Commit graph

93 commits

Author SHA1 Message Date
Bodo Möller
75f0bc4f44 Fix EC_KEY initialization race.
Submitted by: Adam Langley
2012-10-05 20:51:47 +00:00
Dr. Stephen Henson
875ac0ec00 fix warning 2012-01-10 14:37:00 +00:00
Bodo Möller
72033fde7b Fix ecdsatest.c.
Submitted by: Emilia Kasper
2011-12-02 12:40:25 +00:00
Dr. Stephen Henson
a0bf2c86ab make timing attack protection unconditional 2011-09-01 14:23:41 +00:00
Dr. Stephen Henson
1e368ab08f Fix the ECDSA timing attack mentioned in the paper at:
http://eprint.iacr.org/2011/232.pdf

Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for
bringing this to our attention.
2011-05-25 14:43:47 +00:00
Dr. Stephen Henson
6d12b1f82b check buffer is larger enough before overwriting 2011-04-06 18:07:12 +00:00
Ben Laurie
d886975835 Fix gcc 4.6 warnings. Check TLS server hello extension length. 2010-06-12 13:18:58 +00:00
Dr. Stephen Henson
b172352b52 PR: 1432
Submitted by: "Andrzej Chmielowiec" <achmielowiec@enigma.com.pl>, steve@openssl.org
Approved by: steve@openssl.org

Truncate hash if it is too large: as required by FIPS 186-3.
2009-12-01 17:32:16 +00:00
Ben Laurie
4e92353d23 Make it build, plus make depend. 2009-09-27 14:04:33 +00:00
Dr. Stephen Henson
cf51a0dccb Seed PRNG with DSA and ECDSA digests for additional protection against
possible PRNG state duplication.
2009-09-09 12:07:41 +00:00
Dr. Stephen Henson
e852835da6 Make update: delete duplicate error code. 2008-09-17 17:11:09 +00:00
Dr. Stephen Henson
d83dde6180 Merge changes to build system from fips branch. 2008-09-16 21:44:57 +00:00
Dr. Stephen Henson
1af12ff1d1 Fix error code discrepancy.
Make update.
2008-09-14 16:43:37 +00:00
Bodo Möller
7d610299c9 Should reject signatures that we can't properly verify
and couldn't generate
(as pointed out by Ernst G Giessmann)
2007-11-19 07:25:28 +00:00
Bodo Möller
5c676c47cd The hash length check wasn't strict enough,
as pointed out by Ernst G Giessmann
2007-11-16 13:00:57 +00:00
Dr. Stephen Henson
14346b3456 Fix warnings: C++ comments and computed value not used. 2007-07-04 12:56:33 +00:00
Dr. Stephen Henson
4a0d3530e0 Update from HEAD. 2007-01-21 13:16:49 +00:00
Dr. Stephen Henson
115fc340cb Rebuild error file C source files. 2006-11-21 20:14:46 +00:00
Nils Larsch
aa145866f9 return an error if the supplied precomputed values lead to an invalid signature 2006-10-04 19:55:03 +00:00
Nils Larsch
58828ae573 fix typo: pass pre-computed parameters to the underlying signature function; thanks to Lucas Newman 2006-02-13 08:22:39 +00:00
Nils Larsch
22d1087e16 backport recent changes from the cvs head 2006-02-08 19:16:33 +00:00
Andy Polyakov
99237262d4 Missing CFLAG in couple of depend: targets [from HEAD].
PR: 1247
Submitted by: Doug Kaufman
2005-12-18 19:02:22 +00:00
Nils Larsch
f95d097359 fix typo 2005-07-17 21:05:11 +00:00
Nils Larsch
4913b88f70 make
./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa]
	make all test
work again (+ make update)

PR: 1159
2005-07-16 11:13:10 +00:00
Richard Levitte
8bdbf50772 Wrap the inclusion of openssl/engine.h with a protective check for
the absence of OPENSSL_NO_ENGINE.
2005-06-23 22:08:41 +00:00
Nils Larsch
aff2922f9a fix typo, add prototype 2005-05-20 23:01:31 +00:00
Andy Polyakov
ce92b6eb9c Further BUILDENV refinement, further fool-proofing of Makefiles and
[most importantly] put back dependencies accidentaly eliminated in
check-in #13342.
2005-05-16 16:55:47 +00:00
Nils Larsch
9dd8405341 ecc api cleanup; summary:
- hide the EC_KEY structure definition in ec_lcl.c + add
  some functions to use/access the EC_KEY fields
- change the way how method specific data (ecdsa/ecdh) is
  attached to a EC_KEY
- add ECDSA_sign_ex and ECDSA_do_sign_ex functions with
  additional parameters for pre-computed values
- rebuild libeay.num from 0.9.7
2005-05-16 10:11:04 +00:00
Andy Polyakov
81a86fcf17 Fool-proofing Makefiles 2005-05-15 22:23:26 +00:00
Nils Larsch
8b15c74018 give EC_GROUP_new_by_nid a more meanigful name:
EC_GROUP_new_by_nid -> EC_GROUP_new_by_curve_name
2005-05-10 11:37:47 +00:00
Bodo Möller
fbeaa3c47d Update util/ck_errf.pl script, and have it run automatically
during "make errors" and thus during "make update".

