Bodo Möller
80790d89ec
Use BN_with_flags() in a cleaner way.
...
Complete previous change:
Constant time DSA [sync with mainstream].
2005-05-27 15:39:15 +00:00
Bodo Möller
ecb1445ce2
Implement fixed-window exponentiation to mitigate hyper-threading
...
timing attacks.
BN_FLG_EXP_CONSTTIME requests this algorithm, and this done by default for
RSA/DSA/DH private key computations unless
RSA_FLAG_NO_EXP_CONSTTIME/DSA_FLAG_NO_EXP_CONSTTIME/
DH_FLAG_NO_EXP_CONSTTIME is set.
Submitted by: Matthew D Wood
Reviewed by: Bodo Moeller
2005-05-16 01:26:08 +00:00
Andy Polyakov
c7e7d382d5
Pointer to BN_MONT_CTX could be used uninitialized.
2005-04-28 08:52:29 +00:00
Dr. Stephen Henson
4ed56cba63
New function BN_MONT_CTX_set_locked, to set montgomery parameters in a
...
threadsafe manner.
Modify or add calls to use it in rsa, dsa and dh algorithms.
2005-04-22 13:17:49 +00:00
Ben Laurie
b5e4469150
The version that was actually submitted for FIPS testing.
2004-06-19 13:15:35 +00:00
Richard Levitte
27310553b1
We seem to carry some rests of the 0.9.6 [engine] ENGINE framework in form
...
of unneeded includes of openssl/engine.h.
2003-04-08 06:00:17 +00:00
Richard Levitte
6d85cd36e2
Add the possibility to build without the ENGINE framework.
...
PR: 287
2003-01-30 17:37:49 +00:00
Geoff Thorpe
cb78486d97
This commits changes to various parts of libcrypto required by the recent
...
ENGINE surgery. DH, DSA, RAND, and RSA now use *both* "method" and ENGINE
pointers to manage their hooking with ENGINE. Previously their use of
"method" pointers was replaced by use of ENGINE references. See
crypto/engine/README for details.
Also, remove the ENGINE iterations from evp_test - even when the
cipher/digest code is committed in, this functionality would require a
different set of API calls.
2001-09-25 20:23:40 +00:00
Bodo Möller
de3333bae4
length of secret exponent is needed only when we create one
2001-07-27 22:45:35 +00:00
Bodo Möller
924875e53b
Undo DH_generate_key() change: s3_srvr.c was using it correctly
2001-07-27 22:34:25 +00:00
Bodo Möller
e5cb260365
DH key generation should not use a do ... while loop,
...
or bogus DH parameters can be used for launching DOS attacks
2001-07-25 17:48:51 +00:00
Bodo Möller
6aecef815c
Don't preserve existing keys in DH_generate_key.
2001-07-25 17:20:34 +00:00
Bodo Möller
c62b26fdc6
Hide BN_CTX structure details.
...
Incease the number of BIGNUMs in a BN_CTX.
2001-03-08 15:56:15 +00:00
Ulf Möller
48f2ef8d00
make it a loop as in dsa
2001-02-20 16:17:25 +00:00
Ulf Möller
12c2fe8d53
Use BN_rand_range().
2001-02-20 00:43:59 +00:00
Richard Levitte
f971ccb264
Constify DH-related code.
2000-11-07 14:30:37 +00:00
Richard Levitte
5270e7025e
Merge the engine branch into the main trunk. All conflicts resolved.
...
At the same time, add VMS support for Rijndael.
2000-10-26 21:07:28 +00:00
Bodo Möller
6dad7bd69c
Speed up DH with small generator.
2000-06-07 21:29:25 +00:00
Ulf Möller
9b141126d4
New functions BN_CTX_start(), BN_CTX_get(), BN_CTX_end() to access
...
temporary BIGNUMs. BN_CTX still uses a fixed number of BIGNUMs, but
the BN_CTX implementation could now easily be changed.
2000-02-05 14:17:32 +00:00
Dr. Stephen Henson
13066cee60
Initial support for DH_METHOD. Also added a DH lock. A few changes made to
...
DSA_METHOD to make it more consistent with RSA_METHOD.
1999-08-23 23:11:32 +00:00
Bodo Möller
ec577822f9
Change #include filenames from <foo.h> to <openssl.h>.
...
Submitted by:
Reviewed by:
PR:
1999-04-23 22:13:45 +00:00
Ulf Möller
6b691a5c85
Change functions to ANSI C.
1999-04-19 21:31:43 +00:00
Ralf S. Engelschall
dfeab0689f
Import of old SSLeay release: SSLeay 0.9.1b (unreleased)
1998-12-21 11:00:56 +00:00
Ralf S. Engelschall
58964a4922
Import of old SSLeay release: SSLeay 0.9.0b
1998-12-21 10:56:39 +00:00
Ralf S. Engelschall
d02b48c63a
Import of old SSLeay release: SSLeay 0.8.1b
1998-12-21 10:52:47 +00:00