Ulf Möller
06676624fc
Add a warning about the usage of the montgomery functions (if the inputs
...
are not reduced modulo m, the outputs won't be either).
2000-11-29 22:37:14 +00:00
Geoff Thorpe
ef8b601789
Amend the original CHANGES log entry. The ex_data handling has been
...
similarly modified now on DH and DSA.
2000-11-29 20:02:00 +00:00
Bodo Möller
01e62900c7
BN_legendre is no longer needed now that OpenSSL has BN_kronecker.
2000-11-29 19:59:59 +00:00
Geoff Thorpe
d50f1bdfac
Do to DH and DSA what has already been done to RSA. This involves moving
...
the initialisation and cleanup of "ex_data" elements to before an init()
handler and after a finish() handler respectively.
2000-11-29 19:59:45 +00:00
Bodo Möller
38b40c624c
mark a bug
2000-11-29 19:29:47 +00:00
Bodo Möller
eb1f1b0a34
Fix BN_kronecker so that it works correctly if 'a' is negative
...
(we need the two's complement of BN_lsw then).
2000-11-29 19:26:33 +00:00
Geoff Thorpe
a9376dbff9
More little changes to the tunala demo;
...
* A little bit of code-cleanup
* Reformat the usage string (not so wide)
* Allow adding an alternative (usually DSA) cert/key pair (a la s_server)
* Allow control over cert-chain verify depth
2000-11-29 19:22:54 +00:00
Bodo Möller
14697d9d6d
BN_to_montgomery expects its inputs to be in the interval 0 .. modulus-1,
...
so we have to reduce the random numbers used in test_mont.
Before this change, test_mont failed in [debug-]solaris-sparcv9-gcc
configurations ("Montgomery multiplication test failed!" because
the multiplication result obtained with Montgomery multiplication
differed from the result obtained by BN_mod_mul).
Substituing the old version of bn_gcd.c (BN_mod_inverse) did not avoid
the problem.
The strange thing is that it I did not observe any problems
when using debug-solaris-sparcv8-gcc and solaris-sparcv9-cc,
as well as when compiling OpenSSL 0.9.6 in the solaric-sparcv9-gcc
configuration on the same system.
2000-11-29 18:08:24 +00:00
Lutz Jänicke
c6a926d9e2
Log security relevant change.
2000-11-29 18:06:18 +00:00
Ulf Möller
c1db5bfc08
fix for Borland C
2000-11-29 16:43:50 +00:00
Bodo Möller
429b8162c6
add missing braces
2000-11-29 16:43:03 +00:00
Lutz Jänicke
0dd2254d76
Store verify_result with sessions to avoid potential security hole.
...
For the server side this was already done one year ago :-(
2000-11-29 16:04:38 +00:00
Bodo Möller
03a0848922
Fix warnings in expspeed.c (but the segmentation fault remains)
...
Improve readability of bn_shift.c.
Add comment in bn_lib.c (why zero data between top and max?)
Change bntest.c output for BN_kronecker test
2000-11-29 13:40:08 +00:00
Bodo Möller
9161672950
BN_bin2bn did *not* contain an off-by-one error;
...
I'm still investigating what caused the segementation fault
(maybe "make clean; make" will cure it ...).
But BN_bin2bn should always reset ret->neg.
2000-11-29 12:53:41 +00:00
Bodo Möller
a08bcccc67
Expand expspeed.c to make BN_kronecker timings.
...
This caused a segmentation fault in calls to malloc, so I cleaned up
bn_lib.c a little so that it is easier to see what is going on.
The bug turned out to be an off-by-one error in BN_bin2bn.
2000-11-29 12:32:10 +00:00
Bodo Möller
bdec3c5323
Implement BN_kronecker test.
...
Modify "CHANGES" entry for BN_mod_inverse (it's not just avoiding BN_div
that increases performance, avoiding BN_mul also helps)
2000-11-29 11:06:50 +00:00
Bodo Möller
53d286797c
avoid segmentation fault
2000-11-29 11:04:31 +00:00
Bodo Möller
b6cafbd7d8
Make BN_mod_inverse a little faster
2000-11-29 09:57:13 +00:00
Bodo Möller
499e167fda
Improve BN_mod_inverse performance.
...
Get the BN_mod_exp_mont bugfix (for handling negative inputs) correct
this time.
2000-11-29 09:41:19 +00:00
Richard Levitte
0135e33511
Copy and paste error... bn_add_part_words() should of course call
...
bn_add_words(), not bn_sub_words()...
2000-11-29 09:36:48 +00:00
Geoff Thorpe
f2cc7559dd
Make s_client/s_server-style cert verification output configurable by
...
command line, and make the peer-authentication similarly configurable.
2000-11-29 01:29:08 +00:00
Ulf Möller
fe8686ba4b
use standard C
2000-11-29 00:07:07 +00:00
Geoff Thorpe
4aa69fe0b6
Minor tweaks and improvements to the tunala demo.
...
- Add "-cipher" and "-out_state" command line arguments to control SSL
cipher-suites and handshake debug output respectively.
