814 Commits

Author SHA1 Message Date
Brian Smith
3cabd5062c Remove RSA_recover_crt_params. 2015-08-26 21:18:10 -07:00
Brian Smith
225d1d1044 Remove AES-192. 2015-08-26 21:18:09 -07:00
Brian Smith
c0ba4f8bcd Remove ECB mode. 2015-08-26 21:18:08 -07:00
Brian Smith
49c0edec78 Remove CFB mode. 2015-08-26 21:18:08 -07:00
Brian Smith
c08a0374cd Remove OFB mode. 2015-08-26 21:18:07 -07:00
Brian Smith
ddde8768c1 Remove RC4 assembly language optimizations. 2015-08-26 21:18:07 -07:00
Brian Smith
00168a0987 Revert "Add SSL_get_rc4_state."
This reverts commit 3f92d21094ebb0ee36851d0f85764fefa52491f3.
2015-08-26 21:18:06 -07:00
Brian Smith
10b2d53f54 Remove RC2. 2015-08-26 21:18:05 -07:00
Brian Smith
6e18a5a5b3 Remove crypto/bio. 2015-08-26 21:18:05 -07:00
Brian Smith
8060ec65f4 Remove crypto/bio dependency from crypto/bn.
BN_print was only ever used to print to a file BIO. Now it is never
used.
2015-08-26 21:18:04 -07:00
Brian Smith
e44dd0a275 Remove crypto/obj; minimize and reorganize obj_mac.h.
Eliminate the unnecessary parts of obj_mac.h and put the remainder into
logical order. Remove all the crypto/obj stuff, which was used
primarily by the already-removed crypto/asn1.
2015-08-26 21:18:04 -07:00
Brian Smith
e180d7b0a8 Remove base64. 2015-08-26 21:18:03 -07:00
Brian Smith
c1dfae71ff Remove engine. 2015-08-26 21:18:02 -07:00
Brian Smith
297081aebc Revert "Multi-prime RSA support."
This reverts commit 839b881c612c698d7331191beac7d565649f5351, but it
isn't a clean revert.
2015-08-26 21:05:48 -07:00
Brian Smith
db0d3aabc8 Remove crypto/ex_data. 2015-08-26 21:05:48 -07:00
Brian Smith
a874ababb6 Remove time_support. 2015-08-26 21:05:47 -07:00
Brian Smith
c206156e5c Remove crypto/conf. 2015-08-26 21:05:47 -07:00
Brian Smith
7d3552e2a7 Remove PEM, PKCS#8, PKCS#12, X.509, and ASN.1.
Unfortunately these are all too tangled together to remove them
piece-by-piece without creating hard-to-review intermediate changes,
so this commit removes them all at once.
2015-08-26 21:05:44 -07:00
Brian Smith
ba9db7bc33 Remove PKCS#12 and most of crypto/x509.
The remaining parts of crypto/x509 are needed for PKCS#8 support.
2015-08-26 20:56:52 -07:00
Brian Smith
da6777f7bb Remove dependency on one-shot HMAC() function from HKDF.
This will allow HMAC() to be removed.
2015-08-26 20:56:52 -07:00
Brian Smith
9cbe03146c Remove RSA-1024 assembly language optimizations.
RSA 1024 is mostly irrelevant now, and these optimizations don't help
performance at larger key sizes, so it isn't worth keeping this extra
code around.

Some of the most relevant `bssl speed` results are below.

