A tweak to generate keys in a way that will enable the efficient point
compression, described in
http://tools.ietf.org/html/draft-jivsov-ecc-compact.
This request doesn't change any format/API, doesn't introduce
compression, and doesn't lower security.
However, because the method to generate c
On 4 June 2013 13:49, Adam Langley via RT wrote:
> This change saves several EC routines from crashing when an EC_KEY is
> missing a public key. The public key is optional in the EC private key
> format and, without this patch, running the following through `openssl
> ec` causes a crash:
>
> -
On 4 June 2013 13:49, Adam Langley via RT wrote:
> This change saves several EC routines from crashing when an EC_KEY is
> missing a public key. The public key is optional in the EC private key
> format and, without this patch, running the following through `openssl
> ec` causes a crash:
>
> -
On Wed Feb 01 14:02:51 2012, dominik.oe...@informatik.hu-berlin.de wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Hi
>
> BN_generate_prime_ex can generate prime numbers larger than the
> specified bitsize. The problem can be reproduced using the following
> commands:
>
> [do@trinity t
The Safari browser on OSX versions 10.8 to 10.8.3 advertises support for
several ECDHE-ECDSA ciphers but fails to negotiate them.
When a Safari client connects to an OpenSSL-based server that has the
attached patch (against the "master" branch) applied, the server will
prefer other mutually sup
This change alters the processing of invalid, RSA pre-master secrets so
that bad encryptions are treated like random session keys in constant
time.
0011-premaster_constant_time.patch
Description: Binary data
This patch tweaks the OAEP padding check to be slightly more constant
time and rewrites the PKCS#1 v1.5 padding check to the same end.
0010-constant_time_rsa_padding.patch
Description: Binary data
This change saves several EC routines from crashing when an EC_KEY is
missing a public key. The public key is optional in the EC private key
format and, without this patch, running the following through `openssl
ec` causes a crash:
-BEGIN EC PRIVATE KEY-
MBkCAQEECAECAwQFBgcIoAoGCCqGSM49AwE
Ensure that, when generating small primes, the result is actually of the
requested size. Fixes OpenSSL #2701.
This change does not address the cases of generating safe primes, or
where the |add| parameter is non-NULL.
0008-small_prime_generation.patch
Description: Binary data
Ensure that x**0 mod 1 = 0.
0007-exp_zero_mod_one.patch
Description: Binary data
Add volatile qualifications to two blocks of inline asm to stop GCC from
eliminating them as dead code.
Both volatile and "memory" are used because of some concern that the compiler
may still cache values across the asm block without it, and because this was
such a painful debugging session that I
Don't SEGFAULT when trying to export a public DSA key as a private key.
0005-dsa_crash.patch
Description: Binary data
Limit the number of empty records that will be processed consecutively
in order to prevent ssl3_get_record from never returning.
Reported by "oftc_must_be_destroyed" and George Kadianakis.
0004-empty_record_limit.patch
Description: Binary data
13 matches
Mail list logo