summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Provide DH_check*_ex and many error codestb2022-01-104-4/+102
| | | | | | | | | | | | | | | | | | | | | DH_check{,_pub_key}_ex() wrap their non-ex versions to translate the flags argument of the original functions into OpenSSL errors. For this almost a dozen new error codes need to be added. DH_params_check{,_ex}() is a new version of DH_check that only performs a cheap subset of the checks. They are needed to implement EVP_PKEY_{public,param}_check() (observe the consistent naming) although the actual implementation of EVP_PKEY_param_check() chose to use DH_check_ex(). As far as I can tell, the only raison d'ĂȘtre of the _ex functions and error codes is to spew them to stderr in a couple of openssl(1) commands. This couldn't have been solved differently... These functions will not be exposed publicly. ok inoguchi jsing
* Prepare to provide EVP_PKEY_check()tb2022-01-108-12/+89
| | | | | | | | | | | | | | | | | | This allows checking the validity of an EVP_PKEY. Only RSA and EC keys are supported. If a check function is set the EVP_PKEY_METHOD, it will be used, otherwise the check function on the EVP_PKEY_ASN1_METHOD is used. The default ASN.1 methods wrap RSA_check_key() and EC_KEY_check_key(), respectively. The corresponding setters are EVP_PKEY_{asn1,meth}_set_check(). It is unclear why the PKEY method has no const while the ASN.1 method has const. Requested by tobhe and used by PHP 8.1. Based on OpenSSL commit 2aee35d3 ok inoguchi jsing
* Prevent a double free in EVP_MD_CTX_copy_ex()tb2022-01-101-1/+3
| | | | | | | | NULL out two pointer values after memcpy() to avoid a double free. In the event that both in->pctx and in->md_data are non-NULL and the calloc() of out->md_data fails, a double free could occur. ok inoguchi jsing
* zap trailing whitespacetb2022-01-101-5/+5
|
* Check that the RSA exponent is neither even nor 1 in RSA_check_key()tb2022-01-101-1/+10
| | | | | | Part of OpenSSL commit 464d59a5 ok inoguchi jsing
* Use C99 initializers for test_sha_mdtb2022-01-091-13/+12
| | | | ok inoguchi jsing
* Add an essentially empty comp_local.h and include it where it willtb2022-01-095-4/+22
| | | | | | be needed. discussed with jsing
* Prepare to provide EVP_MD_CTX{,_set}_pkey_ctx()tb2022-01-094-5/+55
| | | | | | | | | | | | | This API with very strange ownership handling is used by Ruby 3.1, unfortunately. For unclear reasons, it was decided that the caller retains ownership of the pctx passed in. EVP_PKEY_CTX aren't refcounted, so a flag was added to make sure that md_ctx->pctx is not freed in EVP_MD_CTX_{cleanup,reset}(). Since EVP_MD_CTX_copy_ex() duplicates the md_ctx->pctx, the flag also needs to be unset on the duplicated EVP_MD_CTX. ok inoguchi jsing
* Prepare to provide OBJ_length() and OBJ_get0_data()tb2022-01-082-2/+28
| | | | | | | | OBJ_length() turns the int obj->length into a size_t, so add an overflow check. While obj->length should never be negative, who knows... ok jsing
* tiny whitespace tweaktb2022-01-081-2/+2
|
* x509_cpols.c will need to include x509_lcl.h soontb2022-01-081-1/+2
|
* Prepare to provide EVP_AEAD_CTX_{new,free}()tb2022-01-072-3/+29
| | | | ok jsing
* A few more files need asn1_locl.h.tb2022-01-073-3/+8
|
* include asn1_locl.h where it will be needed for the bump.tb2022-01-077-7/+19
| | | | discussed with jsing
* Prepare to make RSA and RSA_METHOD opaque by including rsa_locl.htb2022-01-079-9/+19
| | | | | | where it will be needed in the upcoming bump. discussed with jsing
* Add an essentially empty ocsp_local.h and include it in the filestb2022-01-0710-9/+95
| | | | | | that will need it in the upcoming bump. discussed with jsing
* gost needs to look into ecs_locl.htb2022-01-072-2/+4
|
* Prepare the move of DSA_SIG, DSA_METHOD and DSA to dsa_locl.h bytb2022-01-0710-10/+25
| | | | | | including the local header where it will be needed. discussed with jsing
* Add an essentially empty dh_local.h and include it in the files wheretb2022-01-0710-9/+88
| | | | | | it will be needed in the upcoming bump. discussed with jsing
* zap trailing whitespacetb2022-01-071-9/+9
|
* Add a new, mostly empty, bio_local.h and include it in the filestb2022-01-0723-22/+128
| | | | | | that will need it in the upcoming bump. discussed with jsing
* Convert SCT verification to CBB.jsing2022-01-061-56/+57
| | | | ok inoguchi@ tb@
* Sync from libssl.jsing2022-01-062-2/+21
|
* minor tweaks, no code changetb2022-01-061-4/+3
| | | | | Adjust a comment to reality, zap a stray empty line and fix whitespace before comment after #endif
* Prepare to provide DSA_bits()tb2022-01-052-2/+11
| | | | | | Used by Qt5 and Qt6 and slightly reduces the patching in there. ok inoguchi jsing
* Prepare to provide BIO_set_retry_reason()tb2022-01-052-2/+11
