summaryrefslogtreecommitdiff
path: root/src/lib (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Use ints for boolean values.jsing2022-06-251-31/+31
| | | | | | | Switch to using ints for boolean values and use 0 or 1 for constructed, rather than using 0 the ASN.1 tag encoded value (1 << 5). ok tb@
* Reuse ASN1_INTEGER functions for ASN1_ENUMERATED_{get,set}()jsing2022-06-252-56/+59
| | | | | | | Instead of having a separate get/set implementation, reuse the ASN1_INTEGER code. Also prepare to provide ASN1_ENUMERATED_{get,set}_int64(). ok beck@ tb@
* Rewrite ASN1_INTEGER_{get,set}() using CBS/CBBjsing2022-06-254-65/+197
| | | | | | In the process, prepare to provide ASN1_INTEGER_{get,set}_{u,}int64(). ok beck@ tb@
* Simplify ASN1_INTEGER_cmp()jsing2022-06-251-16/+9
| | | | ok beck@ tb@
* Error out on negative shifts in BN_{r,l}shift()tb2022-06-221-1/+13
| | | | | | | | | | Without these checks in both functions nw = n / BN_BITS2 will be negative and this leads to out-of-bounds accesses via negative array indices and memset with a negative size. Pointed out by cheloha ok jsing
* Tweak a commenttb2022-06-201-2/+2
|
* Flip roles of lowercase and uppercase A and B.tb2022-06-201-44/+44
| | | | | | | This matches Cohen's text better and makes the entire thing easier to read. suggested by jsing
* Clean up BN_kronecker()tb2022-06-201-73/+88
| | | | | | | | | | Instead of "Cohen's step N" explain in words what is being done. Things such as (A & B & 2) != 0 being equivalent to (-1)^((A-1)(B-1)/4) being negative are not entirely obvious... Remove the strange error dance and adjust variable names to what Cohen's book uses. Simplify various curly bits. ok jsing
* Fix some bizarre indentation and line breaks.tb2022-06-201-8/+7
|
* Fix prime recognition when doing trial divisionstb2022-06-181-2/+2
| | | | | | | | | If gcd(a, primes[i]) == 0 then a could still be a prime, namely in the case that a == primes[i], so check for that case as well. Problem noted by Martin Grenouilloux ok jsing
* Change the loop index from an unsigned int to size_t now that alltb2022-06-071-2/+2
| | | | | | upper bounds are known to be size_t. ok jsing
* Simplify another CBS_write_bytes() call in d2i_SSL_SESSION()tb2022-06-071-5/+2
| | | | ok jsing
* Switch sid_ctx_length in SSL, SSL_CTX and SSL_SESSION to a size_ttb2022-06-071-4/+4
| | | | ok jsing
* Use CBS_write_bytes() instead of manual unpacking of a CBS and assigningtb2022-06-071-3/+5
| | | | | | | length and using memcpy(). This also provides a missing overflow check (which is done by the only caller, however). ok jsing
* Simplify various CBS_write_bytes() callstb2022-06-073-13/+7
| | | | | | | Now that session_id_length is a size_t, we can pass it directly to CBS_write_bytes() instead of using a temporary variable. ok jsing
* Switch SSL_SESSION's session_id_length to a size_ttb2022-06-071-2/+2
| | | | ok jsing
* Add missing error check call in ssl3_get_new_session_ticket()tb2022-06-071-4/+9
| | | | | | | EVP_Digest() can fail, so handle failure appropriately and prepare switch of session_id_length to a size_t. ok jsing
* Another small readability tweak: compare explicitly against 0 and NULL,tb2022-06-071-4/+3
| | | | | | respectively ok jsing
* Tweak readability of a test: compare tmp explicitly against 0 and droptb2022-06-071-2/+2
| | | | | | redundant parentheses. ok jsing
* Add a cast to SSL_SESSION_get_id() to indicate that session_id_lengthtb2022-06-071-2/+2
| | | | | | | is deliberately reduced to an unsigned int. Since the session_id is at most 32 bytes, this is not a concern. ok jsing
* fix indenttb2022-06-071-2/+2
|
* Unindent and simplify remove_session_lock()tb2022-06-071-21/+22
| | | | ok jsing (who informs me he had the same diff in his jungle)
* Drop an unnecessary casttb2022-06-071-2/+2
| | | | ok jsing
* Simplify CBS_write_bytes() invocationtb2022-06-071-5/+2
| | | | | | | Now that master_key_length is a size_t, we no longer have to fiddle with data_len. We can rather pass a pointer to it to CBS_write_bytes(). ok jsing
* The master_key_length can no longer be < 0tb2022-06-071-2/+2
| | | | ok jsing
* Switch the SSL_SESSION's master_key_length to a size_ttb2022-06-071-2/+2
| | | | ok jsing
* Add error checking to tls_session_secret_cb() callstb2022-06-072-32/+49
| | | | | | | | | | | Failure of this undocumented callback was previously silently ignored. Follow OpenSSL's behavior and throw an internal error (for lack of a better choice) if the callback failed or if it set the master_key_length to a negative number. Unindent the success path and clean up some strange idioms. ok jsing
* Use SSL3_CK_VALUE_MASK instead of hardcoded 0xffff and remove sometb2022-06-062-12/+6
| | | | | | SSLv2 remnants. ok jsing
* Tweak comment describing the SSL_SESSION ASN.1tb2022-06-061-4/+5
| | | | ok jsing
* Minor style cleanup in ssl_txt.ctb2022-06-061-23/+41
| | | | | | | Wrap long lines and fix a bug where the wrong struct member was checked for NULL. ok jsing
* Fix comment + spacing.tb2022-06-061-2/+2
| | | | | Apparently 60 * 5 + 4 seconds is 5 minutes. Presumably this is the case with sufficiently potent crack, which would explain a few things in here.
