| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
| |
This is a hack. The test is in rather poor shape and it is hard to tell
whether it still does what it is supposed to be doing. Hopefully somemone
will rewrite this in a style that doesn't make me squeal on opening this
file...
|
| |
|
|
|
|
|
|
| |
This is uninteresting and rather meaningless except for the implementer.
No need to have several hundred lines of code backing half a dozen symbols
in the public API for this.
ok jsing
|
| |
|
|
|
|
| |
Some people already have way too many simple and not too important diffs in
their inbox. This isn't worth kicking something more important out of the
queue.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Remove their documentation and mark some associated constants as
intentionally undocumented until they will be removed from public
headers.
|
| |
|
|
| |
be added in the upcoming bump.
|
| |
|
|
|
|
|
|
| |
Make the logic and control flow a bit more explicit and use a single
extra variable for computing the discriminant. Call it discriminant,
not tmp, tmp_1 or tmp_2.
ok jsing
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This introduces two "inverses" of the ec_decode_scalar() function that take
a BIGNUM, reduce it modulo p and then encodes it into the curve's field
representation. For setting projective coordinates, we need a specialized
helper that deals with the Z_is_one optimization that is used to optimize
for calculations in standard affine coordinates of the projective plane.
This is used for simplifying EC_POINT_set_Jprojective_coordinates() and
for cleaning up and streamlining EC_GROUP_set_curve().
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
| |
Instead of inlining EC_GROUP_get_curve(), we can simply call it...
ok jsing
|
| |
|
|
|
|
|
|
|
| |
This is a helper that decodes a scalar from field-internal representation
to a representation as a BIGNUM in the interval [0, p). This simplifies
EC_GROUP_get_curve() and EC_POINT_get_Jprojective_coordinates() to a few
obvious lines and prepares cleanup in EC_POINT_get_affine_coordinates().
ok jsing
|
| | |
|
| |
|
|
|
|
|
|
| |
OPENSSL_cpuid_setup() is invoked via OPENSSL_init_crypto(), whihc is
triggered by various entry points to the library. As such, we do not need
to invoke it as a constructor.
ok tb@
|
| | |
|
| | |
|
| |
|
|
| |
ok miod
|
| |
|
|
|
|
|
| |
This API can fail for various reasons, in which case it returns -1, so
you need to check if (EC_POINT_is_on_curve_checks(...) <= 0).
ok miod
|
| |
|
|
| |
If not even the idiot who invented this API gets this right...
|
| |
|
|
|
|
| |
Or in the flag, don't overwrite the already set ones.
ok jsing
|
| |
|
|
|
|
|
|
|
|
| |
OPENSSL_cpuid_setup() used to need to be called from
OPENSSL_add_all_algorithms(), as that was the main entry point. These days
we do on demand initialisation and there are various paths that lead to
OPENSSL_init_crypto() being called, which in turn calls
OPENSSL_cpuid_setup().
ok tb@
|
| |
|
|
|
|
| |
This does not cause an issue currently, however if called differently to
their current usage, it can lead to an input being overwritten and
incorrect results being generated.
|
| | |
|
| |
|
|
| |
reminded by anton
|
| | |
|
| |
|
|
|
|
| |
This is the only consumer of ERR_get_string_table(), which will go away.
ok jsing
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Instead of having two unreadable tables placed in a header generated by a
janky perl script from an ugly text file, use a single table inlined in
the C file. This table is used to translate between signature algorithm
OIDs and pairs of OIDs of a message digest and a cipher. The table has
fewer than fifty entries and isn't used in a hot path. Using binary search
is overkill. Just do two linear searches, one for each translation. None
of the original code remains apart from the API.
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
|
|
|
| |
These functions will be removed in the upcoming bump. Nothing uses them,
so it won't hurt if they become noops. This allows us to garbage collect
the sig_app and sigx_app stacks and make a first step towards simplifying
the OBJ_bsearch_() dances. Also sprinkle some const correctness... because
we can.
intermediate step towards a diff that is ok jsing
|
| |
|
|
|
|
|
|
| |
This is essentially a reimplementation of ASN1_buf_print(). The latter was
only added for these printing purposes and it will be removed again since
nothing uses it. We can then simply remove t_pkey.c in the upcoming bump.
ok jsing
|
| |
|
|
| |
variant of a suggestion by jsing
|
| |
|
|
|
|
|
| |
This does not need tls1.h (upstream used TLSEXT constants we don't have)
nor does it need evp.h. But it does need asn1.h, objects.h for STACK_OF
and NID_*, among other things and it also uses uint64_t and allocates,
so it needs stdint.h and stdlib.h.
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
discussed with jsing
|
| |
|
|
| |
openssl.cnf.5 will need a major overhaul. But that isn't new...
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit adds a few symbols under OPENSSL_NO_ENGINE. They will be used
after the main ENGINE code is disabled in the next bump.
The ecosystem is mostly prepared for dealing with a libcrypto compiled
with OPENSSL_NO_ENGINE. There are a few stragglers like M2Crypto, dovecot
and the latest apr-util release (fixed in their development branch).
To avoid intrusive patching in these ports, we need to keep a bunch of
ENGINE symbols around despite adding OPENSSL_NO_ENGINE. This of course
meant patching some other ports, but that was way easier.
ok jsing
|
| | |
|
| |
|
|
|
| |
These will be made internal and will likely go away. The OBJ_add_sigid.3
manual should probably be renamed; this can be done in a second step.
|
