (DK_ALGO_RSASHA1) KSK_ALGO renamed to KEY_ALGO (v0.99) */
Event Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/contrib/zkt-1.1.3/zconf.h:71:# define KEY_ALGO (DK_ALGO_RSASHA1) /* general KEY_ALGO used for both ksk and zsk */
Event Event: BIND sources comment
Message: ./fipscc_nios/bind9/contrib/zkt-1.1.3/zconf.h:75:/* # define ZSK_ALGO (DK_ALGO_RSASHA1) ZSK_ALGO has to be the same as KSK, so this is no longer used (v0.99) */
Event Event: Check algorithm type in function dki_new which creates new keyfile
Message: ./fipscc_nios/bind9/contrib/zkt-1.1.3/dki.c:255: if ( algo == DK_ALGO_RSA || algo == DK_ALGO_RSASHA1 || algo == DK_ALGO_RSASHA256 || algo == DK_ALGO_RSASHA512 )
Event Event: Cases of switch ( algo ) in function dki_algo2str which returns a string describing the key algorithm
Message: ./fipscc_nios/bind9/contrib/zkt-1.1.3/dki.c:
632: case DK_ALGO_RSASHA1: return ("RSASHA1");
634: case DK_ALGO_NSEC3RSASHA1: return ("NSEC3RSASHA1");
Event Event: Cases of switch ( algo ) in function dki_algo2sstr which returns a short string describing the key algorithm
Message: ./fipscc_nios/bind9/contrib/zkt-1.1.3/dki.c:
653: case DK_ALGO_RSASHA1: return ("RSASHA1");
655: case DK_ALGO_NSEC3RSASHA1: return ("N3RSA1");
Event Event: Code in function genkey which generates a DNSKEY key
Message: ./fipscc_nios/bind9/contrib/zkt-1.1.3/rollover.c:
103: if ( confalgo == DK_ALGO_RSASHA1 )
104: algo = DK_ALGO_NSEC3RSASHA1;
Event Event: Code in case CONF_ALGO of switch ( c->type ) in function parseconfigline
Message: ./fipscc_nios/bind9/contrib/zkt-1.1.3/zconf.c:
430: strcasecmp (val, "rsasha1") == 0 )
431: *((int *)c->var) = DK_ALGO_RSASHA1;
437: strcasecmp (val, "nsec3rsasha1") == 0 ||
438: strcasecmp (val, "n3rsasha1") == 0 )
439: *((int *)c->var) = DK_ALGO_NSEC3RSASHA1;
Event Event: BIND dnssec config example
Message: ./fipscc_nios/bind9/contrib/zkt-1.1.3/examples/views/dnssec-intern.conf:22:KSK_algo: RSASHA1 # (Algorithm ID 5)
Event Event: BIND dnssec config example
Message: ./fipscc_nios/bind9/contrib/zkt-1.1.3/examples/views/dnssec-intern.conf:26:ZSK_algo: RSASHA1 # (Algorithm ID 5)
Event Event: BIND dnsec config example
Message: ./fipscc_nios/bind9/contrib/zkt-1.1.3/examples/views/dnssec-extern.conf:22:KSK_algo: RSASHA1 # (Algorithm ID 5)
Event Event: BIND dnsec config example
Message: ./fipscc_nios/bind9/contrib/zkt-1.1.3/examples/views/dnssec-extern.conf:26:ZSK_algo: RSASHA1 # (Algorithm ID 5)
Event Event: BIND dnssec config example
Message:./fipscc_nios/bind9/contrib/zkt-1.1.3/examples/hierarchical/de/example.de/sub.example.de/dnssec.conf:10:key_algo RSASHA1
Event Event: BIND dnssec config example
Message: ./fipscc_nios/bind9/contrib/zkt-1.1.3/examples/hierarchical/dnssec.conf:21:Key_Algo: RSASHA1 # (Algorithm ID 5)
Event Event: Comment in BIND dnssec zone key tool example
Message: ./fipscc_nios/bind9/contrib/zkt-1.1.3/examples/flat/sub.example.net/zone.db.signed:39: ) ; ZSK; alg = NSEC3RSASHA1; key id = 6419
Event Event: Comment in BIND dnssec zone key tool example
Message: ./fipscc_nios/bind9/contrib/zkt-1.1.3/examples/flat/sub.example.net/zone.db.signed:60: ) ; KSK; alg = NSEC3RSASHA1; key id = 33936
Event Event: Comment in BIND dnssec zone key tool example
Message: ./fipscc_nios/bind9/contrib/zkt-1.1.3/examples/flat/sub.example.net/dnskey.db:17:; sub.example.net. tag=33936 algo=NSEC3RSASHA1 generated Nov 14 2014 18:11:13
Event Event: Comment in BIND dnssec zone key tool example
Message: ./fipscc_nios/bind9/contrib/zkt-1.1.3/examples/flat/sub.example.net/dnskey.db:34:; sub.example.net. tag=6419 algo=NSEC3RSASHA1 generated Nov 14 2014 18:11:13
Event Event: Comment in BIND dnssec zone key tool example
Message: ./fipscc_nios/bind9/contrib/zkt-1.1.3/examples/flat/keysets/keyset-sub.example.net.:8: ) ; KSK; alg = NSEC3RSASHA1; key id = 33936
Event Event: BIND dnssec zone key tool config example
Message: ./fipscc_nios/bind9/contrib/zkt-1.1.3/examples/flat/dyn.example.net/dnssec.conf:1:Key_Algo: NSEC3RSASHA1 # (Algorithm ID 7)
Event Event: BIND sources: in the function sign_zone(): a macro usage which has SHA1 in its name to determine configured algorithm in if block
Message: ./fipscc_nios/bind9/contrib/zkt-1.1.3/zkt-signer.c:883: if ( conf->k_algo == DK_ALGO_NSEC3DSA || conf->k_algo == DK_ALGO_NSEC3RSASHA1 ||
Event Event: BIND dnssec zone key tool changelog
Message: ./fipscc_nios/bind9/contrib/zkt-1.1.3/CHANGELOG:61:* bug If nsec3 is turned on and KeyAlgo (or AddKeyAlgo) is RSHASHA1
Event Event: BIND dnssec zone key tool changelog
Message: ./fipscc_nios/bind9/contrib/zkt-1.1.3/CHANGELOG:62: or DSA, genkey() uses algorithm type NSECRSASHA1 or NSEC3DSA instead.
Event Event: BIND dnssec zone key tool sources define
Message: ./fipscc_nios/bind9/contrib/zkt-1.1.3/dki.h:62:# define DK_ALGO_RSASHA1 5 /* RFC3110 */
Event Event: BIND dnssec zone key tool sources define
Message: ./fipscc_nios/bind9/contrib/zkt-1.1.3/dki.h:64:# define DK_ALGO_NSEC3RSASHA1 7 /* symlink to alg 5 RFC5155 */
Event Event: BIND configure script help
Message: ./fipscc_nios/bind9/configure:1765: --with-sit-alg=ALG choose the algorithm for SIT [aes|sha1|sha256]
Event: BIND configure script
Message: ./fipscc_nios/bind9/configure:19940: with_sit_alg="sha1"
Event Event: BIND configure script literal
Message: ./fipscc_nios/bind9/configure:20970: sha1)
Event Event: BIND configure script literal
Message: ./fipscc_nios/bind9/configure:20977: { $as_echo "$as_me:$LINENO: result: sha1" >&5
Event Event: BIND configure script literal
Message: ./fipscc_nios/bind9/configure:20978:$as_echo "sha1" >&6; }
Event Event: BIND configure script define
Message: ./fipscc_nios/bind9/configure:20988:#define HMAC_SHA1_SIT 1
Event Event: BIND changelog
Message: ./fipscc_nios/bind9/CHANGES:1943:3562. [func] Update map file header format to include a SHA-1 hash
Event Event: BIND changelog
Message: ./fipscc_nios/bind9/CHANGES:2061: hmac-sha1, -sha224, -sha256, -sha384, and -sha512.
Event Event: BIND changelog
Message: ./fipscc_nios/bind9/CHANGES:3334: for the hashing algorithms (md5, sha1 - sha512,
Event Event: BIND changelog
Message: ./fipscc_nios/bind9/CHANGES:4837: (i.e., RSASHA1, or NSEC3RSASHA1 if -3 is used).
Event Event: BIND changelog
Message: ./fipscc_nios/bind9/CHANGES:5164: generate a 1024-bit RSASHA1 zone-signing key,
Event Event: BIND changelog
Message: ./fipscc_nios/bind9/CHANGES:5165: or with the -f KSK option, a 2048-bit RSASHA1
Event Event: BIND changelog
Message: ./fipscc_nios/bind9/CHANGES:6425:2215. [bug] Bad REQUIRE check isc_hmacsha1_verify(). [RT #17094]
Event Event: BIND changelog
Message: ./fipscc_nios/bind9/CHANGES:7199:1973. [func] TSIG HMACSHA1, HMACSHA224, HMACSHA256, HMACSHA384
Event Event: BIND changelog
Message: ./fipscc_nios/bind9/CHANGES:10111: 997. [func] Add support for RSA-SHA1 keys (RFC3110).
Event Event: Code in function parse_hmac which parses HMAC algorithm specification
Message: ./fipscc_nios/bind9/bin/dig/dighost.c:
1196: } else if (strcasecmp(buf, "hmac-sha1") == 0) {
1197: hmacname = DNS_TSIG_HMACSHA1_NAME;
1199: } else if (strncasecmp(buf, "hmac-sha1-", 10) == 0) {
1200: hmacname = DNS_TSIG_HMACSHA1_NAME;
Event Event: Case of switch (dst_key_alg(dstkey)) in function setup_file_key
Message: ./fipscc_nios/bind9/bin/dig/dighost.c:
1312: case DST_ALG_HMACSHA1:
1313: hmacname = DNS_TSIG_HMACSHA1_NAME;
Event Event: BIND sources include file named sha1.h
Message: ./fipscc_nios/bind9/bin/tools/isc-hmac-fixup.c:26:#include <isc/sha1.h>
Event Event: Part of usage code in function main
Message: ./fipscc_nios/bind9/bin/tools/isc-hmac-fixup.c:44: fprintf(stderr, "\talgorithm: (MD5 | SHA1 | SHA224 | "
Event Event: Code in function main
Message: ./fipscc_nios/bind9/bin/tools/isc-hmac-fixup.c:
68: } else if (!strcasecmp(argv[1], "sha1") ||
69: !strcasecmp(argv[1], "hmac-sha1")) {
70: if (r.length > ISC_SHA1_DIGESTLENGTH) {
71: isc_sha1_t sha1ctx;
72: isc_sha1_init(&sha1ctx);
73: isc_sha1_update(&sha1ctx, r.base, r.length);
74: isc_sha1_final(&sha1ctx, key);
77: r.length = ISC_SHA1_DIGESTLENGTH;
Event Event: BIND documentation
Message: ./fipscc_nios/bind9/bin/tools/nsec3hash.docbook:80: only supported hash algorithm for NSEC3 is SHA-1,
Event Event: BIND documentation
Message: ./fipscc_nios/bind9/bin/tools/isc-hmac-fixup.docbook:58: hash algorithm (i.e., SHA1 keys longer than 160 bits, SHA256 keys
Event Event: BIND documentation
Message: ./fipscc_nios/bind9/bin/tools/isc-hmac-fixup.docbook:73: for SHA1 through SHA256, or 128 bytes for SHA384 and SHA512),
Event Event: BIND manual for isc-hmac-fixup (i.e. man 8 isc-hmac-fixup)
Message: ./fipscc_nios/bind9/bin/tools/isc-hmac-fixup.8:
38:Versions of BIND 9 up to and including BIND 9.6 had a bug causing HMAC\-SHA* TSIG keys which were longer than the digest length of the hash algorithm (i.e., SHA1 keys longer than 160 bits, SHA256 keys longer than 256 bits, etc) to be used incorrectly, generating a message authentication code that was incompatible with other DNS implementations.
46:and specify the key's algorithm and secret on the command line. If the secret is longer than the digest length of the algorithm (64 bytes for SHA1 through SHA256, or 128 bytes for SHA384 and SHA512), then a new secret will be generated consisting of a hash digest of the old secret. (If the secret did not require conversion, then it will be printed without modification.)
Event Event: BIND manual for rndc-confgen (i.e. man 8 rndc-confgen)
Message: ./fipscc_nios/bind9/bin/confgen/rndc-confgen.8:108:Specifies the algorithm to use for the TSIG key. Available choices are: hmac\-md5, hmac\-sha1, hmac\-sha224, hmac\-sha256, hmac\-sha384 and hmac\-sha512. The default is hmac\-md5.
Event Event: BIND documentation
Message: ./fipscc_nios/bind9/bin/confgen/rndc-confgen.docbook:138: choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256,
Event Event: BIND documentation
Message: ./fipscc_nios/bind9/bin/confgen/ddns-confgen.docbook:115: choices are: hmac-md5, hmac-sha1, hmac-sha224, hmac-sha256,
Event Event: Cases of switch (alg) in function alg_totext which converts algorithm type to string
Message: ./fipscc_nios/bind9/bin/confgen/keygen.c:
52: case DST_ALG_HMACSHA1:
53: return "hmac-sha1";
Event Event: Code in function alg_fromtext which converts string to algorithm type
Message: ./fipscc_nios/bind9/bin/confgen/keygen.c:
78: if (strcasecmp(p, "sha1") == 0)
79: return DST_ALG_HMACSHA1;
Event Event: Case of switch (alg) in function alg_bits which returns default keysize for a given algorithm type
Message: ./fipscc_nios/bind9/bin/confgen/keygen.c:99: case DST_ALG_HMACSHA1:
Event Event: Case of switch (alg) in function generate_key which generates a key of size 'keysize'
Message: ./fipscc_nios/bind9/bin/confgen/keygen.c:133: case DST_ALG_HMACSHA1:
Event Event: BIND manual for ddns-confgen (i.e. man 8 ddns-confgen)
Message: ./fipscc_nios/bind9/bin/confgen/ddns-confgen.8:75:Specifies the algorithm to use for the TSIG key. Available choices are: hmac\-md5, hmac\-sha1, hmac\-sha224, hmac\-sha256, hmac\-sha384 and hmac \-sha512. The default is hmac\-sha256. Options are case\-insensitive, and the "hmac\-" prefix may be omitted.
