summaryrefslogtreecommitdiff
path: root/src (unfollow)
Commit message (Collapse)AuthorFilesLines
2023-08-09Merge remainder of rsa_crpt.c into rsa_eay.ctb3-130/+55
Most of these are one line wrappers around methods implemented in rsa_eay.c by default.
2023-08-09Move RSA blinding API from rsa_crpt.c to rsa_blinding.ctb2-102/+102
2023-08-09Move RSA_blinding_{on,off}() to the bottom of the filetb1-29/+29
2023-08-09Move bn_blind.c to rsa_blinding.ctb4-13/+14
discussed with jsing
2023-08-09Make declaration and definition of BN_BLINDING_new() match.tb2-4/+4
Also, make mod const.
2023-08-09Merge BN_BLINDING_create_param() into BN_BLINDING_new()tb3-33/+16
2023-08-09Set up the blinding factors on first usetb1-27/+14
Only call BN_BLINDING_setup() from BN_BLINDING_update(). This allows another simplification of the counter logic. ok jsing
2023-08-09Remove retry loop in BN_BLINDING_setup()tb1-24/+5
If we generate a non-invertible blinding, we have accidentally factored the modulus. This won't happen, so get rid of this ugly complication. ok jsing
2023-08-09Compute a square using BN_mod_sqr() instead of BN_mod_mul()tb1-3/+3
ok jsing
2023-08-09Simplify BN_BLINDING_invert()tb1-14/+5
If the blinding is non-NULL, Ai is set on it, so no need to check for that. Also, we can get away with a single call to BN_mod_mul(). ok jsing
2023-08-09Unwrap a linetb1-3/+2
2023-08-08Unwrap a linetb1-3/+2
2023-08-08Drop the unused BN_BLINDING argument of BN_BLINDING_create_param()tb3-14/+11
2023-08-08Rename ret into b in BN_BLINDING_setup()tb1-8/+8
2023-08-08Factor the actual setup step for the blinding into a helpertb1-30/+43
ok jsing
2023-08-08X509_STORE_CTX_get_check_issued(3) is weird.schwarze1-0/+9
Both the function return type and the function name are so long that for displaying the function prototype, a line break is needed after the function return type.
2023-08-08Make BN_BLINDING respect some invariantstb1-48/+17
Pass e and mod into BN_BLINDING_new() for now and unconditionally allocate A and Ai. This way non-NULL blindings always have these four members set. This allows removing several unnecessary checks in the update, convert and parameter creation code paths. Fix exit BN_BLINDING_create_param() so as to signal errors to the caller if a non-NULL blinding was passed. This fixes a long standing bug. ok jsing
2023-08-08Simplify RSA_setup_blinding()tb1-21/+16
Make this look a bit more like other code we cleaned up avoiding nesting and unnecessary else branches. ok jsing
2023-08-08Remove ECDSA nonce padding kludgetb1-22/+1
This was a workaround due to the historically non-constant time scalar multiplication in the EC code. Since Brumley and Tuveri implemented the Montgomery ladder, this is no longer useful and should have been removed a long time ago, as it now does more harm than good. Keep the preallocations as they still help hiding some timing info. ok jsing
2023-08-08In objects.h rev. 1.17 (Jan 14, 2022),schwarze1-7/+1
tb@ removed the following macros from the public API: _DECLARE_OBJ_BSEARCH_CMP_FN DECLARE_OBJ_BSEARCH_CMP_FN DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN IMPLEMENT_OBJ_BSEARCH_CMP_FN IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN OBJ_bsearch OBJ_bsearch_ex In objects.h rev. 1.20 (Nov 11, 2022), jsing@ unifdef'ed USE_OBJ_MAC. Stop marking these names as intentionally undocumented.
2023-08-07No need to mark BN_options() as intentionally undocumented any longer.schwarze1-1/+0
In bn.h rev. 1.75 (July 31, 2023), tb@ removed it from the public API. While here, stop marking BN_prime_checks as obsolete. In BN_generate_prime.3 rev. 1.23 (May 11, 2023), tb@ documented the constant BN_prime_checks in that manual page.
2023-08-07Mark asn1_ps_func as obsolete and intentionally undocumented.schwarze1-0/+1
In bio.h rev. 1.59 (July 28, 2023), tb@ removed the last four functions that took function pointers of this type from the public API.
