| Commit message (Collapse) | Author | Files | Lines |
|---|
|
The determination of the test group type and the JSON unmarshalling can be
done before the closure without performance impact. This is more readable
and eliminates the need of a temporary variable again.
Suggested by jsing
|
|
This factors another ugly switch into a helper function. This should
probably become a map eventually, but for now keep things straightforward.
|
|
This allows us to use a simpler way of running the individual test groups
and gets rid of an ugly mostly copy-pasted switch inside a closure.
|
|
These used the wycheproofTestGroupAead type but an upcoming change requires
to change this. Introduce the aliases now to make the next diff cleaner.
|
|
Due to Go's idiosyncratic semantics of for loops, tests would only run
some of the test groups in the JSON file because by the time the closure
is called, the array index could be changed. For example, on fast 8 core
machines, the CMAC tests would run the last test group with key size 320
eight times rather than each of the eight test groups once.
Make a copy of the pointer before passing it to the closure to avoid this
issue.
Simpler version of my initial fix from jsing
|
|
|
|
not real problems)
|
|
|
|
ok jsing
|
|
X509_ALGOR_set0() is annoyingly unergonomic since it takes an ASN1_OBJECT
rather than a nid. This means that almost all callers call OBJ_obj2nid()
and they often do this inline without error checking so that the resulting
X509_ALGOR object is corrupted and may lead to incorrect encodings.
Provide an internal alternative X509_ALGOR_set0_by_nid() that takes a nid
instead of an ASN1_OBJECT and performs proper error checking. This will be
used to convert callers of X509_ALGOR_set0() in the library.
ok jsing
|
|
|
|
ok jsing
|
|
ok jsing
|
|
ok jsing
|
|
ok jsing
|
|
|
|
little sense here since there are multiple possible errnos that could
be returned. On OpenBSD this returns EISDIR and not EBUSY.
OK mbuhl@ millert@
|
|
the directory and so checking against getgid() makes no sense.
OK mbuhl@ millert@
|
|
closed.
OK mbuhl@ millert@
|
|
Until OpenSSL 3.1 has replaced OpenSSL 3.0 on most architectures, run
both tests. Installed packages of OpenSSL 3.0 will update automatically
to 3.1, so regress runners should not need to do anything.
|
|
Otherwise, the prototypes for timespec_get() and aligned_alloc()
are not visible. OK guenther@
|
|
If the topmost cert is invalid, this should result in a validation failure.
Do the same dance as elsewhere permitting the verify callback to intercept
the error but ensuring that we throw an error.
ok jsing
|
|
on why this occasionally fails.
|
|
|
|
|
|
|
|
Once we remove X509_ALGOR_set_md() we can link this test statically and use
X509_ALGOR_set_evp_md() but for now make sure the documented workaround for
this garbage API works.
|
|
This streamlines the code to use safer idioms, do proper error checking
and be slightly less convoluted. Sprinkle a few references to RFC 8017
and explain better what we are doing and why. Clarify ownership and use
more consistent style.
This removes the last internal use of X509_ALGOR_set_md().
ok jsing
|
|
OpenSSL has the 20 in the long and short names, so add aliases to the
existing names to make things work. In particular, EVP_get_cipherbyname()
will now return EVP_chacha20() for both 'ChaCha20' and 'chacha20'.
Found by Facundo Tuesca when trying to add LibreSSL support for ChaCha20 in
https://github.com/pyca/cryptography/pull/9209
ok jsing
|
|
|
|
|
|
the 0x0 call sites for leak reports. Also display more info on
detected write of free chunks: print the info about where the chunk
was allocated, and for the preceding chunk as well.
ok asou@
|
|
|
|
OK tb@
|
|
This matches what other pages use. Also rewrite the definition of the
modular inverse to be less ugly.
|
|
|
|
If they ever had any meaning, that's long been lost.
Requested by jsing
|
|
|
|
This is basically the same fix as the one applied in BN_mod_exp_simple().
|
|
Reported and reminded by Guido Vranken in OpenSSL issue #21110
ok jsing
|
|
These are expected failures for BN_mod_exp_simple() and the internal
BN_mod_exp_recp(), which will be fixed shortly.
|
|
server has terminated before examining the outcome.
|
|
This function was the unfortunate protagonist in a series of tragic merge
errors resulting in only a short stint of a year and nine months between
OpenSSL 0.9.8j and 1.0.0a actually present in OpenBSD. Then it said good
bye for good, but somehow a prototype came back with 1.0.1g, a famous
version released when there were slightly more pressing things to be
taken care of than a function supporting a config knob whose only purpose
was to turn off fips mode or to error.
from schwarze
PS: The mechanism that it was supposed to provide is still documented in
openssl.cnf(5). I am going remove the relevant bit at some point, but not
today.
|
|
Contrary to X509_ALGOR_set_md() this allows for error checking. Avoid
local complications by freeing in the exit path and use a const version
of X509_ALGOR for walking a STACK_OF() to avoid a bad free.
Clean up includes
ok jsing
|
|
Our internal version allows for error checking and this avoids a silent
failure leading to corruption later on.
Clean up includes while there.
ok jsing
|
|
|
|
The old description was vague, but strictly speaking a lie, so make it
more precise and turn the lie into a truth.
|
|
|
|
|
|
Fix includes and zap an empty line.
ok jsing
|
