- Feb 23, 2018
-
-
Bernd Edlinger authored
Reviewed-by:
Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5426)
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
- Feb 22, 2018
-
-
Rich Salz authored
Reviewed-by:
Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5433)
-
- Feb 21, 2018
-
-
Kurt Roeckx authored
Reviewed-by:
Rich Salz <rsalz@openssl.org> Reviewed-by:
Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by:
Paul Dale <paul.dale@oracle.com> GH: #5400
-
Pavel Kopyl authored
X509v3_add_ext: free 'sk' if the memory pointed to by it was malloc-ed inside this function. X509V3_EXT_add_nconf_sk: return an error if X509v3_add_ext() fails. This prevents use of a freed memory in do_body:sk_X509_EXTENSION_num(). Reviewed-by:
-
Samuel Weiser authored
Replaced variable-time GCD with consttime inversion to avoid side-channel attacks on RSA key generation Reviewed-by:
Kurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/5161)
-
Matt Caswell authored
We can't add NULL data into a hash Reviewed-by:
-
Andy Polyakov authored
Currently it's limited to 64-bit platforms only as minimum radix expected in assembly is 2^51. Reviewed-by:
-
Andy Polyakov authored
Reviewed-by:
-
Andy Polyakov authored
3 least significant bits of the input scalar are explicitly cleared, hence swap variable has fixed value [of zero] upon exit from the loop. Reviewed-by:
-
- Feb 20, 2018
-
-
Matt Caswell authored
Reviewed-by:
Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5105)
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
The original curve448 code was templated to allow for a 25519 implementation. We've just imported the 448 stuff - but a remnant of the original templated approach remained. This just simplifies that. Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
We removed various platform specific optimisation files in an earlier commit. The vector code was related to that and therefore is no longer required. It may be resurrected at a later point if we reintroduce the opimtisations. Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Instead we should use the standard OpenSSL constant time routines. Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
We already have a constant_time_select() function so, to avoid confusion/clashing we shouldn't have a second one. Reviewed-by:
-
Matt Caswell authored
Remove all architecture specific files except for the reference arch_32 version. These files provide archicture specific performance optimisation. However they have not been integrated yet. In order to avoid review issues they are removed for now. They may be reintroduced at a later time. Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
