Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
|
|
Submitted by: emmanuel.azencot@bull.net
Reviewed by: steve
Return -1 immediately if not affine coordinates as BN_CTX has not been
set up.
|
|
Also, use the common Configure mechanism for enabling/disabling the 64-bit ECC code.
|
|
NIST-P521. (Now -DEC_NISTP_64_GCC_128 enables all three of these;
-DEC_NISTP224_64_GCC_128 no longer works.)
Submitted by: Google Inc.
|
|
|
|
|
|
New functionality to allow default DRBG type to be set during compilation
or during runtime.
|
|
using OBJ xref utilities instead of string comparison with OID name.
This removes the arbitrary restriction on using SHA1 only with some ECC
ciphersuites.
|
|
|
|
Also use FIPS EC methods unconditionally for now: might want to use them
only in FIPS mode or with a switch later.
|
|
|
|
|
|
Move compression, point2oct and oct2point functions into separate files.
Add a flags field to EC_METHOD.
Add a flag EC_FLAGS_DEFAULT_OCT to use the default compession and oct functions
(all existing methods do this). This removes dependencies from EC_METHOD while
keeping original functionality.
Backport from HEAD with minor changes.
|
|
New option to disable characteristic two fields in EC code.
Make no-ec2m work on Win32 build.
|
|
default. If we don't do it this way, it screws up libeay.num.
(update from HEAD, original from levitte).
|
|
NIST PKV tests.
|
|
|
|
Submitted by: Robert Jackson <robert@rjsweb.net>
Reviewed by: steve
Fix EC_POINT_cmp function for case where b but not a is the point at infinity.
|
|
this means that some implementations will be used automatically, e.g. aesni,
we do this for cryptodev anyway.
Setup cpuid in ENGINE_load_builtin_engines() too as some ENGINEs use it.
|
|
|
|
|
|
- Move declarations before statements in all blocks.
- Where 64-bit type is required, use it explicitly (not 1l).
|
|
|
|
Binary compatibility is not affected as this will only be
compiled in if explicitly requested (#ifdef EC_NISTP224_64_GCC_128).
Submitted by: Emilia Kasper (Google)
|
|
Submitted by: Emilia Kapser (Google)
|
|
(The CHANGES entry covers the change from PR #2111 as well, submitted by
Martin Olsson.)
Submitted by: Neel Mehta
|
|
Submitted by: Mounir IDRASSI <mounir.idrassi@idrix.net>
Approved by: steve@openssl.org
Check return value of ECDSA_sign() properly.
|
|
|
|
|
|
knock-on work than expected - they've been extracted into a patch
series that can be completed elsewhere, or in a different branch,
before merging back to HEAD.
|
|
|
|
|
|
|
|
|
|
deprecate the original (numeric-only) scheme, and replace with the
CRYPTO_THREADID object. This hides the platform-specifics and should reduce
the possibility for programming errors (where failing to explicitly check
both thread ID forms could create subtle, platform-specific bugs).
Thanks to Bodo, for invaluable review and feedback.
|
|
version some time soon.
|
|
|
|
platforms.
|
|
to 'unsigned long' (ie. odd platforms/compilers), so a pointer-typed
version was added but it required portable code to check *both* modes to
determine equality. This commit maintains the availability of both thread
ID types, but deprecates the type-specific accessor APIs that invoke the
callbacks - instead a single type-independent API is used. This simplifies
software that calls into this interface, and should also make it less
error-prone - as forgetting to call and compare *both* thread ID accessors
could have led to hard-to-debug/infrequent bugs (that might only affect
certain platforms or thread implementations). As the CHANGES note says,
there were corresponding deprecations and replacements in the
thread-related functions for BN_BLINDING and ERR too.
|
|
|
|
OPENSSL_NO_DEPRECATED, etc. Steve, please double-check the CMS stuff...
|
|
Initial support for CMS.
Add zlib compression BIO.
Add AES key wrap implementation.
Generalize S/MIME MIME code to support CMS and/or PKCS7.
|
|
achieved by minimizing link relocations].
|
|
|
|
|
|
|
|
|