Commit Graph

505 Commits

Author SHA1 Message Date
Nicolas Williams
b4cf4de807 Fix warnings (clang 3.6) 2016-02-26 01:04:31 -06:00
Nicolas Williams
78343d0907 Fix Windows tests: add missing hcrypto export 2016-01-20 11:34:41 -06:00
Nicolas Williams
62f797ed4e Fix Windows build (inc. roken.h before assert.h)
The build was failing at lib/hcrypto/evp-pkcs11.c because roken.h was
being included after <assert.h>.  It's not clear why that would be a
problem.

Here are some of the errors and warnings that resulted from including
<roken.h> after <assert.h> in evp-pkcs11.c:

evp-pkcs11.c                                                                                                                                      C:\Program Files\Microsoft SDKs\Windows\v7.1\INCLUDE\ws2def.h(91) : warning C4005: 'AF_IPX' : macro redefinition                           s              C:\Program Files\Microsoft SDKs\Windows\v7.1\INCLUDE\winsock.h(460) : see previous definition of 'AF_IPX'
C:\Program Files\Microsoft SDKs\Windows\v7.1\INCLUDE\ws2def.h(124) : warning C4005: 'AF_MAX' : macro redefinition
        C:\Program Files\Microsoft SDKs\Windows\v7.1\INCLUDE\winsock.h(479) : see previous definition of 'AF_MAX'
C:\Program Files\Microsoft SDKs\Windows\v7.1\INCLUDE\ws2def.h(168) : warning C4005: 'SO_DONTLINGER' : macro redefinition
        C:\Program Files\Microsoft SDKs\Windows\v7.1\INCLUDE\winsock.h(402) : see previous definition of 'SO_DONTLINGER'
C:\Program Files\Microsoft SDKs\Windows\v7.1\INCLUDE\ws2def.h(212) : error C2011: 'sockaddr' : 'struct' type redefinition
        C:\Program Files\Microsoft SDKs\Windows\v7.1\INCLUDE\winsock.h(485) : see declaration of 'sockaddr'
C:\Program Files\Microsoft SDKs\Windows\v7.1\INCLUDE\ws2def.h(390) : error C2059: syntax error : 'constant'
C:\Program Files\Microsoft SDKs\Windows\v7.1\INCLUDE\ws2def.h(524) : warning C4005: 'IN_CLASSA' : macro redefinition
        C:\Program Files\Microsoft SDKs\Windows\v7.1\INCLUDE\winsock.h(287) : see previous definition of 'IN_CLASSA'
2016-01-18 11:05:48 -06:00
Luke Howard
fdf8782db2 hcrypto: PKCS#11 backend
implement a PKCS#11 backend for hcrypto. tested with Solaris 11 and
SoftHSM, this is now the default when building on Solaris.
2015-12-09 11:08:35 +11:00
Luke Howard
494b11f962 hcrypto: fix spelling mistakes in comments 2015-12-09 11:07:29 +11:00
Luke Howard
9aeb08173a add CommonCrypto SHA-384/512 to test_bulk 2015-12-05 00:05:49 +11:00
Luke Howard
87c59d1db2 export CommonCrypto SHA-384/512 implementations 2015-12-05 00:04:24 +11:00
Luke Howard
4f9cc8feea add CommonCrypto support for SHA-384 and SHA-512 2015-12-04 23:56:12 +11:00
Luke Howard
93725f01f0 Fix broken CFB8 implementation, use CC for CFB8 2015-12-04 23:49:23 +11:00
Jeffrey Altman
6fbe672451 hcrypto: Default to CommonCrypto on Apple OSes
When __APPLE__ is defined and HCRYPTO_DEF_PROVIDER is not defined,
define HCRYPTO_DEF_PROVIDER to be "cc" so that Apple's CommonCrypto
implementations are used instead of the built-in "hcrypto"
implementations.

Change-Id: I393e5fc3f6c3b9339c96db58d926ff8ea1867cbb
2015-11-24 09:48:44 -05:00
hasufell
427a60057c Completely remove RAND_egd support
The EGD daemon is completely unmaintained and has not seen a release
since 13 years which is not an acceptable timeframe for cryptographic
software. It is not packaged in any linux distribution I know of
and definitely not in *BSD.

