aboutsummaryrefslogtreecommitdiffstats
path: root/crypto/bn
Commit message (Collapse)AuthorAgeFilesLines
* The IRIX fix. Asm recap and corresponding declation.Andy Polyakov2001-03-272-4/+5
| | | | | | Submitted by: Reviewed by: PR:
* Completely remove mont2 stuff.Bodo Möller2001-03-152-406/+0
| | | | | | | It does not appear to be faster than the current Montgomery code except for very small moduli (somewhere between 192 and 224 bits in a 64-bit Sun environment, and even less than 192 bits on 32 bit systems).
* EC_METHOD based on bn_mont2 (not used in the library)Bodo Möller2001-03-112-9/+30
|
* More EC stuff, including EC_POINTs_mul() for simultaneous scalarBodo Möller2001-03-102-2/+2
| | | | multiplication of an arbitrary number of points.
* Instead of telling both 'make' and the user that ranlibBodo Möller2001-03-091-2/+1
| | | | | | errors can be tolerated, hide the error from 'make'. This gives shorter output both if ranlib fails and if it works.
* Bug fixes.Richard Levitte2001-03-091-7/+8
|
* Implement EC_GFp_mont_method.Bodo Möller2001-03-081-3/+3
|
* CommentBodo Möller2001-03-081-0/+2
|
* Hide BN_CTX structure details.Bodo Möller2001-03-084-18/+29
| | | | Incease the number of BIGNUMs in a BN_CTX.
* Constify BN_value_one.Bodo Möller2001-03-082-2/+2
|
* More method functions for EC_GFp_simple_method.Bodo Möller2001-03-081-1/+0
|
* Code for better build under Darwin (MacOS X).Richard Levitte2001-03-072-2/+2
| | | | Submitted by Brad Dominy <jdominy@darwinuser.org>
* Fix a bug which caused BN_div to produce theDr. Stephen Henson2001-02-281-1/+5
| | | | wrong result if rm==num and num < 0.
* e_os.h does not belong with the exported headers. Do not put it thereRichard Levitte2001-02-222-123/+118
| | | | | | | | and make all files the depend on it include it without prefixing it with openssl/. This means that all Makefiles will have $(TOP) as one of the include directories.
* Use e_os2.h rather than opensslconf.h, since some needed macros areRichard Levitte2001-02-221-1/+1
| | | | defined there.
* Use new-style system-id macros everywhere possible. I hope I haven'tRichard Levitte2001-02-205-7/+7
| | | | | | | missed any. This compiles and runs on Linux, and external applications have no problems with it. The definite test will be to build this on VMS.
* Fix BN_[pseudo_]rand: 'mask' must be used even if top=-1.Bodo Möller2001-02-201-4/+3
| | | | Mention BN_[pseudo_]rand with top=-1 in CHANGES.
* Use new-style system-id macros.Richard Levitte2001-02-201-1/+1
|
* BN_rand_range() needs a BN_rand() variant that doesn't set the MSB.Ulf Möller2001-02-201-12/+15
|
* Make all configuration macros available for application by makingRichard Levitte2001-02-199-44/+49
| | | | | | | | | | | | sure they are available in opensslconf.h, by giving them names starting with "OPENSSL_" to avoid conflicts with other packages and by making sure e_os2.h will cover all platform-specific cases together with opensslconf.h. I've checked fairly well that nothing breaks with this (apart from external software that will adapt if they have used something like NO_KRB5), but I can't guarantee it completely, so a review of this change would be a good thing.
* Simplify BN_rand_rangeBodo Möller2001-02-102-8/+4
|
* Another comment change. (Previous comment does not applyBodo Möller2001-02-081-2/+2
| | | | for range = 11000000... or range = 100000...)
* Change comments. (The expected number of iterations in BN_rand_rangeBodo Möller2001-02-081-2/+2
| | | | never exceeds 1.333...).
