summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/malloc-wrapper.c (unfollow)
Commit message (Collapse)AuthorFilesLines
2018-08-24Add const to two arguments of OCSP_cert_to_id()tb2-6/+7
tested in a bulk by sthen ok jsing
2018-08-24Provide X509_get0_serialNumber()tb3-2/+10
tested in a bulk by sthen ok jsing
2018-08-24Turn a number of #defines into proper functions with prototypes matchingtb5-18/+80
those that OpenSSL has had for ages. ok jsing
2018-08-24Change PEM_Sign{Init,Update}() to return an int.tb2-8/+8
tested in a bulk by sthen ok jsing
2018-08-24Check return value of EVP_EncodeUpdate() in PEM_write_bio().tb1-2/+3
ok jsing
2018-08-24Check return value of EVP_EncodeUpdate() in b64_write().tb1-3/+4
ok jsing
2018-08-24Convert EVP_EncodeUpdate() to return an int to allow for errortb2-8/+10
checking. Matches our documented behavior. Based on OpenSSL commit c5ebfcab713a82a1d46a51c8c2668c419425b387 tested in a bulk by sthen ok jsing
2018-08-24Provide EVP_CIPHER_CTX_encrypting().tb3-2/+10
tested in a bulk by sthen ok jsing
2018-08-24unifdef DTLS1_AD_MISSING_HANDSHAKE_MESSAGE.jsing2-26/+3
This code has been rotting since 2006. ok bcook@ tb@
2018-08-24Document prototype change and return values for BIO_set_cipher()tb1-3/+5
ok jsing
2018-08-24Return an int in BIO_set_cipher() to be able to report errors.tb2-13/+22
tested in a bulk by sthen ok jsing
2018-08-24In DSO_up_ref(), check return value of CRYPTO_add() and reporttb1-3/+5
failure accordingly. ok jsing
2018-08-24In ENGINE_up_ref(), check return value of CRYPTO_add() and reporttb1-3/+5
failure accordingly. ok jsing
2018-08-24Document new prototype and return values of X509_OBJECT_up_ref_count()tb1-3/+6
ok jsing
2018-08-24Make X509_OBJECT_up_ref_count return an int.tb2-9/+7
Based on OpenSSL commit c5ebfcab713a82a1d46a51c8c2668c419425b387 tested in a bulk by sthen ok jsing
2018-08-24Update documentation of CRYPTO_mem_leaks*.tb1-6/+12
ok jsing
2018-08-24Let CRYPTO_mem_leaks{,_fp,_cb}() return -1.tb2-12/+12
These functions are no-ops. Their signature was changed by OpenSSL to allow error checking. This way we return an error and do not indicate the (non-)existence of memory leaks. tested in a bulk by sthen ok jsing
2018-08-24Simplify session ticket parsing/handling.jsing4-69/+46
The original implementation is rather crazy and means that we effectively have two lots of code that parse a ClientHello and two lots of code that parse TLS extensions. Partially simplify this by passing a CBS containing the extension block through to the session handling functions, removing the need to reimplement the ClientHello parsing. While here standarise on naming for session_id and session_id_len. ok inoguchi@ tb@
2018-08-24Pull up the parsing of a ClientHello.jsing1-20/+20
Parse up until the extensions (if any), then proceed with processing, rather than gradually parsing while processing. This makes the code cleaner, requires messages to be valid before processing and makes way for upcoming changes. ok inoguchi@ tb@
2018-08-24Add my copyright.tb1-1/+2
Discussed with jsing
2018-08-24Remove DSA from TODO list and add RSA-PSS back.tb1-2/+2
2018-08-24Also test DSA with the DER encoded key. Lots of help from jsing, thanks!tb1-1/+27
2018-08-24Clean up handshake message start/finish functions.jsing6-76/+38
Now that all handshake messages are created using CBB, remove the non-CBB ssl3_handshake_msg_start()/ssl3_handshake_msg_finish() functions. Rename the CBB variants by dropping the _cbb suffix. ok bcook@ inoguchi@ tb@
2018-08-23Run our DSA against wycheproof test vectors.tb1-1/+129
2018-08-23Add license header.inoguchi1-0/+17
2018-08-23Check reusing SSL/TLS session ticket by regression testinoguchi1-8/+38
- Added checking for session ticket reusing with using openssl(1) s_server and s_client command in appstest.sh - Confirm certificate verification status. - Save s_server message to log file. ok tb@ and jsing@
2018-08-22Use a monotonic clock for the benchmark timeout.cheloha1-24/+9
While here, we don't need the app_timer_* wrapper function, it only obfuscates things, so delete it. Also while here, totalTime only needs to be assigned once. ok tb@
2018-08-22Correct session ticket encryption.jsing1-4/+11
The CBB conversion resulted in the ticket encryption being handled incorrectly, resulting in only the last block being used. Fix this and restore the previous behaviour. Issue found by inoguchi@ and sebastia@. ok inoguchi@ and tb@
2018-08-21fix return valuetb1-3/+3
2018-08-21Remove ChaCha20-Poly1305 from the TODO listtb1-2/+2
2018-08-21A failure to _seal() should be looked into, so turn this into antb1-7/+2
unconditional failure.
