#
06cf881a |
| 08-Feb-2015 |
Rich Salz |
Final (for me, for now) dead code cleanup This is a final pass looking for '#if 0'/'#if 1' controls and removing the appropriate pieces. Reviewed-by: Andy Polyakov <appro@openss
Final (for me, for now) dead code cleanup This is a final pass looking for '#if 0'/'#if 1' controls and removing the appropriate pieces. Reviewed-by: Andy Polyakov <appro@openssl.org>
show more ...
|
#
474e469b |
| 27-Jan-2015 |
Rich Salz |
OPENSSL_NO_xxx cleanup: SHA Remove support for SHA0 and DSS0 (they were broken), and remove the ability to attempt to build without SHA (it didn't work). For simplicity, remove the o
OPENSSL_NO_xxx cleanup: SHA Remove support for SHA0 and DSS0 (they were broken), and remove the ability to attempt to build without SHA (it didn't work). For simplicity, remove the option of not building various SHA algorithms; you could argue that SHA_224/256/384/512 should be kept, since they're like crypto algorithms, but I decided to go the other way. So these options are gone: GENUINE_DSA OPENSSL_NO_SHA0 OPENSSL_NO_SHA OPENSSL_NO_SHA1 OPENSSL_NO_SHA224 OPENSSL_NO_SHA256 OPENSSL_NO_SHA384 OPENSSL_NO_SHA512 Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
Revision tags: OpenSSL_1_0_2, master-post-auto-reformat |
|
#
0f113f3e |
| 22-Jan-2015 |
Matt Caswell |
Run util/openssl-format-source -v -c . Reviewed-by: Tim Hudson <tjh@openssl.org>
|
Revision tags: OpenSSL_1_0_2-post-auto-reformat, OpenSSL_0_9_8-post-auto-reformat, OpenSSL_0_9_8-pre-auto-reformat, OpenSSL_1_0_0-post-auto-reformat, OpenSSL_1_0_0-pre-auto-reformat, OpenSSL_1_0_1-post-auto-reformat, OpenSSL_1_0_1-pre-auto-reformat, master-post-reformat, OpenSSL_0_9_8-pre-reformat, OpenSSL_0_9_8ze, OpenSSL_1_0_0-pre-reformat, OpenSSL_1_0_0q, OpenSSL_1_0_1-pre-reformat, OpenSSL_1_0_1l, master-pre-reformat, OpenSSL_1_0_2-pre-reformat, OpenSSL_0_9_8zd, OpenSSL_1_0_0p, OpenSSL_1_0_1k, OpenSSL_0_9_8-post-reformat, OpenSSL-fips-2_0_9 |
|
#
73e45b2d |
| 20-Oct-2014 |
Dr. Stephen Henson |
remove OPENSSL_FIPSAPI Reviewed-by: Tim Hudson <tjh@openssl.org>
|
#
ebdf37e4 |
| 19-Oct-2014 |
Dr. Stephen Henson |
remove FIPS module code from crypto/bn Reviewed-by: Tim Hudson <tjh@openssl.org>
|
Revision tags: OpenSSL_1_0_1j, OpenSSL_1_0_0o, OpenSSL_0_9_8zc, OpenSSL_1_0_2-beta3, OpenSSL_0_9_8zb, OpenSSL_1_0_0n, OpenSSL_1_0_1i, OpenSSL_1_0_2-beta2, OpenSSL-fips-2_0_8, OpenSSL_1_0_1h, OpenSSL_1_0_0m, OpenSSL_0_9_8za, OpenSSL-fips-2_0_7, OpenSSL_1_0_1g, OpenSSL_1_0_2-beta1, OpenSSL_1_0_0l, OpenSSL_1_0_1f, OpenSSL-fips-2_0_6, OpenSSL-fips-2_0_5, OpenSSL-fips-2_0_4, OpenSSL-fips-2_0_3, OpenSSL_1_0_1e, OpenSSL_0_9_8y, OpenSSL_1_0_0k, OpenSSL_1_0_1d |
|
#
8a99cb29 |
| 24-Jan-2013 |
Adam Langley |
Add secure DSA nonce flag. This change adds the option to calculate (EC)DSA nonces by hashing the message and private key along with entropy to avoid leaking the private key if the P
Add secure DSA nonce flag. This change adds the option to calculate (EC)DSA nonces by hashing the message and private key along with entropy to avoid leaking the private key if the PRNG fails.
show more ...
