summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Make structs in bio.h opaquetb2022-01-143-61/+62
| | | | | | | Move BIO, BIO_METHOD and BIO_F_BUFFER_CTX to bio_local.h and provide BIO typedef in ossl_typ.h. ok inoguchi jsing
* Garbage collect the app_items field of ASN1_ADBtb2022-01-146-14/+6
| | | | | | | This is unused and was removed in OpenSSL 5b70372d when it was replaced with an ASN.1 ADB callback (which we don't support). ok inoguchi jsing
* Remove NO_ASN1_FIELD_NAMEStb2022-01-141-5/+1
| | | | | | This follows OpenSSL commit 26f2412d. ok inoguchi jsing
* Remove obsolete key formatstb2022-01-145-578/+3
| | | | | | | | | | This removes NETSCAPE_X509, NETSCAPE{,_ENCRYPTED}_PKEY, RSA_NET, Netscape_RSA things. Some of the nasty tentacles that could go in principle are used in some test suites, so we need to keep them... All this was removed as part of OpenSSL commit 0bc2f365. ok inoguchi jsing
* Remove ASN1_OBJECT internals from public visibility.tb2022-01-143-17/+19
| | | | | | | | Move the struct declaration to asn1_locl.h and add a forward declaration to ossl_typ.h. This makes struct visibility in the asn1 headers match OpenSSL. ok inoguchi jsing
* Remove HMAC_CTX_{init,cleanup}() and HMAC_init from public visibilitytb2022-01-142-6/+5
| | | | | | | | | | | | | | | | In OpenSSL commit 32fd54a9a3 HMAC_CTX_cleanup() was integrated into HMAC_CTX_init(), then HMAC_CTX_init() was renamed to HMAC_CTX_reset() in dc0099e1. LibreSSL retained them for API compatibility with OpenSSL 1.0. Not many things use them anymore. In fact, some projects that didn't want to modify their code for OpenSSL 1.1 API compatibility used the removed functions to wrap the OpenSSL 1.1 API. We had to patch some of these and this will now no longer be necessary. Also remove HMAC_cleanup(). Nothing uses this. ok inoguchi jsing
* Make structs in evp.h and hmac.h opaquetb2022-01-144-146/+142
| | | | | | This moves most structs to evp_locl.h and moves HMAC_CTX to hmac_local.h. ok inoguchi jsing
* Move BN structs to bn_lcl.htb2022-01-142-50/+46
| | | | | | This makes all structs in bn.h opaque that are also opaque in OpenSSL. ok inoguchi jsing
* Remove BIO_s_file_internaltb2022-01-141-4/+1
| | | | | | | Pointed out by schwarze. How something with this name ever made its way into a public header will remain a mystery. ok inoguchi jsing
* Remove ASN1{_const,}_check_infinite_endtb2022-01-142-30/+2
| | | | | | Suggested by schwarze ok inoguchi jsing
* Remove ASN1{,_const}_CTXtb2022-01-141-35/+1
| | | | | | | These are leftovers of the old ASN.1 stuff. Nothing uses this. OpenSSL removed them in a469a677. ok inoguchi jsing
* Remove X509_OBJECT_free_contentstb2022-01-142-19/+11
| | | | | | | | Inline X509_OBJECT_free_contents() in X509_OBJECT_free() and remove this dangerous API. It was left over when x509_vfy.h was made opaque. ok inoguchi jsing
* Remove PEM_Seal{Init,Update,Final}tb2022-01-143-223/+3
| | | | | | This unused, bug-ridden API was removed in OpenSSL commit 0674427f. ok inoguchi jsing
* Unifdef LIBRESSL_OPAQUE_* and LIBRESSL_NEXT_APItb2022-01-1410-112/+10
| | | | | This marks the start of major surgery in libcrypto. Do not attempt to build the tree for a while (~50 commits).
* zap some stray whitespacetb2022-01-121-2/+2
|
* ASN1_{,F,T}BOOLEAN_it and the encoding and decoding API will movetb2022-01-125-147/+7
| | | | | | to internal only soon. Stop documenting them. ok inoguchi jsing
* Only evp_pkey_check needs static linkingtb2022-01-121-2/+4
|
* Add a prototype for OBJ_bsearch_ so this test will keep workingtb2022-01-121-1/+6
| | | | | after the bump. Since this tests the public interfaces, we do not want to use LIBRESSL_INTERNAL/LIBRESSL_CRYPTO_INTERNAL here.