2023-08-07Mark BIT_STRING_BITNAME as obsolete and intentionally undocumented.schwarze1-0/+1
In asn1.h rev. 1.80 (July 28, 2023), tb@ removed the last three functions that were using this data type from the public API.
2023-08-07Add a regress test exercising BIO_dup_chain() and triggering the leaktb1-1/+43
fixed in bio_lib.c r1.47 as confirmed by ASAN.
2023-08-07Fix two leaks in BIO_dup_chain()tb1-19/+17
If CRYPTO_dup_ex_data() fails, the new_bio is leaked. If an error occurs after the first iteration, all members of the new chain except the head are leaked. ok jsing
2023-08-07Add missing space before =tb1-2/+2
2023-08-05remove trailing comma in NAME;jmc1-3/+3
2023-08-04Move the ENGINE_new() prototype a line downtb1-2/+2
2023-08-03Link new ccs test to buildtb1-1/+7
Exception needed since the test expects an unexpected_message alert, while we throw a decode_error.
2023-08-03Make the bn_rand_interval() API a bit more ergonomictb11-52/+57
Provide bn_rand_in_range() which is a slightly tweaked version of what was previously called bn_rand_range(). The way bn_rand_range() is called in libcrypto, the lower bound is always expressible as a word. In fact, most of the time it is 1, the DH code uses a 2, the MR tests in BPSW use 3 and an exceptinally high number appears in the Tonelli-Shanks implementation where we use 32. Converting these lower bounds to BIGNUMs on the call site is annoying so let bn_rand_interval() do that internally and route that through bn_rand_in_range(). This way we can avoid using BN_sub_word(). Adjust the bn_isqrt() test to use bn_rand_in_range() since that's the only caller that uses actual BIGNUMs as lower bounds. ok jsing
2023-08-03Retire the bn_rand_interval() testtb2-115/+1
This test was never particularly useful. An upcoming API change for the internal bn_rand_interval() API would require some adjustments. It's not worth it.
2023-08-03Remove unused sk/lh macrostb1-170/+1
ok jsing miod
2023-08-02More whitespace fixes from knfmttb1-7/+7
2023-08-02Remove extraneous parentheses and fix weird whitespace.tb1-16/+15
2023-08-02Drop the _ex from BN_BLINDING_{convert,invert}_ex()tb3-12/+12
2023-08-02Remove the unused BN_BLINDING_{convert,invert}()tb2-16/+2
ok jsing
2023-08-02Make BN_BLINDING_{new,update}() static in bn_blind.ctb2-6/+4
ok jsing
2023-08-02Remove the unused flags member of BN_BLINDINGtb2-10/+4
Nothing sets this, so remove it along with BN_BLINDING_NO_{UPDATE,RECREATE} and some checks that are always true. ok jsing
2023-08-02Remove the unused flags accessors for BN_BLINDINGtb2-16/+2
ok jsing
2023-08-02Remove a 16 year old confusing lietb1-2/+2
The mod member of BN_BLINDING hasn't been /* just a reference */ since the branch prediction mitigations in OpenSSL bd31fb21 from March 2007.
2023-08-01Remove unused prototypetb1-3/+1
2023-07-31Remove more *_options() stufftb5-50/+5
The public symbols were removed. Some prototypes and in the case of DES even the implementation remained. ok jsing
2023-07-29Drop unused conf, pem, and x509 headers, add unistd for pledgetb1-4/+2
2023-07-29Move HAVE_FUNOPEN out of !NOPICtb1-5/+1
Due to some historic accident, HAVE_FUNOPEN was grouped with DSO_DLFCN and HAVE_DLFCN_H inside !defined(NOPIC). While the two DLFCN bits belong there, HAVE_FUNOPEN doesn't. ok jsing, millert agrees
2023-07-29Garbage collect rodata only used by RC4_options()tb1-5/+0
build tested by miod
2023-07-29Add _libre_CMS_{,SignerInfo}_get_versiontb1-0/+2
2023-07-29Remove {BN,idea}_options() leftoverstb3-6/+2
Some *_options() prototypes were left behind in headers. I will remove them after my amd64 ports bulk completes.
2023-07-29Remove BF_options() documentationtb1-9/+3
2023-07-29reinstate KNF for commenttb1-2/+2
2023-07-28Some of these functions no longer exist or are no longer publictb1-4/+1
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-09 12:51:24 +0000