* Remove incorrect and ungrammattical commenttb2022-06-061-3/+2
| | | | | The fallback to SHA-1 if SHA-256 is disabled fell victim to tedu many moons ago when this file was still called s3_clnt.c and had no RCS ID.
* Fix spaces before tabstb2022-06-061-12/+12
|
* The parse stubs need to skip over the extension data.tb2022-06-041-3/+3
| | | | | | Found by anton with tlsfuzzer ok anton
* Tweak a comment using review feedback from jsingtb2022-06-041-4/+4
|
* Add stubbed out handlers for the pre_shared_key extensiontb2022-06-032-2/+65
| | | | ok jsing
* Implement handlers for the psk_key_exchange_modes extensions.tb2022-06-032-3/+96
| | | | ok jsing
* Add a use_psk_dhe_ke flag to the TLSv1.3 handshake structtb2022-06-031-1/+4
| | | | | | | This will be used to indicate client side support for DHE key establishment. ok jsing
* Ensure that a client who sent a PSK extension has also sent a PSKtb2022-06-031-4/+9
| | | | | | key exchange mode extension, as required by RFC 8446, 4.2.9. ok jsing
* Provide #defines for the two currently registered PskKeyExchangeModes.tb2022-06-031-1/+12
| | | | ok jsing
* Remove an unnecessary XXX comment. The suggested check is part oftb2022-05-251-5/+1
| | | | extract_min_max().
* Clean up ASN1_item_sign_ctx() a littletb2022-05-241-25/+38
| | | | | | | | | | | | | Instead of inl, outl, and outll, use in_len, out_len, and buf_out_len. Use the appropriate types for them. Check return values properly, check for overflow. Remove some unnecessary casts and add some for readability. Use asn1_abs_set_unused_bits() instead of inlining it. This removes the last direct consumer of ASN1_STRING_FLAG_BITS_LEFT outside of asn1/a_bitstr.c. The flag is still mentioned in x509/x509_addr.c but that will hopefully go away soon. tweaks/ok jsing
* Simplify ec_asn1_group2curve()tb2022-05-241-18/+21
| | | | | | | | Don't try to reuse curve->seed to avoid an allocation. Free it unconditionally and copy over the group->seed if it's available. Use asn1_abs_set_unused_bits() instead of inlining it. ok jsing
* Straightforward conversion of ecdh_cms_encrypt() totb2022-05-241-3/+3
| | | | | | asn1_abs_set_unused_bits() ok jsing
* Rewrite X509_PUBKEY_set0_param() to use asn1_abs_set_unused_bits()tb2022-05-241-10/+8
| | | | | | | This streamlines the logic and uses ASN1_STRING_set0() and asn1_abs_set_unused_bits() instead of inlining them. ok jsing
* Use asn1_abs_set_unused_bits() in asn1_str2type()tb2022-05-241-5/+6
| | | | ok jsing
* Remove some unhelpful comments and spell NULL correctly.jsing2022-05-211-10/+4
|
* Factor out ASN1_ITYPE_EXTERN handling.jsing2022-05-211-15/+32
| | | | | | | Factor out the ef->asn1_ex_d2i() callback handling - this allows us to pull out all of the related variables into a self-contained function. ok tb@
* Use 'at' for ASN1_TEMPLATE variable names rather than 'tt'.jsing2022-05-211-52/+58
| | | | | | | | | Also use array indexes for it->templates, rather than trying to be extra clever in for loops (suggested by tb@ during a review). No functional change. ok tb@
* Remove _ex_ from all of the internal function names.jsing2022-05-211-35/+35
| | | | | | | | | It no longer makes sense to have "extended" versions of functions internally. No functional change. ok tb@