Event Event: diff -u openssl/Configure:1.9.2.1.2.1.4.1.2.1 openssl/Configure:1.11.2.2
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.0o-patch:220:+ AES-256-ECB, AES-128-CTR, AES-192-CTR, AES-256-CTR, MD5, SHA1, SHA224,
Event Event: diff -u /dev/null openssl/crypto/engine/hw_pk11.c:1.30.4.2
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.0o-patch:
1127:+ PK11_SHA1,
1216:+ {PK11_SHA1, NID_sha1, CKM_SHA_1, },
1486:+static const EVP_MD pk11_sha1 =
1488:+ NID_sha1,
1489:+ NID_sha1WithRSAEncryption,
3691:+ case NID_sha1:
3692:+ *digest = &pk11_sha1;
Event Event: diff -u /dev/null openssl/crypto/engine/hw_pk11_pub.c:1.38.2.3
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.0o-patch:
6108:+/* Size of an SSL signature: MD5+SHA1 */
6670:+ if (type == NID_md5_sha1)
6715:+ if (type != NID_md5_sha1)
6764:+ if ((type != NID_md5_sha1) && (s != NULL))
6799:+ if (type == NID_md5_sha1)
6842:+ if (type != NID_md5_sha1)
6889:+ if ((type != NID_md5_sha1) && (s != NULL))
Event Event: diff -u /dev/null openssl/crypto/engine/hw_pk11so_pub.c:1.8.2.2
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.0o-patch:
11395:+/* Size of an SSL signature: MD5+SHA1 */
11425:+ if (type == NID_md5_sha1)
11470:+ if (type != NID_md5_sha1)
11519:+ if ((type != NID_md5_sha1) && (s != NULL))
Event Event: BIND sources comment
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.0o-patch:14538:+/* CKM_MD2_RSA_PKCS, CKM_MD5_RSA_PKCS, and CKM_SHA1_RSA_PKCS
Event Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.0o-patch:14542:+#define CKM_SHA1_RSA_PKCS 0x00000006
Event Event: BIND sources comment
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.0o-patch:14550:+/* CKM_RSA_X9_31_KEY_PAIR_GEN, CKM_RSA_X9_31, CKM_SHA1_RSA_X9_31,
Event Event: BIND sources comment
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.0o-patch:14551:+ * CKM_RSA_PKCS_PSS, and CKM_SHA1_RSA_PKCS_PSS are new for v2.11 */
Event Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.0o-patch:14554:+#define CKM_SHA1_RSA_X9_31 0x0000000C
Event Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.0o-patch:14556:+#define CKM_SHA1_RSA_PKCS_PSS 0x0000000E
Event Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.0o-patch:14560:+#define CKM_DSA_SHA1 0x00000012
Event Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.0o-patch:14746:+#define CKM_SSL3_SHA1_MAC 0x00000381
Event Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.0o-patch:14749:+#define CKM_SHA1_KEY_DERIVATION 0x00000392
Event Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.0o-patch:14765:+#define CKM_PBE_SHA1_CAST5_CBC 0x000003A5
Event Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.0o-patch:14766:+#define CKM_PBE_SHA1_CAST128_CBC 0x000003A5
Event Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.0o-patch:14767:+#define CKM_PBE_SHA1_RC4_128 0x000003A6
Event Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.0o-patch:14768:+#define CKM_PBE_SHA1_RC4_40 0x000003A7
Event Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.0o-patch:14769:+#define CKM_PBE_SHA1_DES3_EDE_CBC 0x000003A8
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.0o-patch:14770:+#define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003A9
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.0o-patch:14771:+#define CKM_PBE_SHA1_RC2_128_CBC 0x000003AA
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.0o-patch:14772:+#define CKM_PBE_SHA1_RC2_40_CBC 0x000003AB
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.0o-patch:14777:+#define CKM_PBA_SHA1_WITH_SHA1_HMAC 0x000003C0
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.0o-patch:14848:+#define CKM_ECDSA_SHA1 0x00001042 Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.0o-patch:15187:+#define CKG_MGF1_SHA1 0x00000001
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.0o-patch:15234:+#define CKD_SHA1_KDF 0x00000002
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.0o-patch:15291:+#define CKD_SHA1_KDF_ASN1 0x00000003
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.0o-patch:15292:+#define CKD_SHA1_KDF_CONCATENATE 0x00000004
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.0o-patch:15666:+#define CKP_PKCS5_PBKD2_HMAC_SHA1 0x00000001
Event: diff -u /dev/null openssl/README.pkcs11:1.8
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.1j-patch:220:+ AES-256-ECB, AES-128-CTR, AES-192-CTR, AES-256-CTR, MD5, SHA1, SHA224,
Event: diff -u /dev/null openssl/crypto/engine/hw_pk11.c:1.33
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.1j-patch:
1103:+ PK11_SHA1,
1189:+ {PK11_SHA1, NID_sha1, CKM_SHA_1, },
1452:+static const EVP_MD pk11_sha1 =
1454:+ NID_sha1,
1455:+ NID_sha1WithRSAEncryption,
3640:+ case NID_sha1:
3641:+ *digest = &pk11_sha1;
Event: diff -u /dev/null openssl/crypto/engine/hw_pk11_pub.c:1.42
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.1j-patch:
6003:+/* Size of an SSL signature: MD5+SHA1 */
6565:+ if (type == NID_md5_sha1)
6610:+ if (type != NID_md5_sha1)
6659:+ if ((type != NID_md5_sha1) && (s != NULL))
6694:+ if (type == NID_md5_sha1)
6737:+ if (type != NID_md5_sha1)
6784:+ if ((type != NID_md5_sha1) && (s != NULL))
Event: diff -u /dev/null openssl/crypto/engine/hw_pk11so_pub.c:1.10
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.1j-patch:
11290:+/* Size of an SSL signature: MD5+SHA1 */
11320:+ if (type == NID_md5_sha1)
11365:+ if (type != NID_md5_sha1)
11414:+ if ((type != NID_md5_sha1) && (s != NULL))
Event: BIND sources comment
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.1j-patch:14433:+/* CKM_MD2_RSA_PKCS, CKM_MD5_RSA_PKCS, and CKM_SHA1_RSA_PKCS
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.1j-patch:14437:+#define CKM_SHA1_RSA_PKCS 0x00000006
Event: BIND sources comment
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.1j-patch:14445:+/* CKM_RSA_X9_31_KEY_PAIR_GEN, CKM_RSA_X9_31, CKM_SHA1_RSA_X9_31,
Event: BIND sources comment
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.1j-patch:14446:+ * CKM_RSA_PKCS_PSS, and CKM_SHA1_RSA_PKCS_PSS are new for v2.11 */
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.1j-patch:14449:+#define CKM_SHA1_RSA_X9_31 0x0000000C
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.1j-patch:14451:+#define CKM_SHA1_RSA_PKCS_PSS 0x0000000E
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.1j-patch:14455:+#define CKM_DSA_SHA1 0x00000012
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.1j-patch:14641:+#define CKM_SSL3_SHA1_MAC 0x00000381
Event Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.1j-patch:14644:+#define CKM_SHA1_KEY_DERIVATION 0x00000392
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.1j-patch:14660:+#define CKM_PBE_SHA1_CAST5_CBC 0x000003A5
Event Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.1j-patch:14661:+#define CKM_PBE_SHA1_CAST128_CBC 0x000003A5
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.1j-patch:14662:+#define CKM_PBE_SHA1_RC4_128 0x000003A6
Event Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.1j-patch:14663:+#define CKM_PBE_SHA1_RC4_40 0x000003A7
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.1j-patch:14664:+#define CKM_PBE_SHA1_DES3_EDE_CBC 0x000003A8
Event Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.1j-patch:14665:+#define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003A9
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.1j-patch:14666:+#define CKM_PBE_SHA1_RC2_128_CBC 0x000003AA
Event Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.1j-patch:14667:+#define CKM_PBE_SHA1_RC2_40_CBC 0x000003AB
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.1j-patch:14672:+#define CKM_PBA_SHA1_WITH_SHA1_HMAC 0x000003C0
Event Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.1j-patch:14743:+#define CKM_ECDSA_SHA1 0x00001042
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.1j-patch:15082:+#define CKG_MGF1_SHA1 0x00000001
Event Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.1j-patch:15129:+#define CKD_SHA1_KDF 0x00000002
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.1j-patch:15186:+#define CKD_SHA1_KDF_ASN1 0x00000003
Event Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.1j-patch:15187:+#define CKD_SHA1_KDF_CONCATENATE 0x00000004
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-1.0.1j-patch:15561:+#define CKP_PKCS5_PBKD2_HMAC_SHA1 0x00000001
Event Event: BIND sources comment
Message: ./fipscc_nios/bind9/bin/pkcs11/pkcs11-keygen.8:50:can be specified as a DNSSEC signing algorithm that will be used with this key; for example, NSEC3RSASHA1 maps to RSA, and ECDSAP256SHA256 maps to ECC. The default class is "RSA".
Event: BIND sources comment
Message: ./fipscc_nios/bind9/bin/pkcs11/pkcs11-keygen.c:231: * NSEC3RSASHA1 maps to RSA.
Event Event: diff -u /dev/null openssl/README.pkcs11:1.6.4.2
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-0.9.8zc-patch:220:+ AES-256-ECB, AES-128-CTR, AES-192-CTR, AES-256-CTR, MD5, SHA1, SHA224,
Event: diff -u /dev/null openssl/crypto/engine/hw_pk11.c:1.26.4.4
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-0.9.8zc-patch:
1146:+ PK11_SHA1,
1235:+ {PK11_SHA1, NID_sha1, CKM_SHA_1, },
1505:+static const EVP_MD pk11_sha1 =
1507:+ NID_sha1,
1508:+ NID_sha1WithRSAEncryption,
3710:+ case NID_sha1:
3711:+ *digest = &pk11_sha1;
Event Event: diff -u /dev/null openssl/crypto/engine/hw_pk11_pub.c:1.32.4.7
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-0.9.8zc-patch:
6127:+/* Size of an SSL signature: MD5+SHA1 */
6689:+ if (type == NID_md5_sha1)
6734:+ if (type != NID_md5_sha1)
6783:+ if ((type != NID_md5_sha1) && (s != NULL))
6818:+ if (type == NID_md5_sha1)
6861:+ if (type != NID_md5_sha1)
6908:+ if ((type != NID_md5_sha1) && (s != NULL))
Event: diff -u /dev/null openssl/crypto/engine/hw_pk11so_pub.c:1.2.4.6
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-0.9.8zc-patch:
11414:+/* Size of an SSL signature: MD5+SHA1 */
11444:+ if (type == NID_md5_sha1)
11489:+ if (type != NID_md5_sha1)
11538:+ if ((type != NID_md5_sha1) && (s != NULL))
Event Event: BIND sources comment
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-0.9.8zc-patch:14557:+/* CKM_MD2_RSA_PKCS, CKM_MD5_RSA_PKCS, and CKM_SHA1_RSA_PKCS
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-0.9.8zc-patch:14561:+#define CKM_SHA1_RSA_PKCS 0x00000006
Event Event: BIND sources comment
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-0.9.8zc-patch:14569:+/* CKM_RSA_X9_31_KEY_PAIR_GEN, CKM_RSA_X9_31, CKM_SHA1_RSA_X9_31,
Event: BIND sources: a literal in comments in the patch file openssl-0.9.8zc-patch
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-0.9.8zc-patch:14570:+ * CKM_RSA_PKCS_PSS, and CKM_SHA1_RSA_PKCS_PSS are new for v2.11 */
Event Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-0.9.8zc-patch:14573:+#define CKM_SHA1_RSA_X9_31 0x0000000C
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-0.9.8zc-patch:14789:+#define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003A9 BIND sources macro definition
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-0.9.8zc-patch:14790:+#define CKM_PBE_SHA1_RC2_128_CBC 0x000003AA
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-0.9.8zc-patch:14791:+#define CKM_PBE_SHA1_RC2_40_CBC 0x000003AB
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-0.9.8zc-patch:14796:+#define CKM_PBA_SHA1_WITH_SHA1_HMAC 0x000003C0
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-0.9.8zc-patch:14867:+#define CKM_ECDSA_SHA1 0x00001042
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-0.9.8zc-patch:15206:+#define CKG_MGF1_SHA1 0x00000001
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-0.9.8zc-patch:15253:+#define CKD_SHA1_KDF 0x00000002 BIND sources macro definition
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-0.9.8zc-patch:15310:+#define CKD_SHA1_KDF_ASN1 0x00000003
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-0.9.8zc-patch:15311:+#define CKD_SHA1_KDF_CONCATENATE 0x00000004
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/pkcs11/openssl-0.9.8zc-patch:15685:+#define CKP_PKCS5_PBKD2_HMAC_SHA1 0x00000001
Event: BIND documentation
Message: ./fipscc_nios/bind9/bin/pkcs11/pkcs11-keygen.docbook:81: example, NSEC3RSASHA1 maps to RSA, and ECDSAP256SHA256 maps
Event: Code in function check_dnssec
Message: ./fipscc_nios/bind9/bin/named/update.c:2284: if (alg == DST_ALG_RSAMD5 || alg == DST_ALG_RSASHA1 ||
Event: Code in function dstkey_fromconfig
Message: ./fipscc_nios/bind9/bin/named/server.c:795: if ((keystruct.algorithm == DST_ALG_RSASHA1 ||
Event: Code in function load_configuration
Message: ./fipscc_nios/bind9/bin/named/server.c:
8172:#ifdef HMAC_SHA1_SIT
8173: if (isc_buffer_usedlength(&b) != ISC_SHA1_DIGESTLENGTH)
8175: "SHA1 sit-secret must be on 160 bits");
Event: Code in function compute_sit
Message: ./fipscc_nios/bind9/bin/named/client.c:
2460:#ifdef HMAC_SHA1_SIT
2461: unsigned char digest[ISC_SHA1_DIGESTLENGTH];
2464: isc_hmacsha1_t hmacsha1;
2471: isc_hmacsha1_init(&hmacsha1,
2473: ISC_SHA1_DIGESTLENGTH);
2474: isc_hmacsha1_update(&hmacsha1, cp, 16);
2478: isc_hmacsha1_update(&hmacsha1,
2482: isc_hmacsha1_update(&hmacsha1,
2486: isc_hmacsha1_update(&hmacsha1, client->cookie, sizeof(client->cookie));
2487: isc_hmacsha1_sign(&hmacsha1, digest, sizeof(digest));
2489: isc_hmacsha1_invalidate(&hmacsha1);
Event: Items of enum hmac inside struct keyalgorithms
Message: ./fipscc_nios/bind9/bin/named/config.c:1148: enum { hmacnone, hmacmd5, hmacsha1, hmacsha224,
Event: Item of array algorithms of structs keyalgorithms
Message: ./fipscc_nios/bind9/bin/named/config.c:1156: { "hmac-sha1", hmacsha1, DST_ALG_HMACSHA1, 160 },
Event: Case of switch (algorithms[i].hmac) in function ns_config_getkeyalgorithm2
Message: ./fipscc_nios/bind9/bin/named/config.c:1231: case hmacsha1: *name = dns_tsig_hmacsha1_name; break;
Event: BIND documentation
Message: ./fipscc_nios/bind9/bin/nsupdate/nsupdate.docbook:166: hmac-sha1, hmac-sha224,
Event: BIND manual for nsupdate (i.e. man 1 nsupdate)
Message: ./fipscc_nios/bind9/bin/nsupdate/nsupdate.1:104:hmac\-sha1,
Event: Code in function parse_hmac
Message: ./fipscc_nios/bind9/bin/nsupdate/nsupdate.c:
477: } else if (strcasecmp(buf, "hmac-sha1") == 0) {
478: *hmac = DNS_TSIG_HMACSHA1_NAME;
479: } else if (strncasecmp(buf, "hmac-sha1-", 10) == 0) {
480: *hmac = DNS_TSIG_HMACSHA1_NAME;
Event: Case of switch (dst_key_alg(dstkey))in function setup_keyfile
Message: ./fipscc_nios/bind9/bin/nsupdate/nsupdate.c:
702: case DST_ALG_HMACSHA1:
703: hmacname = DNS_TSIG_HMACSHA1_NAME;
Event: BIND manual for rndc (i.e. man 8 rndc)
Message: ./fipscc_nios/bind9/bin/rndc/rndc.8:50:\fBnamed\fR, the only supported authentication algorithms are HMAC\-MD5 (for compatibility), HMAC\-SHA1, HMAC\-SHA224, HMAC\-SHA256 (default), HMAC\-SHA384 and HMAC\-SHA512. They use a shared secret on each end of the connection. This provides TSIG\-style authentication for the command request and the name server's response. All commands sent over the channel must be signed by a key_id known to the server.
Event: Code in function parse_config
Message: ./fipscc_nios/bind9/bin/rndc/rndc.c:
609: else if (strcasecmp(algorithmstr, "hmac-sha1") == 0)
610: algorithm = ISCCC_ALG_HMACSHA1;
Event: BIND documentation
Message: ./fipscc_nios/bind9/bin/rndc/rndc.docbook:85: (for compatibility), HMAC-SHA1, HMAC-SHA224, HMAC-SHA256
Event: BIND documentation
Message: ./fipscc_nios/bind9/bin/rndc/rndc.docbook:718: is 1, representing SHA-1.
Event: BIND documentation
Message: ./fipscc_nios/bind9/bin/rndc/rndc.docbook:733: the SHA-1 hash algorithm, no opt-out flag,
Event: BIND documentation
Message: ./fipscc_nios/bind9/bin/rndc/rndc.conf.docbook:125: (for compatibility), HMAC-SHA1, HMAC-SHA224, HMAC-SHA256
Event: BIND manual for rndc.conf (i.e. man 5 rndc.conf)
Message: ./fipscc_nios/bind9/bin/rndc/rndc.conf.5:103:to use; currently only HMAC\-MD5 (for compatibility), HMAC\-SHA1, HMAC\-SHA224, HMAC\-SHA256 (default), HMAC\-SHA384 and HMAC\-SHA512 are supported. This is followed by a secret clause which contains the base\-64 encoding of the algorithm's authentication key. The base\-64 string is enclosed in double quotes.
