Dr. Stephen Henson
25f93585a7
Exetended OAEP support.
...
Extend OAEP support. Generalise the OAEP padding functions to support
arbitrary digests. Extend EVP_PKEY RSA method to handle the new OAEP
padding functions and add ctrls to set the additional parameters.
(cherry picked from commit 271fef0ef3
)
Conflicts:
CHANGES
2013-10-01 14:01:17 +01:00
Dr. Stephen Henson
0d5a49e150
Add FIPS RSA error code.
...
Add some RSA error codes used by the FIPS module.
2013-10-01 14:01:17 +01:00
Dr. Stephen Henson
9309ea6617
Backport PSS signature support from HEAD.
2011-10-09 23:13:50 +00:00
Dr. Stephen Henson
53dd05d8f6
Redirect RSA keygen, sign, verify to FIPS module.
2011-06-03 13:16:16 +00:00
Dr. Stephen Henson
fbe7055370
Redirection of low level APIs to FIPS module.
...
Digest sign, verify operations are not redirected at this stage.
2011-06-02 18:22:42 +00:00
Dr. Stephen Henson
a5b386205f
Backport extended PSS support from HEAD: allow setting of mgf1Hash explicitly.
...
This is needed to handle FIPS redirection fully.
2011-06-02 18:13:33 +00:00
Ben Laurie
0eab41fb78
If we're going to return errors (no matter how stupid), then we should
...
test for them!
2008-12-29 16:11:58 +00:00
Ben Laurie
8aa02e97a7
Make sure a bad parameter to RSA_verify_PKCS1_PSS() doesn't lead to a crash.
...
(Coverity ID 135).
2008-12-29 13:35:08 +00:00
Dr. Stephen Henson
4f1aa191b3
Initial support for enveloped data decrypt. Extent runex.pl to cover these
...
examples. All RFC4134 examples can not be processed.
2008-03-15 23:21:33 +00:00
Dr. Stephen Henson
47a9d527ab
Update from 0.9.8 stable. Eliminate duplicate error codes.
2006-11-21 21:29:44 +00:00
Bodo Möller
5e3225cc44
Introduce limits to prevent malicious keys being able to
...
cause a denial of service. (CVE-2006-2940)
[Steve Henson, Bodo Moeller]
2006-09-28 13:45:34 +00:00
Bodo Möller
2952886010
Remove non-functional part of recent patch, after discussion with
...
Colin Percival (this would have caused more problems than solved,
and isn't really necessary anyway)
2006-09-06 06:43:11 +00:00
Mark J. Cox
b79aa05e3b
Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher
...
(CVE-2006-4339)
Submitted by: Ben Laurie, Google Security Team
Reviewed by: bmoeller, mjc, shenson
2006-09-05 08:58:03 +00:00
Dr. Stephen Henson
5c95c2ac23
Fix various error codes to match functions.
2006-07-17 16:33:31 +00:00
Dr. Stephen Henson
7f57b076a6
New functions to get key types without dereferncing EVP_PKEY.
...
More error checking for RSA pmeth.
2006-05-11 21:33:00 +00:00
Dr. Stephen Henson
c927df3fa1
Initial DSA EVP_PKEY_METHOD. Fixup some error codes.
2006-04-12 10:20:47 +00:00
Dr. Stephen Henson
75d44c0452
Store digests as EVP_MD instead of a NID.
...
Add digest size sanity checks.
2006-04-09 21:24:48 +00:00
Dr. Stephen Henson
b2a97be7f4
Support for digest signing and X931 in rsa_pkey_meth.
2006-04-09 19:17:25 +00:00
Dr. Stephen Henson
448be74335
Initial support for pluggable public key ASN1 support. Process most public
...
key ASN1 handling through a single EVP_PKEY_ASN1_METHOD structure and move
the spaghetti algorithm specific code to a single ASN1 module for each
algorithm.