- Implemented error handling for SSL handshakes that break down. This uses
a cheat - storing a non-NULL pointer as "app_data" in the SSL structure
when the SSL should be killed.
2000-11-28 23:27:23 +00:00
Geoff Thorpe
b984cd2b01
A typo and a couple of logic errors fixed. I think there may still be one
...
or two kinks lurking around, but it now appears to deal with the basic
test cases ok.
2000-11-28 19:09:58 +00:00
Bodo Möller
adcc64cd9e
Use BN_pseudo_rand instead of BN_rand
2000-11-28 11:49:12 +00:00
Bodo Möller
c94b6de017
Timings.
2000-11-28 11:47:51 +00:00
Bodo Möller
000e21779c
Note that SSL_peek has been disabled.
2000-11-28 11:13:06 +00:00
Richard Levitte
f1d6f64c8e
Addapt to added files in the BIGNUM section
2000-11-28 10:20:02 +00:00
Bodo Möller
d79cab27a5
Correct a bug in BN_kronecker.
...
Sketch the test for BN_kronecker.
2000-11-28 07:53:35 +00:00
Bodo Möller
24b44446e2
Comments on SSL_peek deficiencies
2000-11-28 06:58:22 +00:00
Bodo Möller
87739b2c53
Disable SSL_peek until it is fixed.
2000-11-28 06:48:36 +00:00
Bodo Möller
c782089611
Add test_kron function, which will contain a test for BN_kronecker.
2000-11-28 06:41:05 +00:00
Bodo Möller
265592b99a
Add bn_kron.c (BN_kronecker), which I forgot in the previous commit.
...
Also add the next file in advance so that I can't forget this one :-)
2000-11-28 06:37:43 +00:00
Bodo Möller
077ff61eef
Undo previous commit, which was an accident.
2000-11-27 21:22:45 +00:00
Bodo Möller
dcbd0d74d5
Fix BN_is_... macros.
...
Fix BN_gcd.
Analyze BN_mod_inverse.
Add BN_kronecker.
"make update".
2000-11-27 21:17:20 +00:00
Bodo Möller
1ec0a3862e
Change submitted files so that they compile (in particular,
...
use BN_CTX_start/get/end instead of accessing ctx->tos).
Change indentation to "EAY" style.
2000-11-26 19:20:56 +00:00
Bodo Möller
946cd9a540
Change submitted files so that they compile (in particular,
...
use BN_CTX_start/get/end instead of accessing ctx->tos).
Change indentation to "EAY" style.
2000-11-26 19:13:52 +00:00
Geoff Thorpe
0ac87024e3
It was a small change, but it *could* conceivably affect people - so I'm
...
making a note in the CHANGES file.
2000-11-26 18:39:27 +00:00
Geoff Thorpe
7abe830501
Ensure that the "ex_data" member of an RSA structure is initialised before
...
the RSA_METHOD's "init()" handler is called, and is cleaned up after the
RSA_METHOD's "finish()" handler is called. Custom RSA_METHODs may wish to
initialise contexts and other specifics in the RSA structure upon creation
and that was previously not possible - "ex_data" is where that stuff
should go and it was being initialised too late for it to be used.
2000-11-26 18:34:45 +00:00
Bodo Möller
5acaa49504
More BN_mod_... functions.
2000-11-26 18:31:32 +00:00
Bodo Möller
535b9b5724
Add bn_mod.c (should have happend in the previous commit ...).
...
BN_swap manual page.
2000-11-26 16:46:57 +00:00
Bodo Möller
78a0c1f18d
modular arithmetics
...
"make update"
2000-11-26 16:42:38 +00:00
Bodo Möller
6cc5e19d47
Remove CR at line ends.
2000-11-26 12:55:19 +00:00
Bodo Möller
7e0c5264e7
Elliptic curves over GF(p), new BIGNUM functions, Montgomery re-implementation.
...
These new files will not be included literally in OpenSSL, but I intend
to integrate most of their contents. Most file names will change,
and when the integration is done, the superfluous files will be deleted.
Submitted by: Lenka Fibikova <fibikova@exp-math.uni-essen.de>
2000-11-26 12:12:35 +00:00
Richard Levitte
73343ac38a
Correct a number of syntax errors.
2000-11-22 18:20:31 +00:00
Richard Levitte
d53d271728
Addapt the VMS scripts to the changes in the Makefiles.
2000-11-22 18:17:16 +00:00
Ulf Möller
37fc8c3747
Remove RSAREF (not used).
...
You can still get the code using tag "rsaref".
2000-11-22 16:52:29 +00:00
Richard Levitte
01412ec600
Addapt the VMS scripts to the changes in the Makefiles.
2000-11-22 04:54:06 +00:00
Richard Levitte
c4f3542abf
Reimplement bn_div_words, bn_add_words and bn_sub_words for VAX.
...
I'm a little bit nervous about bn_div_words, as I don't know what it's
supposed to return on overflow. For now, I trust the rest of the
system to give it numbers that will not cause any overflow...
2000-11-21 23:32:38 +00:00
Richard Levitte
c799770060
Avoid getting warnings about unary - being used on unsigned integer.
2000-11-21 23:29:55 +00:00