wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
10284 commits 20 branches 302 tags 153 MiB
Commit graph

188 commits

Author SHA1 Message Date
Dr. Stephen Henson
5999d45a5d DH keys have an (until now) unused 'q' parameter. When creating from DSA copy 
q across and if q present generate DH key in the correct range. (from HEAD)
 2011-11-14 14:16:09 +00:00
Dr. Stephen Henson
9309ea6617 Backport PSS signature support from HEAD. 2011-10-09 23:13:50 +00:00
Dr. Stephen Henson
e34a303ce1 make depend 2011-09-16 23:15:22 +00:00
Dr. Stephen Henson
0ae7c43fa5 Improved error checking for DRBG calls. 
New functionality to allow default DRBG type to be set during compilation
or during runtime.
 2011-09-16 23:08:57 +00:00
Dr. Stephen Henson
3a5b97b7f1 Don't set default public key methods in FIPS mode so applications 
can switch between modes.
 2011-06-20 19:41:13 +00:00
Dr. Stephen Henson
ed9b0e5cba Redirect DH key and parameter generation. 2011-06-09 15:21:46 +00:00
Dr. Stephen Henson
03e16611a3 Redirect DH operations to FIPS module. Block non-FIPS methods. 
Sync DH error codes with HEAD.
 2011-06-08 15:58:59 +00:00
Dr. Stephen Henson
6c29853bf2 PR: 1644 
Submitted by: steve@openssl.org

Fix to make DHparams_dup() et al work in C++.

For 1.0 fix the final argument to ASN1_dup() so it is void *. Replace some
*_dup macros with functions.
 2009-09-06 15:49:12 +00:00
Ben Laurie
6cfab29b71 Make depend. 2009-06-14 02:37:22 +00:00
Dr. Stephen Henson
82ae57136b Some no-ec fixes (not complete yet). 2009-04-23 15:24:27 +00:00
Geoff Thorpe
6343829a39 Revert the size_t modifications from HEAD that had led to more 
knock-on work than expected - they've been extracted into a patch
series that can be completed elsewhere, or in a different branch,
before merging back to HEAD.
 2008-11-12 03:58:08 +00:00
Dr. Stephen Henson
2e5975285e Update obsolete email address... 2008-11-05 18:39:08 +00:00
Ben Laurie
5e4430e70d More size_tification. 2008-11-01 16:40:37 +00:00
Ben Laurie
5ce278a77b More type-checking. 2008-06-04 11:01:43 +00:00
Dr. Stephen Henson
fe591284be Update dependencies. 2008-03-22 18:52:03 +00:00
Geoff Thorpe
1e26a8baed Fix a variety of warnings generated by some elevated compiler-fascism, 
OPENSSL_NO_DEPRECATED, etc. Steve, please double-check the CMS stuff...
 2008-03-16 21:05:46 +00:00
Lutz Jänicke
5f0477f47b Typos 
PR: 1578
Submitted by: Charles Longeau <chl@tuxfamily.org>
 2007-09-24 11:22:58 +00:00
Nils Larsch
442cbb062d check correct pointer before freeing it (Coverity CID 79,86) 2007-04-02 20:29:40 +00:00
Bodo Möller
bd31fb2145 Change to mitigate branch prediction attacks 
Submitted by: Matthew D Wood
Reviewed by: Bodo Moeller
 2007-03-28 00:15:28 +00:00
Dr. Stephen Henson
560b79cbff Constify version strings and some structures. 2007-01-21 13:07:17 +00:00
Dr. Stephen Henson
47a9d527ab Update from 0.9.8 stable. Eliminate duplicate error codes. 2006-11-21 21:29:44 +00:00
Mark J. Cox
c2cccfc585 Initialise ctx to NULL to avoid uninitialized free, noticed by 
Steve Kiernan
 2006-09-29 08:21:41 +00:00
Bodo Möller
5e3225cc44 Introduce limits to prevent malicious keys being able to 
cause a denial of service.  (CVE-2006-2940)
[Steve Henson, Bodo Moeller]
 2006-09-28 13:45:34 +00:00
Dr. Stephen Henson
5c95c2ac23 Fix various error codes to match functions. 2006-07-17 16:33:31 +00:00
Dr. Stephen Henson
8bdcef40e4 New function to dup EVP_PKEY_CTX. This will be needed to make new signing 
functions and EVP_MD_CTX_copy work properly.
 2006-05-24 23:49:30 +00:00
Dr. Stephen Henson
eaff5a1412 Use size_t for new crypto size parameters. 2006-05-24 12:33:46 +00:00
Dr. Stephen Henson
c20276e4ae Fix (most) WIN32 warnings and errors. 2006-04-17 12:08:22 +00:00
Dr. Stephen Henson
b010b7c434 Use more flexible method of determining output length, by setting &outlen 
value of the passed output buffer is NULL.

