Commit graph

128 commits

Author SHA1 Message Date
Nils Larsch
9dd8405341 ecc api cleanup; summary:
- hide the EC_KEY structure definition in ec_lcl.c + add
  some functions to use/access the EC_KEY fields
- change the way how method specific data (ecdsa/ecdh) is
  attached to a EC_KEY
- add ECDSA_sign_ex and ECDSA_do_sign_ex functions with
  additional parameters for pre-computed values
- rebuild libeay.num from 0.9.7
2005-05-16 10:11:04 +00:00
Bodo Möller
46a643763d Implement fixed-window exponentiation to mitigate hyper-threading
timing attacks.

BN_FLG_EXP_CONSTTIME requests this algorithm, and this done by default for
RSA/DSA/DH private key computations unless
RSA_FLAG_NO_EXP_CONSTTIME/DSA_FLAG_NO_EXP_CONSTTIME/
DH_FLAG_NO_EXP_CONSTTIME is set.

Submitted by: Matthew D Wood
Reviewed by: Bodo Moeller
2005-05-16 01:43:31 +00:00
Nils Larsch
8b15c74018 give EC_GROUP_new_by_nid a more meanigful name:
EC_GROUP_new_by_nid -> EC_GROUP_new_by_curve_name
2005-05-10 11:37:47 +00:00
Nils Larsch
7ab2d30349 add 192 bit prime curve to the command line options 2005-04-29 15:21:09 +00:00
Nils Larsch
965a1cb92e change prototype of the ecdh KDF: make input parameter const and the outlen argument more flexible 2005-04-23 10:11:16 +00:00
Nils Larsch
689c6f2542 add new curves to the loop (with some cleanup from me)
Submitted by: Jean-Luc Duval
Reviewed by:  Nils Larsch
2005-03-20 23:12:13 +00:00
Andy Polyakov
c88f8f76b5 'apps/openssl dgst -help' update and minor apps/speed.c update. 2004-07-25 18:57:35 +00:00
Richard Levitte
563cd0f2b0 Make the tests of EVP operations without padding. As a consequence,
there's no need for a larger BUFSIZE any more...

PR: 904
2004-06-28 16:32:12 +00:00
Richard Levitte
3ac0f28837 Make sure that the buffers are large enough to contain padding.
PR: 904
2004-06-28 12:23:35 +00:00
Andy Polyakov
63ba7e293f Make sha-256/-512 naming in speed.c consistent with their names as they
will appear at EVP leyer.
2004-05-31 12:40:22 +00:00
Andy Polyakov
46ceb15c39 SHA-256/-512 test and benchmark. 2004-05-20 21:49:38 +00:00
Geoff Thorpe
f0eae953e2 Remove some unnecessary recursive includes from the internal apps.h header,
and include bn.h in those C files that need bignum functionality.
2004-05-17 19:05:32 +00:00
Geoff Thorpe
823a67b0a9 header cleanup in apps/ 2004-04-19 18:13:07 +00:00
Lutz Jänicke
cdb42bcf0c Cover all DSA setups when running tests
PR: #748
Submitted by: Kirill Kochetkov <kochet@ixbt.com>
2004-01-08 07:46:37 +00:00
Richard Levitte
4d8743f490 Netware-specific changes,
PR: 780
Submitted by: Verdon Walker <VWalker@novell.com>
Reviewed by: Richard Levitte
2003-11-28 13:10:58 +00:00
Lutz Jänicke
95de3d204f Make sure to initialize AES counters to obtain proper results.
Submitted by: Kirill Kochetkov <kochet@ixbt.com>

PR: #748
2003-11-18 18:27:12 +00:00
Geoff Thorpe
0991f07034 For whatever reason (compiler or header bugs), at least one commonly-used
linux system (namely mine) chokes on our definitions and uses of the "HZ"
symbol in crypto/tmdiff.[ch] and apps/speed.c as a "bad function cast"
(when in fact there is no function casting involved at all). In both cases,
it is easily worked around by not defining a cast into the macro and
jiggling the expressions slightly.

In addition - this highlights some cruft in openssl that needs sorting out.
The tmdiff.h header is exported as part of the openssl API despite the fact
that it is ugly as the driven sludge and not used anywhere in the library,
applications, or utilities. More weird still, almost identical code exists
in apps/speed.c though it looks to be slightly tweaked - so either tmdiff
should be updated and used by speed.c, or it should be dumped because it's
obviously not useful enough.

Rather than removing it for now, I've changed the API for tmdiff to at
least make sense. This involves taking the object type (MS_TM) from the
implementation and using it in the header rather than using "char *" in the
API and casting mercilessly in the code (ugh). If someone doesn't like
"MS_TM" and the "ms_time_***" naming, by all means change it. This should
be a harmless improvement, because the existing API is clearly not very
useful (eg. we reimplement it rather than using it in our own utils).