Event: BIND sources, variable (Python dict) with hash algorithms gets initialized
Message: ./fipscc_nios/bind9/bin/python/dnssec-checkds.py.in:60: hashalgs = {1: 'SHA-1', 2: 'SHA-256', 3: 'GOST', 4: 'SHA-384' }
Event: BIND sources, variable (Python dict) with hash algorithms gets initialized
Message: ./fipscc_nios/bind9/bin/python/dnssec-checkds.py.in:110: hashalgs = {1: 'SHA-1', 2: 'SHA-256', 3: 'GOST', 4: 'SHA-384' }
Event Event: BIND sources, variable (Python tuple) with mnemonic names for algorithms gets initialized
Message: ./fipscc_nios/bind9/bin/python/dnssec-coverage.py.in:437: names = (None, 'RSAMD5', 'DH', 'DSA', 'ECC', 'RSASHA1',
Event: BIND sources, variable (Python tuple) with mnemonic names for algorithms gets initialized
Message: ./fipscc_nios/bind9/bin/python/dnssec-coverage.py.in:438: 'NSEC3DSA', 'NSEC3RSASHA1', 'RSASHA256', None,
Event: BIND manual for dnssec-dsfromkey (i.e. man 8 dnssec-dsfromkey)
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-dsfromkey.8:60:must be one of SHA\-1 (SHA1), SHA\-256 (SHA256), GOST or SHA\-384 (SHA384). These values are case insensitive.
Event: Argument in call dns_ds_buildrdata in function loadds
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-signzone.c:1093: result = dns_ds_buildrdata(name, &key, DNS_DSDIGEST_SHA1,
Event: Code in function addnsec3param
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-signzone.c:2033: nsec3param.hash = unknownalg ? DNS_NSEC3_UNKNOWNALG : dns_hash_sha1;
Event: Code in function addnsec3
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-signzone.c:
2099: name, gorigin, dns_hash_sha1, iterations,
2105: DNS_NSEC3_UNKNOWNALG : dns_hash_sha1,
2108: nexthash, ISC_SHA1_DIGESTLENGTH,
Event: Argument in call dns_nsec3_hashname in function set_nsec3params
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-signzone.c:3156: gorigin, gorigin, dns_hash_sha1,
Event: Argument in call dns_ds_buildrdata in function writeset
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-signzone.c:3298: DNS_DSDIGEST_SHA1,
Event: Argument in call nsec3ify in function nsec3ify
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-signzone.c:3545: nsec3ify(dns_hash_sha1, nsec3iter, gsalt, salt_length,
Event: Argument in call dns_nsec3_hashlength in function main
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-signzone.c:4463: hash_length = dns_nsec3_hashlength(dns_hash_sha1);
Event: Argument in call nsec3ify in function main
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-signzone.c:4531: nsec3ify(dns_hash_sha1, nsec3iter, gsalt, salt_length,
Event: BIND documentation
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-dsfromkey.docbook:98: Use SHA-1 as the digest algorithm
Event: BIND documentation
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-dsfromkey.docbook:99: both SHA-1 and SHA-256).
Event: BIND documentation
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-dsfromkey.docbook:118: must be one of SHA-1 (SHA1),
Event: BIND documentation
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keygen.docbook:120: of must be one of RSAMD5, RSASHA1,
Event: BIND documentation
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keygen.docbook:121: DSA, NSEC3RSASHA1, NSEC3DSA, RSASHA256, RSASHA512, ECCGOST,
Event: BIND documentation
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keygen.docbook:124: be DH (Diffie Hellman), HMAC-MD5, HMAC-SHA1, HMAC-SHA224,
Event: BIND documentation
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keygen.docbook:129: If no algorithm is specified, then RSASHA1 will be used
Event: BIND documentation
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keygen.docbook:131: in which case NSEC3RSASHA1 will be used instead.
Event: BIND documentation
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keygen.docbook:136: Note 1: that for DNSSEC, RSASHA1 is a mandatory to implement
Event: BIND documentation
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keygen.docbook:141: Note 2: DH, HMAC-MD5, and HMAC-SHA1 through HMAC-SHA512
Event: BIND documentation
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keygen.docbook:192: set on the command line, NSEC3RSASHA1 will be used
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keyfromlabel.c:55:#define DEFAULT_ALGORITHM "RSASHA1"
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keyfromlabel.c:56:#define DEFAULT_NSEC3_ALGORITHM "NSEC3RSASHA1"
Event: algs - algorithms string
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keyfromlabel.c:
58:static const char *algs = "RSA | RSAMD5 | DH | DSA | RSASHA1 |"
59: " NSEC3DSA | NSEC3RSASHA1 |"
Event: Code of function usage
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keyfromlabel.c:
77: fprintf(stderr, " (default: RSASHA1, or "
78: "NSEC3RSASHA1 if using -3)\n");
Event: Code in function main
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keyfromlabel.c:400: alg != DST_ALG_NSEC3DSA && alg != DST_ALG_NSEC3RSASHA1 &&
Event: BIND manual for dnssec-keygen (i.e. man 8 dnssec-keygen)
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keygen.8:
51:must be one of RSAMD5, RSASHA1, DSA, NSEC3RSASHA1, NSEC3DSA, RSASHA256, RSASHA512, ECCGOST, ECDSAP256SHA256 or ECDSAP384SHA384. For TSIG/TKEY, the value must be DH (Diffie Hellman), HMAC\-MD5, HMAC\-SHA1, HMAC\-SHA224, HMAC\-SHA256, HMAC\-SHA384, or HMAC\-SHA512. These values are case insensitive.
53:If no algorithm is specified, then RSASHA1 will be used by default, unless the
55:option is specified, in which case NSEC3RSASHA1 will be used instead. (If
59:Note 1: that for DNSSEC, RSASHA1 is a mandatory to implement algorithm, and DSA is recommended. For TSIG, HMAC\-MD5 is mandatory.
61:Note 2: DH, HMAC\-MD5, and HMAC\-SHA1 through HMAC\-SHA512 automatically set the \-T KEY option.
84:Use an NSEC3\-capable algorithm to generate a DNSSEC key. If this option is used and no algorithm is explicitly set on the command line, NSEC3RSASHA1 will be used by default. Note that RSASHA256, RSASHA512, ECCGOST, ECDSAP256SHA256 and ECDSAP384SHA384 algorithms are NSEC3\-capable.
Event: BIND manual for dnssec-keyfromlabel (i.e. man 8 dnssec-keyfromlabel)
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keyfromlabel.8:
51:must be one of RSAMD5, RSASHA1, DSA, NSEC3RSASHA1, NSEC3DSA, RSASHA256, RSASHA512, ECCGOST, ECDSAP256SHA256 or ECDSAP384SHA384. These values are case insensitive.
53:If no algorithm is specified, then RSASHA1 will be used by default, unless the
55:option is specified, in which case NSEC3RSASHA1 will be used instead. (If
59:Note 1: that for DNSSEC, RSASHA1 is a mandatory to implement algorithm, and DSA is recommended.
66:Use an NSEC3\-capable algorithm to generate a DNSSEC key. If this option is used and no algorithm is explicitly set on the command line, N SEC3RSASHA1 will be used by default.
Event: BIND documentation
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keyfromlabel.docbook:104: must be one of RSAMD5, RSASHA1,
Event: BIND documentation
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keyfromlabel.docbook:105: DSA, NSEC3RSASHA1, NSEC3DSA, RSASHA256, RSASHA512, ECCGOST,
Event: BIND documentation
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keyfromlabel.docbook:110: If no algorithm is specified, then RSASHA1 will be used
Event: BIND documentation
Message:
Event: BIND documentation
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keyfromlabel.docbook:112: in which case NSEC3RSASHA1 will be used instead.
Event: BIND documentation
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keyfromlabel.docbook:117: Note 1: that for DNSSEC, RSASHA1 is a mandatory to implement
Event: BIND documentation
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keyfromlabel.docbook:132: set on the command line, NSEC3RSASHA1 will be used
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keygen.c:82:#define DEFAULT_ALGORITHM "RSASHA1"
Event: BIND sources macro definition
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keygen.c:83:#define DEFAULT_NSEC3_ALGORITHM "NSEC3RSASHA1"
Event: BIND sources string literal
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keygen.c:99: fprintf(stderr, " RSA | RSAMD5 | DSA | RSASHA1 | NSEC3RSASHA1"
Event: BIND sources string literal
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keygen.c:103: fprintf(stderr, " DH | HMAC-MD5 | HMAC-SHA1 | HMAC-SHA224 | "
Event: BIND sources string literal
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keygen.c:106: fprintf(stderr, " (default: RSASHA1, or "
Event: BIND sources string literal
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keygen.c:107: "NSEC3RSASHA1 if using -3)\n");
Event: BIND sources string literal
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keygen.c:111: fprintf(stderr, " RSASHA1:\t[512..%d]\n", MAX_RSA);
Event: BIND sources string literal
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keygen.c:112: fprintf(stderr, " NSEC3RSASHA1:\t[512..%d]\n", MAX_RSA);
Event: BIND sources string literal
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keygen.c:123: fprintf(stderr, " HMAC-SHA1:\t[1..160]\n");
Event: BIND sources string literal
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keygen.c:563: else if (strcasecmp(algname, "HMAC-SHA1") == 0)
Event: Code in function main
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keygen.c:
564: alg = DST_ALG_HMACSHA1;
587: alg != DST_ALG_NSEC3DSA && alg != DST_ALG_NSEC3RSASHA1 &&
Event: Cases of switch (alg) in function main
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keygen.c:
733: case DNS_KEYALG_RSASHA1:
734: case DNS_KEYALG_NSEC3RSASHA1:
771: case DST_ALG_HMACSHA1:
774: fatal("HMAC-SHA1 key size %d out of range", size);
776: fatal("HMAC-SHA1 digest bits %d out of range", dbits);
778: fatal("HMAC-SHA1 digest bits %d not divisible by 8",
Event: Code in function main
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keygen.c:870: alg == DST_ALG_HMACSHA1 || alg == DST_ALG_HMACSHA224 ||
Event: Cases of switch (alg) in function main
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-keygen.c:
878: case DNS_KEYALG_RSASHA1:
879: case DNS_KEYALG_NSEC3RSASHA1:
898: case DST_ALG_HMACSHA1:
Event Event: Code in function usage
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-dsfromkey.c:
336: "(SHA-1, SHA-256, GOST or SHA-384)\n");
337: fprintf(stderr, " -1: use SHA-1\n");
Event: Initializing local variable dtype in function main
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-dsfromkey.c:358: unsigned int dtype = DNS_DSDIGEST_SHA1;
Event: Setting variable dtype in function main
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-dsfromkey.c:388: dtype = DNS_DSDIGEST_SHA1;
Event: Code in function main
Message: ./fipscc_nios/bind9/bin/dnssec/dnssec-dsfromkey.c:
458: if (strcasecmp(algname, "SHA1") == 0 ||
459: strcasecmp(algname, "SHA-1") == 0)
460: dtype = DNS_DSDIGEST_SHA1;
535: emit(DNS_DSDIGEST_SHA1, showall, lookaside,
549: emit(DNS_DSDIGEST_SHA1, showall, lookaside, &rdata);
Event: Calculate fingerprint of VMWare config and disk of the product image
Message: ./fipscc_nios/vnios/vnios-build:707: openssl sha1 ${input_file}*.{ovf,vmdk} ${name}*.vmdk > ${input_file}.mf
Event Event: Calculate fingerprint of VMWare config and disk of the product image
Message: ./fipscc_nios/vnios/vnios-build:709: openssl sha1 ${input_file_standalone}.ovf ${input_file}*.vmdk GuideVM-disk.vmdk ${name}*.vmdk > ${input_file_standalone}.mf
Event Event: Comment in NIOS build scripts
Message: ./fipscc_nios/vnios/vnios-build:1221:# Generates an mf file. Pretty simple, just dumps the SHA1 fingerprints
Event Event: Calculate fingerprint of VMWare config and disk of the product image
Message: ./fipscc_nios/vnios/vnios-build:1236: openssl sha1 ${name}*.{ovf,vmdk} > ${output}.mf
Event Event: OpenSSL binary library
Message: Binary file ./fipscc_nios/vnios/libdir/lib/libcrypto.so.0.9.8/libcrypto.so.0.9.8 matches
Event Event: OpenSSL binary library
Message: Binary file ./fipscc_nios/vnios/libdir/lib/libssl.so.0.9.8/libssl.so.0.9.8 matches
Event Event: Comment in .ova packaging script
Message: ./fipscc_nios/vnios/build-ova.sh:48:# Generates an mf file. Pretty simple, just dumps the SHA1 fingerprints
Event Event: Calculate fingerprint of VMWare .ova file of the product image
Message: ./fipscc_nios/vnios/build-ova.sh:66: openssl sha1 "${baseFile}" >${mfFile}
Event Event: Calculate fingerprint of VMWare .ova file of the product image
Message: ./fipscc_nios/vnios/build-ova.sh:73: openssl sha1 "${baseFile}" >>${mfFile}
Event Event: Check algorithm name and set algorithm code in function isclib_make_dst_key
Message: ./fipscc_nios/dhcp3/omapip/isclib.c:
344: } else if (strcasecmp(algorithm, DHCP_HMAC_SHA1_NAME) == 0) {
345: algorithm_code = DST_ALG_HMACSHA1;
Event Event: ISC DCHP macro define
Message: ./fipscc_nios/dhcp3/includes/isc-dhcp/dst.h:117:#define KEY_HMAC_SHA1 158
Event Event: ISC DCHP macro define
Message: ./fipscc_nios/dhcp3/includes/isc-dhcp/dst.h:119:#define DST_MAX_ALGS KEY_HMAC_SHA1
Event: ISC DCHP macro define
Message: ./fipscc_nios/dhcp3/includes/omapip/isclib.h:109:#define DHCP_HMAC_SHA1_NAME "HMAC-SHA1.SIG-ALG.REG.INT."
