Andy Polyakov
03e389cf04
Allow for dynamic base in Win64 FIPS module.
2011-09-14 20:48:49 +00:00
Bodo Möller
ae53b299fa
make update
2011-09-05 09:46:15 +00:00
Dr. Stephen Henson
3699ec6056
recognise ecdsaWithSHA1 OID
2011-07-28 14:40:01 +00:00
Dr. Stephen Henson
9945b460e2
Give parameters names in prototypes.
2011-06-17 16:47:41 +00:00
Andy Polyakov
62f29eb1cf
spacrv9cap.c: addenum to recent EC optimizations.
2011-05-23 08:14:32 +00:00
Andy Polyakov
d8ea368c41
ec_cvt.c: ARM comparison results were wrong, clarify the background.
2011-05-21 08:40:18 +00:00
Andy Polyakov
fdf6dac859
ec_cvt.c: avoid EC_GFp_nist_method on platforms with bn_mul_mont [see
...
commentary for details].
2011-05-20 20:31:37 +00:00
Dr. Stephen Henson
c2fd598994
Rename FIPS_mode_set and FIPS_mode. Theses symbols will be defined in
...
the FIPS capable OpenSSL.
2011-05-11 14:43:38 +00:00
Richard Levitte
171edf7ff4
Error discrepancy corrected.
2011-04-24 08:59:15 +00:00
Dr. Stephen Henson
cac4fb58e0
Add PRNG security strength checking.
2011-04-23 19:55:55 +00:00
Dr. Stephen Henson
8c7096835b
Use 0 for tbslen to perform strlen.
2011-04-19 11:10:54 +00:00
Dr. Stephen Henson
a6311f856b
Remove several of the old obsolete FIPS_corrupt_*() functions.
2011-04-14 11:30:51 +00:00
Dr. Stephen Henson
ac892b7aa6
Initial incomplete POST overhaul: add support for POST callback to
...
allow status of POST to be monitored and/or failures induced.
2011-04-14 11:15:10 +00:00
Richard Levitte
5d0137aa14
make update
2011-03-25 09:30:52 +00:00
Richard Levitte
30fafdebf3
* Configure, crypto/ec/ec.h, crypto/ec/ecp_nistp224.c, util/mkdef.pl:
...
Have EC_NISTP224_64_GCC_128 treated like any algorithm, and have
disabled by default. If we don't do it this way, it screws up
libeay.num.
* util/libeay.num: make update
2011-03-25 09:29:46 +00:00
Richard Levitte
c6dbe90895
make update
2011-03-24 22:59:02 +00:00
Richard Levitte
487b023f3d
make update (1.1.0-dev)
...
This meant alarger renumbering in util/libeay.num due to symbols
appearing in 1.0.0-stable and 1.0.1-stable. However, since there's
been no release on this branch yet, it should be harmless.
2011-03-23 00:11:32 +00:00
Ben Laurie
edc032b5e3
Add SRP support.
2011-03-12 17:01:19 +00:00
Dr. Stephen Henson
1acc24a8ba
Make no-ec2m work again.
2011-03-10 01:00:30 +00:00
Dr. Stephen Henson
b7056b6414
Update dependencies.
2011-02-21 17:51:59 +00:00
Dr. Stephen Henson
0fbf8f447b
Add pairwise consistency test to EC.
2011-02-15 16:58:28 +00:00
Dr. Stephen Henson
c966120412
Don't use FIPS api for ec2_oct.c
2011-02-14 16:55:28 +00:00
Dr. Stephen Henson
84b08eee4b
Reorganise ECC code for inclusion in FIPS module.
...
Move compression, point2oct and oct2point functions into separate files.
Add a flags field to EC_METHOD.
Add a flag EC_FLAGS_DEFAULT_OCT to use the default compession and oct
functions (all existing methods do this). This removes dependencies from
EC_METHOD while keeping original functionality.
2011-02-14 16:52:12 +00:00
Dr. Stephen Henson
bf2546f947
Use BN_nist_mod_func to avoid need to peek error queue.
2011-02-14 16:45:28 +00:00
Dr. Stephen Henson
c9a90645a5
Disable some functions in headers with no-ec2m
2011-02-12 17:38:06 +00:00
Dr. Stephen Henson
b331016124
New option to disable characteristic two fields in EC code.
2011-02-12 17:23:32 +00:00
Dr. Stephen Henson
65847ca378
For now disable EC_GFp_nistp224_method() for WIN32 so the WIN32 build
...
completes without linker errors.
