summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Remove run once code from OPENSSL_cpuid_setup().jsing2024-10-171-5/+1
| | | | | | | OPENSSL_cpuid_setup() is no longer exported and is now only ever run under pthread_once(). ok joshua@ tb@
* libssl: rework cert signature security leveltb2024-10-171-24/+28
| | | | | | | | | | | | | | This switches to using the X509_get_signature_info() API instead of hand rolling a part of it. This is slightly tangly since the security level API is strange. In particular, some failures are passed to the security level callback so that applications can override them. This makes the security level API handle RSA-PSS and EdDSA certificates correctly and the handshake with such can progress a bit further. Of note, we check that the certs are actually suitable for use in TLS per RFC 8446 contrary to what OpenSSL does. ok beck jsing
* EC ASN.1: add reminder that the simple method might also want testingtb2024-10-161-1/+5
|
* Implement Wei25519 to exercise some more elliptic curve codetb2024-10-161-1/+284
| | | | | | | | This provides a non-trivial non-builtin curve that is unlikely to ever become a builtin curve. This exercises the cofactor guessing code and and ensures that things work as far as they can with a custom OID. The main reason for adding it is to have a "real-world" example for an upcoming check that EC parameters represent a builtin curve.
* rust-openssl: set resolver="2" for workspacetb2024-10-151-0/+1
| | | | silences an annoying warning
* Unindent error check in EC_GROUP_set_generator()tb2024-10-151-5/+5
|
* Switch ec_asn1_group2parameters() to get0_{order,cofactor}()tb2024-10-151-11/+14
| | | | | | | | These are more ergonomic, result in more readable code, avoid a copy and we no longer ignore a possible memory allocation error due to API misdesign and bad code. ok jsing
* Provide EC_GROUP_get0_cofactor() for internal usetb2024-10-152-2/+9
| | | | | | While this is public API in OpenSSL, there are no plans to expose it. ok jsing
* Make NULL checks in ec_asn1_group2curve() explicittb2024-10-141-3/+5
|
* Extend ec_asn1_test to check for correct curve coefficient encodingtb2024-10-141-5/+50
|
* Fix field element encoding for elliptic curve coefficientstb2024-10-141-45/+36
| | | | | | | | | | | | SEC 1, section 2.3.5, is explicit that the encoding of an element of the field of definition for an elliptic curve needs to be a zero-padded octet string whose length matches the byte size of the field's degree. So use BN_bn2binpad() to fix this. Factor things into a simple helper to avoid copy-pasting. This gets rid of some of the most grotesque code in this file. ok jsing
* Drop an obvious comment and fix indent for setting the seedtb2024-10-141-4/+3
| | | | | | Also remove a pointless cast. ok jsing
* In ec_asn1_group2curve() rename ok to ret, per usualtb2024-10-141-4/+4
| | | | ok jsing
* byt -> but; ok tb@jsg2024-10-131-3/+3
|
* Exercise the EC parameters code a bit moretb2024-10-121-1/+103
| | | | | | Ensure all builtin curves can be roundtripped through DER as named curves, via explicit parameterization, using uncompressed, compressed and hybrid point formats.
* Remove unnecessary str variable in ssl_stat.ctb2024-10-121-427/+208
| | | | | | | | Drop about 1/4 of the lines in here by avoiding the use of a variable. For some reason the API in this file made me go listen to Pow R. Toc H. All of a sudden the lyrics made sense. I should probably be worried. ok beck jsing
* Use a and b for the curve coefficientstb2024-10-111-10/+11
| | | | | | | No idea how anyone would think that tmp_1 and tmp_2 are better suited for this. ok jsing
* Clean up ec_asn1_group2fieldid()tb2024-10-111-32/+28
| | | | | | | | This drops some unnecessary freeing that was turned into a double free reachable via public API in OpenSSL 1.1. Other than that it unindents code and uses better variable names. ok jsing
* Fix a long-standing bug in ec_asn1_group2pkparameters()tb2024-10-111-2/+2
| | | | | | | Only check for the OPENSSL_EC_NAMED_CURVE being set to treat the curve parameters as named curve parameters. ok jsing
* Use defines for the CHOICE variants of ECPKPARAMETERStb2024-10-111-7/+10
| | | | ok jsing
* Remove NULL check in ec_asn1_pkparameters2group()tb2024-10-111-5/+1
| | | | | | The callers already ensure that params != NULL. ok jsing
* Use better variable names in ec_asn1_pkparameters2group()tb2024-10-111-10/+13
| | | | ok jsing
* First cleanup pass over ec_asn1_group2pkparameters()tb2024-10-111-27/+25
| | | | | | | Use better variable names and do things in a slightly more sensible order. This way the code becomes almost self-documenting. ok jsing
* err.c: zap stray spacetb2024-10-111-2/+2
|
* Apply some style(9) and tidy some comments.jsing2024-10-111-62/+73
|
* Remove pointless locking from err_build_SYS_str_reasons().jsing2024-10-111-20/+2
| | | | | | | | err_build_SYS_str_reasons() is only called during initialisation, under pthread_once(). As such, there is no need to grab CRYPTO_LOCK_ERR or check for reentrant calls. ok tb@
* Convert err_clear_data() and err_clear() from macros to functions.jsing2024-10-111-23/+25
| | | | ok tb@
* Remove unused typedef for ERR_FNS.jsing2024-10-111-3/+1
|
* Add err_ prefix to build_SYS_str_reasons().jsing2024-10-111-3/+3
|
* Make ERR_str_{libraries,reasons,functs}[] const.jsing2024-10-111-12/+18
| | | | | | | | Provide err_load_const_strings(), which takes a const ERR_STRING_DATA * and does not perform a library error value fixup. Make ERR_str_*[] tables const. ok tb@
* Add ERR_LIB_SYS to the error values in ERR_str_functs[].jsing2024-10-111-12/+12
| | | | | | | | This is currently added via err_load_strings(), which means ERR_str_functs[] cannot be made const. Adding ERR_LIB_SYS means the fixup becomes unnecessary. ok tb@
* Add error regress coverage for ERR_LIB_SYS.jsing2024-10-111-1/+19
| | | | These are dynamically populated based on strerror() values.
