| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
ok dtucker@
|
|
|
|
|
|
Various code in libcrypto needs bitwise rotation - rather than defining
different versions across the code base, provide a common set that can
be reused. Any sensible compiler optimises these to a single instruction
where the architecture supports it, which means we can ditch the inline
assembly.
On the chance that we need to provide a platform specific versions, this
follows the approach used in BN where a MD crypto_arch.h header could be
added in the future, which would then provide more specific versions of
these functions.
ok tb@
|
|
It is common to need to store data in a specific endianness - rather than
handrolling and deduplicating code to do this, provide a
crypto_store_htobe64() function that converts from host endian to big
endian, before storing the data to a location with unknown alignment.
ok tb@
|
|
|
|
ok visa@
|
|
prepare for future uses.
No functional change.
|
|
The EC API allows callers to optionally pass in a BN_CTX, which means that
any code needing a BN_CTX has to check if one was provided, allocate one if
not, then free it again. Rather than doing this dance throughout the EC
code, handle the BN_CTX existance at the EC API boundary. This means that
lower level implementation code can simply assume that the BN_CTX is
available.
ok tb@
|
|
|
|
find_gpt_desc() and find_mbr_desc().
No functional change.
|
|
for the various BIO types.
|
|
No functional change.
|
|
Use htobe64() instead of testing BYTE_ORDER and then handrolling htobe64().
Thanks to tobhe for providing most of the fix via openiked-portable
|
|
values are only part of the ABI and not of the API, so delete them
from the SYNOPSIS: application programmers must not rely on the
specific values.
Instead of listing the specific values, properly describe the meaning
of all these constants.
However, the values of BIO_TYPE_NONE and BIO_TYPE_START are hard-coded
into the API and application programmers need to be aware of their
values, so those remain in the SYNOPSIS.
|
|
|
|
ok jsing
|
|
|
|
|
|
|
|
Rather than sprinkling BYTE_ORDER checks throughout the implementation,
always define PULL64 - on big endian platforms it just becomes a no-op.
ok tb@
|
|
ok tb@
|
|
In the case that the pure C implementation of SHA512 is being used, the
prototype is unnecessary as the function is declared static and exists
in dependency order. Simply omit the prototype rather than using #ifndef
to toggle the static prefix.
ok tb@
|
|
ok tb@
|
|
non-deterministic nature of the old implementation.
|
|
This is a reimplementation from scratch of the Tonelli-Shanks algorithm
based on Henri Cohen "A Course in Computational Algebraic Number Theory",
Springer GTM 138, section 1.5.1. It is API compatible with the previous
implementation, so no documentation change is required.
Contrary to the old implementation, this does not have any infinite loops
and has various additional sanity checks to prevent misbehavior in case
the input modulus is not a prime. It contains extensive comments and the
individual parts of the algorithm are split into digestible chunks instead
of having one huge function.
One difference of note is that it BN_mod_sqrt() now always returns the
smaller of the two possible answers. In other words, while its core is
non-deterministic, its answer is not.
ok jsing
|
|
|
|
Only acknowledge interrupts when one was active.
ok kettenis@
|
|
feedback and ok jmc@ miod, ok millert@
|
|
ok miod@ who tested on Ultra 5
|
|
|
|
|
|
i.e. two digits.
|
|
|
|
No change according to diff -w
|
|
ok kettenis@ patrick@
|
|
This function is no longer used directly by regress, so it can now be local
to this file.
|
|
|
|
We can use the undocumented functions {i2s,s2i}_ASN1_INTEGER(3) to
exercise bn_to_string(). This way we use public API and remove the
need of linking statically.
|
|
OK jmc@ and Ted Bullock
|
|
Clarify that the variables only affect the event_base structure currently
being created. They do not disable "library support" as a whole.
Sort the variables alphabetically.
OK jmc@ and Ted Bullock
|
|
|
|
ok mglocker@
|
|
|
|
Now symlinking an executable away from the rest of its installation
tree no longer prevents it from finding the libraries. This matches
the behavior of other OS linkers. Prompted by a behavior change in
lang/ghc test suite.
Swapped the order of dirname/realpath in _dl_origin_path.
Added some regress tests that pass and then bin3 that fails without
this change and reflects the behavior needd for lang/ghc.
Suggestion by semarie@, OK deraadt@
|
|
and -mbranch-protection=bti. So turn off the BTI protection in ramdisk
kernels for now.
ok deraadt@, miod@, phessler@
|
|
Geoff Thorpe added OPENSSL_NO_DEPRECATED nearly two decades ago. The hope
was that at some point some functions can be dropped. Most of the functions
marked deprecated are actually unused nowadays but unfortunately some of
them are still used in the ecosystem. Move them out of OPENSSL_NO_DEPRECATED
so we can define it without breaking the consumers in the next bump.
ERR_remove_state() is still used by a dozen or so ports. This isn't a big
deal since it is just a stupid wrapper for the not quite as deprecated
ERR_remove_thread_state(). It's not worth patching these ports.
Annoyingly, {DH,DSA}_generate_parameters() and RSA_generate_key() are still
used. They "make use" of the old-style BN_GENCB callback, which is therefore
more difficult to remove - in case you don't know know: that's the thing
responsible for printing pretty '.', '+' and '*' when you generate keys.
Most annoyingly, DH_generate_parameters() was added to rust-openssl in 2020
for "advanced DH support". This is very unfortunate since cargo bundles a
rust-openssl and updates it only every few years or so. As a consequence
we're going to be stuck with this nonsense for a good while.
ok beck jsing
|
