Commit graph

590 commits

Author SHA1 Message Date
Rich Salz
0cd0a820ab Remove unused error/function codes.
Add script to find unused err/reason codes
Remove unused reason codes.
Remove entries for unused functions

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-05-23 15:04:23 -04:00
FdaSilvaYY
11ed851db0 Fix and simplify error handling in (RSA/EC_kmeth)_new_method()
Inspired from PR #873.
Nearly same as 2bbf0ba.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-05-23 13:37:02 +01:00
Rich Salz
6aa36e8e5a Add OpenSSL copyright to .pl files
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-21 08:23:39 -04:00
Rich Salz
b6cff313cb Manual fixes after copyright consolidation
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-17 17:38:18 -04:00
Rich Salz
aa6bb1352b Copyright consolidation 05/10
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-17 15:38:09 -04:00
Rich Salz
4f22f40507 Copyright consolidation 06/10
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-17 14:51:04 -04:00
Steven Valdez
2ab851b779 Adding missing BN_CTX_(start/end) in crypto/ec/ec_key.c
RT#4363

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-05-11 18:48:48 +01:00
FdaSilvaYY
dccd20d1b5 fix tab-space mixed indentation
No code change

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-05-09 09:09:55 +01:00
J Mohan Rao Arisankala
cb1d435cac few missing allocation failure checks and releases on error paths
- Missing checks for allocation failure.
- releasing memory in few missing error paths

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-05-09 09:06:06 +01:00
Emilia Kasper
0eadff033f Document inversion ladder in curve25519
This demystifies two for-loops that do nothing. They were used to write
the ladder in a unified way. Now that the ladder is otherwise commented,
remove the dead loops.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-05-05 18:51:53 +02:00
Matt Caswell
b8c51459aa Remove some dead code from EC_GROUP_check()
EC_GROUP_check() was obtaining a temporary BIGNUM from the BN_CTX, but
then not using it.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-29 16:47:41 +01:00
Matt Caswell
40a8643a37 Avoid a NULL ptr deref if group is not set
We should only copy parameters and keys if the group is set. Otherwise
they don't really make any sense. Previously we copied the private key
regardless of whether the group was set...but if it wasn't a NULL ptr
deref could occur. It's unclear whether we could ever get into that
situation, but since we were already checking it for the public key we
should be consistent.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-29 16:47:41 +01:00
Kazuki Yamaguchi
acde647fb0 Fix EC_KEY_set_private_key() to call key->group->meth->set_private()
Fix a bug introduced by 6903e2e7e9 (Extended EC_METHOD customisation
support., 2016-02-01). key->meth->set_private() is wrongly called where
it should call key->group->meth->set_private().

PR#4517

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-04-23 04:24:27 +01:00
Richard Levitte
45c6e23c97 Remove --classic build entirely
The Unix build was the last to retain the classic build scheme.  The
new unified scheme has matured enough, even though some details may
need polishing.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-20 16:04:56 +02:00
Shlomi Fish
085b386065 Fix the spelling of "implement".
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-14 08:15:27 -04:00
David Benjamin
fe56d8e8a3 RT 4393: Call EC_GROUP_order_bits in priv2opt.
The private key is a scalar and should be sized by the order, not the
degree. See RFC 5915.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-03-29 20:03:48 +02:00
Richard Levitte
007c80eae4 Remove the remainder of util/mk1mf.pl and companion scripts
This removes all scripts that deal with MINFO as well, since that's
only used by mk1mf.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-03-21 11:02:00 +01:00
Rich Salz
3c27208fab Remove #error from include files.
Don't have #error statements in header files, but instead wrap
the contents of that file in #ifndef OPENSSL_NO_xxx
This means it is now always safe to include the header file.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-20 19:48:36 -04:00
Dr. Stephen Henson
34c2db9b56 constify ECDSA_SIG_get0()
PR#4436

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-03-19 22:04:38 +00:00
Richard Levitte
f425f9dcff Add $(LIB_CFLAGS) for any build.info generator that uses $(CFLAGS)
The reason to do so is that some of the generators detect PIC flags
like -fPIC and -KPIC, and those are normally delivered in LD_CFLAGS.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-13 00:02:55 +01:00
Andy Polyakov
ee619197db crypto/*/build.info: make it work on ARM platforms.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-11 15:30:57 +01:00
Richard Levitte
a5aa63a456 Fix some assembler generating scripts for better unification
Some of these scripts would recognise an output parameter if it looks
like a file path.  That works both in both the classic and new build
schemes.  Some fo these scripts would only recognise it if it's a
basename (i.e. no directory component).  Those need to be corrected,
as the output parameter in the new build scheme is more likely to
contain a directory component than not.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-03-11 00:54:31 +01:00
Richard Levitte
f0667b1430 Add include directory options for assembler files that include from crypto/
Closes RT#4406

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-10 20:30:47 +01:00
Richard Levitte
03f880e4fc The typedef ECPARAMETERS is already defined, don't define it anew
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-03-10 11:29:08 +01:00
Rich Salz
60b350a3ef RT3676: Expose ECgroup i2d functions
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-03-09 12:25:21 -05:00
Richard Levitte
5b14d5b5a0 Make sure the effect of "pic" / "no-pic" is used with assembler compilations
Before the 'Introduce the "pic" / "no-pic" config option' commit, the
shared_cflag value for the chosen config would be part of the make
variable CFLAG, which got replicated into CFLAGS and ASFLAGS.

