summaryrefslogtreecommitdiff
path: root/lib/libcrypto/ec
AgeCommit message (Collapse)Author
2015-06-20Have ECPKParameters_print() include the NIST curve name, if known.Joel Sing
From OpenSSL. ok miod@ (a while ago).
2015-06-20Provide EC_curve_nid2nist() and EC_curve_nist2nid().Joel Sing
From OpenSSL. Rides libcrypto bump. ok miod@ (a while ago)
2015-05-20No need to check the return value of memcpy() if you actually checked thisMiod Vallat
pointer for NULL the line above; ok doug@
2015-04-29Add missing BN_CTX_end() calls.Doug Hogan
After calling BN_CTX_start(), there must be a BN_CTX_end() before returning. There were missing BN_CTX_end() calls in error paths. One diff chunk was simply removing redundant code related to this. ok deraadt@
2015-03-20Fix a memory leak in an error path.Doug Hogan
From OpenSSL commit 5e5d53d341fd9a9b9cc0a58eb3690832ca7a511f. ok guenther@, logan@
2015-03-19Fix several crash causing defects from OpenSSL.Ted Unangst
These include: CVE-2015-0209 - Use After Free following d2i_ECPrivatekey error CVE-2015-0286 - Segmentation fault in ASN1_TYPE_cmp CVE-2015-0287 - ASN.1 structure reuse memory corruption CVE-2015-0289 - PKCS7 NULL pointer dereferences Several other issues did not apply or were already fixed. Refer to https://www.openssl.org/news/secadv_20150319.txt joint work with beck, doug, guenther, jsing, miod
2015-02-15In ec_wNAF_mul(), move the declaration of tmp_wNAF higher in scope, so thatMiod Vallat
all the function's exit paths can make sure it gets freed. Coverity CID 78861 tweaks & ok doug@ jsing@
2015-02-13fix leaking of bn, coverity issue 105351Bob Beck
ok doug@
2015-02-11Guenther has plans for OPENSSL_NO_CMS, so revert this for the moment.Bob Beck
2015-02-11get rid of OPENSSL_NO_CMS code we do not use.Bob Beck
ok miod@
2015-02-10Expand the IMPLEMENT_ASN1_ALLOC_FUNCTIONS macro so that the code is visibleJoel Sing
and functions can be readily located. Change has been scripted and the generated assembly only differs by changes to line numbers. Discussed with beck@ miod@ tedu@
2015-02-10Expand the IMPLEMENT_ASN1_FUNCTIONS_{const,fname,name} macros so that theJoel Sing
code is visible and functions can be readily located. Change has been scripted and the generated assembly only differs by changes to line numbers. Discussed with beck@ miod@ tedu@
2015-02-09BN_CTX_get() can fail - consistently check its return value.Joel Sing
There are currently cases where the return from each call is checked, the return from only the last call is checked and cases where it is not checked at all (including code in bn, ec and engine). Checking the last return value is valid as once the function fails it will continue to return NULL. However, in order to be consistent check each call with the same idiom. This makes it easy to verify. Note there are still a handful of cases that do not follow the idiom - these will be handled separately. ok beck@ doug@
2015-02-09Remove unused GOST test that prevents clang from building libcrypto.Doug Hogan
clang warns that it is unused and we have -Werror enabled. This test isn't hooked up to anything yet. We can add it back with a future GOST update. clang 3.5 can now build libssl and libcrypto as long as you use CFLAGS=-Wno-pointer-sign. "seems reasonable" bcook@, miod@
2015-02-08Use `> 0' instead of `!= 0' as a successful condition forMiod Vallat
EC_POINT_is_at_infinity() and EC_POINT_is_on_curve(), for they may return -1 should an error arise. ok doug@ jsing@
2015-02-07Delete a lot of #if 0 code in libressl.Doug Hogan
There are a few instances where #if 1 is removed but the code remains. Based on the following OpenSSL commits. Some of the commits weren't strictly deletions so they are going to be split up into separate commits. 6f91b017bbb7140f816721141ac156d1b828a6b3 3d47c1d331fdc7574d2275cda1a630ccdb624b08 dfb56425b68314b2b57e17c82c1df42e7a015132 c8fa2356a00cbaada8963f739e5570298311a060 f16a64d11f55c01f56baa62ebf1dec7f8fe718cb 9ccc00ef6ea65567622e40c49aca43f2c6d79cdb 02a938c953b3e1ced71d9a832de1618f907eb96d 75d0ebef2aef7a2c77b27575b8da898e22f3ccd5 d6fbb194095312f4722c81c9362dbd0de66cb656 6f1a93ad111c7dfe36a09a976c4c009079b19ea1 1a5adcfb5edfe23908b350f8757df405b0f5f71f 8de24b792743d11e1d5a0dcd336a49368750c577 a2b18e657ea1a932d125154f4e13ab2258796d90 8e964419603d2478dfb391c66e7ccb2dcc9776b4 32dfde107636ac9bc62a5b3233fe2a54dbc27008 input + ok jsing@, miod@, tedu@
2014-12-03handle the (impossible) situation of a size_t - 1 buffer fromTheo de Raadt
EC_POINT_point2oct so that later allocation does not overflow with miod
2014-12-03Spotted another opportunity to use reallocarray().Theo de Raadt
ok miod
2014-11-12Fix GOST TC26-B curve description.Miod Vallat
2014-11-11Don't free garbage in ec_wNAF_mul() if wNAF could be allocated butPhilip Guenther
other allocations in the same block couldn't. problem pointed out by David Ramos on the openssl-dev list ok miod@ doug@
2014-11-09GOST crypto algorithms (well, most of them), ported from the removed GOSTMiod Vallat
engine to regular EVP citizens, contributed by Dmitry Eremin-Solenikov; libcrypto bits only for now. This is a verbatim import of Dmitry's work, and does not compile in this state; the forthcoming commits will address these issues. None of the GOST code is enabled in libcrypto yet, for it still gets compiled with OPENSSL_NO_GOST defined. However, the public header gost.h will be installed.
