- 07 8月, 2017 1 次提交
-
-
由 Rich Salz 提交于
Use atfork to count child forks, and reseed DRBG when the counts don't match. Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4101)
-
- 03 8月, 2017 2 次提交
-
-
由 Rich Salz 提交于
Add a new global DRBG for private keys used by RAND_priv_bytes. Add BN_priv_rand() and BN_priv_rand_range() which use RAND_priv_bytes(). Change callers to use the appropriate BN_priv... function. Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4076)
-
由 Rich Salz 提交于
If RAND_add wraps around, XOR with existing. Add test to drbgtest that does the wrap-around. Re-order seeding and stop after first success. Add RAND_poll_ex() Use the DF and therefore lower RANDOMNESS_NEEDED. Also, for child DRBG's, mix in the address as the personalization bits. Centralize the entropy callbacks, from drbg_lib to rand_lib. (Conceptually, entropy is part of the enclosing application.) Thanks to Dr. Matthias St Pierre for the suggestion. Various code cleanups: -Make state an enum; inline RANDerr calls. -Add RAND_POLL_RETRIES (thanks Pauli for the idea) -Remove most RAND_seed calls from rest of library -Rename DRBG_CTX to RAND_DRBG, etc. -Move some code from drbg_lib to drbg_rand; drbg_lib is now only the implementation of NIST DRBG. -Remove blocklength Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4019)
-
- 23 7月, 2017 1 次提交
-
-
由 Rich Salz 提交于
Add a new config param to specify how the CSPRNG should be seeded. Illegal values or nonsensical combinations (e.g., anything other than "os" on VMS or HP VOS etc) result in build failures. Add RDSEED support. Add RDTSC but leave it disabled for now pending more investigation. Refactor and reorganization all seeding files (rand_unix/win/vms) so that they are simpler. Only require 128 bits of seeding material. Many document improvements, including why to not use RAND_add() and the limitations around using load_file/write_file. Document RAND_poll(). Cleanup Windows RAND_poll and return correct status More completely initialize the default DRBG. Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/3965)
-
- 21 7月, 2017 1 次提交
-
-
由 Benjamin Kaduk 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3971)
-
- 20 7月, 2017 2 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3974)
-
由 Rich Salz 提交于
As suggested by Kurt. Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/3970)
-
- 19 7月, 2017 1 次提交
-
-
由 Rich Salz 提交于
Ported from the last FIPS release, with DUAL_EC and SHA1 and the self-tests removed. Since only AES-CTR is supported, other code simplifications were done. Removed the "entropy blocklen" concept. Moved internal functions to new include/internal/rand.h. Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/3789)
-
- 15 7月, 2017 1 次提交
-
-
由 Rich Salz 提交于
Remove unused rand_hw_xor, MD/EVP indirection Make rand_pseudo same as rand. Cleanup formatting and ifdef control Rename some things: - rand_meth to openssl_rand_meth; make it global - source file - lock/init functions, start per-thread state - ossl_meth_init to ossl_rand_init Put state into RAND_STATE structure And put OSSL_RAND_STATE into ossl_typ.h Use "randomness" instead of "entropy" Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3758)
-
- 18 5月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 27 1月, 2016 1 次提交
-
-
由 Rich Salz 提交于
This was done by the following find . -name '*.[ch]' | /tmp/pl where /tmp/pl is the following three-line script: print unless $. == 1 && m@/\* .*\.[ch] \*/@; close ARGV if eof; # Close file to reset $. And then some hand-editing of other files. Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
- 28 1月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Remove support for SHA0 and DSS0 (they were broken), and remove the ability to attempt to build without SHA (it didn't work). For simplicity, remove the option of not building various SHA algorithms; you could argue that SHA_224/256/384/512 should be kept, since they're like crypto algorithms, but I decided to go the other way. So these options are gone: GENUINE_DSA OPENSSL_NO_SHA0 OPENSSL_NO_SHA OPENSSL_NO_SHA1 OPENSSL_NO_SHA224 OPENSSL_NO_SHA256 OPENSSL_NO_SHA384 OPENSSL_NO_SHA512 Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 22 1月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 11 1月, 2014 1 次提交
-
-
由 Dr. Stephen Henson 提交于
If available rdrand is used as an additional entropy source for the PRNG and for additional input in FIPS mode.
-
- 25 10月, 2001 1 次提交
-
-
由 Bodo Möller 提交于
-
- 16 10月, 2001 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Retain compatibility of EVP_DigestInit() and EVP_DigestFinal() with existing code. Modify library to use digest *_ex() functions.
-
- 08 9月, 2001 1 次提交
-
-
由 Bodo Möller 提交于
<openssl/evp.h> is now used (MD_DIGEST_LENGTH definitions!). No need to include such headers directly in md_rand.c.
-
- 07 9月, 2001 1 次提交
-
-
由 Ulf Möller 提交于
-
- 06 8月, 2001 1 次提交
-
-
由 Ben Laurie 提交于
-
- 31 7月, 2001 1 次提交
-
-
由 Ben Laurie 提交于
-
- 11 7月, 2001 1 次提交
-
-
由 Richard Levitte 提交于
-
- 20 6月, 2001 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Change all calls to low level digest routines in the library and applications to use EVP. Add missing calls to HMAC_cleanup() and don't assume HMAC_CTX can be copied using memcpy(). Note: this is almost identical to the patch submitted to openssl-dev by Verdon Walker <VWalker@novell.com> except some redundant EVP_add_digest_()/EVP_cleanup() calls were removed and some changes made to avoid compiler warnings.
-
- 16 5月, 2001 1 次提交
-
-
由 Lutz Jänicke 提交于
-
- 20 2月, 2001 1 次提交
-
-
由 Richard Levitte 提交于
sure they are available in opensslconf.h, by giving them names starting with "OPENSSL_" to avoid conflicts with other packages and by making sure e_os2.h will cover all platform-specific cases together with opensslconf.h. I've checked fairly well that nothing breaks with this (apart from external software that will adapt if they have used something like NO_KRB5), but I can't guarantee it completely, so a review of this change would be a good thing.
-
- 20 7月, 2000 1 次提交
-
-
由 Ulf Möller 提交于
rand_lcl.h
-
- 28 1月, 2000 1 次提交
-
-
由 Ulf Möller 提交于
-
- 06 3月, 1999 1 次提交
-
-
由 Ralf S. Engelschall 提交于
questions now is the OpenSSL core team under openssl-core@openssl.org. And add a paragraph about the dual-license situation to make sure people recognize that _BOTH_ the OpenSSL license _AND_ the SSLeay license apply to the OpenSSL toolkit.
-
- 27 2月, 1999 1 次提交
-
-
由 Ralf S. Engelschall 提交于
-
- 23 12月, 1998 1 次提交
-
-
由 Ralf S. Engelschall 提交于
-
- 22 12月, 1998 2 次提交
-
-
由 Ralf S. Engelschall 提交于
-
由 Ralf S. Engelschall 提交于
-
- 21 12月, 1998 2 次提交
-
-
由 Ralf S. Engelschall 提交于
-
由 Ralf S. Engelschall 提交于
-