openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Age	Files	Lines
*	Make BN_num_bits_word() constant time.	tb	2019-06-17	1	-48/+18
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Previously, this function would leak the most significant word of its argument due to branching and memory access pattern. This patch is enough to fix the use of BN_num_bits() on RSA prime factors in the library. The diff is a simplified and more readable (but perhaps less efficient) version of https://github.com/openssl/openssl/commit/972c87df by Andy Polyakov and David Benjamin (pre license change). Consult that commit message for details. Subsequent fixes to follow in the near future. Issue pointed out by David Schrammel and Samuel Weiser as part of a larger report. tests & ok inoguchi, ok jsing
*	Add range checks to varios ASN1_INTEGER functions to ensure the	beck	2019-03-23	1	-1/+3
\| \| \| \| \| \|	sizes used remain a positive integer. Should address issue 13799 from oss-fuzz ok tb@ jsing@
*	Use a size_t instead of an int for the byte count in BN_swap_ct().	tb	2018-07-23	1	-6/+9
\| \| \| \| \| \| \| \|	Since bignums use ints for the same purpose, this still uses an int internally after an overflow check. Suggested by and discussed with jsing. ok inoguchi, jsing
*	Eliminate the weird condition in the BN_swap_ct() API that at most one bit	tb	2018-07-13	1	-3/+3
\| \| \| \| \| \| \| \|	be set in condition. This makes the constant time bit-twiddling a bit trickier, but it's not too bad. Thanks to halex for an extensive rubber ducking session over a non-spicy spicy tabouleh falafel.. ok jsing, kn
*	Sync comment	kn	2018-07-11	1	-3/+5
\| \| \| \| \| \|	Makes it a tad easier to read through and compare with BN_swap_ct(). OK tb
*	Turn yesterday's optimistic ! in an XXX comment into a more cautious ?	tb	2018-07-11	1	-2/+2
\|
*	Provide BN_swap_ct(), a constant time function that conditionally swaps	tb	2018-07-10	1	-1/+49
\| \| \| \| \| \| \| \| \| \|	two bignums. It's saner and substantially less ugly than the existing public BN_constantime_swap() function and will be used in forthcoming work on constant time ECC code. From Billy Brumley and his team. Thanks! ok jsing
*	Use explicit_bzero() rather than memset() when clearing a BIGNUM.	jsing	2018-05-12	1	-2/+2
\| \| \| \|	ok bcook@ tb@
*	Provide BN_GENCB_new(), BN_GENCB_free() and BN_GENCB_get_arg()	jsing	2018-02-20	1	-1/+26
\|
*	use freezero() instead of memset/explicit_bzero + free. Substantially	deraadt	2017-05-02	1	-9/+5
\| \| \| \| \| \| \| \| \| \|	reduces conditional logic (-218, +82). MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH cache alignment calculation bn/bn_exp.c wasn'tt quite right. Two other tricky bits with ASN1_STRING_FLAG_NDEF and BN_FLG_STATIC_DATA where the condition cannot be collapsed completely. Passes regress. ok beck
*	Send the function codes from the error functions to the bit bucket,	beck	2017-01-29	1	-6/+5
\| \| \| \| \| \|	as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
*	'accomodate' -> 'accommodate' in comments.	krw	2016-03-15	1	-2/+2
\| \| \| \|	Started by diff from Mical Mazurek.
*	graduate bn_expand() to a real function. the openssl version of this	deraadt	2016-03-04	1	-1/+13
\| \| \| \| \| \| \|	uses a macro with multiple-evaluations of arguments (different amount than the previous version..), but doug/bcook's inline version makes BIGNUM not opaque [problem spotted by naddy] ok doug
*	Correct spelling of OPENSSL_cleanse.	jsing	2015-09-10	1	-4/+4
\| \| \| \|	ok miod@
*	if (x) FOO_free(x) -> FOO_free(x).	miod	2014-07-12	1	-3/+2
\| \| \| \| \| \| \|	Improves readability, keeps the code smaller so that it is warmer in your cache. review & ok deraadt@
*	Only import cryptlib.h in the four source files that actually need it.	jsing	2014-07-11	1	-2/+3
\| \| \| \| \| \| \| \|	Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes. ok beck@ miod@
*	Explicitly include <openssl/opensslconf.h> in every file that references	jsing	2014-07-10	1	-1/+3
\| \| \| \| \| \| \| \| \|	an OPENSSL_NO_* define. This avoids relying on something else pulling it in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is never going to do anything, since OPENSSL_NO_XYZ will never defined, due to the fact that opensslconf.h has not been included. This also includes some miscellaneous sorting/tidying of headers.
