Bodo Möller
7cdb81582c
Change to mitigate branch prediction attacks
...
Submitted by: Matthew D Wood
Reviewed by: Bodo Moeller
2007-03-28 00:14:25 +00:00
Mark J. Cox
fdff41e166
Initialise ctx to NULL to avoid uninitialized free, noticed by
...
Steve Kiernan
2006-09-29 08:21:07 +00:00
Mark J. Cox
951dfbb13a
Introduce limits to prevent malicious keys being able to
...
cause a denial of service. (CVE-2006-2940)
[Steve Henson, Bodo Moeller]
Fix ASN.1 parsing of certain invalid structures that can result
in a denial of service. (CVE-2006-2937) [Steve Henson]
Fix buffer overflow in SSL_get_shared_ciphers() function.
(CVE-2006-3738) [Tavis Ormandy and Will Drewry, Google Security Team]
Fix SSL client code which could crash if connecting to a
malicious SSLv2 server. (CVE-2006-4343)
[Tavis Ormandy and Will Drewry, Google Security Team]
2006-09-28 11:29:03 +00:00
Nils Larsch
b7a80146f4
fix error found by coverity: check if ctx is != NULL before calling BN_CTX_end()
2006-03-13 23:12:08 +00:00
Ben Laurie
9ddb11f11c
Avoid weak subgroups in Diffie Hellman.
2005-08-20 18:35:53 +00:00
Bodo Möller
cad811fc41
Use BN_with_flags() in a cleaner way.
2005-05-27 15:39:24 +00:00
Bodo Möller
46a643763d
Implement fixed-window exponentiation to mitigate hyper-threading
...
timing attacks.
BN_FLG_EXP_CONSTTIME requests this algorithm, and this done by default for
RSA/DSA/DH private key computations unless
RSA_FLAG_NO_EXP_CONSTTIME/DSA_FLAG_NO_EXP_CONSTTIME/
DH_FLAG_NO_EXP_CONSTTIME is set.
Submitted by: Matthew D Wood
Reviewed by: Bodo Moeller
2005-05-16 01:43:31 +00:00
Andy Polyakov
3cc54008eb
Pointer to BN_MONT_CTX could be used uninitialized.
2005-04-28 08:49:01 +00:00
Dr. Stephen Henson
879b19801a
Change method_mont_p from (char *) to (BN_MONT_CTX *) and remove several
...
casts.
2005-04-27 00:04:59 +00:00
Dr. Stephen Henson
6ec8e63af6
Port BN_MONT_CTX_set_locked() from stable branch.
...
The function rsa_eay_mont_helper() has been removed because it is no longer
needed after this change.
2005-04-26 23:58:54 +00:00
Bodo Möller
aa4ce7315f
Fix various incorrect error function codes.
...
("perl util/ck_errf.pl */*.c */*/*.c" still reports many more.)
2005-04-26 18:53:22 +00:00
Richard Levitte
43eb3b0130
We seem to carry some rests of the 0.9.6 [engine] ENGINE framework in form
...
of unneeded includes of openssl/engine.h.
2003-04-08 06:00:05 +00:00
Richard Levitte
0b13e9f055
Add the possibility to build without the ENGINE framework.
...
PR: 287
2003-01-30 17:39:26 +00:00
Geoff Thorpe
0e4aa0d2d2
As with RSA, which was modified recently, this change makes it possible to
...
override key-generation implementations by placing handlers in the methods
for DSA and DH. Also, parameter generation for DSA and DH is possible by
another new handler for each method.
2003-01-15 02:01:55 +00:00
Geoff Thorpe
cb78486d97
This commits changes to various parts of libcrypto required by the recent
...
ENGINE surgery. DH, DSA, RAND, and RSA now use *both* "method" and ENGINE
pointers to manage their hooking with ENGINE. Previously their use of
"method" pointers was replaced by use of ENGINE references. See
crypto/engine/README for details.
Also, remove the ENGINE iterations from evp_test - even when the
cipher/digest code is committed in, this functionality would require a
different set of API calls.
2001-09-25 20:23:40 +00:00
Bodo Möller
de3333bae4
length of secret exponent is needed only when we create one
2001-07-27 22:45:35 +00:00
Bodo Möller
924875e53b
Undo DH_generate_key() change: s3_srvr.c was using it correctly
2001-07-27 22:34:25 +00:00
Bodo Möller
e5cb260365
DH key generation should not use a do ... while loop,
...
or bogus DH parameters can be used for launching DOS attacks
2001-07-25 17:48:51 +00:00
Bodo Möller
6aecef815c
Don't preserve existing keys in DH_generate_key.
2001-07-25 17:20:34 +00:00
Bodo Möller
c62b26fdc6
Hide BN_CTX structure details.
...
Incease the number of BIGNUMs in a BN_CTX.
2001-03-08 15:56:15 +00:00
Ulf Möller
48f2ef8d00
make it a loop as in dsa
2001-02-20 16:17:25 +00:00
Ulf Möller
12c2fe8d53
Use BN_rand_range().
2001-02-20 00:43:59 +00:00
Richard Levitte
f971ccb264
Constify DH-related code.
2000-11-07 14:30:37 +00:00
Richard Levitte
5270e7025e
Merge the engine branch into the main trunk. All conflicts resolved.
...
At the same time, add VMS support for Rijndael.
2000-10-26 21:07:28 +00:00
Bodo Möller
6dad7bd69c
Speed up DH with small generator.
2000-06-07 21:29:25 +00:00
Ulf Möller
9b141126d4
New functions BN_CTX_start(), BN_CTX_get(), BN_CTX_end() to access
...
temporary BIGNUMs. BN_CTX still uses a fixed number of BIGNUMs, but
the BN_CTX implementation could now easily be changed.
2000-02-05 14:17:32 +00:00
Dr. Stephen Henson
13066cee60
Initial support for DH_METHOD. Also added a DH lock. A few changes made to
...
DSA_METHOD to make it more consistent with RSA_METHOD.
1999-08-23 23:11:32 +00:00
Bodo Möller
ec577822f9
Change #include filenames from <foo.h> to <openssl.h>.
...
Submitted by:
Reviewed by:
PR:
1999-04-23 22:13:45 +00:00
Ulf Möller
6b691a5c85
Change functions to ANSI C.
1999-04-19 21:31:43 +00:00
Ralf S. Engelschall
dfeab0689f
Import of old SSLeay release: SSLeay 0.9.1b (unreleased)
1998-12-21 11:00:56 +00:00
Ralf S. Engelschall
58964a4922
Import of old SSLeay release: SSLeay 0.9.0b
1998-12-21 10:56:39 +00:00
Ralf S. Engelschall
d02b48c63a
Import of old SSLeay release: SSLeay 0.8.1b
1998-12-21 10:52:47 +00:00