Matt Caswell
c903866420
Fixed double inclusion of string.h
...
PR2693
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit 5d33b70ef5a4768fdfb77a73f9817c4570613039)
2014-08-29 21:40:15 +01:00
Bodo Moeller
44a8fced97
Further improve/fix ec_GFp_simple_points_make_affine (ecp_smpl.c) and
...
group_order_tests (ectest.c). Also fix the EC_POINTs_mul documentation (ec.h).
Reviewed-by: emilia@openssl.org
Conflicts:
crypto/ec/ectest.c
Conflicts:
crypto/ec/ec.h
2014-08-13 18:09:00 +02:00
Bodo Moeller
681d11b6fd
Simplify and fix ec_GFp_simple_points_make_affine
...
(which didn't always handle value 0 correctly).
Reviewed-by: emilia@openssl.org
Conflicts:
CHANGES
crypto/ec/ectest.c
2014-08-01 17:59:31 +02:00
Billy Brumley
8c387e62b2
"EC_POINT_invert" was checking "dbl" function pointer instead of "invert".
...
PR#2569
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit cba11f57ce
)
2014-07-21 22:29:35 +01:00
mancha
fff69a7d8c
Fix for CVE-2014-0076 backported to 0.9.8 branch
...
Fix for the attack described in the paper "Recovering OpenSSL
ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
by Yuval Yarom and Naomi Benger. Details can be obtained from:
http://eprint.iacr.org/2014/140
Thanks to Yuval Yarom and Naomi Benger for discovering this
flaw and to Yuval Yarom for supplying a fix.
Thanks for mancha for backporting the fix to OpenSSL 0.9.8 branch.
2014-03-27 00:55:08 +00:00
Bodo Moeller
ff7b021040
Fix overly lenient comparisons:
...
- EC_GROUP_cmp shouldn't consider curves equal just because
the curve name is the same. (They really *should* be the same
in this case, but there's an EC_GROUP_set_curve_name API,
which could be misused.)
- EC_POINT_cmp shouldn't return 0 for ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED
or EC_R_INCOMPATIBLE_OBJECTS errors because in a cmp API, 0 indicates
equality (not an error).
Reported by: king cope
(cherry picked from commit ca567a03ad
)
Conflicts:
Configure
2013-09-17 10:20:04 +02:00
Bodo Möller
75f0bc4f44
Fix EC_KEY initialization race.
...
Submitted by: Adam Langley
2012-10-05 20:51:47 +00:00
Dr. Stephen Henson
f8731bc2fd
PR: 2632
...
Submitted by: emmanuel.azencot@bull.net
Reviewed by: steve
Return -1 immediately if not affine coordinates as BN_CTX has not been
set up.
2011-10-26 16:42:48 +00:00
Dr. Stephen Henson
3c159fc1a5
check EC public key isn't point at infinity
2011-01-24 15:08:12 +00:00
Dr. Stephen Henson
6056afd223
PR: 1612
...
Submitted by: Robert Jackson <robert@rjsweb.net>
Reviewed by: steve
Fix EC_POINT_cmp function for case where b but not a is the point at infinity.
2011-01-24 14:42:11 +00:00
Bodo Möller
d4ba6424a1
ECC library bugfixes.
...
Submitted by: Emilia Kapser (Google)
2010-08-26 12:10:25 +00:00
Bodo Möller
3e4da3f7cb
Always check bn_wexpend() return values for failure (CVE-2009-3245).
...
(The CHANGES entry covers the change from PR #2111 as well, submitted by
Martin Olsson.)
Submitted by: Neel Mehta
2010-02-23 10:36:41 +00:00
Andy Polyakov
7c97aacbe8
Fix EC_KEY_check_key [from HEAD].
2008-09-23 17:34:08 +00:00
Dr. Stephen Henson
d83dde6180
Merge changes to build system from fips branch.
2008-09-16 21:44:57 +00:00
Bodo Möller
b22250bb67
Fix crypto/ec/ec_mult.c to work properly with scalars of value 0
2007-05-22 09:48:06 +00:00
Bodo Möller
1a8521ff24
Fix the BIT STRING encoding of EC points or parameter seeds
...
(need to prevent the removal of trailing zero bits).
2006-12-19 15:10:46 +00:00
Dr. Stephen Henson
115fc340cb
Rebuild error file C source files.
2006-11-21 20:14:46 +00:00
Mark J. Cox
951dfbb13a
Introduce limits to prevent malicious keys being able to
...
cause a denial of service. (CVE-2006-2940)
[Steve Henson, Bodo Moeller]
Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service. (CVE-2006-2937) [Steve Henson]
Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]
Fix SSL client code which could crash if connecting to a
malicious SSLv2 server. (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]
2006-09-28 11:29:03 +00:00
Nils Larsch
d5cc2f19cd
fix error found by coverity: check if ctx is != NULL before calling BN_CTX_end()
2006-03-14 22:48:31 +00:00
Nils Larsch
b7a80146f4
fix error found by coverity: check if ctx is != NULL before calling BN_CTX_end()
2006-03-13 23:12:08 +00:00
Nils Larsch
22d1087e16
backport recent changes from the cvs head
2006-02-08 19:16:33 +00:00
Richard Levitte
5f4dcaf781
/usr/bin/perl util/mkerr.pl -recurse -write -rebuild
2006-01-09 16:05:22 +00:00
Bodo Möller
c55d882fab
Avoid contradictive error code assignments.
