openbsd/src/lib/libcrypto/gost, branch OPENBSD_7_4 A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=OPENBSD_7_4 2023-07-28T15:50:33+00:00 Stop including ecdsa.h and ecdh.h internally 2023-07-28T15:50:33+00:00 tb 2023-07-28T15:50:33+00:00 urn:sha1:dee6ca6302cdbd5982c40288832f1fbe51d045d5 These headers are now reduced to #include <openssl/ec.h> and are provided for compatiblity only. There's no point in using them. At the same time garbage collect the last uses of OPENSSL_NO_{ECDSA,ECDH} in our tree. ok jsing Fix two EC_POINT_is_on_curve() checks 2023-07-24T17:08:53+00:00 tb 2023-07-24T17:08:53+00:00 urn:sha1:c2fc234286c75d942a62891333f85e824d615444 This API can fail for various reasons, in which case it returns -1, so you need to check if (EC_POINT_is_on_curve_checks(...) <= 0). ok miod Hide symbols in gost. 2023-07-08T14:30:44+00:00 beck 2023-07-08T14:30:44+00:00 urn:sha1:d9e083aab3427c5ef5cecf69b8b1bdd8669ff951 ok tb@ after some puking in his mouth. Rename ecs_local.h into ecdsa_local.h 2023-07-05T11:37:46+00:00 tb 2023-07-05T11:37:46+00:00 urn:sha1:5c9a378ebd2bf3edf45466e286a087ac83670ea3 Call BN_free() instead of BN_clear_free(). 2023-03-07T09:27:10+00:00 jsing 2023-03-07T09:27:10+00:00 urn:sha1:19dfe7f484e5739359ee8c102d879d125df916ad BN_clear_free() is a wrapper that calls BN_free() - call BN_free() directly instead. ok tb@ gost: add missing BN_CTX_{start,end}() pair 2023-01-15T13:58:44+00:00 tb 2023-01-15T13:58:44+00:00 urn:sha1:49d88d95baa39b0a851c635858749b0c08bd8d52 The new BN_CTX code enforces that the context be started before a BIGNUM can be obtained from it via BN_CTX_get(), tests for ssl/interop and the openssl app broke, implying missing test coverage in libcrypto itself. Add the obviously missing bits. reported by anton ok jsing BN_one() can fail, check its return value. 2022-12-01T02:58:31+00:00 jsing 2022-12-01T02:58:31+00:00 urn:sha1:6ac34623f0ed759cefdd3f7c8b1a22780121b3f5 ok tb@ Make header guards of internal headers consistent 2022-11-26T17:23:18+00:00 tb 2022-11-26T17:23:18+00:00 urn:sha1:3a1908508efa61f3f77ac8036694af2f920df947 Not all of them, only those that didn't leak into a public header... Yes. Make internal header file names consistent 2022-11-26T16:08:57+00:00 tb 2022-11-26T16:08:57+00:00 urn:sha1:81d98bf600a381a625eb11b39a725b08c0ba547f Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special. Adjust all .c files in libcrypto, libssl and regress. The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually. discussed with jsing, no objection bcook Remove mkerr.pl remnants from LibreSSL 2022-07-12T14:42:50+00:00 kn 2022-07-12T14:42:50+00:00 urn:sha1:89e42d5857196a8071fbafb5565388d0e20ec32b This script is not used at all and files are edited by hand instead. Thus remove misleading comments incl. the obsolete script/config. Feedback OK jsing tb