summaryrefslogtreecommitdiffstats
path: root/test/dhtest.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* test: fix coverity 1473234 & 1473239: argument cannot be negativePauli2021-04-081-2/+2
| | | | | Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14620)
* test: fix coverity 1475940: negative returnPauli2021-04-071-2/+2
| | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14769)
* test: fix coverity 1475941: resource leakPauli2021-04-071-2/+5
| | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14769)
* Add a range check (from SP800-56Ar3) to DH key derivation.Shane Lontis2021-04-011-56/+60
| | | | | | | | | | | | | | Fixes #14401 Note that this moves the public key check out of DH compute_key() since key validation does not belong inside this primitive.. The check has been moved to the EVP_PKEY_derive_set_peer() function so that it generally applies to all exchange operations.. Use EVP_PKEY_derive_set_peer_ex() to disable this behaviour. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14717)
* Update copyright yearMatt Caswell2020-04-231-1/+1
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11616)
* Change DH_get_nid() to set the value of q if it is not already setShane Lontis2020-03-061-0/+71
| | | | | | | | | | | | | Fixes #11108. It only sets q if a valid named group is found. The function signature was recently changed to pass a non const DH pointer in order to allow the nid to be cached internally. As an extension of this the value of q can now also be set as q is always known for named groups. The length field is also set if q is set. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11114)
* Deprecate the low level Diffie-Hellman functions.Pauli2020-02-201-0/+6
| | | | | | | | Use of the low level DH functions has been informally discouraged for a long time. We now formally deprecate them. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11024)
* Add support for DH 'modp' group parameters (RFC 3526)Shane Lontis2020-01-301-0/+33
| | | | | Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10897)
* Check the DH modulus bit lengthBernd Edlinger2019-09-091-3/+13
| | | | | | | | | The check was missing in DH_check and DH_check_params. [extended tests] Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9796)
* Enforce a minimum DH modulus size of 512 bitsBernd Edlinger2019-07-241-19/+6
| | | | | | | [extended tests] Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9437)
* Change DH parameters to generate the order q subgroup instead of 2qBernd Edlinger2019-07-221-1/+72
| | | | | | | | This avoids leaking bit 0 of the private key. Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/9363)
* Fix TyposAntoine Cœur2019-07-011-1/+1
| | | | | | | | | CLA: trivial Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/9275)
* Following the license change, modify the boilerplates in test/Richard Levitte2018-12-061-1/+1
| | | | | Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7767)
* test/dhtest.c: fix resource leakDr. Matthias St. Pierre2018-09-101-29/+39
| | | | | | | | | Reported by Coverity Scan (CID 1439136) [extended tests] Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7155)
* Update copyright yearMatt Caswell2018-05-291-1/+1
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6371)
* DH: add some basic tests (and comments)Dr. Matthias St. Pierre2018-05-181-0/+85
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6273)
* Allow DH_set0_key with only private key.David Benjamin2017-09-261-5/+23
| | | | | | | | | | | | | | | | | | | | | | | | The pub_key field for DH isn't actually used in DH_compute_key at all. (Note the peer public key is passed in as as BIGNUM.) It's mostly there so the caller may extract it from DH_generate_key. It doesn't particularly need to be present if filling in a DH from external parameters. The check in DH_set0_key conflicts with adding OpenSSL 1.1.0 to Node. Their public API is a thin wrapper over the old OpenSSL one: https://nodejs.org/api/crypto.html#crypto_class_diffiehellman They have separate setPrivateKey and setPublicKey methods, so the public key may be set last or not at all. In 1.0.2, either worked fine since operations on DH objects generally didn't use the public key. (Like with OpenSSL, Node's setPublicKey method is also largely a no-op, but so it goes.) In 1.1.0, DH_set0_key prevents create a private-key-only DH object. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/4384)
