| Commit message (Collapse) | Author | Files | Lines |
|---|
|
Rather than having public API switch between C and assembly, always
use C functions as entry points, which then call an assembly
implementation (if available). This makes it significantly easier
to deal with symbol aliasing/namespaces and it also means we
benefit from vulnerability prevention provided by the C compiler.
Rename the assembly generated functions from RC4() to rc4_internal()
and RC4_set_key() to rc4_set_key_internal(). Always include rc4.c
and change it to use defines that are similar to those used in BN.
ok beck@ joshua@ tb@
|
|
|
|
The function call can't actually fail, but all other calls check its
return value.
ok joshua jsing
|
|
Now that all platforms use a C des implementation, move it to the primary
Makefile.
|
|
|
|
This one was hiding behind an m4 script.
Build tested by tb@
|
|
|
|
This is the only architecture that has an assembly implementation for these
algorithms. There is little to gain from accelerating legacy algorithms on
a legacy architecture.
Discussed with beck@ and tb@
|
|
Discussed with tb@
|
|
|
|
So we initially kept this hack around for f5 boxes that
should have been patched in 2014, and were not as of 2017.
The f5 article for the bug archived on their web site,
and any of these devices on the public internet will have
since been upgraded to deal with a host of record layer, TLS,
and other bugs, or they likely won't be talking to modern
stacks, since as of this point the software with the bug
would not have been updated in 10 years.
So just make this spec compliant and reject a supported groups
extension that should not have been sent by a server.
ok tb@ jsing@
|
|
ok tb@
|
|
Ensure that the client can not provide a duplicate key share
for any group, or send more key shares than groups they support.
Ensure that the key shares must be provided in the same order
as the client preference order specified in supported_groups.
Ensure we only will choose to use a key share that is for the
most preferred group by the client that we also support,
to avoid the client being downgraded by sending a less preferred
key share. If we do not end up with a key share for the most preferred
mutually supported group, will then do a hello retry request
selecting that group.
Add regress for this to regress/tlsext/tlsexttest.c
ok jsing@
|
|
This is already disabled since it is "about 35% slower than C code".
|
|
|
|
Discussed with tb@
|
|
The stitched modes have been removed, so having assembly for them is of
little use.
|
|
Discussed with tb@
|
|
This does not exist in libcrypto.
|
|
This removes the unused Intel special version of BF_ENC().
ok tb@
|
|
|
|
Requested by tb@
|
|
Replace GETU32 with crypto_load_be32toh() and PUTU32 with
crypto_store_htobe32(). Make the offset handling cleaner at the
same time.
ok beck@ joshua@ tb@
|
|
|
|
Now that all architectures are using bf_enc.c, it does not make sense to
have it in every Makefile.inc file.
|
|
This is the only architecture that has an assembly implementation. There is
little to gain from accelerating a legacy algorithm on a legacy
architecture.
ok beck@ tb@
|
|
While we are here refactor this to single return.
ok jsing@ tb@
|
|
There are currently three ways in which AES is implemented - all in
assembly (amd64 et al), all in C (aarch64 et al) and, half in C and
half in assembly (hppa and sparc64). The last of these cases currently
makes use of a near duplicate AES_set_{encrypt,decrypt}_key()
implementation that avoids using the AES tables.
Remove the near duplicate version and if only a half assembly version is
implemented, use the same C version of AES_set_{encrypt,decrypt}_key() as
everyone else. This adds around 8KB of rodata to libcrypto on these two
platforms.
Discussed with beck and tb.
|
|
with jsing
|
|
This is an initial pass, defining the error code and using it for
"too long"/length-related errors.
ok beck jsing
|
|
|
|
ok tb@
|
|
ok jsing
|
|
|
|
|
|
ok tb@
|
|
EVP_DigestSignFinal
Additionally, this cleans up some more surrounding code.
This is a fixed version of r1.21.
ok tb
|
|
Use static inline functions instead of macros. Also number rounds as per
the RFC.
ok joshua@ tb@
|
|
ok jsing
|
|
ok tb jsing
|
|
|
|
EVP_DigestSignFinal
Additionally, this cleans up some more surrounding code.
ok tB
|
|
This unifies variable names and does some other cleanup. Only change in
generated assembly is line number changes.
|
|
No need for a variety of r, d, ...
|
|
No need for an inconsistently named local variable and a ternary operator.
ok jsing
|
|
No change in generated assembly
|
|
No change in generated assembly
|
|
|
|
|
|
|