* Remove params argument from ec_asn1_group2parameters()tb2024-10-111-13/+8
| | | | | | | Its only caller passes NULL, so we can simplify the entry point and the exit of this function a bit. ok jsing
* Simplify ec_asn1_group2pkparameters()tb2024-10-111-15/+8
| | | | | | | The parameters argument is always NULL, so we can simplify this helper accordingly. ok jsing
* Spell NULL in a simpler fashiontb2024-10-111-3/+5
| | | | | | | | priv_key->parameters is always NULL at this point, since its corresponding entry in the ASN.1 template has ASN1_TFLG_OPTIONAL set, so there is no point in pretending to pass it to ec_asn1_group2pkparameters(). ok jsing
* Clean up i2d_ECPKParameters()tb2024-10-111-10/+13
| | | | | | | | Use better variable names and turn it into single-exit. This changes the behavior slightly in that an error is pushed onto the stack also for i2d_ECPKPARAMETERS() return values < 0. ok jsing
* Remove unused CONF_imodule struct members and accessorstb2024-10-102-69/+2
| | | | ok beck jsing
* Remove SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHERtb2024-10-091-2/+1
| | | | Nothing uses this and it collides with ALPN
* Add missing alert descriptions (taken from RFC 8446)tb2024-10-091-2/+11
| | | | This is so gross...
* Add missing alerts to SSL_alert_desc_string{,_long}()tb2024-10-091-7/+25
| | | | ok beck
* Add missing alert errors and error stringstb2024-10-092-2/+10
| | | | | | | | For every TLS alert there needs a corresponding error with error code having an offset of SSL_AD_REASON_OFFSET (aka 1000), otherwise the error stack fails to set the reason correctly. ok beck
* Remove the unused field_mod_func from EC_GROUPtb2024-10-031-4/+1
| | | | | | | | This was only used by the NIST method. For all other group methods it's an uninitialized pointer (as EC_GROUP_new() still uses the malloc + set all members to 0 idiom). ok jsing
* Make EC{,PK}PARAMETERS_it statictb2024-10-031-3/+3
| | | | They aren't used outside of this file.
* Fix ASN1_INTEGER_to_BN() misusetb2024-10-031-16/+16
| | | | | | | Same issue/leak as for BN_to_ASN1_INTEGER(). Stop reusing the elliptic curve parameters a and b for order and cofacter. It's confusing. ok jsing
* Switch field_bits to be an inttb2024-10-031-3/+3
| | | | ok jsing
* Fix BN_to_ASN1_INTEGER() misusetb2024-10-031-7/+6
| | | | | | | You can either let this API reuse an existing ASN1_INTEGER or you can let it allocate a new one. If you try to do both at the same time, you'll leak. ok jsing
* Provide OPENSSL_INIT_NO_ATEXIT nooptb2024-10-031-1/+2
| | | | | | | | | | | The brilliant idea of installing a fragile non-idempotent cleanup atexit handler as a library has bitten many people over time. This gets particularly exciting when you can't control who dlopens the lib first (don't we all love Python bindings) or if you are in a threaded context. Fake OpenSSL clones chose not to do this but now get to carry a noop flag since people start opting out of this madness (there's a good old tradition at work here). ok beck joshua jsing millert miod
* X509V3_EXT_get_nid.3: indicate what nid meanstb2024-10-031-3/+3
|
* Reorder functions.jsing2024-10-021-297/+286
| | | | | Reorder functions so that things are somewhat more logical, moving internal functions towards the top (and removing now unnecessary prototypes).
* Remove err_fns and associated machinery.jsing2024-10-021-142/+65
| | | | | | | | | | | | Like all good OpenSSL code, errors was built to be completely extensible. Thankfully, the ERR_{get,set}_implementation() functions were removed in r1.127 of err.c, which means that the extensibility can no longer be used. Take the first of many steps to clean up this code - remove err_fns and associated machinery, calling functions directly. Rename so that we have an 'err_' prefix rather than 'int_' (or nothing). ok joshua@ tb@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-06 12:11:50 +0000