| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
ENGINE_{get,set}_{ECDH,ECDSA} will go away and won't come back. Replace
their documentation with the missing ENGINE_{get,set}_EC. In the unlikely
event that we will need to bring back ENGINE after the next bump, this
manual will not be outdated and incomplete.
|
| |
|
|
| |
discussed with jsing
|
| |
|
|
|
| |
This way we will have a manual corresponding to an existing function after
the next bump.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
It is currently possible to extend libcrypto by having it load a shared
object via dlopen() either from a config file on library initialization
or when an application calls the relevant API. Recent and not so recent
events showed how dangerous an idea dlopen() is. Independently of such
concerns, this should not be handled in the characteristically convoluted
way of this toolkit. DSO will go away in the upcoming bump. This commit
clears the road for a plain cvs rm of the dso code.
ok jsing
|
| | |
|
| |
|
|
|
|
| |
Their BN_get_rfc*_prime_* aliases from the OpenSSL 1.1 API will remain.
Perhaps the manual should be moved to BN_get_rfc3526_prime_8192.3; that
can be done in a second step.
|
| |
|
|
|
| |
These very poorly designed interfaces will go away, so stop documenting
them.
|
| |
|
|
|
|
|
|
|
|
|
| |
We refuse to generate RSA keys larger than 16k and DH keys larger than 10k.
Primality checking with adversarial input is a DoS vector, so simply don't
do this. Introduce a cap of 32k for numbers we try to test for primality,
which should be more than large enough for use withing a non-toolkit crypto
library. This is one way of mitigating the DH_check()/EVP_PKEY_param_check()
issue.
ok jsing miod
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
| |
MD32_XARRAY was added as a workaround for a broken HP C compiler (circa
1999). Clean it up to simplify the code.
No change in generated assembly.
|
| |
|
|
|
|
|
| |
MD32_XARRAY was added as a workaround for a broken HP C compiler (circa
1999). Clean it up to simplify the code.
No change in generated assembly.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Oh, joy! The muppets had a feast: they could combine the horrors of EVP
with X.509... Return values between -1 and 3 indicating how much work
needs to be done, depending on whether methods are present or absent.
Needless to say that RSA and EdDSA had inconsistent return values until
recently.
Instead of interleaving if/else branches, split out two helper functions
that do essentially independent things, which results in something that
isn't entirely bad. Well, at least not compared to the surrounding code.
asn1_item_set_algorithm_identifiers() extracts the signature algorithm
from the digest and pkey if known, and sets it on the two X509_ALGOR that
may or may not have been passed in.
asn1_item_sign() converts data into der and signs.
Of course there were also a few leaks and missing error checks.
ok jsing
|
| |
|
|
| |
This snuck in with ech_key.c r1.33 because I committed from a dirty tree.
|
| |
|
|
|
|
|
|
|
|
|
| |
F5 is well-known for needing workaround (go read RFC 8446). In this
particular case, it required implementation sending CHs larger than
255 bytes to 0x0300 otherwise their server would hang. This is the
same hang that required the CH padding extension which broke other
implementations. The CH padding extension was removed ~6 years ago,
so hopefully this kludge will no longer needed either.
ok jsing
|
| | |
|
| |
|
|
|
|
|
|
|
| |
The get_rfc*_prime_* functions will be removed. The constants will remain
for the BN_get_rfc*_prime_* functions. Make the latter call BN_bin2bn()
directly on these constants rather than going through get_*. This avoids
some overlong lines. Also KNF for some comments.
Reduces the diff I currently carry by quite a bit.
|
| |
|
|
| |
ok beck jsing millert
|
| | |
|
| |
|
|
|
|
|
|
|
| |
These functions inline a poor version of asn1_item_flags_i2d() without
error checks. This can be replaced with a single correct call to
ASN1_item_ndef_i2d(). Mechanically adding malloc checks and checks for
negative did not really improve things all that much in a related project.
ok beck jsing
|
| |
|
|
|
|
|
|
| |
These can now use the internal version of BN_bn2hex() and be direct
wrappers of BIO_printf() and fprintf() as they should have been all
along.
ok jsing
|
| |
|
|
|
|
|
| |
We no longer need to do weird things as taking the length of the hex
string and jumping over a sign we didn't need.
ok jsing
|
| |
|
|
|
|
|
|
|
| |
Various outputting functions are variants of BN_bn2hex(). They do not
want a sign or they display the BIGNUM at nibble granularity instead
of byte granularity. So add this functionality to an internal variant
of BN_bn2hex().
with/ok jsing
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
ok tb@ krw@
|
| | |
|
| |
|
|
|
|
|
| |
As usual, this has a lot of room for improvement, but it is better than
nothing at all. It leaves a dangling reference to EVP_MD_CTX_md_data(),
which I leave for schwarze to document. This is a terrible API and the
way it is used in the wild is terrifying.
|
| |
|
|
|
|
| |
With the guentherizer 9000
ok tb@
|
| |
|
|
| |
ok tb@
|
| |
|
|
| |
ok tb@
|
| |
|
|
| |
ok tb@
|
| |
|
|
| |
ok tb@
|
| |
|
|
| |
ok tb@ after some puking in his mouth.
|
| |
|
|
| |
ok tb@
|
| |
|
|
| |
ok tb@
|
| |
|
|
| |
ok tb@
|
| |
|
|
| |
ok tb@
|
| |
|
|
| |
ok tb@
|
| |
|
|
| |
ok tb@
|
| |
|
|
| |
ok tb@
|
| |
|
|
| |
ok tb@
|
| |
|
|
| |
ok tb@
|
| |
|
|
| |
ok jsing@
|
| |
|
|
| |
ok jsing@
|
| | |
|
| | |
|