Since said commit, the shared_cflag value has become a make variable
of its own, SHARED_CFLAG (which is left empty in a "no-pic" build).

However, ASFLAGS was forgotten.  That's what's corrected with this
change.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-03-09 12:33:23 +01:00
Andy Polyakov
1a66190888 ec/asm/ecp_nistz256-sparcv9.pl: get corner logic right.
RT#4284

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-09 11:21:11 +01:00
Richard Levitte
73d2fb66ef Unified - adapt the generation of ec assembler to use GENERATE
This gets rid of the BEGINRAW..ENDRAW sections in crypto/ec/build.info.

This also moves the assembler generating perl scripts to take the
output file name as last command line argument, where necessary.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-03-09 11:09:26 +01:00
Richard Levitte
e519ecd8d4 Include e_os.h from ec_lcl.h
The EC code recently started using REF_PRINT_COUNT and REF_ASSERT_ISNT.
Those are defined in e_os.h.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-08 19:55:40 +01:00
Alessandro Ghedini
c001ce3313 Convert CRYPTO_LOCK_X509_* to new multi-threading API
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-08 11:10:34 -05:00
Alessandro Ghedini
9b398ef297 Convert CRYPTO_LOCK_EC_* to new multi-threading API
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-08 11:10:34 -05:00
Andy Polyakov
eb77e8886d SPARCv9 assembly pack: unify build rules and argument handling.
Make all scripts produce .S, make interpretation of $(CFLAGS)
pre-processor's responsibility, start accepting $(PERLASM_SCHEME).
[$(PERLASM_SCHEME) is redundant in this case, because there are
no deviataions between Solaris and Linux assemblers. This is
purely to unify .pl->.S handling across all targets.]

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-08 15:51:06 +01:00
Rich Salz
a4cb3bc8f2 GH616: Remove dead code
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-03-05 13:45:40 -05:00
Emilia Kasper
5b7af0dd6c Curve25519: fix const-initialization
Clang is permissive of this, but gcc fails.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-04 18:13:05 +01:00
Emilia Kasper
b95779846d Curve25519: avoid undefined behaviour
Appease the sanitizer: avoid left shifts of negative values.

This could've been done entirely with casts to uint and back,
but using masks seemed slightly more readable.

There are also implementation-defined signed right shifts in this
code. Those remain.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-04 12:28:01 +01:00
Emilia Kasper
8185e649f8 Clean up curve25519 build
- Remove OPENSSL_X25519_X86_64 which never worked, because we don't have
  the assembly.
- Also remove OPENSSL_SMALL (which should have been
  OPENSSL_SMALL_FOOTPRINT) which isn't a priority at the moment.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-03 16:53:19 +01:00
Dr. Stephen Henson
e9b1c42f75 make errors
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-02 20:48:12 +00:00
Dr. Stephen Henson
e2285d878d Handle KDF internally.
Handle KDF in ECDH_compute_key instead of requiring each implementation
support it. This modifies the compute_key method: now it allocates and
populates a buffer containing the shared secret.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-02 20:48:12 +00:00
Emilia Kasper
fdfb8c8486 curve25519: add missing const-qualifier
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2016-03-02 17:23:36 +01:00
Kurt Roeckx
dc22d6b37e Make k25519Precomp const
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

MR: #2184
2016-03-02 13:39:25 +01:00
Dr. Stephen Henson
83f0e802ab make errors
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-01 22:04:25 +00:00
Dr. Stephen Henson
9ff9bccc41 Add default operations to EC_METHOD
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-01 22:04:25 +00:00
Dr. Stephen Henson
77470e989c Replace overrides.
Instead of overriding a default operation move default operation to a
separate function which is then explicitly included in any EC_METHOD
that uses it.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-01 22:04:25 +00:00
Dr. Stephen Henson
15e58273da remove unused variables
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-02-29 15:13:31 +00:00
Dr. Stephen Henson
5697291f2d Remove unused code.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-02-28 22:54:54 +00:00
Dr. Stephen Henson
0780daa030 Change BORINGSSL defines to OPENSSL
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-02-28 22:54:54 +00:00
Dr. Stephen Henson
244e5f5de6 Initial adaptations for Curve25519 code.
Fix "mixed declarations and code" warnings.
Use OpenSSL headers.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-02-28 22:54:54 +00:00
Emilia Kasper
df3bde6791 Place under OpenSSL license.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-02-28 22:54:54 +00:00
Dr. Stephen Henson
a90def6b53 Add X25519 code from BoringSSL.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-02-28 22:54:54 +00:00
Dr. Stephen Henson
1db3107ada TLS support for X25519
Add X25519 to TLS supported curve list.
Reject attempts to configure keys which cannot be used
for signing.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-02-28 22:54:54 +00:00