summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/rsa/rsa_pmeth.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* rsa_pmeth: unify strcmp return checkstb2025-01-171-12/+10
| | | | ok jsing
* Fix two incorrect strtonum() conversionstb2025-01-171-3/+13
| | | | | | | | | | | | | | | | The atoi() would also accept the magic negative values and old openssl releases would expose these as arguments to -pkeyopt rsa_pss_saltlen:-1 in the openssl pkeyutl "app". While modern openssl switched to having readable alternatives to these, the oseid component of opensc would use the old syntax until yesterday. Still, this is our bug and we need to keep accepting the magic values as such, so do so. Everything below -3 will be rejected by the RSA_ctrl() handler later. Debugged by Doug Engert in https://github.com/OpenSC/OpenSC/issues/3317 ok jsing op
* replace atoi(3) usage with strtonum(3); ok/tweaks tb@op2024-08-261-5/+25
|
* Rework pkey_rsa_keygen()tb2023-12-281-17/+21
| | | | | | | | | As usual, make the function single exit. Initialize the pkey callback pointer and the BN_GENCB on the stack at the top rather than relying on the weird trans_cb() in evp_pkey_set_cb_translate() to do so. Greatly simplify the control flow and add missing error checks. ok jsing
* Hide symbols in rsabeck2023-07-081-2/+1
| | | | ok tb@
* Add back support for RSA_X931_PADDINGtb2023-05-051-53/+101
| | | | | | | This makes the custom stalt stack work again. Tested by robert as part of a larger diff ok jsing
* Wire up truncated SHA-2, SHA-3 and related thingstb2023-04-251-1/+8
| | | | from jsing
* Stop supporting the long-retired X9.31 standardtb2023-04-151-94/+46
| | | | | | | | This isolates the three API functions from the library so they can be easily removed and any attempt to use RSA_X931_PADDING mode will now result in an error. ok jsing
* Fix incorrect RSA_public_decrypt() return checktb2023-03-061-4/+8
| | | | | | | | | | RSA_public_decrypt() returns <= 0 on error. Assigning to a size_t and checking for == 0 is not the right thing to do here. Neither is blindly turning the check into <= 0... Found by Niels Dossche ok jsing
* Make internal header file names consistenttb2022-11-261-4/+4
| | | | | | | | | | | | | | | | Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special. Adjust all .c files in libcrypto, libssl and regress. The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually. discussed with jsing, no objection bcook
* Add #include "bn_lcl.h" to the files that will soon need it.tb2021-12-041-1/+2
| | | | ok inoguchi jsing
* Add CMS controls for RSA.jsing2019-10-311-1/+8
|
* Add support for RSA-PSS.jsing2019-10-311-39/+198
| | | | | | From OpenSSL 1.1.1d. ok inoguchi@
* Move RSA min modulus to a define and increase from 256 to 512 bits.jsing2019-10-311-3/+3
| | | | | | From OpenSSL 1.1.1d. ok inoguchi@
* Fix indent and indent before labels.jsing2019-10-311-5/+5
|
* Use braces where a statement has both multi-line and single-line blocks.jsing2019-10-311-8/+13
| | | | | | Makes code more robust and reduces differences with OpenSSL. ok inoguchi@
* Add additional validation of key size, message digest size and publicjsing2019-10-311-3/+17
| | | | | | | | exponent. From OpenSSL 1.1.1d. ok inoguchi@
* Clean up some code.jsing2019-10-311-11/+13
| | | | | | | Assign and test, explicitly test against NULL and use calloc() rather than malloc. ok inoguchi@
* Avoid potentially leaking pub_exp in pkey_rsa_copy().jsing2019-10-311-4/+4
| | | | ok inoguchi@
* Add two controls that were missed in the previous commit.jsing2019-10-291-1/+13
|
* Update RSA OAEP code.jsing2019-10-291-15/+96
| | | | | | | This syncs the RSA OAEP code with OpenSSL 1.1.1d, correctly handling OAEP padding and providing various OAEP related controls. ok inoguchi@ tb@