| | | | | | Needed by freerdp. ok inoguchi jsing
* Prepare to provide a number of RSA accessorstb2022-01-052-2/+67
| | | | | | | This adds RSA_get0_{n,e,d,p,q,dmp1,dmq1,iqmp,pss_params}() which will be exposed in the upcoming bump. ok inoguchi jsing
* Prepare to provide ECDSA_SIG_get0_{r,s}()tb2022-01-052-2/+19
| | | | ok inoguchi jsing
* Prepare to provide DH_get_length()tb2022-01-052-2/+11
| | | | | | Will be needed by openssl(1) dhparam. ok inoguchi jsing
* Prepare to provide DSA_get0_{p,q,g,{priv,pub}_key}()tb2022-01-052-2/+39
| | | | ok inoguchi jsing
* Prepare to provide DH_get0_{p,q,g,{priv,pub}_key}()tb2022-01-052-2/+39
| | | | | | | | | | | These are accessors that allow getting one specific DH member. They are less error prone than the current getters DH_get0_{pqg,key}(). They are used by many ports and will also be used in base for this reason. Who can remember whether the pub_key or the priv_key goes first in DH_get0_key()? ok inoguchi jsing
* Prepare to provide BIO_set_next().tb2022-01-052-2/+11
| | | | | | This will be needed in libssl and freerdp after the next bump. ok inoguchi jsing
* Prepare to provide X509_{set,get}_verify() and X509_STORE_get_verify_cb()tb2022-01-052-7/+37
| | | | | | | | | as well as the X509_STORE_CTX_verify_cb and X509_STORE_CTX_verify_fn types This will fix the X509_STORE_set_verify_func macro which is currently broken, as pointed out by schwarze. ok inoguchi jsing
* Unindent a few lines of code and avoid shadowed variables.tb2022-01-051-12/+7
|
* Rename {c,p}_{min,max} into {child,parent}_{min,max}tb2022-01-051-7/+8
|
* Two minor KNF tweakstb2022-01-051-5/+5
|
* Use child_aor and parent_aor instead of aorc and aorptb2022-01-051-15/+15
| | | | suggested by jsing
* Rename fp and fc into parent_af and child_af for readability.tb2022-01-051-24/+29
| | | | suggested by jsing
* Globally rename all IPAddressFamily *f into af since this is slightlytb2022-01-051-64/+65
| | | | | | more readable. Repeated complaints by jsing
* Add a helper function to turn unchecked (but sound) use oftb2022-01-051-13/+18
| | | | | | sk_find + sk_value into something easier to follow and swallow. ok inoguchi jsing
* Hoist IPAddressFamily_cmp() to the other IPAddressFamily functions.tb2022-01-051-29/+29
| | | | ok inoguchi jsing
* Call x a cert for readability.tb2022-01-051-13/+13
|
* Now that i is free, rename j to i for use as loop variable intb2022-01-051-10/+10
| | | | various loops in addr_validate_path_internal().
* In addr_validate_path_internal() rename i to depth because that'stb2022-01-051-17/+15
| | | | what it is.
* Turn the validation_err() macro into a functiontb2022-01-051-31/+44
| | | | | | | | | | | | validation_err() is an ugly macro with side effects and a goto in it. At the cost of a few lines of code we can turn this into a function where the side effects are explicit and ret is now explicitly set in the main body of addr_validate_path_internal(). We get to a point where it is halfway possible to reason about the convoluted control flow in this function. ok inoguchi jsing
* Move variable declarations in X509v3_addr_canonize() to the top oftb2022-01-051-17/+19
| | | | | | the function and unindent some code. ok inoguchi jsing
* Remove a bogus memcmp in range_should_be_prefix()tb2022-01-051-3/+6
| | | | | | | | | | | | | | | | | | range_should_be_prefix() currently always fails. The reason for this is that OpenSSL commit 42d7d7dd incorrectly moved a memcmp() out of an assertion. As a consequence, the library emits and accepts incorrectly encoded ipAddrBlock extensions since it will never detect ranges that MUST be encoded as a prefix according to RFC 3779, 2.2.3.7. The return -1 from this memcmp() indicates to the callers that the range should be expressed as a range, so callers must check beforehand that min <= max to be able to fail. Thus, remove this memcmp() and add a check to make_addressRange(), the only caller that didn't already ensure that min <= max. This fixes the noisy output in regress/lib/libcrypto/x509/rfc3779. ok inoguchi jsing
* Polish X509v3_addr_subset() a bittb2022-01-051-15/+28
| | | | | | | | | Use child and parent instead of a and b. Split unrelated checks. Use accessors and assign to local variables to avoid ugly line wrapping. Declare vriables up front instead of mixing declarations with assignments from function returns. ok inoguchi jsing
* Readability tweaks in addr_contains()tb2022-01-051-5/+13
| | | | | | Assign to local variables to avoid ugly line wrapping. ok inoguchi jsing
* Fix a bug in addr_contains() introduced in OpenSSL commit be71c372tb2022-01-051-2/+2
| | | | | | | by returning 0 instead of -1 on extract_min_max() failure. Callers would interpret -1 as success of addr_contains(). ok inoguchi jsing
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-27 13:46:56 +0000