Event: ISC DCHP config sample
Message: ./fipscc_nios/dhcp3/server/dhcpd.conf.5:1321: HMAC-SHA1
Event: ISC DCHP documentation
Message: ./fipscc_nios/dhcp3/RELNOTES:271: additional algorithms: hmac-sha1, hmac-sha224, hmac-sha256, hmac-sha384,
Event: OpenSSL binary library
Message: Binary file ./fipscc_nios/ipamvm/libcrypto.so.0.9.8 matches
Event: OpenSSL binary library
Message: Binary file ./fipscc_nios/ipamvm/libssl.so.0.9.8 matches
Event: Argument of call MemBufferWriteString in function LogTlsLogExtended
Message: ./fipscc_nios/sw_atp/suricata/src/log-tlslog.c:89: MemBufferWriteString(aft->buffer, " SHA1='%s'", state->server_connp.cert0_fingerprint);
Event: Assigning field desc of sigmatch_table in function DetectTlsRegister
Message: ./fipscc_nios/sw_atp/suricata/src/detect-tls.c:117: sigmatch_table[DETECT_AL_TLS_FINGERPRINT].desc = "match TLS/SSL certificate SHA1 fingerprint";
Event: Call of ComputeSHA1 in function DecodeTLSHandshakeServerCertificate
Message: ./fipscc_nios/sw_atp/suricata/src/app-layer-tls-handshake.c:172: hash = ComputeSHA1((unsigned char *) input, (int) msg_len);
Message: ./fipscc_nios/sw_atp/suricata/src/util-crypt.h:67:typedef struct Sha1State_ {
Event: typedef struct Sha1State_ {...} Sha1State;
Message: ./fipscc_nios/sw_atp/suricata/src/util-crypt.h:
71:} Sha1State;
75: Sha1State sha1;
Event: Function ComputeSHA1 declaration
Message: ./fipscc_nios/sw_atp/suricata/src/util-crypt.h:81:unsigned char* ComputeSHA1(unsigned char* buff, int bufflen);
Event: Function Sha1Compress definition
Message: ./fipscc_nios/sw_atp/suricata/src/util-crypt.c:44:static int Sha1Compress(HashState *md, unsigned char *buf)
Event: Copy state in function Sha1Compress
Message: ./fipscc_nios/sw_atp/suricata/src/util-crypt.c:
53: a = md->sha1.state[0];
54: b = md->sha1.state[1];
55: c = md->sha1.state[2];
56: d = md->sha1.state[3];
57: e = md->sha1.state[4];
Event: Store state in function Sha1Compress
Message: ./fipscc_nios/sw_atp/suricata/src/util-crypt.c:
112: md->sha1.state[0] = md->sha1.state[0] + a;
113: md->sha1.state[1] = md->sha1.state[1] + b;
114: md->sha1.state[2] = md->sha1.state[2] + c;
115: md->sha1.state[3] = md->sha1.state[3] + d;
116: md->sha1.state[4] = md->sha1.state[4] + e;
Event: Function Sha1Init definition
Message: ./fipscc_nios/sw_atp/suricata/src/util-crypt.c:121:static int Sha1Init(HashState * md)
Event: State initialization in function Sha1Init
Message: ./fipscc_nios/sw_atp/suricata/src/util-crypt.c:
127: md->sha1.state[0] = 0x67452301UL;
128: md->sha1.state[1] = 0xefcdab89UL;
129: md->sha1.state[2] = 0x98badcfeUL;
130: md->sha1.state[3] = 0x10325476UL;
131: md->sha1.state[4] = 0xc3d2e1f0UL;
132: md->sha1.curlen = 0;
133: md->sha1.length = 0;
Event: Function Sha1Process definition
Message: ./fipscc_nios/sw_atp/suricata/src/util-crypt.c:137:static int Sha1Process (HashState * md, const unsigned char *in, unsigned long inlen)
Event: Code in function Sha1Process
Message: ./fipscc_nios/sw_atp/suricata/src/util-crypt.c:
146: if (md->sha1.curlen > sizeof(md->sha1.buf)) {
150: if (md-> sha1.curlen == 0 && inlen >= 64) {
151: if ((err = Sha1Compress(md, (unsigned char *)in)) != SC_SHA_1_OK) {
154: md-> sha1 .length += 64 * 8;
158: n = MIN(inlen, (64 - md-> sha1 .curlen));
159: memcpy(md-> sha1 .buf + md-> sha1.curlen, in, (size_t)n);
160: md-> sha1 .curlen += n;
163: if (md-> sha1 .curlen == 64) {
164: if ((err = Sha1Compress(md, md-> sha1 .buf)) != SC_SHA_1_OK) {
167: md-> sha1 .length += 8*64;
168: md-> sha1 .curlen = 0;
Event: Function Sha1Done definition
Message: ./fipscc_nios/sw_atp/suricata/src/util-crypt.c:177:static int Sha1Done(HashState * md, unsigned char *out)
Event: Code in function Sha1Done
Message: ./fipscc_nios/sw_atp/suricata/src/util-crypt.c:
186: if (md->sha1.curlen >= sizeof(md->sha1.buf)) {
191: md->sha1.length += md->sha1.curlen * 8;
194: md->sha1.buf[md->sha1.curlen++] = (unsigned char)0x80;
200: if (md->sha1.curlen > 56) {
201: while (md->sha1.curlen < 64) {
202: md->sha1.buf[md->sha1.curlen++] = (unsigned char)0;
204: Sha1Compress(md, md->sha1.buf);
205: md->sha1.curlen = 0;
209: while (md->sha1.curlen < 56) {
210: md->sha1.buf[md->sha1.curlen++] = (unsigned char)0;
214: STORE64H(md->sha1.length, md->sha1.buf+56);
215: Sha1Compress(md, md->sha1.buf);
219: STORE32H(md->sha1.state[i], out+(4*i));
Event: ComputeSHA1 definition
Message: ./fipscc_nios/sw_atp/suricata/src/util-crypt.c:227:unsigned char* ComputeSHA1(unsigned char* buff, int bufflen) Function
Event: Code in function ComputeSHA1
Message: ./fipscc_nios/sw_atp/suricata/src/util-crypt.c:
233: Sha1Init(&md);
234: Sha1Process(&md, buff, bufflen);
235: Sha1Done(&md, lResult);
Event: Function ComputeSHA1 definition if HAVE_NSS is defined
Message: ./fipscc_nios/sw_atp/suricata/src/util-crypt.c:241:unsigned char* ComputeSHA1(unsigned char* buff, int bufflen)
Event: Code in function ComputeSHA1
Message: ./fipscc_nios/sw_atp/suricata/src/util-crypt.c:
243: HASHContext *sha1_ctx = HASH_Create(HASH_AlgSHA1);
246: if (sha1_ctx == NULL) {
252: HASH_Destroy(sha1_ctx);
255: HASH_Begin(sha1_ctx);
256: HASH_Update(sha1_ctx, buff, bufflen);
257: HASH_End(sha1_ctx, lResult, &rlen, (sizeof(unsigned char) * 20));
258: HASH_Destroy(sha1_ctx);
Event: Code in function process
Message: ./fipscc_nios/sw_atp/suricata/contrib/file_processor/Processor/ShadowServer.pm:32: my @meta_cols = qw(md5 sha1 first_date last_date type ssdeep);
Event: atp rule
Message: ./fipscc_nios/sw_atp/suricata/prod_suricata/suricata/rules.orig/emerging-scan.rules:265:alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET SCAN Possible Mysqloit Operating System Fingerprint/SQL Injection Test Scan Detected"; flow:established,to_server; content:"+UNION+select+'BENCHMARK(10000000,SHA1(1))"; http_uri; reference:url,code.google.com/p/mysqloit/; reference:url,doc.emergingthreats.net/2009883; classtype:attempted-recon; sid:2009883; rev:6;)
Event: sid-msg.map items
Message: ./fipscc_nios/sw_atp/suricata/prod_suricata/suricata/rules.orig/sid-msg.map:
14240:2017120 || ET POLICY Possible IPMI 2.0 RAKP Remote SHA1 Password Hash Retreival RAKP message 1 with default BMC usernames (Admin|root|Administrator|USERID)
14241:2017121 || ET ATTACK_RESPONSE Possible IPMI 2.0 RAKP Remote SHA1 Password Hash Retreival RAKP message 2 status code Unauthorized Name
Event: atp rule
Message: ./fipscc_nios/sw_atp/suricata/prod_suricata/suricata/rules.orig/emerging-policy.rules:2342:alert udp $EXTERNAL_NET any -> $HOME_NET 623 (msg:"ET POLICY Possible IPMI 2.0 RAKP Remote SHA1 Password Hash Retreival RAKP message 1 with default BMC usernames (Admin|root|Administrator|USERID)"; content:"|06 12|"; offset:4; depth:2; pcre:"/((\x0d|\x05)Admin(istrator)?|\x04root|\x06USERID)/Ri"; classtype:protocol-command-decode; sid:2017120; rev:2;)
Event: atp rule
Message:./fipscc_nios/sw_atp/suricata/prod_suricata/suricata/rules.orig/emerging-attack_response.rules:481:alert udp $HOME_NET 623 -> $EXTERNAL_NET any (msg:"ET ATTACK_RESPONSE Possible IPMI 2.0 RAKP Remote SHA1 Password Hash Retreival RAKP message 2 status code Unauthorized Name"; content:"|06 13|"; offset:4; depth:2; content:"|0d|"; distance:11; within:1; classtype:protocol-command-decode; sid:2017121; rev:2;)
Event: Argument of call EVP_BytesToKey which makes 3DES key out of the password in function generateDESKey
Message: ./fipscc_nios/common/server/src/lib/security/security_functions.c:64: EVP_sha1(),
Event: Code in function ib_bin_SHAHash - SHA hash function which returns the digest data in a buffer with length 20
Message: ./fipscc_nios/common/server/src/lib/security/security_functions.c:
305: SHA1_Init(&c);
306: SHA1_Update(&c, inputValue, inputLength);
307: SHA1_Final(sha, &c);
Event: Comment to function ib_ssha_pwd
Message: ./fipscc_nios/common/server/src/lib/security/security_functions.c:544: * This routine implements the salted SHA1 for password hashing.
Event: Comment to function ib_ssha_pwd
Message: ./fipscc_nios/common/server/include/infoblox/security_functions.h:298: * This routine implements the salted SHA1 for password hashing.
Event: Cases of switch ((sldns_algorithm)alg) in function sldns_rr_dnskey_key_size_raw
Message: ./fipscc_nios/unbound/ldns/keyraw.c:
50: case LDNS_RSASHA1:
51: case LDNS_RSASHA1_NSEC3:
Event: Items of sldns_lookup_table sldns_algorithms_data - lookup table for standard DNS stuff
Message: ./fipscc_nios/unbound/ldns/wire2str.c:
42: { LDNS_RSASHA1, "RSASHA1" },
43: { LDNS_DSA_NSEC3, "DSA-NSEC3-SHA1" },
44: { LDNS_RSASHA1_NSEC3, "RSASHA1-NSEC3-SHA1" },
Event: Item of sldns_lookup_table sldns_hashes_data - hash algorithms in DS record
Message: ./fipscc_nios/unbound/ldns/wire2str.c:59: { LDNS_SHA1, "SHA1" },
Event: Argument in call sldns_str_print in function sldns_wire2str_edns_n3u_print
Message: ./fipscc_nios/unbound/ldns/wire2str.c:1766: w += sldns_str_print(s, sl, " SHA1");
Event: Items of enum sldns_enum_algorithm - algorithms used in dns
Message: ./fipscc_nios/unbound/ldns/rrdef.h:
364: LDNS_RSASHA1 = 5,
366: LDNS_RSASHA1_NSEC3 = 7,
Event: Item of enum sldns_enum_hash - hashing algorithms used in the DS record
Message: ./fipscc_nios/unbound/ldns/rrdef.h:383: LDNS_SHA1 = 1, /* RFC 4034 */
Event: Content of autoconf file
Message: ./fipscc_nios/unbound/configure.ac:573:AC_CHECK_FUNCS([OPENSSL_config EVP_sha1 EVP_sha256 EVP_sha512 FIPS_mode])
Event: Case of switch(d->rr_data[r][2+0]) in function nsec3_known_algo which returns if nsec3 RR has known algorithm
Message: ./fipscc_nios/unbound/validator/val_nsec3.c:171: case NSEC3_HASH_SHA1:
Event: Code in case NSEC3_HASH_SHA1 of switch(algo) in function nsec3_get_hashed
Message: ./fipscc_nios/unbound/validator/val_nsec3.c:
549:#if defined(HAVE_EVP_SHA1) || defined(HAVE_NSS)
550: case NSEC3_HASH_SHA1:
554: hash_len = SHA1_LENGTH;
559: (void)SHA1((unsigned char*)sldns_buffer_begin(buf),
563: (void)HASH_HashBuf(HASH_AlgSHA1, (unsigned char*)res,
573: (void)SHA1(
578: (void)HASH_HashBuf(HASH_AlgSHA1,
Event: Unbound sources comment
Message: ./fipscc_nios/unbound/validator/val_nsec3.c:585:#endif /* HAVE_EVP_SHA1 or NSS */
Event: Code in case NSEC3_HASH_SHA1 of switch(algo) in function nsec3_calc_hash which performs hash of name
Message: ./fipscc_nios/unbound/validator/val_nsec3.c:
611:#if defined(HAVE_EVP_SHA1) || defined(HAVE_NSS)
612: case NSEC3_HASH_SHA1:
616: c->hash_len = SHA1_LENGTH;
623: (void)SHA1((unsigned char*)sldns_buffer_begin(buf),
627: (void)HASH_HashBuf(HASH_AlgSHA1,
638: (void)SHA1(
643: (void)HASH_HashBuf(HASH_AlgSHA1,
Event: Unbound sources comment
Message: ./fipscc_nios/unbound/validator/val_nsec3.c:650:#endif /* HAVE_EVP_SHA1 or NSS */
Event: Case of switch(algo) in function ds_digest_size_supported(int algo) which returns size of DS digest according to its hash algorithm
Message: ./fipscc_nios/unbound/validator/val_secalgo.c:
82:#ifdef HAVE_EVP_SHA1
83: case LDNS_SHA1:
Event: Case of switch(algo) in function secalgo_ds_digest
Message: ./fipscc_nios/unbound/validator/val_secalgo.c:
122:#ifdef HAVE_EVP_SHA1
123: case LDNS_SHA1:
124: (void)SHA1(buf, len, res);
Event: Cases of switch(id) in function dnskey_algo_id_is_supported which returns true if DNSKEY algorithm id is supported
Message: ./fipscc_nios/unbound/validator/val_secalgo.c:
161: case LDNS_RSASHA1:
162: case LDNS_RSASHA1_NSEC3:
Event: Cases of switch(algo) in function setup_key_digest which setups key and digest for verification
Message: ./fipscc_nios/unbound/validator/val_secalgo.c:
323: case LDNS_RSASHA1:
324: case LDNS_RSASHA1_NSEC3:
Event: Code in case LDNS_RSASHA512 of switch(algo)in function setup_key_digest
Message: ./fipscc_nios/unbound/validator/val_secalgo.c:359: *digest_type = EVP_sha1();
Event: Case of switch(algo) in function ds_digest_size_supported
Message: ./fipscc_nios/unbound/validator/val_secalgo.c:
572: case LDNS_SHA1:
573: return SHA1_LENGTH;
Event: Case of switch(algo) in function secalgo_ds_digest
Message: ./fipscc_nios/unbound/validator/val_secalgo.c:
595: case LDNS_SHA1:
596: return HASH_HashBuf(HASH_AlgSHA1, res, buf, len)
Event: Cases of switch(id) in function dnskey_algo_id_is_supported
Message: ./fipscc_nios/unbound/validator/val_secalgo.c:
627: case LDNS_RSASHA1:
628: case LDNS_RSASHA1_NSEC3:
Event: Code in function SECKEYPublicKey* nss_buf2dsa(unsigned char* key, size_t len)
Message: ./fipscc_nios/unbound/validator/val_secalgo.c:
743: if(len < (size_t)1 + SHA1_LENGTH + 3*length)
747: Q.len = SHA1_LENGTH;
748: offset += SHA1_LENGTH;
Event: hash prefix to prepend to hash output, from RFC3110
Message: ./fipscc_nios/unbound/validator/val_secalgo.c:853: static unsigned char p_sha1[] = {0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2B,
Event: Code in case LDNS_DSA, case LDNS_DSA_NSEC3 of switch(algo) in function nss_setup_key_digest
Message: ./fipscc_nios/unbound/validator/val_secalgo.c:874: *htype = HASH_AlgSHA1;
Event: Cases of switch(algo) in function nss_setup_key_digest
Message: ./fipscc_nios/unbound/validator/val_secalgo.c:
877: case LDNS_RSASHA1:
878: case LDNS_RSASHA1_NSEC3:
Event: Code in case LDNS_RSASHA512 of switch(algo) in function nss_setup_key_digest which setups key and digest for verification
Message: ./fipscc_nios/unbound/validator/val_secalgo.c:
906: *htype = HASH_AlgSHA1;
907: *prefix = p_sha1;
908: *prefixlen = sizeof(p_sha1);
Event: Code in function verify_canonrrset which checks a canonical sig+rrset and signature against a dnskey
Message: ./fipscc_nios/unbound/validator/val_secalgo.c:995: if(sigblock_len == 1+2*SHA1_LENGTH) {
Event: Unbound sources macro definition
Message: ./fipscc_nios/unbound/validator/val_nsec3.h:
96:/** The SHA1 hash algorithm for NSEC3 */
97:#define NSEC3_HASH_SHA1 0x01
Event: Unbound sources macro undefinition
Message: ./fipscc_nios/unbound/config.h.in:
116:/* Define to 1 if you have the `EVP_sha1' function. */
117:#undef HAVE_EVP_SHA1
Event: Argument of call verifytest_file in function verify_test
Message: ./fipscc_nios/unbound/testcode/unitverify.c:509: verifytest_file("testdata/test_sigs.sha1_and_256", "20070829144150");
Event: Argument of call dstest_file in function verify_test
Message: ./fipscc_nios/unbound/testcode/unitverify.c:530: dstest_file("testdata/test_ds.sha1");
Event: Unbound documentation
Message: ./fipscc_nios/unbound/doc/Changelog:2185: - change unbound-control-setup from 1024(sha1) to 1536(sha256).