The old method of using EVP_PKEY_size(pkey) isn't flexible enough to cover all
cases where the output length may depend on the operation or the parameters
associated with it.
 2006-04-15 18:50:56 +00:00
Dr. Stephen Henson
ffb1ac674c Complete key derivation support. 2006-04-13 20:16:56 +00:00
Dr. Stephen Henson
3be34589e8 Update dependencies. 2006-04-13 13:00:45 +00:00
Dr. Stephen Henson
d87e615209 Add key derivation support. 2006-04-13 12:56:41 +00:00
Dr. Stephen Henson
52c11dce31 Typo. 2006-04-13 00:26:05 +00:00
Dr. Stephen Henson
3ba0885a3e Extend DH ASN1 method, add DH EVP_PKEY_METHOD. 2006-04-12 23:51:24 +00:00
Dr. Stephen Henson
4c97a04e2e PKCS#3 DH PKCS#8 ASN1 support. 2006-04-12 23:06:10 +00:00
Dr. Stephen Henson
ceb4678956 Extend DH ASN1 method to support public key encode/decode and parameter 
utilities.
 2006-04-12 17:14:48 +00:00
Dr. Stephen Henson
0b33dac310 New function to retrieve ASN1 info on public key algorithms. New command 
line option to print out info.
 2006-04-04 18:16:03 +00:00
Dr. Stephen Henson
3e4585c8fd New utility pkeyparam. Enhance and bugfix algorithm specific parameter 
functions to support it.
 2006-03-28 14:35:32 +00:00
Dr. Stephen Henson
d82e2718e2 Add information and pem strings. Update dependencies. 2006-03-23 11:54:51 +00:00
Dr. Stephen Henson
18e377b4ff Make EVP_PKEY_ASN1_METHOD opaque. Add application level functions to 
initialize it. Initial support for application added public key ASN1.
 2006-03-22 17:59:49 +00:00
Dr. Stephen Henson
1b593194be Move algorithm specific print code from crypto/asn1/t_pkey.c to separate 
*_prn.c files in each algorithm directory.
 2006-03-22 13:34:19 +00:00
Dr. Stephen Henson
adbc603d24 DH EVP_PKEY_ASN1_METHOD, doesn't do much (yet?). 2006-03-20 18:37:40 +00:00
Dr. Stephen Henson
6f81892e6b Transfer parameter handling and key comparison to algorithm methods. 2006-03-20 17:56:05 +00:00
Nils Larsch
47d5566646 fix error found by coverity: check if ctx is != NULL before calling BN_CTX_end() 2006-03-13 23:14:57 +00:00
Dr. Stephen Henson
15ac971681 Update filenames in makefiles. 2006-02-04 01:45:59 +00:00
Dr. Stephen Henson
244847591f Extend callback function to support print customization. 2005-09-01 20:42:52 +00:00
Ben Laurie
bf3d6c0c9b Make D-H safer, include well-known primes. 2005-08-21 16:00:17 +00:00
Bodo Möller
a28a5d9c62 Use BN_with_flags() in a cleaner way. 2005-05-27 15:38:53 +00:00
Andy Polyakov
ce92b6eb9c Further BUILDENV refinement, further fool-proofing of Makefiles and 
[most importantly] put back dependencies accidentaly eliminated in
check-in #13342.
 2005-05-16 16:55:47 +00:00
Bodo Möller
46a643763d Implement fixed-window exponentiation to mitigate hyper-threading 
timing attacks.

BN_FLG_EXP_CONSTTIME requests this algorithm, and this done by default for
RSA/DSA/DH private key computations unless
RSA_FLAG_NO_EXP_CONSTTIME/DSA_FLAG_NO_EXP_CONSTTIME/
DH_FLAG_NO_EXP_CONSTTIME is set.

Submitted by: Matthew D Wood
Reviewed by: Bodo Moeller
 2005-05-16 01:43:31 +00:00
Andy Polyakov
81a86fcf17 Fool-proofing Makefiles 2005-05-15 22:23:26 +00:00