summaryrefslogtreecommitdiff
path: root/src (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Mop up remaining uses of ASN1_bn_print()tb2023-07-074-140/+38
| | | | | | | This removes lots of silly buffers and will allow us to make this API go away. ok jsing
* Insert leading octet if high bit of first nibble is 1tb2023-07-071-1/+7
| | | | | | | The reason the function this replaces is called ASN1_bn_print() is that it actually prints a representation of the ASN.1 encoding. ok jsing
* One source file per line.jsing2023-07-071-5/+10
|
* Convert ecpk_print_explicit_parameters() to bn_printf()tb2023-07-061-34/+8
| | | | | | | This eliminates a few stupid dances the horrible ASN1_bn_print() API required. ok jsing
* bn_print: remove unused bio, plug leaktb2023-07-061-5/+3
|
* Add regress coverage for bn_printftb2023-07-062-1/+283
| | | | | This must be one of the ugliest tests I've ever written, but I can't think of a better way of doing it.
* Add bn_printf(), a replacement for ASN1_bn_print()tb2023-07-063-2/+154
| | | | | | | | | | ASN1_bn_print() will be removed in an upcoming bump. This adds an internal API that covers the same functionality but doesn't require that the caller pass in a sufficiently large scratch space that ASN1_bn_print() may or may not use. In addition, this takes a format string, which allows us to ditch some extra dances. ok jsing
* unifdef the LIBRESSL_HAS_TLS1_3_[CLIENT|SERVER] goobeck2023-07-063-54/+3
| | | | | And remove the tendrils. This was useful for transition but we are now well past this.
* define OPENSSL_NO_DTLS1_1 since we no longer have that either.beck2023-07-061-2/+5
| | | | ok tb@
* Define the 'standard' OPENSSL_NO_BLAHBLAH's for no tls 1.0 or 1.1beck2023-07-061-3/+4
| | | | | | | | | | We have no tls 1.0 or 1.1 or methods for them. These "in theory" will make things that check the openssl #ifdef soup for all the floating eyeballs make the correct decisions, or if they do not they at least can not blame us. ok tb@
* Hide symbols in asn1 and biobeck2023-07-0580-80/+1511
| | | | ok jsing@
* upstream hidden file #include_next workaround for MS C compilersbcook2023-07-0510-10/+50
| | | | ok beck@, tb@
* don't return in a void functionbcook2023-07-051-2/+2
| | | | ok tb@
* Merge bio.h patch from libressl-portabletb2023-07-051-1/+15
| | | | ok beck@
* whitespacetb2023-07-051-4/+4
|
* Correct formattingbeck2023-07-051-17/+9
| | | | ok jsing@
* Avoid undefined behavior in tlsexttesttb2023-07-051-11/+18
| | | | | | | | | An empty array cannot be initialized and it is an incomplete type, so the sizeof() operator can't be applied to it. Therefore initialize it with a zero byte and replace sizeof() use with lengths. Slightly tweaked version of a patch by inoguchi in portable. Discussed with bcook, beck, kettenis
* Mop up last uses of ECDHerror() and ECDSAerror()tb2023-07-054-25/+33
| | | | ok jsing
* Hide symbols in chachabeck2023-07-053-1/+43
| | | | ok jsing@
* One more ECDSAerror goes.tb2023-07-051-2/+2
|
* ECDHerror() and ECDSAerror will go awaytb2023-07-052-45/+45
| | | | | | Move some trivial ones to ECerror(). discussed with jsing
* Adjust the public declaration of OpenSSLDie to use a portablebcook2023-07-051-2/+10
| | | | | | method of indicating that the function does not return. ok tb@
* Drop an incorrect part from a commenttb2023-07-051-2/+2
|
* Missing . in commenttb2023-07-051-2/+2
|
* Fix #includestb2023-07-051-2/+6
|
* Remove local prototypes for public API (?!)tb2023-07-051-6/+1
|
* Improve BN_bn2bin() error check for readabilitytb2023-07-051-2/+2
|
* Merge ECDH code that will stay into ecdh.ctb2023-07-053-125/+65
