summaryrefslogtreecommitdiffstats
path: root/crypto/ec
AgeCommit message (Collapse)Author
2014-06-03Corrected OPENSSL_NO_EC_NISTP_64_GCC_128 usage in ec_lcl.h. PR#3370Libor Krystek
2014-05-04Double free in i2o_ECPublicKeyDavid Ramos
PR: 3338
2014-04-24Fix eckey_priv_encode()mancha
Fix eckey_priv_encode to return an error on failure of i2d_ECPrivateKey.
2014-03-12Fix for CVE-2014-0076Dr. Stephen Henson
Fix for the attack described in the paper "Recovering OpenSSL ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack" by Yuval Yarom and Naomi Benger. Details can be obtained from: http://eprint.iacr.org/2014/140 Thanks to Yuval Yarom and Naomi Benger for discovering this flaw and to Yuval Yarom for supplying a fix. (cherry picked from commit 2198be3483259de374f91e57d247d0fc667aef29) Conflicts: CHANGES
2013-12-01make updateDr. Stephen Henson
2013-11-11Fix for some platforms where "char" is unsigned.Dr. Stephen Henson
(cherry picked from commit 08b433540416c5bc9a874ba0343e35ba490c65f1)
2013-10-01Add KDF for DH.Dr. Stephen Henson
Add X9.42 DH KDF. Move sharedinfo generation code to CMS library as the same structure is used by DH and ECDH. Move ASN1_OBJECT typedef to ossl_typ.h so it can be picked up by dh headers without the need to use ASN1. (cherry picked from commit dc1ce3bc64845d16314af1f11acf5384e4ae9b34)
2013-10-01Algorithm parameter support.Dr. Stephen Henson
Check and set AlgorithmIdenfier parameters for key wrap algorithms. Currently these just set parameters to NULL. (cherry picked from commit e61f5d55bc0072e75023be8971ae6e849643f466)
2013-10-01Add support for ECDH KARI.Dr. Stephen Henson
Add support for ECDH in enveloped data. The CMS ctrls for the EC ASN1 method decode/encode the appropriate parameters from the CMS ASN1 data and send appropriate data to the EC public key method. (cherry picked from commit 88e20b8584a78c803eca7aa9fcf8c46ff0ece4ae)
2013-10-01Add support for X9.62 KDF.Dr. Stephen Henson
Add X9.62 KDF to EC EVP_PKEY_METHOD. (cherry picked from commit 25af7a5dbc05c7359d1d7f472d50d65a9d876b7e)
2013-10-01Add control to retrieve signature MD.Dr. Stephen Henson
(cherry picked from commit 810639536cfa66df0c232fa4f15a7e5f00f31ce8)
2013-09-16 Fix overly lenient comparisons:Bodo Moeller
- EC_GROUP_cmp shouldn't consider curves equal just because the curve name is the same. (They really *should* be the same in this case, but there's an EC_GROUP_set_curve_name API, which could be misused.) - EC_POINT_cmp shouldn't return 0 for ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED or EC_R_INCOMPATIBLE_OBJECTS errors because in a cmp API, 0 indicates equality (not an error). Reported by: king cope (cherry picked from commit 312a46791ab465cfa3bf26764361faed0e5df014)
2013-03-26Make binary curve ASN.1 work in FIPS mode.Matt Caswell
Don't check for binary curves by checking methods: the values will be different in FIPS mode as they are redirected to the validated module version. (cherry picked from commit 94782e0e9c28bd872107b8f814f4db68c9fbf5ab)
2013-03-20enhance EC method to support setting curve type when generating keys and add ↵Dr. Stephen Henson
parameter encoding option (cherry picked from commit 24edfa9df9e6315b107b7c2d8ce0634208e8c350)
2012-10-05Fix EC_KEY initialization race.Bodo Möller
Submitted by: Adam Langley
2012-06-06Version skew reduction.Ben Laurie
2012-06-03Reduce version skew: trivia (I hope).Ben Laurie
2012-04-22PR: 2239Dr. Stephen Henson
Submitted by: Dominik Oepen <oepen@informatik.hu-berlin.de> Add Brainpool curves from RFC5639. Original patch by Annie Yousar <a.yousar@informatik.hu-berlin.de>
2012-04-06Add new APIs EC_curve_nist2nid and EC_curve_nid2nist which convertDr. Stephen Henson
between NIDs and the more common NIST names such as "P-256". Enhance ecparam utility and ECC method to recognise the NIST names for curves. (backport from HEAD)
2012-03-01For OpenVMS, use inttypes.h instead of stdint.hRichard Levitte
2012-01-24only include string.h onceDr. Stephen Henson
2011-11-14ec_cvt.c: performance update from HEAD.Andy Polyakov
2011-10-26PR: 2632Dr. Stephen Henson
Submitted by: emmanuel.azencot@bull.net Reviewed by: steve Return -1 immediately if not affine coordinates as BN_CTX has not been set up.