*	Stop including standard headers via cryptlib.h - pull in the headers that	jsing	2014-07-10	1	-1/+3
\| \| \| \| \| \|	are needed in the source files that actually require them. ok beck@ miod@
*	remove unused, private version strings except SSL_version_str	bcook	2014-07-09	1	-3/+1
\| \| \| \| \| \|	Also remove unused des_ver.h, which exports some of these strings, but is not installed. ok miod@ tedu@
*	tags as requested by miod and tedu	deraadt	2014-06-12	1	-1/+1
\|
*	ok, next pass after review: when possible, put the reallocarray arguments	deraadt	2014-05-29	1	-1/+1
\| \| \| \|	in the "size_t nmemb, size_t size"
*	convert 53 malloc(a*b) to reallocarray(NULL, a, b). that is 53	deraadt	2014-05-29	1	-2/+2
\| \| \| \| \| \| \| \| \|	potential integer overflows easily changed into an allocation return of NULL, with errno nicely set if need be. checks for an allocations returning NULL are commonplace, or if the object is dereferenced (quite normal) will result in a nice fault which can be detected & repaired properly. ok tedu
*	Emergency knfectomie requested by tedu@.	jsing	2014-05-08	1	-449/+493
\|
*	with the first bug it uncovered fixed, clear all bignums again.	tedu	2014-05-07	1	-17/+9
\| \| \| \|	i've never worked on codebase so resistant to efforts to improve it.
*	in BN_clear_free, don't cleanse the data if the static data flag is set.	tedu	2014-05-07	1	-3/+2
\| \| \| \| \| \| \| \|	much debugging work done by otto. ok miod otto. side note: BN_FLG_STATIC_DATA doesn't actually mean the data is static. it's also used to indicate the data may be secretly shared behind your back as a sort of poor man's refcounting, but without the refcounting.
*	revert, thanks sthen	tedu	2014-05-07	1	-9/+17
\|
*	inspired by a cloudflare diff, cleanse old memory when expanding a bignum.	tedu	2014-05-05	1	-17/+9
\| \| \| \| \| \|	however, instead of trying to audit all the places where a secret bignum is used, apply the big hammer and clear all bignums when freed. ok deraadt miod
*	Try to clean the maze of <openssl/bn.h> defines regarding the BN internals.	miod	2014-04-24	1	-28/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	The intent of this change is to only keep support for two kind of architectures: - those with 32-bit int and long, and 64-bit long long, where ``long * long -> long long'' multiplication routines are available. - those with 64-bit int and long, and no 128-bit long long type. This gets rid of the SIXTY_FOUR_BIT_LONG, SIXTY_FOUR_BIT (not the same!), THIRTY_TWO_BIT, SIXTEEN_BIT and EIGHT_BIT defines. After this change, the types and defines are as follows: arch: 64bit 32bit rationale BN_LLONG undefined defined defined if l * l -> ll BN_ULLONG undefined u long long result of BN_LONG * BN_LONG BN_ULONG u long u int native register size BN_LONG long int the same, signed BN_BITS 128 64 size of 2BN_ULONG in bits BN_BYTES 8 4 size of 2BN_ULONG in bytes BN_BITS2 64 32 BN_BITS / 2 Tested on various 32-bit and 64-bit OpenBSD systems of various endianness.
*	I'm glad to know that Ultrix CC has a bug optimizing switch() statements	miod	2014-04-23	1	-5/+0
\| \| \| \| \|	lacking an explicit `case 0:' construct. But Ultrix has been dead for more than 15 years, really. Don't give it any reason to move out of its coffin.
*	Change library to use intrinsic memory allocation functions instead of	beck	2014-04-17	1	-8/+8
\| \| \| \| \| \| \| \|	OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
*	Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.	miod	2014-04-13	1	-0/+52
\|
*	resolve conflicts	djm	2012-10-13	1	-19/+0
\|
*	resolve conflicts, fix local changes	djm	2010-10-01	1	-5/+24
\|
*	resolve conflicts	djm	2009-01-09	1	-19/+0
\|
*	resolve conflicts	djm	2008-09-06	1	-102/+123
\|
*	merge 0.9.7d	markus	2004-04-08	1	-4/+4
\|
*	Revert BN_cmp() change. Its arguments are const. Spotted by miod@.	otto	2003-09-29	1	-3/+0
\| \| \| \|	ok deraadt@
*	Add extra calls to bn_fix_top() in BN_cmp(), since some functions may	otto	2003-09-25	1	-0/+3
\| \| \| \| \| \|	leave an invalid BN. ok markus@ deraadt@
*	merge 0.9.7b with local changes; crank majors for libssl/libcrypto	markus	2003-05-12	1	-2/+2
\|
*	Trivial sprintf() -> snprintf() changes. ok deraadt@	ho	2003-04-05	1	-2/+2
\|
*	merge openssl-0.9.7-beta3, tested on vax by miod@	markus	2002-09-10	1	-0/+6
\|
*	OpenSSL 0.9.7 stable 2002 05 08 merge	beck	2002-05-15	1	-140/+196
\|
*	openssl-engine-0.9.6a merge	beck	2001-06-22	1	-0/+7
\|
*	openssl-engine-0.9.6 merge	beck	2000-12-15	1	-21/+21
\|
*	OpenSSL 0.9.5 merge	beck	2000-03-19	1	-46/+14
\| \| \| \| \| \|	warning this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
*	OpenSSL 0.9.4 merge	beck	1999-09-29	1	-158/+334
\|
*	Import of SSLeay-0.9.0b with RSA and IDEA stubbed + OpenBSD build	ryker	1998-10-05	1	-0/+611
	functionality for shared libs. Note that routines such as sslv2_init and friends that use RSA will not work due to lack of RSA in this library. Needs documentation and help from ports for easy upgrade to full functionality where legally possible.