openbsd/src/lib/libcrypto/evp, branch libressl-v3.5.3A mirror of https://github.com/libressl/openbsd.git
https://git.lua4.win/openbsd/atom?h=libressl-v3.5.32022-01-20T11:31:37+00:00Add check for EVP_CIPHER_CTX_ctrl2022-01-20T11:31:37+00:00inoguchi2022-01-20T11:31:37+00:00urn:sha1:08017d5c7cc33ae5611e7d98f2bf7ad2d26a9d4b
suggestion from tb@
Add check for EVP_CIPHER_CTX_set_key_length return value2022-01-20T11:22:48+00:00inoguchi2022-01-20T11:22:48+00:00urn:sha1:5bd8cace3f0ab8fb1911e9db876c5353877a2fd5
CID 21653
ok jsing@ millert@ tb@
Add check for BIO_indent return value2022-01-20T11:06:24+00:00inoguchi2022-01-20T11:06:24+00:00urn:sha1:746414ca92a2bee6a56291a423033307d7121db0
CID 24778
ok jsing@ millert@ tb@
Implement new-style OpenSSL BIO callbacks2022-01-14T08:40:57+00:00tb2022-01-14T08:40:57+00:00urn:sha1:bf7beecb6c75655f21958cd52426578df3f1f307
This provides support for new-style BIO callbacks in
BIO_{read,write,gets,puts}() and a helper function to
work out whether it should call the new or the old
style callback. It also adds a few typedefs and minor
code cleanup as well as the BIO_{get,set}_callback_ex()
from jsing, ok tb
Remove legacy sign/verify from EVP_MD.2022-01-14T08:38:06+00:00tb2022-01-14T08:38:06+00:00urn:sha1:d5bd2d64a9d8dacaf683f88f953d25c96a7009ff
This removes m_dss.c, m_dss1.c, and m_ecdsa.c and the corresponding
public API EVP_{dss,dss1,ecdsa}().
This is basically the following OpenSSL commit. The mentioned change in
RSA is already present in rsa/rsa_pmeth.c.
ok inoguchi jsing
commit 7f572e958b13041056f377a62d3219633cfb1e8a
Author: Dr. Stephen Henson <steve@openssl.org>
Date: Wed Dec 2 13:57:04 2015 +0000
Remove legacy sign/verify from EVP_MD.
Remove sign/verify and required_pkey_type fields of EVP_MD: these are a
legacy from when digests were linked to public key types. All signing is
now handled by the corresponding EVP_PKEY_METHOD.
Only allow supported digest types in RSA EVP_PKEY_METHOD: other algorithms
already block unsupported types.
Remove now obsolete EVP_dss1() and EVP_ecdsa().
Reviewed-by: Richard Levitte <levitte@openssl.org>
Plus OpenSSL commit 625a9baf11c1dd94f17e5876b6ee8d6271b3921d for m_dss.c
Make structs in evp.h and hmac.h opaque2022-01-14T08:04:14+00:00tb2022-01-14T08:04:14+00:00urn:sha1:8be1fd92836a1a22c1b53e77ef08a7768e9a9b05
This moves most structs to evp_locl.h and moves HMAC_CTX to hmac_local.h.
ok inoguchi jsing
Unifdef LIBRESSL_OPAQUE_* and LIBRESSL_NEXT_API2022-01-14T07:49:49+00:00tb2022-01-14T07:49:49+00:00urn:sha1:82ec18edf4e632f36b6f79c239fdb6961d421a82
This marks the start of major surgery in libcrypto. Do not attempt to
build the tree for a while (~50 commits).
Fix typo in header guard2022-01-12T08:52:25+00:00tb2022-01-12T08:52:25+00:00urn:sha1:5395e95808f169b209ba2d43be4d95411de35a8bPrepare to provide the EVP_MD_meth_* API2022-01-10T13:42:28+00:00tb2022-01-10T13:42:28+00:00urn:sha1:6a79048c6ee8a18e9fcc44f3f5a50bc543746795
This allows implementations to add their own EVP_MD_METHODs.
Only the setters are provided.
This is used by erlang for the otp_test_engine.
ok inoguchi jsing
Prepare to provide EVP_PKEY_{public,param}_check2022-01-10T12:10:26+00:00tb2022-01-10T12:10:26+00:00urn:sha1:875eb616f98cd0720501dc97ee72ed96343b0b33
This implements checking of a public key and of key generation
parameters for DH and EC keys. With the same logic and setters
and const quirks as for EVP_PKEY_check().
There are a couple of quirks: For DH no default EVP_PKEY_check()
is implemented, instead EVP_PKEY_param_check() calls DH_check_ex()
even though DH_param_check_ex() was added for this purpose.
EVP_PKEY_public_check() for EC curves also checks the private key
if present.
ok inoguchi jsing