| Age | Commit message (Collapse) | Author |
|---|
|
<johane@lysator.liu.se>
|
|
./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa]
make depend all test
work again
PR: 1159
|
|
|
|
make no-sha512 more effective on platforms, which don't support 64-bit
integer type of *any* kind.
|
|
- hide the EC_KEY structure definition in ec_lcl.c + add
some functions to use/access the EC_KEY fields
- change the way how method specific data (ecdsa/ecdh) is
attached to a EC_KEY
- add ECDSA_sign_ex and ECDSA_do_sign_ex functions with
additional parameters for pre-computed values
- rebuild libeay.num from 0.9.7
|
|
timing attacks.
BN_FLG_EXP_CONSTTIME requests this algorithm, and this done by default for
RSA/DSA/DH private key computations unless
RSA_FLAG_NO_EXP_CONSTTIME/DSA_FLAG_NO_EXP_CONSTTIME/
DH_FLAG_NO_EXP_CONSTTIME is set.
Submitted by: Matthew D Wood
Reviewed by: Bodo Moeller
|
|
EC_GROUP_new_by_nid -> EC_GROUP_new_by_curve_name
|
|
|
|
argument more flexible
|
|
Submitted by: Jean-Luc Duval
Reviewed by: Nils Larsch
|
|
|
|
there's no need for a larger BUFSIZE any more...
PR: 904
|
|
PR: 904
|
|
will appear at EVP leyer.
|
|
|
|
and include bn.h in those C files that need bignum functionality.
|
|
|
|
PR: #748
Submitted by: Kirill Kochetkov <kochet@ixbt.com>
|
|
PR: 780
Submitted by: Verdon Walker <VWalker@novell.com>
Reviewed by: Richard Levitte
|
|
Submitted by: Kirill Kochetkov <kochet@ixbt.com>
PR: #748
|
|
linux system (namely mine) chokes on our definitions and uses of the "HZ"
symbol in crypto/tmdiff.[ch] and apps/speed.c as a "bad function cast"
(when in fact there is no function casting involved at all). In both cases,
it is easily worked around by not defining a cast into the macro and
jiggling the expressions slightly.
In addition - this highlights some cruft in openssl that needs sorting out.
The tmdiff.h header is exported as part of the openssl API despite the fact
that it is ugly as the driven sludge and not used anywhere in the library,
applications, or utilities. More weird still, almost identical code exists
in apps/speed.c though it looks to be slightly tweaked - so either tmdiff
should be updated and used by speed.c, or it should be dumped because it's
obviously not useful enough.
Rather than removing it for now, I've changed the API for tmdiff to at
least make sense. This involves taking the object type (MS_TM) from the
implementation and using it in the header rather than using "char *" in the
API and casting mercilessly in the code (ugh). If someone doesn't like
"MS_TM" and the "ms_time_***" naming, by all means change it. This should
be a harmless improvement, because the existing API is clearly not very
useful (eg. we reimplement it rather than using it in our own utils).
However, someone still needs to take a hack at consolidating speed.c and
tmdiff.[ch] somehow.
|
|
|
|
Submitted by: Douglas Stebila
Reviewed by: Bodo Moeller
|
|
|
|
- bugfix: in ECDH_compute_key, pad x coordinate with leading zeros if necessary
|
|
PR: 358
|
|
Submitted by: Nils Larsch
|
|
Submitted by: Nils Larsch
Reviewed by: Bodo Moeller
|
|
PR: 287
|
|
|
|
exit() in whatever way works for the intended platform, and define
OPENSSL_EXIT() to have the old meaning (the name is of course because
it's only used in the openssl program)
|
|
|
|
|
|
Submitted by: Sheueling Chang <Sheueling.Chang@Sun.COM>
|
|
Submitted by: Nils Larsch
|
|
|
|
EC_GROUP_new_by_nid() should be enough. This avoids a lot of
redundancy.
Submitted by: Nils Larsch
|
|
Submitted by: Nils Larsch
|
|
|
|
Additional changes:
- use EC_GROUP_get_degree() in apps/req.c
- add ECDSA and ECDH to apps/speed.c
- adds support for EC curves over binary fields to ECDSA
- new function EC_KEY_up_ref() in crypto/ec/ec_key.c
- reorganize crypto/ecdsa/ecdsatest.c
- add engine support for ECDH
- fix a few bugs in ECDSA engine support
Submitted by: Douglas Stebila <douglas.stebila@sun.com>
|
|
|
|
Add some WTLS curves.
New function EC_GROUP_check() (this will probably
be implemented differently soon).
Submitted by: Nils Larsch
Reviewed by: Bodo Moeller
|
|
("D. Russell" <russelld@aol.net>)
Allow HMAC functions to use an alternative ENGINE.
|
|
Fix dsaparam usage output.
Submitted by: Nils Larsch
|
|
|
|
CONF_modules_unload() now calls CONF_modules_finish()
automatically.
Default use of section openssl_conf moved to
CONF_modules_load()
Load config file in several openssl utilities.
Most utilities now load modules from the config file,
though in a few (such as version) this isn't done
because it couldn't be used for anything.
In the case of ca and req the config file used is
the same as the utility itself: that is the -config
command line option can be used to specify an
alternative file.
|
|
|
|
|
|
Submitted by Stephen Sprunk <stephen@sprunk.org> as part of his AES
integration patch.
|
|
|
