summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/gost (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Include machine/endian.h in gost2814789.cinoguchi2020-09-121-1/+3
| | | | | | | To pick up __STRICT_ALIGNMENT define, include machine/endian.h. No kidding... deraadt@ ok bcook@ jsing@
* Add a few more errors to help debugging.jsing2020-06-051-6/+16
| | | | | | | | Diff from Dmitry Baryshkov <dbaryshkov@gmail.com> Sponsored by ROSA Linux. ok inoguchi@ tb@
* Add support for additional GOST curves.jsing2020-06-051-3/+3
| | | | | | | | | | | | | These GOST curves are defined in RFC 7836 and draft-deremin-rfc4491-bis. Add aliases for 256-bit GOST curves (see draft-smyshlyaev-tls12-gost-suites) and rename the 512-bit curve ids to follow names defined in tc26 OID registry. Diff from Dmitry Baryshkov <dbaryshkov@gmail.com> Sponsored by ROSA Linux. ok inoguchi@
* Apply some style(9).jsing2020-06-051-34/+30
|
* Fix incorrect carry operation in 512 bit addition: in the casetb2019-05-091-6/+8
| | | | | | | | | that there is already a carry and Sigma[i-1] == -1, the carry must be kept. From Dmitry Eremin-Solenik. Fixes incorrect Streebog result reported by Guido Vranken.
* Add consts to EVP_PKEY_asn1_set_private()tb2018-08-241-2/+2
| | | | | | | | | Requires adding a const to the priv_decode() member of EVP_PKEY_ASN1_METHOD and adjusting all *_priv_decode() functions. All this is already documented this way. tested in a bulk build by sthen ok jsing
* After removing support for broken PKCS#8 formats (it was high time),tb2018-08-241-3/+3
| | | | | | | | we can add const to PKCS8_pkey_get0(). In order for this to work, we need to sprinkle a few consts here and there. tested in a bulk by sthen ok jsing
* Remove a handrolled GOST_le2bn().jsing2018-06-101-8/+4
| | | | From Dmitry Eremin-Solenikov <dbaryshkov at gmail dot com>.
* Convert a handful of X509_*() functions to take const as in OpenSSL.tb2018-05-011-3/+3
| | | | | tested in a bulk by sthen ok jsing
* use freezero() instead of memset/explicit_bzero + free. Substantiallyderaadt2017-05-021-3/+2
| | | | | | | | | | reduces conditional logic (-218, +82). MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH cache alignment calculation bn/bn_exp.c wasn'tt quite right. Two other tricky bits with ASN1_STRING_FLAG_NDEF and BN_FLG_STATIC_DATA where the condition cannot be collapsed completely. Passes regress. ok beck
* Send the function codes from the error functions to the bit bucket,beck2017-01-296-143/+83
| | | | | | as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
* Add ct and nonct versions of BN_mod_inverse for internal usebeck2017-01-211-2/+2
| | | | ok jsing@
* Split out BN_div and BN_mod into ct and nonct versions for Internal use.beck2017-01-211-4/+6
| | | | ok jsing@
* Explicitly export a list of symbols from libcrypto.jsing2016-12-212-2/+10
| | | | | | | | | | | | | | | | Move the "internal" BN functions from bn.h to bn_lcl.h and stop exporting the bn_* symbols. These are documented as only being intended for internal use, so why they were placed in a public header is beyond me... This hides 363 previously exported symbols, most of which exist in headers that are not installed and were never intended to be public. This also removes a few crusty old things that should have died long ago (like _ossl_old_des_read_pw). But don't worry... there are still 3451 symbols exported from the library. With input and testing from inoguchi@. ok beck@ inoguchi@
* unifdef OPENSSL_NO_CMSjsing2016-10-192-21/+2
|
* Expand DECLARE_ASN1_.*FUNCTIONS macros.jsing2016-09-042-7/+27
| | | | No change in preprocessed output, ignoring whitespace and line numbers.