...
"make error".
2006-01-08 21:52:46 +00:00
Bodo Möller
2e885232c2
Some error code cleanups (SSL lib. used SSL_R_... codes reserved for alerts)
2006-01-08 19:41:25 +00:00
Bodo Möller
de71735e7c
comment
2005-12-13 05:46:30 +00:00
Nils Larsch
7f622f6c04
fix warnings when building openssl with (gcc 3.3.1):
...
-Wmissing-prototypes -Wcomment -Wformat -Wimplicit -Wmain -Wmultichar
-Wswitch -Wshadow -Wtrigraphs -Werror -Wchar-subscripts
-Wstrict-prototypes -Wreturn-type -Wpointer-arith -W -Wunused
-Wno-unused-parameter -Wuninitialized
2005-08-28 23:20:52 +00:00
Andy Polyakov
9dc4ca4507
Pedantic polish to ectest.c [from HEAD].
2005-08-11 08:44:34 +00:00
Andy Polyakov
98e986141b
Windows CE update from HEAD.
2005-08-07 22:29:58 +00:00
Nils Larsch
0cdd29ea78
Remove BN_CTX_DEBUG from the normal debug build flags (it's too noisy
...
to be really useful for 'normal' debugging).
Disable EC_GROUP_precompute_mult for the nist curves in ectest.c as
it causes problems when libefence is used.
2005-07-23 08:46:41 +00:00
Nils Larsch
6b695fefd0
remove OPENSSL_NO_ASM dependency
2005-06-28 15:03:58 +00:00
Nils Larsch
aff2922f9a
fix typo, add prototype
2005-05-20 23:01:31 +00:00
Nils Larsch
8712009778
simplify EC_KEY_dup
2005-05-17 12:23:16 +00:00
Andy Polyakov
ce92b6eb9c
Further BUILDENV refinement, further fool-proofing of Makefiles and
...
[most importantly] put back dependencies accidentaly eliminated in
check-in #13342 .
2005-05-16 16:55:47 +00:00
Nils Larsch
9dd8405341
ecc api cleanup; summary:
...
- hide the EC_KEY structure definition in ec_lcl.c + add
some functions to use/access the EC_KEY fields
- change the way how method specific data (ecdsa/ecdh) is
attached to a EC_KEY
- add ECDSA_sign_ex and ECDSA_do_sign_ex functions with
additional parameters for pre-computed values
- rebuild libeay.num from 0.9.7
2005-05-16 10:11:04 +00:00
Andy Polyakov
81a86fcf17
Fool-proofing Makefiles
2005-05-15 22:23:26 +00:00
Bodo Möller
8afca8d9c6
Fix more error codes.
...
(Also improve util/ck_errf.pl script, and occasionally
fix source code formatting.)
2005-05-11 03:45:39 +00:00
Nils Larsch
8b15c74018
give EC_GROUP_new_by_nid a more meanigful name:
...
EC_GROUP_new_by_nid -> EC_GROUP_new_by_curve_name
2005-05-10 11:37:47 +00:00
Nils Larsch
7dc17a6cf0
give EC_GROUP_*_nid functions a more meaningful name
...
EC_GROUP_get_nid -> EC_GROUP_get_curve_name
EC_GROUP_set_nid -> EC_GROUP_set_curve_name
2005-05-08 22:09:12 +00:00
Nils Larsch
fcb41c0ee8
rewrite of bn_nist.c, disable support for some curves on 64 bit platforms
...
for now (it was broken anyway)
2005-05-03 20:23:33 +00:00
Bodo Möller
aa4ce7315f
Fix various incorrect error function codes.
...
("perl util/ck_errf.pl */*.c */*/*.c" still reports many more.)
2005-04-26 18:53:22 +00:00
Nils Larsch
ff22e913a3
- use BN_set_negative and BN_is_negative instead of BN_set_sign
...
and BN_get_sign
- implement BN_set_negative as a function
- always use "#define BN_is_zero(a) ((a)->top == 0)"
2005-04-22 20:02:44 +00:00
Dr. Stephen Henson
ad0db060b1
More overwritten stuff...
2005-04-12 16:36:36 +00:00
Dr. Stephen Henson
29dc350813
Rebuild error codes.
2005-04-12 16:15:22 +00:00
Nils Larsch
37942fab51
include limits.h for UINT_MAX etc.
2005-04-11 20:59:58 +00:00
Richard Levitte
4bb61becbb
Add emacs cache files to .cvsignore.
2005-04-11 14:17:07 +00:00
Nils Larsch
c2e40d0f9a
remove unused recp method
2005-04-04 18:15:59 +00:00
Ben Laurie
41a15c4f0f
Give everything prototypes (well, everything that's actually used).
2005-03-31 09:26:39 +00:00
Ben Laurie
42ba5d2329
Blow away Makefile.ssl.
2005-03-30 13:05:57 +00:00
Bodo Möller
80c808b90b
Fix typo
...
PR: 1017
Submitted by: ciresh@yahoo.com
Reviewed by: Nils Larsch
2005-03-09 19:08:02 +00:00
Richard Levitte
a2ac429da2
Don't use $(EXHEADER) directly in for loops, as most shells will break
...
if $(EXHEADER) is empty.
Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
2004-11-02 23:55:01 +00:00