Commit Graph

14 Commits

Author SHA1 Message Date
David Benjamin
b3a7b51f18 Fix off-by-one in BN_rand
If BN_rand is called with |bits| set to 1 and |top| set to 1 then a 1 byte
buffer overflow can occur.

See also upstream's efee575ad464bfb60bf72dcb73f9b51768f4b1a1. But rather than
making |BN_rand| fail, be consistent with the |bits| = 0 case and just don't
set the bits that don't exist. Add tests to ensure the degenerate cases behave.

Change-Id: I5e9fbe6fd8f7f7b2e011a680f2fbe6d7ed4dab65
Reviewed-on: https://boringssl-review.googlesource.com/4893
Reviewed-by: Adam Langley <agl@google.com>
2015-05-27 22:03:05 +00:00
David Benjamin
074cc04022 Reject negative shifts for BN_rshift and BN_lshift.
The functions BN_rshift and BN_lshift shift their arguments to the right or
left by a specified number of bits. Unpredicatable results (including
crashes) can occur if a negative number is supplied for the shift value.

Thanks to Mateusz Kocielski (LogicalTrust), Marek Kroemeke and Filip Palian
for discovering and reporting this issue.

(Imported from upstream's 7cc18d8158b5fc2676393d99b51c30c135502107.)

Change-Id: Ib9f5e410a46df3d7f02a61374807fba209612bd3
Reviewed-on: https://boringssl-review.googlesource.com/4892
Reviewed-by: Adam Langley <agl@google.com>
2015-05-27 21:59:35 +00:00
David Benjamin
c561aa64b6 Require source files define __STDC_FORMAT_MACROS to use BN FMT macros.
inttypes.h kindly requires a feature macro in C++ on some platforms, due
to a bizarre footnote in C99 (see footnote 191 in section 7.8.1). As
bn.h is a public header, we must leak this wart to the consumer. On
platforms with unfriendly inttypes.h headers, using BN_DEC_FMT1 and
friends now require the feature macro be defined externally.

This broke the Chromium Android Clang builder:
http://build.chromium.org/p/chromium.linux/builders/Android%20Clang%20Builder%20%28dbg%29/builds/59288

Change-Id: I88275a6788c7babd0eae32cae86f115bfa93a591
Reviewed-on: https://boringssl-review.googlesource.com/4688
Reviewed-by: Adam Langley <agl@google.com>
2015-05-11 18:38:08 +00:00
Matt Braithwaite
e7b32c30e1 Make format strings for bignums, like |BN_DEC_FMT1|, visible.
Change-Id: If9641b3367a2bc155d97fe4ee72eb971b088bae0
Reviewed-on: https://boringssl-review.googlesource.com/4602
Reviewed-by: Adam Langley <agl@google.com>
2015-05-05 00:21:19 +00:00
Adam Langley
683d7bd20a Convert BN_MONT_CTX to new-style locking.
This introduces a per-RSA/DSA/DH lock. This is good for lock contention,
although pthread locks are depressingly bloated.

Change-Id: I07c4d1606fc35135fc141ebe6ba904a28c8f8a0c
Reviewed-on: https://boringssl-review.googlesource.com/4324
Reviewed-by: Adam Langley <agl@google.com>
2015-04-14 20:10:27 +00:00
David Benjamin
a5974bfae7 Convert bn_test to C++.
Along the way, fix a host of missing failure checks. This will save some
headache when it comes time to run these under the malloc failure tests.

Change-Id: I3fd589bd094178723398e793d6bc578884e99b67
Reviewed-on: https://boringssl-review.googlesource.com/4126
Reviewed-by: Adam Langley <agl@google.com>
2015-04-01 19:53:51 +00:00
David Benjamin
689be0f4b7 Reset all the error codes.
This saves about 6-7k of error data.

Change-Id: Ic28593d4a1f5454f00fb2399d281c351ee57fb14
Reviewed-on: https://boringssl-review.googlesource.com/3385
Reviewed-by: Adam Langley <agl@google.com>
2015-02-11 23:12:08 +00:00
Adam Langley
7cc3f992ae Add declarations for Android compatibility funcs.
Some parts of Android can't be updated yet so this change adds
declarations (only) for some functions that will be stubbed in
Android-specific code. (That Android-specific code will live in the
Android repo, not the BoringSSL repo.)

Trying to use these functions outside of Android will result in a link
error.

Change-Id: Iaa9b956e6408d21cd8fc34d90d9c15657e429877
Reviewed-on: https://boringssl-review.googlesource.com/2760
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
2015-01-08 00:22:22 +00:00
David Benjamin
25c93ffc86 Fix BN_sub documentation.
BUG=405370

Change-Id: Ia44cbdcc4d0d90e610d1a1f2eb49b056b07ae5e4
Reviewed-on: https://boringssl-review.googlesource.com/1660
Reviewed-by: Adam Langley <agl@google.com>
2014-08-27 17:41:08 +00:00
Adam Langley
214cd44283 Export BN_num_bits_word.
This function was missed when the OPENSSL_EXPORT tags were first added.

Change-Id: Ia73555b8e7ca87f228a8ff9b281d7c401f1655a7
Reviewed-on: https://boringssl-review.googlesource.com/1553
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
2014-08-19 18:20:09 +00:00
Adam Langley
b8b5478248 Expose two, rather internal, BIGNUM functions.
Android uses these for some conversions from Java formats. The code is
sufficiently bespoke that putting the conversion functions into
BoringSSL doesn't make a lot of sense, but the alternative is to expose
these ones.

Change-Id: If1362bc4a5c44cba4023c909e2ba6488ae019ddb
2014-08-14 09:42:45 -07:00
Adam Langley
eb7d2ed1fe Add visibility rules.
This change marks public symbols as dynamically exported. This means
that it becomes viable to build a shared library of libcrypto and libssl
with -fvisibility=hidden.

On Windows, one not only needs to mark functions for export in a
component, but also for import when using them from a different
component. Because of this we have to build with
|BORINGSSL_IMPLEMENTATION| defined when building the code. Other
components, when including our headers, won't have that defined and then
the |OPENSSL_EXPORT| tag becomes an import tag instead. See the #defines
in base.h

In the asm code, symbols are now hidden by default and those that need
to be exported are wrapped by a C function.

In order to support Chromium, a couple of libssl functions were moved to
ssl.h from ssl_locl.h: ssl_get_new_session and ssl_update_cache.

Change-Id: Ib4b76e2f1983ee066e7806c24721e8626d08a261
Reviewed-on: https://boringssl-review.googlesource.com/1350
Reviewed-by: Adam Langley <agl@google.com>
2014-07-31 22:03:11 +00:00
Adam Langley
4c921e1bbc Move public headers to include/openssl/
Previously, public headers lived next to the respective code and there
were symlinks from include/openssl to them.

This doesn't work on Windows.

This change moves the headers to live in include/openssl. In cases where
some symlinks pointed to the same header, I've added a file that just
includes the intended target. These cases are all for backwards-compat.

Change-Id: I6e285b74caf621c644b5168a4877db226b07fd92
Reviewed-on: https://boringssl-review.googlesource.com/1180
Reviewed-by: David Benjamin <davidben@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
2014-07-14 22:42:18 +00:00
Adam Langley
95c29f3cd1 Inital import.
Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta).

(This change contains substantial changes from the original and
effectively starts a new history.)
2014-06-20 13:17:32 -07:00