summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/dsa/dsa_ameth.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Add consts to EVP_PKEY_asn1_set_private()tb2018-08-241-2/+2
| | | | | | | | | Requires adding a const to the priv_decode() member of EVP_PKEY_ASN1_METHOD and adjusting all *_priv_decode() functions. All this is already documented this way. tested in a bulk build by sthen ok jsing
* After removing support for broken PKCS#8 formats (it was high time),tb2018-08-241-2/+2
| | | | | | | | we can add const to PKCS8_pkey_get0(). In order for this to work, we need to sprinkle a few consts here and there. tested in a bulk by sthen ok jsing
* Convert a handful of X509_*() functions to take const as in OpenSSL.tb2018-05-011-5/+5
| | | | | tested in a bulk by sthen ok jsing
* Send the function codes from the error functions to the bit bucket,beck2017-01-291-23/+23
| | | | | | as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
* Split out BN_div and BN_mod into ct and nonct versions for Internal use.beck2017-01-211-2/+2
| | | | ok jsing@
* Make explicit _ct and _nonct versions of bn_mod_exp funcitons thatbeck2017-01-211-3/+3
| | | | | | | | | | | | matter for constant time, and make the public interface only used external to the library. This moves us to a model where the important things are constant time versions unless you ask for them not to be, rather than the opposite. I'll continue with this method by method. Add regress tests for same. ok jsing@
* unifdef OPENSSL_NO_CMSjsing2016-10-191-24/+1
|
* Remove support for ancient, broken DSA implementations.doug2016-03-011-60/+20
| | | | | | | | | | | | | | | Based on a few OpenSSL commits: Remove ancient DSA workarounds commit ab4a81f69ec88d06c9d8de15326b9296d7f498ed Remove workaround for broken DSA implementations using negative integers commit dfb10af92e9663ce4eefaa1d6b678817fa85344d Typo in error name (EVP_R_DECODE_ERROR -> DSA_R_DECODE_ERROR) commit f6fb7f1856d443185c23f1a5968c08b4269dd37d ok beck@
* When loading a DSA key from an raw (without DH parameters) ASN.1 serialization,miod2015-09-101-2/+48
| | | | | | | | | | | | | perform some consistency checks on its `p' and `q' values, and return an error if the checks failed. Thanks for Georgi Guninski (guninski at guninski dot com) for mentioning the possibility of a weak (non prime) q value and providing a test case. See https://cpunks.org/pipermail/cypherpunks/2015-September/009007.html for a longer discussion. ok bcook@ beck@
* Coverity CID 21733 (unchecked allocation), 78823 (leak on error).miod2015-02-141-1/+6
| | | | ok doug@ jsing@
* Guenther has plans for OPENSSL_NO_CMS, so revert this for the moment.beck2015-02-111-1/+24
|
* get rid of OPENSSL_NO_CMS code we do not use.beck2015-02-111-24/+1
| | | | ok miod@
* dsa_priv_decode(): only destroy the object we've created, and with themiod2014-07-131-3/+5
| | | | | | appropriate function. Checking for privkey != NULL is not enough since privkey points to a member of ndsa if ndsa != NULL. dsa_priv_encode(): possible double free in error path.
* if (x) FOO_free(x) -> FOO_free(x).miod2014-07-121-11/+7
| | | | | | | Improves readability, keeps the code smaller so that it is warmer in your cache. review & ok deraadt@
* Only import cryptlib.h in the four source files that actually need it.jsing2014-07-111-4/+6
| | | | | | | | Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes. ok beck@ miod@
* Explicitly include <openssl/opensslconf.h> in every file that referencesjsing2014-07-101-1/+4
| | | | | | | | | an OPENSSL_NO_* define. This avoids relying on something else pulling it in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is never going to do anything, since OPENSSL_NO_XYZ will never defined, due to the fact that opensslconf.h has not been included. This also includes some miscellaneous sorting/tidying of headers.
* ASN1_STRING_free can handle NULL, so callers don't need to check. ok miodtedu2014-07-091-7/+4
|
* KNFmiod2014-07-091-235/+224
|
* tags as requested by miod and teduderaadt2014-06-121-0/+1
|
* malloc() result does not need a cast.deraadt2014-06-071-1/+1
| | | | ok miod
* more: no need to null check before free; ok guentherderaadt2014-05-301-1/+1
|
* more: no need for null check before freederaadt2014-05-301-2/+1
| | | | ok tedu guenther
* if (x) free(x) -> free(x); semantic patch generated with coccinelle, carefullymiod2014-05-221-4/+2
| | | | eyeballed before applying. Contributed by Cyril Roelandt on tech@
* Use C99 initializers for the various FOO_METHOD structs. More readable, andmiod2014-04-271-57/+53
| | | | | | | | | | | | | | | | | | | | | | | | | | | | avoid unreadable/unmaintainable constructs like that: const EVP_PKEY_ASN1_METHOD cmac_asn1_meth = { EVP_PKEY_CMAC, EVP_PKEY_CMAC, 0, "CMAC", "OpenSSL CMAC method", 0,0,0,0, 0,0,0, cmac_size, 0, 0,0,0,0,0,0,0, cmac_key_free, 0, 0,0 }; ok matthew@ deraadt@
* Change library to use intrinsic memory allocation functions instead ofbeck2014-04-171-6/+6
| | | | | | | | OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
* import OpenSSL-1.0.1cdjm2012-10-131-0/+47
|
* import OpenSSL-1.0.0adjm2010-10-011-0/+657
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 09:52:59 +0000