#
75e2c877 |
| 03-Aug-2017 |
Rich Salz |
Switch from ossl_rand to DRBG rand If RAND_add wraps around, XOR with existing. Add test to drbgtest that does the wrap-around. Re-order seeding and stop after first success.
Switch from ossl_rand to DRBG rand If RAND_add wraps around, XOR with existing. Add test to drbgtest that does the wrap-around. Re-order seeding and stop after first success. Add RAND_poll_ex() Use the DF and therefore lower RANDOMNESS_NEEDED. Also, for child DRBG's, mix in the address as the personalization bits. Centralize the entropy callbacks, from drbg_lib to rand_lib. (Conceptually, entropy is part of the enclosing application.) Thanks to Dr. Matthias St Pierre for the suggestion. Various code cleanups: -Make state an enum; inline RANDerr calls. -Add RAND_POLL_RETRIES (thanks Pauli for the idea) -Remove most RAND_seed calls from rest of library -Rename DRBG_CTX to RAND_DRBG, etc. -Move some code from drbg_lib to drbg_rand; drbg_lib is now only the implementation of NIST DRBG. -Remove blocklength Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4019)
show more ...
|
#
ad887416 |
| 18-Jul-2017 |
Pauli |
Update the test framework so that the need for test_main is removed. Everything that needed test_main now works using the same infrastructure as tests that used register_tests. This
Update the test framework so that the need for test_main is removed. Everything that needed test_main now works using the same infrastructure as tests that used register_tests. This meant: * renaming register_tests to setup_tests and giving it a success/failure return. * renaming the init_test function to setup_test_framework. * renaming the finish_test function to pulldown_test_framework. * adding a user provided global_init function that runs before the test frame work is initialised. It returns a failure indication that stops the stest. * adding helper functions that permit tests to access their command line args. * spliting the BIO initialisation and finalisation out from the test setup and teardown. * hiding some of the now test internal functions. * fix the comments in testutil.h Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3953)
show more ...
|
#
c2500f65 |
| 12-Jul-2017 |
Pauli |
Test cleaning and modernisation Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3917)
|
#
f367ac2b |
| 26-Jun-2017 |
Rich Salz |
Use randomness not entropy Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3773)
|
Revision tags: OpenSSL_1_0_2l, OpenSSL_1_1_0f, OpenSSL-fips-2_0_16 |
|
#
a9c6d221 |
| 18-Apr-2017 |
Richard Levitte |
Adapt all test programs Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3243)
|
#
9d9d2879 |
| 20-Apr-2017 |
Rich Salz |
fix dh_test. The issues were introduced by commit 93d0298. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://githu
fix dh_test. The issues were introduced by commit 93d0298. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3263)
show more ...
|
#
93d02986 |
| 13-Apr-2017 |
Rich Salz |
Convert dhtest, dsatest, cipherbytes_test Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3209)
|
Revision tags: OpenSSL_1_1_0e, OpenSSL_1_0_2k, OpenSSL_1_1_0d, OpenSSL-fips-2_0_15, OpenSSL-fips-2_0_14, OpenSSL_1_1_0c, OpenSSL_1_0_2j, OpenSSL_1_1_0b, OpenSSL_1_0_1u, OpenSSL_1_0_2i, OpenSSL_1_1_0a, OpenSSL_1_1_0, OpenSSL_1_1_0-pre6, OpenSSL-fips-2_0_13 |
|
#
b84e1226 |
| 16-Jun-2016 |
Matt Caswell |
Fix the build and tests following constification of DH, DSA, RSA Misc fixes following the constification of the DH, DSA and RSA getters. Reviewed-by: Stephen Henson <steve@opens
Fix the build and tests following constification of DH, DSA, RSA Misc fixes following the constification of the DH, DSA and RSA getters. Reviewed-by: Stephen Henson <steve@openssl.org>
show more ...
|
#
5584f65a |
| 26-May-2016 |
Matt Caswell |
Deprecate the flags that switch off constant time The flags RSA_FLAG_NO_CONSTTIME, DSA_FLAG_NO_EXP_CONSTTIME and DH_FLAG_NO_EXP_CONSTTIME which previously provided the ability to switch
Deprecate the flags that switch off constant time The flags RSA_FLAG_NO_CONSTTIME, DSA_FLAG_NO_EXP_CONSTTIME and DH_FLAG_NO_EXP_CONSTTIME which previously provided the ability to switch off the constant time implementation for RSA, DSA and DH have been made no-ops and deprecated. Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
#
440e5d80 |
| 17-May-2016 |
Rich Salz |
Copyright consolidation 02/10 Reviewed-by: Richard Levitte <levitte@openssl.org>
|
Revision tags: OpenSSL_1_0_1t, OpenSSL_1_0_2h, OpenSSL_1_1_0-pre5, OpenSSL_1_1_0-pre4 |
|
#
8483a003 |
| 10-Mar-2016 |
FdaSilvaYY |
various spelling fixes Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/952)
|
#
0aeddcfa |
| 06-Apr-2016 |
Matt Caswell |
Make DH opaque Move the dh_st structure into an internal header file and provide relevant accessors for the internal fields. Reviewed-by: Richard Levitte <levitte@openssl.org>
|
#
f0e1fe7c |
| 18-Mar-2016 |
FdaSilvaYY |
Add missing mem leak test activation and checks Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
|
#
e771eea6 |
| 04-Apr-2016 |
Rich Salz |
Revert "various spelling fixes" This reverts commit 620d540bd47a96fb6905fbbdd8ea5167a8841a3e. It wasn't reviewed. Reviewed-by: Rich Salz <rsalz@openssl.org>
|
#
620d540b |
| 10-Mar-2016 |
FdaSilvaYY |
various spelling fixes Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
|
#
1fbab1dc |
| 17-Mar-2016 |
Rich Salz |
Remove Netware and OS/2 Reviewed-by: Richard Levitte <levitte@openssl.org>
|
Revision tags: OpenSSL_1_0_1s, OpenSSL_1_0_2g, OpenSSL_1_1_0-pre3, OpenSSL-fips-2_0_12, OpenSSL_1_0_1r, OpenSSL_1_0_2f |
|
#
e729aac1 |
| 20-Jan-2016 |
Matt Caswell |
Add a test for small subgroup attacks on DH/DHE Following on from the previous commit, add a test to ensure that DH_compute_key correctly fails if passed a bad y such that: y^q
Add a test for small subgroup attacks on DH/DHE Following on from the previous commit, add a test to ensure that DH_compute_key correctly fails if passed a bad y such that: y^q (mod p) != 1 Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
show more ...
