| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
| |
These ciphers have long based APIs, while EVP has a size_t based API. The
intent of these loops is to handle sizes that are bigger than LONG_MAX.
Rather than using the rather crazy EVP_MAXCHUNK construct, use LONG_MAX
rounded down to a large block size, ensuring that it is a block size
multiple. Revert the recently added overflow checks now that this is
handled more appropriately.
ok tb@
|
| |
|
|
|
|
|
| |
Now that EVP_CIPHER is opaque, stop pretending that EVP_CIPHER cleanup can
fail.
ok tb@
|
| |
|
|
| |
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
|
|
|
| |
The length is decremented, however the input is repeatedly read from and
output written to the same position. Correct this by actually incrementing
the input and output pointers.
Found via OpenSSL 604e591ed7,
ok tb@
|
| |
|
|
|
|
|
|
|
|
| |
The BLOCK_CIPHER_* macros contained a bug where the total length is passed
to the underlying cipher implementation, rather than the length of the
current chunk. Correct this and use the chunk length instead.
Should address the remaining issues reported by Coverity.
ok tb@
|
| |
|
|
| |
Only change in generated assembly is due to line numbers.
|
| |
|
|
|
|
|
|
|
| |
These cipher implementations take a size_t length argument, so stop
casting it to a long.
Found by Coverity.
ok tb@
|
| |
|
|
| |
No change in generated assembly.
|
| |
|
|
|
|
|
|
|
|
| |
The EVP cipher API uses size_t, however a number of the underlying
implementations use long in their API. This means that an input with
size > LONG_MAX will go negative.
Found by Coverity, hiding under a large pile of macros.
ok tb@
|
| |
|
|
| |
Only change to generated assembly is due to line numbers.
|
| |
|
|
| |
Only change in generated assembly is due to line numbers.
|
| |
|
|
|
|
|
| |
Pull the init_key and ctrl (if present) functions up to the top. This
improves readability and allows for the removal of function prototypes.
No functional change.
|
| | |
|
| | |
|
| |
|
|
| |
No change in generated assembly.
|
| |
|
|
| |
No change in generated assembly.
|
| |
|
|
|
|
| |
This includes the wonderful BLOCK_CIPHER_ecb_loop - a for loop in a macro.
No change in generated assembly.
|
| | |
|
| |
|
|
| |
Only change to generated assembly is due to the use of EVPerror().
|
| |
|
|
|
|
| |
Also remove various comments noting that it cannot be used for certain
block ciphers (which kinda defeats the purpose of having a generic
implementation in the first place).
|
| |
|
|
|
| |
Only change to generated assembly is due to EVPerror()'s use of line
numbers.
|
| |
|
|
| |
No change in generated assembly.
|
| |
|
|
|
|
| |
Only change to generated assembly is due to EVPerror()'s use of line
numbers.
CVS ----------------------------------------------------------------------
|
| |
|
|
| |
No change to generated assembly.
|
| |
|
|
|
|
|
|
|
| |
These macros make the ASN.1 macros seem sane - there are layers and layers
and layers here, which are hiding bugs.
No change to generated assembly.
Discussed with tb@
|
| |
|
|
|
|
| |
Otherwise EVP_CIPHER_CTX_cleanup() leaks, as spotted by the ASAN CI.
ok jsing
|
| |
|
|
|
|
|
| |
While these will not be used by LibreSSL, they are used by some QUIC
implementations (such as ngtcp2).
ok tb@
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
EVP_chacha20_poly1305() is an EVP_CIPHER implementation of the
ChaCha20-Poly1305 AEAD. This is potentially used to provide encryption for
the QUIC transport layer.
Where possible, this should be avoided in favour of the significantly saner
EVP_AEAD interface.
ok tb@
|
| |
|
|
|
|
|
|
|
| |
The length checks for EVP_aead_chacha20_poly1305() seal/open were incorrect
and are no longer necessary (not to mention that the comment failed to
match the code). Remove these since the underlying ChaCha implementation
will now handle the same sized inputs at these functions can.
