summaryrefslogtreecommitdiff
path: root/src/lib/libssl/src/crypto/rsa (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Remove the libssl/src directorybeck2016-09-0321-5926/+0
|
* call BN_init on temporaries to avoid use-before-set warningsbcook2016-07-072-2/+12
| | | | ok beck@
* Remove flags for disabling constant-time operations.bcook2016-06-304-129/+70
| | | | | | | | This removes support for DSA_FLAG_NO_EXP_CONSTTIME, DH_FLAG_NO_EXP_CONSTTIME, and RSA_FLAG_NO_CONSTTIME flags, making all of these operations unconditionally constant-time. Based on the original patch by César Pereid. ok beck@
* Fix for OpenSSL CVE-2015-3194beck2015-12-031-2/+2
| | | | ok krw@
* Replace M_ASN1_OCTET_STRING_(free|new) with ASN1_OCTET_STRING_(free|new).jsing2015-09-301-2/+2
|
* Correct spelling of OPENSSL_cleanse.jsing2015-09-103-11/+12
| | | | ok miod@
* Drop stupid (int) casts for the arguments of malloc() and friends. This ismiod2015-07-192-6/+6
| | | | | not 16-bit MS-DOS anymore. ok bcook@ tedu@
* Replace remaining CRYPTO_memcmp() calls with timingsafe_memcmp().jsing2015-06-201-2/+2
| | | | ok doug@ deraadt@
* Remove obsolete MDC-2DES from libcrypto.doug2015-06-202-29/+3
| | | | ok deraadt@ jsing@ miod@
* Fix bad indenting in LibreSSL.doug2015-06-131-2/+2
| | | | | | | | | jsg@ noticed that some of the lines in libssl and libcrypto are not indented properly. At a quick glance, it looks like it has a different control flow than it really does. I checked the history in our tree and in OpenSSL to make sure these were simple mistakes. ok miod@ jsing@
* Regenmiod2015-02-151-52/+59
|
* Check for allocation error in RSA_eay_mod_exp(). Coverity CID 25217.miod2015-02-142-2/+7
| | | | ok jsing@
* Expand ASN1_CHOICE*, ASN1_SEQUENCE* and associated macros, making thejsing2015-02-141-25/+161
| | | | | | | | | data structures visible and easier to review, without having to wade through layers and layers of asn1t.h macros. Change has been scripted and there is no change to the generated assembly. Discussed with beck@ miod@ tedu@
* Guenther has plans for OPENSSL_NO_CMS, so revert this for the moment.beck2015-02-112-2/+39
|
* get rid of OPENSSL_NO_CMS code we do not use.beck2015-02-112-39/+2
| | | | ok miod@
* Enable building with -DOPENSSL_NO_DEPRECATED.doug2015-02-112-2/+4
| | | | | | | | | | | | | | | If you didn't enable deprecated code, there were missing err.h and bn.h includes. This commit allows building with or without deprecated code. This was not derived from an OpenSSL commit. However, they recently enabled OPENSSL_NO_DEPRECATED in git and fixed these header problems in a different way. Verified with clang that this only changes line numbers in the generated asm. ok miod@
* Expand the -IMPLEMENT_ASN1_ENCODE_FUNCTIONS_(const_)?fname macros so thatjsing2015-02-101-3/+27
| | | | | | | | the code is visible and functions can be readily located. Change has been scripted and there is no change to the generated assembly. Discussed with beck@ miod@ tedu@
* Expand the IMPLEMENT_ASN1_FUNCTIONS macro so that the code is visible andjsing2015-02-091-2/+26
| | | | | | | | functions can be readily located. Change has been scripted and there is no change to the generated assembly. Discussed with beck@ miod@ tedu@
* BN_CTX_get() can fail - consistently check its return value.jsing2015-02-093-14/+17
| | | | | | | | | | | | | | | There are currently cases where the return from each call is checked, the return from only the last call is checked and cases where it is not checked at all (including code in bn, ec and engine). Checking the last return value is valid as once the function fails it will continue to return NULL. However, in order to be consistent check each call with the same idiom. This makes it easy to verify. Note there are still a handful of cases that do not follow the idiom - these will be handled separately. ok beck@ doug@
* Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes().jsing2014-10-224-24/+16
| | | | | | | | arc4random_buf() is guaranteed to always succeed - it is worth noting that a number of the replaced function calls were already missing return value checks. ok deraadt@
* None of these need to include <openssl/rand.h>jsing2014-10-185-10/+5
|
* Make sure all error conditions in RSA_padding_add_PKCS1_PSS_mgf1() causemiod2014-07-131-3/+4
| | | | EVP_MD_CTX_cleanup() to be called.
