Commit graph

841 commits

Author SHA1 Message Date
Bodo Möller
259cdf2af9 Sun has agreed to removing the covenant language from most files.
Submitted by: Sheueling Chang <Sheueling.Chang@Sun.COM>
2002-10-29 10:59:32 +00:00
Bodo Möller
6c950e0dc9 'covenant HOWTO' (what to do about the Sun covenant if you modify the code)
Submitted by: Bodo Moeller
2002-10-29 10:58:07 +00:00
Bodo Möller
19b8d06a79 clean up new code for NIST primes
create new lock CRYPTO_LOCK_BN to avoid race condition
2002-10-28 14:02:19 +00:00
Bodo Möller
5c6bf03117 fast reduction for NIST curves
Submitted by: Nils Larsch
2002-10-28 13:23:24 +00:00
Richard Levitte
e15ea3d9e1 When BN_add_word() reaches top, it shouldn't try to add the the corresponding
word, since that word may not be zero.
2002-10-14 11:33:32 +00:00
Richard Levitte
001ab3abad Use double dashes so makedepend doesn't misunderstand the flags we
give it.
For 0.9.7 and up, that means util/domd needs to remove those double
dashes from the argument list when gcc is used to find the
dependencies.
2002-10-09 13:25:12 +00:00
Bodo Möller
c237de058f don't write beyond buffer
Submitted by: Nils Larsch
2002-08-27 13:32:35 +00:00
Richard Levitte
f13ddd5d0a Do not use the word 'modulus', which is a class template name in VC++ 6.0/SP5.
PR: 216, point 3
2002-08-12 21:20:25 +00:00
Bodo Möller
7a8645d171 avoid SIGSEGV
Submitted by: Nils Larsch, Douglas Stebila
2002-08-07 07:53:47 +00:00
Bodo Möller
d28735a05b oops, undo previous change (was just for testing) 2002-08-03 18:28:34 +00:00
Bodo Möller
183847747a fix bn_expand2 2002-08-03 18:27:47 +00:00
Bodo Möller
bac6012308 use bn_wexpand instead of bn_expand2 (the latter is not needed here,
and it does not yet work correctly)

Submitted by: Douglas Stebila
2002-08-03 17:51:29 +00:00
Bodo Möller
909abce800 disable Sun divison algorithm by default 2002-08-02 18:26:02 +00:00
Bodo Möller
33d4e690cc fix bn_expand2 2002-08-02 18:23:55 +00:00
Bodo Möller
d3bcbba45c remove obsolete part of comment 2002-08-02 15:13:10 +00:00
Bodo Möller
0903e56196 remove obsoleted disabled code 2002-08-02 15:07:08 +00:00
Bodo Möller
95ecacf8a2 Let BN_rand_range() abort with an error after 100 iterations
without success.
2002-08-02 15:02:03 +00:00
Bodo Möller
6fb60a84dd Change BN_mod_sqrt() so that it verifies that the input value is
really the square of the return value.
2002-08-02 14:57:53 +00:00
Bodo Möller
5af7d1a3b8 move GF2m tests to the end 2002-08-02 14:49:59 +00:00
Bodo Möller
35b73a1f20 Rename implementations of method functions so that they match
the new method names where _GF... suffixes have been removed.

Revert changes to ..._{get/set}_Jprojective_coordinates_...:
The current implementation for ECC over binary fields does not use
projective coordinates, and if it did, it would not use Jacobian
projective coordinates; so it's OK to use the ..._GFp prefix for all
this.

Add author attributions to some files so that it doesn't look
as if Sun wrote all of this :-)
2002-08-02 14:28:37 +00:00
Bodo Möller
1dc920c8de Binary field arithmetic contributed by Sun Microsystems.
The 'OPENSSL_NO_SUN_DIV' default is still subject to change,
so I didn't bother to finish the CHANGES entry yet.

Submitted by: Douglas Stebila <douglas.stebila@sun.com>, Sheueling Chang <sheueling.chang@sun.com>
(CHANGES entry by Bodo Moeller)
2002-08-02 13:03:55 +00:00
Bodo Möller
12593e6f45 Move zeroing from bn_expand_internal() to bn_expand2() so that it
happens reliably, even if the BIGNUM is already sufficiently large.

[Note that the bn_expand()/bn_wexpand() macros call bn_expand2() only
if the BIGNUM actually has to grow, so this change does not add any
new overhead as currently bn_expand2() is never called directly.]
2002-07-25 12:12:39 +00:00
Bodo Möller
5c9396e37c remove obsolete comment 2002-07-10 08:39:05 +00:00
Richard Levitte
17085b022c Pass CFLAG to dependency makers, so non-standard system include paths are
handled properly.
Part of PR 75
2002-06-27 16:39:25 +00:00
Richard Levitte
451dc18f10 Add support for DJGPP.
PR: 75
2002-06-13 20:42:35 +00:00
Richard Levitte
9cdf87f194 Check the return values where memory allocation failures may happen.
PR: 49
2002-05-30 16:47:45 +00:00
Dr. Stephen Henson
dc014d43af Fallback to normal multiply if n2 == 8 and dna or dnb is not zero
in bn_mul_recursive.

This is (hopefully) what was triggering bignum errors on 64 bit
platforms and causing the BN_mod_mul test to fail.
2002-05-10 22:18:13 +00:00
Dr. Stephen Henson
2f9cf160e4 Avoid gcc warning: BN_DEC_CONV when SIXTY_FOUR_BIT is defined is unsigned. 2002-05-10 22:07:37 +00:00
Bodo Möller
d5c21afd4b add missing declaration
Submitted by: Nils Larsch
2002-03-25 23:15:21 +00:00
Bodo Möller
4d7072f4b5 remove redundant ERR_load_... declarations 2001-12-17 19:22:23 +00:00
Bodo Möller
66df02fd98 fix BN_rand_range 2001-12-14 10:09:29 +00:00
Richard Levitte
b476df64a1 make update
perl util/mkerr.pl -recurse -write -rebuild
2001-11-15 12:25:14 +00:00
Bodo Möller
c5d4ab7e35 adjust to OpenSSL_0_9_6-stable version 2001-11-09 13:09:11 +00:00
Ulf Möller
5dd955dcd2 openbsd-x86 macros
Submitted by: Toomas Kiisk <vix@cyber.ee>
2001-10-14 00:57:30 +00:00
Richard Levitte
f8000b9345 'make update' 2001-10-04 07:49:09 +00:00
Geoff Thorpe
534aaf3731 "make update". 2001-09-25 20:39:59 +00:00
Ulf Möller
d98a4b7366 bug fix: bn_sqr_recursive output is twice its input size. 2001-09-05 04:43:43 +00:00
Bodo Möller
435037d4e4 OpenSSL copyright notices ... 2001-09-04 11:02:23 +00:00
Geoff Thorpe
91b3f0e691 Correct a typo. 2001-09-03 17:24:27 +00:00
Bodo Möller
983495c4b2 Use uniformly chosen witnesses for Miller-Rabin test
(by using new BN_pseudo_rand_range function)
2001-09-03 12:58:16 +00:00
Richard Levitte
710e5d5639 make update 2001-07-31 17:07:24 +00:00
Ben Laurie
dbad169019 Really add the EVP and all of the DES changes. 2001-07-30 23:57:25 +00:00
Andy Polyakov
6d03b73e35 Enhanced support for IA-64 Linux and HP-UX (as well as better support for
HP-UX in common in ./config). Note that for the moment of this writing
none of 64-bit platforms pass bntest. I'm committing this anyway as it's
too frustrating to patch snapshots over and over while 0.9.6 is known to
work.
2001-07-30 16:42:15 +00:00
Andy Polyakov
622d3d3592 Support for Intel and HP-UXi assemblers. 2001-07-30 15:54:13 +00:00
Andy Polyakov
19a6e8b32c This fixes "Spurious test failures on IRIX?" reported in April. Apparently
I was wrong in conclusions about when addition starts overflowing in combaX
routines.
2001-06-22 19:17:42 +00:00
Andy Polyakov
52c0d30078 Get rid of "possible WAW dependency" warnings.
Submitted by:
Reviewed by:
PR:
2001-06-11 12:47:52 +00:00
Andy Polyakov
a95541d61e Get rid of RAW dependency warnings.
Submitted by:
Reviewed by:
PR:
2001-05-30 22:01:33 +00:00
Andy Polyakov
4cb73bf8e4 Assembler support for IA-64. See the source code commentary for further
details (performance numbers and accompanying discussions:-). Note that
the code is not engaged in ./Configure yet. I'll add it later this week
along with updates for .spec file.

