|
Revision tags: OpenSSL-fips-2_0-pl1, OpenSSL-fips-2_0_2, OpenSSL-fips-2_0_1, OpenSSL_1_0_1c, OpenSSL_1_0_0j, OpenSSL_0_9_8x, OpenSSL_1_0_1b, OpenSSL_0_9_8w, OpenSSL_1_0_1a, OpenSSL_0_9_8v, OpenSSL_1_0_0i, OpenSSL_1_0_1, OpenSSL_1_0_0h, OpenSSL_0_9_8u, OpenSSL_1_0_1-beta3, OpenSSL_1_0_1-beta2, OpenSSL-fips-2_0, OpenSSL_1_0_0g, OpenSSL_0_9_8t, OpenSSL_0_9_8s, OpenSSL_1_0_0f, OpenSSL-fips-2_0-rc8, OpenSSL_1_0_1-beta1, OpenSSL-fips-2_0-rc7, OpenSSL-fips-2_0-rc6, OpenSSL-fips-2_0-rc5, OpenSSL-fips-2_0-rc4, OpenSSL-fips-2_0-rc3, OpenSSL-fips-2_0-rc2, OpenSSL-fips-2_0-rc1, OpenSSL-fips-1_2_3, OpenSSL-fips-1_2_2, OpenSSL-fips-1_2_1, OpenSSL_1_0_0e, OpenSSL_1_0_0d, OpenSSL_0_9_8r, OpenSSL_0_9_8q, OpenSSL_1_0_0c, OpenSSL_0_9_8p, OpenSSL_1_0_0b, OpenSSL_0_9_8o, OpenSSL_1_0_0a, OpenSSL_1_0_0, OpenSSL_0_9_8n, OpenSSL_0_9_8m, OpenSSL_0_9_8m-beta1, OpenSSL_1_0_0-beta5, OpenSSL_1_0_0-beta4, OpenSSL_0_9_8l, OpenSSL_1_0_0-beta3, OpenSSL_1_0_0-beta2, OpenSSL_1_0_0-beta1, OpenSSL_0_9_8k, OpenSSL_0_9_8j, OpenSSL_0_9_8i, OpenSSL_0_9_8h, OpenSSL_0_9_8g, OpenSSL_0_9_8f, FIPS_098_TEST_8, FIPS_098_TEST_7, FIPS_098_TEST_6, FIPS_098_TEST_5, FIPS_098_TEST_4, FIPS_098_TEST_3, FIPS_098_TEST_2, FIPS_098_TEST_1 |
|
| #
24a8c25a |
| 19-Apr-2007 |
Bodo Möller |
fix error codes
|
|
Revision tags: OpenSSL_0_9_7m, OpenSSL_0_9_8e |
|
| #
47a9d527 |
| 21-Nov-2006 |
Dr. Stephen Henson |
Update from 0.9.8 stable. Eliminate duplicate error codes.
|
|
Revision tags: OpenSSL_0_9_7l, OpenSSL_0_9_8d, OpenSSL_0_9_8c, OpenSSL_0_9_7k, OpenSSL_0_9_7j, OpenSSL_0_9_8b, OpenSSL_FIPS_1_0, OpenSSL_0_9_7i, OpenSSL_0_9_8a, OpenSSL_0_9_7h, OpenSSL_0_9_8, FIPS_TEST_10, OpenSSL_0_9_8-beta6, OpenSSL_0_9_8-beta5, FIPS_TEST_9, OpenSSL_0_9_8-beta4, OpenSSL_0_9_8-beta3, BEN_FIPS_TEST_8, OpenSSL_0_9_8-beta2, OpenSSL_0_9_8-beta1 |
|
| #
46a64376 |
| 16-May-2005 |
Bodo Möller |
Implement fixed-window exponentiation to mitigate hyper-threading
timing attacks.
BN_FLG_EXP_CONSTTIME requests this algorithm, and this done by default for
RSA/DSA/DH private key co
Implement fixed-window exponentiation to mitigate hyper-threading
timing attacks.
BN_FLG_EXP_CONSTTIME requests this algorithm, and this done by default for
RSA/DSA/DH private key computations unless
RSA_FLAG_NO_EXP_CONSTTIME/DSA_FLAG_NO_EXP_CONSTTIME/
DH_FLAG_NO_EXP_CONSTTIME is set.
Submitted by: Matthew D Wood
Reviewed by: Bodo Moeller
show more ...
|
| #
8afca8d9 |
| 11-May-2005 |
Bodo Möller |
Fix more error codes.
