A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=master 2026-03-18T08:02:40+00:00 2026-03-18T08:02:40+00:00 tb 2026-03-18T08:02:40+00:00 urn:sha1:e1991105df8fe12032795b7f34ed61fd9272e525 We received reports that the too generic internal ecdsa_{sign,verify}() symbol names clash in some static links. The naming here is annoying because the EC_KEY_METHOD amalgamated the no longer existing ECDH and ECDSA methods which themselves had poorly chosen method names, still reflected in public API. There are various messes here. The ECDSA verify methods are declared in ec_local.h, whereas the ECDSA sign methods are in ecdsa_local.h (which is itself pretty useless and really only about EC_KEY_METHOD). I therefore merged the ECDSA method declarations into ec_local.h and deleted ecdsa_local.h since I see no real benefit to the latter. ecdsa.c needs ec_local.h anyway. Having the method declarations next to EC_KEY_METHOD seems sensible. I left the order as it was, matching ecdsa.c. The eckey_compute_pubkey() prototype should probably be moved down. With one exception I just added an ec_key_ prefix. This leads to a a repetition of 'key' in ec_key_ecdh_compute_key() which I chose to live with because it matches the public ECDH_compute_key() (mostly used by SSH implementations). The exception is ec_key_generate_key() where I expanded the gen() leading to another _key repetition but this then matches EC_KEY_generate_key(). Thanks to Rosen Penev for reporting and sending an initial diff. See also https://github.com/gsliepen/tinc/issues/478 ok jsing 2025-05-10T05:54:39+00:00 tb 2025-05-10T05:54:39+00:00 urn:sha1:41e8f99dd1625a9f0c80ce9d4383e95b18e85709 ok jsing 2025-02-17T09:25:45+00:00 tb 2025-02-17T09:25:45+00:00 urn:sha1:c98102f13db7f51c727c6e8e242e1465307788ad ok jsing 2023-07-28T09:31:21+00:00 tb 2023-07-28T09:31:21+00:00 urn:sha1:86a42c7a4efeefbbee301583a417e1b99bbda38d 2023-07-28T09:30:22+00:00 tb 2023-07-28T09:30:22+00:00 urn:sha1:3a8fc985d98583b96821febed38c55c12c23ab01 Move the zeroing of the output buffer a few lines up and remove an unnecessary check. requested/ok jsing 2023-07-28T09:29:24+00:00 tb 2023-07-28T09:29:24+00:00 urn:sha1:4d5b61b05eba83625a41168408b456851f77417a Some cosmetic tweaks in ecdh_compute_key(). Rename buflen to buf_len to match out_len, use calloc() and freezero(). ok jsing 2023-07-28T09:28:37+00:00 tb 2023-07-28T09:28:37+00:00 urn:sha1:c043ade63ba3d45eacfb953347c00f0988397d9a In OpenSSL e2285d87, the KDF handling was moved from the compute_key() method into the public API. A consequence of this change is that the ECDH_compute_key() API no longer returns -1 for some errors. Existing checks for <= 0 are safe as are those checking for the exact length as return value, which is all what the ecosystem seems to be doing. ok jsing 2023-07-28T09:25:12+00:00 tb 2023-07-28T09:25:12+00:00 urn:sha1:2d27f5ba745b8f5de6e3e827829699607f11a54f The remaining two ECDH interfaces are relocated into ec.h. ecdh.h remains. It does nothing but include ec.h. ok jsing 2023-07-28T09:22:26+00:00 tb 2023-07-28T09:22:26+00:00 urn:sha1:d5a81d6e35ae60f515d5705afb9c2f871823721a Unlike ECDSA_METHOD, this has been unused forever but kind of needed to stay for symmetry with ECDSA_METHOD. Now we can finally take it behind the barn and remove its tendrils into ENGINE. ok jsing 2023-07-28T09:19:59+00:00 tb 2023-07-28T09:19:59+00:00 urn:sha1:a90aeb58faecc32cf7d4158977677efa3db85477 Much like the ECDSA errors, the ECDH errors have been unused for a while. Garbage collect them. ok jsing