summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Convert tls_bio_cb for opaque BIOtb2022-01-101-19/+46
| | | | joint with jsing
* Document EVP_AEAD_CTX_{new,free}() and adjust example code.tb2022-01-101-6/+45
| | | | looks good to jsing
* Unbreak tree. Sorry about that.tb2022-01-101-7/+7
|
* NULL out pointers after transferring them to the DSA object.tb2022-01-101-1/+9
|
* Dedup get_dsa*() code.tb2022-01-101-91/+60
| | | | Pointed out by jsing
* Convert testdsa to accessors for opaque DSAtb2022-01-101-30/+90
| | | | ok inoguchi jsing
* Remove a few unused defines from x509.htb2022-01-101-6/+1
| | | | | | | | As suggested by schwarze, this removes X509_EX_V_{INIT,NETSCAPE_HACK} and X509_EXT_PACK_{STRING,UNKNOWN} ok inoguchi jsing
* Prepare to provide the EVP_MD_meth_* APItb2022-01-102-2/+130
| | | | | | | | | This allows implementations to add their own EVP_MD_METHODs. Only the setters are provided. This is used by erlang for the otp_test_engine. ok inoguchi jsing
* Document openssl pkey -check,-pubcheck and param -checktb2022-01-101-2/+12
|
* Implement openssl pkey -{,pub}check and pkeyparam -checktb2022-01-104-10/+79
| | | | | | | These expose EVP_PKEY_{,public_,param_}check() to the command line. They are currently noops and will be enabled in the upcoming bump. ok inoguchi jsing
* Prepare to provide EVP_PKEY_{public,param}_checktb2022-01-108-8/+146
| | | | | | | | | | | | | | This implements checking of a public key and of key generation parameters for DH and EC keys. With the same logic and setters and const quirks as for EVP_PKEY_check(). There are a couple of quirks: For DH no default EVP_PKEY_check() is implemented, instead EVP_PKEY_param_check() calls DH_check_ex() even though DH_param_check_ex() was added for this purpose. EVP_PKEY_public_check() for EC curves also checks the private key if present. ok inoguchi jsing
* Provide DH_check*_ex and many error codestb2022-01-104-4/+102
| | | | | | | | | | | | | | | | | | | | | DH_check{,_pub_key}_ex() wrap their non-ex versions to translate the flags argument of the original functions into OpenSSL errors. For this almost a dozen new error codes need to be added. DH_params_check{,_ex}() is a new version of DH_check that only performs a cheap subset of the checks. They are needed to implement EVP_PKEY_{public,param}_check() (observe the consistent naming) although the actual implementation of EVP_PKEY_param_check() chose to use DH_check_ex(). As far as I can tell, the only raison d'ĂȘtre of the _ex functions and error codes is to spew them to stderr in a couple of openssl(1) commands. This couldn't have been solved differently... These functions will not be exposed publicly. ok inoguchi jsing
* Prepare to provide EVP_PKEY_check()tb2022-01-108-12/+89
| | | | | | | | | | | | | | | | | | This allows checking the validity of an EVP_PKEY. Only RSA and EC keys are supported. If a check function is set the EVP_PKEY_METHOD, it will be used, otherwise the check function on the EVP_PKEY_ASN1_METHOD is used. The default ASN.1 methods wrap RSA_check_key() and EC_KEY_check_key(), respectively. The corresponding setters are EVP_PKEY_{asn1,meth}_set_check(). It is unclear why the PKEY method has no const while the ASN.1 method has const. Requested by tobhe and used by PHP 8.1. Based on OpenSSL commit 2aee35d3 ok inoguchi jsing
* Prevent a double free in EVP_MD_CTX_copy_ex()tb2022-01-101-1/+3
| | | | | | | | NULL out two pointer values after memcpy() to avoid a double free. In the event that both in->pctx and in->md_data are non-NULL and the calloc() of out->md_data fails, a double free could occur. ok inoguchi jsing
* zap trailing whitespacetb2022-01-101-5/+5
|
* Check that the RSA exponent is neither even nor 1 in RSA_check_key()tb2022-01-101-1/+10
| | | | | | Part of OpenSSL commit 464d59a5 ok inoguchi jsing
* Use C99 initializers for test_sha_mdtb2022-01-091-13/+12
| | | | ok inoguchi jsing
* Add an essentially empty comp_local.h and include it where it willtb2022-01-095-4/+22
| | | | | | be needed. discussed with jsing
* ssl_check_srvr_ecc_cert_and_alg() only returns 0/1 - test accordingly.jsing2022-01-091-3/+3
|
* Swap arguments to ssl_check_srvr_ecc_cert_and_alg()jsing2022-01-093-9/+9
| | | | | If a libssl function takes an SSL *, it should normally be the first argument.
