Add secure DSA nonce flag.

This change adds the option to calculate (EC)DSA nonces by hashing the message and private key along with entropy to avoid leaking the private key if the PRNG fails.
author: Adam Langley <agl@chromium.org> 2013-01-24 16:27:28 -0500
committer: Ben Laurie <ben@links.org> 2013-06-13 17:26:07 +0100
commit: 8a99cb29d1f0013243a532bccc1dc70ed678eebe (patch)
tree: e29022ee28dbc0e6507597b2baf094760924f421 /crypto/bn/bn_err.c
parent: 64a786a292e301bfbcb269cd2bff0533503d5b8b (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/crypto/bn/bn_err.c b/crypto/bn/bn_err.c
index cdc15e62f0..18a28ec2a6 100644
--- a/crypto/bn/bn_err.c
+++ b/crypto/bn/bn_err.c
@@ -1,6 +1,6 @@
 /* crypto/bn/bn_err.c */
 /* ====================================================================
- * Copyright (c) 1999-2007 The OpenSSL Project.  All rights reserved.
+ * Copyright (c) 1999-2013 The OpenSSL Project.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -132,6 +132,7 @@ static ERR_STRING_DATA BN_str_reasons[]=
 {ERR_REASON(BN_R_NOT_INITIALIZED)        ,"not initialized"},
 {ERR_REASON(BN_R_NO_INVERSE)             ,"no inverse"},
 {ERR_REASON(BN_R_NO_SOLUTION)            ,"no solution"},
+{ERR_REASON(BN_R_PRIVATE_KEY_TOO_LARGE)  ,"private key too large"},
 {ERR_REASON(BN_R_P_IS_NOT_PRIME)         ,"p is not prime"},
 {ERR_REASON(BN_R_TOO_MANY_ITERATIONS)    ,"too many iterations"},
 {ERR_REASON(BN_R_TOO_MANY_TEMPORARY_VARIABLES),"too many temporary variables"},
author	Adam Langley <agl@chromium.org>	2013-01-24 16:27:28 -0500
committer	Ben Laurie <ben@links.org>	2013-06-13 17:26:07 +0100
commit	8a99cb29d1f0013243a532bccc1dc70ed678eebe (patch)
tree	e29022ee28dbc0e6507597b2baf094760924f421 /crypto/bn/bn_err.c
parent	64a786a292e301bfbcb269cd2bff0533503d5b8b (diff)