Skip to content
  1. Jul 30, 2001
  2. Jul 27, 2001
  3. Jul 26, 2001
  4. Jul 25, 2001
  5. Jul 24, 2001
  6. Jul 23, 2001
  7. Jul 21, 2001
  8. Jul 20, 2001
    • Lutz Jänicke's avatar
      Updated explanation. · c0bee3c8
      Lutz Jänicke authored
      c0bee3c8
    • Lutz Jänicke's avatar
      Updated explanation. · 6d3dec92
      Lutz Jänicke authored
      6d3dec92
    • Lutz Jänicke's avatar
      Some more documentation bits. · 79e29dca
      Lutz Jänicke authored
      79e29dca
    • cvs2svn's avatar
      This commit was manufactured by cvs2svn to create branch · 04bdca29
      cvs2svn authored
      'OpenSSL_0_9_6-stable'.
      04bdca29
    • Lutz Jänicke's avatar
      Some more documentation bits. · 2d3b6a5b
      Lutz Jänicke authored
      2d3b6a5b
    • Geoff Thorpe's avatar
      Currently, RSA code, when using no padding scheme, simply checks that input · 81d1998e
      Geoff Thorpe authored
      does not contain more bytes than the RSA modulus 'n' - it does not check
      that the input is strictly *less* than 'n'. Whether this should be the
      case or not is open to debate - however, due to security problems with
      returning miscalculated CRT results, the 'rsa_mod_exp' implementation in
      rsa_eay.c now performs a public-key exponentiation to verify the CRT result
      and in the event of an error will instead recalculate and return a non-CRT
      (more expensive) mod_exp calculation. As the mod_exp of 'I' is equivalent
      to the mod_exp of 'I mod n', and the verify result is automatically between
      0 and n-1 inclusive, the verify only matches the input if 'I' was less than
      'n', otherwise even a correct CRT calculation is only congruent to 'I' (ie.
      they differ by a multiple of 'n'). Rather than rejecting correct
      calculations and doing redundant and slower ones instead, this changes the
      equality check in the verification code to a congruence check.
      81d1998e
  9. Jul 17, 2001
  10. Jul 16, 2001
  11. Jul 15, 2001
  12. Jul 13, 2001
    • Dr. Stephen Henson's avatar
      · 534a1ed0
      Dr. Stephen Henson authored
      Allow OCSP server to handle multiple requests.
      
      Document new OCSP options.
      534a1ed0
  13. Jul 12, 2001