| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2015-01-22 | Run util/openssl-format-source -v -c . | Matt Caswell | |
| Reviewed-by: Tim Hudson <tjh@openssl.org> | |||
| 2014-12-08 | Implement internally opaque bn access from dh | Matt Caswell | |
| Reviewed-by: Tim Hudson <tjh@openssl.org> | |||
| 2014-12-08 | remove OPENSSL_FIPSAPI | Dr. Stephen Henson | |
| Reviewed-by: Tim Hudson <tjh@openssl.org> | |||
| 2014-12-08 | Remove FIPS module code from crypto/dh | Dr. Stephen Henson | |
| Reviewed-by: Tim Hudson <tjh@openssl.org> | |||
| 2011-06-08 | Add flags for DH FIPS method. | Dr. Stephen Henson | |
| Update/fix prototypes in fips.h | |||
| 2011-05-11 | Rename FIPS_mode_set and FIPS_mode. Theses symbols will be defined in | Dr. Stephen Henson | |
| the FIPS capable OpenSSL. | |||
| 2011-04-22 | Return errors instead of aborting when selftest fails. | Dr. Stephen Henson | |
| 2011-04-07 | DH keys have an (until now) unused 'q' parameter. When creating | Dr. Stephen Henson | |
| from DSA copy q across and if q present generate DH key in the correct range. | |||
| 2011-03-08 | New SP 800-56A compliant version of DH_compute_key(). | Dr. Stephen Henson | |
| 2011-02-03 | Transfer error redirection to fips.h, add OPENSSL_FIPSAPI to source files | Dr. Stephen Henson | |
| that use it. | |||
| 2011-01-26 | FIPS DH changes: selftest checks and key range checks. | Dr. Stephen Henson | |
| 2007-03-28 | Change to mitigate branch prediction attacks | Bodo Möller | |
| Submitted by: Matthew D Wood Reviewed by: Bodo Moeller | |||
| 2006-09-29 | Initialise ctx to NULL to avoid uninitialized free, noticed by | Mark J. Cox | |
| Steve Kiernan | |||
| 2006-09-28 | Introduce limits to prevent malicious keys being able to | Bodo Möller | |
| cause a denial of service. (CVE-2006-2940) [Steve Henson, Bodo Moeller] | |||
| 2006-03-13 | fix error found by coverity: check if ctx is != NULL before calling BN_CTX_end() | Nils Larsch | |
| 2005-08-21 | Make D-H safer, include well-known primes. | Ben Laurie | |
| 2005-05-27 | Use BN_with_flags() in a cleaner way. | Bodo Möller | |
| 2005-05-16 | Implement fixed-window exponentiation to mitigate hyper-threading | Bodo Möller | |
| timing attacks. BN_FLG_EXP_CONSTTIME requests this algorithm, and this done by default for RSA/DSA/DH private key computations unless RSA_FLAG_NO_EXP_CONSTTIME/DSA_FLAG_NO_EXP_CONSTTIME/ DH_FLAG_NO_EXP_CONSTTIME is set. Submitted by: Matthew D Wood Reviewed by: Bodo Moeller | |||
| 2005-04-28 | Pointer to BN_MONT_CTX could be used uninitialized. | Andy Polyakov | |
| 2005-04-27 | Change method_mont_p from (char *) to (BN_MONT_CTX *) and remove several | Dr. Stephen Henson | |
| casts. | |||
| 2005-04-26 | Port BN_MONT_CTX_set_locked() from stable branch. | Dr. Stephen Henson | |
| The function rsa_eay_mont_helper() has been removed because it is no longer needed after this change. | |||
| 2005-04-26 | Fix various incorrect error function codes. | Bodo Möller | |
| ("perl util/ck_errf.pl */*.c */*/*.c" still reports many more.) | |||
| 2003-04-08 | We seem to carry some rests of the 0.9.6 [engine] ENGINE framework in form | Richard Levitte | |
| of unneeded includes of openssl/engine.h. | |||
| 2003-01-30 | Add the possibility to build without the ENGINE framework. | Richard Levitte | |
| PR: 287 | |||
| 2003-01-15 | As with RSA, which was modified recently, this change makes it possible to | Geoff Thorpe | |
| override key-generation implementations by placing handlers in the methods for DSA and DH. Also, parameter generation for DSA and DH is possible by another new handler for each method. | |||
| 2001-09-25 | This commits changes to various parts of libcrypto required by the recent | Geoff Thorpe | |
| ENGINE surgery. DH, DSA, RAND, and RSA now use *both* "method" and ENGINE pointers to manage their hooking with ENGINE. Previously their use of "method" pointers was replaced by use of ENGINE references. See crypto/engine/README for details. Also, remove the ENGINE iterations from evp_test - even when the cipher/digest code is committed in, this functionality would require a different set of API calls. | |||
| 2001-07-27 | length of secret exponent is needed only when we create one | Bodo Möller | |
| 2001-07-27 | Undo DH_generate_key() change: s3_srvr.c was using it correctly | Bodo Möller | |
| 2001-07-25 | DH key generation should not use a do ... while loop, | Bodo Möller | |
| or bogus DH parameters can be used for launching DOS attacks | |||
| 2001-07-25 | Don't preserve existing keys in DH_generate_key. | Bodo Möller | |
| 2001-03-08 | Hide BN_CTX structure details. | Bodo Möller | |
| Incease the number of BIGNUMs in a BN_CTX. | |||
| 2001-02-20 | make it a loop as in dsa | Ulf Möller | |
| 2001-02-20 | Use BN_rand_range(). | Ulf Möller | |
| 2000-11-07 | Constify DH-related code. | Richard Levitte | |
| 2000-10-26 | Merge the engine branch into the main trunk. All conflicts resolved. | Richard Levitte | |
| At the same time, add VMS support for Rijndael. | |||
| 2000-06-07 | Speed up DH with small generator. | Bodo Möller | |
| 2000-02-05 | New functions BN_CTX_start(), BN_CTX_get(), BN_CTX_end() to access | Ulf Möller | |
| temporary BIGNUMs. BN_CTX still uses a fixed number of BIGNUMs, but the BN_CTX implementation could now easily be changed. | |||
| 1999-08-23 | Initial support for DH_METHOD. Also added a DH lock. A few changes made to | Dr. Stephen Henson | |
| DSA_METHOD to make it more consistent with RSA_METHOD. | |||
| 1999-04-23 | Change #include filenames from <foo.h> to <openssl.h>. | Bodo Möller | |
| Submitted by: Reviewed by: PR: | |||
| 1999-04-19 | Change functions to ANSI C. | Ulf Möller | |
| 1998-12-21 | Import of old SSLeay release: SSLeay 0.9.1b (unreleased)SSLeay | Ralf S. Engelschall | |
| 1998-12-21 | Import of old SSLeay release: SSLeay 0.9.0b | Ralf S. Engelschall | |
| 1998-12-21 | Import of old SSLeay release: SSLeay 0.8.1b | Ralf S. Engelschall | |
 |
index : openssl | |
| Mirror of https://github.com/openssl/openssl | matthias |
| summaryrefslogtreecommitdiffstats |