summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/bn/bn.h (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Change generating and checking of primes so that the error rate ofschwarze2019-08-251-18/+73
| | | | | | | | | | | not being prime depends on the intended use based on the size of the input. For larger primes this will result in more rounds of Miller-Rabin. The maximal error rate for primes with more than 1080 bits is lowered to 2^-128. Patch from Kurt Roeckx <kurt@roeckx.be> and Annie Yousar via OpenSSL commit feac7a1c Jul 25 18:55:16 2018 +0200, still under a free license. OK tb@.
* Provide BN_GENCB_new(), BN_GENCB_free() and BN_GENCB_get_arg()jsing2018-02-201-1/+6
|
* Provide BN_get_rfc2409_prime_*() and BN_get_rfc3526_prime_*().jsing2018-02-201-1/+9
|
* Construct a BN_gcd_nonct, based on BN_mod_inverse_no_branch, as suggestedbeck2017-01-251-1/+3
| | | | | | | | | | | by Alejandro Cabrera <aldaya@gmail.com> to avoid the possibility of a sidechannel timing attack during RSA private key generation. Modify BN_gcd to become not visible under LIBRESSL_INTERNAL and force the use of the _ct or _nonct versions of the function only within the library. ok jsing@
* Add ct and nonct versions of BN_mod_inverse for internal usebeck2017-01-211-1/+3
| | | | ok jsing@
* Split out BN_div and BN_mod into ct and nonct versions for Internal use.beck2017-01-211-1/+3
| | | | ok jsing@
* Make explicit _ct and _nonct versions of bn_mod_exp funcitons thatbeck2017-01-211-1/+3
| | | | | | | | | | | | matter for constant time, and make the public interface only used external to the library. This moves us to a model where the important things are constant time versions unless you ask for them not to be, rather than the opposite. I'll continue with this method by method. Add regress tests for same. ok jsing@
* Explicitly export a list of symbols from libcrypto.jsing2016-12-211-115/+1
| | | | | | | | | | | | | | | | Move the "internal" BN functions from bn.h to bn_lcl.h and stop exporting the bn_* symbols. These are documented as only being intended for internal use, so why they were placed in a public header is beyond me... This hides 363 previously exported symbols, most of which exist in headers that are not installed and were never intended to be public. This also removes a few crusty old things that should have died long ago (like _ossl_old_des_read_pw). But don't worry... there are still 3451 symbols exported from the library. With input and testing from inoguchi@. ok beck@ inoguchi@
* graduate bn_expand() to a real function. the openssl version of thisderaadt2016-03-041-3/+3
| | | | | | | uses a macro with multiple-evaluations of arguments (different amount than the previous version..), but doug/bcook's inline version makes BIGNUM not opaque [problem spotted by naddy] ok doug
* Revert bn_expand until there's consensus on a fix.doug2016-03-041-14/+3
|
* Add bounds checking for BN_hex2bn/BN_dec2bn.doug2016-03-021-3/+14
| | | | | | | | | Need to make sure i * 4 won't overflow. Based on OpenSSL: commit 99ba9fd02fd481eb971023a3a0a251a37eb87e4c input + ok bcook@ ok beck@
* Reject too small bits value in BN_generate_prime_ex(), so that it does not riskmiod2015-10-211-1/+3
| | | | | | | | becoming negative in probable_prime_dh_safe(). Reported by Franck Denis who noticed `openssl gendh 0' would segfault. Fix adapted from OpenSSL RT#2701. ok beck@ jsing@
* actually include the prerequisite dependency for BIO instead of doing nastynessbeck2015-10-161-5/+2
|
* Delete a lot of #if 0 code in libressl.doug2015-02-071-12/+1