Before (VS2013 x86):
   750 RSA 2048 signing operations [...] (  190.5 ops/sec)
 19250 RSA 2048 verify operations  [...] ( 6348.9 ops/sec)
    76 RSA 4096 signing operations [...] (   24.7 ops/sec)
  5000 RSA 4096 verify operations  [...] ( 1641.0 ops/sec)

After (VS2013 x86):
   750 RSA 2048 signing operations [...] (  196.7 ops/sec)
 20000 RSA 2048 verify operations  [...] ( 6563.8 ops/sec)
    78 RSA 4096 signing operations [...] (   25.7 ops/sec)
  5250 RSA 4096 verify operations  [...] ( 1714.0 ops/sec)

Before (VS2013 x64):
  3750 RSA 2048 signing operations [...] ( 1193.9 ops/sec)
112000 RSA 2048 verify operations  [...] (37135.3 ops/sec)
   500 RSA 4096 signing operations [...] (  164.1 ops/sec)
 31500 RSA 4096 verify operations  [...] (10392.6 ops/sec)

After (VS2013 x64):
  3750 RSA 2048 signing operations [...] ( 1224.7 ops/sec)
112250 RSA 2048 verify operations  [...] (37218.2 ops/sec)
   750 RSA 4096 signing operations [...] (  167.8 ops/sec)
 31500 RSA 4096 verify operations  [...] (10392.6 ops/sec)
2015-08-26 20:56:51 -07:00
Brian Smith
41d9a0ac92 Remove libssl.
libssl depends on crypto/x509 and other things that are being removed.
2015-08-26 20:56:51 -07:00
Brian Smith
12daf7e548 Remove crypto/dsa. 2015-08-26 20:56:50 -07:00
Brian Smith
a980de709b Rework weird loop in bn/generic.c to avoid unreachable code warning.
When building in OPENSSL_NO_ASM mode, MSVC complains about unreachable
code. The redundant initialization of |i| is the main problem, but the
the skipping of the first test of the condition |i < num| was also
confusing, so this commit changes the for loop to a do...while loop.
2015-08-26 20:56:49 -07:00
Brian Smith
956baf7d97 Revert "Do-nothing fns |OpenSSL_add_all_ciphers| and |OpenSSL_add_all_digests|."
This reverts commit 444dce49345a69aa344c5720e9d5da824cbb0eba.
2015-08-26 20:56:48 -07:00
Brian Smith
becfeadc79 Revert "Add |EVP_get_digestbyname|."
This reverts commit 9f8ef2da922271683abcefa8d6a0acd76e2e57d0.
2015-08-26 20:56:47 -07:00
Brian Smith
a8281108c7 Revert "Restore |ERR_print_errors()|."
This reverts commit 4cd4edfc3479e77f4795124e46ef312e70b8439b.
2015-08-26 20:56:25 -07:00
Brian Smith
1c3d95dc70 Revert "Restore |X509_REQ_print| and friends, from OpenSSL at ce7e647b."
This partially reverts commit c0fe12cdf7d621eaf3b7d024ec12cb6f63196bcc.
The typedefs and error data were not reverted.
2015-08-26 20:56:25 -07:00
Brian Smith
de15576d47 Revert "Restore |DES_ede3_cfb_encrypt| and |DES_ede3_cfb64_encrypt| from OpenSSL at ce7e647b."
This reverts commit 50365f25ba2fbcb40e7d6139cc0fb4df2781c8ba.
2015-08-26 20:56:24 -07:00
Brian Smith
e2391451d6 Revert "Add |DES_set_key_unchecked| as an alias for |DES_set_key|."
This reverts commit 2f252fed10e14ecd8b926aadf9a2f6075c5db1c0.
2015-08-26 20:56:24 -07:00
Brian Smith
817b8aaecb Revert "Add |EVP_rc2_cbc| and implement |EVP_CTRL_SET_RC2_KEY_BITS|."
This reverts commit f92930e30a19643c124f3da40301db3452604311.
2015-08-26 20:56:08 -07:00
Brian Smith
bce2b99079 Revert "Make |RSA_PSS_PARAMS| public."
This reverts commit 02e1834bc752e4176a20adbed8805a94e59e75e9.
2015-08-26 19:11:18 -07:00
Brian Smith
cb8feedc03 Revert "Re-add |BN_bn2mpi| and |BN_mpi2bn| from OpenSSL at fd682e4c."
This reverts commit 6488725e5e1ba04276733f67035ae44abd6641ec.
2015-08-26 19:11:16 -07:00
Brian Smith
ab0f25de22 Revert "Re-add the C version (only) of |EVP_aes_256_xts|"
This reverts commit 12fe1b25ead258858309d22ffa9e1f9a316358d7.
2015-08-26 19:11:12 -07:00
Brian Smith
e543b77aa1 Revert "Add |EVP_des_ecb| from OpenSSL at fd682e4c."
This reverts commit 98d2f1fbe0b37f63340e23d007a89650a30e6e5f.
2015-08-26 19:11:08 -07:00
Brian Smith
e69f7488c9 Revert "Re-add |EVP_des_ede_cbc|."
This reverts commit 8c413a2d94fa720fae6a7d9c939e33978f3ed25b.
2015-08-26 19:11:07 -07:00
Brian Smith
c69f4acd02 Revert "Re-add |EVP_des_ede|, which is ECB."
This reverts commit d82a7b24be3bc4e14817d383b71b62000bb469cf.
2015-08-26 19:11:04 -07:00
Adam Langley
73415b6aa0 Move arm_arch.h and fix up lots of include paths.
arm_arch.h is included from ARM asm files, but lives in crypto/, not
openssl/include/. Since the asm files are often built from a different
location than their position in the source tree, relative include paths
are unlikely to work so, rather than having crypto/ be a de-facto,
second global include path, this change moves arm_arch.h to
include/openssl/.