Submitted by:
Reviewed by:
PR:
2001-05-28 20:02:51 +00:00
Richard Levitte
81b5eeed6a branch on equal is beql, not beq... 2001-05-14 22:10:09 +00:00
Bodo Möller
1f224bf029 Adjust BN_mod_inverse algorithm selection according to experiments on
Ultra-Sparcs (both 32-bit and 64-bit compilations)
2001-04-09 09:28:24 +00:00
Bodo Möller
ac0f1d0b14 comment 2001-04-08 18:47:23 +00:00
Bodo Möller
124d8cf701 code documentation 2001-04-08 18:41:35 +00:00
Bodo Möller
7d0d0996aa binary algorithm for modular inversion 2001-04-08 18:23:44 +00:00
Andy Polyakov
500230ee94 The IRIX fix. Asm recap and corresponding declation.
Submitted by:
Reviewed by:
PR:
2001-03-27 22:30:46 +00:00
Bodo Möller
4f69172d25 Completely remove mont2 stuff.
It does not appear to be faster than the current Montgomery code
except for very small moduli (somewhere between 192 and 224 bits
in a 64-bit Sun environment, and even less than 192 bits
on 32 bit systems).
2001-03-15 18:17:40 +00:00
Bodo Möller
5b054c6955 EC_METHOD based on bn_mont2 (not used in the library) 2001-03-11 17:43:07 +00:00
Bodo Möller
48fe4d6233 More EC stuff, including EC_POINTs_mul() for simultaneous scalar
multiplication of an arbitrary number of points.
2001-03-10 23:18:35 +00:00
Bodo Möller
4e20b1a656 Instead of telling both 'make' and the user that ranlib
errors can be tolerated, hide the error from 'make'.
This gives shorter output both if ranlib fails and if
it works.
2001-03-09 14:01:42 +00:00
Richard Levitte
754d494bef Bug fixes. 2001-03-09 01:13:23 +00:00
Bodo Möller
156e85578d Implement EC_GFp_mont_method. 2001-03-08 20:55:16 +00:00
Bodo Möller
ff612904d2 Comment 2001-03-08 16:53:30 +00:00
Bodo Möller
c62b26fdc6 Hide BN_CTX structure details.
Incease the number of BIGNUMs in a BN_CTX.
2001-03-08 15:56:15 +00:00
Bodo Möller
98499135d7 Constify BN_value_one. 2001-03-08 13:58:09 +00:00
Bodo Möller
226cc7ded4 More method functions for EC_GFp_simple_method. 2001-03-08 01:23:28 +00:00
Richard Levitte
70d70a3c81 Code for better build under Darwin (MacOS X).
Submitted by Brad Dominy <jdominy@darwinuser.org>
2001-03-07 10:04:00 +00:00
Dr. Stephen Henson
3d2e469cfa Fix a bug which caused BN_div to produce the
wrong result if rm==num and num < 0.
2001-02-28 00:51:48 +00:00
Richard Levitte
41d2a336ee e_os.h does not belong with the exported headers. Do not put it there
and make all files the depend on it include it without prefixing it
with openssl/.

This means that all Makefiles will have $(TOP) as one of the include
directories.
2001-02-22 14:45:02 +00:00
Richard Levitte
a5bc1e8568 Use e_os2.h rather than opensslconf.h, since some needed macros are
defined there.
2001-02-22 14:37:50 +00:00
Richard Levitte
bc36ee6227 Use new-style system-id macros everywhere possible. I hope I haven't
missed any.

This compiles and runs on Linux, and external applications have no
problems with it.  The definite test will be to build this on VMS.
2001-02-20 08:13:47 +00:00
Bodo Möller
f2bc668429 Fix BN_[pseudo_]rand: 'mask' must be used even if top=-1.
Mention BN_[pseudo_]rand with top=-1 in CHANGES.
2001-02-20 08:10:38 +00:00
Richard Levitte
8120813066 Use new-style system-id macros. 2001-02-20 07:43:22 +00:00
Ulf Möller
335c4f0966 BN_rand_range() needs a BN_rand() variant that doesn't set the MSB. 2001-02-20 00:23:07 +00:00
Richard Levitte
cf1b7d9664 Make all configuration macros available for application by making
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.

I've checked fairly well that nothing breaks with this (apart from
external software that will adapt if they have used something like
NO_KRB5), but I can't guarantee it completely, so a review of this
change would be a good thing.
2001-02-19 16:06:34 +00:00
Bodo Möller
e306892994 Simplify BN_rand_range 2001-02-10 00:34:02 +00:00
Bodo Möller
792e2ce7f4 Another comment change. (Previous comment does not apply
for range = 11000000... or range = 100000...)
2001-02-08 12:34:08 +00:00
Bodo Möller
3952584571 Change comments. (The expected number of iterations in BN_rand_range
never exceeds 1.333...).
2001-02-08 12:27:22 +00:00
Bodo Möller
a5d2acfc79 oops -- remove observation code 2001-02-08 12:24:41 +00:00
Bodo Möller
35ed8cb8b6 Integrate my implementation of a countermeasure against
Bleichenbacher's DSA attack.  With this implementation, the expected
number of iterations never exceeds 2.

New semantics for BN_rand_range():
BN_rand_range(r, min, range) now generates r such that
     min <= r < min+range.
(Previously, BN_rand_range(r, min, max) generated r such that
     min <= r < max.
It is more convenient to have the range; also the previous
prototype was misleading because max was larger than
the actual maximum.)
2001-02-08 12:14:51 +00:00
Ulf Möller
57e7d3ce15 Bleichenbacher's DSA attack 2001-02-07 22:24:35 +00:00
Ulf Möller
75802000c8 There is no C version of bn_div_3_words 2001-01-23 16:26:15 +00:00
Bodo Möller
137e601277 The C version of bn_sub_part_words is needed not only
in NO_ASM configurations
2000-12-15 10:54:03 +00:00
Bodo Möller
09f4bd2a39 Very few in the "README" is up-to-date 2000-12-15 10:42:11 +00:00
Bodo Möller
3b28dbce7e The BN_mul bug test apparently is no longer needed 2000-12-14 17:46:36 +00:00
Richard Levitte
53b407da84 Problem: bn_mul_normal() misbehaves if the size of b is 0.
Solution: multiply a with 0, putting the result in r, and return.
2000-12-13 15:29:29 +00:00
Richard Levitte
765e531159 In bn_mul_recursive(), make sure the comba routines are only called
when both a and b are of the exact right size.  This may change to
something better later.
2000-12-13 14:47:06 +00:00
Dr. Stephen Henson
2aff7727f7 Rewrite the extension code to use an ASN1_ITEM structure
for its ASN1 operations as well as the old style function
pointers (i2d, d2i, new, free). Change standard extensions
to support this.

Fix a warning in BN_mul(), bn_mul.c about uninitialised 'j'.
2000-12-13 13:47:33 +00:00
Ulf Möller
15156cce0e bn_part_sub_word prototype. 2000-12-08 19:10:33 +00:00
Bodo Möller
8dea52fa42 Fix some things that look like bugs.
One problem that looked like a problem in bn_recp.c at first turned
out to be a BN_mul bug.  An example is given in bn_recp.c; finding
the bug responsible for this is left as an exercise.
2000-12-07 22:06:09 +00:00
Bodo Möller
f7356b677b TEST_MUL and TEST_SQR added. 2000-12-07 11:11:10 +00:00
Bodo Möller
80d89e6a6a Sign-related fixes (and tests).
BN_mod_exp_mont does not work properly yet if modulus m
is negative (we want computations to be carried out
modulo |m|).
2000-12-07 08:48:58 +00:00
Bodo Möller
bc5f2740d2 Move 'q->neg = 0' to those places where it is needed
(just in cases someone uses a negative modulus)
2000-12-07 07:55:26 +00:00
Bodo Möller
aa66eba7c8 BN_mod_sqrt documentation/comment 2000-12-06 21:33:58 +00:00
Ulf Möller
3bb4736289 remove a comment that shouldn't have been there any more 2000-12-06 16:30:23 +00:00
Bodo Möller
bac685417a Faster BN_mod_sqrt algorithm for p == 5 (8). 2000-12-06 12:25:33 +00:00
Bodo Möller
0a52d38b31 Use bc's "print" feature whenever it is available,
not just on certain platforms.
2000-12-06 10:32:55 +00:00
Ulf Möller
a6576c56dd remove useless instruction 2000-12-06 04:48:50 +00:00
Ulf Möller
240f516939 Intel assembler version for bn_sub_part_words(). I haven't got
reliable timings yet, please try it out!
2000-12-06 04:16:38 +00:00
Ulf Möller
aecb0b018f test_mod_mul is useful, let's run it more often. 2000-12-06 04:14:30 +00:00
Ulf Möller
90e7ce363a Use assert as in the rest of the BN library. 2000-12-05 02:00:40 +00:00
Richard Levitte
6a2347ee45 Remove the last bn_wexpand()s that made us break constness. Of
course, that means we need to handle the cases where the two arrays to
bn_mul_recursive() and bn_mul_part_recursive() differ in size.

