openbsd/src/lib/libcrypto/dh, branch libressl-v3.7.0 A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=libressl-v3.7.0 2022-11-26T16:08:57+00:00 Make internal header file names consistent 2022-11-26T16:08:57+00:00 tb 2022-11-26T16:08:57+00:00 urn:sha1:81d98bf600a381a625eb11b39a725b08c0ba547f Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special. Adjust all .c files in libcrypto, libssl and regress. The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually. discussed with jsing, no objection bcook Simplify computation of max_pub_key = dh->p - 1. 2022-07-13T18:38:20+00:00 tb 2022-07-13T18:38:20+00:00 urn:sha1:c5df41ab4c6221a6afbdce624a917ed470179c2e ok jsing Remove mkerr.pl remnants from LibreSSL 2022-07-12T14:42:50+00:00 kn 2022-07-12T14:42:50+00:00 urn:sha1:89e42d5857196a8071fbafb5565388d0e20ec32b This script is not used at all and files are edited by hand instead. Thus remove misleading comments incl. the obsolete script/config. Feedback OK jsing tb Expose new API in headers. 2022-07-07T13:01:28+00:00 tb 2022-07-07T13:01:28+00:00 urn:sha1:7986c6c16406e5ad9f53a49107428df9f9fd70c1 These are mostly security-level related, but there are also ASN1_TIME and ASN_INTEGER functions here, as well as some missing accessors. ok jsing Prepare to provide EVP_PKEY_security_bits() 2022-06-27T12:36:06+00:00 tb 2022-06-27T12:36:06+00:00 urn:sha1:3a9b1012fb6b57946e4cf3ee7b795a4bdcb905cc This also provides a pkey_security_bits member to the PKEY ASN.1 methods and a corresponding setter EVP_PKEY_asn1_set_security_bits(). ok beck jsing Prepare to provide DH_security_bits() 2022-06-27T12:31:38+00:00 tb 2022-06-27T12:31:38+00:00 urn:sha1:e9bc35a6d120c0aa1f30feafb92222df91771dbd ok beck jsing Add check for BIO_indent return value 2022-01-20T11:00:34+00:00 inoguchi 2022-01-20T11:00:34+00:00 urn:sha1:aa385c25ced0d9d497e76952f1c22ff02913b0d8 CID 24812 ok jsing@ millert@ tb@ Make structs in dh.h opaque 2022-01-14T08:25:44+00:00 tb 2022-01-14T08:25:44+00:00 urn:sha1:b750ed61cefe91940dce870088adff3ad6857d34 This moves the struct internals for DH and DH_METHOD to dh_local.h. ok inoguchi jsing Unifdef LIBRESSL_OPAQUE_* and LIBRESSL_NEXT_API 2022-01-14T07:49:49+00:00 tb 2022-01-14T07:49:49+00:00 urn:sha1:82ec18edf4e632f36b6f79c239fdb6961d421a82 This marks the start of major surgery in libcrypto. Do not attempt to build the tree for a while (~50 commits). Prepare to provide EVP_PKEY_{public,param}_check 2022-01-10T12:10:26+00:00 tb 2022-01-10T12:10:26+00:00 urn:sha1:875eb616f98cd0720501dc97ee72ed96343b0b33 This implements checking of a public key and of key generation parameters for DH and EC keys. With the same logic and setters and const quirks as for EVP_PKEY_check(). There are a couple of quirks: For DH no default EVP_PKEY_check() is implemented, instead EVP_PKEY_param_check() calls DH_check_ex() even though DH_param_check_ex() was added for this purpose. EVP_PKEY_public_check() for EC curves also checks the private key if present. ok inoguchi jsing