Dr. Stephen Henson
2514fa79ac
Add functions returning security bits.
...
Add functions to return the "bits of security" for various public key
algorithms. Based on SP800-57.
2014-03-28 14:49:04 +00:00
Andy Polyakov
53e5161231
dh_check.c: check BN_CTX_get's return value.
2014-03-06 14:19:37 +01:00
Dr. Stephen Henson
4cfeb00be9
make depend
2014-02-19 20:09:08 +00:00
Veres Lajos
478b50cf67
misspellings fixes by https://github.com/vlajos/misspell_fixer
2013-09-05 21:39:42 +01:00
Ben Laurie
a0aaa5660a
Fix compile errors.
2013-08-21 04:21:42 +01:00
Dr. Stephen Henson
bd59f2b91d
CMS RFC2631 X9.42 DH enveloped data support.
2013-08-05 16:23:13 +01:00
Dr. Stephen Henson
dc1ce3bc64
Add KDF for DH.
...
Add X9.42 DH KDF. Move sharedinfo generation code to CMS library as the
same structure is used by DH and ECDH.
Move ASN1_OBJECT typedef to ossl_typ.h so it can be picked up by dh headers
without the need to use ASN1.
2013-08-05 15:45:01 +01:00
Dr. Stephen Henson
3909087801
Extend DH parameter generation support.
...
Add support for DH parameter generation using DSA methods including
FIPS 186-3.
2013-08-05 15:45:01 +01:00
Dr. Stephen Henson
d3cc91eee2
Enhance DH dup functions.
...
Make DHparams_dup work properly with X9.42 DH parameters.
2013-08-05 15:45:01 +01:00
Dr. Stephen Henson
c9577ab5ea
If present print j, seed and counter values for DH
2013-08-05 15:45:00 +01:00
Ben Laurie
71fa451343
Version skew reduction: trivia (I hope).
2012-06-03 22:00:21 +00:00
Dr. Stephen Henson
84b6e277d4
make update
2011-12-27 14:46:03 +00:00
Dr. Stephen Henson
afb14cda8c
Initial experimental support for X9.42 DH parameter format to handle
...
RFC5114 parameters and X9.42 DH public and private keys.
2011-12-07 00:32:34 +00:00
Dr. Stephen Henson
0798170966
Update DH_check() to peform sensible checks when q parameter is present.
2011-12-01 17:27:36 +00:00
Dr. Stephen Henson
28ff14779e
Correct some parameter values.
2011-12-01 17:26:58 +00:00
Dr. Stephen Henson
20bee9684d
Add RFC5114 DH parameters to OpenSSL. Add test data to dhtest.
2011-11-13 14:07:36 +00:00
Dr. Stephen Henson
cd366cf7ec
print out subgroup order if present
2011-10-11 17:44:26 +00:00
Bodo Möller
ae53b299fa
make update
2011-09-05 09:46:15 +00:00
Dr. Stephen Henson
4960411e1f
Add flags for DH FIPS method.
...
Update/fix prototypes in fips.h
2011-06-08 15:53:08 +00:00
Dr. Stephen Henson
c2fd598994
Rename FIPS_mode_set and FIPS_mode. Theses symbols will be defined in
...
the FIPS capable OpenSSL.
2011-05-11 14:43:38 +00:00
Dr. Stephen Henson
74fac927b0
Return errors instead of aborting when selftest fails.
2011-04-22 11:12:56 +00:00
Dr. Stephen Henson
31360957fb
DH keys have an (until now) unused 'q' parameter. When creating
...
from DSA copy q across and if q present generate DH key in the
correct range.
2011-04-07 15:01:48 +00:00
Richard Levitte
c6dbe90895
make update
2011-03-24 22:59:02 +00:00
Ben Laurie
edc032b5e3
Add SRP support.
2011-03-12 17:01:19 +00:00
Dr. Stephen Henson
bc91494e06
New SP 800-56A compliant version of DH_compute_key().
2011-03-08 19:07:26 +00:00
Dr. Stephen Henson
b7056b6414
Update dependencies.
2011-02-21 17:51:59 +00:00
Dr. Stephen Henson
14ae26f2e4
Transfer error redirection to fips.h, add OPENSSL_FIPSAPI to source files
...
that use it.
2011-02-03 17:00:24 +00:00
Dr. Stephen Henson
83c3410b94
FIPS DH changes: selftest checks and key range checks.