I haven't yet changed the comments that describe bn_mul_recursive()
and bn_mul_part_recursive().  I want this to be tested by more people
before I consider this change final.  Please test away!
2000-12-04 17:11:59 +00:00
Bodo Möller
e5164b7041 Change error message to "bignum too long" 2000-12-04 09:24:54 +00:00
Bodo Möller
addb309ad6 include <limits.h> 2000-12-03 09:55:08 +00:00
Bodo Möller
152a689cf9 Don't allow BIGNUMs to become so large that computations with dmax
might overflow.
2000-12-03 09:39:04 +00:00
Richard Levitte
c21c35e6a4 Add a comment to explain the purpose of bn_cmp_part_words(). 2000-12-02 21:16:13 +00:00
Ulf Möller
b26f84cbbd last commit was wrong. Now it works. :) 2000-12-02 20:51:47 +00:00
Ulf Möller
0dba0613ea argl 2000-12-02 19:34:42 +00:00
Ulf Möller
ea1b7fe6d4 forgot to remove the loop variable 2000-12-02 16:20:04 +00:00
Ulf Möller
db88223baa Loops like this one:
if (bp == NULL)
                        for (j=0; j<10000; j++)
                                BN_add(&c,&a,&b);

seem to be pretty useless, and bp never is NULL anyway.
2000-12-02 16:13:27 +00:00
Ulf Möller
111482cf2e New function BN_bntest_rand() to detect more BN library bugs.
The bn_cmp_part_words bug was only caught in the BN_mod_mul() test,
not in the BN_mul() test, so apparently the choice of parameters in
some cases is bad.
2000-12-02 07:32:57 +00:00
Ulf Möller
52a1bab2d9 Fix bn_cmp_part_words() and move it to bn_lib.c. 2000-12-02 07:28:43 +00:00
Bodo Möller
5a12df5c40 functionality for BN_mod_sqrt timings 2000-12-01 09:41:21 +00:00
Bodo Möller
b5a25a430a "make depend" 2000-12-01 08:48:42 +00:00
Bodo Möller
12cfcc128c Fix the recently introduced test that checks if the result is 0 2000-11-30 22:58:27 +00:00
Bodo Möller
fc2e05c2d5 Fix BN_rshift, which caused lots of trouble. 2000-11-30 22:34:57 +00:00
Bodo Möller
b2993bdea1 Remove randomness from the test. These constants give me a segment
violation in test_kron on a 32 bit system.
2000-11-30 21:03:13 +00:00
Bodo Möller
470fa98f8a BN_mod_exp(r,a,p,m,ctx) should not be called with r == p.
But even if this is avoided, there are still segmentation violations
(during one of the BN_free()s at the end of test_kron
in some cases, in other cases during BN_kronecker, or
later in BN_sqrt; choosing a different exponentiation
algorithm in bntest.c appears to influence when the SIGSEGV
takes place).
2000-11-30 20:03:24 +00:00
Bodo Möller
de6e207db6 It's "#elif", not "#elsif". 2000-11-30 19:35:51 +00:00
Bodo Möller
db5bda670f Changes to Lenka's Montgomery implementation.
Submitted by: Lenka Fibikova
2000-11-30 17:35:17 +00:00
Bodo Möller
19cda70045 Corrections to the comments in BN_mod_inverse. 2000-11-30 12:53:53 +00:00
Bodo Möller
04ca16890b BN_mod_exp problems ... 2000-11-30 11:47:04 +00:00
Bodo Möller
25439b76ad Move reduction step from BN_mod_exp to BN_mod_exp_mont_word.
Fix BN_mod_exp_simple for a==0 (mod m).
Skip useless round in BN_mod_sqrt (1 is always a square, no need
to test BN_kronecker for it).
2000-11-30 09:45:26 +00:00
Bodo Möller
ac445acf69 bn_modfs.c is no longer needed, a BN_sqrt implementation
exists in bn_sqrt.c now
2000-11-30 00:43:41 +00:00
Bodo Möller
77ac92d00a Fix bntest.c problem -- one of the primes got lost 2000-11-30 00:37:49 +00:00
Bodo Möller
73c2522c7c Handle special cases correctly in exponentation functions.
test_bn still fails in the BN_sqrt test because
small primes appear to turn into zero for no
obvious reason, leading to "div by zero" errors.
2000-11-30 00:33:18 +00:00
Bodo Möller
cd2eebfd64 BN_sqrt 2000-11-30 00:18:19 +00:00
Bodo Möller
01e62900c7 BN_legendre is no longer needed now that OpenSSL has BN_kronecker. 2000-11-29 19:59:59 +00:00
Bodo Möller
eb1f1b0a34 Fix BN_kronecker so that it works correctly if 'a' is negative
(we need the two's complement of BN_lsw then).
2000-11-29 19:26:33 +00:00
Bodo Möller
14697d9d6d BN_to_montgomery expects its inputs to be in the interval 0 .. modulus-1,
so we have to reduce the random numbers used in test_mont.

Before this change, test_mont failed in [debug-]solaris-sparcv9-gcc
configurations ("Montgomery multiplication test failed!" because
the multiplication result obtained with Montgomery multiplication
differed from the result obtained by BN_mod_mul).
Substituing the old version of bn_gcd.c (BN_mod_inverse) did not avoid
the problem.

The strange thing is that it I did not observe any problems
when using debug-solaris-sparcv8-gcc and solaris-sparcv9-cc,
as well as when compiling OpenSSL 0.9.6 in the solaric-sparcv9-gcc
configuration on the same system.
2000-11-29 18:08:24 +00:00
Bodo Möller
429b8162c6 add missing braces 2000-11-29 16:43:03 +00:00
Bodo Möller
03a0848922 Fix warnings in expspeed.c (but the segmentation fault remains)
Improve readability of bn_shift.c.

Add comment in bn_lib.c (why zero data between top and max?)

Change bntest.c output for BN_kronecker test
2000-11-29 13:40:08 +00:00
Bodo Möller
9161672950 BN_bin2bn did *not* contain an off-by-one error;
I'm still investigating what caused the segementation fault
(maybe "make clean; make" will cure it ...).
But BN_bin2bn should always reset ret->neg.
2000-11-29 12:53:41 +00:00
Bodo Möller
a08bcccc67 Expand expspeed.c to make BN_kronecker timings.
This caused a segmentation fault in calls to malloc, so I cleaned up
bn_lib.c a little so that it is easier to see what is going on.
The bug turned out to be an off-by-one error in BN_bin2bn.
2000-11-29 12:32:10 +00:00
Bodo Möller
bdec3c5323 Implement BN_kronecker test.
Modify "CHANGES" entry for BN_mod_inverse (it's not just avoiding BN_div
that increases performance, avoiding BN_mul also helps)
2000-11-29 11:06:50 +00:00
Bodo Möller
b6cafbd7d8 Make BN_mod_inverse a little faster 2000-11-29 09:57:13 +00:00
Bodo Möller
499e167fda Improve BN_mod_inverse performance.
Get the BN_mod_exp_mont bugfix (for handling negative inputs) correct
this time.
2000-11-29 09:41:19 +00:00
Richard Levitte
0135e33511 Copy and paste error... bn_add_part_words() should of course call
bn_add_words(), not bn_sub_words()...
2000-11-29 09:36:48 +00:00
Bodo Möller
adcc64cd9e Use BN_pseudo_rand instead of BN_rand 2000-11-28 11:49:12 +00:00
Bodo Möller
c94b6de017 Timings. 2000-11-28 11:47:51 +00:00
Bodo Möller
d79cab27a5 Correct a bug in BN_kronecker.
Sketch the test for BN_kronecker.
2000-11-28 07:53:35 +00:00
Bodo Möller
c782089611 Add test_kron function, which will contain a test for BN_kronecker. 2000-11-28 06:41:05 +00:00
Bodo Möller
265592b99a Add bn_kron.c (BN_kronecker), which I forgot in the previous commit.
Also add the next file in advance so that I can't forget this one :-)
2000-11-28 06:37:43 +00:00
Bodo Möller
077ff61eef Undo previous commit, which was an accident. 2000-11-27 21:22:45 +00:00
Bodo Möller
dcbd0d74d5 Fix BN_is_... macros.
Fix BN_gcd.
Analyze BN_mod_inverse.
Add BN_kronecker.
"make update".
2000-11-27 21:17:20 +00:00
Bodo Möller
1ec0a3862e Change submitted files so that they compile (in particular,
use BN_CTX_start/get/end instead of accessing ctx->tos).

Change indentation to "EAY" style.
2000-11-26 19:20:56 +00:00
Bodo Möller
946cd9a540 Change submitted files so that they compile (in particular,
use BN_CTX_start/get/end instead of accessing ctx->tos).

Change indentation to "EAY" style.
2000-11-26 19:13:52 +00:00
Bodo Möller
5acaa49504 More BN_mod_... functions. 2000-11-26 18:31:32 +00:00
Bodo Möller
535b9b5724 Add bn_mod.c (should have happend in the previous commit ...).
BN_swap manual page.
2000-11-26 16:46:57 +00:00
Bodo Möller
78a0c1f18d modular arithmetics
"make update"
2000-11-26 16:42:38 +00:00
Bodo Möller
6cc5e19d47 Remove CR at line ends. 2000-11-26 12:55:19 +00:00
Bodo Möller
7e0c5264e7 Elliptic curves over GF(p), new BIGNUM functions, Montgomery re-implementation.
These new files will not be included literally in OpenSSL, but I intend
to integrate most of their contents.  Most file names will change,
and when the integration is done, the superfluous files will be deleted.