2006-03-20 12:22:24 +00:00
Andy Polyakov
d51204f1b1
PSS update [from 0.9.7].
2005-06-02 18:25:36 +00:00
Dr. Stephen Henson
499fca2db3
Update from 0.9.7-stable. Also repatch and rebuild error codes.
2005-05-28 20:44:02 +00:00
Bodo Möller
8afca8d9c6
Fix more error codes.
...
(Also improve util/ck_errf.pl script, and occasionally
fix source code formatting.)
2005-05-11 03:45:39 +00:00
Nils Larsch
800e400de5
some updates for the blinding code; summary:
...
- possibility of re-creation of the blinding parameters after a
fixed number of uses (suggested by Bodo)
- calculatition of the rsa::e in case it's absent and p and q
are present (see bug report #785 )
- improve the performance when if one rsa structure is shared by
more than a thread (see bug report #555 )
- fix the problem described in bug report #827
- hide the definition ot the BN_BLINDING structure in bn_blind.c
2005-04-26 22:31:48 +00:00
Dr. Stephen Henson
29dc350813
Rebuild error codes.
2005-04-12 16:15:22 +00:00
Bodo Möller
24cff6ced5
always reject data >= n
2001-07-25 17:02:58 +00:00
Richard Levitte
cf1b7d9664
Make all configuration macros available for application by making
...
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.
I've checked fairly well that nothing breaks with this (apart from
external software that will adapt if they have used something like
NO_KRB5), but I can't guarantee it completely, so a review of this
change would be a good thing.
2001-02-19 16:06:34 +00:00
Bodo Möller
59fc2b0fc2
Preserve reason strings in automatically build tables.
2000-03-05 00:19:36 +00:00
Dr. Stephen Henson
1c80019a2c
Add new sign and verify members to RSA_METHOD and change SSL code to use sign
...
and verify rather than direct encrypt/decrypt.
1999-09-18 22:37:44 +00:00
Dr. Stephen Henson
c1cd88a0eb
Oops... forgot the other RSA_NULL patches...
1999-09-08 18:19:45 +00:00
Bodo Möller
3a55fc1aab
correct error handling
...
insert spaces in products that occur in error codes
1999-07-12 09:46:34 +00:00
Bodo Möller
03cd49447f
New function RSA_check_key,
...
openssl rsa -check
1999-07-11 22:00:55 +00:00
Dr. Stephen Henson
6d31193858
Complete rewrite of the error code generation script. It now runs as a single
...
script, translates function codes better and doesn't need the K&R function
prototypes to work (NB. the K&R prototypes can't be wiped just yet: they are
still needed by the DEF generator...). I also ran the script with the -rewrite
option to update all the header and source files.
1999-04-24 00:15:18 +00:00
Bodo Möller
ec577822f9
Change #include filenames from <foo.h> to <openssl.h>.
...
Submitted by:
Reviewed by:
PR:
1999-04-23 22:13:45 +00:00
Ulf Möller
6b691a5c85
Change functions to ANSI C.
1999-04-19 21:31:43 +00:00
Dr. Stephen Henson
0c8a1281d0
Make RSA_NO_PADDING really use no padding.
...
Submitted by: Ulf Moeller <ulf@fitug.de>
1999-02-21 17:39:07 +00:00
Ben Laurie
6b056c414d
Fix case of new functions in error files.
1999-02-18 18:26:42 +00:00
Ben Laurie
a49498969e
Add OAEP.
1999-02-17 21:11:08 +00:00
Ralf S. Engelschall
dfeab0689f
Import of old SSLeay release: SSLeay 0.9.1b (unreleased)
1998-12-21 11:00:56 +00:00
Ralf S. Engelschall
58964a4922
Import of old SSLeay release: SSLeay 0.9.0b
1998-12-21 10:56:39 +00:00
Ralf S. Engelschall
d02b48c63a
Import of old SSLeay release: SSLeay 0.8.1b
1998-12-21 10:52:47 +00:00