| Age | Commit message (Collapse) | Author |
|---|
|
to 'unsigned long' (ie. odd platforms/compilers), so a pointer-typed
version was added but it required portable code to check *both* modes to
determine equality. This commit maintains the availability of both thread
ID types, but deprecates the type-specific accessor APIs that invoke the
callbacks - instead a single type-independent API is used. This simplifies
software that calls into this interface, and should also make it less
error-prone - as forgetting to call and compare *both* thread ID accessors
could have led to hard-to-debug/infrequent bugs (that might only affect
certain platforms or thread implementations). As the CHANGES note says,
there were corresponding deprecations and replacements in the
thread-related functions for BN_BLINDING and ERR too.
|
|
and couldn't generate
(as pointed out by Ernst G Giessmann)
|
|
as pointed out by Ernst G Giessmann
|
|
|
|
|
|
|
|
|
|
thanks to Lucas Newman
|
|
Submitted by: David Hartman <david_hartman@symantec.com>
|
|
PR: 1247
Submitted by: Doug Kaufman
|
|
|
|
|
|
./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa]
make depend all test
work again
PR: 1159
|
|
the absence of OPENSSL_NO_ENGINE.
|
|
|
|
[most importantly] put back dependencies accidentaly eliminated in
check-in #13342.
|
|
- hide the EC_KEY structure definition in ec_lcl.c + add
some functions to use/access the EC_KEY fields
- change the way how method specific data (ecdsa/ecdh) is
attached to a EC_KEY
- add ECDSA_sign_ex and ECDSA_do_sign_ex functions with
additional parameters for pre-computed values
- rebuild libeay.num from 0.9.7
|
|
|
|
EC_GROUP_new_by_nid -> EC_GROUP_new_by_curve_name
|
|
during "make errors" and thus during "make update".
Fix lots of bugs that util/ck_errf.pl can detect automatically.
Various others of these are still left to fix; that's why
"make update" will complain loudly when run now.
|
|
for ecdh)
|
|
("perl util/ck_errf.pl */*.c */*/*.c" still reports many more.)
|
|
|
|
and BN_get_sign
- implement BN_set_negative as a function
- always use "#define BN_is_zero(a) ((a)->top == 0)"
|
|
|
|
|
|
if $(EXHEADER) is empty.
Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
|
|
Reported by: Maxim Masiutin
Submitted by: Nils Larsch
|
|
Submitted by: Nils Larsch
|
|
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe
|
|
dh.h, dsa.h, ec.h, ecdh.h, ecdsa.h, rsa.h), as the opaque bignum types are
already declared in ossl_typ.h. Add explicit includes for bn.h in those C
files that need access to structure internals or API functions+macros.
|
|
tree. This further reduces header interdependencies, and makes some
associated cleanups.
|
|
changes are the fallout). As this could break source code that doesn't
directly include headers for interfaces it uses, changes to recursive
includes are covered by the OPENSSL_NO_DEPRECATED symbol. It's better to
define this when building and using openssl, and then adapt code where
necessary - this is how to stay current. However the mechanism exists for
the lethargic.
|
|
Submitted by: Nils Larsch
Reviewed by: Geoff Thorpe
|
|
Submitted by: Nils Larsch
|
|
which is used by BN_DEBUG_RAND
Submitted by: Nils Larsch
|
|
so don't run them if BN_DEBUG_RAND is defined.
Also, fix another small bug.
Submitted by: Nils Larsch
|
|
|
|
|
|
|
|
Submitted by: Nils Larsch <nla@trustcenter.de>
PR: 459
|
|
key-generation and prime-checking functions. Rather than explicitly passing
callback functions and caller-defined context data for the callbacks, a new
structure BN_GENCB is defined that encapsulates this; a pointer to the
structure is passed to all such functions instead.
This wrapper structure allows the encapsulation of "old" and "new" style
callbacks - "new" callbacks return a boolean result on the understanding
that returning FALSE should terminate keygen/primality processing. The
BN_GENCB abstraction will allow future callback modifications without
needing to break binary compatibility nor change the API function
prototypes. The new API functions have been given names ending in "_ex" and
the old functions are implemented as wrappers to the new ones. The
OPENSSL_NO_DEPRECATED symbol has been introduced so that, if defined,
declaration of the older functions will be skipped. NB: Some
openssl-internal code will stick with the older callbacks for now, so
appropriate "#undef" logic will be put in place - this is in case the user
is *building* openssl (rather than *including* its headers) with this
symbol defined.
There is another change in the new _ex functions; the key-generation
functions do not return key structures but operate on structures passed by
the caller, the return value is a boolean. This will allow for a smoother
transition to having key-generation as "virtual function" in the various
***_METHOD tables.
|
|
Include X9.62 signature examples.
Submitted by: Nils Larsch
|
|
I've covered all the memset()s I felt safe modifying, but may have missed some.
|
|
|
|
|
|
Submitted by: Nils Larsch
|
|
Submitted by: Sheueling Chang <Sheueling.Chang@Sun.COM>
|
|
Submitted by: Nils Larsch
|
|
give it.
For 0.9.7 and up, that means util/domd needs to remove those double
dashes from the argument list when gcc is used to find the
dependencies.
|