2018-08-21Factor the calls to EVP_AEAD_CTX_open() and EVP_AEAD_CTX_seal() intotb1-48/+76
their own functions to make it easier to handle failures cleanly. Discussed with jsing
2018-08-21Merge duplicate benchmark() GET/SSL_shutdown blocks into doConnection().cheloha1-41/+25
We need to then remove the shadow i from the GET block. While there, move retval's declaration to the beginning of the function. As doConnection() now executes the body of the benchmark's test, rename it to "run_test". Shadow variable spotted by tb@. ok tb@
2018-08-21typo in argument type, from Mario dot Andres dot Campos at gmail dot comschwarze1-3/+3
2018-08-20add two missing \ntb1-3/+3
2018-08-20Test EVP_AEAD_CTX_open() at the same time as EVP_AEAD_CTX_seal()tb1-5/+23
Suggested by jsing
2018-08-20remove two redundant teststb1-10/+1
2018-08-20Use sealed instead of out in a couple of places in preparation oftb1-12/+13
testing EVP_AEAD_CTX_open()
2018-08-20Shuffle the decoding of the hex strings to the top and group all lengthtb1-22/+26
tests together. Make failure of the length tests non-fatal, as these are failures of test cases, not of the program.
2018-08-20Run the Wycheproof ChaCha20-Poly1305 test vectors against libcrypto.tb1-1/+141
We currently only support nonces of length 12, so skip a few tests. With input from jsing
2018-08-19Don't leak sktmp in X509_verify_cert().tb1-5/+5
CID #118791 ok jsing mestre
2018-08-19whitespace fixtb1-2/+2
2018-08-19Don't leak db on error in RSA_padding_check_PKCS1_OAEP().tb1-7/+7
CID #183499. input & ok jsing, ok mestre on first version
2018-08-19Don't leak a strdup()'ed string on error in do_accept().tb1-1/+3
CID #154702. input & ok inoguchi, ok mestre on first version
2018-08-19Rename and collapse tls12_get_sigandhash_cbb().jsing4-39/+28
Now that all callers of tls12_get_sigandhash() have been converted to CBB, collapse tls12_get_sigandhash() and tls12_get_sigandhash_cbb() into a single function. Rename it to tls12_gethashandsig() to be representative of the actual order of the sigalgs parameters, and perform some other clean up. ok inoguchi@ tb@
2018-08-19Convert ssl3_send_newsession_ticket() to CBB.jsing1-55/+64
This removes a memorable BUF_MEM_grow() and associated comment. ok inoguchi@ tb@
2018-08-18Plug SSL object leaks in doConnection().cheloha1-32/+22
Move SSL_new/SSL_free up into benchmark() to restrict the responsibility for the SSL object to a single scope. Make doConnection() return an int, openssl-style. Some miscellaneous cleanup, too. Discussed with tb, jsing, and jca. Basic idea from jsing, lots of patch input from tb. ok deraadt on an earlier version ok tb jsing
2018-08-17Convert ssl3_send_client_verify() to CBB.jsing1-43/+50
ok inoguchi@ tb@
2018-08-17spelling;jmc1-2/+2
2018-08-17Make the wording more concise, use the imperative throughout, stateschwarze1-108/+126
more precisely which options require which other options, add many missing incompatibilities, mention the default for -e, and some macro cleanup. OK jmc@ tb@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-28 18:12:44 +0000