Event: Unbound documentation
Message: ./fipscc_nios/unbound/doc/Changelog:3396: - fixup SHA256 DS downgrade, no longer possible to downgrade to SHA1.
Event: Content of diff file for validator/val_secalgo.c
Message: ./fipscc_nios/unbound/contrib/patch_rsamd5_enable.diff:
13: case LDNS_RSASHA1:
22: case LDNS_RSASHA1:
Event: Code in bash script configure
Message: ./fipscc_nios/unbound/configure:16735:for ac_func in OPENSSL_config EVP_sha1 EVP_sha256 EVP_sha512 FIPS_mode
Event: Binary JAR file for our Web UI
Message: Binary file ./fipscc_nios/webui/target/com.infoblox.client.generator/cxf/lib/jaxb-xjc-2.1.12.jar
Event: Encryption types
Message:./fipscc_nios/webui/platform/src/plugins/com.infoblox.util.localization/src/com/infoblox/util/localization/messages.properties:
3338:EncType.AES_128_CTS_HMAC_SHA_1_96=aes128-cts-hmac-sha1-96
3339:EncType.AES_256_CTS_HMAC_SHA_1_96=aes256-cts-hmac-sha1-96
Event: Algorithm key enumeration items
Message:./fipscc_nios/webui/platform/src/plugins/com.infoblox.util.localization/src/com/infoblox/util/localization/messages.properties:
3743:AlgorithmKeyEnum.SHA_1_1024=SHA-1 1024
3744:AlgorithmKeyEnum.SHA_1_2048=SHA-1 2048
Event: Pre-defined authentication types in BFD template
Message:./fipscc_nios/webui/platform/src/plugins/com.infoblox.util.localization/src/com/infoblox/util/localization/messages.properties:
4023:BFDTemplatesAuthType.SHA1 = SHA-1
4024:BFDTemplatesAuthType.METICULOUS-SHA1 = Meticulous SHA-1
Event: Algorithm types
Message:./fipscc_nios/webui/platform/src/plugins/com.infoblox.module.dns/src/com/infoblox/module/dns/localization/messages.properties:
47:AlgorithmType.RsaSha1.5=RSA/SHA1 (5)
48:AlgorithmType.RsaSha1Nsec3.7=RSA/SHA1/NSEC3 (7)
Event: Algorithm types
Message:./fipscc_nios/webui/platform/src/plugins/com.infoblox.module.dns/src/com/infoblox/nios/ui/widget/editor/zone/auth/dnssec/AbstractSigningKeysTablePanel.properties:
7:AlgorithmType.5=RSA/SHA-1
9:AlgorithmType.7=RSA/SHA-1(NSEC3)
Event: Algorithm types
Message:./fipscc_nios/webui/platform/src/plugins/com.infoblox.module.dns/src/com/infoblox/nios/ui/widget/editor/common/panel/dnssec/DnsSecTablePanel.properties:
8:AlgorithmType.RsaSha1.5=RSA/SHA1 (5)
9:AlgorithmType.RsaSha1Nsec3.7=RSA/SHA1/NSEC3 (7)
Event: Algorithm type
Message:./fipscc_nios/webui/platform/src/plugins/com.infoblox.module.dns/src/com/infoblox/nios/ui/widget/editor/common/panel/dnssec/key/KeySigningTable.java:60: private final String RSA_SHA1_5 = new StringResourceModel("AlgorithmType."+DnssecSupportedAlgorithm.RSASHA_1, this, null).getObject(); //$NON-NLS-1$
Event: Check algorithm type in function createEditorComponent.setObject
Message:./fipscc_nios/webui/platform/src/plugins/com.infoblox.module.dns/src/com/infoblox/nios/ui/widget/editor/common/panel/dnssec/key/KeySigningTable.java:360: else if (o.equals(RSA_SHA1_5)) {
Event: Return algorithm type in function createEditorComponent.getObject
Message:./fipscc_nios/webui/platform/src/plugins/com.infoblox.module.dns/src/com/infoblox/nios/ui/widget/editor/common/panel/dnssec/key/KeySigningTable.java:382: return RSA_SHA1_5;
Event: Return list of algorithm types in function getAlgorithmList
Message:./fipscc_nios/webui/platform/src/plugins/com.infoblox.module.dns/src/com/infoblox/nios/ui/widget/editor/common/panel/dnssec/key/KeySigningTable.java:
533: return new String [] {DSA_3,RSA_MD5_1,RSA_SHA1_5,RSA_SHA2_8_256,RSA_SHA2_10_512};
535: return new String [] {DSA_3,RSA_SHA1_5,RSA_SHA2_8_256,RSA_SHA2_10_512};
Event: Algorithm type
Message:./fipscc_nios/webui/platform/src/plugins/com.infoblox.module.dns/src/com/infoblox/nios/ui/widget/editor/common/panel/dnssec/key/KeySigningTable.properties:6:AlgorithmType.RSASHA_1=RSA/SHA-1
Event: Items of choices array
Message:./fipscc_nios/webui/platform/src/plugins/com.infoblox.module.dns/src/com/infoblox/nios/ui/widget/editor/common/panel/dnssec/DnsSecTablePanel.java:
251: new StringResourceModel("AlgorithmType.RsaSha1.5", this, null).getString(), //$NON-NLS-1$
252: new StringResourceModel("AlgorithmType.RsaSha1Nsec3.7", this, null).getString(), //$NON-NLS-1$
Event: Toolbar item
Message:./fipscc_nios/webui/platform/src/plugins/com.infoblox.module/src/com/infoblox/nios/ui/page/IBExtMainPage.properties:354:ToolbarItem.RSASHA1.Text=RSASHA1
Event: Pre-defined authentication types in BFD template
Message:./fipscc_nios/webui/platform/src/plugins/com.infoblox.module/src/com/infoblox/nios/ui/widget/bfdtemplate/BFDTemplatesTable.properties:
17:BFDTemplatesTable.SHA_1 = SHA-1
18:BFDTemplatesTable.METICULOUS_SHA_1 = Meticulous SHA-1
Event: NIOS Web UI source comment to class PasswordLengthValidator
Message:./fipscc_nios/webui/platform/src/plugins/com.infoblox.module/src/com/infoblox/nios/ui/widget/bfdtemplate/BFDTemplateWidget.java:283: * and 4-20 characters for SHA1 and Meticulous-SHA1
Event: Comments to class AlgorithmKeyModel
Message:./fipscc_nios/webui/platform/src/plugins/com.infoblox.module/src/com/infoblox/nios/ui/dialog/AlgorithmKeyModel.java:
22: * SHA-1 1024
23: * SHA-1 2048
Event: Item of generateItems IToolbarMenuItem list in function createClientCertificateDropDownMenu
Message:./fipscc_nios/webui/platform/src/plugins/com.infoblox.module.grid/src/com/infoblox/nios/ui/page/gridmanager/GridManagerVerticalToolbarContent.java:766: new StringResourceModel("ToolbarItem.RSASHA1.Text", container, null), //$NON-NLS-1$
Event: Item of viewItems IToolbarMenuItem list in function createClientCertificateDropDownMenu
Message:./fipscc_nios/webui/platform/src/plugins/com.infoblox.module.grid/src/com/infoblox/nios/ui/page/gridmanager/GridManagerVerticalToolbarContent.java:780: new StringResourceModel("ToolbarItem.RSASHA1.Text", container, null), //$NON-NLS-1$
Event: Item of downloadItems IToolbarMenuItem list in function createClientCertificateDropDownMenu
Message:./fipscc_nios/webui/platform/src/plugins/com.infoblox.module.grid/src/com/infoblox/nios/ui/page/gridmanager/GridManagerVerticalToolbarContent.java:794: new StringResourceModel("ToolbarItem.RSASHA1.Text", container, null), //$NON-NLS-1$
Event: Python documentation
Message: ./fipscc_nios/docs/python-notes/valgrind-python.supp:343: fun:SHA1_Update Valgrind/
Event: Python documentation
Message: ./fipscc_nios/docs/python-notes/valgrind-python.supp:349: fun:SHA1_Update Valgrind/
Event: Check algorithm type in function gen_hsm_client_cert
Message: ./fipscc_nios/products/one/script/Infoblox/Session.pm:1501: if ($args{'algorithm'} !~ /^(RSASHA1|RSASHA256)$/) {
Event: Error message in function gen_hsm_client_cert
Message: ./fipscc_nios/products/one/script/Infoblox/Session.pm:1502: set_error_codes(1103, $args{'algorithm'} . ' is an unsupported algorithm, valid values are: RSASHA1 or RSASHA256', $self);
Event: Check algorithm type in function export_data
Message: ./fipscc_nios/products/one/script/Infoblox/Session.pm:5950: if ($args{'algorithm'} !~ /^(RSASHA1|RSASHA256)$/) {
Event: Error message in function export_data
Message: ./fipscc_nios/products/one/script/Infoblox/Session.pm:5951: return set_error_codes(1103, $args{'algorithm'} . ' is an unsupported algorithm, valid values are: RSASHA1 or RSASHA256', $self);
Event: Algorithm type in _allowed_members
Message: ./fipscc_nios/products/one/script/Infoblox/IBAP/DNS_Zone.pm:4449: 'algorithm' => {simple => 'asis', enum => ['RSAMD5', 'DSA', 'RSASHA1', 'RSASHA256', 'RSASHA512']},
Event: Enum items in function enctype
Message: ./fipscc_nios/products/one/script/Infoblox/IBAP/Grid_Misc.pm:
469: 'aes128-cts-hmac-sha1-96',
470: 'aes256-cts-hmac-sha1-96',
Event: Authentication type in %_allowed_members
Message: ./fipscc_nios/products/one/script/Infoblox/IBAP/Grid_Misc.pm:1655: 'authentication_type' => {simple => 'asis', enum => ['NONE', 'MD5', 'METICULOUS-MD5', 'SHA1', 'METICULOUS-SHA1']},
Event: Digest type in _allowed_members
Message: ./fipscc_nios/products/one/script/Infoblox/IBAP/DNS_RecordsDNSSec.pm:350: 'digest_type' => {readonly => 1, enum => ['SHA1', 'SHA256', '1', '2']},
Event: Item of digest type mappings
Message: ./fipscc_nios/products/one/script/Infoblox/IBAP/DNS_RecordsDNSSec.pm:390: 'SHA1' => 'SHA_1',
Event: Item of reverse digest type mappings
Message: ./fipscc_nios/products/one/script/Infoblox/IBAP/DNS_RecordsDNSSec.pm:397: 'SHA_1' => 'SHA1',
Event: Items of _alg_hash_ mappings
Message: ./fipscc_nios/products/one/script/Infoblox/Util.pm:
7675: 5 => 'RSASHA1',
7677: 7 => 'NSEC3RSASHA1',
Event: Algorithm mappings for dnssec KSK and ZSK algorithms
Message: ./fipscc_nios/products/one/script/Infoblox/Util.pm:
7795: | RSASHA1 | RSASHA1 | NSEC |
7797: | NSEC3RSASHA1 | RSASHA1 | NSEC3 |
7804: | 5 | RSASHA1 | NSEC |
7808: | 7 | RSASHA1 | NSEC3 |
Event: Items of mappings _nsec3_algorithm_mappings
Message: ./fipscc_nios/products/one/script/Infoblox/Util.pm:
7816: NSEC3RSASHA1 => 'RSASHA1',
7818: 7 => 'RSASHA1',
Event: Items of mappings _nsec_algorithm_mappings
Message: ./fipscc_nios/products/one/script/Infoblox/Util.pm:
7827: RSASHA1 => 'RSASHA1',
7832: 5 => 'RSASHA1',
Event: Comments in function dnssec_key_algorithms_list_update
Message: ./fipscc_nios/products/one/script/Infoblox/Util.pm:
7984: # dnssec_ksk_algorithm -> NSEC3RSASHA1, next_secure_type -> NSEC3
7985: # if we change dnssec_ksk_algorithm -> RSASHA1,
Event: Dictionary of possible authentication types in NIOS IBAP for BFD
Message: ./fipscc_nios/products/one/server/src/ibap/bfdobj.py:22: ['NONE', 'MD5', 'METICULOUS-MD5', 'SHA1', 'METICULOUS-SHA1'],
Event: Constant definitions
Message: ./fipscc_nios/products/one/server/src/lib/one_safenet/cryptoki.h:
391:#define CKA_FINGERPRINT_SHA1 (CKA_VENDOR_DEFINED | 0x0002):
423:#define CKM_SHA1_RSA_PKCS 0x00000006
427:#define CKM_SHA1_RSA_X9_31 0x0000000C
429:#define CKM_SHA1_RSA_PKCS_PSS 0x0000000E
433:#define CKM_DSA_SHA1 0x00000012
549:#define CKM_SSL3_SHA1_MAC 0x00000381
552:#define CKM_SHA1_KEY_DERIVATION 0x00000392
563:#define CKM_PBE_SHA1_CAST5_CBC 0x000003A5
563:#define CKM_PBE_SHA1_CAST5_CBC 0x000003A5
564:#define CKM_PBE_SHA1_CAST128_CBC 0x000003A5
565:#define CKM_PBE_SHA1_RC4_128 0x000003A6
566:#define CKM_PBE_SHA1_RC4_40 0x000003A7
567:#define CKM_PBE_SHA1_DES3_EDE_CBC 0x000003A8
568:#define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003A9
569:#define CKM_PBE_SHA1_RC2_128_CBC 0x000003AA
570:#define CKM_PBE_SHA1_RC2_40_CBC 0x000003AB
606:#define CKM_ECDSA_SHA1 0x00001042
659:#define CKM_SHA1_KEY_DERIVATION_OLD_XXX CKM_VENDOR_DEFINED_OLD_XXX + 20 // SPKM & SLL added capabilities
665:#define CKM_PBE_SHA1_CAST5_CBC_OLD_XXX CKM_VENDOR_DEFINED_OLD_XXX + 26 // Entrust added capabilities
674:#define CKM_PBE_SHA1_DES3_EDE_CBC_OLD CKM_VENDOR_DEFINED_OLD_XXX + 30
675:#define CKM_PBE_SHA1_DES2_EDE_CBC_OLD CKM_VENDOR_DEFINED_OLD_XXX + 31
687:#define CKM_KCDSA_SHA1 (CKM_VENDOR_DEFINED + 0x109)
785:#define CKP_PKCS5_PBKD2_HMAC_SHA1 0x00000001
808:#define CKD_SHA1_KDF 0x00000002
816:#define CKD_SHA1_NIST_KDF 0x00000012
823:#define CKD_SHA1_SES_KDF 0x82000000
835:#define CKD_SHA1_KDF_ASN1 0x00000003
836:#define CKD_SHA1_KDF_CONCATENATE 0x00000004
838:#define CKD_SHA1_KDF_CONCATENATE_X9_42 CKD_SHA1_KDF_CONCATENATE
839:#define CKD_SHA1_KDF_CONCATENATE_NIST 0x80000001
841:#define CKD_SHA1_KDF_ASN1_X9_42 CKD_SHA1_KDF_ASN1 // not supported
842:#define CKD_SHA1_KDF_ASN1_NIST 0x80000002 // not supported
899:#define CKMS_HMAC_SHA1 0x00000001
900:#define CKMS_SHA1 0x00000002
954:#define CKG_MGF1_SHA1 0x00000001
Event: Commented out items in bitmap kerb_EncTypes
Message: ./fipscc_nios/products/one/server/src/lib/msrpc/idl/security.idl:
413:// KERB_ENCTYPE_AES128_CTS_HMAC_SHA1_96 = 0x00000008,
414:// KERB_ENCTYPE_AES256_CTS_HMAC_SHA1_96 = 0x00000010
Event: Code to assign digest_algo in function ipki_regenerate_csr_from_db
Message: ./fipscc_nios/products/one/server/src/lib/pki/ipki_api.c:
392: if (strcasecmp(csr.algorithm, "SHA-1") == 0)
393: digest_algo = IB_ALG_SHA1;
Event: Case of switch (a_digest) in function ipki_build_csr
Message: ./fipscc_nios/products/one/server/src/lib/pki/ipki_gen.c:
823: case IB_ALG_SHA1:
824: IPKICALL(X509_REQ_sign(csr, a_key, EVP_sha1()));
Event: Case of switch (a_digest) in function ipki_create_selfsigned_cert
Message: ./fipscc_nios/products/one/server/src/lib/pki/ipki_gen.c:
1091: case IB_ALG_SHA1:
1092: IPKICALL(X509_sign(cert, privkey, EVP_sha1()));
Event: Argument of call X509_sign in function ipki_sign_cert
Message: ./fipscc_nios/products/one/server/src/lib/pki/ipki_gen.c:1189: IPKICALL(X509_sign(cert, privkey, EVP_sha1()));
Event: Comment to the module