Submitted by: Lenka Fibikova <fibikova@exp-math.uni-essen.de>
2000-11-26 12:12:35 +00:00
Richard Levitte
73343ac38a Correct a number of syntax errors. 2000-11-22 18:20:31 +00:00
Richard Levitte
c4f3542abf Reimplement bn_div_words, bn_add_words and bn_sub_words for VAX.
I'm a little bit nervous about bn_div_words, as I don't know what it's
supposed to return on overflow.  For now, I trust the rest of the
system to give it numbers that will not cause any overflow...
2000-11-21 23:32:38 +00:00
Richard Levitte
c799770060 Avoid getting warnings about unary - being used on unsigned integer. 2000-11-21 23:29:55 +00:00
Richard Levitte
baa257f1ed Remove two bn_wexpand() from BN_mul(), which is a step toward getting
BN_mul() correctly constified, avoids two realloc()'s that aren't
really necessary and saves memory to boot.  This required a small
change in bn_mul_part_recursive() and the addition of variants of
bn_cmp_words(), bn_add_words() and bn_sub_words() that can take arrays
with differing sizes.

The test results show a performance that very closely matches the
original code from before my constification.  This may seem like a
very small win from a performance point of view, but if one remembers
that the variants of bn_cmp_words(), bn_add_words() and bn_sub_words()
are not at all optimized for the moment (and there's no corresponding
assembler code), and that their use may be just as non-optimal, I'm
pretty confident there are possibilities...

This code needs reviewing!
2000-11-18 22:58:26 +00:00
Richard Levitte
e06cc57118 Remove a declaration for a function that does not exist. 2000-11-18 20:52:14 +00:00
Richard Levitte
0450d28759 Make the definition of bn_add_words() match the definition. 2000-11-18 20:49:02 +00:00
Richard Levitte
227385b719 Make sure BN_DIV2W is not defining when defining it, and remove the
declarations of bn_add_part_words() and bn_sub_part_words() since they
do not exist.
2000-11-17 12:01:55 +00:00
Bodo Möller
28fd5c60de Constify bn_dump1 implementation so that it matches the prototype
in bn.h
2000-11-17 08:36:10 +00:00
Richard Levitte
cbd48ba626 More constification of the BN library. 2000-11-16 22:43:32 +00:00
Richard Levitte
67d93e6f49 Make sure to print the BN counting (BN_COUNT) to stderr instead of
stdout.  bc gets so confused by bean counts.
2000-11-16 22:42:39 +00:00
Richard Levitte
afb83c45e6 Oops, when I clean, I should do it thoroughly. 2000-11-16 22:41:26 +00:00
Richard Levitte
43fcc1b096 I've checked again and again. There really is no need to expand a to
4 times it's size when bn_sqr_recursive() won't look farther than the
original length.  Thereby, constification is no longer a problem.
2000-11-16 21:35:41 +00:00
Ben Laurie
757e392d4e Make Rijndael work! Those long flights have some good points. 2000-11-12 02:13:38 +00:00
Bodo Möller
e1a8ac495b tmp2 is not used in BN_mod_mul_montgomery. 2000-11-09 16:39:01 +00:00
Bodo Möller
7f7b8d6871 BN_CTX-related fixes. 2000-11-08 10:05:34 +00:00
Bodo Möller
e0bf5c11ea Handle BN_copy failure after successful BN_new. 2000-11-07 09:39:51 +00:00
Bodo Möller
58f0f52e67 handle the case when BN_new returns NULL 2000-11-07 09:35:19 +00:00
Richard Levitte
020fc820dc Constify the BIGNUM routines a bit more. The only trouble were the
two functions that did expansion on in parameters (BN_mul() and
BN_sqr()).  The problem was solved by making bn_dup_expand() which is
a mix of bn_expand2() and BN_dup().
2000-11-06 21:15:54 +00:00
Richard Levitte
5270e7025e Merge the engine branch into the main trunk. All conflicts resolved.
At the same time, add VMS support for Rijndael.
2000-10-26 21:07:28 +00:00
Richard Levitte
6df3553255 A compiler warning removed. Thanks to the folks at HP! 2000-09-27 13:54:28 +00:00
Richard Levitte
4e20a4e688 'ranlib' doesn't always run on some systems. That's actually
acceptable, since all that happens if it fails is a library with
an index, which makes linking slower, but still working correctly.
2000-09-25 08:53:15 +00:00
Bodo Möller
fe03519704 Totally remove the supposedly 'faster' variant in
BN_mod_mul_montgomery, which calls bn_sqr_recursive
without much preparation.

bn_sqr_recursive requires the length of its argument to be
a power of 2, which is not always the case here.
There's no reason for not using BN_sqr -- if a simpler
approach to squaring made sense, then why not change
BN_sqr?  (Using BN_sqr should also speed up DH where g is chosen
such that it becomes small [e.g., 2] when converted
to Montgomery representation.)

Case closed :-)
2000-09-19 23:25:00 +00:00
Bodo Möller
a45bd29535 Document BN_mod_mul_montgomery bug;
make disabled code slightly more correct (this does not solve
the problem though).
2000-09-19 18:02:15 +00:00
Bodo Möller
f4364e0730 Disable buggy code variant in BN_mod_mul_montgomery that was enabled
in 0.9.6-beta1 and 0.9.6-beta2 and caused the BN_mont_exp_mont_word()
failure (bug report "openssh 2.2.0p1 fails with openssl 0.9.6-beta1").
2000-09-19 17:21:52 +00:00
Richard Levitte
d0c2ebf414 A patch from HP for better performance.
Submitted by Kevin Steves <ks@hp.se> 3 months ago...
2000-09-17 20:04:42 +00:00
Ulf Möller
1d84fd64fc Bug fix: Montgomery multiplication could produce results with the wrong
sign.
2000-09-14 18:37:53 +00:00
Richard Levitte
62ab514e98 'make update' 2000-09-07 08:46:51 +00:00
Bodo Möller
bbb8de0966 Avoid abort() throughout the library, except when preprocessor
symbols for debugging are defined.
2000-09-04 15:34:43 +00:00
Bodo Möller
5e38616380 Fix for BN_mul_word(a, 0). 2000-09-04 15:30:14 +00:00
Ben Laurie
c9b51693dc max -> dmax in bn_check_top. 2000-08-22 21:23:09 +00:00
Dr. Stephen Henson
2d978cbd30 Changes needed for Tandem NSK, supplied by Scott Uroff (scott@xypro.com).
Fix warnings with BIO_dump_indent().
2000-08-04 00:01:39 +00:00
Richard Levitte
8083e1bd9e There's a slight possibility that a is 0 in BN_sub_word(), and might
therefore have unallocated parts.  Therefore, a check for the 0 case
is needed, resulting with the same thing as when a is negative.
2000-07-27 21:32:23 +00:00
Richard Levitte
8b4e27e26e In the case where a < 0 and |a| < w, the result (assigned to a) from
BN_add_word becomes wrongly negative...
This was discovered by Darrel Hankerson <dhankers@cacr.math.uwaterloo.ca>
2000-07-27 21:17:14 +00:00
Richard Levitte
47ff5de8c2 Darrel Hankerson <dhankers@cacr.math.uwaterloo.ca> correctly discovered
that of the result pointer to bn_mul was the same as one of the two arguments,
That argument might have it's sign destroyed.  He provided this fix.
2000-07-26 01:14:16 +00:00
Bodo Möller
904cb691f3 Return bignum '0' when BN_rand is asked for a 0 bit random number. 2000-07-02 19:42:19 +00:00
Ben Laurie
69b5d3c51f Don't let top go below zero! 2000-07-01 16:30:27 +00:00
Bodo Möller
fc57ebc057 Actually comment out the parts of BN_MOD_MUL_WORD that I inteded to
comment out in the previous commit
2000-06-23 08:10:28 +00:00
Bodo Möller
e958c5afe7 In BN_mod_exp_mont_word, avoid one application of BN_MOD_MUL_WORD,
and for small 'a' also a couple of calls to
BN_mod_mul_montgomery(r, r, r, ...).
2000-06-23 05:51:37 +00:00
Ulf Möller
8415060e1e use faster version 2000-06-21 21:20:46 +00:00
Bodo Möller
24bec03beb This probably fixes a BN_rshift bug. 2000-06-13 15:07:39 +00:00
Bodo Möller
c3b1424cc0 Use BN_CTX_end when exiting early from BN_mod_exp_mont_word because
BN_mod_exp_atalla could be used.
2000-06-13 13:50:42 +00:00
Geoff Thorpe
8ba6d1b0cc The atalla functionality doesn't work with the "word" version of
BN_mod_exp. Call the regular atalla mod_exp operation instead.
2000-06-13 13:18:51 +00:00
Geoff Thorpe
1c4f90a05d Enable DSO support on alpha (OSF1), cc and gcc.
Also, "make update" has added some missing functions to libeay.num,
updated the TABLE for the alpha changes, and updated thousands of
dependancies that have changed from recent commits.
2000-06-13 12:59:38 +00:00
Bodo Möller
814ed26cfa Comment for increased code clarity. 2000-06-09 09:11:30 +00:00
Bodo Möller
dc434bbcb0 Slightly faster DSA verification (BN_mod_exp2_mont),
marginally faster BN_mod_exp for 1024 bit exponents.
2000-06-08 20:26:03 +00:00
Bodo Möller
f8989a2155 Use the equivalent of a sliding window (without precomputation
because we're only handling words anyway) in BN_mod_exp_mont_word
making it a little faster for very small exponents,
and adjust the performance gain estimate in CHANGES according
to slightly more thorough measurements.
(15% faster than BN_mod_exp_mont for "large" base,
20% faster than BN_mod_exp_mont for small base.)
2000-06-08 09:39:28 +00:00
Bodo Möller
6dad7bd69c Speed up DH with small generator. 2000-06-07 21:29:25 +00:00
Richard Levitte
26a3a48d65 There have been a number of complaints from a number of sources that names
like Malloc, Realloc and especially Free conflict with already existing names
on some operating systems or other packages.  That is reason enough to change
the names of the OpenSSL memory allocation macros to something that has a
better chance of being unique, like prepending them with OPENSSL_.