(Also improve util/ck_errf.pl script, and occasionally
fix source code formatting.)
|
| #
800e400d |
| 26-Apr-2005 |
Nils Larsch |
some updates for the blinding code; summary:
- possibility of re-creation of the blinding parameters after a
fixed number of uses (suggested by Bodo)
- calculatition of the rsa::e in ca
some updates for the blinding code; summary:
- possibility of re-creation of the blinding parameters after a
fixed number of uses (suggested by Bodo)
- calculatition of the rsa::e in case it's absent and p and q
are present (see bug report #785)
- improve the performance when if one rsa structure is shared by
more than a thread (see bug report #555)
- fix the problem described in bug report #827
- hide the definition ot the BN_BLINDING structure in bn_blind.c
show more ...
|
| #
aa4ce731 |
| 26-Apr-2005 |
Bodo Möller |
Fix various incorrect error function codes.
("perl util/ck_errf.pl */*.c */*/*.c" still reports many more.)
|
| #
29dc3508 |
| 12-Apr-2005 |
Dr. Stephen Henson |
Rebuild error codes.
|
|
Revision tags: OpenSSL_0_9_7g, OpenSSL_0_9_7f, BEN_FIPS_TEST_7, BEN_FIPS_TEST_6, OpenSSL_0_9_7e |
|
| #
ace3ebd6 |
| 06-Jul-2004 |
Geoff Thorpe |
Improve error handling if decompression of an ec point fails, and cleanup
ec_curve.c (unify comments, etc).
Submitted by: Nils Larsch
Reviewed by: Bodo Moeller, Geoff Thorpe
|
|
Revision tags: OpenSSL_0_9_7d, OpenSSL-engine-0_9_6m, OpenSSL_0_9_6m, LEVITTE_after_const, LEVITTE_before_const, BEN_FIPS_TEST_5, BEN_FIPS_TEST_4, OpenSSL-engine-0_9_6l, OpenSSL_0_9_6l, BEN_FIPS_TEST_3, BEN_FIPS_TEST_2, BEN_FIPS_TEST_1, OpenSSL-engine-0_9_6k, OpenSSL_0_9_6k, OpenSSL_0_9_7c, OpenSSL-engine-0_9_6j, OpenSSL_0_9_7b, OpenSSL_0_9_6j |
|
| #
78951e77 |
| 20-Mar-2003 |
Richard Levitte |
Make sure we get the definition of OPENSSL_NO_ERR.
|
|
Revision tags: OpenSSL-engine-0_9_6i, OpenSSL_0_9_6i, OpenSSL_0_9_7a, OpenSSL_0_9_7, OpenSSL_0_9_7-beta6, STATE_after_zlib, STATE_before_zlib, OpenSSL_0_9_7-beta5, OpenSSL-engine-0_9_6h, OpenSSL_0_9_6h, OpenSSL_0_9_7-beta4, OpenSSL-engine-0_9_6g, OpenSSL_0_9_6g, OpenSSL-engine-0_9_6f, OpenSSL_0_9_6f |
|
| #
1dc920c8 |
| 02-Aug-2002 |
Bodo Möller |
Binary field arithmetic contributed by Sun Microsystems.
The 'OPENSSL_NO_SUN_DIV' default is still subject to change,
so I didn't bother to finish the CHANGES entry yet.
Submitted by
Binary field arithmetic contributed by Sun Microsystems.
The 'OPENSSL_NO_SUN_DIV' default is still subject to change,
so I didn't bother to finish the CHANGES entry yet.
Submitted by: Douglas Stebila <douglas.stebila@sun.com>, Sheueling Chang <sheueling.chang@sun.com>
(CHANGES entry by Bodo Moeller)
show more ...
|
|
Revision tags: OpenSSL_0_9_7-beta3, OpenSSL-engine-0_9_6e, OpenSSL_0_9_6e, OpenSSL_0_9_7-beta2, OpenSSL_0_9_7-beta1, AFTER_COMPAQ_PATCH, BEFORE_COMPAQ_PATCH, OpenSSL-engine-0_9_6d, OpenSSL_0_9_6d, OpenSSL-engine-0_9_6d-beta1, OpenSSL_0_9_6d-beta1, OpenSSL-engine-0_9_6c, OpenSSL_0_9_6c, OpenSSL-engine-0_9_6b, OpenSSL_0_9_6b, OpenSSL_0_9_6a, OpenSSL-engine-0_9_6a, OpenSSL-engine-0_9_6a-beta3, OpenSSL_0_9_6a-beta3, OpenSSL-engine-0_9_6a-beta2, OpenSSL_0_9_6a-beta2, OpenSSL-engine-0_9_6a-beta1, OpenSSL_0_9_6a-beta1 |
|
| #
cf1b7d96 |
| 19-Feb-2001 |
Richard Levitte |
Make all configuration macros available for application by making
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other package
Make all configuration macros available for application by making
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.
