summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/ec (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Tweak comment.tb2018-09-011-5/+2
|
* Add consts to EVP_PKEY_asn1_set_private()tb2018-08-241-2/+2
| | | | | | | | | Requires adding a const to the priv_decode() member of EVP_PKEY_ASN1_METHOD and adjusting all *_priv_decode() functions. All this is already documented this way. tested in a bulk build by sthen ok jsing
* After removing support for broken PKCS#8 formats (it was high time),tb2018-08-241-2/+2
| | | | | | | | we can add const to PKCS8_pkey_get0(). In order for this to work, we need to sprinkle a few consts here and there. tested in a bulk by sthen ok jsing
* Use BN_swap_ct() instead of BN_consttime_swap() intb2018-07-231-5/+10
| | | | | | | | | ec_GF2m_montgomery_point_multiply(). The new BN_swap_ct() API is an improved version of the public BN_consttime_swap() function: it allows error checking, doesn't assert(), and has fewer assumptions on the input. This diff eliminates the last use of BN_consttime_swap() in our tree. ok inoguchi, jsing
* Recommit Billy Brumley's ECC constant time patch with a fix for sparc64tb2018-07-166-47/+341
| | | | | | | from Nicola Tuveri (who spotted the omission of ecp_nist.c from the PR). discussed with jsing tested by jsg
* recommit label indentation part of the backout; clearly unrelated to thetb2018-07-1519-91/+93
| | | | breakage.
* back out ecc constant time changesjsg2018-07-1520-426/+133
| | | | | | | | after the constant time commits various regress tests started failing on sparc64 ssh t9, libcrypto ec ecdh ecdsa and trying to ssh out resulted in 'invalid elliptic curve value' ok tb@
* Indent labels by a space so they don't obliterate function names in diffs.tb2018-07-1019-91/+93
|
* ECC constant time scalar multiplication support. First step in overhaulingtb2018-07-105-46/+337
| | | | | | | | | | | the EC module. From Billy Brumley and his team, via https://github.com/libressl-portable/openbsd/pull/94 With tweaks from jsing and me. ok jsing
* Add a const qualifier to the 'key' argument of i2o_ECPublicKey() andtb2018-05-192-4/+4
| | | | | | | | | one to the last argument of each one of i2s_ASN1_OCTET_STRING(), s2i_ASN1_OCTET_STRING(), i2s_ASN1_INTEGER(), i2s_ASN1_ENUMERATED(), and i2s_ASN1_ENUMERATED_TABLE(). tested in a bulk build by sthen ok jsing
* Convert a handful of X509_*() functions to take const as in OpenSSL.tb2018-05-011-6/+6
| | | | | tested in a bulk by sthen ok jsing
* Make whitespace between functions and structs a bit more consistent.tb2018-04-231-3/+7
|
* Consistently spell "IPsec" in comments and debug outputs.mpi2018-03-161-2/+2
| | | | From Raf Czlonka, ok sthen@
* Fix for processing of EC public keyinoguchi2018-03-122-15/+27
| | | | | | | | | | | | | | Prevents segmentation fault while reading EC private key without public key. Generates missing EC public key when reading EC private key. Refer to these OpenSSL commits: 1f2b943254ce590867717375e4f364860a9b7154 2083f7c465d07867dd9867b8742bb71c03d1f203 Reported on GitHub https://github.com/libressl-portable/portable/issues/395 by Anton Bukov (@k06a) . ok beck@
* Avoid a potential NULL pointer dereference in d2i_ECPrivateKey().jsing2017-05-261-1/+7
| | | | | | Reported by Robert Swiecki, who found the issue using honggfuzz. ok bcook@
* use freezero() instead of memset/explicit_bzero + free. Substantiallyderaadt2017-05-027-30/+17
