openbsd/src/lib/libcrypto/ec, branch OPENBSD_6_4

openbsd/src/lib/libcrypto/ec, branch OPENBSD_6_4_BASE A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=OPENBSD_6_4_BASE 2018-09-01T16:23:15+00:00 Tweak comment. 2018-09-01T16:23:15+00:00 tb 2018-09-01T16:23:15+00:00 urn:sha1:b3296b4388f9f4111ae0266a475304f5c5b2c6e5 Add consts to EVP_PKEY_asn1_set_private() 2018-08-24T20:22:15+00:00 tb 2018-08-24T20:22:15+00:00 urn:sha1:b9a3c83c03543369636a655128b69d56eb619b83 Requires adding a const to the priv_decode() member of EVP_PKEY_ASN1_METHOD and adjusting all *_priv_decode() functions. All this is already documented this way. tested in a bulk build by sthen ok jsing After removing support for broken PKCS#8 formats (it was high time), 2018-08-24T20:17:33+00:00 tb 2018-08-24T20:17:33+00:00 urn:sha1:4cdbdc5207fa48804d8ed3a7929a97ae5f9f466d we can add const to PKCS8_pkey_get0(). In order for this to work, we need to sprinkle a few consts here and there. tested in a bulk by sthen ok jsing Use BN_swap_ct() instead of BN_consttime_swap() in 2018-07-23T18:24:22+00:00 tb 2018-07-23T18:24:22+00:00 urn:sha1:e6611a883efd7a024a8b6866fc8dd4ca468b9667 ec_GF2m_montgomery_point_multiply(). The new BN_swap_ct() API is an improved version of the public BN_consttime_swap() function: it allows error checking, doesn't assert(), and has fewer assumptions on the input. This diff eliminates the last use of BN_consttime_swap() in our tree. ok inoguchi, jsing Recommit Billy Brumley's ECC constant time patch with a fix for sparc64 2018-07-16T17:32:39+00:00 tb 2018-07-16T17:32:39+00:00 urn:sha1:6660b13e9adcfa5e38779a7026a3a21bcb065c2d from Nicola Tuveri (who spotted the omission of ecp_nist.c from the PR). discussed with jsing tested by jsg recommit label indentation part of the backout; clearly unrelated to the 2018-07-15T16:27:39+00:00 tb 2018-07-15T16:27:39+00:00 urn:sha1:e2da96a71555180892d2e924d66c06a17b7a86e5 breakage. back out ecc constant time changes 2018-07-15T05:38:48+00:00 jsg 2018-07-15T05:38:48+00:00 urn:sha1:ccbfd1fe05749d4f08db7f45fe5db1fac8d14d6b after the constant time commits various regress tests started failing on sparc64 ssh t9, libcrypto ec ecdh ecdsa and trying to ssh out resulted in 'invalid elliptic curve value' ok tb@ Indent labels by a space so they don't obliterate function names in diffs. 2018-07-10T22:06:14+00:00 tb 2018-07-10T22:06:14+00:00 urn:sha1:a7fe13b565d141da544ee36178a90bb52f4939d1 ECC constant time scalar multiplication support. First step in overhauling 2018-07-10T21:55:49+00:00 tb 2018-07-10T21:55:49+00:00 urn:sha1:b62b7e947c1bd8c9c63ae48ad7c4bb7943fe2269 the EC module. From Billy Brumley and his team, via https://github.com/libressl-portable/openbsd/pull/94 With tweaks from jsing and me. ok jsing Add a const qualifier to the 'key' argument of i2o_ECPublicKey() and 2018-05-19T10:37:02+00:00 tb 2018-05-19T10:37:02+00:00 urn:sha1:ebcd9413cf5a196f715422cc604ef2765ab8ecc2 one to the last argument of each one of i2s_ASN1_OCTET_STRING(), s2i_ASN1_OCTET_STRING(), i2s_ASN1_INTEGER(), i2s_ASN1_ENUMERATED(), and i2s_ASN1_ENUMERATED_TABLE(). tested in a bulk build by sthen ok jsing