LibreSSL has already dropped support for RAND_egd.
2015-10-06 15:44:47 +02:00
Bernard Spil
858480145b Refactor EGD conditional support
As per Jeremy's request in #124
Windows does not define HAVE_RAND_EGD resulting in the same conditional
support for EGD.
2015-04-21 10:04:08 +02:00
Bernard
828f4f4fb1 Fix build when OpenSSL has no EGD support 2015-04-10 22:47:03 +02:00
Jeffrey Altman
902aa4ee02 tests on Windows
Modify the NTMakefile rules for tests so that a failed test does
not prevent subsequent tests from being executed.

Change-Id: I9595ad4a1527feae7c402241bf06ab21a0b76d4a
2015-03-21 15:44:48 -04:00
Jeffrey Altman
2c68305856 hcrypto: Remove w32crypt NTDDI_VERSION checks
The library delay loads bcrypt.dll so that it can run on versions of
Windows older than Vista.  Remove the compile time checks.

Change-Id: I632b248dcca8b6e40e47011fc11d277e911ff209
2015-03-21 15:43:33 -04:00
Luke Howard
238392809b wincng: Remove trailing space 2015-02-11 20:12:53 +11:00
Luke Howard
5023f55208 Add Windows CNG (BCrypt) support to HCrypto EVP API 2015-02-11 16:00:32 +11:00
Jeffrey Altman
b3f29170a3 hcrypto: w32crypto crypt provider handle leak
_hc_CryptProvider() returns a global handle to a Win32 Crypt Provider.
If the global handle is NULL, then a handle is allocated.  Unfortunately,
due to a coding mistake the global handle variable, g_cryptprovider, was
never set and a new handle was allocated with each call.

Refactor the function to ensure that the global handle is the value
that is returned.  Use NULL instead of 0 for pointer assignment.

Change-Id: If1ef3aa19cbd1d51860370db24c086e86922ff0d
2014-12-24 15:49:31 -05:00
Jelmer Vernooij
70e43e9808 Fix some typos. 2014-04-25 02:42:17 +02:00
Love Hörnquist Åstrand
8a4cf0dd12 don't see anything since /dev/random doesn't really need more seeding
redhat have Linux SE rules that slows down openssh when heimdal tries
to write, so lets not write.

https://bugzilla.redhat.com/show_bug.cgi?id=1076979
2014-03-20 22:35:51 +01:00
Love Hörnquist Åstrand
6d57bb6a4a quiet warnings 2014-02-14 19:26:20 -08:00
Love Hörnquist Åstrand
7d163f234b check that e have sane values 2013-10-30 22:29:19 -07:00
Viktor Dukhovni
9a9ba1e197 Reduce RNG false positive error rate 2013-10-17 00:29:51 -04:00
Viktor Dukhovni
146f5b72e6 Link test_rand with math library.
Also deal with size_t to int casts for test_rand printf output.
2013-10-16 23:49:32 -04:00
Viktor Dukhovni
1364508cbf Hopefully fix test_rand breakage 2013-10-16 22:04:01 -04:00
Love Hornquist Astrand
1d84562886 add HDBGET: that only supports get, iteration doesnt really make sense for the HDB keytab except when dumping 2013-10-15 12:40:39 +02:00
Love Hornquist Astrand
d1eb0da071 init more of the fields 2013-10-15 12:07:02 +02:00
Jeffrey Altman
e8d2100880 libtommath: fix typo in bn_mp_mod.c
Change-Id: Ieec5c01d5bd59b9268f41933389b1b32a4c4d0c6
2013-10-08 21:32:39 -05:00
Jeffrey Altman
8dc29ae1a0 libtommath: remove bn_mp_isprime.c
Now that mp_prime() is no longer used, remove bn_mp_isprime.c from
the source tree.

Change-Id: Ie0f7ce3184c000f27ae5b9dbe07b323c02ce7199
2013-10-08 17:02:07 -05:00
Moritz Lenz
b709d39aa5 libtommath: Fix mp_mod(a, b, c) if b < 0 and a = n * b, n integer
it used to return b, now it return 0.

From https://github.com/libtom/libtommath

Change-Id: I99f5d42c09a6fbddfb32b7dd0ed10ef04f1c08a5
2013-10-08 16:17:14 -05:00
Steffen Jaeckel
7fe018e418 libtommath: mp_error_to_string: return const char* instead of char*
From https://github.com/libtom/libtommath

Change-Id: Idd5cbab380f5d504fece93afb3a5fcc026309482
2013-10-08 16:17:13 -05:00
Steffen Jaeckel
5bc653f0ef libtommath: allow mp_shrink to shrink initialized, but empty MPI's
from https://github.com/libtom/libtommath

Change-Id: I5814caeb44db710957152a7d47b03f9beb6e5147
2013-10-07 17:20:57 -05:00
Jeffrey Altman
28051fa99c Convert mp_find_prime to use mp_prime_is_prime
Modify the signature of mp_find_prime() to permit the number of
Miller-Rabin rounds to be specified.  In addition, valid responses
now include MP_NO, MP_YES, and MP_VAL which is returned when
mp_prime_is_prime() fails.

