| f59d72f0 | 12-Jan-2022 |
Gerd Hoffmann |
crypto/bio: drop float formating for UEFI
Using floating point is not supported in UEFI and can cause build
problems, for example due to SSE being disabled and x64 calling
convention
crypto/bio: drop float formating for UEFI
Using floating point is not supported in UEFI and can cause build
problems, for example due to SSE being disabled and x64 calling
convention passing floats in SSE registers.
Avoid those problems by not compiling the formating code for floating
point numbers.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17547)
show more ...
|
| 619c9bad | 12-Jan-2022 |
Gerd Hoffmann |
Revert "crypto/bio: fix build on UEFI"
This reverts commit 328bf5adf9e23da523d4195db309083aa02403c4.
Turned out it isn't that simple, the fix is incomplete.
So revert and try ag
Revert "crypto/bio: fix build on UEFI"
This reverts commit 328bf5adf9e23da523d4195db309083aa02403c4.
Turned out it isn't that simple, the fix is incomplete.
So revert and try again with another approach.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17547)
show more ...
|
| e278f185 | 19-Jan-2022 |
yangyangtiantianlonglong |
Fix the same BIO_FLAGS macro definition
Also add comment to the public header to avoid
making another conflict in future.
Fixes #17545
Reviewed-by: Paul Dale <pauli@ope
Fix the same BIO_FLAGS macro definition
Also add comment to the public header to avoid
making another conflict in future.
Fixes #17545
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17546)
show more ...
|
| 5288303d | 25-Nov-2021 |
Richard Levitte |
TEST: Add a test of the new BN_signed set of functions in test/bntest.c
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17139) |
| f5e8050f | 25-Nov-2021 |
Richard Levitte |
Add signed bn2bin and bin2bn functions
This adds the functions BN_signed_bin2bn(), BN_signed_bn2bin(),
BN_signed_lebin2bn(), BN_signed_bn2lebin(), BN_signed_native2bn(),
and BN_signe
Add signed bn2bin and bin2bn functions
This adds the functions BN_signed_bin2bn(), BN_signed_bn2bin(),
BN_signed_lebin2bn(), BN_signed_bn2lebin(), BN_signed_native2bn(),
and BN_signed_bn2native(), all essentially doing the same job as
BN_bin2bn(), BN_bn2binpad(), BN_lebin2bn(), BN_bn2lebinpad(),
BN_native2bn(), and BN_bn2nativepad(), except that the 'signed'
ones operate on signed number bins in 2's complement form.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17139)
show more ...
|
| c30de601 | 24-Nov-2021 |
Richard Levitte |
[refactor] BIGNUM: Modify bin2bn() to work from least to most significant chunk
This will make it easier to introduce the possibility for signed input
numbers.
We also refactor
[refactor] BIGNUM: Modify bin2bn() to work from least to most significant chunk
This will make it easier to introduce the possibility for signed input
numbers.
We also refactor the inner loop to simplify the calculation of each
bignum chunk.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17139)
show more ...
|
| 99d3349d | 24-Nov-2021 |
Richard Levitte |
BIGNUM: Add a comment on chunk order in struct bignum_st
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17139) |
| 4e26fe50 | 24-Nov-2021 |
Richard Levitte |
[refactor] BIGNUM: Modify bn2binpad()'s setup to be more like bin2bn()'s
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17139) |
| c2cab435 | 24-Nov-2021 |
Richard Levitte |
[refactor] BIGNUM: collapse BN_bin2bn() and BN_lebin2bn() into one
BN_lebin2bn() is a block copy of BN_bin2bn() with just a couple of
very minute details changed. For better maintainabi
[refactor] BIGNUM: collapse BN_bin2bn() and BN_lebin2bn() into one
BN_lebin2bn() is a block copy of BN_bin2bn() with just a couple of
very minute details changed. For better maintainability, we collapse
them into the internal function bn2bin(), and change BN_bin2bn() and
BN_lebin2bn() to become simple wrappers.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17139)
show more ...
|
| 2d280fe0 | 17-Jan-2022 |
Tobias Nießen |
Clarify flags argument of X509_check_ip
Because no supported flag affects the behavior of X509_check_ip, the
flags argument currently has no effect.
