Commit Graph

3068 Commits

Author SHA1 Message Date
Ulf Möller
06676624fc Add a warning about the usage of the montgomery functions (if the inputs
are not reduced modulo m, the outputs won't be either).
2000-11-29 22:37:14 +00:00
Geoff Thorpe
ef8b601789 Amend the original CHANGES log entry. The ex_data handling has been
similarly modified now on DH and DSA.
2000-11-29 20:02:00 +00:00
Bodo Möller
01e62900c7 BN_legendre is no longer needed now that OpenSSL has BN_kronecker. 2000-11-29 19:59:59 +00:00
Geoff Thorpe
d50f1bdfac Do to DH and DSA what has already been done to RSA. This involves moving
the initialisation and cleanup of "ex_data" elements to before an init()
handler and after a finish() handler respectively.
2000-11-29 19:59:45 +00:00
Bodo Möller
38b40c624c mark a bug 2000-11-29 19:29:47 +00:00
Bodo Möller
eb1f1b0a34 Fix BN_kronecker so that it works correctly if 'a' is negative
(we need the two's complement of BN_lsw then).
2000-11-29 19:26:33 +00:00
Geoff Thorpe
a9376dbff9 More little changes to the tunala demo;
* A little bit of code-cleanup
* Reformat the usage string (not so wide)
* Allow adding an alternative (usually DSA) cert/key pair (a la s_server)
* Allow control over cert-chain verify depth
2000-11-29 19:22:54 +00:00
Bodo Möller
14697d9d6d BN_to_montgomery expects its inputs to be in the interval 0 .. modulus-1,
so we have to reduce the random numbers used in test_mont.

Before this change, test_mont failed in [debug-]solaris-sparcv9-gcc
configurations ("Montgomery multiplication test failed!" because
the multiplication result obtained with Montgomery multiplication
differed from the result obtained by BN_mod_mul).
Substituing the old version of bn_gcd.c (BN_mod_inverse) did not avoid
the problem.

The strange thing is that it I did not observe any problems
when using debug-solaris-sparcv8-gcc and solaris-sparcv9-cc,
as well as when compiling OpenSSL 0.9.6 in the solaric-sparcv9-gcc
configuration on the same system.
2000-11-29 18:08:24 +00:00
Lutz Jänicke
c6a926d9e2 Log security relevant change. 2000-11-29 18:06:18 +00:00
Ulf Möller
c1db5bfc08 fix for Borland C 2000-11-29 16:43:50 +00:00
Bodo Möller
429b8162c6 add missing braces 2000-11-29 16:43:03 +00:00
Lutz Jänicke
0dd2254d76 Store verify_result with sessions to avoid potential security hole.
For the server side this was already done one year ago :-(
2000-11-29 16:04:38 +00:00
Bodo Möller
03a0848922 Fix warnings in expspeed.c (but the segmentation fault remains)
Improve readability of bn_shift.c.

Add comment in bn_lib.c (why zero data between top and max?)

Change bntest.c output for BN_kronecker test
2000-11-29 13:40:08 +00:00
Bodo Möller
9161672950 BN_bin2bn did *not* contain an off-by-one error;
I'm still investigating what caused the segementation fault
(maybe "make clean; make" will cure it ...).
But BN_bin2bn should always reset ret->neg.
2000-11-29 12:53:41 +00:00
Bodo Möller
a08bcccc67 Expand expspeed.c to make BN_kronecker timings.
This caused a segmentation fault in calls to malloc, so I cleaned up
bn_lib.c a little so that it is easier to see what is going on.
The bug turned out to be an off-by-one error in BN_bin2bn.
2000-11-29 12:32:10 +00:00
Bodo Möller
bdec3c5323 Implement BN_kronecker test.
Modify "CHANGES" entry for BN_mod_inverse (it's not just avoiding BN_div
that increases performance, avoiding BN_mul also helps)
2000-11-29 11:06:50 +00:00
Bodo Möller
53d286797c avoid segmentation fault 2000-11-29 11:04:31 +00:00
Bodo Möller
b6cafbd7d8 Make BN_mod_inverse a little faster 2000-11-29 09:57:13 +00:00
Bodo Möller
499e167fda Improve BN_mod_inverse performance.
Get the BN_mod_exp_mont bugfix (for handling negative inputs) correct
this time.
2000-11-29 09:41:19 +00:00
Richard Levitte
0135e33511 Copy and paste error... bn_add_part_words() should of course call
bn_add_words(), not bn_sub_words()...
2000-11-29 09:36:48 +00:00
Geoff Thorpe
f2cc7559dd Make s_client/s_server-style cert verification output configurable by
command line, and make the peer-authentication similarly configurable.
2000-11-29 01:29:08 +00:00
Ulf Möller
fe8686ba4b use standard C 2000-11-29 00:07:07 +00:00
Geoff Thorpe
4aa69fe0b6 Minor tweaks and improvements to the tunala demo.
- Add "-cipher" and "-out_state" command line arguments to control SSL
  cipher-suites and handshake debug output respectively.