2011-10-19Fix warnings.Bodo Möller
Also, use the common Configure mechanism for enabling/disabling the 64-bit ECC code.
2011-10-18Improve optional 64-bit NIST-P224 implementation, and add NIST-P256 andBodo Möller
NIST-P521. (Now -DEC_NISTP_64_GCC_128 enables all three of these; -DEC_NISTP224_64_GCC_128 no longer works.) Submitted by: Google Inc.
2011-10-09Backport PSS signature support from HEAD.Dr. Stephen Henson
2011-09-16make dependDr. Stephen Henson
2011-09-16Improved error checking for DRBG calls.Dr. Stephen Henson
New functionality to allow default DRBG type to be set during compilation or during runtime.
2011-08-14Remove hard coded ecdsaWithSHA1 hack in ssl routines and check for RSADr. Stephen Henson
using OBJ xref utilities instead of string comparison with OID name. This removes the arbitrary restriction on using SHA1 only with some ECC ciphersuites.
2011-07-28recognise ecdsaWithSHA1 OIDDr. Stephen Henson
2011-06-06Redirection of ECDSA, ECDH operations to FIPS module.Dr. Stephen Henson
Also use FIPS EC methods unconditionally for now: might want to use them only in FIPS mode or with a switch later.
2011-06-06Add flags field to EC_KEY structure (backport from HEAD).Dr. Stephen Henson
2011-06-06Make no-ec2m work again (backport from HEAD).Dr. Stephen Henson
2011-06-06Reorganise ECC code so it can use FIPS module.Dr. Stephen Henson
Move compression, point2oct and oct2point functions into separate files. Add a flags field to EC_METHOD. Add a flag EC_FLAGS_DEFAULT_OCT to use the default compession and oct functions (all existing methods do this). This removes dependencies from EC_METHOD while keeping original functionality. Backport from HEAD with minor changes.
2011-06-06Backport from HEAD:Dr. Stephen Henson
New option to disable characteristic two fields in EC code. Make no-ec2m work on Win32 build.
2011-05-12Have EC_NISTP224_64_GCC_128 treated like any algorithm, and have disabled byDr. Stephen Henson
default. If we don't do it this way, it screws up libeay.num. (update from HEAD, original from levitte).
2011-01-24New function EC_KEY_set_affine_coordinates() this performs all theDr. Stephen Henson
NIST PKV tests.
2011-01-24check EC public key isn't point at infinityDr. Stephen Henson
2011-01-24PR: 1612Dr. Stephen Henson
Submitted by: Robert Jackson <robert@rjsweb.net> Reviewed by: steve Fix EC_POINT_cmp function for case where b but not a is the point at infinity.
2010-10-03Add call to ENGINE_register_all_complete() to ENGINE_load_builtin_engines(),Dr. Stephen Henson
this means that some implementations will be used automatically, e.g. aesni, we do this for cryptodev anyway. Setup cpuid in ENGINE_load_builtin_engines() too as some ENGINEs use it.
2010-08-27More C language police work.Bodo Möller
2010-08-27C conformity fixes: Move declarations before statements in all blocks.Bodo Möller
2010-08-27C conformity fixes:Bodo Möller
- Move declarations before statements in all blocks. - Where 64-bit type is required, use it explicitly (not 1l).
2010-08-26(formatting error)Bodo Möller
2010-08-26New 64-bit optimized implementation EC_GFp_nistp224_method().Bodo Möller
Binary compatibility is not affected as this will only be compiled in if explicitly requested (#ifdef EC_NISTP224_64_GCC_128). Submitted by: Emilia Kasper (Google)
2010-08-26ECC library bugfixes.Bodo Möller
Submitted by: Emilia Kapser (Google)
2010-02-23Always check bn_wexpend() return values for failure (CVE-2009-3245).Bodo Möller
(The CHANGES entry covers the change from PR #2111 as well, submitted by Martin Olsson.) Submitted by: Neel Mehta
2009-11-30PR: 2118Dr. Stephen Henson
Submitted by: Mounir IDRASSI <mounir.idrassi@idrix.net> Approved by: steve@openssl.org Check return value of ECDSA_sign() properly.
2009-05-05ec_mult.c: update from HEAD (Win64 compile warnings).Andy Polyakov
2008-12-27Check scalar->d before we use it (in BN_num_bits()). (Coverity ID 129)Ben Laurie
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-25 18:20:25 +0000