This change includes all the name changes needed throughout all C files.
2000-06-01 22:19:21 +00:00
Ulf Möller
de42b6a7a8 Use NO_FP_API. 2000-06-01 20:25:44 +00:00
Ulf Möller
623bb80b77 In some of the Makefiles CPP was not defined. 2000-03-20 18:16:52 +00:00
Bodo Möller
88f17a5e98 Remove Win32 assembler files. They are always rebuilt (with some
choice of parameters) when they are needed.
2000-03-13 08:04:20 +00:00
Ulf Möller
3a6a39c373 asm workaround for SuSE Linux
proposed by Holger Reif
2000-03-12 12:52:36 +00:00
Bodo Möller
59fc2b0fc2 Preserve reason strings in automatically build tables. 2000-03-05 00:19:36 +00:00
Bodo Möller
df83eeb710 Update comment. 2000-03-02 22:08:30 +00:00
Bodo Möller
743e7be913 Add missing dependencies. 2000-03-02 19:30:41 +00:00
Bodo Möller
2d092edf5e Change comment. 2000-03-02 14:34:08 +00:00
Ulf Möller
8782a42627 add comment. 2000-03-01 19:08:47 +00:00
Ulf Möller
0b8fa44ef0 Bug fix. 2000-03-01 19:08:27 +00:00
Ulf Möller
f1a617edc9 check for WIN32 (needed by Mingw32) 2000-03-01 01:46:34 +00:00
Richard Levitte
4ba48ec4d0 Include rand.h so RAND_pseudo_bytes may be declared.
Remove one ampersand so the compiler may complain less.
Make rand() static so it will not conflict with the C RTL.
Make bug() static too, for good measure.
2000-02-27 22:57:53 +00:00
Dr. Stephen Henson
587bb0e02e Don't call BN_rand with zero bits in bntest.c 2000-02-27 17:34:30 +00:00
Ben Laurie
707ef52e21 Typo. 2000-02-27 16:56:48 +00:00
Bodo Möller
981cdfab86 Add a comment. 2000-02-27 11:48:32 +00:00
Ulf Möller
688938fbb4 Bug fix! 2000-02-27 02:05:39 +00:00
Ulf Möller
1070e0e2ee *** empty log message *** 2000-02-27 00:00:56 +00:00
Ulf Möller
1b199605c4 workaround no longer needed 2000-02-26 22:37:43 +00:00
Ulf Möller
f27e41349f remove 2000-02-26 22:37:34 +00:00
Ulf Möller
775c63fc02 Reorganize bn_mul.c (no bugfix yet), remove obsolete files in BN library. 2000-02-26 22:16:47 +00:00
Andy Polyakov
63933136ab BN_div_recp fix. I've ran divtest for 10 mins and it didn't exhibit a
single fault:-) Needless to mention that bnbug.c posted couple of days
ago passes as well...
2000-02-26 16:20:05 +00:00
Ulf Möller
582afb4bd7 flush output.
Looks like it fails when b is a power of 2, but I never get incorrect
results.
2000-02-25 22:08:37 +00:00
Richard Levitte
f36e02b2ef Enhance consistency by using BIO_flush() instead of fflush(). 2000-02-25 20:40:12 +00:00
Ulf Möller
17dddc0596 Test the division functions.
Apparently BN_div_recp reports an error for small divisors
(1,2,4,8,40).

I haven't got mismatches so far. If you can, please run the test
program for a few days (nohup divtest >out& or something), and if it
reports a mismatch, post the output.
2000-02-25 20:28:54 +00:00
Ulf Möller
766d78c8f5 divide the correct number... 2000-02-25 00:14:50 +00:00
Ulf Möller
c04949e978 work around a bug in BN_div_recp or BN_reciprocal 2000-02-24 23:37:15 +00:00
Bodo Möller
0dd0cbf554 Do fflush(stdout) when there was an error. 2000-02-24 20:13:27 +00:00
Ulf Möller
4a26329b4c correct macro. 2000-02-23 22:11:07 +00:00
Ben Laurie
bd03b99b9b Add support for Compaq Atalla crypto accelerator. 2000-02-16 22:15:39 +00:00
Andy Polyakov
8691ff97a1 Move primes to read-only segment. 2000-02-16 13:24:06 +00:00
Andy Polyakov
89cee61b45 New NO_INLINE_ASM macro. Primary target for the moment is Solaris x86
which can't stand GNU C assembler templates.
2000-02-15 17:20:52 +00:00
Andy Polyakov
ea96c4bc7f test_mont was exercising 100-bit multiplication modulus X*I-bit, where
X is 5120 on 32-bit and 151552 on 64-bit architectures and I varies
from 0 to 4. As result the test was *unreasonably* slow and virtually
impossible to complete on 64-bit architectures (e.g. IRIX bc couldn't
even swallow such long lines).
2000-02-15 13:50:02 +00:00
Ralf S. Engelschall
667ac4ec6a Make gcc 2.95.2 happy again, even under ``-Wall -Wshadow -Wpointer-arith -Wcast-align
-Wmissing-prototypes -Wmissing-declarations -Wnested-externs -Winline''.
2000-02-11 09:47:18 +00:00
Dr. Stephen Henson
f07fb9b24b Add command line password options to the reamining utilities,
amend docs.
2000-02-08 01:34:59 +00:00
Ulf Möller
4e539aaa1e "print" is GNU bc specific. 2000-02-06 23:33:06 +00:00
Ulf Möller
fcb20be846 put missing line back in. 2000-02-06 16:35:28 +00:00
Ulf Möller
cae55bfc68 Improve bntest slightly, and fix another bug in the BN library. 2000-02-06 15:56:59 +00:00
Ulf Möller
4a6222d71b BN_div bugfix. The q-- loop should not be entered in the n0==d0 case. 2000-02-06 00:25:39 +00:00
Bodo Möller
29a28ee503 Cosmetic changes. 2000-02-05 21:28:09 +00:00
Bodo Möller
eb5a6a55c5 Commit patch to bn.h that CVS decided to throw away during 'cvs update',
and initialize too_many because memset(..., 0, ...) is not used here.
2000-02-05 20:39:26 +00:00
Bodo Möller
37e48b88ad Generate just one error code if iterated SSL_CTX_get() fails.
Avoid enabled 'assert()' in production library.
2000-02-05 19:29:00 +00:00
Ulf Möller
6535eb1728 Use MONT_WORD macro to control if the word-based or the bignum
algorithm is used.
2000-02-05 18:23:05 +00:00
Ulf Möller
9b141126d4 New functions BN_CTX_start(), BN_CTX_get(), BN_CTX_end() to access
temporary BIGNUMs. BN_CTX still uses a fixed number of BIGNUMs, but
the BN_CTX implementation could now easily be changed.
2000-02-05 14:17:32 +00:00
Ulf Möller
ce76ce43ae *** empty log message *** 2000-02-03 23:38:55 +00:00
Ulf Möller
657e60fa00 ispell (and minor modifications) 2000-02-03 23:23:24 +00:00
Bodo Möller
7999c65c9b Some 'const's for BNs. 2000-02-03 01:26:07 +00:00
Bodo Möller
bfe30e4d1b Include OpenSSL license. 2000-02-02 23:30:32 +00:00
Bodo Möller
aff0825c61 Tolerate negative numbers in BN_is_prime. 2000-02-02 22:18:01 +00:00
Bodo Möller
e74231ed9e rndsort{Miller, Rabin} primality test. 2000-02-02 21:20:44 +00:00
Andy Polyakov
fb81ac5e6b Support for "multiply high" instruction, see BN_UMULT_HIGH comment in
crypto/bn/bn_lcl.h for further details. It should be noted that for
the moment of this writing the code was tested only on Alpha. If
compiled with DEC C the C implementation exhibits 12% performance
improvement over the crypto/bn/asm/alpha.s (on EV56 box running
AlphaLinux). GNU C is (unfortunately) 8% behind the assembler
implementation. But it's OpenVMS Alpha users who *may* benefit most
as 'apps/openssl speed rsa' exhibits 6 (six) times performance
improvement over the original VMS bignum implementation. Where "*may*"
means "as soon as code is enabled though #define SIXTY_FOUR_BIT and
crypto/bn/asm/vms.mar is skipped."
2000-02-02 16:18:12 +00:00
Ulf Möller
1399f17a07 Bug fix: BN_is_prime() would fail with a high probability for small
primes (negligible for larger ones).
2000-02-01 23:48:55 +00:00
Ulf Möller
0bde1089f8 match the prototype 2000-02-01 23:47:24 +00:00
Bodo Möller
cb5b7850ac If n0 == d0, we must alway compute 'rem' "by hand" 2000-02-01 11:10:54 +00:00
Bodo Möller
fe7cd1647d Typo in preprocessor symbol. 2000-02-01 08:48:30 +00:00
Ulf Möller
f40c02d908 undo. I keep confusing my directories. :( 2000-02-01 02:24:10 +00:00
Ulf Möller
8efb60144d EBCDIC support.
Submitted by: Martin Kraemer <martin.kraemer@mch.sni.de>
2000-02-01 02:21:16 +00:00
Ulf Möller
51ca375e7e Seek out and destroy another evil cast. 2000-01-30 23:33:40 +00:00
Bodo Möller
1baa94907c Make output of "openssl dsaparam 1024" more interesting :-) 2000-01-30 03:32:28 +00:00
Bodo Möller
a87030a1ed Make DSA_generate_parameters, and fix a couple of bug
(including another problem in the s3_srvr.c state machine).
2000-01-30 02:23:03 +00:00
Richard Levitte
f95a9f678a Declare BN_pseudo_rand(). 2000-01-27 22:07:42 +00:00
Bodo Möller
953aa79040 A couple of things were reversed for BN_pseudo_rand ... 2000-01-27 21:09:25 +00:00
Ulf Möller
157be2b67d comment was wrong. 2000-01-27 19:52:58 +00:00
Ulf Möller
38e33cef15 Document DSA and SHA.
New function BN_pseudo_rand().
Use BN_prime_checks_size(BN_num_bits(w)) rounds of Miller-Rabin when
generating DSA primes (why not use BN_is_prime()?)
2000-01-27 19:31:26 +00:00
Bodo Möller
2233bed1cb typo in a comment 2000-01-27 14:31:31 +00:00
Bodo Möller
ec1258dd44 Update comments to provide a better approximation of reality. 2000-01-27 13:00:10 +00:00
Bodo Möller
b99b110766 Add a pointer to a paper (is the algorithm in section 4.2 the
word-based algorithm we are using?)
2000-01-27 12:52:41 +00:00
Bodo Möller
6e0cad8d34 enable Montgomery test 2000-01-27 11:26:28 +00:00
Bodo Möller
5f5e96d92b Update references. 2000-01-27 09:15:49 +00:00
Ulf Möller
e93f9a3284 Run ispell.
Clean up bn_mont.c.
2000-01-27 01:50:42 +00:00
Dr. Stephen Henson
dd9d233e2a Tidy up CRYPTO_EX_DATA structures. 2000-01-23 23:41:49 +00:00
Ulf Möller
dd8dec69b8 Document the BN library. 2000-01-23 22:06:24 +00:00
Ulf Möller
4486d0cd7a Document the DH library, and make some minor changes along the way. 2000-01-22 20:05:23 +00:00
Ulf Möller
b25c8db872 AFAICS lst1 stands for "lshift test" not "list". 2000-01-21 00:00:12 +00:00
Bodo Möller
4146aa6b42 Rename lst1 to list1 to avoid name conflict on some platforms. 2000-01-20 23:15:50 +00:00
Bodo Möller
0c50e02b30 - Pseudo-seed the PRNG in programs used for "make test"
because otherwise BN_rand will fail unless DEVRANDOM works,
  which causes the programs to dump core because they
  don't check the return value of BN_rand (and if they
  did, we still couldn't test anything).

