| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Drop support for the ProxyCertInfo extension | tb | 2023-04-16 | 1 | -3/+2 |
| | | | | | | | | | This removes the ProxyCertInfo extension from RFC 3820 from the list of supported extensions. Since it is a critical extension, this means that certificates containing it will no longer be considered valid by default. ok jsing | ||||
| * | Make pcy_int.h pull in x509_local.h it will need it soon | tb | 2023-04-16 | 1 | -1/+4 |
| | | | | | ok jsing | ||||
| * | ec_point_conversion: do not rely on ec.h pulling in bn.h | tb | 2023-04-15 | 1 | -1/+2 |
| | | |||||
| * | Use size_t rather than int. | jsing | 2023-04-15 | 2 | -13/+13 |
| | | | | | Also buy a vowel for rsiz. | ||||
| * | Add SHA3 digest length define that was previously missed. | jsing | 2023-04-15 | 1 | -1/+2 |
| | | |||||
| * | Remove sha3() function, which will not be used or exposed. | jsing | 2023-04-15 | 2 | -16/+2 |
| | | |||||
| * | Mark sha3_keccakf() as static and remove prototype from header. | jsing | 2023-04-15 | 2 | -5/+3 |
| | | |||||
| * | Use memset() to zero the context, instead of zeroing manually. | jsing | 2023-04-15 | 1 | -5/+3 |
| | | |||||
| * | Provide SHA3 length related defines. | jsing | 2023-04-15 | 1 | -1/+27 |
| | | | | | | These will make EVP integration easier, as well as being used in the SHA3 implementation itself. | ||||
| * | Use the same byte order tests as we do elsewhere in libcrypto. | jsing | 2023-04-15 | 1 | -3/+5 |
| | | |||||
| * | Adjust documentation of X9.31 padding mode | tb | 2023-04-15 | 1 | -6/+6 |
| | | |||||
| * | Stop supporting the long-retired X9.31 standard | tb | 2023-04-15 | 2 | -113/+57 |
| | | | | | | | | | This isolates the three API functions from the library so they can be easily removed and any attempt to use RSA_X931_PADDING mode will now result in an error. ok jsing | ||||
| * | Prepare rsa.h for X9.31 support removal | tb | 2023-04-15 | 1 | -1/+5 |
| | | | | | | | | | | | This wraps the three public functions in the usual #if stanza. RSA_X931_PADDING is unfortunately exposed by rust-openssl and erlang. Therefore it will remain visible to avoid breaking the build of lang/rust. Its use in the library will be neutered shortly. ok jsing | ||||
| * | Remove now unused GF2m perlasm generators | tb | 2023-04-15 | 3 | -980/+0 |
| | | |||||
| * | Rename SHA3 context struct field from 'st' to 'state'. | jsing | 2023-04-15 | 2 | -15/+15 |
| | | |||||
| * | Rename SHA3 context to align with existing code. | jsing | 2023-04-15 | 2 | -14/+14 |
| | | |||||
| * | Move some defines out of the sha3_internal.h header. | jsing | 2023-04-15 | 2 | -10/+6 |
| | | |||||
| * | Stop building GF2m assembly | tb | 2023-04-15 | 3 | -8/+2 |
| | | | | | | | | GF2m support will be removed shortly. In the interim drop some of this unused code already and let it fall back to the C implementation. ok jsing | ||||
| * | Revise header guards. | jsing | 2023-04-15 | 1 | -4/+4 |
| | | |||||
| * | Pull constant tables out of sha3_keccakf(). | jsing | 2023-04-15 | 1 | -24/+24 |
| | | |||||
| * | Strip and reformat comments. | jsing | 2023-04-15 | 2 | -44/+14 |
| | | | | | | Remove various comments that are unhelpful or obvious. Reformat remaining comments per style(9). | ||||
| * | Apply style(9) (first pass). | jsing | 2023-04-15 | 2 | -146/+152 |
| | | |||||
| * | Import sha3_internal.h. | jsing | 2023-04-15 | 1 | -2/+2 |
| | | |||||
| * | Add license to sha3 files. | jsing | 2023-04-15 | 2 | -0/+50 |
| | | |||||
| * | Import tiny_sha3 | jsing | 2023-04-15 | 2 | -0/+238 |
| | | | | | | | This is a minimal and readable SHA3 implementation. ok tb@ | ||||
| * | ssltest: Drop more policy go from this test. | tb | 2023-04-15 | 1 | -357/+21 |
| | | | | | Hopefully that is all. What an absolutely horrid mess. | ||||
| * | ssltest: initial pass of dropping proxy cert goo | tb | 2023-04-15 | 1 | -89/+1 |
| | | |||||
| * | symbols test: drop LIBRESSL_INTERNAL | tb | 2023-04-15 | 1 | -2/+1 |
