summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Update documentation of CRYPTO_mem_leaks*.tb2018-08-241-6/+12
| | | | ok jsing
* Let CRYPTO_mem_leaks{,_fp,_cb}() return -1.tb2018-08-242-12/+12
| | | | | | | | | These functions are no-ops. Their signature was changed by OpenSSL to allow error checking. This way we return an error and do not indicate the (non-)existence of memory leaks. tested in a bulk by sthen ok jsing
* Simplify session ticket parsing/handling.jsing2018-08-244-69/+46
| | | | | | | | | | | | The original implementation is rather crazy and means that we effectively have two lots of code that parse a ClientHello and two lots of code that parse TLS extensions. Partially simplify this by passing a CBS containing the extension block through to the session handling functions, removing the need to reimplement the ClientHello parsing. While here standarise on naming for session_id and session_id_len. ok inoguchi@ tb@
* Pull up the parsing of a ClientHello.jsing2018-08-241-20/+20
| | | | | | | | | Parse up until the extensions (if any), then proceed with processing, rather than gradually parsing while processing. This makes the code cleaner, requires messages to be valid before processing and makes way for upcoming changes. ok inoguchi@ tb@
* Add my copyright.tb2018-08-241-1/+2
| | | | Discussed with jsing
* Remove DSA from TODO list and add RSA-PSS back.tb2018-08-241-2/+2
|
* Also test DSA with the DER encoded key. Lots of help from jsing, thanks!tb2018-08-241-1/+27
|
* Clean up handshake message start/finish functions.jsing2018-08-246-76/+38
| | | | | | | | Now that all handshake messages are created using CBB, remove the non-CBB ssl3_handshake_msg_start()/ssl3_handshake_msg_finish() functions. Rename the CBB variants by dropping the _cbb suffix. ok bcook@ inoguchi@ tb@
* Run our DSA against wycheproof test vectors.tb2018-08-231-1/+129
|
* Add license header.inoguchi2018-08-231-0/+17
|
* Check reusing SSL/TLS session ticket by regression testinoguchi2018-08-231-8/+38
| | | | | | | | | - Added checking for session ticket reusing with using openssl(1) s_server and s_client command in appstest.sh - Confirm certificate verification status. - Save s_server message to log file. ok tb@ and jsing@
* Use a monotonic clock for the benchmark timeout.cheloha2018-08-221-24/+9
| | | | | | | | While here, we don't need the app_timer_* wrapper function, it only obfuscates things, so delete it. Also while here, totalTime only needs to be assigned once. ok tb@
* Correct session ticket encryption.jsing2018-08-221-4/+11
| | | | | | | | | | The CBB conversion resulted in the ticket encryption being handled incorrectly, resulting in only the last block being used. Fix this and restore the previous behaviour. Issue found by inoguchi@ and sebastia@. ok inoguchi@ and tb@
* fix return valuetb2018-08-211-3/+3
|
* Remove ChaCha20-Poly1305 from the TODO listtb2018-08-211-2/+2
|
* A failure to _seal() should be looked into, so turn this into antb2018-08-211-7/+2
| | | | unconditional failure.
* Factor the calls to EVP_AEAD_CTX_open() and EVP_AEAD_CTX_seal() intotb2018-08-211-48/+76
| | | | | | their own functions to make it easier to handle failures cleanly. Discussed with jsing
* Merge duplicate benchmark() GET/SSL_shutdown blocks into doConnection().cheloha2018-08-211-41/+25
| | | | | | | | | | | | We need to then remove the shadow i from the GET block. While there, move retval's declaration to the beginning of the function. As doConnection() now executes the body of the benchmark's test, rename it to "run_test". Shadow variable spotted by tb@. ok tb@
* typo in argument type, from Mario dot Andres dot Campos at gmail dot comschwarze2018-08-211-3/+3
|
* add two missing \ntb2018-08-201-3/+3
|
* Test EVP_AEAD_CTX_open() at the same time as EVP_AEAD_CTX_seal()tb2018-08-201-5/+23
| | | | Suggested by jsing
* remove two redundant teststb2018-08-201-10/+1
|
* Use sealed instead of out in a couple of places in preparation oftb2018-08-201-12/+13
| | | | testing EVP_AEAD_CTX_open()
* Shuffle the decoding of the hex strings to the top and group all lengthtb2018-08-201-22/+26
| | | | | tests together. Make failure of the length tests non-fatal, as these are failures of test cases, not of the program.