|
Revision tags: OpenSSL-fips-2_0-pl1, OpenSSL-fips-2_0_2, OpenSSL-fips-2_0_1, OpenSSL_1_0_1c, OpenSSL_1_0_0j, OpenSSL_0_9_8x, OpenSSL_1_0_1b, OpenSSL_0_9_8w, OpenSSL_1_0_1a, OpenSSL_0_9_8v, OpenSSL_1_0_0i, OpenSSL_1_0_1, OpenSSL_1_0_0h, OpenSSL_0_9_8u, OpenSSL_1_0_1-beta3, OpenSSL_1_0_1-beta2, OpenSSL-fips-2_0, OpenSSL_1_0_0g, OpenSSL_0_9_8t, OpenSSL_0_9_8s, OpenSSL_1_0_0f, OpenSSL-fips-2_0-rc8, OpenSSL_1_0_1-beta1, OpenSSL-fips-2_0-rc7, OpenSSL-fips-2_0-rc6, OpenSSL-fips-2_0-rc5, OpenSSL-fips-2_0-rc4, OpenSSL-fips-2_0-rc3, OpenSSL-fips-2_0-rc2, OpenSSL-fips-2_0-rc1, OpenSSL-fips-1_2_3, OpenSSL-fips-1_2_2, OpenSSL-fips-1_2_1, OpenSSL_1_0_0e |
|
#
c2fd5989 |
| 11-May-2011 |
Dr. Stephen Henson |
Rename FIPS_mode_set and FIPS_mode. Theses symbols will be defined in the FIPS capable OpenSSL.
|
#
ed12c2f7 |
| 11-Feb-2011 |
Dr. Stephen Henson |
In FIPS mode only use "Generation by Testing Candidates" equivalent.
|
Revision tags: OpenSSL_1_0_0d, OpenSSL_0_9_8r |
|
#
7edfe674 |
| 27-Jan-2011 |
Dr. Stephen Henson |
Move all FIPSAPI renames into fips.h header file, include early in crypto.h if needed. Modify source tree to handle change.
|
#
7cc684f4 |
| 27-Jan-2011 |
Dr. Stephen Henson |
Redirect FIPS memory allocation to FIPS_malloc() routine, remove OpenSSL malloc dependencies.
|
Revision tags: OpenSSL_0_9_8q, OpenSSL_1_0_0c, OpenSSL_0_9_8p, OpenSSL_1_0_0b, OpenSSL_0_9_8o, OpenSSL_1_0_0a, OpenSSL_1_0_0, OpenSSL_0_9_8n, OpenSSL_0_9_8m, OpenSSL_0_9_8m-beta1, OpenSSL_1_0_0-beta5, OpenSSL_1_0_0-beta4, OpenSSL_0_9_8l, OpenSSL_1_0_0-beta3, OpenSSL_1_0_0-beta2, OpenSSL_1_0_0-beta1, OpenSSL_0_9_8k, OpenSSL_0_9_8j |
|
#
6343829a |
| 12-Nov-2008 |
Geoff Thorpe |
Revert the size_t modifications from HEAD that had led to more knock-on work than expected - they've been extracted into a patch series that can be completed elsewhere, or in a different bran
Revert the size_t modifications from HEAD that had led to more knock-on work than expected - they've been extracted into a patch series that can be completed elsewhere, or in a different branch, before merging back to HEAD.
show more ...
|
#
4d6e1e4f |
| 01-Nov-2008 |
Ben Laurie |
size_tification.
|
#
0d6f9c71 |
| 19-Oct-2008 |
Ben Laurie |
Constification.
|
Revision tags: OpenSSL_0_9_8i, OpenSSL_0_9_8h, OpenSSL_0_9_8g, OpenSSL_0_9_8f, FIPS_098_TEST_8, FIPS_098_TEST_7, FIPS_098_TEST_6, FIPS_098_TEST_5, FIPS_098_TEST_4, FIPS_098_TEST_3, FIPS_098_TEST_2, FIPS_098_TEST_1, OpenSSL_0_9_7m, OpenSSL_0_9_8e, OpenSSL_0_9_7l, OpenSSL_0_9_8d, OpenSSL_0_9_8c, OpenSSL_0_9_7k, OpenSSL_0_9_7j, OpenSSL_0_9_8b, OpenSSL_FIPS_1_0, OpenSSL_0_9_7i, OpenSSL_0_9_8a, OpenSSL_0_9_7h, OpenSSL_0_9_8, FIPS_TEST_10, OpenSSL_0_9_8-beta6, OpenSSL_0_9_8-beta5, FIPS_TEST_9, OpenSSL_0_9_8-beta4, OpenSSL_0_9_8-beta3, BEN_FIPS_TEST_8, OpenSSL_0_9_8-beta2, OpenSSL_0_9_8-beta1 |
|
#
aa4ce731 |
| 26-Apr-2005 |
Bodo Möller |
Fix various incorrect error function codes. ("perl util/ck_errf.pl */*.c */*/*.c" still reports many more.)
|
Revision tags: OpenSSL_0_9_7g, OpenSSL_0_9_7f, BEN_FIPS_TEST_7, BEN_FIPS_TEST_6, OpenSSL_0_9_7e |
|
#
a8722803 |
| 25-Mar-2004 |
Richard Levitte |
RAND_add() wants a double as it's last argument.
