Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Add flags for DH FIPS method. | Dr. Stephen Henson | 2011-06-08 | 1 | -1/+1 |
| | | | | Update/fix prototypes in fips.h | ||||
* | Rename FIPS_mode_set and FIPS_mode. Theses symbols will be defined in | Dr. Stephen Henson | 2011-05-11 | 1 | -2/+2 |
| | | | | the FIPS capable OpenSSL. | ||||
* | Return errors instead of aborting when selftest fails. | Dr. Stephen Henson | 2011-04-22 | 1 | -1/+5 |
| | |||||
* | DH keys have an (until now) unused 'q' parameter. When creating | Dr. Stephen Henson | 2011-04-07 | 1 | -2/+15 |
| | | | | | from DSA copy q across and if q present generate DH key in the correct range. | ||||
* | New SP 800-56A compliant version of DH_compute_key(). | Dr. Stephen Henson | 2011-03-08 | 1 | -0/+15 |
| | |||||
* | Transfer error redirection to fips.h, add OPENSSL_FIPSAPI to source files | Dr. Stephen Henson | 2011-02-03 | 1 | -0/+2 |
| | | | | that use it. | ||||
* | FIPS DH changes: selftest checks and key range checks. | Dr. Stephen Henson | 2011-01-26 | 1 | -0/+22 |
| | |||||
* | Change to mitigate branch prediction attacks | Bodo Möller | 2007-03-28 | 1 | -2/+2 |
| | | | | | Submitted by: Matthew D Wood Reviewed by: Bodo Moeller | ||||
* | Initialise ctx to NULL to avoid uninitialized free, noticed by | Mark J. Cox | 2006-09-29 | 1 | -1/+1 |
| | | | | Steve Kiernan | ||||
* | Introduce limits to prevent malicious keys being able to | Bodo Möller | 2006-09-28 | 1 | -0/+6 |
| | | | | | cause a denial of service. (CVE-2006-2940) [Steve Henson, Bodo Moeller] | ||||
* | fix error found by coverity: check if ctx is != NULL before calling BN_CTX_end() | Nils Larsch | 2006-03-13 | 1 | -2/+5 |
| | |||||
* | Make D-H safer, include well-known primes. | Ben Laurie | 2005-08-21 | 1 | -0/+7 |
| | |||||
* | Use BN_with_flags() in a cleaner way. | Bodo Möller | 2005-05-27 | 1 | -0/+1 |
| | |||||
* | Implement fixed-window exponentiation to mitigate hyper-threading | Bodo Möller | 2005-05-16 | 1 | -3/+24 |
| | | | | | | | | | | | | timing attacks. BN_FLG_EXP_CONSTTIME requests this algorithm, and this done by default for RSA/DSA/DH private key computations unless RSA_FLAG_NO_EXP_CONSTTIME/DSA_FLAG_NO_EXP_CONSTTIME/ DH_FLAG_NO_EXP_CONSTTIME is set. Submitted by: Matthew D Wood Reviewed by: Bodo Moeller | ||||
* | Pointer to BN_MONT_CTX could be used uninitialized. | Andy Polyakov | 2005-04-28 | 1 | -2/+2 |
| | |||||
* | Change method_mont_p from (char *) to (BN_MONT_CTX *) and remove several | Dr. Stephen Henson | 2005-04-27 | 1 | -5/+3 |
| | | | | casts. | ||||
* | Port BN_MONT_CTX_set_locked() from stable branch. | Dr. Stephen Henson | 2005-04-26 | 1 | -10/+14 |
| | | | | | The function rsa_eay_mont_helper() has been removed because it is no longer needed after this change. | ||||
* | Fix various incorrect error function codes. | Bodo Möller | 2005-04-26 | 1 | -3/+3 |
| | | | | ("perl util/ck_errf.pl */*.c */*/*.c" still reports many more.) | ||||
* | We seem to carry some rests of the 0.9.6 [engine] ENGINE framework in form | Richard Levitte | 2003-04-08 | 1 | -3/+0 |
| | | | | of unneeded includes of openssl/engine.h. | ||||
