summaryrefslogtreecommitdiff
path: root/src (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Move EC_KEY and EC_KEY_METHOD typedefs to ossl_typ.htb2023-08-112-5/+5
| | | | ok jsing
* Convert {dh,dsa}_{pub,priv}_encode() to single exittb2023-08-102-84/+94
| | | | | | | Use the same variable names throughout these functions and unify them some more. ok jsing
* Add the missing ".Nm X509_STORE_CTX_check_issued_fn" to the NAME sectionschwarze2023-08-101-2/+4
| | | | | | | such that `man X509_STORE_CTX_check_issued_fn` works. While here, add a Copyright notice for Job Snijders because he added a significant amount of text to this file in March 2023. OK job@
* Clean up {dh,dsa}_pub_encode()tb2023-08-102-46/+54
| | | | | | | This brings these two messy functions into more usual shape. There is a lot more that can be done in here. It is a step in the right direction. ok jsing
* Fix a leak in rsa_pub_encode()tb2023-08-101-12/+19
| | | | | | | | rsa_param_encode() allocates the PSS parameters in an ASN1_STRING which is leaked if any error occurs later in rsa_pub_encode(). Convert the rest of the code to follow our ordinary idioms more closely. ok jsing
* In x509_vfy.h rev. 1.60 and rev. 1.62 (April 2023), tb@ providedschwarze2023-08-101-26/+51
| | | | | X509_STORE_CTX_get1_certs(3) and X509_STORE_CTX_get1_crls(3). Document them and mark their aliases as deprecated.
* Remove now unnecessary 'do {} while (0);' and move variable declaration.jsing2023-08-101-5/+2
| | | | No functional change.
* Expand HASH_MAKE_STRING.jsing2023-08-101-13/+13
| | | | No change to generated assembly.
* Remove MD32_XARRAY remnants.jsing2023-08-101-4/+1
|
* Reorder functions.jsing2023-08-101-119/+119
| | | | No functional change.
* Implement MD5_{Update,Transform,Final}() directly in md5.c.jsing2023-08-101-1/+103
| | | | | | | | Copy the update, transform and final functions from md32_common.h, manually expanding the macros for MD5. This will allow for further clean up to occur. No change in generated assembly.
* Tidy includes.jsing2023-08-102-8/+3
|
* Mop up the last MD32_XARRAY.jsing2023-08-101-197/+187
| | | | | | | MD32_XARRAY was added as a workaround for a broken HP C compiler (circa 1999). Clean it up to simplify the code. No change in generated assembly.
* Inline the remaining 10 lines from rmdconst.h.jsing2023-08-102-75/+12
| | | | Discussed with tb@
* Inline X variables definitions.jsing2023-08-102-345/+175
| | | | | | | | | Inline the WL and WR defines, which only add yet another layer of abstraction and make the code harder to follow. No change to generated assembly. Discussed with tb@
* Inline shift values.jsing2023-08-102-330/+170
| | | | | | | | Inline the SL and SR defines, which only makes the code harder to follow. No change to generated assembly. Discussed with tb@
* Apply some more style(9).jsing2023-08-101-170/+171
| | | | No change in generated assembly.
* Various fixes in {dh,dsa}_priv_encode()tb2023-08-102-40/+48
| | | | | | | | | | Avoid creating an ASN1_STRING with negative length, set type, data and length via ASN1_STRING_type_new() and ASN1_STRING_set0() instead of doing this manually. Check return value for i2d_ASN1_INTEGER() and use an intermediate ASN1_OBJECT instead of nested function calls. Finally, clear sensitive data with freezero(). ok jsing
* rsa_priv_encode: plug leak on PKCS8_pkey_set0() failuretb2023-08-101-15/+19
| | | | | | Change the code to use safer idioms and avoid nested function calls. ok jsing
* Improve byte order handling in gcm128.jsing2023-08-101-329/+44
| | | | | | Replace a pile of byte order handling mess with htobe*() and be*toh(). ok tb@
* Remove MD32_REG_T.jsing2023-08-106-48/+16
| | | | | | | | | This is a hack that is only enabled on a handful of 64 bit platforms, as a workaround for poor compiler optimisation. If you're running an archiac compiler on an archiac architecture, then you can deal with slightly lower performance. ok tb@
* Add the forgotten .In lineschwarze2023-08-091-3/+4
| | | | and fix a typo: s/content objects/content octets/.
* In objects.h rev. 1.14 and 1.15 (Jan 2022), tb@ providedschwarze2023-08-091-5/+65
| | | | | OBJ_get0_data(3) and OBJ_length(3). Document them. Feedback and OK tb@.
* Rework BN_BLINDING to use pthread_t directlytb2023-08-093-28/+18
| | | | | | | | | | Instead of CRYPTO_THREADID, which passes pthread_via through unsigned long, we can use pthread_self() and pthread_equal() directly. This commit keeps using the awkward 'local' nomenclature as that is used throughout the rsa code. This will be changed after the blinding code will have been fully merged into rsa_blinding.c. ok jsing
* Merge remainder of rsa_crpt.c into rsa_eay.ctb2023-08-093-130/+55
| | | | | Most of these are one line wrappers around methods implemented in rsa_eay.c by default.
