Commit graph

60 commits

Author SHA1 Message Date
Nils Larsch
a0bee97e55 more const 2005-04-22 21:57:36 +00:00
Nils Larsch
ff22e913a3 - use BN_set_negative and BN_is_negative instead of BN_set_sign
and BN_get_sign
- implement BN_set_negative as a function
- always use "#define BN_is_zero(a) ((a)->top == 0)"
2005-04-22 20:02:44 +00:00
Dr. Stephen Henson
29dc350813 Rebuild error codes. 2005-04-12 16:15:22 +00:00
Ben Laurie
42ba5d2329 Blow away Makefile.ssl. 2005-03-30 13:05:57 +00:00
Richard Levitte
a2ac429da2 Don't use $(EXHEADER) directly in for loops, as most shells will break
if $(EXHEADER) is empty.

Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
2004-11-02 23:55:01 +00:00
Geoff Thorpe
58ae65cd1a Update ECDSA and ECDH for OPENSSL_NO_ENGINE.
Reported by: Maxim Masiutin
Submitted by: Nils Larsch
2004-10-21 00:06:14 +00:00
Geoff Thorpe
0210065bbd Quick fix.
Submitted by: Nils Larsch
2004-07-16 03:24:51 +00:00
Geoff Thorpe
b3b6720944 Correct the return codes for ecdsatest.
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe
2004-06-14 23:37:32 +00:00
Geoff Thorpe
0f814687b9 Deprecate the recursive includes of bn.h from various API headers (asn1.h,
dh.h, dsa.h, ec.h, ecdh.h, ecdsa.h, rsa.h), as the opaque bignum types are
already declared in ossl_typ.h. Add explicit includes for bn.h in those C
files that need access to structure internals or API functions+macros.
2004-05-17 19:14:22 +00:00
Geoff Thorpe
60a938c6bc (oops) Apologies all, that last header-cleanup commit was from the wrong
tree. This further reduces header interdependencies, and makes some
associated cleanups.
2004-04-19 18:09:28 +00:00
Geoff Thorpe
3a87a9b9db Reduce header interdependencies, initially in engine.h (the rest of the
changes are the fallout). As this could break source code that doesn't
directly include headers for interfaces it uses, changes to recursive
includes are covered by the OPENSSL_NO_DEPRECATED symbol. It's better to
define this when building and using openssl, and then adapt code where
necessary - this is how to stay current. However the mechanism exists for
the lethargic.
2004-04-19 17:46:04 +00:00
Geoff Thorpe
c6700d2746 A cleanup of the ecs_ossl.c code and some (doxygen) comments for ecdsa.h
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe
2004-02-22 19:32:53 +00:00
Ulf Möller
a9f2330f43 Skip a curve with generator of non-prime order.
Submitted by: Nils Larsch
2003-12-06 11:41:22 +00:00
Ulf Möller
31182ad39b re-enable the test, keeping the original method for RAND_pseudo_bytes
which is used by BN_DEBUG_RAND
Submitted by: Nils Larsch
2003-11-16 19:33:31 +00:00
Ulf Möller
ac9c6e10a4 The x9.62 tests replace the PRNG with specific numbers,
so don't run them if BN_DEBUG_RAND is defined.

Also, fix another small bug.

Submitted by: Nils Larsch
2003-11-16 12:24:45 +00:00
Richard Levitte
d1465bac90 make update 2003-05-01 04:10:32 +00:00
Richard Levitte
3b6aa36c77 Make sure we get the definition of OPENSSL_NO_ECDSA. 2003-03-20 23:22:31 +00:00
Richard Levitte
78951e7711 Make sure we get the definition of OPENSSL_NO_ERR. 2003-03-20 23:19:41 +00:00
Lutz Jänicke
a74333f905 Fix initialization sequence to prevent freeing of unitialized objects.
Submitted by: Nils Larsch <nla@trustcenter.de>

PR: 459
2003-01-15 14:54:59 +00:00
Geoff Thorpe
e9224c7177 This is a first-cut at improving the callback mechanisms used in
key-generation and prime-checking functions. Rather than explicitly passing
callback functions and caller-defined context data for the callbacks, a new
structure BN_GENCB is defined that encapsulates this; a pointer to the
structure is passed to all such functions instead.

This wrapper structure allows the encapsulation of "old" and "new" style
callbacks - "new" callbacks return a boolean result on the understanding
that returning FALSE should terminate keygen/primality processing.  The
BN_GENCB abstraction will allow future callback modifications without
needing to break binary compatibility nor change the API function
prototypes. The new API functions have been given names ending in "_ex" and
the old functions are implemented as wrappers to the new ones.  The
OPENSSL_NO_DEPRECATED symbol has been introduced so that, if defined,
declaration of the older functions will be skipped. NB: Some
openssl-internal code will stick with the older callbacks for now, so
appropriate "#undef" logic will be put in place - this is in case the user
is *building* openssl (rather than *including* its headers) with this
symbol defined.

There is another change in the new _ex functions; the key-generation
functions do not return key structures but operate on structures passed by
the caller, the return value is a boolean. This will allow for a smoother
transition to having key-generation as "virtual function" in the various
***_METHOD tables.
2002-12-08 05:24:31 +00:00
Bodo Möller
2b32b28191 Don't compute timings here, we can do this elsewhere.
Include X9.62 signature examples.

