Commit graph

203 commits

Author SHA1 Message Date
Andy Polyakov
2d63d0c84a Fix irix-cc build.
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit e464403d0b)
2015-01-07 18:41:17 +01:00
Andy Polyakov
fe69e6be6e dh_check.c: check BN_CTX_get's return value.
(cherry picked from commit 53e5161231)
2014-03-06 14:21:17 +01:00
Dr. Stephen Henson
bc35b8e435 make update 2013-12-01 23:09:44 +00:00
Ben Laurie
ac5cb33356 Fix compile errors.
(cherry picked from commit a0aaa5660a)
2013-10-01 14:01:18 +01:00
Dr. Stephen Henson
aaf74259ec CMS RFC2631 X9.42 DH enveloped data support.
(cherry picked from commit bd59f2b91d)

Conflicts:

	crypto/dh/dh.h
	crypto/dh/dh_err.c

Sync error codes with 1.0.1.
2013-10-01 14:01:18 +01:00
Dr. Stephen Henson
5c4ff8ad37 Add KDF for DH.
Add X9.42 DH KDF. Move sharedinfo generation code to CMS library as the
same structure is used by DH and ECDH.

Move ASN1_OBJECT typedef to ossl_typ.h so it can be picked up by dh headers
without the need to use ASN1.
(cherry picked from commit dc1ce3bc64)
2013-10-01 14:01:18 +01:00
Dr. Stephen Henson
c275fb091e Extend DH parameter generation support.
Add support for DH parameter generation using DSA methods including
FIPS 186-3.
(cherry picked from commit 3909087801)
2013-10-01 14:01:17 +01:00
Dr. Stephen Henson
90c341c601 Enhance DH dup functions.
Make DHparams_dup work properly with X9.42 DH parameters.
(cherry picked from commit d3cc91eee2)
2013-10-01 14:01:17 +01:00
Dr. Stephen Henson
52d0e1ca4e If present print j, seed and counter values for DH
(cherry picked from commit c9577ab5ea)

Conflicts:

	crypto/dh/dh_ameth.c
2013-10-01 14:01:17 +01:00
Dr. Stephen Henson
6c4b3514d7 New SP 800-56A compliant version of DH_compute_key().
(cherry picked from commit bc91494e06)
2013-10-01 14:01:17 +01:00
Ben Laurie
68d2cf51bc Reduce version skew: trivia (I hope). 2012-06-03 22:03:37 +00:00
Dr. Stephen Henson
491734eb21 Initial experimental support for X9.42 DH parameter format to handle
RFC5114 parameters and X9.42 DH public and private keys.
(backport from HEAD)
2012-04-07 20:22:11 +00:00
Dr. Stephen Henson
4e891a191d branches: 1.2.2;
Correct some parameter values.
(backport from HEAD)
2012-04-07 17:41:51 +00:00
Dr. Stephen Henson
b73a69a9c2 Update DH_check() to peform sensible checks when q parameter is present.
(backport from HEAD)
2012-04-07 17:40:08 +00:00
Dr. Stephen Henson
e811eff5a9 Add RFC5114 DH parameters to OpenSSL. Add test data to dhtest.
(backport from HEAD)
2012-04-07 12:19:50 +00:00
Dr. Stephen Henson
5999d45a5d DH keys have an (until now) unused 'q' parameter. When creating from DSA copy
q across and if q present generate DH key in the correct range. (from HEAD)
2011-11-14 14:16:09 +00:00
Dr. Stephen Henson
9309ea6617 Backport PSS signature support from HEAD. 2011-10-09 23:13:50 +00:00
Dr. Stephen Henson
e34a303ce1 make depend 2011-09-16 23:15:22 +00:00
Dr. Stephen Henson
0ae7c43fa5 Improved error checking for DRBG calls.
New functionality to allow default DRBG type to be set during compilation
or during runtime.
2011-09-16 23:08:57 +00:00
Dr. Stephen Henson
3a5b97b7f1 Don't set default public key methods in FIPS mode so applications
can switch between modes.
2011-06-20 19:41:13 +00:00
Dr. Stephen Henson
ed9b0e5cba Redirect DH key and parameter generation. 2011-06-09 15:21:46 +00:00
Dr. Stephen Henson
03e16611a3 Redirect DH operations to FIPS module. Block non-FIPS methods.
Sync DH error codes with HEAD.
2011-06-08 15:58:59 +00:00
Dr. Stephen Henson
6c29853bf2 PR: 1644
Submitted by: steve@openssl.org

Fix to make DHparams_dup() et al work in C++.