However, someone still needs to take a hack at consolidating speed.c and
tmdiff.[ch] somehow.
2003-10-29 04:40:13 +00:00
Dr. Stephen Henson
a08ced78c8 Avoid warnings: add missing prototype, don't shadow. 2003-10-10 23:07:24 +00:00
Bodo Möller
968766cad8 updates for draft-ietf-tls-ecc-03.txt
Submitted by: Douglas Stebila
Reviewed by: Bodo Moeller
2003-07-22 12:34:21 +00:00
Richard Levitte
3ae70939ba Correct a lot of printing calls. Remove extra arguments... 2003-04-03 23:39:48 +00:00
Bodo Möller
176f31ddec - new ECDH_compute_key interface (KDF is no longer a fixed built-in)
- bugfix: in ECDH_compute_key, pad x coordinate with leading zeros if necessary
2003-02-28 15:37:10 +00:00
Richard Levitte
85d686e723 Make it possible to disable OCSP, the speed application, and the use of sockets.
PR: 358
2003-02-14 01:02:58 +00:00
Bodo Möller
d42d2d1ab6 avoid coredump
Submitted by: Nils Larsch
2003-02-08 19:49:16 +00:00
Bodo Möller
37c660ff9b implement fast point multiplication with precomputation
Submitted by: Nils Larsch
Reviewed by: Bodo Moeller
2003-02-06 19:25:12 +00:00
Richard Levitte
0b13e9f055 Add the possibility to build without the ENGINE framework.
PR: 287
2003-01-30 17:39:26 +00:00
Dr. Stephen Henson
876e96fdbf Fix leak. 2003-01-04 18:25:24 +00:00
Richard Levitte
1c3e4a3660 EXIT() may mean return(). That's confusing, so let's have it really mean
exit() in whatever way works for the intended platform, and define
OPENSSL_EXIT() to have the old meaning (the name is of course because
it's only used in the openssl program)
2002-12-03 16:33:03 +00:00
Richard Levitte
450cee5c3a Make sure sysconf exists (it doesn't in the VMS C RTL lesser than version 7). 2002-11-18 23:05:39 +00:00
Ben Laurie
54a656ef08 Security fixes brought forward from 0.9.7. 2002-11-13 15:43:43 +00:00
Bodo Möller
259cdf2af9 Sun has agreed to removing the covenant language from most files.
Submitted by: Sheueling Chang <Sheueling.Chang@Sun.COM>
2002-10-29 10:59:32 +00:00
Bodo Möller
5c6bf03117 fast reduction for NIST curves
Submitted by: Nils Larsch
2002-10-28 13:23:24 +00:00
Richard Levitte
5d9470ff8e -elapsed is also useful when using gettimeofday 2002-09-25 12:41:59 +00:00
Bodo Möller
7eb18f1237 Simplify handling of named curves: get rid of EC_GROUP_new_by_name(),
EC_GROUP_new_by_nid() should be enough.  This avoids a lot of
redundancy.

Submitted by: Nils Larsch
2002-08-15 09:21:31 +00:00
Bodo Möller
5488bb6197 get rid of EVP_PKEY_ECDSA (now we have EVP_PKEY_EC instead)
Submitted by: Nils Larsch
2002-08-12 08:47:41 +00:00
Bodo Möller
41fdcfa71e fix warnings 2002-08-09 11:58:28 +00:00
Bodo Möller
e172d60ddb Add ECDH support.
Additional changes:
 - use EC_GROUP_get_degree() in apps/req.c
 - add ECDSA and ECDH to apps/speed.c
 - adds support for EC curves over binary fields to ECDSA
 - new function EC_KEY_up_ref() in crypto/ec/ec_key.c
 - reorganize crypto/ecdsa/ecdsatest.c
 - add engine support for ECDH
 - fix a few bugs in ECDSA engine support

Submitted by: Douglas Stebila <douglas.stebila@sun.com>
2002-08-09 08:43:04 +00:00
Richard Levitte
125cc35b59 Merge in DES changed from 0.9.7-stable. 2002-03-22 02:42:57 +00:00
Bodo Möller
af28dd6c75 Fix bugs and typos.
Add some WTLS curves.
New function EC_GROUP_check() (this will probably
be implemented differently soon).

Submitted by: Nils Larsch
Reviewed by: Bodo Moeller
2002-03-18 13:10:45 +00:00
Dr. Stephen Henson
de941e289e Initialize cipher context in KRB5
("D. Russell" <russelld@aol.net>)

Allow HMAC functions to use an alternative ENGINE.
2002-03-14 18:22:23 +00:00
Bodo Möller
690ecff795 Fixes for 'no-hw' combined with 'no-SOME_CIPHER'.
Fix dsaparam usage output.

Submitted by: Nils Larsch
2002-03-14 09:52:03 +00:00
Bodo Möller
87a4b4d1f4 fix printf call 2002-03-05 15:05:00 +00:00
Dr. Stephen Henson
3647bee263 Config code updates.
CONF_modules_unload() now calls CONF_modules_finish()
automatically.

Default use of section openssl_conf moved to
CONF_modules_load()

Load config file in several openssl utilities.

Most utilities now load modules from the config file,
though in a few (such as version) this isn't done
because it couldn't be used for anything.

In the case of ca and req the config file used is
the same as the utility itself: that is the -config
command line option can be used to specify an
alternative file.
2002-02-22 14:01:21 +00:00
Richard Levitte
3e83e686ba Add the configuration target VxWorks. 2002-02-14 15:37:38 +00:00
Richard Levitte
1199e2d8cf Apply patch from Toomas Kiisk <vix@cyber.ee> and complete it. 2002-01-29 12:36:01 +00:00
Richard Levitte
ba1b888384 Implement speed measurement for AES.
Submitted by Stephen Sprunk <stephen@sprunk.org> as part of his AES
integration patch.
2002-01-02 16:57:57 +00:00
Richard Levitte
47cc5525a2 RSA counter should only be defined of RSA is available. 2002-01-02 12:40:38 +00:00
Ben Laurie
ff3fa48fc7 Improve back compatibility. 2001-12-09 21:53:31 +00:00
Bodo Möller
87166e1fb6 fix warnings (one of them was clearly justified) 2001-12-07 17:02:01 +00:00
Richard Levitte
83c40e7fc0 Make it possible to give digest names as -evp arguments. 2001-11-15 20:19:40 +00:00
Dr. Stephen Henson
b83eddc578 Win32 fixes. 2001-11-06 13:40:27 +00:00