2014-10-07EC_KEY_set_group() does an EC_GROUP_dup() of its argument, so we don'tMiod Vallat
need to do it in ec_copy_parameters() prior to invoking EC_KEY_set_group(). ok doug@ jsing@
2014-07-13Fix memory leak.Loganaden Velvindron
OK from beck@ and miod@
2014-07-12if (x) FOO_free(x) -> FOO_free(x).Miod Vallat
Improves readability, keeps the code smaller so that it is warmer in your cache. review & ok deraadt@
2014-07-11Only import cryptlib.h in the four source files that actually need it.Joel Sing
Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes. ok beck@ miod@
2014-07-10Explicitly include <openssl/opensslconf.h> in every file that referencesJoel Sing
an OPENSSL_NO_* define. This avoids relying on something else pulling it in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is never going to do anything, since OPENSSL_NO_XYZ will never defined, due to the fact that opensslconf.h has not been included. This also includes some miscellaneous sorting/tidying of headers.
2014-07-10Stop including standard headers via cryptlib.h - pull in the headers thatJoel Sing
are needed in the source files that actually require them. ok beck@ miod@
2014-07-09remove unused, private version strings except SSL_version_strBrent Cook
Also remove unused des_ver.h, which exports some of these strings, but is not installed. ok miod@ tedu@
2014-07-01Avoid a NULL deref in i2d_ECPrivateKey() when an EC_KEY lacks the public keyMiod Vallat
member (which is perfectly acceptable). From BoringSSL (Adam Langley), commit f71a27920a903c9c36bcb31e68781b17674d3fd2
2014-06-12tags as requested by miod and teduTheo de Raadt
2014-06-07malloc() result does not need a cast.Theo de Raadt
ok miod
2014-05-31copy a comment placed in other files; req from miodTheo de Raadt
2014-05-30more: no need for null check before freeTheo de Raadt
ok tedu guenther
2014-05-30no need for null check before free. from Brendan MacDonellTed Unangst
2014-05-29ok, next pass after review: when possible, put the reallocarray argumentsTheo de Raadt
in the "size_t nmemb, size_t size"
2014-05-29convert 53 malloc(a*b) to reallocarray(NULL, a, b). that is 53Theo de Raadt
potential integer overflows easily changed into an allocation return of NULL, with errno nicely set if need be. checks for an allocations returning NULL are commonplace, or if the object is dereferenced (quite normal) will result in a nice fault which can be detected & repaired properly. ok tedu
2014-05-29Everything sane has stdio, and FILE *. we don't need ifdefs for this.Bob Beck
ok to firebomb from tedu@
2014-05-25calloc instead of malloc/memset. from Benjamin BaierTed Unangst
2014-05-22if (x) free(x) -> free(x); semantic patch generated with coccinelle, carefullyMiod Vallat
eyeballed before applying. Contributed by Cyril Roelandt on tech@
2014-05-15Stop being a dummy... presumably these are left overs from pedantic modeJoel Sing
that were not wrapped with #if PEDANTIC. ok miod@
2014-05-09Typo in C99 field initializer introduced in r1.3;Miod Vallat
reported by Steven Chamberlain
2014-05-09Replace Apache v2 license with ISC license.Matthew Dempsky
Thanks to Google for agreeing to offer the code under more agreeable licensing terms!
2014-05-08kill some more VMS ifdefsGiovanni Bechis
ok miod@
2014-05-07don't free memory unless we allocated it.Ted Unangst
reported to openssl by David Ramos (rt 3338) stealing commit from logan, who's run away. ok miod.
2014-05-06knf approximationTed Unangst
2014-05-01Add support for the french ANSSI FRP256v1 elliptic curve.Miod Vallat
While not to be considered a good choice of elliptic curve (refer to http://safecurves.cr.yp.to/ for more details), it is nevertheless deemed a good decision to allow developers with requirements to use such a curve, to be able to do this via a crypto library allowing for much better choices to be made, without having to change (much of) their code to get better crypto. ok beck@ deraadt@
2014-05-01Add Brainpool elliptic curves. From OpenSSL RT#2239 via ${DAYJOB}.Miod Vallat
Be sure to rerun `make includes' after updating. ok tedu@ beck@ deraadt@
2014-04-27Use C99 initializers for the various FOO_METHOD structs. More readable, andMiod Vallat
avoid unreadable/unmaintainable constructs like that: const EVP_PKEY_ASN1_METHOD cmac_asn1_meth = { EVP_PKEY_CMAC, EVP_PKEY_CMAC, 0, "CMAC", "OpenSSL CMAC method", 0,0,0,0, 0,0,0, cmac_size, 0, 0,0,0,0,0,0,0, cmac_key_free, 0, 0,0 }; ok matthew@ deraadt@
2014-04-20return after error instead of plowing ahead. noticed by mancha1 at zohoTed Unangst
2014-04-17kill REF_PRINT/REF_CHECK debugging framework noone would useTheo de Raadt
ok miod
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-14 13:13:32 +0000