summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/evp (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Make header guards of internal headers consistenttb2022-11-261-4/+4
| | | | | Not all of them, only those that didn't leak into a public header... Yes.
* Make internal header file names consistenttb2022-11-2653-113/+113
| | | | | | | | | | | | | | | | Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special. Adjust all .c files in libcrypto, libssl and regress. The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually. discussed with jsing, no objection bcook
* Change the pkey.ptr from char * to void *tb2022-11-182-4/+4
| | | | | | | | Now that EVP_PKEY is opaque, there is no reason to keep the ptr member of the pkey union as a weird char pointer, a void pointer will do. This avoids a few stupid casts and simplifies an upcoming diff. ok jsing
* Expose various EVP hooks for Ed25519 and X25519tb2022-11-131-6/+3
| | | | | | | | This adds the EVP_PKEY_ED25519 and EVP_PKEY_X25519 aliases for the NIDs and exposes the raw public key API. The ED25519_KEYLEN and X25519_KEYLEN defines are still kept internal for now to match what OpenSSL have. We may want to expose those later.
* Implement EVP interfaces for Ed25519 and X25519.jsing2022-11-103-3/+26
| | | | ok beck@ tb@
* Provide digestsign/digestverify hooks for EVP_PKEY_METHOD.jsing2022-11-104-4/+32
| | | | | | These are needed for EVP implementations of Ed25519 and X25519. ok beck@ tb@
* Port EVP raw key API from OpenSSL.jsing2022-11-103-4/+106
| | | | | | This will be needed to deal with Curve25519 based keys. ok beck@ tb@
* Fix up indentation for EVP_PKEY_* defines.jsing2022-11-091-19/+19
|
* Clean up EVP_PKEY_METHOD related tables and code.jsing2022-11-091-56/+41
| | | | | | | This is effectively the same as done for EVP_PKEY_ASN1_METHOD, although this table only has nine entries. ok tb@
* Sort EVP_PKEY_METHOD externs.jsing2022-11-091-5/+10
|
* Add EVP_chacha20_poly1305()tb2022-10-211-1/+4
| | | | | | Omission reported by jca. ok jca jsing
* Use LONG_MAX as the limit for ciphers with long based APIs.jsing2022-09-156-169/+120
| | | | | | | | | | | These ciphers have long based APIs, while EVP has a size_t based API. The intent of these loops is to handle sizes that are bigger than LONG_MAX. Rather than using the rather crazy EVP_MAXCHUNK construct, use LONG_MAX rounded down to a large block size, ensuring that it is a block size multiple. Revert the recently added overflow checks now that this is handled more appropriately. ok tb@
* Stop pretending that EVP_CIPHER cleanup can fail.jsing2022-09-134-14/+15
| | | | | | | Now that EVP_CIPHER is opaque, stop pretending that EVP_CIPHER cleanup can fail. ok tb@
* Expose EVP_chacha20_poly1305()tb2022-09-111-3/+1
| | | | ok jsing
* Expose various EVP AEAD constants for EVP ChaCha and QUICtb2022-09-111-3/+1
| | | | ok jsing
* Increment the input and output position for EVP AES CFB1.jsing2022-09-101-1/+3
| | | | | | | | | | The length is decremented, however the input is repeatedly read from and output written to the same position. Correct this by actually incrementing the input and output pointers. Found via OpenSSL 604e591ed7, ok tb@
* Use correct length for EVP CFB mode ciphers.jsing2022-09-107-22/+22
| | | | | | | | | | The BLOCK_CIPHER_* macros contained a bug where the total length is passed to the underlying cipher implementation, rather than the length of the current chunk. Correct this and use the chunk length instead. Should address the remaining issues reported by Coverity. ok tb@
* Replace aes_{ccm,xts}_cleanup usage with NULL.jsing2022-09-061-16/+11
| | | | Only change in generated assembly is due to line numbers.
* Stop casting a size_t to a long and then passing it as a size_t.jsing2022-09-063-31/+31
| | | | | | | | | These cipher implementations take a size_t length argument, so stop casting it to a long. Found by Coverity. ok tb@
* Remove dead code.jsing2022-09-042-36/+12
| | | | No change in generated assembly.
* Add bounds checks for various EVP cipher implementations.jsing2022-09-046-7/+98
| | | | | | | | | | The EVP cipher API uses size_t, however a number of the underlying implementations use long in their API. This means that an input with size > LONG_MAX will go negative. Found by Coverity, hiding under a large pile of macros. ok tb@
* Remove dead code.jsing2022-09-045-25/+10
| | | | Only change to generated assembly is due to line numbers.
* Expand the looney M_do_cipher macro.jsing2022-09-041-11/+9
| | | | Only change in generated assembly is due to line numbers.
* Rearrange some functions.jsing2022-09-048-177/+141
| | | | | | | Pull the init_key and ctrl (if present) functions up to the top. This improves readability and allows for the removal of function prototypes. No functional change.
* Remove now unused EVP_C_DATA macro.jsing2022-09-041-3/+1
|
* Remove now unused BLOCK_CIPHER_* macros.jsing2022-09-041-186/+1
|
* Expand BLOCK_CIPHER_* macros.jsing2022-09-041-15/+108
| | | | No change in generated assembly.