* if (x) FOO_free(x) -> FOO_free(x).miod2014-07-122-5/+4
| | | | | | | Improves readability, keeps the code smaller so that it is warmer in your cache. review & ok deraadt@
* In RSA_eay_private_encrypt(), correctly return the smaller BN; OpenSSLmiod2014-07-111-2/+2
| | | | PR #3418 via OpenSSL trunk
* Remove duplicate 0x for salt len in output; Martin Kaiser via OpenSSL trunk.miod2014-07-111-2/+2
|
* Only import cryptlib.h in the four source files that actually need it.jsing2014-07-1117-53/+60
| | | | | | | | Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes. ok beck@ miod@
* Explicitly include <openssl/opensslconf.h> in every file that referencesjsing2014-07-109-9/+33
| | | | | | | | | an OPENSSL_NO_* define. This avoids relying on something else pulling it in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is never going to do anything, since OPENSSL_NO_XYZ will never defined, due to the fact that opensslconf.h has not been included. This also includes some miscellaneous sorting/tidying of headers.
* Stop including standard headers via cryptlib.h - pull in the headers thatjsing2014-07-109-11/+28
| | | | | | are needed in the source files that actually require them. ok beck@ miod@
* RSA_setup_blinding() gets a BN with BN_CTX_get(), returns `out of memory'miod2014-07-101-6/+1
| | | | | | | | if it fails, then never uses it anymore, and may invoke a function which needs more than one BN from the BN_CTX anyway, so this is pointless - remove the BN_CTX_get() call and the test. ok jsing
* Tweak some comments. We do not really need to know that "New!" flags werejsing2014-07-101-9/+8
| | | | added 10+ years ago (they're kinda somewhat stale by now...)
* Stop playing with the RSA_FLAG_BLINDING flag. It does nothing.jsing2014-07-101-3/+1
| | | | ok miod@
* delete some casts. ok miodtedu2014-07-105-15/+15
|
* Remove RSA_FLAG_NO_EXP_CONSTTIME, which was deprecated 12+ years ago.jsing2014-07-101-13/+1
| | | | | | sthen@ confirmed that no ports are referencing it. ok miod@.
* BN_free, BN_clear_free, BN_CTX_free, BN_BLINDING_free and BN_MONT_CTX_freejsing2014-07-106-55/+32
| | | | | | all have implicit NULL checks, so we do not need them here. ok miod@
* Use a while loop instead of an ifdowhile loop.jsing2014-07-102-12/+10
| | | | ok miod@ tedu@
* ASN1_STRING_free can handle NULL, so callers don't need to check. ok miodtedu2014-07-091-3/+2
|
* Make comments readable.jsing2014-07-091-27/+33
|
* More KNF.jsing2014-07-0919-322/+331
|
* KNF.jsing2014-07-092-123/+108
|
* Unifdef -UPKCS_TESTVECT - we don't want the random data used in OAEP paddingmiod2014-07-091-6/+1
| | | | to get overwritten by a known value, ever.
* remove unused, private version strings except SSL_version_strbcook2014-07-091-3/+1
| | | | | | Also remove unused des_ver.h, which exports some of these strings, but is not installed. ok miod@ tedu@
* Be more strict in RSA_padding_check_X931(), and thus avoid a possiblemiod2014-07-091-2/+2
| | | | | memcpy() with a negative size. ok tedu@
* In the old days (not in this century), SSLeay 0.4.5 would create X.509 RSAmiod2014-07-091-14/+3
| | | | | | | | | signatures using the wrong oid for the signature type. The signature verification code has thus been modified to allow these signatures to be accepted, with a printf to stderr to notify the user something was fishy. Remove this chunk; these signatures will no longer get accepted. ok deraadt@ guenther@ jsing@ tedu@
* Remove RSA_memory_lock(). This undocumented function sort-of serializes yourmiod2014-07-092-51/+2
| | | | | | | | | | RSA components to memory and clears them, but there is no unserializing function, so its usefulness is close to zero. A grep through the ports tree sources show that it is only present in ports embedding their own openssl copy, and never used otherwise. ok jsing@
* RSA_NULL used to be a compile option allowing the RSA interfaces to bemiod2014-07-094-176/+4
| | | | | | | | compiled-in, with nonfunctional code, to be able to cope with the RSA patent. However, we don't use this option, and the RSA patent has expired more than 10 years ago, so just drop this piece.
* KNFmiod2014-07-0919-1967/+1959
|
* replace atoi() calls with strtol(). Follow the idiomatic pattern in ourderaadt2014-06-121-13/+32
| | | | | | | | | manual page strictly. Return -2 if the strings are not strict numbers. The numbers remain in the range of "int". Range checking for these parameters is done later in the pkey_*_ctl() functions, or sometimes in functions much further downstream... but not always!!! ok millert miod mikeb
* tags as requested by miod and teduderaadt2014-06-1222-21/+22
|
* c-file-style hints, begone; ok beckderaadt2014-06-111-1/+1
|
* malloc() result does not need a cast.deraadt2014-06-074-6/+6
| | | | ok miod
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 19:07:57 +0000