* Provide EVP_PKEY_CTX_get_signature_md() macro and implement thejsing2019-09-091-1/+5
| | | | | | | | EVP_PKEY_CTRL_GET_MD control for DSA, EC and RSA. This is used by the upcoming RSA CMS code. ok inoguchi@ tb@
* use timing-safe compares for checking results in signature verificationdjm2018-09-051-2/+2
| | | | | | (there are no known attacks, this is just inexpensive prudence) feedback and ok tb@ jsing@
* Remove RSA_padding_add_SSLv23()/RSA_padding_check_SSLv23() and relatedjsing2017-08-281-3/+1
| | | | | | code. We removed SSLv2/SSLv3 a long time ago... Discussed with doug@
* Send the function codes from the error functions to the bit bucket,beck2017-01-291-20/+13
| | | | | | as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
* unifdef OPENSSL_NO_CMSjsing2016-10-191-24/+1
|
* Remove obsolete MDC-2DES from libcrypto.doug2015-06-201-13/+2
| | | | ok deraadt@ jsing@ miod@
* Guenther has plans for OPENSSL_NO_CMS, so revert this for the moment.beck2015-02-111-1/+24
|
* get rid of OPENSSL_NO_CMS code we do not use.beck2015-02-111-24/+1
| | | | ok miod@
* Only import cryptlib.h in the four source files that actually need it.jsing2014-07-111-4/+6
| | | | | | | | Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes. ok beck@ miod@
* Explicitly include <openssl/opensslconf.h> in every file that referencesjsing2014-07-101-1/+3
| | | | | | | | | an OPENSSL_NO_* define. This avoids relying on something else pulling it in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is never going to do anything, since OPENSSL_NO_XYZ will never defined, due to the fact that opensslconf.h has not been included. This also includes some miscellaneous sorting/tidying of headers.
* Stop including standard headers via cryptlib.h - pull in the headers thatjsing2014-07-101-2/+4
| | | | | | are needed in the source files that actually require them. ok beck@ miod@
* BN_free, BN_clear_free, BN_CTX_free, BN_BLINDING_free and BN_MONT_CTX_freejsing2014-07-101-3/+2
| | | | | | all have implicit NULL checks, so we do not need them here. ok miod@
* More KNF.jsing2014-07-091-20/+22
|
* KNFmiod2014-07-091-229/+197
|
* replace atoi() calls with strtol(). Follow the idiomatic pattern in ourderaadt2014-06-121-13/+32
| | | | | | | | | manual page strictly. Return -2 if the strings are not strict numbers. The numbers remain in the range of "int". Range checking for these parameters is done later in the pkey_*_ctl() functions, or sometimes in functions much further downstream... but not always!!! ok millert miod mikeb
* tags as requested by miod and teduderaadt2014-06-121-1/+1
|
* no need for null check before free. from Brendan MacDonelltedu2014-05-301-2/+1
|
* switch RSA key generation default to 2048 bits (matching ssh); ok miod@sthen2014-05-171-1/+1
|
* Use C99 initializers for the various FOO_METHOD structs. More readable, andmiod2014-04-271-30/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | avoid unreadable/unmaintainable constructs like that: const EVP_PKEY_ASN1_METHOD cmac_asn1_meth = { EVP_PKEY_CMAC, EVP_PKEY_CMAC, 0, "CMAC", "OpenSSL CMAC method", 0,0,0,0, 0,0,0, cmac_size, 0, 0,0,0,0,0,0,0, cmac_key_free, 0, 0,0 }; ok matthew@ deraadt@
* Change library to use intrinsic memory allocation functions instead ofbeck2014-04-171-4/+4
| | | | | | | | OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
* remove FIPS mode support. people who require FIPS can buy something thattedu2014-04-151-76/+0
| | | | | meets their needs, but dumping it in here only penalizes the rest of us. ok beck deraadt
* Import OpenSSL 1.0.1gmiod2014-04-131-0/+2
|
* import OpenSSL-1.0.1cdjm2012-10-131-9/+145
|
* import OpenSSL-1.0.0adjm2010-10-011-0/+587
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-28 07:32:38 +0000