summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/gost (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Stop including ecdsa.h and ecdh.h internallytb2023-07-282-4/+2
| | | | | | | | These headers are now reduced to #include <openssl/ec.h> and are provided for compatiblity only. There's no point in using them. At the same time garbage collect the last uses of OPENSSL_NO_{ECDSA,ECDH} in our tree. ok jsing
* Fix two EC_POINT_is_on_curve() checkstb2023-07-241-2/+2
| | | | | | | This API can fail for various reasons, in which case it returns -1, so you need to check if (EC_POINT_is_on_curve_checks(...) <= 0). ok miod
* Hide symbols in gost.beck2023-07-087-5/+47
| | | | ok tb@ after some puking in his mouth.
* Rename ecs_local.h into ecdsa_local.htb2023-07-052-4/+4
|
* Call BN_free() instead of BN_clear_free().jsing2023-03-071-5/+5
| | | | | | | BN_clear_free() is a wrapper that calls BN_free() - call BN_free() directly instead. ok tb@
* gost: add missing BN_CTX_{start,end}() pairtb2023-01-151-1/+4
| | | | | | | | | | The new BN_CTX code enforces that the context be started before a BIGNUM can be obtained from it via BN_CTX_get(), tests for ssl/interop and the openssl app broke, implying missing test coverage in libcrypto itself. Add the obviously missing bits. reported by anton ok jsing
* BN_one() can fail, check its return value.jsing2022-12-011-5/+9
| | | | ok tb@
* Make header guards of internal headers consistenttb2022-11-261-4/+4
| | | | | Not all of them, only those that didn't leak into a public header... Yes.
* Make internal header file names consistenttb2022-11-2614-34/+34
| | | | | | | | | | | | | | | | Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special. Adjust all .c files in libcrypto, libssl and regress. The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually. discussed with jsing, no objection bcook
* Remove mkerr.pl remnants from LibreSSLkn2022-07-122-11/+1
| | | | | | | This script is not used at all and files are edited by hand instead. Thus remove misleading comments incl. the obsolete script/config. Feedback OK jsing tb
* Avoid segfaults in EVP_PKEY_CTX_free()tb2022-03-301-2/+5
| | | | | | | | | | | | | It is possible to call pmeth->cleanup() with an EVP_PKEY_CTX whose data is NULL. If pmeth->init() in int_ctx_new() fails, EVP_PKEY_CTX_free() is called with such a context. This in turn calls pmeth->cleanup(), and thus these cleanup functions must be careful not to use NULL data. Most of them are, but one of GOST's functions and HMAC's aren't. Reported for HMAC by Masaru Masada https://github.com/libressl-portable/openbsd/issues/129 ok bcook jsing
* gost needs to look into ecs_locl.htb2022-01-072-2/+4
|
* Check BIO_indent() return like all the others in this file.tb2021-12-261-2/+3
| | | | CID 345118
* Include evp_locl.h where it will be needed once most structs fromtb2021-12-122-2/+4
| | | | | | evp.h will be moved to evp_locl.h in an upcoming bump. ok inoguchi
* Switch to <endian.h> from <machine/endian.h> for better portability.bcook2021-11-092-6/+4
| | | | ok tb@
* Prepare to provide EC_POINT_{g,s}et_affine_coordinatestb2021-04-203-11/+10
| | | | | | Similar to part of OpenSSL commit 8e3cced75fb5fee5da59ebef9605d403a999391b ok jsing
* Include machine/endian.h in gost2814789.cinoguchi2020-09-121-1/+3
| | | | | | | To pick up __STRICT_ALIGNMENT define, include machine/endian.h. No kidding... deraadt@ ok bcook@ jsing@
* Add a few more errors to help debugging.jsing2020-06-051-6/+16
| | | | | | | | Diff from Dmitry Baryshkov <dbaryshkov@gmail.com> Sponsored by ROSA Linux. ok inoguchi@ tb@
* Add support for additional GOST curves.jsing2020-06-051-3/+3
| | | | | | | | | | | | | These GOST curves are defined in RFC 7836 and draft-deremin-rfc4491-bis. Add aliases for 256-bit GOST curves (see draft-smyshlyaev-tls12-gost-suites) and rename the 512-bit curve ids to follow names defined in tc26 OID registry. Diff from Dmitry Baryshkov <dbaryshkov@gmail.com> Sponsored by ROSA Linux. ok inoguchi@
* Apply some style(9).jsing2020-06-051-34/+30
|
* Fix incorrect carry operation in 512 bit addition: in the casetb2019-05-091-6/+8
| | | | | | | | | that there is already a carry and Sigma[i-1] == -1, the carry must be kept. From Dmitry Eremin-Solenik. Fixes incorrect Streebog result reported by Guido Vranken.
* Add consts to EVP_PKEY_asn1_set_private()tb2018-08-241-2/+2
| | | | | | | | | Requires adding a const to the priv_decode() member of EVP_PKEY_ASN1_METHOD and adjusting all *_priv_decode() functions. All this is already documented this way. tested in a bulk build by sthen ok jsing
* After removing support for broken PKCS#8 formats (it was high time),tb2018-08-241-3/+3
| | | | | | | | we can add const to PKCS8_pkey_get0(). In order for this to work, we need to sprinkle a few consts here and there. tested in a bulk by sthen ok jsing
* Remove a handrolled GOST_le2bn().jsing2018-06-101-8/+4
| | | | From Dmitry Eremin-Solenikov <dbaryshkov at gmail dot com>.