Reviewed-by: Paul Dale <paul
Clarify flags argument of X509_check_ip
Because no supported flag affects the behavior of X509_check_ip, the
flags argument currently has no effect.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17536)
show more ...
|
| 148b592d | 17-Jan-2022 |
Hubert Kario |
s_server: correctly handle 2^14 byte long records
as the code uses BIO_gets, and it always null terminates the
strings it reads, when it reads a record 2^14 byte long, it actually
re
s_server: correctly handle 2^14 byte long records
as the code uses BIO_gets, and it always null terminates the
strings it reads, when it reads a record 2^14 byte long, it actually
returns 2^14-1 bytes to the calling application, in general it returns
size-1 bytes to the caller
This makes the code sub-optimal (as every 2^14 record will need two
BIO_gets() calls) and makes it impossible to use -rev option to test
all plaintext lengths (like in openssl#15706)
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17538)
show more ...
|
| a822a0cb | 18-Jan-2022 |
James Muir |
Simpler square-root computation for Ed25519
Description:
Mark Wooden and Franck Rondepierre noted that the square-root-mod-p
operations used in the EdDSA RFC (RFC 8032) can be simpli
Simpler square-root computation for Ed25519
Description:
Mark Wooden and Franck Rondepierre noted that the square-root-mod-p
operations used in the EdDSA RFC (RFC 8032) can be simplified. For
Ed25519, instead of computing u*v^3 * (u * v^7)^((p-5)/8), we can
compute u * (u*v)^((p-5)/8). This saves 3 multiplications and 2
squarings. For more details (including a proof), see the following
message from the CFRG mailing list:
https://mailarchive.ietf.org/arch/msg/cfrg/qlKpMBqxXZYmDpXXIx6LO3Oznv4/
Note that the Ed448 implementation (see
ossl_curve448_point_decode_like_eddsa_and_mul_by_ratio() in
./crypto/ec/curve448/curve448.c) appears to already use this simpler
method (i.e. it does not follow the method suggested in RFC 8032).
Testing:
Build and then run the test suite:
./Configure -Werror --strict-warnings
make update
make
make test
Numerical testing of the square-root computation can be done using the
following sage script:
def legendre(x,p):
return kronecker(x,p)
# Ed25519
p = 2**255-19
# -1 is a square
if legendre(-1,p)==1:
print("-1 is a square")
# suppose u/v is a square.
# to compute one of its square roots, find x such that
# x**4 == (u/v)**2 .
# this implies
# x**2 == u/v, or
# x**2 == -(u/v) ,
# which implies either x or i*x is a square-root of u/v (where i is a square root of -1).
# we can take x equal to u * (u*v)**((p-5)/8).
# 2 is a generator
# this can be checked by factoring p-1
# and then showing 2**((p-1)/q) != 1 (mod p)
# for all primes q dividing p-1.
g = 2
s = p>>2 # s = (p-1)/4
i = power_mod(g, s, p)
t = p>>3 # t = (p-5)/8
COUNT = 1<<18
while COUNT > 0:
COUNT -= 1
r = randint(0,p-1) # r = u/v
v = randint(1,p-1)
u = mod(r*v,p)
# compute x = u * (u*v)**((p-5)/8)
w = mod(u*v,p)
x = mod(u*power_mod(w, t, p), p)
# check that x**2 == r, or (i*x)**2 == r, or r is not a square
rr = power_mod(x, 2, p)
if rr==r:
continue
rr = power_mod(mod(i*x,p), 2, p)
if rr==r:
continue
if legendre(r,p) != 1:
continue
print("failure!")
exit()
print("passed!")