* Correct spelling of OPENSSL_cleanse.jsing2015-09-104-9/+11
| | | | ok miod@
* Expand ASN.1 template macros - no change in generated assembly.jsing2015-07-241-22/+144
|
* prefer string.h to strings.h ok guenther@ doug@bcook2015-07-201-2/+2
|
* Fix possible 32 byte buffer overrun, found by coverity, CID 78869beck2015-07-151-2/+2
| | | | ok miod@
* Memory leaks upon error. Coverity CID 78874.miod2015-02-141-10/+10
| | | | ok jsing@
* Consistently check the return value from BN_CTX_get() on assignment.jsing2015-02-144-42/+44
| | | | | | | This is the same as the previous larger commit, however it would seem the GOST part got missed. ok beck@ doug@
* Guenther has plans for OPENSSL_NO_CMS, so revert this for the moment.beck2015-02-112-2/+21
|
* get rid of OPENSSL_NO_CMS code we do not use.beck2015-02-112-21/+2
| | | | ok miod@
* Enable building with -DOPENSSL_NO_DEPRECATED.doug2015-02-114-4/+8
| | | | | | | | | | | | | | | If you didn't enable deprecated code, there were missing err.h and bn.h includes. This commit allows building with or without deprecated code. This was not derived from an OpenSSL commit. However, they recently enabled OPENSSL_NO_DEPRECATED in git and fixed these header problems in a different way. Verified with clang that this only changes line numbers in the generated asm. ok miod@
* Replace assert() and OPENSSL_assert() calls with proper error return paths.miod2015-02-101-5/+20
| | | | Careful review, feedback & ok doug@ jsing@
* Remove assert() or OPENSSL_assert() of pointers being non-NULL. The policymiod2015-02-101-5/+1
| | | | | for libraries in OpenBSD is to deliberately let NULL pointers cause a SIGSEGV. ok doug@ jsing@
* Expand the IMPLEMENT_ASN1_FUNCTIONS macro so that the code is visible andjsing2015-02-091-5/+125
| | | | | | | | functions can be readily located. Change has been scripted and there is no change to the generated assembly. Discussed with beck@ miod@ tedu@
* Make GOST compile with a strict C compiler - in this case incrementing ajsing2014-12-073-10/+12
| | | | | | | void pointer is undefined and initialising an array with {} is a syntax error. Based on a diff from kinichiro inoguchi.
* Correctly output the result in STREEBOG512_Final() when running on a big-endianmiod2014-12-071-5/+28
| | | | system. *blush*
* Argh, another bug introduced in r1.3; Dmitry Eremin-Solenikovmiod2014-11-181-2/+2
|
* Return success in param_copy_gost01() if there is no private key to copy;miod2014-11-181-2/+2
| | | | | broken in r1.3. Spotted by Dmitry Eremin-Solenikov
* Add many missing error checks (probably not exhaustive, but a good start):miod2014-11-136-287/+488
| | | | | | | | | | | | - make VKO_compute_key() no longer void so that it can return failure. - fix unchecked allocations in too many routines to mention /-: - fix unchecked BN operations in gost2001_do_sign(), gost2001_do_verify(), VKO_compute_key(). - fix the gost2001_do_sign() interface violation by having its sole caller free the BIGNUM it passes to that function by itself, instead of having the callee do this. Reviewed (except for the last item) by Dmitry Eremin-Solenikov.
* KNF (when not conflicting with other cleanup changes in progress)miod2014-11-0910-329/+446
|
* Remove DEBUG_SIGN code. Make sure gost_key_unwrap_crypto_pro() returns failuremiod2014-11-092-19/+4
| | | | instead of a printf and a success return, when the operation fails.
* Rename internal yet public key_{un,}wrap_crypto_pro symbols by prepending amiod2014-11-093-30/+32
| | | | | `gost_' prefix to them, so that we do not pollute the global namespace too much.
* Replace RAND_bytes() usage with arc4random_buf().miod2014-11-093-10/+3
|
* GOST crypto algorithms (well, most of them), ported from the removed GOSTmiod2014-11-0917-0/+5569
engine to regular EVP citizens, contributed by Dmitry Eremin-Solenikov; libcrypto bits only for now. This is a verbatim import of Dmitry's work, and does not compile in this state; the forthcoming commits will address these issues. None of the GOST code is enabled in libcrypto yet, for it still gets compiled with OPENSSL_NO_GOST defined. However, the public header gost.h will be installed.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 13:39:00 +0000