Monthly status: July

2022-07-28 Thread Dr Paul Dale 

Significant activities throughout February included:

 * Helping our new business administrator (ongoing)
 o setting things up
 o explaining processes
 o providing guidance and suggestions
 * QUIC
 o Working on the QUIC TX Packetiser design (ongoing)
 o Working on the QUIC Connection ID Cache (ongoing)
 o Reviewing the frame encoding and decoding PR
 o Changing OSSL_TIME to be a structure
 * Working on the AVX512 CVE and the security advisory
 * Work on various upcoming blog posts and announcements
 * Assisted with the release of 3.0.5 and 1.1.1q
 * Responding to questions from support customers
 * Coverity fixes (ongoing)
 * Fix the GCM record limit check
 * Fix the get IV length calls which had several issues
 * Added fallback seeding for the stochastic cache flush

This is in addition to the usual nightly and weekly meetings, issue 
triage, pull request reviews and responding to questions etc



Pauli

Monthly Status: July

2021-08-01 Thread Dr Paul Dale 

Significant activities throughout June were:

 * Added a -fips command line option to util/wrap.pl
 * Wrote provider side PBKDF1 documentation that was missed earlier.
 * Document config_diagnostics option more widely.
 * Added other documentation that was missed.
 * Add config_diagnostics option to all of our configuration files
   (pending).
 * Moved the PVK KDF to providers for post 3.0.
 * Fix a problem with BN_div getting the remainder's sign incorrect in
   some circumstances.
 * Addressed the last old Coverity issue -- Coverity is now clean.
 * Update auto DH so that it honours the security level rather than
   picking something inappropriate and erroring.
 * Remove ERR_GET_FUNC() from the codebase.
 * Investigation Solaris failure.
 * Fix Windows makefile
 * Streamline the apps so they know more about the command line options
   given and don't search for algorithms inappropriately. Use libctx
   and propq more pervasively when specified and don't fall back to
   legacy if provider options have been specified.
 * Reallow short IVs for AES and ARIA GCM modes.
 * Fix a no-posix-io build problem.
 * Add demo code for PBKDF2, SCRYPT and GMAC.
 * Investigation into non-caching build running the test machine out of
   memory.
 * Add cross compiles to our CI loops including execution via QEMU
   where reasonable.
 * Investigation of possible problem in wrap cipher mode and multiple
   calls to update.
 * Modified CTR DRBG to allow operation without a derivation function
   in FIPS mode
 * Investigate TLS 1.3 FIPS self test requirements.
 * Investigated, compiled and run lab's test suite.
 * Review vendor evidence document.

In addition were minor pull requests, reviewing, OMC and OTC business, 
et al.