summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Make the apitest work better with the portable tets frameworktb2023-04-142-13/+12
|
* Make cttest work better with the portable test harnesstb2023-04-142-9/+12
|
* Fix cttest to use public headertb2023-04-142-5/+3
|
* Rename the largely misnamed bn_print.c to bn_convert.cjsing2023-04-142-3/+3
| | | | | | | | This file primarily contains the various BN_bn2*() and BN_*2bn() functions (along with BN_print() and BN_options()). More function shuffling will follow. Discussed with tb@
* Provide and use bn_copy_words() in BN_copy().jsing2023-04-141-31/+15
| | | | | | | | This is simpler than the current code, while still being well optimised by compilers, across a range of architectures. In many cases we even get a performance gain for the BN sizes that we primarily care about. Joint work with tb@
* Add support for truncated SHA512 variants.jsing2023-04-142-2/+115
| | | | | | | This adds support for SHA512/224 and SHA512/256, as specified in FIPS FIPS 180-4. These are truncated versions of the SHA512 hash. ok tb@
* Provide soon to be used crypto_store_htobe32().jsing2023-04-141-1/+20
| | | | ok tb@
* Use memset() and only initialise non-zero struct members.jsing2023-04-141-7/+7
| | | | ok tb@
* Fix double free in error path in openssl(1) x509tb2023-04-141-4/+2
| | | | | | | | A conversion from X509_REQ_get_pubkey() to X509_REQ_get0_pubkey() missed one free of pkey in an unlikely error path. After the conversion pkey is no longer owned by us, so we mustn't free it. ok jsing
* The NBs have been duly noted and ignored. Drop them.tb2023-04-132-20/+2
|
* Zap trailing whitespacetb2023-04-131-9/+9
|
* Remove files that definitely contain no code anymoretb2023-04-135-354/+0
| | | | (experts disagree whether they ever did)
* Drop now useless files from the Makefiletb2023-04-131-6/+1
|
* Fold ECDSA sign and verify mess into ecs_ossl.ctb2023-04-133-63/+68
| | | | discussed with jsing
* Move RSA_generate_key() from rsa_depr.c to rsa_gen.ctb2023-04-132-34/+35
| | | | Discussed with jsing
* Move DSA_generate_parameters() from dsa_depr.c to dsa_gen.ctb2023-04-132-21/+23
| | | | Discussed with jsing
* Move DH_generate_parameters() from dh_depr.c to dh_gen.ctb2023-04-132-20/+21
| | | | discussed with jsing
* Fix compilation on sparc64.mbuhl2023-04-131-2/+3
|
* ec_lib.c: fix a few NULL misspellingstb2023-04-131-6/+6
|
* Fix various early return issues spotted by coveritytb2023-04-131-13/+13
| | | | | | | A large mechanical diff led to sloppy review and gave coverity an opportunity to be right for once. First time in a good many weeks. same diff/ok jsing
* ectest: missing error checkingtb2023-04-131-5/+11
| | | | CID 452228
* remove duplicate linesjsg2023-04-121-3/+2
|
* Remove now unused sha_local.h.jsing2023-04-121-419/+0
|
* Provide and use crypto_ro{l,r}_u{32,64}().jsing2023-04-123-25/+39
| | | | | | | | | | | | | | | Various code in libcrypto needs bitwise rotation - rather than defining different versions across the code base, provide a common set that can be reused. Any sensible compiler optimises these to a single instruction where the architecture supports it, which means we can ditch the inline assembly. On the chance that we need to provide a platform specific versions, this follows the approach used in BN where a MD crypto_arch.h header could be added in the future, which would then provide more specific versions of these functions. ok tb@
* Provide and use crypto_store_htobe64().jsing2023-04-122-23/+43
| | | | | | | | | It is common to need to store data in a specific endianness - rather than handrolling and deduplicating code to do this, provide a crypto_store_htobe64() function that converts from host endian to big endian, before storing the data to a location with unknown alignment. ok tb@
* Handle BN_CTX at the EC API boundary.jsing2023-04-1111-491/+553
| | | | | | | | | | | The EC API allows callers to optionally pass in a BN_CTX, which means that any code needing a BN_CTX has to check if one was provided, allocate one if not, then free it again. Rather than doing this dance throughout the EC code, handle the BN_CTX existance at the EC API boundary. This means that lower level implementation code can simply assume that the BN_CTX is available. ok tb@
* Clean up unused BIGNUM.jsing2023-04-111-4/+1
|
* Document the RETURN VALUES of BIO_method_type(3) and BIO_method_name(3)schwarze2023-04-1114-28/+160
| | | | for the various BIO types.
* Recommit jsing's r1.27 - portable is readytb2023-04-111-23/+4
| | | | | | Use htobe64() instead of testing BYTE_ORDER and then handrolling htobe64(). Thanks to tobhe for providing most of the fix via openiked-portable
* While all the BIO_TYPE_* constants are part of the API, most of theirschwarze2023-04-111-32/+77
| | | | | | | | | | | | | values are only part of the ABI and not of the API, so delete them from the SYNOPSIS: application programmers must not rely on the specific values. Instead of listing the specific values, properly describe the meaning of all these constants. However, the values of BIO_TYPE_NONE and BIO_TYPE_START are hard-coded into the API and application programmers need to be aware of their values, so those remain in the SYNOPSIS.
