| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
| |
fixed in bio_lib.c r1.47 as confirmed by ASAN.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Provide bn_rand_in_range() which is a slightly tweaked version of what was
previously called bn_rand_range().
The way bn_rand_range() is called in libcrypto, the lower bound is always
expressible as a word. In fact, most of the time it is 1, the DH code uses
a 2, the MR tests in BPSW use 3 and an exceptinally high number appears in
the Tonelli-Shanks implementation where we use 32. Converting these lower
bounds to BIGNUMs on the call site is annoying so let bn_rand_interval()
do that internally and route that through bn_rand_in_range(). This way we
can avoid using BN_sub_word().
Adjust the bn_isqrt() test to use bn_rand_in_range() since that's the
only caller that uses actual BIGNUMs as lower bounds.
ok jsing
|
|
|
|
|
|
| |
This test was never particularly useful. An upcoming API change for
the internal bn_rand_interval() API would require some adjustments.
It's not worth it.
|
| |
|
| |
|
| |
|
|
|
|
| |
CID 463174
|
|
|
|
|
|
| |
Some people already have way too many simple and not too important diffs in
their inbox. This isn't worth kicking something more important out of the
queue.
|
| |
|
| |
|
|
|
|
| |
If not even the idiot who invented this API gets this right...
|
| |
|
| |
|
|
|
|
| |
ok tb@
|
|
|
|
| |
ok tb@
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
Test keyshare for all built-in curves and simplify, especially printing
on failure. Incorporate known answer tests from RFC 5114 and RFC 5903.
All in all, this is a lot less code and a lot more test coverage and
hopefully a little less eyebleed.
Very loosely based on OpenSSL b438f0ed by Billy Brumley
|
|
|
|
|
|
| |
ECDH_compute_key() usually returns -1 on error (but sometimes 0). This
was also the case in OpenSSL when these tests were written. This will
soon change. The check for <= 0 will still be correct.
|
|
|
|
|
|
|
|
|
| |
Since all non-binary NIST curves have cofactor 1, this is in effect plain
ECDH. Current regress coverage of ECDH is quite lacking on architectures
where Go isn't available. This fixes that.
Actual cofactor ECDH support may be added soon to libcrypto, at which
point I will also add testcases with cofactor > 1.
|
|
|
|
|
| |
This currently adds an incorrect 00: padding, consistent with OpenSSL's
behavior.
|
| |
|
|
|
|
|
| |
there is a subtler issue with make regress/make all that will be way more
of a headache to sort !
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
This must be one of the ugliest tests I've ever written, but I can't think
of a better way of doing it.
|
| |
|
| |
|
|
|
|
|
| |
Test BN_sqr() with a newly allocated BN, a BN explicitly set to zero and
small values that fit in a single BN_ULONG.
|
|
|
|
|
| |
Currently BN_hex2bn() removes the leading zeros, however this will not be
the case in the future.
|
|
|
|
|
| |
Currently BN_hex2bn() removes the leading zeros, however this will not be
the case in the future.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
Provide prototype that is hidden behind LIBRESSL_INTERNAL for portable
and or in result for future extensibility.
|
|
|
|
|
| |
This would detect the aliasing issue reported by Guido Vranken fixed
in bn_gcd.c r1.28. Most testcases are from BoringSSL's regress test.
|
| |
|
|
|
|
| |
This now tests what the comment says it does
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is an un-revert with nits of the previously landed change
to do this which broke libtls. libtls has now been changed to
not use this function.
This change ensures that if something is returned it is "text"
(UTF-8) and a C string not containing a NUL byte. Historically
callers to this function assume the result is text and a C string
however the OpenSSL version simply hands them the bytes from an
ASN1_STRING and expects them to know bad things can happen which
they almost universally do not check for. Partly inspired by
goings on in boringssl.
ok jsing@ tb@
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
From Ilya Chipitsine
|
|
|
|
| |
Should make coverity happier
|