|
Revision tags: OpenSSL_0_9_7d, OpenSSL-engine-0_9_6m, OpenSSL_0_9_6m, LEVITTE_after_const, LEVITTE_before_const |
|
#
b6358c89 |
| 13-Mar-2004 |
Geoff Thorpe |
Convert openssl code not to assume the deprecated form of BN_zero(). Remove certain redundant BN_zero() initialisations, because BN_CTX_get(), BN_init(), [etc] already initialise to zero
Convert openssl code not to assume the deprecated form of BN_zero(). Remove certain redundant BN_zero() initialisations, because BN_CTX_get(), BN_init(), [etc] already initialise to zero. Correct error checking in bn_sqr.c, and be less wishy-wash about how/why the result's 'top' value is set (note also, 'max' is always > 0 at this point).
show more ...
|
Revision tags: BEN_FIPS_TEST_5, BEN_FIPS_TEST_4 |
|
#
d870740c |
| 04-Nov-2003 |
Geoff Thorpe |
Put the first stage of my bignum debugging adventures into CVS. This code is itself experimental, and in addition may cause execution to break on existing openssl "bugs" that previously were
Put the first stage of my bignum debugging adventures into CVS. This code is itself experimental, and in addition may cause execution to break on existing openssl "bugs" that previously were harmless or at least invisible.
show more ...
|
Revision tags: OpenSSL-engine-0_9_6l, OpenSSL_0_9_6l, BEN_FIPS_TEST_3, BEN_FIPS_TEST_2, BEN_FIPS_TEST_1, OpenSSL-engine-0_9_6k, OpenSSL_0_9_6k, OpenSSL_0_9_7c, OpenSSL-engine-0_9_6j, OpenSSL_0_9_7b, OpenSSL_0_9_6j, OpenSSL-engine-0_9_6i, OpenSSL_0_9_6i, OpenSSL_0_9_7a, OpenSSL_0_9_7, OpenSSL_0_9_7-beta6, STATE_after_zlib, STATE_before_zlib, OpenSSL_0_9_7-beta5, OpenSSL-engine-0_9_6h, OpenSSL_0_9_6h |
|
#
43d60164 |
| 29-Nov-2002 |
Richard Levitte |
A few more memset()s converted to OPENSSL_cleanse(). I *think* I got them all covered by now, bu please, if you find any more, tell me and I'll correct it. PR: 343
|
Revision tags: OpenSSL_0_9_7-beta4, OpenSSL-engine-0_9_6g, OpenSSL_0_9_6g, OpenSSL-engine-0_9_6f, OpenSSL_0_9_6f |
|
#
95ecacf8 |
| 02-Aug-2002 |
Bodo Möller |
Let BN_rand_range() abort with an error after 100 iterations without success.
|
Revision tags: OpenSSL_0_9_7-beta3, OpenSSL-engine-0_9_6e, OpenSSL_0_9_6e, OpenSSL_0_9_7-beta2, OpenSSL_0_9_7-beta1, AFTER_COMPAQ_PATCH, BEFORE_COMPAQ_PATCH, OpenSSL-engine-0_9_6d, OpenSSL_0_9_6d, OpenSSL-engine-0_9_6d-beta1, OpenSSL_0_9_6d-beta1, OpenSSL-engine-0_9_6c, OpenSSL_0_9_6c |
|
#
66df02fd |
| 14-Dec-2001 |
Bodo Möller |
fix BN_rand_range
|
#
983495c4 |
| 03-Sep-2001 |
Bodo Möller |
Use uniformly chosen witnesses for Miller-Rabin test (by using new BN_pseudo_rand_range function)
|
Revision tags: OpenSSL-engine-0_9_6b, OpenSSL_0_9_6b, OpenSSL_0_9_6a, OpenSSL-engine-0_9_6a, OpenSSL-engine-0_9_6a-beta3, OpenSSL_0_9_6a-beta3, OpenSSL-engine-0_9_6a-beta2, OpenSSL_0_9_6a-beta2, OpenSSL-engine-0_9_6a-beta1, OpenSSL_0_9_6a-beta1 |
|
#
f2bc6684 |
| 20-Feb-2001 |
Bodo Möller |
Fix BN_[pseudo_]rand: 'mask' must be used even if top=-1. Mention BN_[pseudo_]rand with top=-1 in CHANGES.
|
#
335c4f09 |
| 20-Feb-2001 |
Ulf Möller |
BN_rand_range() needs a BN_rand() variant that doesn't set the MSB.
|
#
e3068929 |
| 10-Feb-2001 |
Bodo Möller |
Simplify BN_rand_range
|
#
792e2ce7 |
| 08-Feb-2001 |
Bodo Möller |
Another comment change. (Previous comment does not apply for range = 11000000... or range = 100000...)
|