* Use "" not <> for internal/ includesRich Salz2017-08-221-1/+1
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4217)
* Remove tests dependence on e_os.hPauli2017-08-181-1/+1
| | | | | | | | | | | | Apart from ssltest_old.c, the test suite relied on e_os.h for the OSSL_NELEM macro and nothing else. The ssltest_old.c also requires EXIT and some socket macros. Create a new header to define the OSSL_NELEM macro and use that instead. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4186)
* Switch from ossl_rand to DRBG randRich Salz2017-08-031-5/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | If RAND_add wraps around, XOR with existing. Add test to drbgtest that does the wrap-around. Re-order seeding and stop after first success. Add RAND_poll_ex() Use the DF and therefore lower RANDOMNESS_NEEDED. Also, for child DRBG's, mix in the address as the personalization bits. Centralize the entropy callbacks, from drbg_lib to rand_lib. (Conceptually, entropy is part of the enclosing application.) Thanks to Dr. Matthias St Pierre for the suggestion. Various code cleanups: -Make state an enum; inline RANDerr calls. -Add RAND_POLL_RETRIES (thanks Pauli for the idea) -Remove most RAND_seed calls from rest of library -Rename DRBG_CTX to RAND_DRBG, etc. -Move some code from drbg_lib to drbg_rand; drbg_lib is now only the implementation of NIST DRBG. -Remove blocklength Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4019)
* Update the test framework so that the need for test_main is removed. EverythingPauli2017-07-261-9/+8
| | | | | | | | | | | | | | | | | | | | that needed test_main now works using the same infrastructure as tests that used register_tests. This meant: * renaming register_tests to setup_tests and giving it a success/failure return. * renaming the init_test function to setup_test_framework. * renaming the finish_test function to pulldown_test_framework. * adding a user provided global_init function that runs before the test frame work is initialised. It returns a failure indication that stops the stest. * adding helper functions that permit tests to access their command line args. * spliting the BIO initialisation and finalisation out from the test setup and teardown. * hiding some of the now test internal functions. * fix the comments in testutil.h Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3953)
* Test cleaning and modernisationPauli2017-07-131-2/+2
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3917)
* Use randomness not entropyRich Salz2017-06-271-1/+1
| | | | | Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/3773)
* Adapt all test programsRichard Levitte2017-04-241-1/+0
| | | | | Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3243)
* fix dh_test.Rich Salz2017-04-201-9/+14
| | | | | | | | The issues were introduced by commit 93d0298. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3263)
* Convert dhtest, dsatest, cipherbytes_testRich Salz2017-04-191-150/+65
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3209)
* Fix the build and tests following constification of DH, DSA, RSAMatt Caswell2016-06-161-11/+9
| | | | | | | Misc fixes following the constification of the DH, DSA and RSA getters. Reviewed-by: Stephen Henson <steve@openssl.org>
* Deprecate the flags that switch off constant timeMatt Caswell2016-06-061-4/+0
| | | | | | | | | The flags RSA_FLAG_NO_CONSTTIME, DSA_FLAG_NO_EXP_CONSTTIME and DH_FLAG_NO_EXP_CONSTTIME which previously provided the ability to switch off the constant time implementation for RSA, DSA and DH have been made no-ops and deprecated. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Copyright consolidation 02/10Rich Salz2016-05-171-54/+6
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* various spelling fixesFdaSilvaYY2016-04-281-1/+1
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/952)