- add comment to some files that appear not to be used at all.
2000-01-14 17:55:37 +00:00
Ulf Möller
eb952088f0 Precautions against using the PRNG uninitialized: RAND_bytes() now
returns int (1 = ok, 0 = not seeded). New function RAND_add() is the
same as RAND_seed() but takes an estimate of the entropy as an additional
argument.
2000-01-13 20:59:17 +00:00
Bodo Möller
76aa0ddc86 Turn BN_prime_checks into a macro.
Primes p where (p-1)/2 is prime too are called "safe", not "strong".
2000-01-12 11:57:30 +00:00
Bodo Möller
e4b7645631 add dependency and auto-generation rule for bn_prime.h
(created by bn_prime.pl, which now prints the copyright/license
note as found in bn_prime.h)
2000-01-12 09:16:22 +00:00
Andy Polyakov
b96eb06f79 Makefile clean-ups, crypto/bn/asm/alpha.s compiles on Alpha Linux. 1999-12-25 16:08:31 +00:00
Ulf Möller
3b14cb717d Solaris x86 assembler problem is already addressed in ./config
(bug reports keep coming in because that was still missing in 0.9.4)
1999-12-14 15:28:10 +00:00
Ulf Möller
a4af39ac44 Don't use inline assembler on x86 Solaris (would need a different syntax). 1999-12-08 22:55:06 +00:00
Mark J. Cox
ce2c95b2a2 Fix assembler for Alpha (tested only on DEC OSF not Linux or *BSD). The
problem was that one of the replacement routines had not been working since
SSLeay releases.  For now the offending routine has been replaced with
non-optimised assembler.  Even so, this now gives around 95% performance
improvement for 1024 bit RSA signs.
1999-11-03 14:10:10 +00:00
Bodo Möller
798757762a Improve support for running everything as a monolithic application.
Submitted by: Lennart Bång, Bodo Möller
1999-10-25 19:36:01 +00:00
Ulf Möller
8e1589ece5 VC++ warning. 1999-09-29 22:11:06 +00:00
Andy Polyakov
0bbd03525e Minor MIPS III/IV tune-up. 1999-08-24 16:02:16 +00:00
Ben Laurie
97e84e38df Make it compile under -pedantic. 1999-08-03 10:18:27 +00:00
Andy Polyakov
4c22909e31 Extra i386+gcc bn_div.c tune-up featuring inline division and saving
the remainder left in %edx. Here is the resulting performance improvement
matrix (improvement as a result of this *and* previous tune-up committed
two days ago). The results were obtained by profiling the "div" part of
the crypto/bn/bnspeed.c.

CPU	BN_div	bn_div_words	overall	comment
------------------------------------------------------------------------
PII	+16%	accumulated by	+2-3%	PII multiplies damn fast! Taking
		inlining		multiplication out of the loop
					didn't make too much difference.
					Eliminating of the multiplication
					involved in remainder calculation
					is the major factor.

Pentium	+45%	accumulated by	+7-9%	mull isn't that fast and replacing
		inlining		multiplications with additions in
					the loop has more visible effect:-)

MIPS	+75%	+12%		+20-25%	In addition to the taking mults
R10000					out of the loop (giving 12% in the
					asm/mips3.s) three mults were
					eliminated in BN_div.