Message: ./fipscc_nios/products/one/server/src/admin_conn/cookie.py:15:common hashes. Note that the recent vulerabilities in md5 (and sha1)
Event: Module variables
Message: ./fipscc_nios/products/one/server/src/admin_conn/cookie.py:
40:SHA1 = 'sha1'
45:_SHA1_LEN_B64 = 27
Event: Comments to class IBCookie
Message: ./fipscc_nios/products/one/server/src/admin_conn/cookie.py:
66: - The hmac is an md5 or sha1 hmac over the data and the salt,
68: md5, 27 chars for sha1). There is no separator between salt
Event: Code in function load
Message: ./fipscc_nios/products/one/server/src/admin_conn/cookie.py:
117: if len(cookie) - cookie.rfind(',') == _SHA1_LEN_B64 + _SALT_LEN_B64 + 1:
118: hlen = _SHA1_LEN_B64
119: hmactype = SHA1
Event: Assigning digestmod in function _hmac
Message: ./fipscc_nios/products/one/server/src/admin_conn/cookie.py:139: digestmod = hashlib.sha1 if hmactype == SHA1 else hashlib.md5
Event: Argument of call cookie.IBCookie in function _encode_ticket
Message: ./fipscc_nios/products/one/server/src/admin_conn/objcalls.py:1425: hmactype=cookie.SHA1)
Event: Argument of call cookie.IBCookie in function _decode_ticket
Message: ./fipscc_nios/products/one/server/src/admin_conn/objcalls.py:1431: c = cookie.IBCookie(hmactype=cookie.SHA1)
Event: Comments to the module
Message: ./fipscc_nios/products/one/server/src/admin_conn/cryptfuncs.py:13:# base64(, <20 bytes sha1(password+salt)>
Event: Comments to function _getsshasalt
Message: ./fipscc_nios/products/one/server/src/admin_conn/cryptfuncs.py:48: '''Extract the salt from a special IB sha1 passwd hash. hashepsw should be
Event: Comments to function _compute_ssha
Message: ./fipscc_nios/products/one/server/src/admin_conn/cryptfuncs.py:55: '''Compute the special IB sha1 passwd hash, not including the prefix
Event: Function call hashlib.sha1 in function _compute_ssha
Message: ./fipscc_nios/products/one/server/src/admin_conn/cryptfuncs.py:57: h = hashlib.sha1(clearpsw.encode('utf-8') + salt).digest()
Event: Import variable = SHA1= from module cookie
Message: ./fipscc_nios/products/one/server/src/admin_conn/userauth.py:42:from infoblox.one.admin_conn.cookie import (IBCookie, getsecret, SHA1,
Event: Assigning hmactype in function get_cookie
Message: ./fipscc_nios/products/one/server/src/admin_conn/userauth.py:346: hmactype = SHA1
Event: Assigning hmactype in function _check_cookie
Message: ./fipscc_nios/products/one/server/src/admin_conn/userauth.py:
1144: hmactype = SHA1
1150: hmactype = SHA1
Event: Commented out item in list TSIG_KEY_ALGORITHMS
Message: ./fipscc_nios/products/one/server/src/admin_conn/objtype.py:124:#'HMAC-SHA1',
Event: Comment in PagingPageID.__init__
Message: ./fipscc_nios/products/one/server/src/admin_conn/wapibase.py:1041: '''Create a paging cookie container, it will use SHA1
Event: Argument of call hmac.HMAC in function _hmac
Message: ./fipscc_nios/products/one/server/src/admin_conn/wapibase.py:1068: h = hmac.HMAC(self.secret, msg=data, digestmod=hashlib.sha1)
Event: Assign hmactype in function generateIAC which generates extended time cookie for PAPI jobs from NetMRI
Message: ./fipscc_nios/products/one/server/src/pyutil/tae_util.py:476: hmactype = 'sha1'
Event: Part of the code to verify the private key matches the public key in the certificate in function _check_join_info
Message: ./fipscc_nios/products/one/server/src/pyutil/subgrid.py:
140: signature = RSA_key_pair.sign(digest, 'sha1')
143: if user_pub_rsa.verify(digest, signature, 'sha1') != 1:
Event: Assign local variable digest_algo in function util_generate_and_encode_csr
Message: ./fipscc_nios/products/one/server/src/pyutil/ibutil.c:5917: IB_DIGEST_ALGORITHM digest_algo = IB_ALG_SHA1;
Event: Assign local variable digest_algo in function util_sign_csr
Message: ./fipscc_nios/products/one/server/src/pyutil/ibutil.c:6086: IB_DIGEST_ALGORITHM digest_algo = IB_ALG_SHA1;
Event: Authentication type mapping for one.bfd_template
Message: ./fipscc_nios/products/one/server/src/pyutil/installdbmappings.py:
1603: 'sha1': 'SHA1',
1604: 'meticulous-sha1': 'METICULOUS-SHA1'},
Event: Comment to function _set_old_default_grid_dnssec_algorithm
Message: ./fipscc_nios/products/one/server/src/pyutil/testutils/dnssec_test_mixin.py:372: """Set grid level DNSSEC algorithm to RSASHA1
Event: Arguments of function call self._change_grid_dnssec_settings
Message: ./fipscc_nios/products/one/server/src/pyutil/testutils/dnssec_test_mixin.py:
378: self._change_grid_dnssec_settings(ksk_algorithm='RSASHA1',
379: zsk_algorithm='RSASHA1',
Event: Item of enumlist of field algorithm in class WAPIStruct_dnsseckeyalgorithm_2_0
Message: ./fipscc_nios/products/one/server/src/wapi/grid.py:118: enumlist=['RSAMD5', 'DSA', 'RSASHA1', 'RSASHA256',
Event: Assign algorithm type in WFEnumAlgorithm.w2i
Message: ./fipscc_nios/products/one/server/src/wapi/grid.py:
155: algorithm = 'RSASHA1'
161: algorithm = 'RSASHA1'
Event: Assign algorithm type in WFEnumAlgorithm.i2w
Message: ./fipscc_nios/products/one/server/src/wapi/grid.py:180: elif algorithm == 'RSASHA1':
Event: Item of enumlist of field algorithm in class WAPIStruct_generatecsr_2_6
Message: ./fipscc_nios/products/one/server/src/wapi/fileops.py:2651: enumlist=['SHA-1', 'SHA-256'],
Event: Dictionary of possible authentication types in NIOS WAPI for BFD
Message: ./fipscc_nios/products/one/server/src/wapi/bfdtemplate.py:44: enumlist=['NONE', 'MD5', 'METICULOUS-MD5', 'SHA1',
Event: Dictionary of possible authentication types in NIOS IBAP for BFD
Message: ./fipscc_nios/products/one/server/src/wapi/bfdtemplate.py:45: 'METICULOUS-SHA1'],
Event: Item of list SFNT_SIG_ALGORITHMS
Message: ./fipscc_nios/products/one/server/src/pyabs/one_include.py:460:SFNT_SIG_ALGORITHMS = ['RSASHA1', 'RSASHA256']
Event: Item of list ONE_SIG_ALGORITHMS
Message: ./fipscc_nios/products/one/server/src/pyabs/one_include.py:461:ONE_SIG_ALGORITHMS = ['SHA-1', 'SHA-256']
Event: Item of dictionary HSM_VER_SIGN_DICT
Message: ./fipscc_nios/products/one/server/src/pyabs/hsm_safenet_group.py:91:HSM_VER_SIGN_DICT = {'LunaSA_4': 'sha1WithRSAEncryption',
Event: Setting db_algorithm and digest in function insert
Message: ./fipscc_nios/products/one/server/src/pyabs/self_signed_cert.py:
88: elif self['algorithm'] in ('RSASHA1', 'SHA-1'):
89: db_algorithm = 'SHA-1'
90: digest = 'sha1'
Event: Assign default algorithm type in function one_assign_self_signed_certificate
Message: ./fipscc_nios/products/one/server/src/pyabs/certificate.py:243: algorithm = "RSASHA1"
Event: Check key size and algorithm type in function generate_csr
Message: ./fipscc_nios/products/one/server/src/pyabs/certificate.py:1045: (args['key_size'] == 4096 and args['algorithm'] == 'SHA-1'):
Event: Setting algorithm type in function generate_csr
Message: ./fipscc_nios/products/one/server/src/pyabs/certificate.py:1053: args['algorithm'] = 'SHA-1'
Event: Check key size and algorithm type in function generate_self_signed_cert
Message: ./fipscc_nios/products/one/server/src/pyabs/certificate.py:1102: (args['key_size'] == 4096 and args['algorithm'] == 'SHA-1'):
Event: Setting algorithm type in function generate_self_signed_cert
Message: ./fipscc_nios/products/one/server/src/pyabs/certificate.py:1110: args['algorithm'] = 'SHA-1'
Event: Key length definition
Message: ./fipscc_nios/products/one/server/src/bin/ib_prngd/main.c:36:#define RESULT_LEN 20 // As per hash engine, i.e. SHA1 needs 20 characters. Moreover, SP 800-90A suggests 160 bits either
Event: Comments to function hmac_sha1
Message: ./fipscc_nios/products/one/server/src/bin/ib_prngd/main.c:
463: * SHA-1 in one go. It will make all of the other much easier to read.
467: * @param a_output (ib_dstring *) output to return the result back to caller, for SHA-1 it must be 20 characters of length
Event: Definition of function hmac_sha1
Message: ./fipscc_nios/products/one/server/src/bin/ib_prngd/main.c:472:hmac_sha1(const ib_dstring *a_key, const ib_dstring *a_v, ib_dstring *a_output)
Event: Call of EVP_sha1() in function hmac_sha1
Message: ./fipscc_nios/products/one/server/src/bin/ib_prngd/main.c:486: HMAC_Init_ex(&ctx, a_key->m_str, a_key->m_len, EVP_sha1(), NULL);
Event: Call of hmac_sha1 in function hmac_drbg_update
Message: ./fipscc_nios/products/one/server/src/bin/ib_prngd/main.c:
538: ICALL(hmac_sha1(key, buf, key));
545: ICALL(hmac_sha1(key, v, v));
562: ICALL(hmac_sha1(key, buf, key));
568: ICALL(hmac_sha1(key, v, v));
Event: Call of hmac_sha1 in function hmac_drbg_generate
Message: ./fipscc_nios/products/one/server/src/bin/ib_prngd/main.c:773: ICALL(hmac_sha1(key, v, v_out));
Event: TBD comment in function main
Message: ./fipscc_nios/products/one/server/src/bin/ib_prngd/main.c:1086: * Suggested to just concatenate (i.e. use buf, no hmac_sha1) and send to instantiate.
Event: Items of enum ssh_macs_setting_t
Message: ./fipscc_nios/products/one/server/src/bin/make_sshd_conf/main.c:
31: SSH_SHA1 = 1,
32: SSH_SHA1_ETM = 2,
Event: Item of mapping tls_ssh_mapping_t g_macs_mapping[]
Message: ./fipscc_nios/products/one/server/src/bin/make_sshd_conf/main.c:76: {"SHA", "hmac-sha1,hmac-sha1-etm@openssh.com", SSH_SHA1 | SSH_SHA1_ETM},
Event: Argument of function ipki_generate_csr
Message: ./fipscc_nios/products/one/server/src/bin/make_default_apache_cert/main.c:163: a_data->m_db_pool, &name_list, IB_IPKI_PUB_KEY_SIZE_2048, IB_ALG_SHA1,
Event: Argument of function ipki_create_selfsigned_cert
Message: ./fipscc_nios/products/one/server/src/bin/make_default_apache_cert/main.c:167: a_data->m_db_pool, IB_ALG_SHA1, NULL,
Event: Check optarg to set usage_flag in function mhc_process_command_line
Message: ./fipscc_nios/products/one/server/src/bin/sfnt_client_cert_changed/main.c:86: if (strcmp(optarg, "RSASHA1") &&
Event: Print usage in function mhc_process_command_line
Message: ./fipscc_nios/products/one/server/src/bin/sfnt_client_cert_changed/main.c:116: fprintf (stderr, "Usage: %s -a "
Event: Mechanism types
Message: ./fipscc_nios/products/one/server/src/bin/show_safenet_keylabel/e_gem.h:
72:#define CKM_SHA1_RSA_PKCS 0x00000006
74:#define CKM_SHA1_RSA_X9_31 0x0000000C
84:#define CKM_ECDSA_SHA1 0x00001042
Event: Attribute type
Message: ./fipscc_nios/products/one/server/src/bin/show_safenet_keylabel/e_gem.h:152:#define CKA_FINGERPRINT_SHA1 (CKA_VENDOR_DEFINED | 0x0002)
Event: Definition for OAEP
Message: ./fipscc_nios/products/one/server/src/bin/show_safenet_keylabel/e_gem.h:601:#define CKG_MGF1_SHA1 0x00000001
Event: The argument of command /usr/sbin/openvpn in function cd_start_replica_vpn
Message: ./fipscc_nios/products/one/server/src/bin/clusterd/util.c:3452: args[argno++] = "SHA1";
Event: The argument of command /usr/sbin/openvpn in function cd_start_master_vpn
Message: ./fipscc_nios/products/one/server/src/bin/clusterd/util.c:3636: args[argno++] = "SHA1";
Event: Part of the code to derive a serial number from a string in function cd_derive_serial
Message: ./fipscc_nios/products/one/server/src/bin/clusterd/util.c:4915: ITEST(EVP_DigestInit(&ctx, EVP_sha1()) == 1, IERR_FAILURE);
Event: Setting options in CC mode
Message: ./fipscc_nios/products/one/server/src/bin/util/upload_backup_scp.pl:
76: $options .= ' -o MACs=hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96';
77: $options .= ' -o KexAlgorithms=diffie-hellman-group14-sha1';
Event: Item in dictionary SFNET_FACT_CONF_DICT - backup configuration file name
Message: ./fipscc_nios/products/one/server/src/bin/util/hsm_safenet_reset_client_cert.py:14: 'RSASHA1':
Event: Setting options in CC mode
Message: ./fipscc_nios/products/one/server/src/bin/util/download_hotfix_scp.pl:
74: $options .= ' -o MACs=hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96';
75: $options .= ' -o KexAlgorithms=diffie-hellman-group14-sha1';
Event: Input parameters
Message: ./fipscc_nios/products/one/server/src/bin/util/hsm_safenet_generate_client_cert.sh:12:# $1: RSASHA1 | RSASHA256
Event: Check type of the input parameter
Message: ./fipscc_nios/products/one/server/src/bin/util/hsm_safenet_generate_client_cert.sh:21: if [ "$1" == "RSASHA1" ];
Event: Check type of the input parameter
Message: ./fipscc_nios/products/one/server/src/bin/util/hsm_safenet_generate_client_cert.sh:72: if [ "$1" == "RSASHA1" ];
Event: Print GSSD encrypt types in function show_dns_gss_tsig_counters
Message: ./fipscc_nios/products/one/server/src/bin/serial_console/show.c:
10245: PCRYPTO("aes128-cts-hmac-sha1-96", GSSD_ETYPE_AES128_CTS_HMAC_SHA1_96);
10246: PCRYPTO("aes256-cts-hmac-sha1-96", GSSD_ETYPE_AES256_CTS_HMAC_SHA1_96);
Event: Item of enum IB_DIGEST_ALGORITHM
Message: ./fipscc_nios/products/one/server/include/infoblox/one/ipki_gen.h:118: IB_ALG_SHA1,
