| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
| |
Instead of inlining EC_GROUP_get_curve(), we can simply call it...
ok jsing
|
| |
|
|
|
|
|
|
|
| |
This is a helper that decodes a scalar from field-internal representation
to a representation as a BIGNUM in the interval [0, p). This simplifies
EC_GROUP_get_curve() and EC_POINT_get_Jprojective_coordinates() to a few
obvious lines and prepares cleanup in EC_POINT_get_affine_coordinates().
ok jsing
|
| | |
|
| |
|
|
|
|
|
|
| |
OPENSSL_cpuid_setup() is invoked via OPENSSL_init_crypto(), whihc is
triggered by various entry points to the library. As such, we do not need
to invoke it as a constructor.
ok tb@
|
| | |
|
| | |
|
| |
|
|
| |
ok miod
|
| |
|
|
|
|
|
| |
This API can fail for various reasons, in which case it returns -1, so
you need to check if (EC_POINT_is_on_curve_checks(...) <= 0).
ok miod
|
| |
|
|
|
|
| |
Or in the flag, don't overwrite the already set ones.
ok jsing
|
| |
|
|
|
|
|
|
|
|
| |
OPENSSL_cpuid_setup() used to need to be called from
OPENSSL_add_all_algorithms(), as that was the main entry point. These days
we do on demand initialisation and there are various paths that lead to
OPENSSL_init_crypto() being called, which in turn calls
OPENSSL_cpuid_setup().
ok tb@
|
| |
|
|
|
|
| |
This does not cause an issue currently, however if called differently to
their current usage, it can lead to an input being overwritten and
incorrect results being generated.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Instead of having two unreadable tables placed in a header generated by a
janky perl script from an ugly text file, use a single table inlined in
the C file. This table is used to translate between signature algorithm
OIDs and pairs of OIDs of a message digest and a cipher. The table has
fewer than fifty entries and isn't used in a hot path. Using binary search
is overkill. Just do two linear searches, one for each translation. None
of the original code remains apart from the API.
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
|
|
|
| |
These functions will be removed in the upcoming bump. Nothing uses them,
so it won't hurt if they become noops. This allows us to garbage collect
the sig_app and sigx_app stacks and make a first step towards simplifying
the OBJ_bsearch_() dances. Also sprinkle some const correctness... because
we can.
intermediate step towards a diff that is ok jsing
|
| |
|
|
|
|
|
|
| |
This is essentially a reimplementation of ASN1_buf_print(). The latter was
only added for these printing purposes and it will be removed again since
nothing uses it. We can then simply remove t_pkey.c in the upcoming bump.
ok jsing
|
| |
|
|
| |
variant of a suggestion by jsing
|
| |
|
|
|
|
|
| |
This does not need tls1.h (upstream used TLSEXT constants we don't have)
nor does it need evp.h. But it does need asn1.h, objects.h for STACK_OF
and NID_*, among other things and it also uses uint64_t and allocates,
so it needs stdint.h and stdlib.h.
|
| | |
|
| | |
|
| |
|
|
| |
discussed with jsing
|
| |
|
|
| |
openssl.cnf.5 will need a major overhaul. But that isn't new...
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit adds a few symbols under OPENSSL_NO_ENGINE. They will be used
after the main ENGINE code is disabled in the next bump.
The ecosystem is mostly prepared for dealing with a libcrypto compiled
with OPENSSL_NO_ENGINE. There are a few stragglers like M2Crypto, dovecot
and the latest apr-util release (fixed in their development branch).
To avoid intrusive patching in these ports, we need to keep a bunch of
ENGINE symbols around despite adding OPENSSL_NO_ENGINE. This of course
meant patching some other ports, but that was way easier.
ok jsing
|
| | |
|
| |
|
|
|
| |
These will be made internal and will likely go away. The OBJ_add_sigid.3
manual should probably be renamed; this can be done in a second step.
|
| |
|
|
| |
This function will be made internal-only and likely be renamed/rewritten.