It also removes entries from many include paths because they should be
needed as relative includes are always based on the locations of the
source file.

Change-Id: I638ff43d641ca043a4fc06c0d901b11c6ff73542
Reviewed-on: https://boringssl-review.googlesource.com/5746
Reviewed-by: Adam Langley <agl@google.com>
2015-08-26 01:57:59 +00:00
David Benjamin
61821bf149 Add EVP_AEAD_CTX_zero.
Match the other stack-allocated types in that we expose a wrapper function to
get them into the zero state. Makes it more amenable to templates like
ScopedOpenSSLContext.

Change-Id: Ibc7b2b1bc0421ce5ccc84760c78c0b143441ab0f
Reviewed-on: https://boringssl-review.googlesource.com/5753
Reviewed-by: Adam Langley <agl@google.com>
2015-08-24 23:37:58 +00:00
Matt Braithwaite
c4ef5ff112 In |NCONF_load|, strdup section names rather than adding refs.
The fact that |value_free| expects to free() value->section is
inconsistent with the behavior of |add_string|, which adds a reference
to an existing string.

Along the way, add a |CONF_VALUE_new| method to simplify things a bit.

Change-Id: I438abc80575394e4d8df62a4fe2ff1050e3ba039
Reviewed-on: https://boringssl-review.googlesource.com/5744
Reviewed-by: Adam Langley <agl@google.com>
2015-08-24 22:08:08 +00:00
Matt Braithwaite
50485c7c0c Fix a memory leak in |NCONF_free|.
As I read it:

1. |_LHASH| contains
2.   buckets of |LHASH_ITEMS|, which contain
3.     |CONF_VALUE|s, which contain
4.       various bits of data.

The previous code was freeing #1 and #2 in |lh_free|, and #4 in
|value_free_contents|, but was failing to free the |CONF_VALUE|s
themselves.  The fix is to call |value_free| rather than
|value_free_contents|.

Change-Id: I1d5b48692ca9ac04df688e45d7fc113dc5cd6ddf
Reviewed-on: https://boringssl-review.googlesource.com/5742
Reviewed-by: Adam Langley <agl@google.com>
2015-08-24 20:30:06 +00:00
Matt Braithwaite
685402fadd Recognize PEM-encoded DSA private keys.
This change makes |EVP_PKEY_asn1_find_str|, which is used by
|PEM_read_bio_PrivateKey|, recognize "DSA" as well as "EC" and "RSA".