Event: Create public key in function create_temp_cert
Message: ./fipscc_nios/products/gog/server/src/pyutil/cert_util.py:346: public_key = M2Crypto.EVP.PKey(md='sha1')
Event: Create sign key in function create_temp_cert
Message: ./fipscc_nios/products/gog/server/src/pyutil/cert_util.py:355: sign_key = M2Crypto.EVP.PKey(md='sha1')
Event: Sign X509 certificate request in function m2_generate_and_encode_csr
Message: ./fipscc_nios/products/gog/server/src/pyutil/cert_util.py:429: req.sign(pkey, 'sha1')
Event: Sign X509 certificate in function m2_create_cert_and_sign
Message: ./fipscc_nios/products/gog/server/src/pyutil/cert_util.py:550: cert.sign(sign_key, 'sha1')
Event: The argument of command /usr/sbin/openvpn in function anp_vpn_client
Message: ./fipscc_nios/products/netmri/server/src/bin/util/anp_vpn_client.py:101: '--auth', 'SHA1',
Event: The argument of command /usr/sbin/openvpn in function anm_vpn_server
Message: ./fipscc_nios/products/netmri/server/src/bin/util/anm_vpn_server.py:97: '--auth', 'SHA1',
Event: Assigning authentication protocol in function snmp_task_data_init
Message: ./fipscc_nios/products/bind/server/src/bin/idns_healthd/snmp_monitor.c:752: ss.securityAuthProto = usmHMACSHA1AuthProtocol;
Event: Cases of switch ((unsigned int)mech) in function const char *NFC_mechanism2name(CK_MECHANISM_TYPE mech), macros M: #define M(MECH) case MECH: return #MECH
Message: ./fipscc_nios/products/dns/server/src/lib/thales_preload/ckerrcode.c:
259:#ifdef CKM_SHA1_RSA_PKCS
260: M(CKM_SHA1_RSA_PKCS);
277:#ifdef CKM_SHA1_RSA_X9_31
278: M(CKM_SHA1_RSA_X9_31);
283:#ifdef CKM_SHA1_RSA_PKCS_PSS
284: M(CKM_SHA1_RSA_PKCS_PSS);
292:#ifdef CKM_DSA_SHA1
293: M(CKM_DSA_SHA1);
643:#ifdef CKM_SSL3_SHA1_MAC
644: M(CKM_SSL3_SHA1_MAC);
652:#ifdef CKM_SHA1_KEY_DERIVATION
653: M(CKM_SHA1_KEY_DERIVATION);
679:#ifdef CKM_PBE_SHA1_CAST128_CBC
680: M(CKM_PBE_SHA1_CAST128_CBC);
682:#ifdef CKM_PBE_SHA1_DES3_EDE_CBC
683: M(CKM_PBE_SHA1_DES3_EDE_CBC);
685:#ifdef CKM_PBE_SHA1_DES2_EDE_CBC
686: M(CKM_PBE_SHA1_DES2_EDE_CBC);
688:#ifdef CKM_PBE_SHA1_RC2_128_CBC
689: M(CKM_PBE_SHA1_RC2_128_CBC);
691:#ifdef CKM_PBE_SHA1_RC2_40_CBC
692: M(CKM_PBE_SHA1_RC2_40_CBC);
697:#ifdef CKM_PBA_SHA1_WITH_SHA1_HMAC
698: M(CKM_PBA_SHA1_WITH_SHA1_HMAC);
796:#ifdef CKM_ECDSA_SHA1
797: M(CKM_ECDSA_SHA1);
884: M(CKM_PBE_SHA1_ARCFOUR_128);
885: M(CKM_PBE_SHA1_ARCFOUR_40);
889: M(CKM_PBE_SHA1_RC4_128);
890: M(CKM_PBE_SHA1_RC4_40);
918: case CKM_KCDSA_SHA1:
919: return "CKM_KCDSA_SHA1";
Event: Constant definition
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/pkcs11/pkcs11extra.h:58:#define CKM_KCDSA_SHA1 (CKM_NCIPHER + 0x4UL)
Event: Constant definition
Message: ./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/pkcs11/pkcs11extra.h:
168:#ifndef CKD_SHA1_KDF
182:#define CKD_SHA1_KDF 0x00000002
Event: Thales sources comment
Message: ./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/pkcs11/pkcs11t.h:637:/* CKM_MD2_RSA_PKCS, CKM_MD5_RSA_PKCS, and CKM_SHA1_RSA_PKCS
Event: Constant definition
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/pkcs11/pkcs11t.h:641:#define CKM_SHA1_RSA_PKCS 0x00000006
Event: Thales sources comment
Message: ./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/pkcs11/pkcs11t.h:649:/* CKM_RSA_X9_31_KEY_PAIR_GEN, CKM_RSA_X9_31, CKM_SHA1_RSA_X9_31,
Event: Thales sources comment
Message: ./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/pkcs11/pkcs11t.h:650: * CKM_RSA_PKCS_PSS, and CKM_SHA1_RSA_PKCS_PSS are new for v2.11 */
Event: Constant definitions
Message: ./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/pkcs11/pkcs11t.h:
653:#define CKM_SHA1_RSA_X9_31 0x0000000C
655:#define CKM_SHA1_RSA_PKCS_PSS 0x0000000E
659:#define CKM_DSA_SHA1 0x00000012
845:#define CKM_SSL3_SHA1_MAC 0x00000381
848:#define CKM_SHA1_KEY_DERIVATION 0x00000392
864:#define CKM_PBE_SHA1_CAST5_CBC 0x000003A5
865:#define CKM_PBE_SHA1_CAST128_CBC 0x000003A5
866:#define CKM_PBE_SHA1_RC4_128 0x000003A6
867:#define CKM_PBE_SHA1_RC4_40 0x000003A7
868:#define CKM_PBE_SHA1_DES3_EDE_CBC 0x000003A8
869:#define CKM_PBE_SHA1_DES2_EDE_CBC 0x000003A9
870:#define CKM_PBE_SHA1_RC2_128_CBC 0x000003AA
871:#define CKM_PBE_SHA1_RC2_40_CBC 0x000003AB
876:#define CKM_PBA_SHA1_WITH_SHA1_HMAC 0x000003C0
947:#define CKM_ECDSA_SHA1 0x00001042
1286:#define CKG_MGF1_SHA1 0x00000001
1333:#define CKD_SHA1_KDF 0x00000002
1390:#define CKD_SHA1_KDF_ASN1 0x00000003
1391:#define CKD_SHA1_KDF_CONCATENATE 0x00000004
1765:#define CKP_PKCS5_PBKD2_HMAC_SHA1 0x00000001
Event: Items of enum M_KeyType and comments to them
Message: ./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-en.h:
1251: ** by hashing seed using SHA-1 to generate q. For other
1280: /** A key usable with the HMACSHA1 mechanism
1282: * See \ref KeyType_HMACSHA1 for more information.
1284: KeyType_HMACSHA1 = 27,
1487: ** a hash algorithm other than SHA-1.
Event: Items of enum M_Mech and comments to them
Message: ./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-en.h:
1590: ** plaintext. A Bytes plaintext is hashed using SHA-1 before
1631: /** The SHA-1 hash function as standardized in FIPS180-1
1633: * See \ref Mech_SHA1Hash for more information.
1635: Mech_SHA1Hash = 44,
1651: /** The HMAC construction using the SHA-1 hash function
1653: * See \ref Mech_HMACSHA1 for more information.
1655: Mech_HMACSHA1 = 55,
1678: ** A Bytes plaintext is hashed using SHA-1 to form a Hash plaintext. A
1683: * See \ref Mech_RSAhSHA1pPKCS1 for more information.
1685: Mech_RSAhSHA1pPKCS1 = 59,
1689: ** A Bytes plaintext is hashed using SHA-1 to form a Hash plaintext. A
1698: ** MGF1 with SHA-1 is used as the mask generation function.
1800: Mech_DES3wSHA1 = 102,
1811: Mech_KCDSASHA1 = 111,
1827: ** - KDF2 key derivation function, using SHA-1 as the underlying hash function
1828: ** - Triple-DES-CBC-IV0 with 24-byte keys (@ref Mech_DLIESe3DEShSHA1) as the symmetric
1830: ** - MAC1 based on SHA-1 as the message authentication scheme, with 160-bit output
1833: * See \ref Mech_DLIESe3DEShSHA1 for more information.
1835: Mech_DLIESe3DEShSHA1 = 124,
1839: ** - KDF2 key derivation function, using SHA-1 as the underlying hash function
1840: ** - AES256-CBC-IV0 with 16-byte keys (@ref Mech_DLIESeAEShSHA1) as the symmetric
1842: ** - MAC1 based on SHA-1 as the message authentication scheme, with 160-bit output
1845: * See \ref Mech_DLIESeAEShSHA1 for more information.
1847: Mech_DLIESeAEShSHA1 = 125,
1871: Mech_BlobCryptv2kHasheRijndaelCBC0hSHA1mSHA1HMAC = 141,
1872: Mech_BlobCryptv2kRSAeRijndaelCBC0hSHA1mSHA1HMAC = 142,
1873: Mech_BlobCryptv2kDHeRijndaelCBC0hSHA1mSHA1HMAC = 143,
1875: Mech_BlobCryptv2kHasheDES3CBC0hSHA1mSHA1HMAC = 145,
1876: Mech_BlobCryptv2kRSAeDES3CBC0hSHA1mSHA1HMAC = 146,
1877: Mech_BlobCryptv2kDHeDES3CBC0hSHA1mSHA1HMAC = 147,
1885: ** or Bytes plaintext. A Bytes plaintext is hashed using SHA-1 before
1907: ** Bytes or Hash plaintext. A Bytes plaintext is hashed using SHA-1.
1908: ** SHA-1 is also used for mask generation. This mechanism assumes a
1914: * See \ref Mech_RSAhSHA1pPSS for more information.
1916: Mech_RSAhSHA1pPSS = 160,
Event: Thales documentation groups for enumeration constants
Message: ./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-en.h:
5379: * by hashing seed using SHA-1 to generate q. For other
5416:/** \defgroup KeyType_HMACSHA1 KeyType_HMACSHA1
5419: * A key usable with the HMACSHA1 mechanism
5748: * a hash algorithm other than SHA-1.
5779: * plaintext. A Bytes plaintext is hashed using SHA-1 before
5804:/** \defgroup Mech_SHA1Hash Mech_SHA1Hash
5807: * The SHA-1 hash function as standardized in FIPS180-1
5832:/** \defgroup Mech_HMACSHA1 Mech_HMACSHA1
5835: * The HMAC construction using the SHA-1 hash function
5838: * - \ref M_Mech_SHA1Hash_Cipher
5871:/** \defgroup Mech_RSAhSHA1pPKCS1 Mech_RSAhSHA1pPKCS1
5877: * A Bytes plaintext is hashed using SHA-1 to form a Hash plaintext. A
5893: * A Bytes plaintext is hashed using SHA-1 to form a Hash plaintext. A
5907: * MGF1 with SHA-1 is used as the mask generation function.
6042:/** \defgroup Mech_DLIESe3DEShSHA1 Mech_DLIESe3DEShSHA1
6048: * - KDF2 key derivation function, using SHA-1 as the underlying hash function
6049: * - Triple-DES-CBC-IV0 with 24-byte keys (@ref Mech_DLIESe3DEShSHA1) as the symmetric
6051: * - MAC1 based on SHA-1 as the message authentication scheme, with 160-bit output
6055:/** \defgroup Mech_DLIESeAEShSHA1 Mech_DLIESeAEShSHA1
6061: * - KDF2 key derivation function, using SHA-1 as the underlying hash function
6062: * - AES256-CBC-IV0 with 16-byte keys (@ref Mech_DLIESeAEShSHA1) as the symmetric
6064: * - MAC1 based on SHA-1 as the message authentication scheme, with 160-bit output
6068: * - \ref M_Mech_DLIESe3DEShSHA1_Cipher
6101: * or Bytes plaintext. A Bytes plaintext is hashed using SHA-1 before
6121:/** \defgroup Mech_RSAhSHA1pPSS Mech_RSAhSHA1pPSS
6125: * Bytes or Hash plaintext. A Bytes plaintext is hashed using SHA-1.
6126: * SHA-1 is also used for mask generation. This mechanism assumes a
8569: ** default of SHA-1. */
Event: KDPKeyType codes
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-akdp-dh.h:37:#define KDPKeyType_HMACSHA1 161
Event: UserAuthScheme codes
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-akdp-dh.h:69:#define UserAuthScheme_SHA1Passphrase 1
Event: Comments to Data structure formats
Message: ./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-akdp-dh.h:
96: * DATA for KDPKeyType = HMACSHA1
233: * CREDENTIALS for UserAuthScheme = SHA1Passphrase
234: * HASH sha1passphrase
Event: Comments to function NFast_BuildCmdCert which creates a certificate
Message: ./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/nfastapp.h:1688: * placed in \a cert_out. The SHA-1 hash of this is calculated
Event: Comments to function NFast_Hash which calculates SHA-1 hash
Message: ./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/nfastapp.h:
1849:/** Calculate SHA-1 hash
1853: * @param hash_out Where to store SHA-1 hash
Event: Comment to field M_Hash sarfilehash; of struct _sarfileinfo - SAR file information
Message: ./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/nfastapp.h:1979: /** SHA-1 hash of payload */
Event: Constant definitions
Message: ./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-tdm.h:
269:extern const NF_StructType NF_Type_Mech_DLIESe3DEShSHA1_Cipher;
297:extern const NF_StructType NF_Type_Mech_SHA1Hash_Cipher;
Event: Comments to struct M_KeyType_Random_GenParams
Message: ./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-im.h:969: * This is the variant of \ref M_KeyType__GenParams chosen where the tag is any of \ref KeyType_Random, \ref KeyType_ArcFour, \ref KeyType_CAST, \ref KeyType_HMACMD5, \ref KeyType_HMACSHA1, \ref KeyType_HMACRIPEMD160, \ref KeyType_Serpent, \ref KeyType_Rijndael, \ref KeyType_Twofish, \ref KeyType_CAST256, \ref KeyType_Blowfish, \ref KeyType_HMACSHA224, \ref KeyType_HMACSHA256, \ref KeyType_HMACSHA384, \ref KeyType_HMACSHA512, \ref KeyType_HMACTiger, \ref KeyType_ARIA or \ref KeyType_Camellia.
Event: Comments to struct M_KeyType_DSACommVariableSeed_GenParams
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-im.h:1019: ** a hash algorithm other than SHA-1.
Event: Comments to struct M_KeyType_DSAComm_GenParams
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-im.h:1602: ** by hashing seed using SHA-1 to generate q. For other
Event: Comments to struct M_KeyType_Random_Data
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-im.h:1887: * This is the variant of \ref M_KeyType__Data chosen where the tag is any of \ref KeyType_Random, \ref KeyType_ArcFour, \ref KeyType_CAST, \ref KeyType_Wrapped, \ref KeyType_HMACMD5, \ref KeyType_HMACSHA1, \ref KeyType_HMACRIPEMD160, \ref KeyType_Serpent, \ref KeyType_Rijndael, \ref KeyType_Twofish, \ref KeyType_CAST256, \ref KeyType_Blowfish, \ref KeyType_HMACSHA224, \ref KeyType_HMACSHA256, \ref KeyType_HMACSHA384, \ref KeyType_HMACSHA512, \ref KeyType_HMACTiger, \ref KeyType_SEED, \ref KeyType_ARIA or \ref KeyType_Camellia.
Event: Comments to struct M_KeyType_DSACommVariableSeed_Data
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-im.h:1940: ** a hash algorithm other than SHA-1.
Event: Comments to struct M_KeyType_DSAComm_Data
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-im.h:2132: ** by hashing seed using SHA-1 to generate q.
Event: Comments to struct M_Mech_RSApPKCS1OAEP_IV
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-im.h:2408: ** MGF1 with SHA-1 is used as the mask generation function.
