openbsd/src/lib/libcrypto/evp, branch libressl-v2.6.4

openbsd/src/lib/libcrypto/evp, branch libressl-v2.6.4 A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=libressl-v2.6.4 2017-08-28T17:48:02+00:00 Remove EVP_aead_chacha20_poly1305_old() now that the original/old 2017-08-28T17:48:02+00:00 jsing 2017-08-28T17:48:02+00:00 urn:sha1:9f9abaf2e95daee1ddfe2aafab4ea8442d9c4fa4 chacha20-poly1305 cipher suites have been removed from libssl. Fix a problem introduced in freezero() conversion and use 2017-05-11T02:26:39+00:00 jsg 2017-05-11T02:26:39+00:00 urn:sha1:c89e8811cb675ecff7033a897289e9ec8be10fbd sizeof(struct) not sizeof(pointer). otto@ points out that on OpenBSD currently freezero() would have still zeroed the entire allocation, but this is not documented behaviour and may change in future. ok tom@ use freezero() instead of memset/explicit_bzero + free. Substantially 2017-05-02T03:59:45+00:00 deraadt 2017-05-02T03:59:45+00:00 urn:sha1:5904cc0e04409fde39a97e6580535da34eeb4291 reduces conditional logic (-218, +82). MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH cache alignment calculation bn/bn_exp.c wasn'tt quite right. Two other tricky bits with ASN1_STRING_FLAG_NDEF and BN_FLG_STATIC_DATA where the condition cannot be collapsed completely. Passes regress. ok beck Stop calling OPENSSL_init() internally, since it is a no-op. Also place 2017-04-29T21:48:44+00:00 jsing 2017-04-29T21:48:44+00:00 urn:sha1:1de47e5fe8ef45dc6638449b6a0decdcf07cc840 it under #ifndef LIBRESSL_INTERNAL. ok beck@ Include EVP_md5_sha1() via OpenSSL_add_all_digests(). 2017-03-01T13:53:58+00:00 jsing 2017-03-01T13:53:58+00:00 urn:sha1:191be30256af2d1cac13eaf8bd37fdf236e3e4c2 Add an EVP interface that provides concatenated MD5+SHA1 hashes, which are 2017-02-28T14:15:37+00:00 jsing 2017-02-28T14:15:37+00:00 urn:sha1:f96f1c1c67ea18091fd9c2931b6544d268dc00c5 used in various parts of TLS 1.0/1.1. This will allow for code simplification in libssl. The same interface exists in OpenSSL 1.1. ok beck@ deraadt@ inoguchi@ millert@ LibreSSL : Truncated packet could crash via OOB read 2017-01-31T13:17:21+00:00 inoguchi 2017-01-31T13:17:21+00:00 urn:sha1:06ad158da685c16adafadfcff434641236cac37c This patch is originally from master branch of OpenSSL. - 2198b3a crypto/evp: harden AEAD ciphers. - 8e20499 crypto/evp: harden RC4_MD5 cipher. ok tom@ Send the function codes from the error functions to the bit bucket, 2017-01-29T17:49:23+00:00 beck 2017-01-29T17:49:23+00:00 urn:sha1:d1f47bd292f36094480caa49ada36b99a69c59b0 as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@ Expand DECLARE_OBJ_BSEARCH_CMP_FN and IMPLEMENT_OBJ_BSEARCH_CMP_FN macros. 2017-01-21T04:44:43+00:00 jsing 2017-01-21T04:44:43+00:00 urn:sha1:42873dc5e4c10aa805dade89546299827d341356 No change to generated assembly excluding line numbers. Explicitly export a list of symbols from libcrypto. 2016-12-21T15:49:29+00:00 jsing 2016-12-21T15:49:29+00:00 urn:sha1:18adabd97858ed28289c9dc31e8042c515840be4 Move the "internal" BN functions from bn.h to bn_lcl.h and stop exporting the bn_* symbols. These are documented as only being intended for internal use, so why they were placed in a public header is beyond me... This hides 363 previously exported symbols, most of which exist in headers that are not installed and were never intended to be public. This also removes a few crusty old things that should have died long ago (like _ossl_old_des_read_pw). But don't worry... there are still 3451 symbols exported from the library. With input and testing from inoguchi@. ok beck@ inoguchi@