summaryrefslogtreecommitdiff
path: root/src (unfollow)
Commit message (Collapse)AuthorFilesLines
2023-05-04Let ecdsatest exercise ECParameters_dup() a bittb1-2/+3
This currently leaks, which will fixed in a follow-on commit.
2023-05-04Remove x9_62_test_internal()tb1-72/+1
This test depends on RAND_set_rand_method() allowing stupid things like making ECDSA signatures deterministic. This was gutted a long time ago and the function should have followed its wrappers into the attic.
2023-05-04Use size_t instead of int in EC_POINT_point2oct()tb1-2/+2
An int would be perfectly sufficient for this, but then again there would be fewer traps. ok jsing
2023-05-04Fix line wrappingtb1-3/+3
2023-05-04Fix function name in doc commenttb1-2/+2
2023-05-03Revert utf-8 fix for X509_NAME_get_index_by_NID to avoid libtlsbeck3-124/+22
regress for the moment. this will come back after we rethink the failure versus not there case. ok tb@ jsing@
2023-05-03Bring back length check tb ok'ed and I managed to remove whilebeck1-2/+2
changing tests. ok tb@
2023-05-03Fix a few KNF/whitespace issuestb1-9/+5
2023-05-02Change X509_NAME_get_index_by[NID|OBJ] to be safer.beck3-22/+124
Currently these functions return raw ASN1_STRING bytes as a C string and ignore the encoding in a "hold my beer I am a toolkit not a functioning API surely it's just for testing and you'd never send nasty bytes" kind of way. Sadly some callers seem to use them to fetch things liks subject name components for comparisons, and often just use the result as a C string. Instead, encode the resulting bytes as UTF-8 so it is something like "text", Add a failure case if the length provided is inadequate or if the resulting text would contain an nul byte. based on boringssl. nits by dlg@ ok tb@
2023-05-02Mark the BIO_F_* function codes as intentionally undocumentedschwarze1-1/+1
and for now, skip the the BIO_R_* reason codes. It looks like all public symbols in the BIO library are now documented or marked as intentionally undocumented.
2023-05-02Rename P into generatortb1-6/+6
ok jsing
2023-05-02Simplify EC_GROUP_new_by_curve_name()tb1-20/+14
Pull the setting of the name a.k.a. nid into ec_group_new_from_data(). This way, we can return early on finding the nid in the curve_list[]. This also avoids a silly bug where a bogus ERR_R_UNKNOWN_BUG is pushed onto the error stack when ec_group_new_from_data() failed. While there rework the exit path of ec_group_new_from_data() a bit. Instead of an ok variable we can use an additional pointer to keep track of the return value and free the EC_GROUP unconditionally. ok jsing
2023-05-02Style tweaks for SMIME_write_PKCS7()tb1-7/+5
Initialize the mdalgs stack at the top and test and assign for ctype_nid. Use an empty line to separate variable declarations from the actual code and zap an extra empty line. ok jsing
2023-05-02Unwrap a linetb1-3/+2
2023-05-02Simplify slightly and use i2d_PKCS7_bio_stream()tb1-3/+3
This is a wrapper of i2d_ASN1_bio_stream() that doesn't require us to pass in PKCS7_it.