Event: Comments to struct M_Mech_DSA_Cipher
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-im.h:2625: ** plaintext. A Bytes plaintext is hashed using SHA-1 before
Event: Comment to typedef struct M_Mech_DLIESe3DEShSHA1_Cipher M_Mech_DLIESe3DEShSHA1_Cipher;
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-im.h:2678:/* --- Structure Mech_DLIESe3DEShSHA1_Cipher --- */
Event: type M_Mech_DLIESe3DEShSHA1_Cipher; definition
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-im.h:2680:typedef struct M_Mech_DLIESe3DEShSHA1_Cipher M_Mech_DLIESe3DEShSHA1_Cipher;
Event: Comments to struct M_Mech_DLIESe3DEShSHA1_Cipher
Message: ./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-im.h:
2682:/* --- Structure Mech_DLIESe3DEShSHA1_Cipher --- */
2684:/** \addtogroup Mech_DLIESe3DEShSHA1
2691: ** - KDF2 key derivation function, using SHA-1 as the underlying hash function
2692: ** - Triple-DES-CBC-IV0 with 24-byte keys (@ref Mech_DLIESe3DEShSHA1) as the symmetric
2694: ** - MAC1 based on SHA-1 as the message authentication scheme, with 160-bit output
2697: * This is the variant of \ref M_Mech__Cipher chosen where the tag is either \ref Mech_DLIESe3DEShSHA1 or \ref Mech_DLIESeAEShSHA1.
Event: struct M_Mech_DLIESe3DEShSHA1_Cipher definition
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-im.h:2699:struct M_Mech_DLIESe3DEShSHA1_Cipher {
Event: Field of struct M_Mech_SSL3FinishedMsg_Cipher
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-im.h:2792: M_Hash20 sha1hash;
Event: Comment to struct M_Mech_ECDSA_Cipher
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-im.h:2909: ** or Bytes plaintext. A Bytes plaintext is hashed using SHA-1 before
Event: Comment to typedef struct M_Mech_SHA1Hash_Cipher M_Mech_SHA1Hash_Cipher;
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-im.h:3092:/* --- Structure Mech_SHA1Hash_Cipher --- */
Event: type M_Mech_SHA1Hash_Cipher definition
Message: ./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-im.h:3094:typedef struct M_Mech_SHA1Hash_Cipher M_Mech_SHA1Hash_Cipher;
Event: Comments to struct M_Mech_SHA1Hash_Cipher
Message: ./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-im.h:
3096:/* --- Structure Mech_SHA1Hash_Cipher --- */
3098:/** \addtogroup Mech_SHA1Hash
3102:/** The SHA-1 hash function as standardized in FIPS180-1
3104: * This is the variant of \ref M_Mech__Cipher chosen where the tag is either \ref Mech_SHA1Hash or \ref Mech_HMACSHA1.
Event: struct M_Mech_SHA1Hash_Cipher definition
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-im.h:3106:struct M_Mech_SHA1Hash_Cipher {
Event: Fields of union M_Mech__Cipher and comments to them
Message: ./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-im.h:
3127: /** if tag is \ref Mech_DLIESe3DEShSHA1 */
3128: M_Mech_DLIESe3DEShSHA1_Cipher dliese3deshsha1;
3183: /** if tag is \ref Mech_SHA1Hash */
3184: M_Mech_SHA1Hash_Cipher sha1hash;
Event: Comment to field M_Mech kdfhash; of struct M_DeriveMech_ECCMQV_DKParams
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-im.h:4039: ** Supported mechanisms are SHA1Hash, SHA224Hash,
Event: Comment to const KeyType_DSAComm definition
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-dh.h:1140: ** by hashing seed using SHA-1 to generate q.
Event: Const KeyType_HMACSHA1 definition with comments
Message: ./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-dh.h:
1169: /** A key usable with the HMACSHA1 mechanism
1171: * See \ref KeyType_HMACSHA1 for more information.
1173:#define KeyType_HMACSHA1 27
Event: Comment to const KeyType_DSACommVariableSeed definition
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-dh.h:1376: ** a hash algorithm other than SHA-1.
Event: Comment to const Mech_DSA definition (Digital Signature Algorithm)
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-dh.h:1446: ** plaintext. A Bytes plaintext is hashed using SHA-1 before
Event: Const Mech_SHA1Hash definition with comments
Message: ./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-dh.h:
1487: /** The SHA-1 hash function as standardized in FIPS180-1
1489: * See \ref Mech_SHA1Hash for more information.
#define Mech_SHA1Hash 44
Event: Const Mech_HMACSHA1 definition with comments
Message: ./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-dh.h:
1507: /** The HMAC construction using the SHA-1 hash function
1509: * See \ref Mech_HMACSHA1 for more information.
1511:#define Mech_HMACSHA1 55
Event: Const Mech_RSAhSHA1pPKCS1 definition with comments
Message: ./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-dh.h:
1534: ** A Bytes plaintext is hashed using SHA-1 to form a Hash plaintext. A
1539: * See \ref Mech_RSAhSHA1pPKCS1 for more information.
1541:#define Mech_RSAhSHA1pPKCS1 59
Event: Comment to const Mech_RSAhRIPEMD160pPKCS1 definition
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-dh.h:1545: ** A Bytes plaintext is hashed using SHA-1 to form a Hash plaintext.
Event: Comment to const Mech_RSApPKCS1OAEP definition
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-dh.h:1554: ** MGF1 with SHA-1 is used as the mask generation function.
Event: Const Mech_DES3wSHA1 definition
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-dh.h:1656:#define Mech_DES3wSHA1 102
Event: Const Mech_KCDSASHA1 definition
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-dh.h:1667:#define Mech_KCDSASHA1 111
Event: Const Mech_DLIESe3DEShSHA1 definition with comments
Message: ./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-dh.h:
1683: ** - KDF2 key derivation function, using SHA-1 as the underlying hash function
1684: ** - Triple-DES-CBC-IV0 with 24-byte keys (@ref Mech_DLIESe3DEShSHA1) as the symmetric
1686: ** - MAC1 based on SHA-1 as the message authentication scheme, with 160-bit output
1689: * See \ref Mech_DLIESe3DEShSHA1 for more information.
1691:#define Mech_DLIESe3DEShSHA1 124
Event: Const Mech_DLIESeAEShSHA1 definition with comments
Message: ./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-dh.h:
1695: ** - KDF2 key derivation function, using SHA-1 as the underlying hash function
1696: ** - AES256-CBC-IV0 with 16-byte keys (@ref Mech_DLIESeAEShSHA1) as the symmetric
1698: ** - MAC1 based on SHA-1 as the message authentication scheme, with 160-bit output
1701: * See \ref Mech_DLIESeAEShSHA1 for more information.
1703:#define Mech_DLIESeAEShSHA1 125
Event: Const Mech_BlobCryptv2kHasheRijndaelCBC0hSHA1mSHA1HMAC definition
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-dh.h:1727:#define Mech_BlobCryptv2kHasheRijndaelCBC0hSHA1mSHA1HMAC 141
Event: Const Mech_BlobCryptv2kRSAeRijndaelCBC0hSHA1mSHA1HMAC definition
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-dh.h:1728:#define Mech_BlobCryptv2kRSAeRijndaelCBC0hSHA1mSHA1HMAC 142
Event: Const Mech_BlobCryptv2kDHeRijndaelCBC0hSHA1mSHA1HMAC definition
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-dh.h:1729:#define Mech_BlobCryptv2kDHeRijndaelCBC0hSHA1mSHA1HMAC 143
Event: Const Mech_BlobCryptv2kHasheDES3CBC0hSHA1mSHA1HMAC definition
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-dh.h:1731:#define Mech_BlobCryptv2kHasheDES3CBC0hSHA1mSHA1HMAC 145
Event: Const Mech_BlobCryptv2kRSAeDES3CBC0hSHA1mSHA1HMAC definition
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-dh.h:1732:#define Mech_BlobCryptv2kRSAeDES3CBC0hSHA1mSHA1HMAC 146
Event: Const Mech_BlobCryptv2kDHeDES3CBC0hSHA1mSHA1HMAC definition
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-dh.h:1733:#define Mech_BlobCryptv2kDHeDES3CBC0hSHA1mSHA1HMAC 147
Event: Comments to const Mech_ECDSA definition
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-dh.h:1741: ** or Bytes plaintext. A Bytes plaintext is hashed using SHA-1 before
Event: Const Mech_RSAhSHA1pPSS definition with comments
Message: ./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-dh.h:
1763: ** Bytes or Hash plaintext. A Bytes plaintext is hashed using SHA-1.
1764: ** SHA-1 is also used for mask generation. This mechanism assumes a
1770: * See \ref Mech_RSAhSHA1pPSS for more information.
1772:#define Mech_RSAhSHA1pPSS 160
Event: Comment to const KeyType_DSAPrivate_GenParams_flags_qhash_present definition Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-dh.h:4438: ** default of SHA-1. */
Event: Comments to Data structure formats
Message:./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/messages-a-dh.h:
6578: * CIPHER for Mech = DLIESe3DEShSHA1
6595: * HASH20 sha1hash
6668: * CIPHER for Mech = SHA1Hash
9244: * IV for Mech = BlobCryptv2kHasheDES3CBC0hSHA1mSHA1HMAC
9245: * IV for Mech = KCDSASHA1
9252: * IV for Mech = RSAhSHA1pPKCS1
9258: * IV for Mech = BlobCryptv2kRSAeRijndaelCBC0hSHA1mSHA1HMAC
9271: * IV for Mech = DES3wSHA1
9274: * IV for Mech = DLIESe3DEShSHA1
9284: * IV for Mech = HMACSHA1
9297: * IV for Mech = DLIESeAEShSHA1
9324: * IV for Mech = BlobCryptv2kHasheRijndaelCBC0hSHA1mSHA1HMAC
9326: * IV for Mech = RSAhSHA1pPSS
9335: * IV for Mech = BlobCryptv2kDHeDES3CBC0hSHA1mSHA1HMAC
9345: * IV for Mech = SHA1Hash
9346: * IV for Mech = BlobCryptv2kRSAeDES3CBC0hSHA1mSHA1HMAC
9348: * IV for Mech = BlobCryptv2kDHeRijndaelCBC0hSHA1mSHA1HMAC
Event: Comment to function NCH_hexout - Marshaled-hex format routine
Message: ./fipscc_nios/products/dns/server/src/lib/thales_preload/thales/include/hilibs/stdmarshal.h:122:/* Note, if you use these, you must link against the nfast SHA1 implementation;
Event: Options returned by function algname
Message: ./fipscc_nios/products/dns/server/src/lib/dnsdb/zone.c:
112: return ("(RSASHA1)");
116: return ("(NSEC3RSASHA1)");
Event: Items of dictionary enctype_enummap
Message: ./fipscc_nios/products/dns/server/src/wapi/kerberoskey.py:
15: 'AES128-CTS-HMAC-SHA1-96': 'aes128-cts-hmac-sha1-96',
16: 'AES256-CTS-HMAC-SHA1-96': 'aes256-cts-hmac-sha1-96',
Event: Items of dictionary DNSSEC_ALGORITHM_MNEMONICS
Message: ./fipscc_nios/products/dns/server/src/pyabs/dns_include.py:
108: '5' : (' 5', 'RSASHA1', 'RSA/SHA-1'),
110: '7' : (' 7', 'NSEC3RSASHA1', 'RSA/SHA-1/NSEC3'),
Event: Comments to list SUPPORTED_ALGORITHMS
Message: ./fipscc_nios/products/dns/server/src/pyabs/dnssec_common.py:62:# algorithms are for internal use only, and DSA and RSASHA1 will be converted
Event: Items of list SUPPORTED_ALGORITHMS
Message: ./fipscc_nios/products/dns/server/src/pyabs/dnssec_common.py:64:SUPPORTED_ALGORITHMS = ['RSAMD5', 'DSA', 'RSASHA1', 'RSASHA256', 'RSASHA512']
Event: Items of ALGORITHMS_NAME_DICT
Message: ./fipscc_nios/products/dns/server/src/pyabs/dnssec_common.py:
71: '5': 'RSASHA1',
73: '7': 'NSEC3RSASHA1',
Event: Item of DIGEST_TYPES_NAME_DICT
Message: ./fipscc_nios/products/dns/server/src/pyabs/dnssec_common.py:83: DIGEST_TYPES_NAME_DICT = { '1': 'SHA_1',
Event: digest_sha1=True is argument of function gen_key_file_and_ds_record which puts the DNSKEY record information into a file, it is called in function common_generate_ds_record
Message: ./fipscc_nios/products/dns/server/src/pyabs/dnssec_common.py:765: digest_sha1=True,
Event: digest_sha1=True is the argument of function gen_dsrecord_from_dnskey which generates DSRecord file from DNS key
Message: ./fipscc_nios/products/dns/server/src/pyabs/dnssec_common.py:821:def gen_dsrecord_from_dnskey(input_file, output_file, digest_sha1=True,
Event: Using argument digest_sha1 of function gen_dsrecord_from_dnskey
Message: ./fipscc_nios/products/dns/server/src/pyabs/dnssec_common.py:826: if digest_sha1 and digest_sha256:
Event: digest_sha1=True is the argument of function gen_key_file_and_ds_record which puts the DNSKEY record information into a file
Message: ./fipscc_nios/products/dns/server/src/pyabs/dnssec_common.py:851:def gen_key_file_and_ds_record(fqdn, obj, output_file, digest_sha1=True,
Event: Using digest_sha1 as the argument of function gen_dsrecord_from_dnskey which generates DSRecord file from DNS key
Message: ./fipscc_nios/products/dns/server/src/pyabs/dnssec_common.py:866: gen_dsrecord_from_dnskey(dnskey_file, output_file, digest_sha1,
Event: Comments to function common_validate_algorithm_size
Message: ./fipscc_nios/products/dns/server/src/pyabs/dnssec_common.py:1161: ''' Only are RSASHA1 NSEC3RSASHA1 RSASHA256 RSASHA512 approved in CC mode
Event: Comments to function common_validate_algorithm_size_obj
Message: ./fipscc_nios/products/dns/server/src/pyabs/dnssec_common.py:1193: Only are RSASHA1 NSEC3RSASHA1 RSASHA256 RSASHA512 approved in CC mode
Event: Comments to function DnsSecKeyReader.import_keys
Message: ./fipscc_nios/products/dns/server/src/pyabs/dnssec_common.py:1404: Algorithm: 5 (RSASHA1)
Event: Comments in function DnsSecKeyReader._read_private_key
Message: ./fipscc_nios/products/dns/server/src/pyabs/dnssec_common.py:1529: m = re.match('(\d+).*', algorithm_str) # e.g. "5 (RSASHA1)"
Event: Comments to function DnsSecKeyWriter.export_keypairs
Message: ./fipscc_nios/products/dns/server/src/pyabs/dnssec_common.py:1640: Algorithm: 5 (RSASHA1)
Event: Item in conversion table ui_to_internal in function validate_algorithms_and_convert
Message: ./fipscc_nios/products/dns/server/src/pyabs/dnssec_common.py:4326: 'RSASHA1': '5',
Event: Comment in function validate_algorithms_and_convert
Message: ./fipscc_nios/products/dns/server/src/pyabs/dnssec_common.py:4374: # Convert DSA and RSASHA1 to NSEC3 versions if NSEC3 selected
Event: Items in conversion table for Internal->UI conversion num_to_str in function get_synthetic_algorithms_field
Message: ./fipscc_nios/products/dns/server/src/pyabs/dnssec_common.py:
4402: '5': 'RSASHA1',
4404: '7': 'RSASHA1',
Event: Comments in function get_algorithms_namesize_strings
Message: ./fipscc_nios/products/dns/server/src/pyabs/dnssec_common.py:4493: Such as 'RSASHA1' has code of 5 while 'NSEC3RSASHA1' hash code of 7,
...
316: 7 : 'OLD-DES3-CBC-SHA1',
320: 16 : 'DES3-CBC-SHA1',
321: 17 : 'AES128-CTS-HMAC-SHA1-96',
322: 18 : 'AES256-CTS-HMAC-SHA1-96',
Event: Comments related to CC_MODE_GSS_TSIG_ALGS - subset of GSS_TSIG_ALGS_NAME_DICT for CC mode
Message: ./fipscc_nios/products/dns/server/src/pyabs/dhcp_common.py:
336:# CC mode alg AES128-CTS-HMAC-SHA1-96 id=17,
337:# AES256-CTS-HMAC-SHA1-96 id=18
Event: Text of error message INVALID_GSS_TSIG_KEY_CC which means invalid encryption type in CC mode
Message: ./fipscc_nios/products/dns/server/src/pyabs/dhcp_common.py:707: "Only AES128_CTS_HMAC_SHA1_96 or AES256_CTS_HMAC_SHA1_96 algorithms are "
...