Fix lots of bugs that util/ck_errf.pl can detect automatically.
Various others of these are still left to fix; that's why
"make update" will complain loudly when run now.
2005-05-09 00:27:37 +00:00
Nils Larsch
6a50d0a422 hide the definition of ECDSA_METHOD and ECDSA_DATA (and mutatis mutandis
for ecdh)
2005-04-29 15:56:06 +00:00
Bodo Möller
aa4ce7315f Fix various incorrect error function codes.
("perl util/ck_errf.pl */*.c */*/*.c" still reports many more.)
2005-04-26 18:53:22 +00:00
Nils Larsch
a0bee97e55 more const 2005-04-22 21:57:36 +00:00
Nils Larsch
ff22e913a3 - use BN_set_negative and BN_is_negative instead of BN_set_sign
and BN_get_sign
- implement BN_set_negative as a function
- always use "#define BN_is_zero(a) ((a)->top == 0)"
2005-04-22 20:02:44 +00:00
Dr. Stephen Henson
29dc350813 Rebuild error codes. 2005-04-12 16:15:22 +00:00
Ben Laurie
42ba5d2329 Blow away Makefile.ssl. 2005-03-30 13:05:57 +00:00
Richard Levitte
a2ac429da2 Don't use $(EXHEADER) directly in for loops, as most shells will break
if $(EXHEADER) is empty.

Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
2004-11-02 23:55:01 +00:00
Geoff Thorpe
58ae65cd1a Update ECDSA and ECDH for OPENSSL_NO_ENGINE.
Reported by: Maxim Masiutin
Submitted by: Nils Larsch
2004-10-21 00:06:14 +00:00
Geoff Thorpe
0210065bbd Quick fix.
Submitted by: Nils Larsch
2004-07-16 03:24:51 +00:00
Geoff Thorpe
b3b6720944 Correct the return codes for ecdsatest.
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe
2004-06-14 23:37:32 +00:00
Geoff Thorpe
0f814687b9 Deprecate the recursive includes of bn.h from various API headers (asn1.h,
dh.h, dsa.h, ec.h, ecdh.h, ecdsa.h, rsa.h), as the opaque bignum types are
already declared in ossl_typ.h. Add explicit includes for bn.h in those C
files that need access to structure internals or API functions+macros.
2004-05-17 19:14:22 +00:00
Geoff Thorpe
60a938c6bc (oops) Apologies all, that last header-cleanup commit was from the wrong
tree. This further reduces header interdependencies, and makes some
associated cleanups.
2004-04-19 18:09:28 +00:00
Geoff Thorpe
3a87a9b9db Reduce header interdependencies, initially in engine.h (the rest of the
changes are the fallout). As this could break source code that doesn't
directly include headers for interfaces it uses, changes to recursive
includes are covered by the OPENSSL_NO_DEPRECATED symbol. It's better to
define this when building and using openssl, and then adapt code where
necessary - this is how to stay current. However the mechanism exists for
the lethargic.
2004-04-19 17:46:04 +00:00
Geoff Thorpe
c6700d2746 A cleanup of the ecs_ossl.c code and some (doxygen) comments for ecdsa.h
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe
2004-02-22 19:32:53 +00:00
Ulf Möller
a9f2330f43 Skip a curve with generator of non-prime order.
Submitted by: Nils Larsch
2003-12-06 11:41:22 +00:00
Ulf Möller
31182ad39b re-enable the test, keeping the original method for RAND_pseudo_bytes
which is used by BN_DEBUG_RAND
Submitted by: Nils Larsch
2003-11-16 19:33:31 +00:00
Ulf Möller
ac9c6e10a4 The x9.62 tests replace the PRNG with specific numbers,
so don't run them if BN_DEBUG_RAND is defined.

Also, fix another small bug.

Submitted by: Nils Larsch
2003-11-16 12:24:45 +00:00
Richard Levitte
d1465bac90 make update 2003-05-01 04:10:32 +00:00
Richard Levitte
3b6aa36c77 Make sure we get the definition of OPENSSL_NO_ECDSA. 2003-03-20 23:22:31 +00:00