openbsd/src/lib/libcrypto/gost, branch OPENBSD_7_3_BASE A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=OPENBSD_7_3_BASE 2023-03-07T09:27:10+00:00 Call BN_free() instead of BN_clear_free(). 2023-03-07T09:27:10+00:00 jsing 2023-03-07T09:27:10+00:00 urn:sha1:19dfe7f484e5739359ee8c102d879d125df916ad BN_clear_free() is a wrapper that calls BN_free() - call BN_free() directly instead. ok tb@ gost: add missing BN_CTX_{start,end}() pair 2023-01-15T13:58:44+00:00 tb 2023-01-15T13:58:44+00:00 urn:sha1:49d88d95baa39b0a851c635858749b0c08bd8d52 The new BN_CTX code enforces that the context be started before a BIGNUM can be obtained from it via BN_CTX_get(), tests for ssl/interop and the openssl app broke, implying missing test coverage in libcrypto itself. Add the obviously missing bits. reported by anton ok jsing BN_one() can fail, check its return value. 2022-12-01T02:58:31+00:00 jsing 2022-12-01T02:58:31+00:00 urn:sha1:6ac34623f0ed759cefdd3f7c8b1a22780121b3f5 ok tb@ Make header guards of internal headers consistent 2022-11-26T17:23:18+00:00 tb 2022-11-26T17:23:18+00:00 urn:sha1:3a1908508efa61f3f77ac8036694af2f920df947 Not all of them, only those that didn't leak into a public header... Yes. Make internal header file names consistent 2022-11-26T16:08:57+00:00 tb 2022-11-26T16:08:57+00:00 urn:sha1:81d98bf600a381a625eb11b39a725b08c0ba547f Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special. Adjust all .c files in libcrypto, libssl and regress. The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually. discussed with jsing, no objection bcook Remove mkerr.pl remnants from LibreSSL 2022-07-12T14:42:50+00:00 kn 2022-07-12T14:42:50+00:00 urn:sha1:89e42d5857196a8071fbafb5565388d0e20ec32b This script is not used at all and files are edited by hand instead. Thus remove misleading comments incl. the obsolete script/config. Feedback OK jsing tb Avoid segfaults in EVP_PKEY_CTX_free() 2022-03-30T07:17:48+00:00 tb 2022-03-30T07:17:48+00:00 urn:sha1:c650ef2b4f969ce6b8d9a39f9e86c5e181dfafbc It is possible to call pmeth->cleanup() with an EVP_PKEY_CTX whose data is NULL. If pmeth->init() in int_ctx_new() fails, EVP_PKEY_CTX_free() is called with such a context. This in turn calls pmeth->cleanup(), and thus these cleanup functions must be careful not to use NULL data. Most of them are, but one of GOST's functions and HMAC's aren't. Reported for HMAC by Masaru Masada https://github.com/libressl-portable/openbsd/issues/129 ok bcook jsing gost needs to look into ecs_locl.h 2022-01-07T09:40:03+00:00 tb 2022-01-07T09:40:03+00:00 urn:sha1:b832de683c05102d9874b3b63f2f3e51488fc323 Check BIO_indent() return like all the others in this file. 2021-12-26T15:38:49+00:00 tb 2021-12-26T15:38:49+00:00 urn:sha1:d50edb3a8245ec1d4c4f77c5ec34ea0e3364666f CID 345118 Include evp_locl.h where it will be needed once most structs from 2021-12-12T21:30:14+00:00 tb 2021-12-12T21:30:14+00:00 urn:sha1:b632ec4f99386efc52214c580c9f233748302224 evp.h will be moved to evp_locl.h in an upcoming bump. ok inoguchi