1. 28 9月, 2019 1 次提交
  2. 10 9月, 2019 1 次提交
  3. 07 9月, 2019 1 次提交
  4. 03 4月, 2018 1 次提交
  5. 20 3月, 2018 1 次提交
  6. 07 3月, 2018 1 次提交
  7. 18 10月, 2017 1 次提交
  8. 03 8月, 2017 2 次提交
    • R
      Add RAND_priv_bytes() for private keys · ddc6a5c8
      Rich Salz 提交于
      Add a new global DRBG for private keys used by RAND_priv_bytes.
      
      Add BN_priv_rand() and BN_priv_rand_range() which use RAND_priv_bytes().
      Change callers to use the appropriate BN_priv... function.
      Reviewed-by: NPaul Dale <paul.dale@oracle.com>
      (Merged from https://github.com/openssl/openssl/pull/4076)
      ddc6a5c8
    • R
      Switch from ossl_rand to DRBG rand · 75e2c877
      Rich Salz 提交于
      If RAND_add wraps around, XOR with existing. Add test to drbgtest that
      does the wrap-around.
      
      Re-order seeding and stop after first success.
      
      Add RAND_poll_ex()
      
      Use the DF and therefore lower RANDOMNESS_NEEDED.  Also, for child DRBG's,
      mix in the address as the personalization bits.
      
      Centralize the entropy callbacks, from drbg_lib to rand_lib.
      (Conceptually, entropy is part of the enclosing application.)
      Thanks to Dr. Matthias St Pierre for the suggestion.
      
      Various code cleanups:
          -Make state an enum; inline RANDerr calls.
          -Add RAND_POLL_RETRIES (thanks Pauli for the idea)
          -Remove most RAND_seed calls from rest of library
          -Rename DRBG_CTX to RAND_DRBG, etc.
          -Move some code from drbg_lib to drbg_rand; drbg_lib is now only the
           implementation of NIST DRBG.
          -Remove blocklength
      Reviewed-by: NPaul Dale <paul.dale@oracle.com>
      (Merged from https://github.com/openssl/openssl/pull/4019)
      75e2c877
  9. 04 7月, 2017 1 次提交
  10. 09 11月, 2016 1 次提交
  11. 06 9月, 2016 1 次提交
  12. 10 8月, 2016 1 次提交
  13. 24 5月, 2016 1 次提交
  14. 18 5月, 2016 1 次提交
  15. 27 1月, 2016 1 次提交
    • R
      Remove /* foo.c */ comments · 34980760
      Rich Salz 提交于
      This was done by the following
              find . -name '*.[ch]' | /tmp/pl
      where /tmp/pl is the following three-line script:
              print unless $. == 1 && m@/\* .*\.[ch] \*/@;
              close ARGV if eof; # Close file to reset $.
      
      And then some hand-editing of other files.
      Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
      34980760
  16. 10 11月, 2015 1 次提交
  17. 23 5月, 2015 1 次提交
    • M
      Fix off-by-one in BN_rand · efee575a
      Matt Caswell 提交于
      If BN_rand is called with |bits| set to 1 and |top| set to 1 then a 1 byte
      buffer overflow can occur. There are no such instances within the OpenSSL at
      the moment.
      
      Thanks to Mateusz Kocielski (LogicalTrust), Marek Kroemeke, Filip Palian for
      discovering and reporting this issue.
      Reviewed-by: NKurt Roeckx <kurt@openssl.org>
      efee575a
  18. 14 5月, 2015 1 次提交
  19. 01 5月, 2015 2 次提交
  20. 29 4月, 2015 1 次提交
  21. 25 3月, 2015 1 次提交
  22. 09 2月, 2015 1 次提交
  23. 28 1月, 2015 1 次提交
    • R
      OPENSSL_NO_xxx cleanup: SHA · 474e469b
      Rich Salz 提交于
      Remove support for SHA0 and DSS0 (they were broken), and remove
      the ability to attempt to build without SHA (it didn't work).
      For simplicity, remove the option of not building various SHA algorithms;
      you could argue that SHA_224/256/384/512 should be kept, since they're
      like crypto algorithms, but I decided to go the other way.
      So these options are gone:
      	GENUINE_DSA         OPENSSL_NO_SHA0
      	OPENSSL_NO_SHA      OPENSSL_NO_SHA1
      	OPENSSL_NO_SHA224   OPENSSL_NO_SHA256
      	OPENSSL_NO_SHA384   OPENSSL_NO_SHA512
      Reviewed-by: NRichard Levitte <levitte@openssl.org>
      474e469b
  24. 22 1月, 2015 1 次提交
  25. 08 12月, 2014 2 次提交
  26. 14 6月, 2013 1 次提交
    • A
      Add secure DSA nonce flag. · 8a99cb29
      Adam Langley 提交于
      This change adds the option to calculate (EC)DSA nonces by hashing the
      message and private key along with entropy to avoid leaking the private
      key if the PRNG fails.
      8a99cb29
  27. 11 5月, 2011 1 次提交
  28. 11 2月, 2011 1 次提交
  29. 28 1月, 2011 2 次提交
  30. 12 11月, 2008 1 次提交
  31. 01 11月, 2008 1 次提交
  32. 20 10月, 2008 1 次提交
  33. 27 4月, 2005 1 次提交
  34. 25 3月, 2004 1 次提交
  35. 14 3月, 2004 1 次提交
    • G
      Convert openssl code not to assume the deprecated form of BN_zero(). · b6358c89
      Geoff Thorpe 提交于
      Remove certain redundant BN_zero() initialisations, because BN_CTX_get(),
      BN_init(), [etc] already initialise to zero.
      
      Correct error checking in bn_sqr.c, and be less wishy-wash about how/why
      the result's 'top' value is set (note also, 'max' is always > 0 at this
      point).
      b6358c89
  36. 05 11月, 2003 1 次提交