* Clean up ssl3_{send,get}_client_kex_gost()jsing2022-01-092-41/+46
| | | | | | | | Fix leaks, use sizeof() instead of hardcoded sizes, actually check return codes, explicit_bzero() the premaster secret on the server side and generally try to kick the GOST kex code into some sort of shape. ok inoguchi@ tb@
* Return 0/1 from ssl3_{send,get}_client_kex_gost()jsing2022-01-092-7/+7
| | | | | | | Like other KEX handling functions, there is no need to return anything other than failure/success here. ok inoguchi@ tb@
* Remove a comment from Captain Obvious.jsing2022-01-091-4/+2
|
* Fix GOST skip certificate verify handling.jsing2022-01-091-19/+11
| | | | | | | | | | | GOST skip certificate verify handling got broken in r1.132 of s3_srvr.c circa 2016. Prior to this, ssl3_get_client_key_exchange() returned an 'extra special' value to indicate that the state machine should skip certificate verify. Fix this by setting and checking the TLS1_FLAGS_SKIP_CERT_VERIFY flag, which is the same as is done in the client. ok inoguchi@ tb@
* Prepare to provide EVP_MD_CTX{,_set}_pkey_ctx()tb2022-01-094-5/+55
| | | | | | | | | | | | | This API with very strange ownership handling is used by Ruby 3.1, unfortunately. For unclear reasons, it was decided that the caller retains ownership of the pctx passed in. EVP_PKEY_CTX aren't refcounted, so a flag was added to make sure that md_ctx->pctx is not freed in EVP_MD_CTX_{cleanup,reset}(). Since EVP_MD_CTX_copy_ex() duplicates the md_ctx->pctx, the flag also needs to be unset on the duplicated EVP_MD_CTX. ok inoguchi jsing
* Clean up pkey handling in ssl3_get_server_key_exchange()jsing2022-01-091-42/+22
| | | | | | | | | | With TLSv1.2 and earlier, the authentication algorithm used to sign the ServerKeyExchange message is dependent on the cipher suite in use and has nothing to do with the key exchange algorithm. As such, check the authentication algorithm based on the cipher suite in ssl3_get_server_key_exchange() and handle things accordingly. ok inoguchi@ tb@
* Increase the max size of allocations, in prep for a large cache implementation.otto2022-01-091-3/+3
|
* Prepare to provide OBJ_length() and OBJ_get0_data()tb2022-01-082-2/+28
| | | | | | | | OBJ_length() turns the int obj->length into a size_t, so add an overflow check. While obj->length should never be negative, who knows... ok jsing
* tiny whitespace tweaktb2022-01-081-2/+2
|
* Merge SESS_CERT into SSL_SESSION.jsing2022-01-088-171/+76
| | | | | | | There is no reason for SESS_CERT to exist - remove it and merge its members into SSL_SESSION for the time being. More clean up to follow. ok inoguchi@ tb@
* Remove commented out CERT_* defines.jsing2022-01-081-7/+1
|
* Rename CERT to SSL_CERT and CERT_PKEY to SSL_CERT_PKEY.jsing2022-01-0810-101/+101
| | | | | | | Nearly all structs in libssl start with an SSL_ suffix, rename CERT and CERT_PKEY for consistency. ok inoguchi@ tb@
* x509_cpols.c will need to include x509_lcl.h soontb2022-01-081-1/+2
|
* Indicate current default cipherinoguchi2022-01-081-3/+3
|
* Add some workarounds to make build_addr_block_test_data const.tb2022-01-071-17/+26
|
* Prepare to provide EVP_AEAD_CTX_{new,free}()tb2022-01-072-3/+29
| | | | ok jsing
* Revert previous accidental committb2022-01-071-2/+2
|
* Rename dh_tmp to dhe_params.jsing2022-01-075-33/+39
| | | | | | | | Support for non-ephemeral DH was removed a long time ago - as such, the dh_tmp and dh_tmp_cb are used for DHE parameters. Rename them to reflect reality. ok inoguchi@ tb@
* Stop attempting to duplicate the public and private key of dh_tmp.jsing2022-01-071-17/+1
| | | | | | | | Support for non-ephemeral DH was removed a very long time ago - the only way that dh_tmp is set is via DHparams_dup(), hence the public and private keys are always going to be NULL. ok inoguchi@ tb@
* Convert legacy server to tls_key_share.jsing2022-01-076-233/+115
| | | | | | | | | | | This requires a few more additions to the DHE key share code - we need to be able to either set the DHE parameters or specify the number of key bits for use with auto DHE parameters. Additionally, we need to be able to serialise the DHE parameters to send to the client. This removes the infamous 'tmp' struct from ssl3_state_internal_st. ok inoguchi@ tb@
* A few more files need asn1_locl.h.tb2022-01-073-3/+8
|
* include asn1_locl.h where it will be needed for the bump.tb2022-01-077-7/+19
| | | | discussed with jsing
* Prepare to make RSA and RSA_METHOD opaque by including rsa_locl.htb2022-01-079-9/+19
| | | | | | where it will be needed in the upcoming bump. discussed with jsing
* Add an essentially empty ocsp_local.h and include it in the filestb2022-01-0710-9/+95
| | | | | | that will need it in the upcoming bump. discussed with jsing
* gost needs to look into ecs_locl.htb2022-01-072-2/+4
|
* Prepare the move of DSA_SIG, DSA_METHOD and DSA to dsa_locl.h bytb2022-01-0710-10/+25
| | | | | | including the local header where it will be needed. discussed with jsing
* Add an essentially empty dh_local.h and include it in the files wheretb2022-01-0710-9/+88
| | | | | | it will be needed in the upcoming bump. discussed with jsing
* zap trailing whitespacetb2022-01-071-9/+9
|
* Let dtlstest peek into bio_local.htb2022-01-072-2/+4
|
* Add a new, mostly empty, bio_local.h and include it in the filestb2022-01-0723-22/+128
| | | | | | that will need it in the upcoming bump. discussed with jsing
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-02 02:23:18 +0000