root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity
12,205 Commits 32 Branches 398 Tags 545 MiB
Commit Graph

34 Commits

Author SHA1 Message Date
Dr. Stephen Henson 271fef0ef3 Exetended OAEP support. 
Extend OAEP support. Generalise the OAEP padding functions to support
arbitrary digests. Extend EVP_PKEY RSA method to handle the new OAEP
padding functions and add ctrls to set the additional parameters.
 2013-06-12 18:48:17 +01:00
Ben Laurie 7c770d572a Add and use a constant-time memcmp. 
This change adds CRYPTO_memcmp, which compares two vectors of bytes in
an amount of time that's independent of their contents. It also changes
several MAC compares in the code to use this over the standard memcmp,
which may leak information about the size of a matching prefix.
(cherry picked from commit 2ee798880a)
 2013-02-06 14:16:55 +00:00
Dr. Stephen Henson 7edfe67456 Move all FIPSAPI renames into fips.h header file, include early in 
crypto.h if needed.

Modify source tree to handle change.
 2011-01-27 19:10:56 +00:00
Dr. Stephen Henson 7cc684f4f7 Redirect FIPS memory allocation to FIPS_malloc() routine, remove 
OpenSSL malloc dependencies.
 2011-01-27 17:23:43 +00:00
Dr. Stephen Henson 7c8ced94c3 Change OPENSSL_FIPSEVP to OPENSSL_FIPSAPI as it doesn't just refer 
to EVP any more.

Move locking #define into fips.h.

Set FIPS locking callbacks at same time as OpenSSL locking callbacks.
 2011-01-27 15:22:26 +00:00
Dr. Stephen Henson c553721e8b FIPS mode RSA changes: 
Check for selftest failures.

Pairwise consistency test for RSA key generation.

Use some EVP macros instead of EVP functions.

Use minimal FIPS EVP where needed.
 2011-01-26 15:37:41 +00:00
Dr. Stephen Henson b6dcdbfc94 Audit libcrypto for unchecked return values: fix all cases enountered 2009-09-23 23:43:49 +00:00
Dr. Stephen Henson a5f78bf3ba Fix from 0.9.8-stable. 2009-06-26 23:14:39 +00:00
Ben Laurie 0eab41fb78 If we're going to return errors (no matter how stupid), then we should 
test for them!
 2008-12-29 16:11:58 +00:00
Dr. Stephen Henson 94fd382f8b Fix two invalid memory reads in RSA OAEP mode. 
Submitted by: Ivan Nestlerode <inestlerode@us.ibm.com>
Reviewed by: steve
 2008-05-19 21:33:55 +00:00
Dr. Stephen Henson 499fca2db3 Update from 0.9.7-stable. Also repatch and rebuild error codes. 2005-05-28 20:44:02 +00:00
Bodo Möller 8afca8d9c6 Fix more error codes. 
(Also improve util/ck_errf.pl script, and occasionally
fix source code formatting.)
 2005-05-11 03:45:39 +00:00
Dr. Stephen Henson 20d2186c87 Retain compatibility of EVP_DigestInit() and EVP_DigestFinal() 
with existing code.

Modify library to use digest *_ex() functions.
 2001-10-16 01:24:29 +00:00
Bodo Möller a9ed4da8eb improve OAEP check 2001-09-06 10:42:56 +00:00
Bodo Möller e1a4814cd4 fix formatting so that the file can be view with any tab-width 2001-09-06 09:30:16 +00:00
Ben Laurie dbad169019 Really add the EVP and all of the DES changes. 2001-07-30 23:57:25 +00:00
Bodo Möller ea3b8af50a avoid warnings 2001-07-24 14:20:36 +00:00
Dr. Stephen Henson 323f289c48 Change all calls to low level digest routines in the library and 
applications to use EVP. Add missing calls to HMAC_cleanup() and
don't assume HMAC_CTX can be copied using memcpy().

Note: this is almost identical to the patch submitted to openssl-dev
by Verdon Walker <VWalker@novell.com> except some redundant
EVP_add_digest_()/EVP_cleanup() calls were removed and some changes
made to avoid compiler warnings.
 2001-06-19 22:30:40 +00:00
Ulf Möller 0ad0eaf61c more error codes fixed 2001-06-08 14:16:39 +00:00
Bodo Möller 20e021bf41 when checking OAEP, signal just a single kind of 'decoding error' 2001-06-06 18:48:49 +00:00
Ulf Möller 8ca2ae775d move check to avoid memory leak. 2001-06-06 17:23:23 +00:00
Ulf Möller ee8aa8217a make sure we don't write to seed[-1] 2001-06-06 17:17:53 +00:00
Richard Levitte cf1b7d9664 Make all configuration macros available for application by making 
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.

I've checked fairly well that nothing breaks with this (apart from
external software that will adapt if they have used something like
NO_KRB5), but I can't guarantee it completely, so a review of this
change would be a good thing.
 2001-02-19 16:06:34 +00:00
Bodo Möller 9ae9c221de Update "OAEP reconsidered" comment 2001-01-24 14:59:25 +00:00
Bodo Möller 9347ba487c Discuss http://www.shoup.net/papers/oaep.ps.Z 2000-12-05 10:30:21 +00:00
Richard Levitte 29c1f0615b Constify the RSA library. 2000-11-06 22:34:17 +00:00
Richard Levitte 26a3a48d65 There have been a number of complaints from a number of sources that names 
like Malloc, Realloc and especially Free conflict with already existing names
on some operating systems or other packages.  That is reason enough to change
the names of the OpenSSL memory allocation macros to something that has a
better chance of being unique, like prepending them with OPENSSL_.

This change includes all the name changes needed throughout all C files.
 2000-06-01 22:19:21 +00:00
Ulf Möller eb952088f0 Precautions against using the PRNG uninitialized: RAND_bytes() now 
returns int (1 = ok, 0 = not seeded). New function RAND_add() is the
same as RAND_seed() but takes an estimate of the entropy as an additional
argument.
 2000-01-13 20:59:17 +00:00
Ulf Möller 9f5f32c9b0 Bug fix. 1999-04-29 20:31:56 +00:00
Ulf Möller d02f751ce1 Message digest stuff. 1999-04-27 04:18:53 +00:00
Ulf Möller 79df9d6272 New Configure option no-<cipher> (rsa, idea, rc5, ...). 1999-04-27 03:19:12 +00:00
Bodo Möller ec577822f9 Change #include filenames from <foo.h> to <openssl.h>. 
Submitted by:
Reviewed by:
PR:
 1999-04-23 22:13:45 +00:00
Ulf Möller 6b691a5c85 Change functions to ANSI C. 1999-04-19 21:31:43 +00:00
Ben Laurie a49498969e Add OAEP. 1999-02-17 21:11:08 +00:00