| | | | | | | | This tests the external API, so it should not have visibility to the inside. Silences two warnings since EC_{GROUP,POINT}_clear_free() are now wrapped in #ifndef LIBRESSL_INTERNAL. | ||||
| * | Drop policy printing from openssl | tb | 2023-04-14 | 6 | -95/+6 |
| | | | | | | | | | | | | | Nothing really uses the policy tree. It's desgined with built-in DoS capabilities directly from the RFC. It will be removed from the attack surface and replaced with something equivalent that doesn't grow exponentially with the depth. This removes the only reason the policy tree itself ever leaked out of the library. ok jsing | ||||
| * | cttest: plug leak due to missing SCT_LIST_free() | tb | 2023-04-14 | 1 | -1/+2 |
| | | |||||
| * | Plug a memleak caused by an extra bump of a refcount | tb | 2023-04-14 | 1 | -2/+1 |
| | | | | | SSL_set_session() should really be called SSL_set1_session()... | ||||
| * | Cast the uint64_t SCT timestamps to (unsigned long long) for printing. | tb | 2023-04-14 | 1 | -3/+4 |
| | | | | | What a wonderful choice between this and that PRI ugliness... | ||||
| * | Make the signertest work better with the portable test framework | tb | 2023-04-14 | 2 | -14/+12 |
| | | |||||
| * | Make the apitest work better with the portable tets framework | tb | 2023-04-14 | 2 | -13/+12 |
| | | |||||
| * | Make cttest work better with the portable test harness | tb | 2023-04-14 | 2 | -9/+12 |
| | | |||||
| * | Fix cttest to use public header | tb | 2023-04-14 | 2 | -5/+3 |
| | | |||||
| * | Rename the largely misnamed bn_print.c to bn_convert.c | jsing | 2023-04-14 | 2 | -3/+3 |
| | | | | | | | | | This file primarily contains the various BN_bn2*() and BN_*2bn() functions (along with BN_print() and BN_options()). More function shuffling will follow. Discussed with tb@ | ||||
| * | Provide and use bn_copy_words() in BN_copy(). | jsing | 2023-04-14 | 1 | -31/+15 |
| | | | | | | | | | This is simpler than the current code, while still being well optimised by compilers, across a range of architectures. In many cases we even get a performance gain for the BN sizes that we primarily care about. Joint work with tb@ | ||||
| * | Add support for truncated SHA512 variants. | jsing | 2023-04-14 | 2 | -2/+115 |
| | | | | | | | | This adds support for SHA512/224 and SHA512/256, as specified in FIPS FIPS 180-4. These are truncated versions of the SHA512 hash. ok tb@ | ||||
| * | Provide soon to be used crypto_store_htobe32(). | jsing | 2023-04-14 | 1 | -1/+20 |
| | | | | | ok tb@ | ||||
| * | Use memset() and only initialise non-zero struct members. | jsing | 2023-04-14 | 1 | -7/+7 |
| | | | | | ok tb@ | ||||
| * | Fix double free in error path in openssl(1) x509 | tb | 2023-04-14 | 1 | -4/+2 |
| | | | | | | | | | A conversion from X509_REQ_get_pubkey() to X509_REQ_get0_pubkey() missed one free of pkey in an unlikely error path. After the conversion pkey is no longer owned by us, so we mustn't free it. ok jsing | ||||
| * | The NBs have been duly noted and ignored. Drop them. | tb | 2023-04-13 | 2 | -20/+2 |
| | | |||||
| * | Zap trailing whitespace | tb | 2023-04-13 | 1 | -9/+9 |
| | | |||||
| * | Remove files that definitely contain no code anymore | tb | 2023-04-13 | 5 | -354/+0 |
| | | | | | (experts disagree whether they ever did) | ||||
| * | Drop now useless files from the Makefile | tb | 2023-04-13 | 1 | -6/+1 |
| | | |||||
| * | Fold ECDSA sign and verify mess into ecs_ossl.c | tb | 2023-04-13 | 3 | -63/+68 |
| | | | | | discussed with jsing | ||||
| * | Move RSA_generate_key() from rsa_depr.c to rsa_gen.c | tb | 2023-04-13 | 2 | -34/+35 |
| | | | | | Discussed with jsing | ||||
| * | Move DSA_generate_parameters() from dsa_depr.c to dsa_gen.c | tb | 2023-04-13 | 2 | -21/+23 |
| | | | | | Discussed with jsing | ||||
| * | Move DH_generate_parameters() from dh_depr.c to dh_gen.c | tb | 2023-04-13 | 2 | -20/+21 |
| | | | | | discussed with jsing | ||||
 |
index : openbsd | |
| A mirror of https://github.com/libressl/openbsd.git |
| summaryrefslogtreecommitdiff |