| | | | | | | | | | | | | | | | | | | | | | | | | There are a few instances where #if 1 is removed but the code remains. Based on the following OpenSSL commits. Some of the commits weren't strictly deletions so they are going to be split up into separate commits. 6f91b017bbb7140f816721141ac156d1b828a6b3 3d47c1d331fdc7574d2275cda1a630ccdb624b08 dfb56425b68314b2b57e17c82c1df42e7a015132 c8fa2356a00cbaada8963f739e5570298311a060 f16a64d11f55c01f56baa62ebf1dec7f8fe718cb 9ccc00ef6ea65567622e40c49aca43f2c6d79cdb 02a938c953b3e1ced71d9a832de1618f907eb96d 75d0ebef2aef7a2c77b27575b8da898e22f3ccd5 d6fbb194095312f4722c81c9362dbd0de66cb656 6f1a93ad111c7dfe36a09a976c4c009079b19ea1 1a5adcfb5edfe23908b350f8757df405b0f5f71f 8de24b792743d11e1d5a0dcd336a49368750c577 a2b18e657ea1a932d125154f4e13ab2258796d90 8e964419603d2478dfb391c66e7ccb2dcc9776b4 32dfde107636ac9bc62a5b3233fe2a54dbc27008 input + ok jsing@, miod@, tedu@
* Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes().jsing2014-10-221-11/+6
| | | | | | | | arc4random_buf() is guaranteed to always succeed - it is worth noting that a number of the replaced function calls were already missing return value checks. ok deraadt@
* hand-KNF macro the do { } while loopsderaadt2014-06-271-1/+2
|
* tags as requested by miod and teduderaadt2014-06-121-1/+1
|
* Everything sane has stdio, and FILE *. we don't need ifdefs for this.beck2014-05-291-4/+0
| | | | ok to firebomb from tedu@
* Almost nothing actually needs to include <openssl/e_os2.h>, however byjsing2014-05-241-1/+2
| | | | | | | including it they get <openssl/opensslconf.h>. So instead of pulling in <openssl/e_os2.h>, just pull in <openssl/opensslconf.h>. "go ahead" miod@
* Emergency knfectomie requested by tedu@.jsing2014-05-081-98/+99
|
* Try to clean the maze of <openssl/bn.h> defines regarding the BN internals.miod2014-04-241-47/+6
| | | | | | | | | | | | | | | | | | | | | | | The intent of this change is to only keep support for two kind of architectures: - those with 32-bit int and long, and 64-bit long long, where ``long * long -> long long'' multiplication routines are available. - those with 64-bit int and long, and no 128-bit long long type. This gets rid of the SIXTY_FOUR_BIT_LONG, SIXTY_FOUR_BIT (not the same!), THIRTY_TWO_BIT, SIXTEEN_BIT and EIGHT_BIT defines. After this change, the types and defines are as follows: arch: 64bit 32bit rationale BN_LLONG undefined defined defined if l * l -> ll BN_ULLONG undefined u long long result of BN_LONG * BN_LONG BN_ULONG u long u int native register size BN_LONG long int the same, signed BN_BITS 128 64 size of 2*BN_ULONG in bits BN_BYTES 8 4 size of 2*BN_ULONG in bytes BN_BITS2 64 32 BN_BITS / 2 Tested on various 32-bit and 64-bit OpenBSD systems of various endianness.
* Use of OPENSSL_SYS_xxx defines in public header files considered harmful.miod2014-04-171-6/+1
|
* replace PTR_SIZE_INT (only used for VMS) with uintptr_t, tweaks from jca@,sthen2014-04-141-18/+0
| | | | makes sense to beck@
* Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.miod2014-04-131-0/+11
|
* resolve conflictsdjm2012-10-131-0/+15
|
* openssl-1.0.0e: resolve conflictsdjm2011-11-031-0/+18
|
* resolve conflicts, fix local changesdjm2010-10-011-89/+92
|
* resolve conflictsdjm2009-01-091-2/+13
|
* resolve conflictsdjm2008-09-061-69/+330
|
* resolve conflictsdjm2006-06-271-0/+34
|
* merge 0.9.7b with local changes; crank majors for libssl/libcryptomarkus2003-05-121-0/+2
|
* merge with openssl-0.9.7-stable-SNAP-20020911,markus2002-09-141-1/+1
| | | | | new minor for libcrypto (_X509_REQ_print_ex) tested by miod@, pb@
* Merge openssl-0.9.7-stable-SNAP-20020519beck2002-05-211-1/+1
|
* OpenSSL 0.9.7 stable 2002 05 08 mergebeck2002-05-151-75/+102
|
* openssl-engine-0.9.6a mergebeck2001-06-221-1/+7
|
* openssl-engine-0.9.6 mergebeck2000-12-151-4/+8
|
* OpenSSL 0.9.5a mergebeck2000-04-151-1/+1
|
* OpenSSL 0.9.5 mergebeck2000-03-191-46/+89
| | | | | | *warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
* OpenSSL 0.9.4 mergebeck1999-09-291-0/+467
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 22:35:17 +0000