* Move RSA blinding API from rsa_crpt.c to rsa_blinding.ctb2023-08-092-102/+102
|
* Move RSA_blinding_{on,off}() to the bottom of the filetb2023-08-091-29/+29
|
* Move bn_blind.c to rsa_blinding.ctb2023-08-094-13/+14
| | | | discussed with jsing
* Make declaration and definition of BN_BLINDING_new() match.tb2023-08-092-4/+4
| | | | Also, make mod const.
* Merge BN_BLINDING_create_param() into BN_BLINDING_new()tb2023-08-093-33/+16
|
* Set up the blinding factors on first usetb2023-08-091-27/+14
| | | | | | | Only call BN_BLINDING_setup() from BN_BLINDING_update(). This allows another simplification of the counter logic. ok jsing
* Remove retry loop in BN_BLINDING_setup()tb2023-08-091-24/+5
| | | | | | | If we generate a non-invertible blinding, we have accidentally factored the modulus. This won't happen, so get rid of this ugly complication. ok jsing
* Compute a square using BN_mod_sqr() instead of BN_mod_mul()tb2023-08-091-3/+3
| | | | ok jsing
* Simplify BN_BLINDING_invert()tb2023-08-091-14/+5
| | | | | | | If the blinding is non-NULL, Ai is set on it, so no need to check for that. Also, we can get away with a single call to BN_mod_mul(). ok jsing
* Unwrap a linetb2023-08-091-3/+2
|
* Unwrap a linetb2023-08-081-3/+2
|
* Drop the unused BN_BLINDING argument of BN_BLINDING_create_param()tb2023-08-083-14/+11
|
* Rename ret into b in BN_BLINDING_setup()tb2023-08-081-8/+8
|
* Factor the actual setup step for the blinding into a helpertb2023-08-081-30/+43
| | | | ok jsing
* X509_STORE_CTX_get_check_issued(3) is weird.schwarze2023-08-081-0/+9
| | | | | | Both the function return type and the function name are so long that for displaying the function prototype, a line break is needed after the function return type.
* Make BN_BLINDING respect some invariantstb2023-08-081-48/+17
| | | | | | | | | | | | Pass e and mod into BN_BLINDING_new() for now and unconditionally allocate A and Ai. This way non-NULL blindings always have these four members set. This allows removing several unnecessary checks in the update, convert and parameter creation code paths. Fix exit BN_BLINDING_create_param() so as to signal errors to the caller if a non-NULL blinding was passed. This fixes a long standing bug. ok jsing
* Simplify RSA_setup_blinding()tb2023-08-081-21/+16
| | | | | | | Make this look a bit more like other code we cleaned up avoiding nesting and unnecessary else branches. ok jsing
* Remove ECDSA nonce padding kludgetb2023-08-081-22/+1
| | | | | | | | | | | This was a workaround due to the historically non-constant time scalar multiplication in the EC code. Since Brumley and Tuveri implemented the Montgomery ladder, this is no longer useful and should have been removed a long time ago, as it now does more harm than good. Keep the preallocations as they still help hiding some timing info. ok jsing
* In objects.h rev. 1.17 (Jan 14, 2022),schwarze2023-08-081-7/+1
| | | | | | | | | | | | tb@ removed the following macros from the public API: _DECLARE_OBJ_BSEARCH_CMP_FN DECLARE_OBJ_BSEARCH_CMP_FN DECLARE_OBJ_BSEARCH_GLOBAL_CMP_FN IMPLEMENT_OBJ_BSEARCH_CMP_FN IMPLEMENT_OBJ_BSEARCH_GLOBAL_CMP_FN OBJ_bsearch OBJ_bsearch_ex In objects.h rev. 1.20 (Nov 11, 2022), jsing@ unifdef'ed USE_OBJ_MAC. Stop marking these names as intentionally undocumented.
* No need to mark BN_options() as intentionally undocumented any longer.schwarze2023-08-071-1/+0
| | | | | | | | In bn.h rev. 1.75 (July 31, 2023), tb@ removed it from the public API. While here, stop marking BN_prime_checks as obsolete. In BN_generate_prime.3 rev. 1.23 (May 11, 2023), tb@ documented the constant BN_prime_checks in that manual page.
* Mark asn1_ps_func as obsolete and intentionally undocumented.schwarze2023-08-071-0/+1
| | | | | In bio.h rev. 1.59 (July 28, 2023), tb@ removed the last four functions that took function pointers of this type from the public API.
* Mark BIT_STRING_BITNAME as obsolete and intentionally undocumented.schwarze2023-08-071-0/+1
| | | | | In asn1.h rev. 1.80 (July 28, 2023), tb@ removed the last three functions that were using this data type from the public API.
* Add a regress test exercising BIO_dup_chain() and triggering the leaktb2023-08-071-1/+43
| | | | fixed in bio_lib.c r1.47 as confirmed by ASAN.
* Fix two leaks in BIO_dup_chain()tb2023-08-071-19/+17
| | | | | | | | If CRYPTO_dup_ex_data() fails, the new_bio is leaked. If an error occurs after the first iteration, all members of the new chain except the head are leaked. ok jsing
* Add missing space before =tb2023-08-071-2/+2
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-28 14:14:21 +0000