Alpha	+30%	+50%		+10-15%	Same as above. But remember that
EV4					bn_div_words is a C implementation.
					It takes 4 Alpha mults in C to do
					the same thing as 1 MIPS mult in
					assembler does. So the effect (50%)
					is more impressive. But not the
					overall one... Well, if Alpha
					bn_mul_add would be implemented
					in assembler overall improvement
					would be closer to MIPS...
1999-07-31 23:27:41 +00:00
Bodo Möller
8d85b33eb5 by request: let BN_dup(NULL) just return NULL 1999-07-30 19:22:57 +00:00
Andy Polyakov
0dd25e3606 Bignum division tune-up. Idea is to move multiplications in front of
loop body and replace 'em with addition/subtraction.
1999-07-30 11:43:43 +00:00
Andy Polyakov
5965902e6e when invoking bn_*_comba[48] result->top wasn't always set correctly. 1999-07-27 09:36:59 +00:00
Andy Polyakov
1656ef2997 SPARC Solaris config updates.
./config sences whole range of SPARC instruction sets. Do note that
it favors Sun C now if both gcc and cc 4.2 or later are present!
1999-07-25 22:25:12 +00:00
Andy Polyakov
a0618e3e5e Added support for SPARC Linux. 1999-07-25 15:13:49 +00:00
Andy Polyakov
fccbb9b34f - performance retunes, v8plus bn_*_comba routines are reimplemented;
- support for GNU assembler (read SPARC Linux);
1999-07-25 12:34:30 +00:00
Ulf Möller
40e29b1976 Remove obsolete files. 1999-07-22 21:57:41 +00:00
Andy Polyakov
cea538154b Get rid of redundant multiplications in bn_div_words. 1999-07-21 13:53:01 +00:00
Andy Polyakov
7363455fac MIPS III/IV assembler module is reimplemented. 1999-07-20 15:50:20 +00:00
Andy Polyakov
eaccfe8b29 crypto/bn/asm/mips3.s is moved to crypto/bn/asm/obsolete/ 1999-07-20 13:43:26 +00:00
Andy Polyakov
d2759c2135 crypto/bn/asm/mips3.s is obsolete. I'm moving it to crypto/bn/asm/obsolete
in order to replace it with a new version.
1999-07-20 13:40:02 +00:00
Ulf Möller
cfa3747ba9 More DES library cleanups: remove references to srand/rand
and delete an unused file.
1999-07-15 23:47:02 +00:00
Ulf Möller
a026fd201f Obsolete/experimental code. 1999-07-09 15:23:11 +00:00
Ulf Möller
e371828067 Use "long long" for all Win32 gcc ports. 1999-06-28 16:17:38 +00:00
Bodo Möller
7722424462 With mingw32, use "long long" rather than "_int64" (the latter does
not work, at least the package mentioned in INSTALL.W32 does not know
about it).
1999-06-28 14:38:31 +00:00
Dr. Stephen Henson
8623f693d9 New functions CONF_load_bio() and CONF_load_fp() to load a configuration
file from a bio or fp. Added some more constification to the BN library.
1999-06-20 17:36:11 +00:00
Bodo Möller
2eae234023 Some people don't have /dev/fd/0 on Solaris, so use - instead. 1999-06-15 23:17:09 +00:00
Bodo Möller
e0f12c41de Avoid some warnings (on silly compilers). 1999-06-12 09:52:44 +00:00
Ulf Möller
adc7fe123b Circumvent bug in SC5 without patch #107357-01.
Submitted by: Andy Polyakov <appro@fy.chalmers.se>
1999-06-09 21:13:27 +00:00
Ben Laurie
233bf734d3 Make "make test" fail if bntest fails an internal selfcheck. 1999-06-09 10:19:53 +00:00
Ben Laurie
8d8a8041ec const/type fixes. 1999-06-05 12:16:33 +00:00
Ben Laurie
84c15db551 Some constification and stacks that slipped through the cracks (how?). 1999-06-04 22:23:10 +00:00
Ben Laurie
b4f76582d4 More evil cast removal. 1999-06-03 18:04:04 +00:00
Ben Laurie
4da88a8d92 Update dependencies. 1999-05-29 14:10:58 +00:00
Bodo Möller
436a376bb0 Some assembler-related clean-ups. 1999-05-28 23:18:51 +00:00
Bodo Möller
b14d0e0590 Circument egcs bug.
Submitted by: Andy Polyakov <appro@fy.chalmers.se>
1999-05-26 19:59:36 +00:00
Bodo Möller
7e70181723 It was a very bad idea to use #include "../e_os.h" -- when this occurs
in cryptlib.h (which is often included as "../cryptlib.h"), then the
question remains relative to which directory this is to be interpreted.
gcc went one further directory up, as intended; but makedepend thinks
differently, and so probably do some C compilers.  So the ../ must go away;
thus e_os.h goes back into include/openssl (but I now use
#include "openssl/e_os.h" instead of <openssl/e_os.h> to make the point) --
and we have another huge bunch of dependency changes.  Argh.
1999-05-21 11:16:48 +00:00
Bodo Möller
d6847aed10 Add a kludge :-(
There were problems with putting e_os.h just into the top directory,
because the test programs are compiled within test/ in the "standard"
case in in their original directories in the makefile.one case;
and in the latter symlinks may not be available.
1999-05-20 22:18:49 +00:00
Bodo Möller
17e3dd1c62 Don't install e_os.h in include/openssl, use it only as a local
include file.
1999-05-20 21:59:20 +00:00
Ulf Möller
e14d4443a2 Bignum library bug fix. IRIX 6 passes "make test" now!
This also avoids the problems with SC4.2 and unpatched SC5.

Submitted by: Andy Polyakov <appro@fy.chalmers.se>
1999-05-20 01:43:07 +00:00
Ulf Möller
fb92ba64a0 Move prototypes to the right place. 1999-05-17 22:25:31 +00:00
Ben Laurie
62bad77124 Add actual testing to bntest... 1999-05-15 15:59:28 +00:00
Bodo Möller
3398f6cc21 OPENSSL_EXTERN 1999-05-15 14:30:31 +00:00
Bodo Möller
7f0dae3276 OPENSSL_EXTERN, OPENSSL_GLOBAL 1999-05-15 14:23:29 +00:00
Bodo Möller
127640b449 Update dependencies. 1999-05-15 13:38:48 +00:00
Bodo Möller
0981259ada For solaris-usparc configurations, avoid problems with GNU as, which
cannot handle all opcodes we need.
1999-05-13 15:02:49 +00:00
Ulf Möller
5c83b4c93f Remove redundant ifdef. 1999-05-13 13:29:41 +00:00
Ulf Möller
7d7d2cbcb0 VMS support.
Submitted by: Richard Levitte <richard@levitte.org>
1999-05-13 11:37:32 +00:00
Ulf Möller
dcbe935125 Missing argument in prototype.
Submitted by: Andreas Ley <ley@rz.uni-karlsruhe.de>
1999-05-12 00:45:42 +00:00
Bodo Möller
84a370a400 The various character predicates (isspace and the like) may not be
used with negative char values, so I've added casts to unsigned char.
Maybe what really should be done is change all those arrays and
pointers to type unsigned char [] or unsigned char *, respectively;
but using plain char with those predicates is just wrong, so something
had to be done.
Submitted by:
Reviewed by:
PR:
1999-05-10 11:18:26 +00:00
Ulf Möller
0894315642 Superseded by sparcv8.S and sparcv8plus.s. 1999-05-08 10:39:15 +00:00
Ulf Möller
52c4409240 v8plus must be specified. 1999-05-05 22:03:50 +00:00
Ulf Möller
98f1c689a5 Fix problem with /usr/ccs/lib/cpp.
Submitted by: Andy Polyakov <appro@fy.chalmers.se>
1999-05-05 11:27:56 +00:00
Ulf Möller
744029c154 Recognise Ultra Sparc and compiler version number. 1999-05-04 23:18:24 +00:00
Ulf Möller
49dce898f0 Andy Polyakov points out there are default rules in make in gmake for this. 1999-05-04 22:06:53 +00:00
Ulf Möller
4f5fac8011 Sparc v8plus assembler.
Submitted by: Andy Polyakov <appro@fy.chalmers.se>
1999-05-04 20:35:18 +00:00
Bodo Möller
e5f3045fbf Support INSTALL_PREFIX for packagers.
Submitted by:
Reviewed by:
PR:
1999-04-29 21:52:08 +00:00
Ulf Möller
a79b03ce6f Compare with BN_mod_exp_simple, too. 1999-04-29 16:07:56 +00:00
Ulf Möller
d575d2924c Ignore Makefile.save
Submitted by: Anonymous
1999-04-29 16:04:54 +00:00
Bodo Möller
1314c344ac Obey $(PERL) when running util/mklink.pl.
Submitted by:
Reviewed by:
PR:
1999-04-29 12:46:59 +00:00
Bodo Möller
6e6acfd4b9 Use util/mklink.pl instead of util/mklink.sh.
Submitted by:
Reviewed by:
PR:
1999-04-28 22:33:54 +00:00
Ulf Möller
f5d7a031a3 New Configure option no-<cipher> (rsa, idea, rc5, ...). 1999-04-27 01:14:46 +00:00
Ulf Möller
73d2257d97 Remove NOPROTO-related macros. 1999-04-26 22:20:07 +00:00
Ulf Möller
a9be3af5ad Remove NOPROTO definitions and error code comments. 1999-04-26 16:43:10 +00:00
Dr. Stephen Henson
5043fc9fd5 Fix mkerr.pl to find functions returning function pointers (thanks Ulf!)
also add a few missing prototypes.
1999-04-25 11:17:44 +00:00
Dr. Stephen Henson
7393480047 Change the command line options of mkerr.pl so -static is now default and
a -write option is needed to actually change anything. Second attempt at
getting rid of ERR, ERRC definitions: it might even work this time :-)
1999-04-24 17:28:43 +00:00
Bodo Möller
c76b0f751f Restore ERRC definitions that are needed to compile the library.
Submitted by:
Reviewed by:
PR:

