aboutsummaryrefslogtreecommitdiffstats
path: root/crypto/dsa
Commit message (Collapse)AuthorAgeFilesLines
* Implement internally opaque bn access from dsaMatt Caswell2014-12-085-56/+82
| | | | Reviewed-by: Tim Hudson <tjh@openssl.org>
* remove OPENSSL_FIPSAPIDr. Stephen Henson2014-12-084-4/+4
| | | | Reviewed-by: Tim Hudson <tjh@openssl.org>
* remove FIPS module code from crypto/dsaDr. Stephen Henson2014-12-084-198/+0
| | | | Reviewed-by: Tim Hudson <tjh@openssl.org>
* Remove fips_constseg references.Dr. Stephen Henson2014-12-081-1/+0
| | | | Reviewed-by: Tim Hudson <tjh@openssl.org>
* Remove fipscanister build functionality from makefiles.Dr. Stephen Henson2014-12-081-1/+1
| | | | Reviewed-by: Tim Hudson <tjh@openssl.org>
* Remove all .cvsignore filesRich Salz2014-11-281-4/+0
| | | | Reviewed-by: Tim Hudson <tjh@openssl.org>
* RT3192: spurious error in DSA verifyMatt Caswell2014-09-091-3/+1
| | | | | | | This is funny; Ben commented in the source, Matt opend a ticket, and Rich is doing the submit. Need more code-review? :) Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
* RT2626: Change default_bits from 1K to 2KKurt Roeckx2014-09-081-1/+1
| | | | | | | | | | This is a more comprehensive fix. It changes all keygen apps to use 2K keys. It also changes the default to use SHA256 not SHA1. This is from Kurt's upstream Debian changes. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Kurt Roeckx <kurt@openssl.org>
* Remove some outdated README files, to avoid confusing people.Rich Salz2014-08-301-4/+0
| | | | Reviewed-by: Andy Polyakov <appro@openssl.org>
* RT3061: slightly amend patchEmilia Kasper2014-08-221-2/+1
| | | | | | Add an extra NULL dereference check Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
* Add functions returning security bits.Dr. Stephen Henson2014-03-283-0/+12
| | | | | Add functions to return the "bits of security" for various public key algorithms. Based on SP800-57.
* misspellings fixes by https://github.com/vlajos/misspell_fixerVeres Lajos2013-09-051-1/+1
|
* Return correct enveloped data type in ASN1 methods.Dr. Stephen Henson2013-07-171-0/+4
| | | | | | For RSA and DSA keys return an appropriate RecipientInfo type. By setting CMS_RECIPINFO_NONE for DSA keys an appropriate error is returned if an attempt is made to use DSA with enveloped data.
* Avoid need to change function code.Dr. Stephen Henson2013-07-171-7/+7
| | | | | Keep original function names for nonce versions so we don't have to change error function codes.
* Make `safe' (EC)DSA nonces the default.Adam Langley2013-07-154-31/+19
| | | | | | | | | This change updates 8a99cb29 to make the generation of (EC)DSA nonces using the message digest the default. It also reverts the changes to (EC)DSA_METHOD structure. In addition to making it the default, removing the flag from EC_KEY means that FIPS modules will no longer have an ABI mismatch.
* Add control to retrieve signature MD.Dr. Stephen Henson2013-06-211-0/+4
|
* Add secure DSA nonce flag.Adam Langley2013-06-134-15/+58
| | | | | | This change adds the option to calculate (EC)DSA nonces by hashing the message and private key along with entropy to avoid leaking the private key if the PRNG fails.
* Don't SEGFAULT when trying to export a public DSA key as a private key.Adam Langley2013-06-131-0/+6
|
* Version skew reduction: trivia (I hope).Ben Laurie2012-06-031-0/+1
|
* return error if counter exceeds limit and seed value suppliedDr. Stephen Henson2011-11-251-0/+6
|
* check counter value against 4 * L, not 4096Dr. Stephen Henson2011-11-251-1/+1
|
* Add single call public key sign and verify functions.Dr. Stephen Henson2011-11-051-0/+5
|
* L=3072, N=256 provides 128 bits of security not 112.Dr. Stephen Henson2011-10-161-1/+1
|
* Allow for dynamic base in Win64 FIPS module.Andy Polyakov2011-09-141-0/+1
|
* make updateBodo Möller2011-09-051-16/+12
|
* Add support for DSA2 PQG generation of g parameter.Dr. Stephen Henson2011-08-271-12/+17
|
* Add support for canonical generation of DSA parameter g.Dr. Stephen Henson2011-08-262-13/+111
| | | | Modify fips_dssvs to support appropriate file format.
* make EVP_dss() work for DSA signingDr. Stephen Henson2011-06-201-0/+1
|
* Rename FIPS_mode_set and FIPS_mode. Theses symbols will be defined inDr. Stephen Henson2011-05-113-5/+5
| | | | the FIPS capable OpenSSL.
* allow SHA384, SHA512 wit DSADr. Stephen Henson2011-05-081-1/+3
|
* Fix warning.Dr. Stephen Henson2011-04-241-1/+2
|
* fips_check_dsa_prng() should only be built when OPENSSL_FIPS is defined.Richard Levitte2011-04-241-0/+2
|
* More fixes for DSA FIPS overrides.Dr. Stephen Henson2011-04-231-1/+2
|
* Make sure overrides work for RSA/DSA.Dr. Stephen Henson2011-04-231-1/+1
|
* Add PRNG security strength checking.Dr. Stephen Henson2011-04-234-10/+69
|
* Use 0 for tbslen to perform strlen.Dr. Stephen Henson2011-04-191-1/+1
|
* Remove several of the old obsolete FIPS_corrupt_*() functions.Dr. Stephen Henson2011-04-141-9/+0
|
* Initial incomplete POST overhaul: add support for POST callback toDr. Stephen Henson2011-04-141-1/+2
| | | | allow status of POST to be monitored and/or failures induced.
* DH keys have an (until now) unused 'q' parameter. When creatingDr. Stephen Henson2011-04-071-1/+6
| | | | | from DSA copy q across and if q present generate DH key in the correct range.
* check RAND_pseudo_bytes return valueDr. Stephen Henson2011-04-041-2/+6
|
* make updateRichard Levitte2011-03-241-12/+16
|
* Add SRP support.Ben Laurie2011-03-121-16/+12
|
* Update dependencies.Dr. Stephen Henson2011-02-211-12/+16
|
* Update pairwise consistency checks to use SHA-256.Dr. Stephen Henson2011-02-151-2/+1
|
* Remove dependency of dsa_sign.o and dsa_vrf.o: new functions FIPS_dsa_sig_newDr. Stephen Henson2011-02-133-27/+2
| | | | | and FIPS_dsa_sig_free, reimplment DSA_SIG_new and DSA_SIG_free from ASN1 library.
* Return security strength for supported DSA parameters: will be usedDr. Stephen Henson2011-02-111-7/+10
| | | | later.
* Free keys if DSA pairwise error.Dr. Stephen Henson2011-02-111-1/+5
|
* Transfer error redirection to fips.h, add OPENSSL_FIPSAPI to source filesDr. Stephen Henson2011-02-032-0/+4
| | | | that use it.
* make updateBodo Möller2011-02-031-8/+15
|
* Add sign/verify digest API to handle an explicit digest instead of finalisingDr. Stephen Henson2011-02-021-0/+3
| | | | a context.
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-09 14:55:39 +0000