* | Add the possibility to build without the ENGINE framework. | Richard Levitte | 2003-01-30 | 1 | -0/+2 |
| | | | | PR: 287 | ||||
* | As with RSA, which was modified recently, this change makes it possible to | Geoff Thorpe | 2003-01-15 | 1 | -0/+1 |
| | | | | | | override key-generation implementations by placing handlers in the methods for DSA and DH. Also, parameter generation for DSA and DH is possible by another new handler for each method. | ||||
* | This commits changes to various parts of libcrypto required by the recent | Geoff Thorpe | 2001-09-25 | 1 | -6/+5 |
| | | | | | | | | | | | ENGINE surgery. DH, DSA, RAND, and RSA now use *both* "method" and ENGINE pointers to manage their hooking with ENGINE. Previously their use of "method" pointers was replaced by use of ENGINE references. See crypto/engine/README for details. Also, remove the ENGINE iterations from evp_test - even when the cipher/digest code is committed in, this functionality would require a different set of API calls. | ||||
* | length of secret exponent is needed only when we create one | Bodo Möller | 2001-07-27 | 1 | -2/+1 |
| | |||||
* | Undo DH_generate_key() change: s3_srvr.c was using it correctly | Bodo Möller | 2001-07-27 | 1 | -1/+6 |
| | |||||
* | DH key generation should not use a do ... while loop, | Bodo Möller | 2001-07-25 | 1 | -7/+3 |
| | | | | or bogus DH parameters can be used for launching DOS attacks | ||||
* | Don't preserve existing keys in DH_generate_key. | Bodo Möller | 2001-07-25 | 1 | -6/+10 |
| | |||||
* | Hide BN_CTX structure details. | Bodo Möller | 2001-03-08 | 1 | -13/+15 |
| | | | | Incease the number of BIGNUMs in a BN_CTX. | ||||
* | make it a loop as in dsa | Ulf Möller | 2001-02-20 | 1 | -1/+3 |
| | |||||
* | Use BN_rand_range(). | Ulf Möller | 2001-02-20 | 1 | -8/+1 |
| | |||||
* | Constify DH-related code. | Richard Levitte | 2000-11-07 | 1 | -6/+8 |
| | |||||
* | Merge the engine branch into the main trunk. All conflicts resolved. | Richard Levitte | 2000-10-26 | 1 | -5/+8 |
| | | | | At the same time, add VMS support for Rijndael. | ||||
* | Speed up DH with small generator. | Bodo Möller | 2000-06-07 | 1 | -7/+14 |
| | |||||
* | New functions BN_CTX_start(), BN_CTX_get(), BN_CTX_end() to access | Ulf Möller | 2000-02-05 | 1 | -1/+3 |
| | | | | | temporary BIGNUMs. BN_CTX still uses a fixed number of BIGNUMs, but the BN_CTX implementation could now easily be changed. | ||||
* | Initial support for DH_METHOD. Also added a DH lock. A few changes made to | Dr. Stephen Henson | 1999-08-23 | 1 | -3/+58 |
| | | | | DSA_METHOD to make it more consistent with RSA_METHOD. | ||||
* | Change #include filenames from <foo.h> to <openssl.h>. | Bodo Möller | 1999-04-23 | 1 | -3/+3 |
| | | | | | | Submitted by: Reviewed by: PR: | ||||
* | Change functions to ANSI C. | Ulf Möller | 1999-04-19 | 1 | -6/+2 |
| | |||||
* | Import of old SSLeay release: SSLeay 0.9.1b (unreleased) | Ralf S. Engelschall | 1998-12-21 | 1 | -11/+27 |
| | |||||
* | Import of old SSLeay release: SSLeay 0.9.0b | Ralf S. Engelschall | 1998-12-21 | 1 | -1/+1 |
| | |||||
* | Import of old SSLeay release: SSLeay 0.8.1b | Ralf S. Engelschall | 1998-12-21 | 1 | -0/+142 |