Submitted by:
Reviewed by:
PR:
1999-04-24 15:57:02 +00:00
Bodo Möller
2b6405faa5 Avoid "incomprehensible" errors when required definitions are missing.
Submitted by:
Reviewed by:
PR:
1999-04-24 15:11:39 +00:00
Dr. Stephen Henson
6e781e8e07 Delete the unnecessary ERR and ERRC lines in makefiles, add some functionality
to error code script: it can now find untranslatable function codes (usually
because the function is static and not defined in a header: occasionally because
of a typo...) and unreferenced function and reason codes. To see this try:
perl util/mkerr.pl -recurse -debug
Also fixed some typos in crypto/pkcs12 that this found :-)
Also tidy up some error calls that had to be all on one line: the old error
script couldn't find codes unless the call was all on one line.
1999-04-24 13:28:57 +00:00
Dr. Stephen Henson
6d31193858 Complete rewrite of the error code generation script. It now runs as a single
script, translates function codes better and doesn't need the K&R function
prototypes to work (NB. the K&R prototypes can't be wiped just yet: they are
still needed by the DEF generator...). I also ran the script with the -rewrite
option to update all the header and source files.
1999-04-24 00:15:18 +00:00
Bodo Möller
bf57da0717 "make depend"
Submitted by:
Reviewed by:
PR:
1999-04-23 22:50:50 +00:00
Ulf Möller
6d2fa146a9 Remove header files from .cvsignore. 1999-04-23 22:32:21 +00:00
Bodo Möller
ec577822f9 Change #include filenames from <foo.h> to <openssl.h>.
Submitted by:
Reviewed by:
PR:
1999-04-23 22:13:45 +00:00
Ben Laurie
61f5b6f338 Work with -pedantic! 1999-04-23 15:01:15 +00:00
Ulf Möller
169cc7a112 Remove references to .org header file names. 1999-04-22 20:10:06 +00:00
Ulf Möller
8e10f2b3ac Move all autogenerated header file parts to crypto/opensslconf.h. 1999-04-21 17:31:05 +00:00
Ulf Möller
6b691a5c85 Change functions to ANSI C. 1999-04-19 21:31:43 +00:00
Ulf Möller
df82f5c85c Fix typos in error codes. 1999-04-19 14:45:02 +00:00
Ulf Möller
5e85b6abaf SPARC v8 assembler BIGNUM code.
Submitted by: Andy Polyakov <appro@fy.chalmers.se>
1999-04-19 13:41:45 +00:00
Ben Laurie
e778802f53 Massive constification. 1999-04-17 21:25:43 +00:00
Dr. Stephen Henson
953937bdc6 Fix a horrible BN bug in bn_expand2 which caused BN_add_word() et al to fail
when they cause the destination to expand.

To see how evil this is try this:

#include <pem.h>
main()
{
	BIGNUM *bn = NULL;
        int i;
	bn = BN_new();
	BN_hex2bn(&bn, "FFFFFFFF");
	BN_add_word(bn, 1);
	printf("Value %s\n", BN_bn2hex(bn));
}

This would typically fail before the patch.

It also screws up if you comment out the BN_hex2bn line above or in any
situation where BN_add_word() causes the number of BN_ULONGs in the result
to change (try doubling the number of FFs).
1999-04-15 23:07:00 +00:00
Ulf Möller
e8d628156f Remove obsolete files from SSLeay 0.8. 1999-04-06 15:22:55 +00:00
Ulf Möller
99aab1619f New Makefile variables $(RANLIB) and $(PERL). 1999-04-01 12:34:33 +00:00
Ben Laurie
67da3df72e Fix Alpha assembler, remove redundant file. 1999-03-27 12:53:21 +00:00
Ben Laurie
b4cadc6e13 Fix security hole. 1999-03-22 12:22:14 +00:00
Dr. Stephen Henson
0cc395796b Add missing funtions from non ANSI section of header files and add missing
ordinals to libeay.num.
1999-03-08 22:46:56 +00:00
Ben Laurie
6242bb9c63 Put the dependencies back. 1999-03-06 14:32:48 +00:00
Ralf S. Engelschall
bb8f3c5879 General source tree makefile cleanups: Made `making xxx in yyy...' display
consistent in the source tree and replaced `/bin/rm' by `rm'.  Additonally
cleaned up the `make links' target: Remove unnecessary semicolons, subsequent
redundant removes, inline point.sh into mklink.sh to speed processing and no
longer clutter the display with confusing stuff. Instead only the actually
done links are displayed.
1999-03-06 12:32:06 +00:00
Ralf S. Engelschall
74d7abc2ab Get rid of remaining C++-style comments which strict C compilers hate.
(Pointed out by Carlos Amengual).
1999-02-27 12:17:40 +00:00
Dr. Stephen Henson
7283ecea22 BN_RECURSION causes the stuff in bn_mont.c to fall over for large keys. For
now change it to BN_RECURSION_MONT so it isn't compiled in.
1999-02-26 01:37:34 +00:00
Ben Laurie
4f9b306ca7 Fix clearly untested "clever" hack. 1999-02-25 09:43:26 +00:00
Ralf S. Engelschall
74cc3698bd More CVS ignore stuff... 1999-02-25 09:06:30 +00:00
Ralf S. Engelschall
1b3b0a54d1 Remember good pointers to Montgomery multiplication algorithm
descriptions as pointed out by Dave Carman <carman@erols.com>
1999-02-25 08:00:57 +00:00
Ben Laurie
65b8ca07a5 Tidy up asm stuff. 1999-02-12 19:05:10 +00:00
Ralf S. Engelschall
155d7a0e1d First cut for a very conservative source tree cleanup:
1. merge various obsolete readme texts into doc/ssleay.txt
   where we collect the old documents and readme texts.

2. remove the first part of files where I'm already sure that we no longer need
   them because of three reasons: either they are just temporary files which
   were left by Eric or they are preserved original files where I've verified
   that the diff is also available in the CVS via "cvs diff -rSSLeay_0_8_1b"
   or they were renamed (as it was definitely the case for the crypto/md/
   stuff).

We've still a horrible mess under crypto/bn/asm/.  There for a lot of files
I'm sure whether we need them or not. So, when someone knows it better, feel
free to cleanup there.
1999-02-10 08:26:08 +00:00
Ben Laurie
bf5dcd135f More exactitude with function arguments. 1999-02-09 23:01:08 +00:00
Dr. Stephen Henson
9b3086fe38 Fix various stuff: that VC++ 5.0 chokes on:
1. Add *lots* of missing prototypes for static ssl functions.
2. VC++ doesn't understand the 'LL' suffix for 64 bits constants: change bn.org
3. Add a few missing prototypes in pem.org
Fix mk1mf.pl so it outputs a Makefile that doesn't choke Win95.
Fix mkdef.pl so it doesn't truncate longer names.
1999-01-31 17:30:18 +00:00
Mark J. Cox
a0a5407901 Fixes to BN code. Previously the default was to define BN_RECURSION
but the BN code had some problems that would cause failures when
doing certificate verification and some other functions.

Submitted by: Eric A Young from a C2Net version of SSLeay
Reviewed by: Mark J Cox
PR:
1999-01-28 10:40:38 +00:00
Ben Laurie
6f93539970 This time, get it right. 1999-01-19 23:25:22 +00:00
Ben Laurie
8039257dbc Finally lay dependencies to rest (I hope!). 1999-01-19 21:36:31 +00:00
Dr. Stephen Henson
6c8abdd744 New err_code.pl script to retain old error codes. This should allow the use
of 'make errors' without causing huge re-organisations of files when a new
code is added.
1999-01-18 22:18:38 +00:00
Dr. Stephen Henson
27eb622b78 Submitted by: Neil Costigan <neil.costigan@celocom.com>
PR:
1999-01-14 18:21:57 +00:00
Ben Laurie
e03ddfae7e Accept NULL in *_free. 1999-01-07 19:15:59 +00:00
Ralf S. Engelschall
4c7b481b4c More .cvsignore stuff to make CVS quiet on our generated files. 1999-01-03 13:17:47 +00:00
Ralf S. Engelschall
9cb0969f65 Fix version stuff:
1. The already released version was 0.9.1c and not 0.9.1b

2. The next release should be 0.9.2 and not 0.9.1d, because
   first the changes are already too large, second we should avoid any more
   0.9.1x confusions and third, the Apache version semantics of
   VERSION.REVISION.PATCHLEVEL for the version string is reasonable (and here
   .2 is already just a patchlevel and not major change).
tVS: ----------------------------------------------------------------------
1998-12-31 09:36:40 +00:00
Ben Laurie
8d7ed6ff90 Deal with generated files. 1998-12-28 21:58:19 +00:00
Ralf S. Engelschall
320a14cb5b *** empty log message *** 1998-12-23 12:09:47 +00:00
Ralf S. Engelschall
5f32680329 Switch version string to SSLeay/OpenSSL 1998-12-23 07:53:55 +00:00
Ralf S. Engelschall
f92e687e17 Fix unused variable warning of GCC 1998-12-22 16:20:18 +00:00
Ralf S. Engelschall
651d0aff98 Various cleanups and fixed by Marc and Ralf to start the OpenTLS project 1998-12-22 15:04:48 +00:00
Ralf S. Engelschall
31b8d86844 This commit was generated by cvs2svn to track changes on a CVS vendor
branch.
1998-12-21 11:00:56 +00:00
Ralf S. Engelschall
dfeab0689f Import of old SSLeay release: SSLeay 0.9.1b (unreleased) 1998-12-21 11:00:56 +00:00
Ralf S. Engelschall
7dfb0b774e This commit was generated by cvs2svn to track changes on a CVS vendor
branch.
1998-12-21 11:00:43 +00:00
Ralf S. Engelschall
15403de6ca Import of old SSLeay release: SSLeay 0.9.1b (unreleased) 1998-12-21 11:00:43 +00:00
Ralf S. Engelschall
58964a4922 Import of old SSLeay release: SSLeay 0.9.0b 1998-12-21 10:56:39 +00:00
Ralf S. Engelschall
d02b48c63a Import of old SSLeay release: SSLeay 0.8.1b 1998-12-21 10:52:47 +00:00