summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/buffer/buffer.c (unfollow)
Commit message (Collapse)AuthorFilesLines
2024-12-28stack: inline internal_find() in sk_find()tb1-10/+4
internal_find() was a generalization needed for sk_find_ex(), which was removed a while ago. ok jsing
2024-12-28Document X509V3_ADD_OP_MASK and clarify the description of the flags argument.schwarze1-5/+31
While here, also add a (c) line for tb@ because he added Copyright-worthy amounts of text to this page during the last two years.
2024-12-28Document X509_supported_extension(3).schwarze1-6/+28
The sentence about X509_EXTENSION_get_critical(3) in the DESCRIPTION contained broken grammar or at least broken punctuation, and more importantly, redundant and misplaced information. While he, shorten it.
2024-12-28Document X509V3_EXT_print_fp(3).schwarze1-28/+67
Sort the list of decoding functions alphabetically by extension type. List the printing functions that are already documented.
2024-12-27new manual page a2i_ipadd(3) written from scratchschwarze6-11/+157
2024-12-27parse test file: add helper to skip to end of linetb1-8/+12
2024-12-27OpenSSL 1.1 is dead. Make this optionally use 3.3 instead.tb1-4/+4
2024-12-26Plug a bunch of leaks in the PKCS 12 codetb1-8/+24
The competition whether the code or the standard it implements is worse is still ongoing, and still has two strong competitors... ok jsing
2024-12-26Error check sk_push() in crl2p7tb1-23/+21
also remove a few NULL checks before free and drop a cryptic comment about not needing to free x - hard to free what's not there... ok jsing
2024-12-26Fix the unittest with Emscriptentb1-5/+26
Split main into two helper functions since having a few ML-KEM key blobs on the stack makes Emscripten's stack explode, leading to inscrutable silent failures unles ASAN is enabled. Go figure.
2024-12-26mlkem iteration test: drop extraneous typedeftb1-4/+1
2024-12-26mlkem tests: whitespace tweak and fix an error messagetb1-5/+7
2024-12-26fat fingerstb1-2/+2
2024-12-26Overhaul ML-KEM regress once moretb20-2571/+2110
Implement a file parser that drives a state machine to extract the test data from the .txt files and manages the parsed data. Comments and empty lines are ignored. The code currently assumes that instruction lines are at the start of the file (which isn't generally true) and only supports two line types for now. This is good enough for all the ML-KEM tests but should be easy enough to extend. Once all data for a test case is parsed in the expected order, a test handler is called which can retrieve the test data via a simple API and throw warnings and errors with information on the test case line number, etc. Merge the tests into three programs: one parsing the .txt files and running the corresponding test cases, a unit test and the iteration tests. Deduplicate the actual test code and let the caller pass in an object containing the API functions, private keys and arrays that need to be different between the 768 version and the 1024 version. This way we don't have two sets of half a dozen .c files differing only in 3 or 4 occurrences of 768 and 1024. All this will also make it a lot easier to hook these tests into portable.
2024-12-24Remove disabled code supporting elliptic curves of small ordertb1-1014/+1
ok jsing
2024-12-24Remove already disabled tests for elliptic curves of small ordertb3-880/+3
2024-12-24Tweak doc comment of _X509_CHECK_FLAG_DOT_SUBDOMAINStb1-4/+3
Now that it lives in a .c file, there's no need to point out that it is non-public...
2024-12-24new manual page v2i_ASN1_BIT_STRING(3) written from scratchschwarze6-11/+141
2024-12-24Internal linkage for one constant struct where that was accidentallyschwarze1-2/+2
forgotten in rev. 1.3 on July 13 this year. No library bump and no ABI change because libcrypto.so.55.0 did not export the symbol because it wasn't in Symbols.list. Found in a partial code audit focusing on X509V3_EXT_METHOD objects.
2024-12-23ealier -> earlierjsg1-4/+4
2024-12-23Move _X509_CHECK_FLAG_DOT_SUBDOMAINS to x509_utl.ctb2-9/+9
Unclear why this ever had to be made public since it's only used in a single file. Anyway, nothing uses this, so remove it. This went through a full bulk pointed out by/ok schwarze
2024-12-23Remove the EXT_* table building macrostb1-19/+1
These were used in x509_bitst.c and x509_ia5.c for populating tables that have been expanded a long time ago. Nothing uses them, so remove them. This went through a full bulk pointed out by/ok schwarze
2024-12-23Annotate ENUMERATED_NAMES for potential removaltb1-1/+2
Only security/xca uses it for no good rean. It can use BIT_STRING_BITNAME if it really needs to.
2024-12-23Remove X509V3_EXT_{DYNAMIC,CTX_DEP}tb1-4/+2
LibreSSL has removed support for dynamically allocated custom extension methods. The mysterious CTX_DEP define was part of an experimental code dump and that part of the experimental code was never shown hence never reviewed. This went through a full amd64 bulk noticed by/ok schwarze
2024-12-23Fix the error handling in X509V3_parse_list(3); it ignored failuresschwarze1-6/+9
of the internal subroutine X509V3_add_value(), which could result in silently losing part of the input data on memory exhaustion. I independently rediscovered this bug while writing the documentation, then noticed after fixing it that Zhou Qingyang <zhou1615 at umn dot edu> fixed it in essentially the same way in OpenSSL 3 (commit bcd5645b on Apr 11 02:05:19 2022 +0800), but it wasn't backported to the OpenSSL 1.1.1 branch. OK tb@
2024-12-23new manual page X509V3_parse_list(3) written from scratchschwarze2-1/+102
2024-12-23Tweak previous wording a bit to avoid suggesting all built-in nidstb1-2/+2
correspond to an extension method. ok schwarze
2024-12-23more precision below CAVEATSschwarze1-3/+5
2024-12-23Make the description of i2s_ASN1_ENUMERATED_TABLE(3) more precise,schwarze1-9/+12
fix the name of its last parameter in the SYNOPSIS to match the DESCRIPTION, and let the .Dt argument match the file name.
