| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
| |
Found with CodeChecker
feedback and ok tb@
|
| |
|
|
|
|
|
| |
This script is not used at all and files are edited by hand instead.
Thus remove misleading comments incl. the obsolete script/config.
Feedback OK jsing tb
|
| |
|
|
|
|
|
| |
These are mostly security-level related, but there are also ASN1_TIME
and ASN_INTEGER functions here, as well as some missing accessors.
ok jsing
|
| |
|
|
| |
pointed out by jsing
|
| |
|
|
|
|
|
| |
This also provides a pkey_security_bits member to the PKEY ASN.1 methods
and a corresponding setter EVP_PKEY_asn1_set_security_bits().
ok beck jsing
|
| |
|
|
| |
ok beck jsing
|
| |
|
|
|
|
|
|
|
| |
This only occurs on very small payloads and tightly allocated buffers
that don't usually occur in practice.
This is OpenSSL f61c6804
ok inoguchi jsing
|
| |
|
|
| |
ok jsing@ millert@ tb@
|
| |
|
|
|
|
| |
CID 24839
ok jsing@ millert@ tb@
|
| |
|
|
|
|
|
| |
Move the struct internals to rsa_locl.h and provide a missing
typedef in ossl_typ.h.
ok inoguchi jsing
|
| |
|
|
|
|
|
|
|
|
| |
This removes NETSCAPE_X509, NETSCAPE{,_ENCRYPTED}_PKEY, RSA_NET,
Netscape_RSA things. Some of the nasty tentacles that could go in
principle are used in some test suites, so we need to keep them...
All this was removed as part of OpenSSL commit 0bc2f365.
ok inoguchi jsing
|
| |
|
|
|
| |
This marks the start of major surgery in libcrypto. Do not attempt to
build the tree for a while (~50 commits).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This allows checking the validity of an EVP_PKEY. Only RSA and EC keys
are supported. If a check function is set the EVP_PKEY_METHOD, it will
be used, otherwise the check function on the EVP_PKEY_ASN1_METHOD is
used. The default ASN.1 methods wrap RSA_check_key() and
EC_KEY_check_key(), respectively.
The corresponding setters are EVP_PKEY_{asn1,meth}_set_check().
It is unclear why the PKEY method has no const while the ASN.1 method
has const.
Requested by tobhe and used by PHP 8.1.
Based on OpenSSL commit 2aee35d3
ok inoguchi jsing
|
| |
|
|
|
|
| |
Part of OpenSSL commit 464d59a5
ok inoguchi jsing
|
| |
|
|
| |
discussed with jsing
|
| |
|
|
|
|
| |
where it will be needed in the upcoming bump.
discussed with jsing
|
| |
|
|
|
|
|
| |
This adds RSA_get0_{n,e,d,p,q,dmp1,dmq1,iqmp,pss_params}() which will
be exposed in the upcoming bump.
ok inoguchi jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
BN_with_flags() preserves the BN_FLG_MALLOCED flag of the destination
which results in a potential use of an uninitialized bit. In practice
this doesn't matter since we don't free the cloned BIGNUMs anyway.
As jsing points out, these are mostly pointless noise and should be
garbage collected. I'll leave that for another rainy day.
Coverity flagged one instance BN_gcd_no_branch(), the rest was found by
the ever so helpful grep(1).
CID 345122
ok jsing
|
| |
|
|
|
|
| |
evp.h will be moved to evp_locl.h in an upcoming bump.
ok inoguchi
|
| |
|
|
| |
ok inoguchi jsing
|
| |
|
|
|
|
|
|
| |
Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and
LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and
fix a couple of unnecessary reacharounds.
ok jsing
|
| | |
|
| |
|
|
|
| |
ok bcook@
ok and "move it down two lines" jsing@
|
| |
|
|
|
|
| |
This fixes openssl(1) rsa -text output format
ok tb@
|
| |
|
|
|
|
| |
Issue spotted by bcook@
ok bcook@ inoguchi@
|
| |
|
|
|
|
| |
works again with the horrific API that is ASN1_bn_print().
Issue spotted by inoguchi@
|
| |
|
|
| |
Prompted by inoguchi@
|
| | |
|
| | |
|
| |
|
|
|
|
| |
From OpenSSL 1.1.1d.
ok tb@
|
| |
|
|
|
|
| |
From OpenSSL 1.1.1d.
ok tb@
|
| |
|
|
|
|
|
|
|
|
| |
Use calloc() instead of malloc() for initialisation and remove explicit
zero initialisation of members. This ensures that new members always get
initialised.
Also use a single error return path, simplifying code.
ok tb@
|
| | |
|
| |
|
|
|
|
| |
From OpenSSL 1.1.1d.
ok inoguchi@
|
| |
|
|
|
|
| |
From OpenSSL 1.1.1d.
ok inoguchi@
|
| | |
|
| |
|
|
|
|
| |
Makes code more robust and reduces differences with OpenSSL.
ok inoguchi@
|
| |
|
|
|
|
|
|
| |
exponent.
From OpenSSL 1.1.1d.
ok inoguchi@
|
| |
|
|
|
|
|
| |
Assign and test, explicitly test against NULL and use calloc() rather than
malloc.
ok inoguchi@
|
| |
|
|
| |
ok inoguchi@
|
| | |
|
| |
|
|
|
|
|
| |
This syncs the RSA OAEP code with OpenSSL 1.1.1d, correctly handling OAEP
padding and providing various OAEP related controls.
ok inoguchi@ tb@
|
| |
|
|
| |
ok tb@
|
| |
|
|
|
|
|
|
| |
For now these are internal only.
From OpenSSL 1.1.1d.
ok inoguchi@
|
| |
|
|
|
|
| |
This will be used by upcoming RSA-PSS code.
ok tb@
|
| |
|
|
|
|
|
| |
This will be soon used as an optimisation and reduces the differences
between OpenSSL.
ok tb@
|
| |
|
|
|
|
|
|
|
| |
This is a wrapper around EVP_PKEY_CTX_ctrl() which requires the key to be
either RSA or RSA-PSS.
From OpenSSL 1.1.1d.
ok tb@
|
| |
|
|
|
|
|
|
|
| |
Update RSA_padding_check_PKCS1_OAEP_mgf1() with code from OpenSSL 1.1.1d
(with some improvements/corrections to comments).
This brings in code to make the padding check constant time.
ok inoguchi@ tb@
|
| |
|
|
|
|
| |
conditionals, now that this code handles arbitrary message digests.
ok inoguchi@ tb@
|
