Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Implement internally opaque bn access from dsa | Matt Caswell | 2014-12-08 | 1 | -4/+9 |
| | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> | ||||
* | remove OPENSSL_FIPSAPI | Dr. Stephen Henson | 2014-12-08 | 1 | -1/+1 |
| | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> | ||||
* | remove FIPS module code from crypto/dsa | Dr. Stephen Henson | 2014-12-08 | 1 | -43/+0 |
| | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> | ||||
* | Rename FIPS_mode_set and FIPS_mode. Theses symbols will be defined in | Dr. Stephen Henson | 2011-05-11 | 1 | -1/+1 |
| | | | | the FIPS capable OpenSSL. | ||||
* | Add PRNG security strength checking. | Dr. Stephen Henson | 2011-04-23 | 1 | -1/+4 |
| | |||||
* | Use 0 for tbslen to perform strlen. | Dr. Stephen Henson | 2011-04-19 | 1 | -1/+1 |
| | |||||
* | Remove several of the old obsolete FIPS_corrupt_*() functions. | Dr. Stephen Henson | 2011-04-14 | 1 | -9/+0 |
| | |||||
* | Initial incomplete POST overhaul: add support for POST callback to | Dr. Stephen Henson | 2011-04-14 | 1 | -1/+2 |
| | | | | allow status of POST to be monitored and/or failures induced. | ||||
* | Update pairwise consistency checks to use SHA-256. | Dr. Stephen Henson | 2011-02-15 | 1 | -2/+1 |
| | |||||
* | Free keys if DSA pairwise error. | Dr. Stephen Henson | 2011-02-11 | 1 | -1/+5 |
| | |||||
* | Transfer error redirection to fips.h, add OPENSSL_FIPSAPI to source files | Dr. Stephen Henson | 2011-02-03 | 1 | -0/+2 |
| | | | | that use it. | ||||
* | FIPS mode DSA changes: | Dr. Stephen Henson | 2011-01-26 | 1 | -0/+45 |
| | | | | | | | | | | | | Check for selftest failures. Pairwise consistency test for RSA key generation. Use some EVP macros instead of EVP functions. Use minimal FIPS EVP where needed. Key size restrictions. | ||||
* | Change to mitigate branch prediction attacks | Bodo Möller | 2007-03-28 | 1 | -1/+1 |
| | | | | | Submitted by: Matthew D Wood Reviewed by: Bodo Moeller | ||||
* | Use BN_with_flags() in a cleaner way. | Bodo Möller | 2005-05-27 | 1 | -0/+1 |
| | |||||
* | Implement fixed-window exponentiation to mitigate hyper-threading | Bodo Möller | 2005-05-16 | 1 | -1/+14 |
| | | | | | | | | | | | | timing attacks. BN_FLG_EXP_CONSTTIME requests this algorithm, and this done by default for RSA/DSA/DH private key computations unless RSA_FLAG_NO_EXP_CONSTTIME/DSA_FLAG_NO_EXP_CONSTTIME/ DH_FLAG_NO_EXP_CONSTTIME is set. Submitted by: Matthew D Wood Reviewed by: Bodo Moeller | ||||
* | Make sure we get the definition of OPENSSL_NO_DSA and OPENSSL_NO_SHA. | Richard Levitte | 2003-03-20 | 1 | -1/+1 |
| | |||||
* | As with RSA, which was modified recently, this change makes it possible to | Geoff Thorpe | 2003-01-15 | 1 | -0/+9 |
| | | | | | | override key-generation implementations by placing handlers in the methods for DSA and DH. Also, parameter generation for DSA and DH is possible by another new handler for each method. | ||||
* | Change all calls to low level digest routines in the library and | Dr. Stephen Henson | 2001-06-19 | 1 | -1/+0 |
| | | | | | | | | | | applications to use EVP. Add missing calls to HMAC_cleanup() and don't assume HMAC_CTX can be copied using memcpy(). Note: this is almost identical to the patch submitted to openssl-dev by Verdon Walker <VWalker@novell.com> except some redundant EVP_add_digest_()/EVP_cleanup() calls were removed and some changes made to avoid compiler warnings. | ||||
* | Use BN_rand_range(). | Ulf Möller | 2001-02-20 | 1 | -10/+3 |
| | |||||
* | Make all configuration macros available for application by making | Richard Levitte | 2001-02-19 | 1 | -1/+1 |
| | | | | | | | | | | | | sure they are available in opensslconf.h, by giving them names starting with "OPENSSL_" to avoid conflicts with other packages and by making sure e_os2.h will cover all platform-specific cases together with opensslconf.h. I've checked fairly well that nothing breaks with this (apart from external software that will adapt if they have used something like NO_KRB5), but I can't guarantee it completely, so a review of this change would be a good thing. | ||||
* | Don't set the two top bits to one when generating a random number < q.:wq | Ulf Möller | 2000-09-13 | 1 | -1/+1 |
| | |||||
* | Check BN_rand return value. | Bodo Möller | 2000-02-29 | 1 | -1/+2 |
| | | | | "make update". | ||||
* | Message digest stuff. | Ulf Möller | 1999-04-27 | 1 | -1/+2 |
| | |||||
* | Change #include filenames from <foo.h> to <openssl.h>. | Bodo Möller | 1999-04-23 | 1 | -4/+4 |
| | | | | | | Submitted by: Reviewed by: PR: | ||||
* | Change functions to ANSI C. | Ulf Möller | 1999-04-19 | 1 | -2/+1 |
| | |||||
* | Import of old SSLeay release: SSLeay 0.9.0b | Ralf S. Engelschall | 1998-12-21 | 1 | -1/+1 |
| | |||||
* | Import of old SSLeay release: SSLeay 0.8.1b | Ralf S. Engelschall | 1998-12-21 | 1 | -0/+112 |