| /openssl/crypto/ |
| H A D | param_build.c | 27 int secure; member
63 if ((pd->secure = secure) != 0) in param_push()
196 int n, secure = 0; in push_BN() local
220 secure = 1; in push_BN()
256 int secure; in OSSL_PARAM_BLD_push_utf8_string() local
260 secure = CRYPTO_secure_allocated(buf); in OSSL_PARAM_BLD_push_utf8_string()
286 int secure; in OSSL_PARAM_BLD_push_octet_string() local
288 secure = CRYPTO_secure_allocated(buf); in OSSL_PARAM_BLD_push_octet_string()
323 if (pd->secure) { in param_bld_convert()
324 p = secure; in param_bld_convert()
[all …]
|
| /openssl/doc/man3/ |
| H A D | OPENSSL_secure_malloc.pod | 11 CRYPTO_secure_used - secure heap storage
45 information might be stored, OpenSSL supports the concept of a "secure heap."
50 If a secure heap is used, then private key B<BIGNUM> values are stored there.
54 CRYPTO_secure_malloc_init() creates the secure heap, with the specified
61 CRYPTO_secure_malloc_initialized() indicates whether or not the secure
65 to the process if all secure memory has been freed.
90 the memory if it was not allocated from the secure heap.
97 requested, in order to "round up" and reduce secure heap fragmentation.
102 secure heap.
110 CRYPTO_secure_malloc_initialized() returns 1 if the secure heap is
[all …]
|
| H A D | PEM_bytes_read_bio.pod | 43 memory from the secure heap for its temporary buffers and the storage
49 PEM_bytes_read_bio_secmem() only enforces that the secure heap is used for
52 allocated from the secure heap. In cases where it is desirable to ensure
53 that the contents of the PEM file only appears in memory from the secure heap,
|
| H A D | SSL_CTX_set_options.pod | 43 secure renegotiation.
408 OpenSSL always attempts to use secure renegotiation as
413 aware of. In the description below an implementation supporting secure
414 renegotiation is referred to as I<patched>. A server not supporting secure
417 The following sections describe the operations permitted by OpenSSL's secure
447 RFC 5746 secure renegotiation are subject to attacks such as
460 B<SSL_OP_LEGACY_SERVER_CONNECT> enables initial connections and secure
517 secure renegotiation and 0 if it does not.
528 The attempt to always try to use secure renegotiation was added in
|
| H A D | SSL_check_chain.pod | 62 most secure. It could then use the chain of the first set which returns
68 chain is suitable a server should fall back to the most secure chain which
|
| H A D | BN_new.pod | 24 BN_secure_new() does the same except that the secure heap
|
| H A D | RSA_public_encrypt.pod | 101 a side-channel secure error handling.
102 Applications that want to be secure against side-channel attacks with
|
| H A D | BUF_MEM_new.pod | 33 should be allocated on the secure heap; see L<CRYPTO_secure_malloc(3)>.
|
| H A D | PEM_read_bio_ex.pod | 28 input are allocated from the secure heap.
|
| H A D | BN_CTX_new.pod | 33 but uses the secure heap (see L<CRYPTO_secure_malloc(3)>) to hold the
|
| H A D | EVP_PKEY_fromdata.pod | 112 * and secure application will not use such small numbers. A real
113 * and secure application is expected to use BIGNUMs, and to build
|
| H A D | RAND_bytes.pod | 29 secure pseudo random generator (CSPRNG) and stores them in B<buf>. B<buf> B<MUST NOT> be NULL.
|
| H A D | X509_get0_signature.pod | 95 key is less secure: for example a certificate signed using SHA-512 and a
|
| H A D | EVP_PKEY_decrypt.pod | 67 of side-channel secure code from applications using OpenSSL.
|
| /openssl/include/crypto/ |
| H A D | rand_pool.h | 60 # define RAND_POOL_MIN_ALLOCATION(secure) ((secure) ? 16 : 48) argument
76 int secure; /* 1: allocated on the secure heap, 0: otherwise */ member
85 RAND_POOL *ossl_rand_pool_new(int entropy_requested, int secure,
|
| /openssl/crypto/rand/ |
| H A D | rand_pool.c | 22 RAND_POOL *ossl_rand_pool_new(int entropy_requested, int secure, in ossl_rand_pool_new() argument
26 size_t min_alloc_size = RAND_POOL_MIN_ALLOCATION(secure); in ossl_rand_pool_new()
38 if (secure) in ossl_rand_pool_new()
47 pool->secure = secure; in ossl_rand_pool_new()
100 if (pool->secure) in ossl_rand_pool_free()
215 if (pool->secure) in rand_pool_grow()
222 if (pool->secure) in rand_pool_grow()
|
| /openssl/ |
| H A D | NOTES-ANSI.md | 12 - `no-secure-memory`
14 The secure memory calls aren't supported with ANSI C.
|
| H A D | README-QUIC.md | 28 QUIC is a state-of-the-art secure transport protocol carried over UDP. It can
|
| /openssl/doc/man7/ |
| H A D | RAND.pod | 13 can be used as a cryptographically-secure pseudo-random number generator
61 A DRBG is a certain type of cryptographically-secure pseudo-random
|
| H A D | ossl-guide-introduction.pod | 11 cryptography and secure communication. Its features are made available via a
|
| /openssl/test/recipes/30-test_evp_data/ |
| H A D | evpmd_sha.txt | 177 # http://csrc.nist.gov/groups/STM/cavp/secure-hashing.html#test-vectors
285 # http://csrc.nist.gov/groups/STM/cavp/secure-hashing.html#test-vectors
|
| /openssl/ssl/ |
| H A D | s3_lib.c | 3928 sizeof(ctx->ext.secure->tick_aes_key)); in ssl3_ctx_ctrl()
3938 memcpy(ctx->ext.secure->tick_hmac_key, in ssl3_ctx_ctrl()
3940 sizeof(ctx->ext.secure->tick_hmac_key)); in ssl3_ctx_ctrl()
3941 memcpy(ctx->ext.secure->tick_aes_key, in ssl3_ctx_ctrl()
3943 sizeof(ctx->ext.secure->tick_hmac_key), in ssl3_ctx_ctrl()
3944 sizeof(ctx->ext.secure->tick_aes_key)); in ssl3_ctx_ctrl()
3949 ctx->ext.secure->tick_hmac_key, in ssl3_ctx_ctrl()
3950 sizeof(ctx->ext.secure->tick_hmac_key)); in ssl3_ctx_ctrl()
3952 sizeof(ctx->ext.secure->tick_hmac_key), in ssl3_ctx_ctrl()
3953 ctx->ext.secure->tick_aes_key, in ssl3_ctx_ctrl()
[all …]
|
| /openssl/doc/man1/ |
| H A D | openssl-rand.pod.in | 22 secure pseudo random number generator (CSPRNG). A suffix [K|M|G|T] may be
|
| H A D | openssl-srp.pod.in | 30 This command is deprecated. It is used to maintain an SRP (secure remote
|
| /openssl/engines/ |
| H A D | e_loader_attic.c | 1287 static void pem_free_flag(void *pem_data, int secure, size_t num) in pem_free_flag() argument
1289 if (secure) in pem_free_flag()
1297 const char *uri, int secure) in file_read_pem() argument
1299 int i = secure in file_read_pem()
|