* Make DH opaqueMatt Caswell2016-04-091-22/+43
| | | | | | | Move the dh_st structure into an internal header file and provide relevant accessors for the internal fields. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Add missing mem leak test activation and checksFdaSilvaYY2016-04-061-0/+7
| | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
* Revert "various spelling fixes"Rich Salz2016-04-041-1/+1
| | | | | | | This reverts commit 620d540bd47a96fb6905fbbdd8ea5167a8841a3e. It wasn't reviewed. Reviewed-by: Rich Salz <rsalz@openssl.org>
* various spelling fixesFdaSilvaYY2016-04-041-1/+1
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
* Remove Netware and OS/2Rich Salz2016-03-171-4/+0
| | | | Reviewed-by: Richard Levitte <levitte@openssl.org>
* Add a test for small subgroup attacks on DH/DHEMatt Caswell2016-01-281-4/+65
| | | | | | | | | Following on from the previous commit, add a test to ensure that DH_compute_key correctly fails if passed a bad y such that: y^q (mod p) != 1 Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
* Remove /* foo.c */ commentsRich Salz2016-01-261-1/+0
| | | | | | | | | | | | This was done by the following find . -name '*.[ch]' | /tmp/pl where /tmp/pl is the following three-line script: print unless $. == 1 && m@/\* .*\.[ch] \*/@; close ARGV if eof; # Close file to reset $. And then some hand-editing of other files. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
* mem functions cleanupRich Salz2016-01-071-6/+1
| | | | | | | | | | | | | | | | | Only two macros CRYPTO_MDEBUG and CRYPTO_MDEBUG_ABORT to control this. If CRYPTO_MDEBUG is not set, #ifdef out the whole debug machinery. (Thanks to Jakob Bohm for the suggestion!) Make the "change wrapper functions" be the only paradigm. Wrote documentation! Format the 'set func' functions so their paramlists are legible. Format some multi-line comments. Remove ability to get/set the "memory debug" functions at runtme. Remove MemCheck_* and CRYPTO_malloc_debug_init macros. Add CRYPTO_mem_debug(int flag) function. Add test/memleaktest. Rename CRYPTO_malloc_init to OPENSSL_malloc_init; remove needless calls. Reviewed-by: Richard Levitte <levitte@openssl.org>
* add malloc fail check & fix memory leakHongze Zhu2015-12-141-15/+42
| | | | | | | Signed-off-by: Hongze Zhu <hongze.zhu@gmail.com> Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
* Properly check return type of DH_compute_key()Pascal Cuoq2015-10-071-2/+2
| | | | | | | | It returns -1 on error, not 0. Signed-off-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Rich Salz <rsalz@openssl.org> MR #1231
* Have the test executables output in text modeRichard Levitte2015-09-061-1/+1
| | | | | | | The test executables use standard output and standard error for text output, so let's open the corresponding BIOs in text mode. Reviewed-by: Tim Hudson <tjh@openssl.org>
* more OSSL_NELEM casesDr. Stephen Henson2015-05-041-1/+1
| | | | Reviewed-by: Tim Hudson <tjh@openssl.org>
* free null cleanup finaleRich Salz2015-05-011-4/+2
| | | | | | Don't check for NULL before calling OPENSSL_free Reviewed-by: Richard Levitte <levitte@openssl.org>
* free NULL cleanup 7Rich Salz2015-05-011-2/+1
| | | | | | | | | | | This gets BN_.*free: BN_BLINDING_free BN_CTX_free BN_FLG_FREE BN_GENCB_free BN_MONT_CTX_free BN_RECP_CTX_free BN_clear_free BN_free BUF_MEM_free Also fix a call to DSA_SIG_free to ccgost engine and remove some #ifdef'd dead code in engines/e_ubsec. Reviewed-by: Richard Levitte <levitte@openssl.org>
* remove malloc castsRich Salz2015-04-281-2/+2
| | | | | | | Following ANSI C rules, remove the casts from calls to OPENSSL_malloc and OPENSSL_realloc. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Stop symlinking, move files to intended directoryRichard Levitte2015-03-311-0/+549
Rather than making include/openssl/foo.h a symlink to crypto/foo/foo.h, this change moves the file to include/openssl/foo.h once and for all. Likewise, move crypto/foo/footest.c to test/footest.c, instead of symlinking it there. Originally-by: Geoff Thorpe <geoff@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org>
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-01 05:57:12 +0100