- 06 6月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
The flags RSA_FLAG_NO_CONSTTIME, DSA_FLAG_NO_EXP_CONSTTIME and DH_FLAG_NO_EXP_CONSTTIME which previously provided the ability to switch off the constant time implementation for RSA, DSA and DH have been made no-ops and deprecated. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 18 5月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 03 4月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
Move the dsa_st structure out of the public header file. Add some accessor functions to enable access to the internal fields, and update all internal usage to use the new functions. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NStephen Henson <steve@openssl.org>
-
- 27 1月, 2016 1 次提交
-
-
由 Rich Salz 提交于
This was done by the following find . -name '*.[ch]' | /tmp/pl where /tmp/pl is the following three-line script: print unless $. == 1 && m@/\* .*\.[ch] \*/@; close ARGV if eof; # Close file to reset $. And then some hand-editing of other files. Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
- 26 11月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
The function rsa_ossl_mod_exp uses the function BN_with_flags to create a temporary copy (local_r1) of a BIGNUM (r1) with modified flags. This temporary copy shares some state with the original r1. If the state of r1 gets updated then local_r1's state will be stale. This was occurring in the function so that when local_r1 was freed a call to bn_check_top was made which failed an assert due to the stale state. To resolve this we must free local_r1 immediately after we have finished using it and not wait until the end of the function. This problem prompted a review of all BN_with_flag usage within the codebase. All other usage appears to be correct, although often not obviously so. This commit refactors things to make it much clearer for these other uses. Reviewed-by: NEmilia Käsper <emilia@openssl.org>
-
- 10 11月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Continuing from previous commit ensure our style is consistent for malloc return checks. Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 24 6月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Add secure heap for storage of private keys (when possible). Add BIO_s_secmem(), CBIGNUM, etc. Add BIO_CTX_secure_new so all BIGNUM's in the context are secure. Contributed by Akamai Technologies under the Corporate CLA. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 14 5月, 2015 1 次提交
-
-
由 Richard Levitte 提交于
There are header files in crypto/ that are used by a number of crypto/ submodules. Move those to crypto/include/internal and adapt the affected source code and Makefiles. The header files that got moved are: crypto/cryptolib.h crypto/md32_common.h Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 01 5月, 2015 1 次提交
-
-
由 Rich Salz 提交于
This gets BN_.*free: BN_BLINDING_free BN_CTX_free BN_FLG_FREE BN_GENCB_free BN_MONT_CTX_free BN_RECP_CTX_free BN_clear_free BN_free BUF_MEM_free Also fix a call to DSA_SIG_free to ccgost engine and remove some #ifdef'd dead code in engines/e_ubsec. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 28 1月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Remove support for SHA0 and DSS0 (they were broken), and remove the ability to attempt to build without SHA (it didn't work). For simplicity, remove the option of not building various SHA algorithms; you could argue that SHA_224/256/384/512 should be kept, since they're like crypto algorithms, but I decided to go the other way. So these options are gone: GENUINE_DSA OPENSSL_NO_SHA0 OPENSSL_NO_SHA OPENSSL_NO_SHA1 OPENSSL_NO_SHA224 OPENSSL_NO_SHA256 OPENSSL_NO_SHA384 OPENSSL_NO_SHA512 Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 22 1月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 09 12月, 2014 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 08 12月, 2014 2 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 11 5月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
the FIPS capable OpenSSL.
-
- 24 4月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 19 4月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 14 4月, 2011 2 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
allow status of POST to be monitored and/or failures induced.
-
- 16 2月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 11 2月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 04 2月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
that use it.
-
- 26 1月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Check for selftest failures. Pairwise consistency test for RSA key generation. Use some EVP macros instead of EVP functions. Use minimal FIPS EVP where needed. Key size restrictions.
-
- 28 3月, 2007 1 次提交
-
-
由 Bodo Möller 提交于
Submitted by: Matthew D Wood Reviewed by: Bodo Moeller
-
- 27 5月, 2005 1 次提交
-
-
由 Bodo Möller 提交于
-
- 16 5月, 2005 1 次提交
-
-
由 Bodo Möller 提交于
timing attacks. BN_FLG_EXP_CONSTTIME requests this algorithm, and this done by default for RSA/DSA/DH private key computations unless RSA_FLAG_NO_EXP_CONSTTIME/DSA_FLAG_NO_EXP_CONSTTIME/ DH_FLAG_NO_EXP_CONSTTIME is set. Submitted by: Matthew D Wood Reviewed by: Bodo Moeller
-
- 21 3月, 2003 1 次提交
-
-
由 Richard Levitte 提交于
-
- 15 1月, 2003 1 次提交
-
-
由 Geoff Thorpe 提交于
override key-generation implementations by placing handlers in the methods for DSA and DH. Also, parameter generation for DSA and DH is possible by another new handler for each method.
-
- 20 6月, 2001 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Change all calls to low level digest routines in the library and applications to use EVP. Add missing calls to HMAC_cleanup() and don't assume HMAC_CTX can be copied using memcpy(). Note: this is almost identical to the patch submitted to openssl-dev by Verdon Walker <VWalker@novell.com> except some redundant EVP_add_digest_()/EVP_cleanup() calls were removed and some changes made to avoid compiler warnings.
-
- 20 2月, 2001 2 次提交
-
-
由 Ulf Möller 提交于
-
由 Richard Levitte 提交于
sure they are available in opensslconf.h, by giving them names starting with "OPENSSL_" to avoid conflicts with other packages and by making sure e_os2.h will cover all platform-specific cases together with opensslconf.h. I've checked fairly well that nothing breaks with this (apart from external software that will adapt if they have used something like NO_KRB5), but I can't guarantee it completely, so a review of this change would be a good thing.
-
- 13 9月, 2000 1 次提交
-
-
由 Ulf Möller 提交于
-
- 01 3月, 2000 1 次提交
-
-
由 Bodo Möller 提交于
"make update".
-
- 27 4月, 1999 1 次提交
-
-
由 Ulf Möller 提交于
-
- 24 4月, 1999 1 次提交
-
-
由 Bodo Möller 提交于
Submitted by: Reviewed by: PR:
-
- 20 4月, 1999 1 次提交
-
-
由 Ulf Möller 提交于
-
- 21 12月, 1998 2 次提交
-
-
由 Ralf S. Engelschall 提交于
-
由 Ralf S. Engelschall 提交于
-