- 29 3月, 2004 1 次提交
-
-
由 Dr. Stephen Henson 提交于
appropriate form, for example correct DES parity. Update S/MIME code and EVP_SealInit to use new functions. PR: 700
-
- 28 3月, 2004 3 次提交
-
-
由 Dr. Stephen Henson 提交于
make update
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
verified structure can contain its own CRLs (such as PKCS#7 signedData). Tidy up some of the verify code.
-
- 27 3月, 2004 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 26 3月, 2004 5 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Richard Levitte 提交于
the symbol name).
-
由 Richard Levitte 提交于
PR: 854
-
由 Richard Levitte 提交于
-
由 Richard Levitte 提交于
doule as last argument.
-
- 25 3月, 2004 11 次提交
-
-
由 Richard Levitte 提交于
-
由 Dr. Stephen Henson 提交于
I'll remember to try to compile this with warnings enabled next time :-)
-
由 Dr. Stephen Henson 提交于
-
由 Geoff Thorpe 提交于
locally initialising their own. NB: I've removed the "BN_clear_free()" loops for the exit-paths in some of these functions, and that may be a major part of the performance improvements we're seeing. The "free" part can be removed because we're using BN_CTX. The "clear" part OTOH can be removed because BN_CTX destruction automatically performs this task, so performing it inside functions that may be called repeatedly is wasteful. This is currently safe within openssl due to the fact that BN_CTX objects are never created for longer than a single high-level operation. However, that is only because there's currently no mechanism in openssl for thread-local storage. Beyond that, this might be an issue for applications using the bignum API directly and caching their own BN_CTX objects. The solution is to introduce a flag to BN_CTX_start() that allows its variables to be automatically sanitised on release during BN_CTX_end(). This way any higher-level function (and perhaps the application) can specify this flag in its own BN_CTX_start()/BN_CTX_end() pair, and this will cause inner-loop functions specifying the flag to be ignored so that sanitisation is handled only once back out at the higher level. I will be implementing this in the near future.
-
由 Geoff Thorpe 提交于
little TODO list in there as well as the debugging code (only enabled if BN_CTX_DEBUG is defined). I'd appreciate as much review and testing as can be spared for this. I'll commit some changes to other parts of the bignum code shortly to make better use of this implementation (no more fixed size limitations). Note also that under identical optimisations, I'm seeing a noticable speed increase over openssl-0.9.7 - so any feedback to confirm/deny this on other systems would also be most welcome.
-
由 Geoff Thorpe 提交于
curves. Submitted by: Nils Larsch
-
由 Geoff Thorpe 提交于
already built and tested.
-
由 Geoff Thorpe 提交于
operations no longer require two distinct BN_CTX structures. This may put more "strain" on the current BN_CTX implementation (which has a fixed limit to the number of variables it will hold), but so far this limit is not triggered by any of the tests pass and I will be changing BN_CTX in the near future to avoid this problem anyway. This also changes the default RSA implementation code to use the BN_CTX in favour of initialising some of its variables locally in each function.
-
由 Geoff Thorpe 提交于
dependency from asn1.
-
由 Geoff Thorpe 提交于
-
由 Geoff Thorpe 提交于
-
- 24 3月, 2004 6 次提交
-
-
由 Richard Levitte 提交于
-
由 Richard Levitte 提交于
-
由 Richard Levitte 提交于
SDIRS.
-
由 Richard Levitte 提交于
-
由 Richard Levitte 提交于
-
由 Richard Levitte 提交于
-
- 23 3月, 2004 3 次提交
-
-
由 Richard Levitte 提交于
-
由 Richard Levitte 提交于
-
由 Dr. Stephen Henson 提交于
This is currently *very* experimental and needs to be more fully integrated with the main verification code.
-
- 22 3月, 2004 2 次提交
-
-
由 Richard Levitte 提交于
PR: 849
-
由 Richard Levitte 提交于
PR: 849
-
- 18 3月, 2004 1 次提交
-
-
由 Geoff Thorpe 提交于
- Remove some unnecessary "+1"-like fudges. Sizes should be handled exactly, as enlarging size parameters causes needless bloat and may just make bugs less likely rather than fixing them: bn_expand() macro, bn_expand_internal(), and BN_sqr(). - Deprecate bn_dup_expand() - it's new since 0.9.7, unused, and not that useful. - Remove unnecessary zeroing of unused bytes in bn_expand2(). - Rewrite BN_set_word() - it should be much simpler, the previous complexities probably date from old mismatched type issues. - Add missing bn_check_top() macros in bn_word.c - Improve some degenerate case handling in BN_[add|sub]_word(), add comments, and avoid a bignum expansion if an overflow isn't possible.
-
- 16 3月, 2004 4 次提交
-
-
由 Richard Levitte 提交于
functions and macros. This change has associated tags: LEVITTE_before_const and LEVITTE_after_const. Those will be removed when this change has been properly reviewed.
-
由 Richard Levitte 提交于
-
由 Richard Levitte 提交于
compilers may complain.
-
由 Richard Levitte 提交于
-
- 14 3月, 2004 3 次提交
-
-
由 Geoff Thorpe 提交于
Remove certain redundant BN_zero() initialisations, because BN_CTX_get(), BN_init(), [etc] already initialise to zero. Correct error checking in bn_sqr.c, and be less wishy-wash about how/why the result's 'top' value is set (note also, 'max' is always > 0 at this point).
-
由 Geoff Thorpe 提交于
bignums are passed in and out of functions and APIs in a consistent form has highlighted that zero-valued bignums don't need any allocated word data. The use of BN_set_word() to initialise a bignum to zero causes needless allocation and gives it a return value that must be checked. This change converts BN_zero() to a self-contained macro that has no return/expression value and does not cause any expansion of bignum data. Note, it would be tempting to rewrite the deprecated version as a success-valued comma expression, such as; #define BN_zero(a) ((a)->top = (a)->neg = 0, 1) However, this evaluates 'a' twice and would confuse initialisation loops (eg. while(..) { BN_zero(bn++) } ). As such, the deprecated version continues to use BN_set_word().
-
由 Geoff Thorpe 提交于
change to work properly; BN_zero() should set 'neg' to zero as well as 'top' to match the behaviour of BN_new().
-