Submitted by: Nils Larsch
2002-12-04 17:38:40 +00:00
Richard Levitte
4579924b7e Cleanse memory using the new OPENSSL_cleanse() function.
I've covered all the memset()s I felt safe modifying, but may have missed some.
2002-11-28 08:04:36 +00:00
Richard Levitte
af67804bef make update 2002-11-14 23:56:12 +00:00
Ben Laurie
54a656ef08 Security fixes brought forward from 0.9.7. 2002-11-13 15:43:43 +00:00
Bodo Möller
b53e44e572 implement and use new macros BN_get_sign(), BN_set_sign()
Submitted by: Nils Larsch
2002-11-04 13:17:22 +00:00
Bodo Möller
259cdf2af9 Sun has agreed to removing the covenant language from most files.
Submitted by: Sheueling Chang <Sheueling.Chang@Sun.COM>
2002-10-29 10:59:32 +00:00
Bodo Möller
8ee4845b65 'broken' PKCS #8 format does not apply to ECDSA
Submitted by: Nils Larsch
2002-10-28 14:13:38 +00:00
Richard Levitte
001ab3abad Use double dashes so makedepend doesn't misunderstand the flags we
give it.
For 0.9.7 and up, that means util/domd needs to remove those double
dashes from the argument list when gcc is used to find the
dependencies.
2002-10-09 13:25:12 +00:00
Bodo Möller
7eb18f1237 Simplify handling of named curves: get rid of EC_GROUP_new_by_name(),
EC_GROUP_new_by_nid() should be enough.  This avoids a lot of
redundancy.

Submitted by: Nils Larsch
2002-08-15 09:21:31 +00:00
Richard Levitte
5454829ae6 mem* functions are declared in string.h. 2002-08-10 01:36:14 +00:00
Bodo Möller
74cc4903ef make update 2002-08-09 12:16:15 +00:00
Bodo Möller
41fdcfa71e fix warnings 2002-08-09 11:58:28 +00:00
Bodo Möller
e172d60ddb Add ECDH support.
Additional changes:
 - use EC_GROUP_get_degree() in apps/req.c
 - add ECDSA and ECDH to apps/speed.c
 - adds support for EC curves over binary fields to ECDSA
 - new function EC_KEY_up_ref() in crypto/ec/ec_key.c
 - reorganize crypto/ecdsa/ecdsatest.c
 - add engine support for ECDH
 - fix a few bugs in ECDSA engine support

Submitted by: Douglas Stebila <douglas.stebila@sun.com>
2002-08-09 08:43:04 +00:00
Bodo Möller
14a7cfb32a use a generic EC_KEY structure (EC keys are not ECDSA specific)
Submitted by: Nils Larsch
2002-08-07 10:49:54 +00:00
Richard Levitte
456bc309d8 make update 2002-08-01 19:45:54 +00:00
Lutz Jänicke
3aecef7697 "make update" 2002-07-30 12:44:33 +00:00
Bodo Möller
0bee0e6294 Use SEC1 format for EC private keys.
This is not ECDSA specific, so it's now PEM_STRING_ECPRIVATEKEY etc.

Submitted by: Nils Larsch <nlarsch@compuserve.de>
2002-07-26 08:41:04 +00:00
Bodo Möller
5f3d6f70f6 Implement handling of EC parameter seeds (new functions
EC_GROUP_set_seed(), EC_GROUP_get0_seed(), EC_GROUP_get_seed_len()).

New functions ECPKParameters_print(), ECPKParameters_print_fp().

Submitted by: Nils Larsch
2002-06-18 08:38:59 +00:00
Ben Laurie
25ace3ed25 Fix warnings. 2002-06-11 12:03:51 +00:00
Bodo Möller
458c29175e move ECC ASN1 that is not specific to ECDSA into crypto/ec/,
and make some appropriate changes to the EC library.

Submitted by: Nils Larsch
2002-06-10 12:18:21 +00:00
Bodo Möller
532203cdb0 remove unnecessary calls to EC_POINT_copy() 2002-06-10 11:02:55 +00:00
Richard Levitte
ce94682ce1 No point constifying an int.
Notified by Bernd Matthes <bernd.matthes@gemplus.com>
2002-04-20 10:22:01 +00:00
Bodo Möller
dde3e83129 'version' is not optional in the encoding
Submitted by: Nils Larsch
2002-04-17 11:35:52 +00:00
Bodo Möller
8f182fdc69 'version' is not optional in the encoding
Submitted by: Nils Larsch
2002-04-17 11:31:20 +00:00
Bodo Möller
b975183c41 ECDSA representation bugfixes
Submitted by: Nils Larsch
2002-04-12 08:57:01 +00:00
Bodo Möller
d0561b5c2d fix ECDSA handling
Submitted by: Nils Larsch
2002-04-09 12:01:21 +00:00
Richard Levitte
a18894d159 make update (libeay.num has been edited to match 0.9.7-stable) 2002-04-06 19:16:12 +00:00
Bodo Möller
af1cb47e65 fix warnings
Submitted by: Nils Larsch
2002-03-25 23:41:32 +00:00
Bodo Möller
99d5b23023 Fix typo.
Submitted by: Nils Larsch
2002-03-19 09:51:31 +00:00
Bodo Möller
af28dd6c75 Fix bugs and typos.
Add some WTLS curves.
New function EC_GROUP_check() (this will probably
be implemented differently soon).

Submitted by: Nils Larsch
Reviewed by: Bodo Moeller
2002-03-18 13:10:45 +00:00