Issue flagged by and ok tb@
|
| |
|
|
|
|
|
| |
Remove unnecessary conditions for XTS mode, since we know which are XTS.
Also use bytes rather than bits / 8.
ok tb@
|
| |
|
|
|
|
| |
LibreSSL does not do FIPS and nothing else sets or checks these.
ok tb@
|
| |
|
|
|
|
|
| |
A number of the AES-NI functions are #defines to an aes_* function - remove
these and just use the AES variant directly.
ok tb@
|
| |
|
|
|
|
|
|
|
| |
As a first step towards untangling and cleaning up the EVP AES code, expand
the BLOCK_CIPHER_* macros. In particular, rather than having two sets of
macros - one that is used if AESNI is being compiled in and one if it is
not, condition on #ifdef AESNI_CAPABLE in the expanded code.
ok tb@
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Input length < 0 is an error and input length == 0 can result in
strange effects in some ciphers, except in CCM mode, which is extra
special.
Based on OpenSSL 420cb707 by Matt Caswell and Richard Levitte
found by & ok jsing
|
| |
|
|
|
|
|
| |
This script is not used at all and files are edited by hand instead.
Thus remove misleading comments incl. the obsolete script/config.
Feedback OK jsing tb
|
| |
|
|
|
|
|
| |
These are mostly security-level related, but there are also ASN1_TIME
and ASN_INTEGER functions here, as well as some missing accessors.
ok jsing
|
| |
|
|
|
|
|
| |
This also provides a pkey_security_bits member to the PKEY ASN.1 methods
and a corresponding setter EVP_PKEY_asn1_set_security_bits().
ok beck jsing
|
| |
|
|
| |
ok beck jsing
|
| |
|
|
| |
ok beck jsing
|
| |
|
|
| |
ok beck jsing
|
| |
|
|
| |
suggestion from tb@
|
| |
|
|
|
|
| |
CID 21653
ok jsing@ millert@ tb@
|
| |
|
|
|
|
| |
CID 24778
ok jsing@ millert@ tb@
|
| |
|
|
|
|
|
|
|
|
| |
This provides support for new-style BIO callbacks in
BIO_{read,write,gets,puts}() and a helper function to
work out whether it should call the new or the old
style callback. It also adds a few typedefs and minor
code cleanup as well as the BIO_{get,set}_callback_ex()
from jsing, ok tb
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This removes m_dss.c, m_dss1.c, and m_ecdsa.c and the corresponding
public API EVP_{dss,dss1,ecdsa}().
This is basically the following OpenSSL commit. The mentioned change in
RSA is already present in rsa/rsa_pmeth.c.
ok inoguchi jsing
commit 7f572e958b13041056f377a62d3219633cfb1e8a
Author: Dr. Stephen Henson <steve@openssl.org>
Date: Wed Dec 2 13:57:04 2015 +0000
Remove legacy sign/verify from EVP_MD.
Remove sign/verify and required_pkey_type fields of EVP_MD: these are a
legacy from when digests were linked to public key types. All signing is
now handled by the corresponding EVP_PKEY_METHOD.
Only allow supported digest types in RSA EVP_PKEY_METHOD: other algorithms
already block unsupported types.
Remove now obsolete EVP_dss1() and EVP_ecdsa().
Reviewed-by: Richard Levitte <levitte@openssl.org>
Plus OpenSSL commit 625a9baf11c1dd94f17e5876b6ee8d6271b3921d for m_dss.c
|
| |
|
|
|
|
| |
This moves most structs to evp_locl.h and moves HMAC_CTX to hmac_local.h.
ok inoguchi jsing
|
| |
|
|
|
| |
This marks the start of major surgery in libcrypto. Do not attempt to
build the tree for a while (~50 commits).
|
