summaryrefslogtreecommitdiff
path: root/src (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Don't rely on the libssl headers pulling in stdio.h somehowtb2023-07-191-1/+3
|
* Add missing commas to test vectorsjoshua2023-07-191-26/+26
| | | | ok tb@
* Add test coverage for SHA3joshua2023-07-191-27/+344
| | | | ok tb@
* Fix two aliases in libcrypto spotted by the new symbols testtb2023-07-192-3/+4
| | | | ok jsing
* ecc_cdh: plug leak of peer public keytb2023-07-161-1/+2
|
* ecdhtest: Drop unnecessary constant and unneeded includestb2023-07-161-10/+6
|
* ecdhtest: fix a couple bugs plus some cosmetic tweakstb2023-07-161-6/+6
|
* fix include directive - this is make, not Ctb2023-07-151-2/+2
|
* Rework the ecdhtesttb2023-07-151-260/+252
| | | | | | | | | Test keyshare for all built-in curves and simplify, especially printing on failure. Incorporate known answer tests from RFC 5114 and RFC 5903. All in all, this is a lot less code and a lot more test coverage and hopefully a little less eyebleed. Very loosely based on OpenSSL b438f0ed by Billy Brumley
* Fix return value check for ECDH_compute_key()tb2023-07-151-5/+5
| | | | | | ECDH_compute_key() usually returns -1 on error (but sometimes 0). This was also the case in OpenSSL when these tests were written. This will soon change. The check for <= 0 will still be correct.
* Add test coverage for cofactor ECDH using NIST test vectorstb2023-07-152-2/+2509
| | | | | | | | | Since all non-binary NIST curves have cofactor 1, this is in effect plain ECDH. Current regress coverage of ECDH is quite lacking on architectures where Go isn't available. This fixes that. Actual cofactor ECDH support may be added soon to libcrypto, at which point I will also add testcases with cofactor > 1.
* Link symbols test to buildtb2023-07-151-1/+2
|
* remove accidentally imported files againtb2023-07-153-2713/+0
|
* Import a version of libcrypto's symbols test for libssltb2023-07-155-0/+2798
|
* Mop up MD32_XARRAY from md5.jsing2023-07-151-91/+84
| | | | | | | MD32_XARRAY was added as a workaround for a broken HP C compiler (circa 1999). Clean it up to simplify the code. No change in generated assembly.
* Mop up MD32_XARRAY from md4.jsing2023-07-151-75/+68
| | | | | | | MD32_XARRAY was added as a workaround for a broken HP C compiler (circa 1999). Clean it up to simplify the code. No change in generated assembly.
* Refactor ASN1_item_sign_ctx()tb2023-07-131-54/+89
| | | | | | | | | | | | | | | | | | | | | | Oh, joy! The muppets had a feast: they could combine the horrors of EVP with X.509... Return values between -1 and 3 indicating how much work needs to be done, depending on whether methods are present or absent. Needless to say that RSA and EdDSA had inconsistent return values until recently. Instead of interleaving if/else branches, split out two helper functions that do essentially independent things, which results in something that isn't entirely bad. Well, at least not compared to the surrounding code. asn1_item_set_algorithm_identifiers() extracts the signature algorithm from the digest and pkey if known, and sets it on the two X509_ALGOR that may or may not have been passed in. asn1_item_sign() converts data into der and signs. Of course there were also a few leaks and missing error checks. ok jsing
* Revert accidental addition of cofactor ECDH supporttb2023-07-121-16/+2
| | | | This snuck in with ech_key.c r1.33 because I committed from a dirty tree.
* Reenable clienttest and servertesttb2023-07-121-3/+3
|
* Fix last bit of the clienttest, needs ssl_pkt.c r1.66tb2023-07-111-2/+2
|
* Remove old workaround for F5tb2023-07-111-13/+2
| | | | | | | | | | | F5 is well-known for needing workaround (go read RFC 8446). In this particular case, it required implementation sending CHs larger than 255 bytes to 0x0300 otherwise their server would hang. This is the same hang that required the CH padding extension which broke other implementations. The CH padding extension was removed ~6 years ago, so hopefully this kludge will no longer needed either. ok jsing
* Keep servertest silent and align with clienttesttb2023-07-111-2/+3
|
* Neuter expected server test failures with SSLv2tb2023-07-111-1/+6
| | | | This test should either be extended or retired. As it is it is useless.
