Commit graph

71 commits

Author SHA1 Message Date
Bodo Möller
46b695d850 make RSA blinding thread-safe 2003-04-02 09:50:55 +00:00
Richard Levitte
bce625987d Do not use the word 'modulus', which is a class template name in VC++ 6.0/SP5.
PR: 216, point 3
2002-08-12 21:20:30 +00:00
Dr. Stephen Henson
f9bd76e4f7 Avoid gcc warning: BN_DEC_CONV when SIXTY_FOUR_BIT is defined is unsigned. 2002-05-10 22:08:22 +00:00
Bodo Möller
4d7072f4b5 remove redundant ERR_load_... declarations 2001-12-17 19:22:23 +00:00
Richard Levitte
b476df64a1 make update
perl util/mkerr.pl -recurse -write -rebuild
2001-11-15 12:25:14 +00:00
Bodo Möller
c5d4ab7e35 adjust to OpenSSL_0_9_6-stable version 2001-11-09 13:09:11 +00:00
Bodo Möller
983495c4b2 Use uniformly chosen witnesses for Miller-Rabin test
(by using new BN_pseudo_rand_range function)
2001-09-03 12:58:16 +00:00
Bodo Möller
c62b26fdc6 Hide BN_CTX structure details.
Incease the number of BIGNUMs in a BN_CTX.
2001-03-08 15:56:15 +00:00
Bodo Möller
98499135d7 Constify BN_value_one. 2001-03-08 13:58:09 +00:00
Bodo Möller
226cc7ded4 More method functions for EC_GFp_simple_method. 2001-03-08 01:23:28 +00:00
Richard Levitte
a5bc1e8568 Use e_os2.h rather than opensslconf.h, since some needed macros are
defined there.
2001-02-22 14:37:50 +00:00
Richard Levitte
8120813066 Use new-style system-id macros. 2001-02-20 07:43:22 +00:00
Richard Levitte
cf1b7d9664 Make all configuration macros available for application by making
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.

I've checked fairly well that nothing breaks with this (apart from
external software that will adapt if they have used something like
NO_KRB5), but I can't guarantee it completely, so a review of this
change would be a good thing.
2001-02-19 16:06:34 +00:00
Bodo Möller
e306892994 Simplify BN_rand_range 2001-02-10 00:34:02 +00:00
Bodo Möller
35ed8cb8b6 Integrate my implementation of a countermeasure against
Bleichenbacher's DSA attack.  With this implementation, the expected
number of iterations never exceeds 2.