* Rework ecdsatest to build after the bump and link statically for nowtb2022-01-122-14/+26
|
* Rework dsatest to use accessors and link statically for nowtb2022-01-122-7/+7
|
* Rework dhtest to use accessors and link statically for nowtb2022-01-121-6/+6
| | | | For some reason CVS didn't want to commit this the first time around.
* Rework dhtest to use accessors and link statically for nowtb2022-01-121-3/+3
|
* Rework test to use EVP_AEAD_CTX_{new,free}() and link statically for nowtb2022-01-122-20/+32
|
* Fix typo in header guardtb2022-01-121-3/+3
|
* Fix asn1x509 build with opaque structures. Link statically for now.tb2022-01-122-20/+25
|
* Rework Makefile to use regress framework and link asn1basic statically.tb2022-01-122-14/+16
| | | | | It will need this for testing {d2i,i2d}_ASN1_BOOLEAN which will be moved to internal-only in the upcoming bump.
* forgot to zap some dead assignmentstb2022-01-111-4/+4
|
* Add regress for EVP_PKEY_{,public_,param_}check()tb2022-01-112-7/+415
|
* Revise for peer_cert.jsing2022-01-111-6/+6
|
* Remove peer_pkeys from SSL_SESSION.jsing2022-01-116-96/+58
| | | | | | | | | | peer_pkeys comes from some world where peers can send multiple certificates - in fact, one of each known type. Since we do not live in such a world, get rid of peer_pkeys and simply use peer_cert instead (in both TLSv1.2 and TLSv1.3, both clients and servers can only send a single leaf (aka end-entity) certificate). ok inoguchi@ tb@
* Simplify SSL_get_peer_certificate()jsing2022-01-111-10/+8
| | | | ok inoguchi@ tb@
* Rename 'peer' to 'peer_cert' in SSL_SESSION.jsing2022-01-118-37/+37
| | | | | | | The 'peer' member of SSL_SESSION is the leaf/end-entity certificate provided by our peer. Rename it since 'peer' on its own is unhelpful. ok inoguchi@ tb@
* Revise for changes to tls_key_share_peer_public()jsing2022-01-111-2/+4
|
* Plumb decode errors through key share parsing code.jsing2022-01-117-48/+106
| | | | | | | | | | | | Distinguish between decode errors and other errors, so that we can send a SSL_AD_DECODE_ERROR alert when appropriate. Fixes a tlsfuzzer failure, due to it expecting a decode error alert and not receiving one. Prompted by anton@ ok tb@
* Use SSL_AD_INTERNAL_ERROR for non-decoding alerts when parsing keyshares.jsing2022-01-111-4/+10
| | | | ok tb@
* Simplify tlsext_keyshare_server_parse()jsing2022-01-111-9/+5
| | | | | | | SSL_AD_DECODE_ERROR is the default alert for a TLS extension parsing failure - remove the various gotos and simply return 0 instead. ok tb@
* Wrap long linesinoguchi2022-01-111-42/+74
|
* Check function return valueinoguchi2022-01-111-32/+57
|
* Suppress warninginoguchi2022-01-111-1/+3
|
* Compare pointer variable with NULLinoguchi2022-01-111-44/+44
|
* Remove space between '*' and pointer variable.inoguchi2022-01-111-11/+9
|
* Convert openssl(1) smime option handlinginoguchi2022-01-111-357/+744
| | | | | | Apply new option handling to openssl(1) smime and no functional changes. input and ok jsing@
* Convert tls_bio_cb for opaque BIOtb2022-01-101-19/+46
| | | | joint with jsing
* Document EVP_AEAD_CTX_{new,free}() and adjust example code.tb2022-01-101-6/+45
| | | | looks good to jsing
* Unbreak tree. Sorry about that.tb2022-01-101-7/+7
|
* NULL out pointers after transferring them to the DSA object.tb2022-01-101-1/+9
|
* Dedup get_dsa*() code.tb2022-01-101-91/+60
| | | | Pointed out by jsing
* Convert testdsa to accessors for opaque DSAtb2022-01-101-30/+90
| | | | ok inoguchi jsing
* Remove a few unused defines from x509.htb2022-01-101-6/+1
| | | | | | | | As suggested by schwarze, this removes X509_EX_V_{INIT,NETSCAPE_HACK} and X509_EXT_PACK_{STRING,UNKNOWN} ok inoguchi jsing
* Prepare to provide the EVP_MD_meth_* APItb2022-01-102-2/+130
| | | | | | | | | This allows implementations to add their own EVP_MD_METHODs. Only the setters are provided. This is used by erlang for the otp_test_engine. ok inoguchi jsing
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-31 23:58:07 +0000