* Mechanically expand BLOCK_CIPHER_* macros.jsing2022-09-042-32/+387
| | | | No change in generated assembly.
* Mechanically expand BLOCK_CIPHER_* ciphers.jsing2022-09-041-17/+145
| | | | | | This includes the wonderful BLOCK_CIPHER_ecb_loop - a for loop in a macro. No change in generated assembly.
* Remove now unused IMPLEMENT_CFBR macro.jsing2022-09-041-10/+1
|
* Mechanically expand IMPLEMENT_CFBR macros.jsing2022-09-041-8/+267
| | | | Only change to generated assembly is due to the use of EVPerror().
* Remove now unused IMPLEMENT_BLOCK_CIPHER macro.jsing2022-09-034-19/+4
| | | | | | Also remove various comments noting that it cannot be used for certain block ciphers (which kinda defeats the purpose of having a generic implementation in the first place).
* Mechanically expand IMPLEMENT_BLOCK_CIPHER macro.jsing2022-09-031-21/+486
| | | | | Only change to generated assembly is due to EVPerror()'s use of line numbers.
* Mechanically expand IMPLEMENT_BLOCK_CIPHER macro.jsing2022-09-031-4/+162
| | | | No change in generated assembly.
* Mechanically expand IMPLEMENT_BLOCK_CIPHER macro.jsing2022-09-031-8/+161
| | | | | | Only change to generated assembly is due to EVPerror()'s use of line numbers. CVS ----------------------------------------------------------------------
* Mechanically expand IMPLEMENT_BLOCK_CIPHER macro.jsing2022-09-031-6/+162
| | | | No change to generated assembly.
* Mechanically expand IMPLEMENT_BLOCK_CIPHER macro.jsing2022-09-031-5/+163
| | | | | | | | | These macros make the ASN.1 macros seem sane - there are layers and layers and layers here, which are hiding bugs. No change to generated assembly. Discussed with tb@
* chacha20_poly1305_cleanup() should return 1tb2022-08-301-2/+2
| | | | | | Otherwise EVP_CIPHER_CTX_cleanup() leaks, as spotted by the ASAN CI. ok jsing
* Provide additional defines for EVP AEAD.jsing2022-08-271-1/+18
| | | | | | | While these will not be used by LibreSSL, they are used by some QUIC implementations (such as ngtcp2). ok tb@
* fix indent and zap trailing whitespacetb2022-08-211-3/+3
|
* Provide EVP_chacha20_poly1305()jsing2022-08-202-7/+260
| | | | | | | | | | | EVP_chacha20_poly1305() is an EVP_CIPHER implementation of the ChaCha20-Poly1305 AEAD. This is potentially used to provide encryption for the QUIC transport layer. Where possible, this should be avoided in favour of the significantly saner EVP_AEAD interface. ok tb@
* Remove bogus length checks from EVP_aead_chacha20_poly1305()jsing2022-08-201-27/+1
| | | | | | | | | The length checks for EVP_aead_chacha20_poly1305() seal/open were incorrect and are no longer necessary (not to mention that the comment failed to match the code). Remove these since the underlying ChaCha implementation will now handle the same sized inputs at these functions can. Issue flagged by and ok tb@
* Mop up key_len assignments.jsing2022-08-041-91/+59
| | | | | | | Remove unnecessary conditions for XTS mode, since we know which are XTS. Also use bytes rather than bits / 8. ok tb@
* Mop up EVP_CIPH_FLAG_FIPS usage.jsing2022-08-041-59/+59
| | | | | | LibreSSL does not do FIPS and nothing else sets or checks these. ok tb@
* Remove various aesni_* defines to aes_* functions.jsing2022-08-041-56/+24
| | | | | | | A number of the AES-NI functions are #defines to an aes_* function - remove these and just use the AES variant directly. ok tb@
* Expand BLOCK_CIPHER_* macros.jsing2022-08-021-133/+1056
| | | | | | | | | As a first step towards untangling and cleaning up the EVP AES code, expand the BLOCK_CIPHER_* macros. In particular, rather than having two sets of macros - one that is used if AESNI is being compiled in and one if it is not, condition on #ifdef AESNI_CAPABLE in the expanded code. ok tb@
* Reorder functions and remove unnecessary function prototypes.jsing2022-07-301-29/+24
|
* Do not pass input length <= 0 to the cipher handlerstb2022-07-261-11/+17
| | | | | | | | | | Input length < 0 is an error and input length == 0 can result in strange effects in some ciphers, except in CCM mode, which is extra special. Based on OpenSSL 420cb707 by Matt Caswell and Richard Levitte found by & ok jsing
* Remove mkerr.pl remnants from LibreSSLkn2022-07-122-12/+2
| | | | | | | This script is not used at all and files are edited by hand instead. Thus remove misleading comments incl. the obsolete script/config. Feedback OK jsing tb
* Expose new API in headers.tb2022-07-071-5/+1
| | | | | | | These are mostly security-level related, but there are also ASN1_TIME and ASN_INTEGER functions here, as well as some missing accessors. ok jsing
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-26 09:16:53 +0000