generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add secure DSA nonce flag.

Browse Source 
This change adds the option to calculate (EC)DSA nonces by hashing the
message and private key along with entropy to avoid leaking the private
key if the PRNG fails.
This commit is contained in:
Adam Langley
2013-01-24 16:27:28 -05:00
committed by Ben Laurie
parent 64a786a292
commit 8a99cb29d1
15 changed files with 201 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
crypto/dsa/dsa_err.c
View File

@@ -1,6 +1,6 @@
/* crypto/dsa/dsa_err.c */
/* ====================================================================
* Copyright (c) 1999-2010 The OpenSSL Project. All rights reserved.
* Copyright (c) 1999-2013 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -112,6 +112,7 @@ static ERR_STRING_DATA DSA_str_reasons[]=
{ERR_REASON(DSA_R_MISSING_PARAMETERS) ,"missing parameters"},
{ERR_REASON(DSA_R_MODULUS_TOO_LARGE) ,"modulus too large"},
{ERR_REASON(DSA_R_NEED_NEW_SETUP_VALUES) ,"need new setup values"},
{ERR_REASON(DSA_R_NONCE_CANNOT_BE_PRECOMPUTED),"nonce cannot be precomputed"},
{ERR_REASON(DSA_R_NO_PARAMETERS_SET) ,"no parameters set"},
{ERR_REASON(DSA_R_PARAMETER_ENCODING_ERROR),"parameter encoding error"},
{ERR_REASON(DSA_R_Q_NOT_PRIME) ,"q not prime"},