summaryrefslogtreecommitdiffstats
path: root/crypto
AgeCommit message (Collapse)Author
2018-02-27Update copyright yearMatt Caswell
Reviewed-by: Richard Levitte <levitte@openssl.org>
2018-02-26mem_sec.c: relax POSIX requirement.Andy Polyakov
Even though mlock(2) was standardized in POSIX.1-2001, vendors did implement it prior that point. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5460)
2018-02-24ec/ecp_nistp{224,256,521}.c: harmonize usage of __uint128_t.Andy Polyakov
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5449)
2018-02-24{ec/curve25519,poly1305/poly1305}.c: relax pedantic constraint.Andy Polyakov
As it turns out gcc -pedantic doesn't seem to consider __uint128_t as non-standard, unlike __int128 that is. Fix even MSVC warnings in curve25519.c. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5449)
2018-02-24ec/curve448: portability fixups.Andy Polyakov
SPARC condition in __SIZEOF_INT128__==16 is rather performance thing than portability. Even though compiler advertises int128 capability, corresponding operations are inefficient, because they are not directly backed by instruction set. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5449)
2018-02-24ec/asm/x25519-x86_64.pl: fix up ADCX/ADOX fallback.Andy Polyakov
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5447)
2018-02-23Fix some bugs with the cfb1 bitsize handlingBernd Edlinger
Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5426)
2018-02-23STORE 'file' scheme loader: Add search capibilityRichard Levitte
Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2688)
2018-02-23STORE: Add the possibility to search for specific informationRichard Levitte
Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2688)
2018-02-23STORE 'file' scheme loader: Add info type expectationRichard Levitte
Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2688)
2018-02-23STORE: Add the possibility to specify an expected info typeRichard Levitte
Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2688)
2018-02-23STORE: In preparation for coming work, mark when loading is startedRichard Levitte
Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2688)
2018-02-22Remove unused num.pl,segregnam scriptsRich Salz
Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5433)
2018-02-21Check return value of time() when getting additional data for the DRBGKurt Roeckx
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> GH: #5400
2018-02-21X509V3_EXT_add_nconf_sk, X509v3_add_ext: fix errors handlingPavel Kopyl
X509v3_add_ext: free 'sk' if the memory pointed to by it was malloc-ed inside this function. X509V3_EXT_add_nconf_sk: return an error if X509v3_add_ext() fails. This prevents use of a freed memory in do_body:sk_X509_EXTENSION_num(). Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4698)
2018-02-21Replaced variable-time GCD with consttime inversion to avoid side-channel ↵Samuel Weiser
attacks on RSA key generation Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/5161)
2018-02-21Fix some undefined behaviour in the Curve448 codeMatt Caswell
We can't add NULL data into a hash Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5418)
2018-02-21ec/curve25519.c: facilitate assembly implementations.Andy Polyakov
Currently it's limited to 64-bit platforms only as minimum radix expected in assembly is 2^51. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/5408)
2018-02-21Add x25519-x86_64.pl module, mod 2^255-19 primitives.Andy Polyakov
Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/5408)
2018-02-21crypto/ec/curve25519.c: remove redundant fe[51]_cswap.Andy Polyakov
3 least significant bits of the input scalar are explicitly cleared, hence swap variable has fixed value [of zero] upon exit from the loop. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/5408)
2018-02-20Some more cleanups of curve448 codeMatt Caswell
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5105)
2018-02-20fixup! More style fixes for the curve448 codeMatt Caswell
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5105)
2018-02-20fixup! Improve readability of f_impl.c and f_impl.hMatt Caswell
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5105)
2018-02-20Improve readability of f_impl.c and f_impl.hMatt Caswell
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5105)
2018-02-20Remove unrolled loopsMatt Caswell
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5105)
2018-02-20Yet more style updates to the curve448 codeMatt Caswell
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5105)
2018-02-20Further style changes to curve448 codeMatt Caswell
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5105)
2018-02-20Simplify some codeMatt Caswell
The original curve448 code was templated to allow for a 25519 implementation. We've just imported the 448 stuff - but a remnant of the original templated approach remained. This just simplifies that. Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5105)
2018-02-20Remove some unneccessary use of constant time code in curve448Matt Caswell
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5105)
2018-02-20Fix a travis failure in the curve448 codeMatt Caswell
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5105)
2018-02-20Remove the curve448 vector codeMatt Caswell
We removed various platform specific optimisation files in an earlier commit. The vector code was related to that and therefore is no longer required. It may be resurrected at a later point if we reintroduce the opimtisations. Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5105)
2018-02-20More style fixes for the curve448 codeMatt Caswell
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5105)
2018-02-20Remove a strict aliasing issue with pre-computed curve448 constantsMatt Caswell
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5105)
2018-02-20More style fixes to Curve448 code based on review feedbackMatt Caswell
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5105)
2018-02-20Some style fixesMatt Caswell
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5105)
2018-02-20Formatting tweak based on review feedbackMatt Caswell
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5105)
2018-02-20Use NLIMBS where appropriate to simplify the codeMatt Caswell
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5105)
2018-02-20Remove cplusplus guards in internal headersMatt Caswell
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5105)
2018-02-20Remove the curve448 specific constant time implementationMatt Caswell
Instead we should use the standard OpenSSL constant time routines. Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5105)
2018-02-20Use the NLIMBS macro rather than try and calculate the number of limbsMatt Caswell
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5105)
2018-02-20Rename a function to avoid a clashMatt Caswell
We already have a constant_time_select() function so, to avoid confusion/clashing we shouldn't have a second one. Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5105)
2018-02-20Remove curve448 architecture specific filesMatt Caswell
Remove all architecture specific files except for the reference arch_32 version. These files provide archicture specific performance optimisation. However they have not been integrated yet. In order to avoid review issues they are removed for now. They may be reintroduced at a later time. Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5105)
2018-02-20Fix AppVeyor failure in eddsa.cMatt Caswell
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5105)
2018-02-20Fix travis failure in f_impl.cMatt Caswell
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5105)
2018-02-20Fix a typo in a commentMatt Caswell
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5105)
2018-02-20Update Curve448 copyright for 2018Matt Caswell
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5105)
2018-02-20Code tidy upMatt Caswell
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5105)
2018-02-20Fixes for compilation using clangMatt Caswell
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5105)
2018-02-20Move curve448_test.c to be a full internal testMatt Caswell
This ensures that this test is run as part of the test suite Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5105)
2018-02-20Fix build errors for Curve448 code on Windows (VC-WIN32 and VC-WIN64A)Matt Caswell
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5105)
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-02 20:12:36 +0000