* Fix most of the clienttest. With this only test cases 9 and 13 fail.tb2023-07-111-23/+39
|
* Add test case for negative number with highest bit of top octet settb2023-07-101-1/+13
| | | | | This currently adds an incorrect 00: padding, consistent with OpenSSL's behavior.
* Rename EC_KEY from r to key like in the rest of the filetb2023-07-101-4/+4
|
* Pull BIGNUM constants out of get_* function bodiestb2023-07-101-315/+331
| | | | | | | | | The get_rfc*_prime_* functions will be removed. The constants will remain for the BN_get_rfc*_prime_* functions. Make the latter call BN_bin2bn() directly on these constants rather than going through get_*. This avoids some overlong lines. Also KNF for some comments. Reduces the diff I currently carry by quite a bit.
* BIO_indent: use %*s rather than puts in a looptb2023-07-101-6/+5
| | | | ok beck jsing millert
* bn_print: string.h is no longer neededtb2023-07-101-2/+1
|
* Fix ndef_{prefix,suffix}()tb2023-07-091-11/+12
| | | | | | | | | These functions inline a poor version of asn1_item_flags_i2d() without error checks. This can be replaced with a single correct call to ASN1_item_ndef_i2d(). Mechanically adding malloc checks and checks for negative did not really improve things all that much in a related project. ok beck jsing
* Reimplement BN_print() and BN_print_fp()tb2023-07-092-47/+45
| | | | | | | | These can now use the internal version of BN_bn2hex() and be direct wrappers of BIO_printf() and fprintf() as they should have been all along. ok jsing
* Simplify bn_print()tb2023-07-091-5/+3
| | | | | | | We no longer need to do weird things as taking the length of the hex string and jumping over a sign we didn't need. ok jsing
* Refactor BN_bn2hex()tb2023-07-092-8/+57
| | | | | | | | | Various outputting functions are variants of BN_bn2hex(). They do not want a sign or they display the BIGNUM at nibble granularity instead of byte granularity. So add this functionality to an internal variant of BN_bn2hex(). with/ok jsing
* Provide optimised bn_subw() for riscv64.jsing2023-07-091-1/+18
|
* Provide optimised bn_addw() for riscv64.jsing2023-07-091-1/+18
|
* Add Xr to EVP_MD_meth_new to top level librarytb2023-07-091-2/+3
|
* Fix OpenBSD releasetb2023-07-091-3/+3
|
* ASN1_bn_print() will be removed soon. Remove docs.tb2023-07-095-130/+7
|
* fix comment to unbreak things that care about warningsbeck2023-07-081-2/+2
| | | | ok tb@ krw@
* link EVP_MD_meth_new.3 to buildtb2023-07-081-1/+2
|
* Import EVP_MD_meth_new.3 from OpenSSL 1.1.1 headtb2023-07-081-0/+292
| | | | | | | As usual, this has a lot of room for improvement, but it is better than nothing at all. It leaves a dangling reference to EVP_MD_CTX_md_data(), which I leave for schwarze to document. This is a terrible API and the way it is used in the wild is terrifying.
* Fix whitespacetb2023-07-081-2/+2
|
* partial fix for make -j8 (bluhm@ is sitting right next to me and agreeing)espie2023-07-081-5/+4
| | | | | there is a subtler issue with make regress/make all that will be way more of a headache to sort !
* Hide all public symbols in libsslbeck2023-07-0821-33/+828
| | | | | | With the guentherizer 9000 ok tb@
* Hide symbols in dhbeck2023-07-089-7/+171
| | | | ok tb@
* Hide symbols in curve22519beck2023-07-083-1/+45
| | | | ok tb@
* Hide symbols in modes.hbeck2023-07-089-7/+120
| | | | ok tb@
* Hit modes with the loving mallet of knfmtbeck2023-07-089-1164/+1342
| | | | ok tb@
* Hide symbols in gost.beck2023-07-089-5/+160
| | | | ok tb@ after some puking in his mouth.
* hide symbols in dsabeck2023-07-0810-8/+232
| | | | ok tb@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-01 21:38:05 +0000