2011-02-03 13:00:08 +00:00
Dr. Stephen Henson
df6de39fe7
Change AR to ARX to allow exclusion of fips object modules
2011-01-26 16:08:08 +00:00
Dr. Stephen Henson
6e0375d504
revert Makefile change
2011-01-25 12:15:10 +00:00
Dr. Stephen Henson
fef1c40bf1
New function EC_KEY_set_affine_coordinates() this performs all the
...
NIST PKV tests.
2011-01-24 16:07:40 +00:00
Dr. Stephen Henson
a428ac4750
check EC public key isn't point at infinity
2011-01-24 15:04:34 +00:00
Dr. Stephen Henson
0aa1aedbce
PR: 1612
...
Submitted by: Robert Jackson <robert@rjsweb.net>
Reviewed by: steve
Fix EC_POINT_cmp function for case where b but not a is the point at infinity.
2011-01-24 14:41:34 +00:00
Dr. Stephen Henson
dd616752a1
oops, revert mistakenly committed EC changes
2011-01-19 14:42:42 +00:00
Dr. Stephen Henson
198ce9a611
Add additional parameter to dsa_builtin_paramgen to output the generated
...
seed to: this doesn't introduce any binary compatibility issues as the
function is only used internally.
The seed output is needed for FIPS 140-2 algorithm testing: the functionality
used to be in DSA_generate_parameters_ex() but was removed in OpenSSL 1.0.0
2011-01-19 14:35:53 +00:00
Ben Laurie
c13d7c0296
Fix warning.
2011-01-09 17:50:06 +00:00
Ben Laurie
5df2a2497a
Fix warnings.
2010-09-05 16:34:49 +00:00
Bodo Möller
396cb5657b
More C language police work.
2010-08-27 13:17:59 +00:00
Bodo Möller
eb8ef241eb
C conformity fixes: Move declarations before statements in all blocks.
2010-08-27 12:07:35 +00:00
Bodo Möller
1b5af90b45
C conformity fixes:
...
- Move declarations before statements in all blocks.
- Where 64-bit type is required, use it explicitly (not 1l).
2010-08-27 11:29:30 +00:00
Bodo Möller
76af94eb27
(formatting error)
2010-08-26 14:40:11 +00:00
Bodo Möller
04daec862c
New 64-bit optimized implementation EC_GFp_nistp224_method().
...
This will only be compiled in if explicitly requested
(#ifdef EC_NISTP224_64_GCC_128).
Submitted by: Emilia Kasper (Google)
2010-08-26 14:29:55 +00:00
Bodo Möller
c94f7f657b
ECC library bugfixes.
...
Submitted by: Emilia Kasper (Google)
2010-08-26 12:11:01 +00:00
Dr. Stephen Henson
fa1ba589f3
Add algorithm specific signature printing. An individual ASN1 method can
...
now print out signatures instead of the standard hex dump.
More complex signatures (e.g. PSS) can print out more meaningful information.
Sample DSA version included that prints out the signature parameters r, s.
[Note EVP_PKEY_ASN1_METHOD is an application opaque structure so adding
new fields in the middle has no compatibility issues]
2010-03-06 18:05:05 +00:00
Bodo Möller
2d9dcd4ff0
Always check bn_wexpend() return values for failure (CVE-2009-3245).
...
(The CHANGES entry covers the change from PR #2111 as well, submitted by
Martin Olsson.)
Submitted by: Neel Mehta
2010-02-23 10:36:35 +00:00
Dr. Stephen Henson
fed8dbf46d
PR: 2118
...
Submitted by: Mounir IDRASSI <mounir.idrassi@idrix.net>
Approved by: steve@openssl.org
Check return value of ECDSA_sign() properly.
2009-11-30 13:56:04 +00:00
Andy Polyakov
194274cb68
ec_mult.c: fix C4334 win64 compiler warning.
2009-05-02 11:18:44 +00:00
Ben Laurie
57a6ac7c4f
Check scalar->d before we use it (in BN_num_bits()). (Coverity ID 129)
2008-12-27 02:15:16 +00:00
Geoff Thorpe
6343829a39
Revert the size_t modifications from HEAD that had led to more
...
knock-on work than expected - they've been extracted into a patch
series that can be completed elsewhere, or in a different branch,
before merging back to HEAD.
2008-11-12 03:58:08 +00:00
Dr. Stephen Henson
2e5975285e
Update obsolete email address...
2008-11-05 18:39:08 +00:00
Ben Laurie
5e4430e70d
More size_tification.
2008-11-01 16:40:37 +00:00