2023-05-01stray whitespacetb1-2/+2
2023-05-01Add a missing pair of braces.tb1-2/+3
2023-05-01Use uppercase for the CURVE_LIST_LENGTH macrotb1-6/+6
2023-05-01Consistently use lowercase hex digits for curve parameterstb1-749/+749
2023-05-01Now that we have C99 initializers, garbage collect some commentstb1-299/+299
2023-05-01Rework the curve list to use actual structs instead of a customtb1-742/+1530
serialized format. ok jsing
2023-05-01Drop the now unnecessary and unused field_type from the curve datatb1-54/+4
ok jsing
2023-05-01Convert EC_CURVE_DATA to C99 initializerstb1-51/+192
Also clean up the definition of EC_CURVE_DATA a bit. ok jsing
2023-05-01Simplify ec_group_new_from_data() furthertb1-16/+55
We have a BN_CTX available, so we may as well use it. This simplifies the cleanup path at the cost of a bit more code in the setup. Also use an extra BIGNUM for the cofactor. Reusing x for this is just silly. If you were really going to avoid extra allocations, this entire function could easily have been written with three BIGNUMs. ok jsing
2023-05-01Make warnings more precisejob1-4/+4
2023-05-01Drop some dead codetb1-11/+2
No member of the curve_list[] table has a method set. Thus, curve.meth is always NULL and we never take the EC_GROUP_new(meth) code path. ok jsing
2023-05-01Remove pointless/wrong .meth = 0 entries from curves_list[]tb1-55/+1
2023-05-01Mechanically convert curve_list[] to C99 initializerstb1-55/+325
ok jsing
2023-05-01Clean up handling of nist_curves[]tb1-18/+14
There's no point in introducing a typedef only for two sizeof() calls. We might as well use an anonymous struct for this list. Make it const while there, drop some braces and compare strcmp() return value to 0. ok jsing
2023-05-01Remove ASN1_item_ndef_i2d(3) documentationtb2-35/+5
This was the last public API explicitly named ndef/NDEF for indefinite length encoding, so remove that explanation as well.
2023-05-01First pass of removing low-level ASN.1 streaming docstb14-343/+26
2023-05-01spellingjsg1-3/+3
2023-04-30x509_asn1: make this test pass again after reinstating DER preservationtb1-5/+5
2023-04-30check_complete.pl: update for recent changes in bntb1-4/+3
2023-04-30mandoc -Tlint tells me I forgot to zap a commatb1-2/+2
2023-04-30Remove most documentation pertaining to proxy certificates.tb6-205/+10
Update EXFLAG_PROXY and X509_V_FLAG_ALLOW_PROXY_CERTS documentation since we need to keep them for the time being.
2023-04-30Remove proxy cert api remmnantstb1-9/+1
2023-04-30Remove documentation of BN_generate_prime(), BN_is_prime{,_fasttest}()tb1-85/+4
2023-04-30Remove documentation of BN_zero_ex() and update BN_one() and BN_zero()tb1-22/+3
which are no longer macros (and the latter is no longer deprecated and no longer attempts to allocate memory).
2023-04-30Garbage collect BN_zero_ex()tb1-7/+1
2023-04-30Remove __dead again. Apparently this causes issues for some upstreams.tb1-2/+2
Thanks to orbea for the report
2023-04-30Revert disablement of the encoding cachejob2-4/+17
Without the cache, we verify CRL signatures on bytes that have been pulled through d2i_ -> i2d_, this can cause reordering, which in turn invalidates the signature. for example if in the original CRL revocation entries were sorted by date instead of ascending serial number order. There are probably multiple things we can do here, but they will need careful consideration and planning. OK jsing@
2023-04-30Send x509_subject_cmp() to the attictb1-9/+1
This helper has been inside #if 0 for nearly 25 years. Let it go. If we should ever need it, I'm quite confident that we will be able to come up with its one line body on our own.
2023-04-30The policy tree is no moretb9-527/+11
Mop up documentation mentioning it or any of its numerous accessors that almost nothing ever used.
2023-04-30Zap extra blank linetb1-2/+1
2023-04-30Make the descriptions of BIO_get_retry_BIO(3) and BIO_get_retry_reason(3)schwarze1-11/+60
more precise. Among other improvements, describe the three BIO_RR_* constants serving as reason codes.
2023-04-30Slightly improve the documentation of the "oper" parameter byschwarze1-3/+10
explicitly listing the valid arguments, i.e. the BIO_CB_* constants.
2023-04-30Document the eight BIO_CONN_S_* constants that are passed to BIO_info_cb(3)schwarze1-2/+36
as the "state" argument. Document them here because connect BIOs are the only built-in BIO type using these constants.
2023-04-30Mark the five BIO_GHBN_* constants as intentionally undocumented.schwarze1-2/+7
They are intended to be used by BIO_gethostbyname(), which is deprecated in OpenSSL and already marked as intentionally undocumented in LibreSSL. Besides, these constants are completely unused by anything.
2023-04-30whitespacetb1-2/+2
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 01:27:16 +0000