| | | | | | | | | | reduces conditional logic (-218, +82). MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH cache alignment calculation bn/bn_exp.c wasn'tt quite right. Two other tricky bits with ASN1_STRING_FLAG_NDEF and BN_FLG_STATIC_DATA where the condition cannot be collapsed completely. Passes regress. ok beck
* Send the function codes from the error functions to the bit bucket,beck2017-01-2922-562/+391
| | | | | | as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
* Add ct and nonct versions of BN_mod_inverse for internal usebeck2017-01-211-3/+4
| | | | ok jsing@
* Explicitly export a list of symbols from libcrypto.jsing2016-12-212-3/+14
| | | | | | | | | | | | | | | | Move the "internal" BN functions from bn.h to bn_lcl.h and stop exporting the bn_* symbols. These are documented as only being intended for internal use, so why they were placed in a public header is beyond me... This hides 363 previously exported symbols, most of which exist in headers that are not installed and were never intended to be public. This also removes a few crusty old things that should have died long ago (like _ossl_old_des_read_pw). But don't worry... there are still 3451 symbols exported from the library. With input and testing from inoguchi@. ok beck@ inoguchi@
* Add assembler code for the nist 256-bit GFp curve, written initially bymiod2016-11-049-6/+19107
| | | | | | | | | Intel. Obtained from BoringSSL, with some integration work borrowed from OpenSSL 1.0.2; assembler code for arm and sparc64 borrowed from OpenSSL 1.1.0. None of this code is enabled in libcrypto yet. ok beck@ jsing@
* unifdef OPENSSL_NO_CMSjsing2016-10-191-22/+1
|
* remove unused variablebeck2016-09-031-2/+1
|
* Fix some very unnecessary convoultion.beck2016-09-031-16/+6
| | | | ok krw@
* " the the " -> " the ", or in a couple of cases replace the superfluouskrw2016-03-201-2/+2
| | | | | | "the" with the obviously intended word. Started with a "the the" spotted by Mihal Mazurek.
* Add error handling to the remaining calls to bn_wexpand().bcook2016-03-121-12/+16
| | | | | | | Noticed by pascal-cuoq from Github: https://github.com/libressl-portable/openbsd/issues/56 ok beck@
* http -> https for a few more IETF URLs in comments or man pagesmmcc2016-03-101-2/+2
|
* Remove pointless externs - the structs are declared in the same files ajsing2015-10-161-3/+1
| | | | few lines above.
* Expand DECLARE_ASN1_ALLOC_FUNCTIONS and DECLARE_ASN1_FUNCTIONS_constjsing2015-10-161-6/+17
| | | | macros. The only change in the generated assembly is due to line numbering.
* Remove pointless uses of DECLARE_ASN1_ENCODE_FUNCTIONS_const.jsing2015-10-161-3/+3
| | | | | DECLARE_ASN1_FUNCTIONS_const already includes this macro so using both means we end up with duplicate function prototypes and externs.
* Convert ECParameters_dup() from a macro that uses ASN1_dup_of() into anjsing2015-10-132-4/+19
| | | | | | actual function. This removes the last ASN1_dup_of usage from the tree. Feedback from doug@ and miod@
* Replace remaining M_ASN1_BIT_STRING_(new|free) macros with calls tojsing2015-09-291-2/+2
| | | | | | ASN1_BIT_STRING_(new|free). ok beck@ doug@
* Correct spelling of OPENSSL_cleanse.jsing2015-09-106-15/+15
| | | | ok miod@
* Replace remaining M_ASN1_STRING_* macros with calls to ASN1_STRING_*.jsing2015-09-101-5/+5
| | | | | | | This is not the same as the macro expansion, however the ASN1_STRING_* functions do match the macro expansions. ok doug@ miod@
* Expand obsolete M_ASN1.*(cmp|dup|print|set) macros - no change in generatedjsing2015-07-291-5/+5
| | | | | | assembly. ok bcook@
* Expand ASN.1 template macros - the generated assembly only differs byjsing2015-07-251-55/+351
| | | | changes to line numbers.
