summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/aes (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Use memmove() instead of memcpy() to get rid of the need fortb2018-11-071-3/+3
| | | | | | | | | non-overlapping *in and *out buffers as we're already implementing the "in place (un)wrapping" algorithms as given in RFC 3394. This removes a gratuitous API difference to OpenSSLin these undocumented functions. Found while working on wycheproof regress tests. ok beck jsing
* RFC 3394 section 2 states that we need at least two 64 bit blockstb2018-10-201-6/+6
| | | | | | | | | | | | | | for wrapping and, accordingly, three 64 bit blocks for unwrapping. That is: we need at least 16 bytes for wrapping and 24 bytes for unwrapping. This also matches the lower bounds that OpenSSL have in their CRYPTO_128_{un,}wrap() functions. In fact, if we pass an input with 'inlen < 8' to AES_unwrap_key(), this results in a segfault since then inlen -= 8 underflows. Found while playing with the Wycheproof keywrap test vectors. ok bcook
* KNF: move two opening curly braces of function bodies to their own linestb2018-04-031-2/+3
|
* On OpenBSD/armv7 we deliberately trap unaligned access. Unfortunatelykettenis2018-01-071-7/+7
| | | | | | | | the assembly code in libcrypto assumes unaligned access is allowed for ARMv7. Make these paths conditional on __STRICT_ALIGNMENT not being defined and define __STRICT_ALIGNMENT in arm_arch.h for OpenBSD. ok tom@
* http://repzret.org/p/repzret/deraadt2017-12-111-5/+5
| | | | | | | | | | My read of this: Long time ago (Think Conan, not dinasaurs) during the race to make speedier processors, a cpu vendor built a pipeline with a bad stall, and proposed a tremendously hasky workaround. A wizard adopted this into his perl scroll, and failed to reflect later when no compiler adopted the practice. This relic remains at the tail end of some functions in OpenSSL as ".byte 0xf3,0xc3". Banish it straight to hell. ok mlarkin, others also stared blankly
* Explicitly export a list of symbols from libcrypto.jsing2016-12-211-1/+5
| | | | | | | | | | | | | | | | Move the "internal" BN functions from bn.h to bn_lcl.h and stop exporting the bn_* symbols. These are documented as only being intended for internal use, so why they were placed in a public header is beyond me... This hides 363 previously exported symbols, most of which exist in headers that are not installed and were never intended to be public. This also removes a few crusty old things that should have died long ago (like _ossl_old_des_read_pw). But don't worry... there are still 3451 symbols exported from the library. With input and testing from inoguchi@. ok beck@ inoguchi@
* Replace all uses of magic numbers when operating on OPENSSL_ia32_P[] bymiod2016-11-043-10/+13
| | | | | | | | | | | | | | | meaningful constants in a private header file, so that reviewers can actually get a chance to figure out what the code is attempting to do without knowing all cpuid bits. While there, turn it from an array of two 32-bit ints into a properly aligned 64-bit int. Use of OPENSSL_ia32_P is now restricted to the assembler parts. C code will now always use OPENSSL_cpu_caps() and check for the proper bits in the whole 64-bit word it returns. i386 tests and ok jsing@
* Less S390.jsing2016-09-041-2237/+0
| | | | ok deraadt@
* Less IA64.jsing2016-09-041-1123/+0
| | | | ok deraadt@
* Cast Td4[] values (which are uint8_t) to uint32_t before shifting them left bymiod2015-11-051-5/+5
| | | | | | | | | 24 bits; if we don't, Td4[] gets cast to signed int, and according to C>=99 6.5.7, signed int shifted by enough bits to cause a the sign bit to be set is an UB. Reported by Pascal Cuoq on behalf of the trust-in-soft.com mafia I am {partial,slightly related} to.
* Correct spelling of OPENSSL_cleanse.jsing2015-09-101-2/+2
| | | | ok miod@
* Remove the logic responsible for outputting most AES-NI instructions asmiod2015-07-192-46/+0
| | | | | | | | | raw byte sequences. The toolchains have had some time to update and assemble the instructions correctly (except for p{ins,ext}rd which are not supported yet by as(1) under OpenBSD, but will be fixed shortly). Inspired by a discussion between tedu@ and John-Mark Gurney. Verified to still work on Mac OS X and average Linux distros by bcook@
* Replace `.byte 0x48,0x83,0xEC,0x08' with `sub \$8,%rsp' which is exactly themiod2015-07-191-2/+2
| | | | same four bytes, unobfuscated.
* extenstion -> extensionmiod2015-07-171-1/+1
|
* Remove assert() or OPENSSL_assert() of pointers being non-NULL. The policymiod2015-02-104-17/+5
| | | | | for libraries in OpenBSD is to deliberately let NULL pointers cause a SIGSEGV. ok doug@ jsing@
* Make sure to load absolute symbol address with `dla' instead of `la' whenmiod2014-12-071-4/+10
| | | | generating code for 64-bit mips userland.