* oops -- remove observation codeBodo Möller2001-02-081-4/+0
|
* Integrate my implementation of a countermeasure againstBodo Möller2001-02-083-7/+60
| | | | | | | | | | | | | | Bleichenbacher's DSA attack. With this implementation, the expected number of iterations never exceeds 2. New semantics for BN_rand_range(): BN_rand_range(r, min, range) now generates r such that min <= r < min+range. (Previously, BN_rand_range(r, min, max) generated r such that min <= r < max. It is more convenient to have the range; also the previous prototype was misleading because max was larger than the actual maximum.)
* Bleichenbacher's DSA attackUlf Möller2001-02-072-0/+12
|
* There is no C version of bn_div_3_wordsUlf Möller2001-01-231-1/+1
|
* The C version of bn_sub_part_words is needed not onlyBodo Möller2000-12-151-1/+1
| | | | in NO_ASM configurations
* Very few in the "README" is up-to-dateBodo Möller2000-12-151-0/+4
|
* The BN_mul bug test apparently is no longer neededBodo Möller2000-12-141-37/+0
|
* Problem: bn_mul_normal() misbehaves if the size of b is 0.Richard Levitte2000-12-131-1/+7
| | | | Solution: multiply a with 0, putting the result in r, and return.
* In bn_mul_recursive(), make sure the comba routines are only calledRichard Levitte2000-12-131-4/+7
| | | | | when both a and b are of the exact right size. This may change to something better later.
* Rewrite the extension code to use an ASN1_ITEM structureDr. Stephen Henson2000-12-131-1/+1
| | | | | | | | for its ASN1 operations as well as the old style function pointers (i2d, d2i, new, free). Change standard extensions to support this. Fix a warning in BN_mul(), bn_mul.c about uninitialised 'j'.
* bn_part_sub_word prototype.Ulf Möller2000-12-081-0/+2
|
* Fix some things that look like bugs.Bodo Möller2000-12-075-47/+111
| | | | | | One problem that looked like a problem in bn_recp.c at first turned out to be a BN_mul bug. An example is given in bn_recp.c; finding the bug responsible for this is left as an exercise.
* TEST_MUL and TEST_SQR added.Bodo Möller2000-12-071-2/+24
|
* Sign-related fixes (and tests).Bodo Möller2000-12-073-17/+30
| | | | | | BN_mod_exp_mont does not work properly yet if modulus m is negative (we want computations to be carried out modulo |m|).
* Move 'q->neg = 0' to those places where it is neededBodo Möller2000-12-071-1/+5
| | | | (just in cases someone uses a negative modulus)
* BN_mod_sqrt documentation/commentBodo Möller2000-12-061-1/+1
|
* remove a comment that shouldn't have been there any moreUlf Möller2000-12-061-1/+1
|
* Faster BN_mod_sqrt algorithm for p == 5 (8).Bodo Möller2000-12-061-5/+79
|
* Use bc's "print" feature whenever it is available,Bodo Möller2000-12-061-2/+0
| | | | not just on certain platforms.
* remove useless instructionUlf Möller2000-12-061-2/+0
|
* Intel assembler version for bn_sub_part_words(). I haven't gotUlf Möller2000-12-062-2/+215
| | | | reliable timings yet, please try it out!
* test_mod_mul is useful, let's run it more often.Ulf Möller2000-12-061-1/+3
|
* Use assert as in the rest of the BN library.Ulf Möller2000-12-051-0/+5
|
* Remove the last bn_wexpand()s that made us break constness. OfRichard Levitte2000-12-042-54/+94
| | | | | | | | | course, that means we need to handle the cases where the two arrays to bn_mul_recursive() and bn_mul_part_recursive() differ in size. I haven't yet changed the comments that describe bn_mul_recursive() and bn_mul_part_recursive(). I want this to be tested by more people before I consider this change final. Please test away!
* Change error message to "bignum too long"Bodo Möller2000-12-043-3/+3
|
* include <limits.h>Bodo Möller2000-12-031-0/+1
|
* Don't allow BIGNUMs to become so large that computations with dmaxBodo Möller2000-12-033-0/+8
| | | | might overflow.
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-17 17:38:06 +0000