|
* Move ECDSA_size() to a more sensible place in this filetb2023-07-051-28/+28
|
* Merge ECDSA code that will stay into ecdsa.ctb2023-07-053-160/+97
| | | | discussed with jsing
* Rename ecs_local.h into ecdsa_local.htb2023-07-057-13/+13
|
* Make variables in prototypes match function declarationstb2023-07-051-6/+6
|
* Drop useless ossl_ prefixestb2023-07-058-40/+52
| | | | discussed with jsing
* Avoid outputting invalid signaturestb2023-07-041-1/+11
| | | | | | | | | | | | The caller can provide an r which will be added to the ECDSA_SIG unchecked. This can happen via ECDSA_{,do_}sign_ex() or ECDSA_sign_setup() or else via a custom sign_sig() handler. Therefore add a check that it is in the bounds required. Since k was long thrown away, there's no way to check kinv, so it needs to be trusted. Misdesigned APIs that will output garbage everywhere... ok jsing
* Clean up ECDSA verificationtb2023-07-041-14/+29
| | | | | | | | Use variable names that correspond more closely to the standard. Use an additional variable for s^-1 for readability. Annotate the code with the corresponding steps from FIPS 186-5. ok jsing
* ECDSA signing: annotate code with steps corresponding to FIPS 185-6.tb2023-07-041-3/+25
| | | | ok jsing
* Extract private key and group order in s computationtb2023-07-041-19/+18
| | | | | | | This pushes a few variables no longer needed in ossl_ecdsa_sign_sig() into ecdsa_compute_s() separating API logic and pure computation a bit more. ok beck
* Use key for the EC_KEY everywheretb2023-07-041-39/+38
|
* Some more consistency in variable namestb2023-07-041-15/+15
|
* Normalize ECDSA_SIG to be sig everywheretb2023-07-041-11/+11
|
* Normalize on digest and digest_len rather than dgst dlen dgstlen, etc.tb2023-07-041-28/+34
|
* Rework ecdsa_prepare_digest()tb2023-07-041-35/+35
| | | | | | | | Make it take an EC_KEY instead of a group order in preparation for further cleanup. Rename m into e to match the standard better. Also buy some vowels for jsing. ok beck jsing
* Plug leak in the ssltesttb2023-07-041-1/+2
| | | | | | | | Removing -tls1 moved some tests from the legacy stack to the TLSv1.3 stack. On a HRR, the alpn callback would be called twice and allocate the global twice, thereby leaking. So free it up front. Joint suffering with bcook and beck
* Factor the computation of ECDSA s into a functiontb2023-07-041-69/+88
| | | | | | | | ossl_ecdsa_sign_sig() is already complicated enough. The math bit is entirely self contained and does not need to obfuscate control flow and logic. with feedback from and ok jsing
* sign_sig: drop ckinvtb2023-07-031-5/+7
| | | | | | | | The only reason ckinv exists is to be able to avoid a copy. This copy leaks some timing info, that will be mitigated in a subsequent step. It is an unused or at least uncommonly used codepath. ok jsing
* Rework the logic in ECDSA sign_sig()tb2023-07-031-24/+30
| | | | | | | | | | | If the caller supplied both kinv and r, we don't loop but rather throw an undocumented error code that no one uses, which is intended to tell the caller to run ECDSA_sign_setup() and try again. Use a boolean that indicates this situation so that the logic becomes a bit more transparent. ok jsing
* add regress tests for the remainder of the function provided by our uuid.hjasper2023-07-031-5/+137
|
* Delete some more references to dead policy code.tobhe2023-07-031-12/+1
| | | | | | Fixes -DNAMESPACE ok tb@
* sign_sig: test on assignmenttb2023-07-031-5/+6
|
* sign_setup: split another check into twotb2023-07-031-2/+6
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-25 20:52:03 +0000