* Remove OPENSSL_FIPSCANISTER mentions.miod2014-12-071-4/+0
|
* deregister; no binary changejsg2014-10-281-2/+2
| | | | ok jsing@ miod@
* Only import cryptlib.h in the four source files that actually need it.jsing2014-07-112-5/+4
| | | | | | | | Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes. ok beck@ miod@
* Stop including standard headers via cryptlib.h - pull in the headers thatjsing2014-07-101-1/+3
| | | | | | are needed in the source files that actually require them. ok beck@ miod@
* remove unused, private version strings except SSL_version_strbcook2014-07-091-3/+1
| | | | | | Also remove unused des_ver.h, which exports some of these strings, but is not installed. ok miod@ tedu@
* Kill more FIPS tentacles by removing the private_AES_set_{enc,dec}rypt_key()miod2014-07-098-84/+60
| | | | | | | | internal interfaces, and promoting them to being the public AES_set_{enc,dec}rypt_key() interfaces. In non-FIPS mode, these public interfaces were directly calling the private ones. ok guenther@ jsing@
* tags as requested by miod and teduderaadt2014-06-1212-12/+12
|
* c-file-style hints, begone; ok beckderaadt2014-06-1111-11/+11
|
* Move the AES wrap test code into regress.jsing2014-05-301-129/+0
|
* Almost nothing actually needs to include <openssl/e_os2.h>, however byjsing2014-05-241-1/+1
| | | | | | | including it they get <openssl/opensslconf.h>. So instead of pulling in <openssl/e_os2.h>, just pull in <openssl/opensslconf.h>. "go ahead" miod@
* if (x) free(x) -> free(x); semantic patch generated with coccinelle, carefullymiod2014-05-221-4/+2
| | | | eyeballed before applying. Contributed by Cyril Roelandt on tech@
* Remove AES_bi_ige_encrypt() from libcrypto. This routine is supposed to usemiod2014-05-122-116/+0
| | | | | | | | | | | | | two keys and four IVs to do much magic, is specified as such with test vectors, but the implementation actually always uses the first key, and the test vectors were computed with it, so they are wrong. Fixing the code to match the intended specification would break interoperability with existing code (assuming such code would exist), so it is better to remove this interface, which is obviously too complex for mere mortals if even its author can not implement it correctly. Riding on the libcrypto major bump.
* Do not output SOM-specific directives.miod2014-05-011-0/+6
|
* Remove WIN32, WIN64 and MINGW32 tentacles.miod2014-04-281-4/+1
| | | | | | | | Also check for _LP64 rather than __arch64__ (the former being more reliable than __LP64__ or __arch64__) to tell 64-bit int platforms apart from 32-bit int platforms. Loosely based upon a diff from Martijn van Duren on tech@
* unifdef -UAES_LONG for we do not intend to run on platforms where int is smallermiod2014-04-222-8/+0
| | | | than 32 bits.
* When compiling with AES_WRAP_TEST, make main() return a meaningful valuemiod2014-04-221-1/+15
| | | | | instead of garbage, and add this to the libcrypto regress. Note these tests are incomplete, as they always use the default IV.
* Get rid of MS Visual C compiler and Intel C compiler specific defines.miod2014-04-172-11/+3
|
* some KNF cleanup following the scriptderaadt2014-04-171-2/+3
|
* Change library to use intrinsic memory allocation functions instead ofbeck2014-04-171-4/+4
| | | | | | | | OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
* we don't use these files for buildingtedu2014-04-151-120/+0
|
* remove FIPS mode support. people who require FIPS can buy something thattedu2014-04-151-6/+0
| | | | | meets their needs, but dumping it in here only penalizes the rest of us. ok beck deraadt
* First pass at applying KNF to the OpenSSL code, which almost makes itjsing2014-04-1511-1970/+1994
| | | | | readable. This pass is whitespace only and can readily be verified using tr and md5.
* remove auto-generated dependencies from the old unused build system, soderaadt2014-04-141-33/+0
| | | | | that it is easier to find code pieces. They are getting in the way. ok miod
* Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.miod2014-04-132-2/+4
|
* This commit was generated by cvs2git to track changes on a CVS vendormiod2014-04-136-76/+126
|\ | | | | branch.
| * Import OpenSSL 1.0.1gmiod2014-04-138-78/+130
| |
* | On amd64 OPENSSL_cpuid_setup and OPENSSL_ia32cap_P are now hidden so we don'tkettenis2012-10-311-1/+1
| | | | | | | | | | | | | | | | | | | | have to go through the PLT/GOT to get at them anymore. In fact going through the GOT now fails since we no longer have a GOT entry for OPENSSL_ia32cap_P. Fixes the problem spotted by jasper@ and sthen@. Based on a diff from mikeb@ who did most of the actual work of tracking down the issue. ok millert@, mikeb@
* | resolve conflictsdjm2012-10-136-232/+2343
| |
* | This commit was generated by cvs2git to track changes on a CVS vendordjm2012-10-131-4/+25
|\ \ | | | | | | branch.
| * | import OpenSSL-1.0.1cdjm2012-10-131-4/+25
| | |
* | | This commit was generated by cvs2git to track changes on a CVS vendordjm2012-10-1311-252/+12671
|\ \ \ | | |/ | |/| branch.
| * | import OpenSSL-1.0.1cdjm2012-10-1317-484/+15014
| | |
* | | This commit was generated by cvs2git to track changes on a CVS vendordjm2011-11-032-205/+204
|\| | | | | | | | branch.
| * | import OpenSSL 1.0.0edjm2011-11-032-205/+204
| | |
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-19 22:16:04 +0000