|
Revision tags: OpenSSL_1_1_0-pre2 |
|
#
34980760 |
| 18-Dec-2015 |
Rich Salz |
Remove /* foo.c */ comments This was done by the following find . -name '*.[ch]' | /tmp/pl where /tmp/pl is the following three-line script: print unless $. == 1
Remove /* foo.c */ comments This was done by the following find . -name '*.[ch]' | /tmp/pl where /tmp/pl is the following three-line script: print unless $. == 1 && m@/\* .*\.[ch] \*/@; close ARGV if eof; # Close file to reset $. And then some hand-editing of other files. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
show more ...
|
#
bbd86bf5 |
| 07-Jan-2016 |
Rich Salz |
mem functions cleanup Only two macros CRYPTO_MDEBUG and CRYPTO_MDEBUG_ABORT to control this. If CRYPTO_MDEBUG is not set, #ifdef out the whole debug machinery. (Thanks to Jak
mem functions cleanup Only two macros CRYPTO_MDEBUG and CRYPTO_MDEBUG_ABORT to control this. If CRYPTO_MDEBUG is not set, #ifdef out the whole debug machinery. (Thanks to Jakob Bohm for the suggestion!) Make the "change wrapper functions" be the only paradigm. Wrote documentation! Format the 'set func' functions so their paramlists are legible. Format some multi-line comments. Remove ability to get/set the "memory debug" functions at runtme. Remove MemCheck_* and CRYPTO_malloc_debug_init macros. Add CRYPTO_mem_debug(int flag) function. Add test/memleaktest. Rename CRYPTO_malloc_init to OPENSSL_malloc_init; remove needless calls. Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
#
f562aeda |
| 14-Dec-2015 |
Hongze Zhu |
add malloc fail check & fix memory leak Signed-off-by: Hongze Zhu <hongze.zhu@gmail.com> Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
|
Revision tags: OpenSSL_1_1_0-pre1, OpenSSL_0_9_8zh, OpenSSL_1_0_0t, OpenSSL_1_0_1q, OpenSSL_1_0_2e, OpenSSL_1_0_1p, OpenSSL_1_0_2d, OpenSSL-fips-2_0_11, OpenSSL_1_0_1o, OpenSSL_1_0_2c, OpenSSL_0_9_8zg, OpenSSL_1_0_0s, OpenSSL_1_0_1n, OpenSSL_1_0_2b, OpenSSL-fips-2_0_10 |
|
#
d6e92c0b |
| 06-May-2015 |
Pascal Cuoq |
Properly check return type of DH_compute_key() It returns -1 on error, not 0. Signed-off-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Rich Salz <rsalz@openssl.org> MR #1231
|
#
0f81f5f7 |
| 04-Sep-2015 |
Richard Levitte |
Have the test executables output in text mode The test executables use standard output and standard error for text output, so let's open the corresponding BIOs in text mode. Rev
Have the test executables output in text mode The test executables use standard output and standard error for text output, so let's open the corresponding BIOs in text mode. Reviewed-by: Tim Hudson <tjh@openssl.org>
show more ...
|
#
bdcb1a2c |
| 03-May-2015 |
Dr. Stephen Henson |
more OSSL_NELEM cases Reviewed-by: Tim Hudson <tjh@openssl.org>
|
#
b548a1f1 |
| 01-May-2015 |
Rich Salz |
free null cleanup finale Don't check for NULL before calling OPENSSL_free Reviewed-by: Richard Levitte <levitte@openssl.org>
|
#
23a1d5e9 |
| 01-May-2015 |
Rich Salz |
free NULL cleanup 7 This gets BN_.*free: BN_BLINDING_free BN_CTX_free BN_FLG_FREE BN_GENCB_free BN_MONT_CTX_free BN_RECP_CTX_free BN_clear_free BN_free BUF_MEM_free
free NULL cleanup 7 This gets BN_.*free: BN_BLINDING_free BN_CTX_free BN_FLG_FREE BN_GENCB_free BN_MONT_CTX_free BN_RECP_CTX_free BN_clear_free BN_free BUF_MEM_free Also fix a call to DSA_SIG_free to ccgost engine and remove some #ifdef'd dead code in engines/e_ubsec. Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|