2024-12-22mark six #define'd constants as intentionally undocumentedschwarze1-2/+7
2024-12-21Add an EXAMPLES section.schwarze1-2/+129
I admit this is unusually long for a manual page. But that's not my fault as a documentation author. An example in a manual page ought to be minimal to show what needs to be demonstrated, and this example is minimal in that sense. Making it shorter without loosing important aspects does not seem possible. When an API is poorly designed, one of the consequences is that that documentation becomes harder to understand and often longer - in this case to the point of becoming outright intimidating. If people dislike that, they should design better APIs in the first place rather than blasting the poor manual page for being too long or too complicated. OK tb@
2024-12-20If EVP_CIPHER_CTX_ctrl(3) is called on EVP_chacha20_poly1305(3)schwarze1-2/+2
with an unsupported control command, return -1 rather than 0 to the caller to indicate the error because in general, these control hooks ought to return -1 for unsupported control commands and 0 for other errors, for example other invalid arguments. Not a big deal because this change does not change when operations succeed or fail, and because callers are unlikely to pass unsupported control commands in the first place. The only functional change is that if a calling program inspects the ERR(3) stack after this failure, it will now find the correct error code rather than nothing. Even that wasn't a huge problem because for most EVP_CIPHER control failures, getting no reason for the error is the usual situation. Then again, giving the reason when easily possible may occasionally be useful. OpenSSL also returns -1 in this case, so it also helps compatibility a tiny bit. Found while auditing the return values of all the EVP_CIPHER control hooks in our tree. This was the only fishy one i found. OK tb@
2024-12-20mlkem regress: garbage collect two global variablestb1-4/+1
2024-12-20hidden mlkem.h: add comment to #endiftb1-2/+2
2024-12-20Annotate yet another greasy stinky tentacle of xcatb1-1/+2
I'm so tired of this.
2024-12-20Move the horrific EVP_aes_128_ccm(3) API out of the important,schwarze4-75/+357
algorithm-independent EVP_EncryptInit(3) manual as another step in making the latter leaner and more palatable. As a side benefit, the new EVP_aes_128_ccm(3) manual page may provide a better fighting chance to programmers who see themselves forced to support CCM for whatever reason. It documents the mandatory, but so far undocumented EVP_CTRL_CCM_GET_TAG control command and makes the description of the three EVP_CTRL_CCM_SET_* control commands and the numerous related quirks more precise.
2024-12-20Fix whitespace in Makefiletb1-22/+22
2024-12-20That works better with a Gtb1-2/+2
2024-12-20cant't -> can'ttb10-20/+20
(the mystery of spotting typos right after commit strikes again)
2024-12-20Rework and fix the mlkem teststb16-997/+1824
Make proper use of CBB and CBS. If a CBS ever owns data, you're holding it wrong. Ditch gross macros, sscanf, and globals. The use of fgets is annoying here, so replace it with getline, which be provided by portable if needed. Most importantly, make the tests actually signal failure rather than only printing an error. Fix the state machines in a few of them. Some tests didn't parse the .txt file at all. Others mostly did but didn't actually test what they were supposed to be testing. Such failures were hidden by the way the tests were written. This basically needed a complete revamp. It still isn't pretty and much of it could be deduplicated, but I only have so much time alotted on this blue planet.
2024-12-19Do not install mlkem.h and bytestring.h into /usr/include/openssl for nowtb1-3/+1
More work in mlkem is needed and this was premature. discussed with beck and jsing
2024-12-19#ifdef out the inclusion of openssl/mlkem.h for nowtb1-3/+4
discussed with beck and jsing
2024-12-19Do not assume mlkem.h and bytestring.h are public in libcryptotb4-14/+8
As long as is not quite clear what we want to do about the public API aspect of MLKEM, keep things internal for now. discussed with beck and jsing
2024-12-19mlkem regress: reach around into bytestring againtb1-1/+2
2024-12-19ec_mult: use 1ULL to avoid C4334 warning on Visual Studiotb1-2/+2
The shift is between 0 and 5 bits, so it doesn't matter, but VS is short for very st...ubborn as are its users when it comes to reporting non-issues
2024-12-19received form the peer -> received from the peerjmc1-3/+3
2024-12-18mlkem: fix whitespacetb2-4/+6
2024-12-18kength -> lengthjsg1-3/+3
2024-12-17New manual page EVP_aes_128_gcm(3).schwarze4-75/+260
The main benefit is moving the cumbersome and error-prone method of using EVP_EncryptInit(3) for AES-GCM out of the important, but obese manual page EVP_EncryptInit(3), and to create a logical place for pointing readers to the safer and more flexible EVP_AEAD_CTX_init(3). As a side benefit, document three control commands that were so far undocumented and make the description of three others more precise. Feedback and OK tb@.
2024-12-17Avoid a reduce once that can cause Clang misoptomization.beck2-22/+54
Some versions of Clang compile this to non-constant time code. The fix is adapted from boring. For full details see: https://boringssl-review.googlesource.com/c/boringssl/+/74447 ok tb@