- 10 9月, 2014 1 次提交
-
-
由 Matt Caswell 提交于
This is funny; Ben commented in the source, Matt opend a ticket, and Rich is doing the submit. Need more code-review? :) Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-
- 18 7月, 2013 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Keep original function names for nonce versions so we don't have to change error function codes.
-
- 15 7月, 2013 1 次提交
-
-
由 Adam Langley 提交于
This change updates 8a99cb29 to make the generation of (EC)DSA nonces using the message digest the default. It also reverts the changes to (EC)DSA_METHOD structure. In addition to making it the default, removing the flag from EC_KEY means that FIPS modules will no longer have an ABI mismatch.
-
- 14 6月, 2013 1 次提交
-
-
由 Adam Langley 提交于
This change adds the option to calculate (EC)DSA nonces by hashing the message and private key along with entropy to avoid leaking the private key if the PRNG fails.
-
- 04 6月, 2012 1 次提交
-
-
由 Ben Laurie 提交于
-
- 11 5月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
the FIPS capable OpenSSL.
-
- 24 4月, 2011 2 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
- 14 2月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
and FIPS_dsa_sig_free, reimplment DSA_SIG_new and DSA_SIG_free from ASN1 library.
-
- 04 2月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
that use it.
-
- 01 2月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
we shouldn't reject digest lengths larger than SHA256: the FIPS algorithm tests include SHA384 and SHA512 tests.
-
- 26 1月, 2011 2 次提交
-
-
由 Dr. Stephen Henson 提交于
Check for selftest failures. Pairwise consistency test for RSA key generation. Use some EVP macros instead of EVP functions. Use minimal FIPS EVP where needed. Key size restrictions.
-
由 Dr. Stephen Henson 提交于
-
- 12 10月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Submitted by: Alexei Khlebnikov <alexei.khlebnikov@opera.com> Reviewed by: steve OOM checking. Leak in OOM fix. Fall-through comment. Duplicate code elimination.
-
- 28 3月, 2007 1 次提交
-
-
由 Bodo Möller 提交于
Submitted by: Matthew D Wood Reviewed by: Bodo Moeller
-
- 12 2月, 2007 1 次提交
-
-
由 Nils Larsch 提交于
-
- 08 2月, 2007 1 次提交
-
-
由 Nils Larsch 提交于
-
- 03 2月, 2007 1 次提交
-
-
由 Nils Larsch 提交于
-
- 08 11月, 2006 1 次提交
-
-
由 Ben Laurie 提交于
-
- 28 9月, 2006 1 次提交
-
-
由 Bodo Möller 提交于
cause a denial of service. (CVE-2006-2940) [Steve Henson, Bodo Moeller]
-
- 18 3月, 2006 1 次提交
-
-
由 Nils Larsch 提交于
-
- 16 3月, 2006 1 次提交
-
-
由 Nils Larsch 提交于
-
- 26 5月, 2005 1 次提交
-
-
由 Bodo Möller 提交于
-
- 16 5月, 2005 1 次提交
-
-
由 Bodo Möller 提交于
timing attacks. BN_FLG_EXP_CONSTTIME requests this algorithm, and this done by default for RSA/DSA/DH private key computations unless RSA_FLAG_NO_EXP_CONSTTIME/DSA_FLAG_NO_EXP_CONSTTIME/ DH_FLAG_NO_EXP_CONSTTIME is set. Submitted by: Matthew D Wood Reviewed by: Bodo Moeller
-
- 09 5月, 2005 1 次提交
-
-
由 Bodo Möller 提交于
-
- 27 4月, 2005 2 次提交
-
-
由 Dr. Stephen Henson 提交于
casts.
-
由 Dr. Stephen Henson 提交于
The function rsa_eay_mont_helper() has been removed because it is no longer needed after this change.
-
- 23 4月, 2005 2 次提交
-
-
由 Ben Laurie 提交于
-
由 Nils Larsch 提交于
and BN_get_sign - implement BN_set_negative as a function - always use "#define BN_is_zero(a) ((a)->top == 0)"
-
- 08 4月, 2003 1 次提交
-
-
由 Richard Levitte 提交于
of unneeded includes of openssl/engine.h.
-
- 11 3月, 2003 1 次提交
-
-
由 Geoff Thorpe 提交于
dsa_mod_exp() and bn_mod_exp() handlers from dsa_do_verify() and dsa_sign_setup(). When another DSA_METHOD implementation does not define these lower-level handlers, it becomes impossible to do a fallback to software on errors using a simple DSA_OpenSSL()->fn(key). This change allows the default DSA_METHOD to function in such circumstances by only using dsa_mod_exp() and bn_mod_exp() handlers if they exist, otherwise using BIGNUM implementations directly (which is what those handlers did before this change). There should be no noticable difference for the software case, or indeed any custom case that didn't already segfault, except perhaps that there is now one less level of indirection in all cases. PR: 507
-
- 31 1月, 2003 1 次提交
-
-
由 Richard Levitte 提交于
PR: 287
-
- 15 1月, 2003 2 次提交
-
-
由 Lutz Jänicke 提交于
Submitted by: Nils Larsch <nla@trustcenter.de> PR: 459
-
由 Geoff Thorpe 提交于
override key-generation implementations by placing handlers in the methods for DSA and DH. Also, parameter generation for DSA and DH is possible by another new handler for each method.
-
- 04 11月, 2002 1 次提交
-
-
由 Bodo Möller 提交于
Submitted by: Nils Larsch
-
- 26 9月, 2001 1 次提交
-
-
由 Geoff Thorpe 提交于
ENGINE surgery. DH, DSA, RAND, and RSA now use *both* "method" and ENGINE pointers to manage their hooking with ENGINE. Previously their use of "method" pointers was replaced by use of ENGINE references. See crypto/engine/README for details. Also, remove the ENGINE iterations from evp_test - even when the cipher/digest code is committed in, this functionality would require a different set of API calls.
-
- 26 6月, 2001 1 次提交
-
-
由 Bodo Möller 提交于
-
- 21 4月, 2001 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Fix ASN1 bug when decoding OTHER type. Various S/MIME DSA related fixes.
-
- 10 2月, 2001 1 次提交
-
-
由 Bodo Möller 提交于
-
- 08 2月, 2001 1 次提交
-
-
由 Bodo Möller 提交于
Bleichenbacher's DSA attack. With this implementation, the expected number of iterations never exceeds 2. New semantics for BN_rand_range(): BN_rand_range(r, min, range) now generates r such that min <= r < min+range. (Previously, BN_rand_range(r, min, max) generated r such that min <= r < max. It is more convenient to have the range; also the previous prototype was misleading because max was larger than the actual maximum.)
-