* Handle NIST curve names.jsing2015-06-201-2/+4
| | | | | | From OpenSSL. ok miod@ (a while ago)
* Have ECPKParameters_print() include the NIST curve name, if known.jsing2015-06-201-1/+10
| | | | | | From OpenSSL. ok miod@ (a while ago).
* Provide EC_curve_nid2nist() and EC_curve_nist2nid().jsing2015-06-202-2/+57
| | | | | | | | From OpenSSL. Rides libcrypto bump. ok miod@ (a while ago)
* No need to check the return value of memcpy() if you actually checked thismiod2015-05-201-3/+2
| | | | pointer for NULL the line above; ok doug@
* Add missing BN_CTX_end() calls.doug2015-04-291-7/+3
| | | | | | | | After calling BN_CTX_start(), there must be a BN_CTX_end() before returning. There were missing BN_CTX_end() calls in error paths. One diff chunk was simply removing redundant code related to this. ok deraadt@
* Fix a memory leak in an error path.doug2015-03-201-1/+3
| | | | | | From OpenSSL commit 5e5d53d341fd9a9b9cc0a58eb3690832ca7a511f. ok guenther@, logan@
* Fix several crash causing defects from OpenSSL.tedu2015-03-191-21/+20
| | | | | | | | | | | | | These include: CVE-2015-0209 - Use After Free following d2i_ECPrivatekey error CVE-2015-0286 - Segmentation fault in ASN1_TYPE_cmp CVE-2015-0287 - ASN.1 structure reuse memory corruption CVE-2015-0289 - PKCS7 NULL pointer dereferences Several other issues did not apply or were already fixed. Refer to https://www.openssl.org/news/secadv_20150319.txt joint work with beck, doug, guenther, jsing, miod
* In ec_wNAF_mul(), move the declaration of tmp_wNAF higher in scope, so thatmiod2015-02-151-6/+5
| | | | | all the function's exit paths can make sure it gets freed. Coverity CID 78861 tweaks & ok doug@ jsing@
* fix leaking of bn, coverity issue 105351beck2015-02-131-1/+2
| | | | ok doug@
* Guenther has plans for OPENSSL_NO_CMS, so revert this for the moment.beck2015-02-111-1/+22
|
* get rid of OPENSSL_NO_CMS code we do not use.beck2015-02-111-22/+1
| | | | ok miod@
* Expand the IMPLEMENT_ASN1_ALLOC_FUNCTIONS macro so that the code is visiblejsing2015-02-101-4/+37
| | | | | | | | | and functions can be readily located. Change has been scripted and the generated assembly only differs by changes to line numbers. Discussed with beck@ miod@ tedu@
* Expand the IMPLEMENT_ASN1_FUNCTIONS_{const,fname,name} macros so that thejsing2015-02-101-3/+51
| | | | | | | | | code is visible and functions can be readily located. Change has been scripted and the generated assembly only differs by changes to line numbers. Discussed with beck@ miod@ tedu@
* BN_CTX_get() can fail - consistently check its return value.jsing2015-02-098-127/+165
| | | | | | | | | | | | | | | There are currently cases where the return from each call is checked, the return from only the last call is checked and cases where it is not checked at all (including code in bn, ec and engine). Checking the last return value is valid as once the function fails it will continue to return NULL. However, in order to be consistent check each call with the same idiom. This makes it easy to verify. Note there are still a handful of cases that do not follow the idiom - these will be handled separately. ok beck@ doug@
* Remove unused GOST test that prevents clang from building libcrypto.doug2015-02-091-55/+1
| | | | | | | | | | clang warns that it is unused and we have -Werror enabled. This test isn't hooked up to anything yet. We can add it back with a future GOST update. clang 3.5 can now build libssl and libcrypto as long as you use CFLAGS=-Wno-pointer-sign. "seems reasonable" bcook@, miod@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-30 04:26:27 +0000