New semantics for BN_rand_range():
BN_rand_range(r, min, range) now generates r such that
     min <= r < min+range.
(Previously, BN_rand_range(r, min, max) generated r such that
     min <= r < max.
It is more convenient to have the range; also the previous
prototype was misleading because max was larger than
the actual maximum.)
2001-02-08 12:14:51 +00:00
Ulf Möller
57e7d3ce15 Bleichenbacher's DSA attack 2001-02-07 22:24:35 +00:00
Bodo Möller
e5164b7041 Change error message to "bignum too long" 2000-12-04 09:24:54 +00:00
Bodo Möller
152a689cf9 Don't allow BIGNUMs to become so large that computations with dmax
might overflow.
2000-12-03 09:39:04 +00:00
Ulf Möller
111482cf2e New function BN_bntest_rand() to detect more BN library bugs.
The bn_cmp_part_words bug was only caught in the BN_mod_mul() test,
not in the BN_mul() test, so apparently the choice of parameters in
some cases is bad.
2000-12-02 07:32:57 +00:00
Bodo Möller
cd2eebfd64 BN_sqrt 2000-11-30 00:18:19 +00:00
Bodo Möller
a08bcccc67 Expand expspeed.c to make BN_kronecker timings.
This caused a segmentation fault in calls to malloc, so I cleaned up
bn_lib.c a little so that it is easier to see what is going on.
The bug turned out to be an off-by-one error in BN_bin2bn.
2000-11-29 12:32:10 +00:00
Bodo Möller
dcbd0d74d5 Fix BN_is_... macros.
Fix BN_gcd.
Analyze BN_mod_inverse.
Add BN_kronecker.
"make update".
2000-11-27 21:17:20 +00:00
Bodo Möller
5acaa49504 More BN_mod_... functions. 2000-11-26 18:31:32 +00:00
Bodo Möller
78a0c1f18d modular arithmetics
"make update"
2000-11-26 16:42:38 +00:00
Richard Levitte
227385b719 Make sure BN_DIV2W is not defining when defining it, and remove the
declarations of bn_add_part_words() and bn_sub_part_words() since they
do not exist.
2000-11-17 12:01:55 +00:00
Richard Levitte
cbd48ba626 More constification of the BN library. 2000-11-16 22:43:32 +00:00
Bodo Möller
7f7b8d6871 BN_CTX-related fixes. 2000-11-08 10:05:34 +00:00
Richard Levitte
020fc820dc Constify the BIGNUM routines a bit more. The only trouble were the
two functions that did expansion on in parameters (BN_mul() and
BN_sqr()).  The problem was solved by making bn_dup_expand() which is
a mix of bn_expand2() and BN_dup().
2000-11-06 21:15:54 +00:00
Dr. Stephen Henson
2d978cbd30 Changes needed for Tandem NSK, supplied by Scott Uroff (scott@xypro.com).
Fix warnings with BIO_dump_indent().
2000-08-04 00:01:39 +00:00
Bodo Möller
dc434bbcb0 Slightly faster DSA verification (BN_mod_exp2_mont),
marginally faster BN_mod_exp for 1024 bit exponents.
2000-06-08 20:26:03 +00:00
Bodo Möller
6dad7bd69c Speed up DH with small generator. 2000-06-07 21:29:25 +00:00
Ulf Möller
de42b6a7a8 Use NO_FP_API. 2000-06-01 20:25:44 +00:00
Ulf Möller
f1a617edc9 check for WIN32 (needed by Mingw32) 2000-03-01 01:46:34 +00:00
Ulf Möller
775c63fc02 Reorganize bn_mul.c (no bugfix yet), remove obsolete files in BN library. 2000-02-26 22:16:47 +00:00
Bodo Möller
eb5a6a55c5 Commit patch to bn.h that CVS decided to throw away during 'cvs update',
and initialize too_many because memset(..., 0, ...) is not used here.
2000-02-05 20:39:26 +00:00
Ulf Möller
6535eb1728 Use MONT_WORD macro to control if the word-based or the bignum
algorithm is used.
2000-02-05 18:23:05 +00:00
Ulf Möller
9b141126d4 New functions BN_CTX_start(), BN_CTX_get(), BN_CTX_end() to access
temporary BIGNUMs. BN_CTX still uses a fixed number of BIGNUMs, but
the BN_CTX implementation could now easily be changed.
2000-02-05 14:17:32 +00:00
Ulf Möller
657e60fa00 ispell (and minor modifications) 2000-02-03 23:23:24 +00:00
Bodo Möller
7999c65c9b Some 'const's for BNs. 2000-02-03 01:26:07 +00:00
Bodo Möller
aff0825c61 Tolerate negative numbers in BN_is_prime. 2000-02-02 22:18:01 +00:00
Bodo Möller
e74231ed9e rndsort{Miller, Rabin} primality test. 2000-02-02 21:20:44 +00:00
Bodo Möller
a87030a1ed Make DSA_generate_parameters, and fix a couple of bug
(including another problem in the s3_srvr.c state machine).
2000-01-30 02:23:03 +00:00
Richard Levitte
f95a9f678a Declare BN_pseudo_rand(). 2000-01-27 22:07:42 +00:00
Ulf Möller
38e33cef15 Document DSA and SHA.
New function BN_pseudo_rand().
Use BN_prime_checks_size(BN_num_bits(w)) rounds of Miller-Rabin when
generating DSA primes (why not use BN_is_prime()?)
2000-01-27 19:31:26 +00:00
Bodo Möller
ec1258dd44 Update comments to provide a better approximation of reality. 2000-01-27 13:00:10 +00:00
Ulf Möller
e93f9a3284 Run ispell.
Clean up bn_mont.c.
2000-01-27 01:50:42 +00:00
Ulf Möller
dd8dec69b8 Document the BN library. 2000-01-23 22:06:24 +00:00
Ulf Möller
4486d0cd7a Document the DH library, and make some minor changes along the way. 2000-01-22 20:05:23 +00:00
Bodo Möller
76aa0ddc86 Turn BN_prime_checks into a macro.
Primes p where (p-1)/2 is prime too are called "safe", not "strong".
2000-01-12 11:57:30 +00:00
Ulf Möller
e371828067 Use "long long" for all Win32 gcc ports. 1999-06-28 16:17:38 +00:00