Change-Id: I39cce12f600cec6a71df75312a41f8395429af62
Reviewed-on: https://boringssl-review.googlesource.com/5743
Reviewed-by: Adam Langley <agl@google.com>
2015-08-21 17:39:05 +00:00
Matt Braithwaite
e9c283025e Use |OPENSSL_strdup| instead of insane alternatives.
Change-Id: I1e6fd4abb7709d53f3663b1626f0bc147b9cd453
Reviewed-on: https://boringssl-review.googlesource.com/5741
Reviewed-by: Adam Langley <agl@google.com>
2015-08-21 00:58:28 +00:00
Adam Langley
28bc6eba28 Don't use the uint128_t P-256 code under MSAN.
MSAN appears to have a bug that causes this code to be miscompiled when
compiled with optimisations. In order to prevent that bug from holding
everything up, this change disables that code when MEMORY_SANITIZER is
defined. The generic elliptic-curve code can pick up the slack in that
case.

Change-Id: I7ce26969b3ee0bc0b0496506f06a8cf9b2523cfa
2015-08-20 15:15:30 -07:00
Matt Braithwaite
d82a7b24be Re-add |EVP_des_ede|, which is ECB.
(I couldn't find an authoritative source of test data, including in
OpenSSL's source, so I used OpenSSL's implementation to produce the
test ciphertext.)

This benefits globalplatform.

Change-Id: Ifb79e77afb7efed1c329126a1a459bbf7ce6ca00
Reviewed-on: https://boringssl-review.googlesource.com/5725
Reviewed-by: Adam Langley <agl@google.com>
2015-08-20 21:33:21 +00:00
Matt Braithwaite
8c413a2d94 Re-add |EVP_des_ede_cbc|.
Note that while |DES_ede2_cbc_encrypt| exists, I didn't use it: I
think it's easier to see what's happening this way.

(I couldn't find an authoritative source of test data, including in
OpenSSL's source, so I used OpenSSL's implementation to produce the
test ciphertext.)

This benefits globalplatform.

Change-Id: I7e17ca0b69067d7b3f4bc213b4616eb269882ae0
Reviewed-on: https://boringssl-review.googlesource.com/5724
Reviewed-by: Adam Langley <agl@google.com>
2015-08-20 21:11:20 +00:00
Adam Langley
6a2de3c1d4 Don't use a C99 for loop.
Because it's 2015 and we can't depend on C99 support yet.

Change-Id: Ie33fddc2a27024d4d3d50dea725062b59670a060
2015-08-20 14:03:31 -07:00
Matt Braithwaite
98d2f1fbe0 Add |EVP_des_ecb| from OpenSSL at fd682e4c.
|DES_ecb_encrypt| was already present.

This benefits globalplatform.

Change-Id: I2ab41eb1936b3026439b5981fb27e29a12672b66
Reviewed-on: https://boringssl-review.googlesource.com/5723
Reviewed-by: Adam Langley <agl@google.com>
2015-08-20 20:57:00 +00:00
Matt Braithwaite
12fe1b25ea Re-add the C version (only) of |EVP_aes_256_xts|
Change-Id: I63c70f93a0f9395673c9fbe01eb5d864a14a48b6
Reviewed-on: https://boringssl-review.googlesource.com/5520
Reviewed-by: Adam Langley <agl@google.com>
Reviewed-by: Matt Braithwaite <mab@google.com>
2015-08-19 01:35:50 +00:00
Brian Smith
a89e208fe9 Suppress missing return value check warning in |EVP_DigestFinal|.
This is harmless, but it wasn't annoted with |(void)| so Coverity
complained about it.

Change-Id: Ie3405b0c0545944d49973d4bf29f8aeb6b965211
Reviewed-on: https://boringssl-review.googlesource.com/5612
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
2015-08-19 00:46:02 +00:00