- 29 12月, 2008 1 次提交
-
-
由 Ben Laurie 提交于
(Coverity ID 135).
-
- 22 6月, 2008 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 16 3月, 2008 1 次提交
-
-
由 Dr. Stephen Henson 提交于
examples. All RFC4134 examples can not be processed.
-
- 28 3月, 2007 1 次提交
-
-
由 Bodo Möller 提交于
Submitted by: Matthew D Wood Reviewed by: Bodo Moeller
-
- 22 11月, 2006 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 28 9月, 2006 1 次提交
-
-
由 Bodo Möller 提交于
cause a denial of service. (CVE-2006-2940) [Steve Henson, Bodo Moeller]
-
- 06 9月, 2006 1 次提交
-
-
由 Bodo Möller 提交于
Colin Percival (this would have caused more problems than solved, and isn't really necessary anyway)
-
- 05 9月, 2006 1 次提交
-
-
由 Mark J. Cox 提交于
(CVE-2006-4339) Submitted by: Ben Laurie, Google Security Team Reviewed by: bmoeller, mjc, shenson
-
- 18 7月, 2006 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 12 5月, 2006 1 次提交
-
-
由 Dr. Stephen Henson 提交于
More error checking for RSA pmeth.
-
- 12 4月, 2006 2 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
- 10 4月, 2006 5 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
Add digest size sanity checks.
-
由 Dr. Stephen Henson 提交于
-
- 09 4月, 2006 2 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
- 20 3月, 2006 1 次提交
-
-
由 Dr. Stephen Henson 提交于
key ASN1 handling through a single EVP_PKEY_ASN1_METHOD structure and move the spaghetti algorithm specific code to a single ASN1 module for each algorithm.
-
- 09 1月, 2006 1 次提交
-
-
由 Bodo Möller 提交于
-
- 03 6月, 2005 2 次提交
-
-
由 Andy Polyakov 提交于
-
由 Andy Polyakov 提交于
-
- 29 5月, 2005 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 16 5月, 2005 1 次提交
-
-
由 Bodo Möller 提交于
timing attacks. BN_FLG_EXP_CONSTTIME requests this algorithm, and this done by default for RSA/DSA/DH private key computations unless RSA_FLAG_NO_EXP_CONSTTIME/DSA_FLAG_NO_EXP_CONSTTIME/ DH_FLAG_NO_EXP_CONSTTIME is set. Submitted by: Matthew D Wood Reviewed by: Bodo Moeller
-
- 11 5月, 2005 1 次提交
-
-
由 Bodo Möller 提交于
(Also improve util/ck_errf.pl script, and occasionally fix source code formatting.)
-
- 27 4月, 2005 1 次提交
-
-
由 Nils Larsch 提交于
- possibility of re-creation of the blinding parameters after a fixed number of uses (suggested by Bodo) - calculatition of the rsa::e in case it's absent and p and q are present (see bug report #785) - improve the performance when if one rsa structure is shared by more than a thread (see bug report #555) - fix the problem described in bug report #827 - hide the definition ot the BN_BLINDING structure in bn_blind.c
-
- 31 3月, 2005 1 次提交
-
-
由 Ben Laurie 提交于
-
- 18 5月, 2004 1 次提交
-
-
由 Geoff Thorpe 提交于
dh.h, dsa.h, ec.h, ecdh.h, ecdsa.h, rsa.h), as the opaque bignum types are already declared in ossl_typ.h. Add explicit includes for bn.h in those C files that need access to structure internals or API functions+macros.
-
- 26 4月, 2004 1 次提交
-
-
由 Geoff Thorpe 提交于
proposed the change and submitted the patch, I jiggled it slightly and adjusted the other parts of openssl that were affected. PR: 867 Submitted by: Jelte Jansen Reviewed by: Geoff Thorpe
-
- 20 4月, 2004 1 次提交
-
-
由 Geoff Thorpe 提交于
changes are the fallout). As this could break source code that doesn't directly include headers for interfaces it uses, changes to recursive includes are covered by the OPENSSL_NO_DEPRECATED symbol. It's better to define this when building and using openssl, and then adapt code where necessary - this is how to stay current. However the mechanism exists for the lethargic.
-
- 25 3月, 2004 1 次提交
-
-
由 Geoff Thorpe 提交于
operations no longer require two distinct BN_CTX structures. This may put more "strain" on the current BN_CTX implementation (which has a fixed limit to the number of variables it will hold), but so far this limit is not triggered by any of the tests pass and I will be changing BN_CTX in the near future to avoid this problem anyway. This also changes the default RSA implementation code to use the BN_CTX in favour of initialising some of its variables locally in each function.
-
- 07 5月, 2003 1 次提交
-
-
由 Richard Levitte 提交于
called downstream that need it to be non-const. The fact that the RSA_METHOD functions take the RSA* as a const doesn't matter, it just expresses that *they* won't touch it. PR: 602
-
- 05 5月, 2003 1 次提交
-
-
由 Richard Levitte 提交于
PR: 602
-
- 16 4月, 2003 1 次提交
-
-
由 Richard Levitte 提交于
Memory leak fix: RSA_blinding_on() would leave a dangling pointer in rsa->blinding under certain circumstances. Double definition fix: RSA_FLAG_NO_BLINDING was defined twice.
-
- 21 3月, 2003 1 次提交
-
-
由 Bodo Möller 提交于
enable it automatically for the built-in engine
-
- 31 1月, 2003 2 次提交
-
-
由 Richard Levitte 提交于
bad, so let's not check OPENSSL_NO_ENGINE in those places. Fortunately, all the header files where the problem existed include ossl_typ.h, which makes a 'forward declaration' of the ENGINE type.
-
由 Richard Levitte 提交于
PR: 287
-
- 07 1月, 2003 1 次提交
-
-
由 Geoff Thorpe 提交于
generation. This prototype matches the new API function RSA_generate_key_ex(), though both may be subject to change during development before 0.9.8.
-
- 08 12月, 2002 1 次提交
-
-
由 Geoff Thorpe 提交于
key-generation and prime-checking functions. Rather than explicitly passing callback functions and caller-defined context data for the callbacks, a new structure BN_GENCB is defined that encapsulates this; a pointer to the structure is passed to all such functions instead. This wrapper structure allows the encapsulation of "old" and "new" style callbacks - "new" callbacks return a boolean result on the understanding that returning FALSE should terminate keygen/primality processing. The BN_GENCB abstraction will allow future callback modifications without needing to break binary compatibility nor change the API function prototypes. The new API functions have been given names ending in "_ex" and the old functions are implemented as wrappers to the new ones. The OPENSSL_NO_DEPRECATED symbol has been introduced so that, if defined, declaration of the older functions will be skipped. NB: Some openssl-internal code will stick with the older callbacks for now, so appropriate "#undef" logic will be put in place - this is in case the user is *building* openssl (rather than *including* its headers) with this symbol defined. There is another change in the new _ex functions; the key-generation functions do not return key structures but operate on structures passed by the caller, the return value is a boolean. This will allow for a smoother transition to having key-generation as "virtual function" in the various ***_METHOD tables.
-