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
ENGINE_get_default_{ECDH,ECDSA} will go away and won't come back. Replace
their documentation with the missing ENGINE_get_defaulT_EC. In the unlikely
event that we will need to bring back ENGINE after the next bump, this
manual will not be outdated and incomplete.
|
| |
|
|
|
|
|
| |
ENGINE_{get,set}_{ECDH,ECDSA} will go away and won't come back. Replace
their documentation with the missing ENGINE_{get,set}_EC. In the unlikely
event that we will need to bring back ENGINE after the next bump, this
manual will not be outdated and incomplete.
|
| |
|
|
| |
discussed with jsing
|
| |
|
|
|
| |
This way we will have a manual corresponding to an existing function after
the next bump.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
It is currently possible to extend libcrypto by having it load a shared
object via dlopen() either from a config file on library initialization
or when an application calls the relevant API. Recent and not so recent
events showed how dangerous an idea dlopen() is. Independently of such
concerns, this should not be handled in the characteristically convoluted
way of this toolkit. DSO will go away in the upcoming bump. This commit
clears the road for a plain cvs rm of the dso code.
ok jsing
|
| | |
|
| |
|
|
|
|
| |
Their BN_get_rfc*_prime_* aliases from the OpenSSL 1.1 API will remain.
Perhaps the manual should be moved to BN_get_rfc3526_prime_8192.3; that
can be done in a second step.
|
| |
|
|
|
| |
These very poorly designed interfaces will go away, so stop documenting
them.
|
| |
|
|
|
|
|
|
|
|
|
| |
We refuse to generate RSA keys larger than 16k and DH keys larger than 10k.
Primality checking with adversarial input is a DoS vector, so simply don't
do this. Introduce a cap of 32k for numbers we try to test for primality,
which should be more than large enough for use withing a non-toolkit crypto
library. This is one way of mitigating the DH_check()/EVP_PKEY_param_check()
issue.
ok jsing miod
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
| |
MD32_XARRAY was added as a workaround for a broken HP C compiler (circa
1999). Clean it up to simplify the code.
No change in generated assembly.
|
| |
|
|
|
|
|
| |
MD32_XARRAY was added as a workaround for a broken HP C compiler (circa
1999). Clean it up to simplify the code.
No change in generated assembly.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Oh, joy! The muppets had a feast: they could combine the horrors of EVP
with X.509... Return values between -1 and 3 indicating how much work
needs to be done, depending on whether methods are present or absent.
Needless to say that RSA and EdDSA had inconsistent return values until
recently.
Instead of interleaving if/else branches, split out two helper functions
that do essentially independent things, which results in something that
isn't entirely bad. Well, at least not compared to the surrounding code.
asn1_item_set_algorithm_identifiers() extracts the signature algorithm
from the digest and pkey if known, and sets it on the two X509_ALGOR that
may or may not have been passed in.
asn1_item_sign() converts data into der and signs.
Of course there were also a few leaks and missing error checks.
ok jsing
|
| |
|
|
| |
This snuck in with ech_key.c r1.33 because I committed from a dirty tree.
|
| |
|
|
|
|
|
|
|
|
|
| |
F5 is well-known for needing workaround (go read RFC 8446). In this
particular case, it required implementation sending CHs larger than
255 bytes to 0x0300 otherwise their server would hang. This is the
same hang that required the CH padding extension which broke other
implementations. The CH padding extension was removed ~6 years ago,
so hopefully this kludge will no longer needed either.
ok jsing
|
| | |
|
| |
|
|
|
|
|
|
|
| |
The get_rfc*_prime_* functions will be removed. The constants will remain
for the BN_get_rfc*_prime_* functions. Make the latter call BN_bin2bn()
directly on these constants rather than going through get_*. This avoids
some overlong lines. Also KNF for some comments.
Reduces the diff I currently carry by quite a bit.
|
