| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a bit of a strange one. When this function was moved and renamed,
somehow checks for NULL pointers and 0 length were lost. Whether that was
due to great review missing it or great review suggesting it, is unclear.
Now the function can actually legitimately be called with a length of 0
(as ASN.1 OCTET STRINGS can have length 0) and "" is the appropriate
representation for that, so the fix is to allocate a 0 octet. That much
was correct. What was completely missed is that a long can be negative
which will then still lead to an out-of-bounds access. So fix that as
well.
Finally, don't malloc 3 * len + 1 without overflow checking. Rather
use calloc's internal checks. The + 1 isn't really needed anyway.
All this is still really gross and can be done much more cleanly and
safely with CBB/CBS. This will done later once we have better regress
coverage.
ok jsing
|
| | |
|
| |
|
|
| |
compat nonsense
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
If no field separator is specified, default to using the comma plus space
separation, unless the compat flag is set.
Fixes an a bug with printing issuers and other things that contain UTF-8
Reported by Jean-Luc Duprat
The very simple fix ix is a joint effort by Henson and Levitte
Fixes libressl/portable issue #845
ok jsing
|
| |
|
|
|
|
|
|
|
| |
Pull a number of invariants into variables, which avoids repeated loading
from memory on architectures where sufficient registers are available.
Also keep track of the per-iteration carry in a variable, rather than
unnecessarily reading from and writing to memory.
This gives a reasonable performance gain on some architectures (e.g. armv7)
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
If you can initialize with functions, you can also initialize with
constants...
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Fix botched Xr and be more precise about errors by being less precise.
Add a BUGS section.
|
| |
|
|
|
|
|
|
| |
These are in actual use, so their meaning should be documented.
The remaining commented codes are unused outside of x509_txt.c
except for X509_V_ERR_INVALID_NON_CA which looks used at first
glance, but it is actually in an unreachable path of the legacy
verifier.
|
| |
|
|
|
|
|
|
|
|
| |
The documentation of the BN_MOD_CTX has been out of sync with reality
for decades. The structure is now opaque, so its members should not be
documented this way. They internals aren't important for the rest of
the page.
BN_MOD_CTX_init() will soon be removed. It's useless unless you like
leaks.
|
| |
|
|
| |
ok otto@
|
| | |
|
| |
|
|
|
|
|
| |
The CRL extension handler is completely misplaced in x509_enum.c.
Move it to x509_bitst.c until we find a better home for it. This
way it is next to the other two extension methods that have the
extra usr_data contortion.
|
| |
|
|
|
| |
These functions probably belong into asn1/ but they definitely don't
belong into separate files.
|
| | |
|
| |
|
|
|
|
| |
This is a public alias for the also public BIT_STRING_BITNAME. The
ENUMERATED_NAMES type is used exactly twice, namely on two lines in this
file. This is silly.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
While it may have been reasonable to use VisibleString back when this
code was written, it's an anachronism nowadays. In particular, configuring
BoringSSL reports that they have seen malformed certificates with exactly
the issue caused by this unfortuante default.
Reported by Alex Gaynor in OpenSSL issue 20772
ok jsing
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These functions convert strings to internal objects and vice versa.
This is a best effort, probably with a lot of room for improvement,
which can happen in tree if anyone cares. It's better than nothing.
Nothing in turn would be significantly better than the utter garbage
a related project has managed to land as part of their efforts towards
significant documentation improvements in a recent major relase.
This leaves a dangling reference to the misnamed X509V3_METHOD_get_nid(3)
which I may or may not fill in the future.
I am unsure about the HISTORY section's precision, but that's what I got
from cvs history. All these functions are about a quarter century old
(and it shows), so I don't think it matters very much.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A few years back beck introduced REGRESS_SKIP_SLOW dances with the idea
that this should speed up the interop tests for us devs because this also
checked interop between opensslX and opensslY, which we don't particularly
care about. This never really worked. On a mac m1 mini the result is this:
REGRESS_SKIP_SLOW unset
9m56.69s real 3m42.24s user 3m00.70s system
REGRESS_SKIP_SLOW=yes
11m04.61s real 7m29.61s user 1m40.29s system
The problem is that REGRESS_SKIP_SLOW simply wasn't designed to handle
the huge number of tests we have here. There are many nested .for loops
resulting in several thousand tests. Each test has a name of length ~80.
REGRESS_SKIP_SLOW concatenates them into a several hundred kilobytes
long string in REGRESS_SKIP_TARGETS, iterates over all regress targets and
tests with ".if ${REGRESS_SKIP_TARGETS:M${RT}}" if it should skip them.
This means that during a regress run, make spends a lot of time linearly
scanning a huge string.
I ran into this when I added OpenSSL 3.0 tests to the already existing
1.0.2 and 1.1 tests with the result that with REGRESS_SLOW_TARGTS set
it took the better part of an hour while without it it took about 15 min.
The hack here is simply to avoid using REGRESS_SLOW_TARGTES here and
handle the situation differently.
patch, REGRESS_SKIP_SLOW=yes
5m42.32s real 2m09.98s user 1m45.21s system
The real solution would be to fix this in bsd.regress.mk, which someone
who understands make well is very welcome to do. For now, I'm happy with
this.
Debugged with jsing a few months ago
|
| | |
|
| |
|
|
| |
ok tb@
|
| |
|
|
| |
ok tb@
|
| | |
|
| |
|
|
| |
No functional change.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This removes a bunch of incomplete and scary code, which potentially leaks
secrets and is not constant time. A performance gain is achieved on arm64
for sizes that we care about, while a minimal decrease in performance is
noted for larger sizes on some other platforms.
While we will potentially reimplement Karatsuba (or Toom-Cook) at a later
date, it will be easier and safer to do it from a clean slate.
ok tb@
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
The code was deleted a while back, the prototypes remained. We had
OPENSSL_NO_EC_NISTP_64_GCC_128 in opensslfeatures.h since forever.
discussed with jsing
|
| | |
|
| |
|
|
| |
Requested by jsing
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Some headers were included conditionally on OPENSSL_NO_DEPRECATED in hopes
that eventually the mess of everything includes everything will magically
resolve itself. Of course everyone would end up building openssl with
OPENSSL_NO_DEPRECATED over time... Right.
Surprisingly, the ecosystem has come to rely on these implicit inclusions,
so about two dozen ports would fail to build because of this. Patching this
would be easy but really not worth the effort.
ok jsing
|
| |
|
|
|
| |
This places a point at infinity and then fails. Fix some wacky indentation
in the vicinity.
|
| |
|
|
| |
Maybe it should be replaced by another test, although P-256 seems enough.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
This only requires very minor changes and simplifies testing quite a bit.
Some of the changes can be undone after the next bump.
|