* Run the Wycheproof ChaCha20-Poly1305 test vectors against libcrypto.tb2018-08-201-1/+141
| | | | | | We currently only support nonces of length 12, so skip a few tests. With input from jsing
* Don't leak sktmp in X509_verify_cert().tb2018-08-191-5/+5
| | | | | | CID #118791 ok jsing mestre
* whitespace fixtb2018-08-191-2/+2
|
* Don't leak db on error in RSA_padding_check_PKCS1_OAEP().tb2018-08-191-7/+7
| | | | | | CID #183499. input & ok jsing, ok mestre on first version
* Don't leak a strdup()'ed string on error in do_accept().tb2018-08-191-1/+3
| | | | | | CID #154702. input & ok inoguchi, ok mestre on first version
* Rename and collapse tls12_get_sigandhash_cbb().jsing2018-08-194-39/+28
| | | | | | | | | | Now that all callers of tls12_get_sigandhash() have been converted to CBB, collapse tls12_get_sigandhash() and tls12_get_sigandhash_cbb() into a single function. Rename it to tls12_gethashandsig() to be representative of the actual order of the sigalgs parameters, and perform some other clean up. ok inoguchi@ tb@
* Convert ssl3_send_newsession_ticket() to CBB.jsing2018-08-191-55/+64
| | | | | | This removes a memorable BUF_MEM_grow() and associated comment. ok inoguchi@ tb@
* Plug SSL object leaks in doConnection().cheloha2018-08-181-32/+22
| | | | | | | | | | | | | Move SSL_new/SSL_free up into benchmark() to restrict the responsibility for the SSL object to a single scope. Make doConnection() return an int, openssl-style. Some miscellaneous cleanup, too. Discussed with tb, jsing, and jca. Basic idea from jsing, lots of patch input from tb. ok deraadt on an earlier version ok tb jsing
* Convert ssl3_send_client_verify() to CBB.jsing2018-08-171-43/+50
| | | | ok inoguchi@ tb@
* spelling;jmc2018-08-171-2/+2
|
* Make the wording more concise, use the imperative throughout, stateschwarze2018-08-171-108/+126
| | | | | | | more precisely which options require which other options, add many missing incompatibilities, mention the default for -e, and some macro cleanup. OK jmc@ tb@
* Add regress coverage for CBB_add_u32().jsing2018-08-161-3/+4
|
* Provide CBB_add_u32(), as needed for an upcoming conversion.jsing2018-08-162-2/+17
| | | | ok tb@
* Simplify the add signature code/logic in ssl3_send_server_key_exchange().jsing2018-08-161-13/+8
| | | | ok tb@
* Convert ssl3_send_server_key_exchange() to CBB.jsing2018-08-163-47/+71
| | | | ok inoguchi@ tb@
* Convert ssl3_get_server_key_exchange() to CBS.jsing2018-08-161-69/+55
| | | | ok inoguchi@ tb@
* Revert previous, which was wrong as noted by schwarze. Also revert a hunktb2018-08-161-4/+7
| | | | | | from r1.45 and thereby avoid a use-after-free spotted by schwarze. ok schwarze
* Remove unused variable.rob2018-08-161-5/+3
| | | | From Nan at chinadtrace dot org. Thanks!
* Add a comment that explains what the check is doing and why len >= 1.tb2018-08-141-1/+2
| | | | Prompted by a remark by jsing
* The UI_add_{input,verify}_string() functions want a length not includingtb2018-08-141-5/+8
| | | | | | | | | | | | | | the terminating NUL. EVP_read_pw_string_min() got this wrong, leading to a one-byte buffer overrun in all callers of EVP_read_pw_string(). Found by mestre running 'openssl passwd' with MALLOC_OPTIONS including C. Fix this by doing some basic sanity checking in EVP_read_pw_string_min(). Cap the len argument at BUFSIZ and ensure that min < len as well as 0 <= min and 1 <= len. The last two checks are important as these numbers may end up in reallocarray(). ok bcook (on previous version), jsing, mestre
* Remove now unused variable, that got left behind from a previous change.jsing2018-08-141-3/+1
|
* Actually check the return values for EVP_Sign* and EVP_Verify*.jsing2018-08-142-15/+23
| | | | ok bcook@ beck@ tb@
* Don't fail by default in the -new case; ok tb jcacheloha2018-08-141-19/+12
|
* Refactor the nearly identical benchmark loops into a single loop.cheloha2018-08-111-139/+108
| | | | | | | | | | Move all of the benchmark code -- loop initialization, the loops, and the report printing -- into a new function, benchmark(). Eliminates lots of duplicate code. Regressions to 1.20 caught by tb@ and inoguchi@. Tweaked by tb@. ok tb@, jsing@
* Simplify server key exchange signature verification.jsing2018-08-101-49/+18
| | | | | | Everything can go through the EVP_Verify* code path. ok inoguchi@ tb@
* Simplify server kex exchange signature generation.jsing2018-08-101-61/+33
| | | | | | Everything can go through the single EVP_Sign* code path. ok inoguchi@ tb@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-26 00:12:11 +0000