* Convert a handful of X509_*() functions to take const as in OpenSSL.tb2018-05-011-3/+3
| | | | | tested in a bulk by sthen ok jsing
* use freezero() instead of memset/explicit_bzero + free. Substantiallyderaadt2017-05-021-3/+2
| | | | | | | | | | reduces conditional logic (-218, +82). MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH cache alignment calculation bn/bn_exp.c wasn'tt quite right. Two other tricky bits with ASN1_STRING_FLAG_NDEF and BN_FLG_STATIC_DATA where the condition cannot be collapsed completely. Passes regress. ok beck
* Send the function codes from the error functions to the bit bucket,beck2017-01-296-143/+83
| | | | | | as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
* Add ct and nonct versions of BN_mod_inverse for internal usebeck2017-01-211-2/+2
| | | | ok jsing@
* Split out BN_div and BN_mod into ct and nonct versions for Internal use.beck2017-01-211-4/+6
| | | | ok jsing@
* Explicitly export a list of symbols from libcrypto.jsing2016-12-212-2/+10
| | | | | | | | | | | | | | | | Move the "internal" BN functions from bn.h to bn_lcl.h and stop exporting the bn_* symbols. These are documented as only being intended for internal use, so why they were placed in a public header is beyond me... This hides 363 previously exported symbols, most of which exist in headers that are not installed and were never intended to be public. This also removes a few crusty old things that should have died long ago (like _ossl_old_des_read_pw). But don't worry... there are still 3451 symbols exported from the library. With input and testing from inoguchi@. ok beck@ inoguchi@
* unifdef OPENSSL_NO_CMSjsing2016-10-192-21/+2
|
* Expand DECLARE_ASN1_.*FUNCTIONS macros.jsing2016-09-042-7/+27
| | | | No change in preprocessed output, ignoring whitespace and line numbers.
* Correct spelling of OPENSSL_cleanse.jsing2015-09-104-9/+11
| | | | ok miod@
* Expand ASN.1 template macros - no change in generated assembly.jsing2015-07-241-22/+144
|
* prefer string.h to strings.h ok guenther@ doug@bcook2015-07-201-2/+2
|
* Fix possible 32 byte buffer overrun, found by coverity, CID 78869beck2015-07-151-2/+2
| | | | ok miod@
* Memory leaks upon error. Coverity CID 78874.miod2015-02-141-10/+10
| | | | ok jsing@
* Consistently check the return value from BN_CTX_get() on assignment.jsing2015-02-144-42/+44
| | | | | | | This is the same as the previous larger commit, however it would seem the GOST part got missed. ok beck@ doug@
* Guenther has plans for OPENSSL_NO_CMS, so revert this for the moment.beck2015-02-112-2/+21
|
* get rid of OPENSSL_NO_CMS code we do not use.beck2015-02-112-21/+2
| | | | ok miod@
* Enable building with -DOPENSSL_NO_DEPRECATED.doug2015-02-114-4/+8
| | | | | | | | | | | | | | | If you didn't enable deprecated code, there were missing err.h and bn.h includes. This commit allows building with or without deprecated code. This was not derived from an OpenSSL commit. However, they recently enabled OPENSSL_NO_DEPRECATED in git and fixed these header problems in a different way. Verified with clang that this only changes line numbers in the generated asm. ok miod@
* Replace assert() and OPENSSL_assert() calls with proper error return paths.miod2015-02-101-5/+20
| | | | Careful review, feedback & ok doug@ jsing@
* Remove assert() or OPENSSL_assert() of pointers being non-NULL. The policymiod2015-02-101-5/+1
| | | | | for libraries in OpenBSD is to deliberately let NULL pointers cause a SIGSEGV. ok doug@ jsing@
* Expand the IMPLEMENT_ASN1_FUNCTIONS macro so that the code is visible andjsing2015-02-091-5/+125
| | | | | | | | functions can be readily located. Change has been scripted and there is no change to the generated assembly. Discussed with beck@ miod@ tedu@
* Make GOST compile with a strict C compiler - in this case incrementing ajsing2014-12-073-10/+12
| | | | | | | void pointer is undefined and initialising an array with {} is a syntax error. Based on a diff from kinichiro inoguchi.
* Correctly output the result in STREEBOG512_Final() when running on a big-endianmiod2014-12-071-5/+28
| | | | system. *blush*
* Argh, another bug introduced in r1.3; Dmitry Eremin-Solenikovmiod2014-11-181-2/+2
|
* Return success in param_copy_gost01() if there is no private key to copy;miod2014-11-181-2/+2
| | | | | broken in r1.3. Spotted by Dmitry Eremin-Solenikov
* Add many missing error checks (probably not exhaustive, but a good start):miod2014-11-136-287/+488
| | | | | | | | | | | | - make VKO_compute_key() no longer void so that it can return failure. - fix unchecked allocations in too many routines to mention /-: - fix unchecked BN operations in gost2001_do_sign(), gost2001_do_verify(), VKO_compute_key(). - fix the gost2001_do_sign() interface violation by having its sole caller free the BIGNUM it passes to that function by itself, instead of having the callee do this. Reviewed (except for the last item) by Dmitry Eremin-Solenikov.
* KNF (when not conflicting with other cleanup changes in progress)miod2014-11-0910-329/+446
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-09-07 02:56:14 +0000