- Implemented error handling for SSL handshakes that break down. This uses
  a cheat - storing a non-NULL pointer as "app_data" in the SSL structure
  when the SSL should be killed.
2000-11-28 23:27:23 +00:00
Geoff Thorpe
b984cd2b01 A typo and a couple of logic errors fixed. I think there may still be one
or two kinks lurking around, but it now appears to deal with the basic
test cases ok.
2000-11-28 19:09:58 +00:00
Bodo Möller
adcc64cd9e Use BN_pseudo_rand instead of BN_rand 2000-11-28 11:49:12 +00:00
Bodo Möller
c94b6de017 Timings. 2000-11-28 11:47:51 +00:00
Bodo Möller
000e21779c Note that SSL_peek has been disabled. 2000-11-28 11:13:06 +00:00
Richard Levitte
f1d6f64c8e Addapt to added files in the BIGNUM section 2000-11-28 10:20:02 +00:00
Bodo Möller
d79cab27a5 Correct a bug in BN_kronecker.
Sketch the test for BN_kronecker.
2000-11-28 07:53:35 +00:00
Bodo Möller
24b44446e2 Comments on SSL_peek deficiencies 2000-11-28 06:58:22 +00:00
Bodo Möller
87739b2c53 Disable SSL_peek until it is fixed. 2000-11-28 06:48:36 +00:00
Bodo Möller
c782089611 Add test_kron function, which will contain a test for BN_kronecker. 2000-11-28 06:41:05 +00:00
Bodo Möller
265592b99a Add bn_kron.c (BN_kronecker), which I forgot in the previous commit.
Also add the next file in advance so that I can't forget this one :-)
2000-11-28 06:37:43 +00:00
Bodo Möller
077ff61eef Undo previous commit, which was an accident. 2000-11-27 21:22:45 +00:00
Bodo Möller
dcbd0d74d5 Fix BN_is_... macros.
Fix BN_gcd.
Analyze BN_mod_inverse.
Add BN_kronecker.
"make update".
2000-11-27 21:17:20 +00:00
Bodo Möller
1ec0a3862e Change submitted files so that they compile (in particular,
use BN_CTX_start/get/end instead of accessing ctx->tos).

Change indentation to "EAY" style.
2000-11-26 19:20:56 +00:00
Bodo Möller
946cd9a540 Change submitted files so that they compile (in particular,
use BN_CTX_start/get/end instead of accessing ctx->tos).

Change indentation to "EAY" style.
2000-11-26 19:13:52 +00:00
Geoff Thorpe
0ac87024e3 It was a small change, but it *could* conceivably affect people - so I'm
making a note in the CHANGES file.
2000-11-26 18:39:27 +00:00
Geoff Thorpe
7abe830501 Ensure that the "ex_data" member of an RSA structure is initialised before
the RSA_METHOD's "init()" handler is called, and is cleaned up after the
RSA_METHOD's "finish()" handler is called. Custom RSA_METHODs may wish to
initialise contexts and other specifics in the RSA structure upon creation
and that was previously not possible - "ex_data" is where that stuff
should go and it was being initialised too late for it to be used.
2000-11-26 18:34:45 +00:00
Bodo Möller
5acaa49504 More BN_mod_... functions. 2000-11-26 18:31:32 +00:00
Bodo Möller
535b9b5724 Add bn_mod.c (should have happend in the previous commit ...).
BN_swap manual page.
2000-11-26 16:46:57 +00:00
Bodo Möller
78a0c1f18d modular arithmetics
"make update"
2000-11-26 16:42:38 +00:00
Bodo Möller
6cc5e19d47 Remove CR at line ends. 2000-11-26 12:55:19 +00:00
Bodo Möller
7e0c5264e7 Elliptic curves over GF(p), new BIGNUM functions, Montgomery re-implementation.
These new files will not be included literally in OpenSSL, but I intend
to integrate most of their contents.  Most file names will change,
and when the integration is done, the superfluous files will be deleted.

Submitted by: Lenka Fibikova <fibikova@exp-math.uni-essen.de>
2000-11-26 12:12:35 +00:00
Richard Levitte
73343ac38a Correct a number of syntax errors. 2000-11-22 18:20:31 +00:00
Richard Levitte
d53d271728 Addapt the VMS scripts to the changes in the Makefiles. 2000-11-22 18:17:16 +00:00
Ulf Möller
37fc8c3747 Remove RSAREF (not used).
You can still get the code using tag "rsaref".
2000-11-22 16:52:29 +00:00
Richard Levitte
01412ec600 Addapt the VMS scripts to the changes in the Makefiles. 2000-11-22 04:54:06 +00:00
Richard Levitte
c4f3542abf Reimplement bn_div_words, bn_add_words and bn_sub_words for VAX.
I'm a little bit nervous about bn_div_words, as I don't know what it's
supposed to return on overflow.  For now, I trust the rest of the
system to give it numbers that will not cause any overflow...
2000-11-21 23:32:38 +00:00
Richard Levitte
c799770060 Avoid getting warnings about unary - being used on unsigned integer. 2000-11-21 23:29:55 +00:00