I've checked fairly well that nothing breaks with this (apart from
external software that will adapt if they have used something like
NO_KRB5), but I can't guarantee it completely, so a review of this
change would be a good thing.
show more ...
|
| #
35ed8cb8 |
| 08-Feb-2001 |
Bodo Möller |
Integrate my implementation of a countermeasure against
Bleichenbacher's DSA attack. With this implementation, the expected
number of iterations never exceeds 2.
New semantics for B
Integrate my implementation of a countermeasure against
Bleichenbacher's DSA attack. With this implementation, the expected
number of iterations never exceeds 2.
New semantics for BN_rand_range():
BN_rand_range(r, min, range) now generates r such that
min <= r < min+range.
(Previously, BN_rand_range(r, min, max) generated r such that
min <= r < max.
It is more convenient to have the range; also the previous
prototype was misleading because max was larger than
the actual maximum.)
show more ...
|
| #
e5164b70 |
| 04-Dec-2000 |
Bodo Möller |
Change error message to "bignum too long"
|
| #
152a689c |
| 03-Dec-2000 |
Bodo Möller |
Don't allow BIGNUMs to become so large that computations with dmax
might overflow.
|
| #
cd2eebfd |
| 30-Nov-2000 |
Bodo Möller |
BN_sqrt
|
| #
a08bcccc |
| 29-Nov-2000 |
Bodo Möller |
Expand expspeed.c to make BN_kronecker timings.
This caused a segmentation fault in calls to malloc, so I cleaned up
bn_lib.c a little so that it is easier to see what is going on.
The bu
Expand expspeed.c to make BN_kronecker timings.
This caused a segmentation fault in calls to malloc, so I cleaned up
bn_lib.c a little so that it is easier to see what is going on.
The bug turned out to be an off-by-one error in BN_bin2bn.
show more ...
|
| #
5acaa495 |
| 26-Nov-2000 |
Bodo Möller |
More BN_mod_... functions.
|
|
Revision tags: rsaref, BEFORE_engine, OpenSSL_0_9_6-beta2, OpenSSL_0_9_6-beta1, OpenSSL_0_9_6, OpenSSL-engine-0_9_6, OpenSSL-engine-0_9_6-beta3, OpenSSL_0_9_6-beta3, OpenSSL-engine-0_9_6-beta2, OpenSSL-engine-0_9_6-beta1 |
|
| #
dc434bbc |
| 08-Jun-2000 |
Bodo Möller |
Slightly faster DSA verification (BN_mod_exp2_mont),
marginally faster BN_mod_exp for 1024 bit exponents.
|
| #
6dad7bd6 |
| 07-Jun-2000 |
Bodo Möller |
Speed up DH with small generator.
|
|
Revision tags: OpenSSL_0_9_5, OpenSSL_0_9_5a, OpenSSL_0_9_5a-beta2, OpenSSL_0_9_5a-beta1 |
|
| #
59fc2b0f |
| 05-Mar-2000 |
Bodo Möller |
Preserve reason strings in automatically build tables.
|
|
Revision tags: OpenSSL_0_9_5beta2, OpenSSL_0_9_5beta1 |
|
| #
37e48b88 |
| 05-Feb-2000 |
Bodo Möller |
Generate just one error code if iterated SSL_CTX_get() fails.
Avoid enabled 'assert()' in production library.
|
| #
9b141126 |
| 05-Feb-2000 |
Ulf Möller |
New functions BN_CTX_start(), BN_CTX_get(), BN_CTX_end() to access
temporary BIGNUMs. BN_CTX still uses a fixed number of BIGNUMs, but
the BN_CTX implementation could now easily be changed.
|
|
Revision tags: OpenSSL_0_9_4, OpenSSL_0_9_3a, OpenSSL_0_9_3, OpenSSL_0_9_3beta2, OpenSSL_0_9_3beta1 |
|
| #
6d311938 |
| 24-Apr-1999 |
Dr. Stephen Henson |
Complete rewrite of the error code generation script. It now runs as a single
script, translates function codes better and doesn't need the K&R function
prototypes to work (NB. the K&R protot
Complete rewrite of the error code generation script. It now runs as a single
script, translates function codes better and doesn't need the K&R function
prototypes to work (NB. the K&R prototypes can't be wiped just yet: they are
still needed by the DEF generator...). I also ran the script with the -rewrite
option to update all the header and source files.
show more ...
|
| #
ec577822 |
| 23-Apr-1999 |
Bodo Möller |
Change #include filenames from <foo.h> to <openssl.h>.
Submitted by:
Reviewed by:
PR:
|
| #
6b691a5c |
| 19-Apr-1999 |
Ulf Möller |
Change functions to ANSI C.
|