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17544)
show more ...
|
| bca6cc53 | 18-Jan-2022 |
fangming.fang |
Fix sm3ss1 translation issue in sm3-armv8.pl
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(
Fix sm3ss1 translation issue in sm3-armv8.pl
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17542)
show more ...
|
| acce0557 | 13-Jan-2022 |
Pauli |
ssl: better support TSAN operations
For platforms that do not have native TSAN support, locking needs to be used
instead. This adds the locking.
Reviewed-by: Matt Caswell <matt
ssl: better support TSAN operations
For platforms that do not have native TSAN support, locking needs to be used
instead. This adds the locking.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17489)
show more ...
|
| ed16b0fc | 17-Jan-2022 |
Pauli |
test: add cipher context dup test
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17529) |
| 0be4b040 | 07-Jan-2022 |
Pauli |
test: add digest context dup tests
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17529) |
| 0324ae3e | 07-Jan-2022 |
Pauli |
doc: document digest and cipher dup functions
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17529) |
| 4e62f1a3 | 07-Jan-2022 |
Pauli |
Add context dup functions for digests and ciphers
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17529) |
| 2c9da416 | 07-Jan-2022 |
Pauli |
fix indentation
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17529) |
| 15b7175f | 19-Oct-2021 |
Daniel Hu |
SM4 optimization for ARM by HW instruction
This patch implements the SM4 optimization for ARM processor,
using SM4 HW instruction, which is an optional feature of
crypto extension fo
SM4 optimization for ARM by HW instruction
This patch implements the SM4 optimization for ARM processor,
using SM4 HW instruction, which is an optional feature of
crypto extension for aarch64 V8.
Tested on some modern ARM micro-architectures with SM4 support, the
performance uplift can be observed around 8X~40X over existing
C implementation in openssl. Algorithms that can be parallelized
(like CTR, ECB, CBC decryption) are on higher end, with algorithm
like CBC encryption on lower end (due to inter-block dependency)
Perf data on Yitian-710 2.75GHz hardware, before and after optimization:
Before:
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes
SM4-CTR 105787.80k 107837.87k 108380.84k 108462.08k 108549.46k 108554.92k
SM4-ECB 111924.58k 118173.76k 119776.00k 120093.70k 120264.02k 120274.94k
SM4-CBC 106428.09k 109190.98k 109674.33k 109774.51k 109827.41k 109827.41k
After (7.4x - 36.6x faster):
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes
SM4-CTR 781979.02k 2432994.28k 3437753.86k 3834177.88k 3963715.58k 3974556.33k
SM4-ECB 937590.69k 2941689.02k 3945751.81k 4328655.87k 4459181.40k 4468692.31k
SM4-CBC 890639.88k 1027746.58k 1050621.78k 1056696.66k 1058613.93k 1058701.31k
Signed-off-by: Daniel Hu <Daniel.Hu@arm.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17455)
show more ...
|
| c1167f09 | 14-Jan-2022 |
Tomas Mraz |
dh_exch.c: Correct gettable parameters for DH key exchange
Fixes #17510
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from
dh_exch.c: Correct gettable parameters for DH key exchange
Fixes #17510
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17515)
show more ...
|
| 14951ef0 | 17-Jan-2022 |
Pauli |
e_dasync: remove empty statement
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(M
e_dasync: remove empty statement
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17528)
show more ...
|
| b461aff2 | 17-Jan-2022 |
Pauli |
demo: remove end of line whitespace
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
demo: remove end of line whitespace
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17528)
show more ...
|
| a09a342f | 17-Jan-2022 |
Pauli |
speed: rework if condition to avoid empty statement
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@
speed: rework if condition to avoid empty statement
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17528)
show more ...
|
| d715dbd8 | 16-Jan-2022 |
Pauli |
replace ;; with ; as statement separator
Fixes #17525
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Cas
replace ;; with ; as statement separator
Fixes #17525
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17528)
show more ...
|
