| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
No intended functional change.
|
| |
|
|
| |
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
| |
ok jsing
|
| | |
|
| |
|
|
| |
ok tb@
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
| |
Like everything else in this file, the use of BN_copy() needs to be ...
special. Simplify using the new bn_copy().
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
| |
The only reason to use HASH_BLOCK_DATA_ORDER in the implementation is to
make the code harder to read.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Nothing other than sha1dst.c uses this header - pull it in to sha1dgst.c
directly (sha_local.h will be removed at a later date).
|
| |
|
|
|
|
|
|
| |
This removes a potential branch in a sensitive function and makes the
code a lot simpler. It is a really bad idea optimize here for what
davidben aptly calls "calculator" purposes.
ok jsing
|
| |
|
|
|
|
|
|
|
|
| |
Negative bases could result in a negative modulus being returned. This is
not strictly speaking incorrect but slightly surprising. This is all a
consequence of the shortcut of defining BN_mod() as a macro using BN_div().
Fixes ossfuzz #55997
ok jsing
|
| | |
|
| |
|
|
| |
No change to generated assembly.
|
| | |
|
| | |
|
| |
|
|
| |
No change in generated assembly.
|
| | |
|
| | |
|
| |
|
|
|
| |
Use a style more resembling KNF and drop lots of parentheses. Simplify
a few things. No change in generated output on success.
|
| |
|
|
| |
commented-out license stub in a HERE document.
|
| | |
|
| |
|
|
|
| |
script is run. This is more of an issue with uint16_t now than it
was with prime_t aka BN_ULONG before r1.6.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
This is needed for many reasons. It is currently pulled in via x509.h
but only when OPENSSL_NO_DEPRECATED is undefined. Again this should be
fixed in the public header as well.
|
| |
|
|
|
|
| |
This is currently pulled in via dsa.h and ecdsa.h, but only when
OPENSSL_NO_DEPRECATED is not defined. We should fix this in the
public header, too - let's wait a bit with that.
|
| |
|
|
| |
ok tb@
|
| | |
|
| |
|
|
|
|
| |
manpage
with and OK tb@
|
| | |
|
| |
|
|
|
|
|
|
| |
This is essentially the original text with a few tweaks and fixes by me,
removing parts inapplicable to LibreSSL. There are dangling references to
EVP_CIPHER_CTX_copy(3) and EVP_CIPHER_CTX_get_cipher_data(3). This all
isn't great, but it's better than nothing. Probably good enough for these
rarely used functions.
|
| |
|
|
| |
OK tb@
|
| | |
|
| |
|
|
|
|
|
|
|
| |
This is required behavior of the EVP_DigestSign() API, but seemingly
almost nothing uses this. Well, turns out ldns does.
Reported by Stephane. Helpful comments by sthen.
ok jsing
|
| |
|
|
|
|
| |
There's some method to this madness.
ok jsing
|
| |
|
|
|
|
|
| |
pull the setting of the ex_arg up, so we can do error
checking.
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
|
|
|
| |
At least SMIME_text() relies on this. Pushing an error on the stack trips
PKCS7 regress in py-cryptography, so indicate nothing was written instead
of throwing an error.
Reported by Alex Gaynor a while back
ok jsing
|
| |
|
|
|
|
|
|
|
|
| |
A negative input to BN_mod_exp_mont_consttime() is not correctly reduced,
remaining negative (when it should be in the range [0, m)). Fix this by
unconditionally calling BN_nnmod() on the input.
Fixes ossfuzz #55997.
ok tb@
|
| |
|
|
|
|
|
|
|
|
| |
BIO_new_NDEF() sets up an ASN.1 BIO to the output chain and then adds even
more BIOs. Since BIO_push(bio, new_tail) returns bio on success, after the
if ((out = BIO_push(asn_bio, out)) != NULL) the 'out' BIO and the 'asn_bio'
are the same. The code then goes on and uses one or the other. This is very
confusing. Simply stop using out once it's appended to asn_bio.
ok jsing
|
| |
|
|
|
|
| |
Add and fix FALLTHROUGH statement. I was confused for way too long since
I hadn't noticed that this case fell through to the next. Also add and
move some empty lines in the cms_cb() to make this resemble KNF more.
|