For 1.0 fix the final argument to ASN1_dup() so it is void *. Replace some
*_dup macros with functions.
2009-09-06 15:49:12 +00:00
Ben Laurie
6cfab29b71 Make depend. 2009-06-14 02:37:22 +00:00
Dr. Stephen Henson
82ae57136b Some no-ec fixes (not complete yet). 2009-04-23 15:24:27 +00:00
Geoff Thorpe
6343829a39 Revert the size_t modifications from HEAD that had led to more
knock-on work than expected - they've been extracted into a patch
series that can be completed elsewhere, or in a different branch,
before merging back to HEAD.
2008-11-12 03:58:08 +00:00
Dr. Stephen Henson
2e5975285e Update obsolete email address... 2008-11-05 18:39:08 +00:00
Ben Laurie
5e4430e70d More size_tification. 2008-11-01 16:40:37 +00:00
Ben Laurie
5ce278a77b More type-checking. 2008-06-04 11:01:43 +00:00
Dr. Stephen Henson
fe591284be Update dependencies. 2008-03-22 18:52:03 +00:00
Geoff Thorpe
1e26a8baed Fix a variety of warnings generated by some elevated compiler-fascism,
OPENSSL_NO_DEPRECATED, etc. Steve, please double-check the CMS stuff...
2008-03-16 21:05:46 +00:00
Lutz Jänicke
5f0477f47b Typos
PR: 1578
Submitted by: Charles Longeau <chl@tuxfamily.org>
2007-09-24 11:22:58 +00:00
Nils Larsch
442cbb062d check correct pointer before freeing it (Coverity CID 79,86) 2007-04-02 20:29:40 +00:00
Bodo Möller
bd31fb2145 Change to mitigate branch prediction attacks
Submitted by: Matthew D Wood
Reviewed by: Bodo Moeller
2007-03-28 00:15:28 +00:00
Dr. Stephen Henson
560b79cbff Constify version strings and some structures. 2007-01-21 13:07:17 +00:00
Dr. Stephen Henson
47a9d527ab Update from 0.9.8 stable. Eliminate duplicate error codes. 2006-11-21 21:29:44 +00:00
Mark J. Cox
c2cccfc585 Initialise ctx to NULL to avoid uninitialized free, noticed by
Steve Kiernan
2006-09-29 08:21:41 +00:00
Bodo Möller
5e3225cc44 Introduce limits to prevent malicious keys being able to
cause a denial of service.  (CVE-2006-2940)
[Steve Henson, Bodo Moeller]
2006-09-28 13:45:34 +00:00
Dr. Stephen Henson
5c95c2ac23 Fix various error codes to match functions. 2006-07-17 16:33:31 +00:00
Dr. Stephen Henson
8bdcef40e4 New function to dup EVP_PKEY_CTX. This will be needed to make new signing
functions and EVP_MD_CTX_copy work properly.
2006-05-24 23:49:30 +00:00
Dr. Stephen Henson
eaff5a1412 Use size_t for new crypto size parameters. 2006-05-24 12:33:46 +00:00
Dr. Stephen Henson
c20276e4ae Fix (most) WIN32 warnings and errors. 2006-04-17 12:08:22 +00:00
Dr. Stephen Henson
b010b7c434 Use more flexible method of determining output length, by setting &outlen
value of the passed output buffer is NULL.

The old method of using EVP_PKEY_size(pkey) isn't flexible enough to cover all
cases where the output length may depend on the operation or the parameters
associated with it.
2006-04-15 18:50:56 +00:00
Dr. Stephen Henson
ffb1ac674c Complete key derivation support. 2006-04-13 20:16:56 +00:00
Dr. Stephen Henson
3be34589e8 Update dependencies. 2006-04-13 13:00:45 +00:00
Dr. Stephen Henson
d87e615209 Add key derivation support. 2006-04-13 12:56:41 +00:00
Dr. Stephen Henson
52c11dce31 Typo. 2006-04-13 00:26:05 +00:00
Dr. Stephen Henson
3ba0885a3e Extend DH ASN1 method, add DH EVP_PKEY_METHOD. 2006-04-12 23:51:24 +00:00
Dr. Stephen Henson
4c97a04e2e PKCS#3 DH PKCS#8 ASN1 support. 2006-04-12 23:06:10 +00:00
Dr. Stephen Henson
ceb4678956 Extend DH ASN1 method to support public key encode/decode and parameter
utilities.
2006-04-12 17:14:48 +00:00