2011-01-26 15:47:19 +00:00
Dr. Stephen Henson
fa1ba589f3
Add algorithm specific signature printing. An individual ASN1 method can
...
now print out signatures instead of the standard hex dump.
More complex signatures (e.g. PSS) can print out more meaningful information.
Sample DSA version included that prints out the signature parameters r, s.
[Note EVP_PKEY_ASN1_METHOD is an application opaque structure so adding
new fields in the middle has no compatibility issues]
2010-03-06 18:05:05 +00:00
Dr. Stephen Henson
f4274da164
PR: 1644
...
Submitted by: steve@openssl.org
Fix to make DHparams_dup() et al work in C++.
For 1.0 fix the final argument to ASN1_dup() so it is void *. Replace some
*_dup macros with functions.
2009-09-06 15:49:46 +00:00
Dr. Stephen Henson
c55d27ac33
Make update.
2009-07-08 09:19:53 +00:00
Dr. Stephen Henson
ef236ec3b2
Merge from 1.0.0-stable branch.
2009-04-23 16:32:42 +00:00
Geoff Thorpe
6343829a39
Revert the size_t modifications from HEAD that had led to more
...
knock-on work than expected - they've been extracted into a patch
series that can be completed elsewhere, or in a different branch,
before merging back to HEAD.
2008-11-12 03:58:08 +00:00
Dr. Stephen Henson
2e5975285e
Update obsolete email address...
2008-11-05 18:39:08 +00:00
Ben Laurie
5e4430e70d
More size_tification.
2008-11-01 16:40:37 +00:00
Ben Laurie
5ce278a77b
More type-checking.
2008-06-04 11:01:43 +00:00
Dr. Stephen Henson
fe591284be
Update dependencies.
2008-03-22 18:52:03 +00:00
Geoff Thorpe
1e26a8baed
Fix a variety of warnings generated by some elevated compiler-fascism,
...
OPENSSL_NO_DEPRECATED, etc. Steve, please double-check the CMS stuff...
2008-03-16 21:05:46 +00:00
Lutz Jänicke
5f0477f47b
Typos
...
PR: 1578
Submitted by: Charles Longeau <chl@tuxfamily.org>
2007-09-24 11:22:58 +00:00
Nils Larsch
442cbb062d
check correct pointer before freeing it (Coverity CID 79,86)
2007-04-02 20:29:40 +00:00
Bodo Möller
bd31fb2145
Change to mitigate branch prediction attacks
...
Submitted by: Matthew D Wood
Reviewed by: Bodo Moeller
2007-03-28 00:15:28 +00:00
Dr. Stephen Henson
560b79cbff
Constify version strings and some structures.
2007-01-21 13:07:17 +00:00
Dr. Stephen Henson
47a9d527ab
Update from 0.9.8 stable. Eliminate duplicate error codes.
2006-11-21 21:29:44 +00:00
Mark J. Cox
c2cccfc585
Initialise ctx to NULL to avoid uninitialized free, noticed by
...
Steve Kiernan
2006-09-29 08:21:41 +00:00
Bodo Möller
5e3225cc44
Introduce limits to prevent malicious keys being able to
...
cause a denial of service. (CVE-2006-2940)
[Steve Henson, Bodo Moeller]
2006-09-28 13:45:34 +00:00
Dr. Stephen Henson
5c95c2ac23
Fix various error codes to match functions.
2006-07-17 16:33:31 +00:00
Dr. Stephen Henson
8bdcef40e4
New function to dup EVP_PKEY_CTX. This will be needed to make new signing
...
functions and EVP_MD_CTX_copy work properly.
2006-05-24 23:49:30 +00:00
Dr. Stephen Henson
eaff5a1412
Use size_t for new crypto size parameters.
2006-05-24 12:33:46 +00:00
Dr. Stephen Henson
c20276e4ae
Fix (most) WIN32 warnings and errors.
2006-04-17 12:08:22 +00:00
Dr. Stephen Henson
b010b7c434
Use more flexible method of determining output length, by setting &outlen
...
value of the passed output buffer is NULL.
The old method of using EVP_PKEY_size(pkey) isn't flexible enough to cover all
cases where the output length may depend on the operation or the parameters
associated with it.
2006-04-15 18:50:56 +00:00