* Back out r1.27 using htobe64() - apparently some OS don't have it.tb2023-04-111-4/+23
| | | | ok jsing
* Consolidate sha1 into a single file.jsing2023-04-113-91/+23
|
* Simplify handling of big vs little endian.jsing2023-04-111-40/+5
| | | | | | | Rather than sprinkling BYTE_ORDER checks throughout the implementation, always define PULL64 - on big endian platforms it just becomes a no-op. ok tb@
* Use htobe64() instead of testing BYTE_ORDER and then handrolling htobe64().jsing2023-04-111-23/+4
| | | | ok tb@
* Omit sha512_block_data_order() prototype when assembly is not being used.jsing2023-04-111-4/+3
| | | | | | | | | In the case that the pure C implementation of SHA512 is being used, the prototype is unnecessary as the function is declared static and exists in dependency order. Simply omit the prototype rather than using #ifndef to toggle the static prefix. ok tb@
* Remove less than useful implementation notes.jsing2023-04-111-36/+1
| | | | ok tb@
* bn_mod_sqrt: remove no longer necessary complications due to thetb2023-04-111-15/+5
| | | | non-deterministic nature of the old implementation.
* Add a new implementation of BN_mod_sqrt()tb2023-04-113-411/+728
| | | | | | | | | | | | | | | | | | | This is a reimplementation from scratch of the Tonelli-Shanks algorithm based on Henri Cohen "A Course in Computational Algebraic Number Theory", Springer GTM 138, section 1.5.1. It is API compatible with the previous implementation, so no documentation change is required. Contrary to the old implementation, this does not have any infinite loops and has various additional sanity checks to prevent misbehavior in case the input modulus is not a prime. It contains extensive comments and the individual parts of the algorithm are split into digestible chunks instead of having one huge function. One difference of note is that it BN_mod_sqrt() now always returns the smaller of the two possible answers. In other words, while its core is non-deterministic, its answer is not. ok jsing
* Correct benchmark result computation on 32 bit platforms.jsing2023-04-112-4/+4
|
* Some more cleanup in bn_to_stringtb2023-04-101-12/+8
|
* Drop BN_NO_DEPRECATED dance from bn_testtb2023-04-101-7/+1
|
* Provide benchmarks for BN_copy()jsing2023-04-102-1/+184
|
* Fix indentation of structs and unions in x509v3.htb2023-04-101-87/+87
| | | | No change according to diff -w
* Make bn_to_string() statictb2023-04-101-3/+3
| | | | | This function is no longer used directly by regress, so it can now be local to this file.
* bn_to_string no longer needs to be linked staticallytb2023-04-101-2/+1
|
* Rework the bn_to_string() to use public APItb2023-04-101-73/+213
| | | | | | We can use the undocumented functions {i2s,s2i}_ASN1_INTEGER(3) to exercise bn_to_string(). This way we use public API and remove the need of linking statically.
* Move a few functions out of OPENSSL_NO_DEPRECATEDtb2023-04-098-29/+19
| | | | | | | | | | | | | | | | | | | | | | | | Geoff Thorpe added OPENSSL_NO_DEPRECATED nearly two decades ago. The hope was that at some point some functions can be dropped. Most of the functions marked deprecated are actually unused nowadays but unfortunately some of them are still used in the ecosystem. Move them out of OPENSSL_NO_DEPRECATED so we can define it without breaking the consumers in the next bump. ERR_remove_state() is still used by a dozen or so ports. This isn't a big deal since it is just a stupid wrapper for the not quite as deprecated ERR_remove_thread_state(). It's not worth patching these ports. Annoyingly, {DH,DSA}_generate_parameters() and RSA_generate_key() are still used. They "make use" of the old-style BN_GENCB callback, which is therefore more difficult to remove - in case you don't know know: that's the thing responsible for printing pretty '.', '+' and '*' when you generate keys. Most annoyingly, DH_generate_parameters() was added to rust-openssl in 2020 for "advanced DH support". This is very unfortunate since cargo bundles a rust-openssl and updates it only every few years or so. As a consequence we're going to be stuck with this nonsense for a good while. ok beck jsing
* Remove some doubled empty linestb2023-04-091-7/+1
|
* Remove X9.31 support from openssl(1)tb2023-04-092-18/+7
| | | | | | | The X9.31 standard has long been retired and deprecated and libcrypto will drop support for it soon. This prepares userland. ok jsing
* Drop X9.31 support from libtlstb2023-04-092-7/+2
| | | | | | | | | The TLS signer isn't exposed in public API (we should finally fix it...) and it supports X9.31, a standard that has been retired and deprecated for a very long time. libcrypto will stop supporting it soon, this step is needed to prepare userland. ok jsing
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 07:52:30 +0000