Change-Id: I0195129a4dd75875e6dddb6d49a5ceb30afb1a17
2013-10-07 15:18:42 -05:00
Jeffrey Altman
1859a85350 libtommath: protect functions by tommath_class macros
libtommath protects the inclusion of functions by wrapping their
declarations by CPP #ifdef tests and defining the matching macros
within libtommath_class.h.

Add missing macros:

  BN_MP_FIND_PRIME_C
  BN_MP_ISPRIME_C

Change-Id: Ic577300114f8e88d7a3af3d9f717a249d57f03b1
2013-10-07 14:00:21 -05:00
Jeffrey Altman
b90732860a libtommath: remove unnecessary comparison
As pointed out by Steffen Jaeckel [https://github.com/sjaeckel],
within bn_mp_prime_next_prime() t <= PRIME_SIZE as per the check
at the top of the function.  Remove the unnecessary comparison in
a for loop conditional.

Change-Id: I868bee1a7a019e0ab06bf2b81cc71cf66ca9acff
2013-10-07 13:57:03 -05:00
Jeffrey Hutzelman
db8f03740a hcrypto/rand-unix.c: Ignore write(2) result harder
unix_seed(), called by the add-seed-data op unix_add(), attempts to
write seed data to the random data device.  If this fails, the failure
is ignored, as it must be, since there is no way to inform the caller.

This change modifies the way in which the return value from write(2)
is ignored, to avoid compiler warnings when building on Ubuntu 12.10,
with gcc 4.7.2 and eglibc 2.15-0ubuntu20.1.
2013-06-18 22:40:49 -04:00
Love Hornquist Astrand
4256823e58 memset right size 2013-04-29 21:59:11 -07:00
Love Hornquist Astrand
e91bd34275 add rsa_keygen initializer 2013-04-29 12:03:42 -07:00
Love Hornquist Astrand
ed87e9b33a use after free 2012-11-27 21:58:04 -08:00
Love Hörnquist Åstrand
9ad763288d fix -Wshadow 2012-11-17 14:14:52 -08:00
Simon Wilkinson
10133ece1a hcrypto: Use correct size for memset in md2
md2.c was doing memset(m, 0, sizeof(m)), and so was only clearing
the first 4 bytes of the passed md2 structure in MD2_Final. Fix
this to clear the entire structure, as expected.
2012-03-31 19:06:59 -04:00
Love Hornquist Astrand
8a0e0f9472 do m-r on more then one prime 2011-11-21 20:33:53 -08:00
Love Hornquist Astrand
308be3a9e2 Don't export tests from library, reported in bug from Tom Payeire 2011-09-26 17:53:13 +02:00
Love Hornquist Astrand
6b5cc16d5d use -r instead of -e to please solaris test 2011-09-23 13:17:05 +02:00
Love Hornquist Astrand
df1e4c388a send output to /dev/null from cmp since the output should always be different 2011-09-23 13:08:54 +02:00
Jeffrey Altman
63b3cb9749 Windows: fallback to PROV_RNG if no PROV_RSA_FULL
Heimdal can be executed in environments in which the user
account profile is not loaded.  In such environments it is
not possible to use PROV_RSA_FULL as it stores required
data within the profile.  Instead, fallback to PROV_RNG which
does not store data within the profile and can be used to access
secure random number generator routines.

Change-Id: If600246f39645ed6bf5af0dd237f5adfddcf6c0c
2011-09-20 16:17:42 -04:00
chas williams - CONTRACTOR
b118610a9c hcrypto: var name current conflicts with linux kernel
on a big endian machine, usage of this file in the kernel
is somewhat troublesome since the linux kernel already has
a well known global/#define called current.

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
2011-09-09 10:08:34 +02:00
Love Hörnquist Åstrand
d434bda588 make sure keylen is a multiple of 2 2011-07-24 12:34:51 -07:00
Love Hörnquist Åstrand
12403a31ce sprinkle more windows files 2011-07-23 11:18:21 -07:00
Love Hörnquist Åstrand
7aaba443bc add NTMakefile and windows directories 2011-07-17 12:16:59 -07:00