| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
Reviewed-by: Richard Levitte <levitte@openssl.org>
GH: #1330
|
| |
|
|
|
|
|
|
| |
Add script to find unused err/reason codes
Remove unused reason codes.
Remove entries for unused functions
Reviewed-by: Matt Caswell <matt@openssl.org>
|
| |
|
|
| |
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This was done by the following
find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
print unless $. == 1 && m@/\* .*\.[ch] \*/@;
close ARGV if eof; # Close file to reset $.
And then some hand-editing of other files.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
|
| |
|
|
|
|
|
| |
Rebuild error source files: the new mkerr.pl functionality will now
pick up and translate static function names properly.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
The functions BN_rshift and BN_lshift shift their arguments to the right or
left by a specified number of bits. Unpredicatable results (including
crashes) can occur if a negative number is supplied for the shift value.
Thanks to Mateusz Kocielski (LogicalTrust), Marek Kroemeke and Filip Palian
for discovering and reporting this issue.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
|
| |
|
|
| |
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
| |
|
|
| |
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
| |
|
|
| |
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
| |
|
|
|
|
| |
This change adds the option to calculate (EC)DSA nonces by hashing the
message and private key along with entropy to avoid leaking the private
key if the PRNG fails.
|
| |
|
|
|
|
|
|
|
|
|
| |
requested size. Fixes OpenSSL #2701.
This change does not address the cases of generating safe primes, or
where the |add| parameter is non-NULL.
Conflicts:
crypto/bn/bn.h
crypto/bn/bn_err.c
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
timing attacks.
BN_FLG_EXP_CONSTTIME requests this algorithm, and this done by default for
RSA/DSA/DH private key computations unless
RSA_FLAG_NO_EXP_CONSTTIME/DSA_FLAG_NO_EXP_CONSTTIME/
DH_FLAG_NO_EXP_CONSTTIME is set.
Submitted by: Matthew D Wood
Reviewed by: Bodo Moeller
|
| |
|
|
|
| |
(Also improve util/ck_errf.pl script, and occasionally
fix source code formatting.)
|
| |
|
|
|
|
|
|
|
|
|
| |
- possibility of re-creation of the blinding parameters after a
fixed number of uses (suggested by Bodo)
- calculatition of the rsa::e in case it's absent and p and q
are present (see bug report #785)
- improve the performance when if one rsa structure is shared by
more than a thread (see bug report #555)
- fix the problem described in bug report #827
- hide the definition ot the BN_BLINDING structure in bn_blind.c
|
| |
|
|
| |
("perl util/ck_errf.pl */*.c */*/*.c" still reports many more.)
|
| | |
|
| |
|
|
|
|
|
| |
ec_curve.c (unify comments, etc).
Submitted by: Nils Larsch
Reviewed by: Bodo Moeller, Geoff Thorpe
|
| | |
|
| |
|
|
|
|
|
|
| |
The 'OPENSSL_NO_SUN_DIV' default is still subject to change,
so I didn't bother to finish the CHANGES entry yet.
Submitted by: Douglas Stebila <douglas.stebila@sun.com>, Sheueling Chang <sheueling.chang@sun.com>
(CHANGES entry by Bodo Moeller)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.
I've checked fairly well that nothing breaks with this (apart from
external software that will adapt if they have used something like
NO_KRB5), but I can't guarantee it completely, so a review of this
change would be a good thing.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bleichenbacher's DSA attack. With this implementation, the expected
number of iterations never exceeds 2.
New semantics for BN_rand_range():
BN_rand_range(r, min, range) now generates r such that
min <= r < min+range.
(Previously, BN_rand_range(r, min, max) generated r such that
min <= r < max.
It is more convenient to have the range; also the previous
prototype was misleading because max was larger than
the actual maximum.)
|
| | |
|
| |
|
|
| |
might overflow.
|
| | |
|
| |
|
|
|
|
| |
This caused a segmentation fault in calls to malloc, so I cleaned up
bn_lib.c a little so that it is easier to see what is going on.
The bug turned out to be an off-by-one error in BN_bin2bn.
|
| | |
|
| |
|
|
| |
marginally faster BN_mod_exp for 1024 bit exponents.
|
| | |
|
| | |
|
| |
|
|
| |
Avoid enabled 'assert()' in production library.
|
| |
|
|
|
| |
temporary BIGNUMs. BN_CTX still uses a fixed number of BIGNUMs, but
the BN_CTX implementation could now easily be changed.
|
| |
|
|
|
|
|
| |
script, translates function codes better and doesn't need the K&R function
prototypes to work (NB. the K&R prototypes can't be wiped just yet: they are
still needed by the DEF generator...). I also ran the script with the -rewrite
option to update all the header and source files.
|
| |
|
|
|
|
| |
Submitted by:
Reviewed by:
PR:
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
but the BN code had some problems that would cause failures when
doing certificate verification and some other functions.
Submitted by: Eric A Young from a C2Net version of SSLeay
Reviewed by: Mark J Cox
PR:
|
| | |
|
| | |
|
| | |
|
| |
|
