| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
found by gcc with -Wsuggest-override
|
|
|
|
|
|
|
|
|
|
| |
This avoids a scan over the entire 0 - 0xFFFF space which is mostly
empty, by instead keeping a second list in tls_suite_info which is
exactly the keys for which the switch statement has values.
This scan is only ever done once (when first needed) but removing it
is sufficient to increase AFL's throuhput by 4x since it goes through
a full startup on each test.
|
|
|
|
| |
fix PVS-Studio perfomance warnings
|
|
|
|
|
|
|
|
|
|
| |
Expose provider param in PK_Key_Agreement API
Handle multiple providers in key agreement tests
Fix some funky formatting of P-521 EC points in ecdh.vec which was
being rejected by OpenSSL; for whatever reason the CAVS file had
the affine coords with far more leading zeros than necessary.
|
|
|
|
|
|
|
| |
Has the same effect as using ctgrind, but without requiring a
custom-compiled valgrind binary.
Add ct checking annotations to the SSSE3 AES code.
|
|
|
|
| |
Interop tested with mbed TLS
|
|
|
|
|
|
| |
There was a special case for small scalars which managed to forget
that the integer 3 also fits into two bits. Found by adding a new set
of ECC point mul tests for the NIST curves.
|
|
|
|
|
|
| |
Aligning the calls makes it easier to read the index travel
Add a date to the generated output file
|
|
|
|
| |
j is never more than 30 in this loop
|
|
|
|
|
|
|
|
|
|
| |
Bug found by Daniel Neus
The function wasn't being used anywhere in the library (and was only
added in 1.11.20) so it seems easier to remove than fix. And removing
it serves to put any user on notice that something bad happened;
Daniel tested this as returning just 0 when bits >= 32 with his
system's compiler.
|
|
|
|
|
| |
(Two part commit with 64caa9a to work around git's insane implied
rename system)
|
|
|
|
| |
Simpler, and a bit faster also it seems (but not fast)
|
|\
| |
| | |
Fix loading of unencrypted, BER encoded private keys via PKCS8 api
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
It works on x86, but C says it is undefined and it makes UBSan
unhappy. Happily, this memcpy approach probably also works fine under
processors which previously used the byte-at-a-time approach such as
ARM. But for right now using memcpy here is still gated under the
processor alignment flags.
In my tests recent GCC and Clang seemed to produce basically identical
code for either approach when using -O3; I imagine most compilers
these days are very good at analyzing/inlining/unrolling memcpys.
Also remove the manually unrolled versions of xor_buf, which caused
problems with GCC and -O3 due to it vectorizing the loads into
(aligned) SSE2 loads, which would fail when a misaligned pointer was
passed. Which always seemed kind of bogus to me, but I guess that's
what undefined behavior is for. Enable -O3 for GCC.
With this change the test suite is clean under GCC ASan+UBSan and
Clang ASan+UBSan, with the exception of one failure due to a bug in
libstdc++ (GCC bug 60734) when compiled by Clang.
|
| |
| |
| |
| | |
Reported on the mailing list by Falko
|
| |
| |
| |
| |
| |
| |
| | |
Otherwise we run into the old problem in the static non-amalgamation
build of the operation not being loaded even though the key itself was
referenced; since now the operation is loaded as a by-product of
referencing the key type (as with other impls) everything works out.
|
| | |
|
|\ \
| | |
| | | |
Some trivial compiler and PVS-Studio warning fixes
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | | |
Convert McEliece KEM to use it
Add RSA-KEM
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Calling memset, memmove, memcpy with an undefined or null pointer,
even with length zero, causes undefined behavior. Prevent that from
happening within the functions that call these dangerous things
since allowing a caller to pass length == 0 with null or just
past the end and not have things explode is nice.
Oh C, you so crazy.
|
| |/
|/|
| |
| |
| |
| | |
It had two functions, both only called from one place (mp_karat.cpp).
Both multiple and square ops were O(n**2), so drop square and just
call mul in mp_karat.cpp for either case
|
|/ |
|
| |
|
|
|
|
|
|
|
| |
in the algo factory.
Fixes remaining issues of GH #369 - test_pubkey.cpp was expecting Lookup_Error
when something isn't found.
|
| |
|
| |
|
|
|
|
| |
GH #370 for background
|
|\
| |
| | |
Add support for Intel RdSeed instruction
|
| | |
|
| |
| |
| |
| | |
GH #363
|
| |
| |
| |
| |
| |
| |
| | |
Having the code diffused all over the place was ugly and would
not scale well to multiple alternative providers.
GH #368
|
| |
| |
| |
| | |
See GH #340 and 6b9a3a5 for background
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The command line tools' origin as a collection of examples and test
programs glued together led to some unfortunate problems; lots of
hardcoded values, missing parameters, and obsolete crypto.
Adds a small library for writing command line programs of the sort
needed here (cli.h), which cuts the length of many of the commands in
half and makes commands more pleasant to write and extend.
Generalizes a lot of the commands also, eg previously only
signing/verification with DSA/SHA-1 was included!
Removes the fuzzer entry point since that's fairly useless outside of
an instrumented build.
Removes the in-library API for benchmarking.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
As the alternatives are unfortunate for applications trying to catch
all library errors, and it seems deriving from std::runtime_error
causes problems with MSVC DLLs (GH #340)
Effectively reverts 2837e915d82e43
|
| |
|
|
|
|
|
|
|
|
| |
Provide abstractions for the locking allocator (allocate and free
locked pages) to decouple it from the platform dependent code. Should
make it easy to write a Windows version using VirtualAlloc+VirtualLock.
Exposes max mlock limit as a build.h toggle
|
|
|
|
| |
Checked with ctgrind
|
|\
| |
| | |
Algo_Registry: Use CRITICAL_SECTION on Windows to prevent hang during initialization
|
| | |
|
| |
| |
| |
| | |
Preprocessing sections are now split in two.
|
| |\
| | |
| | |
| | | |
fix_algo_registry_locking_windows
|