summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* typo in comment; Effectivly -> Effectively; ok gilles@op2024-09-031-2/+2
|
* wild white spacederaadt2024-09-031-2/+2
|
* Remove X509_check_trust documentationtb2024-09-027-226/+11
|
* The X509at_* manuals are no longer neededtb2024-09-024-299/+4
|
* Also remove .Xr to X509at_*tb2024-09-021-4/+2
|
* Excise X509at_* from X509_REQ_* documentationtb2024-09-021-22/+10
|
* Rename lastpos to start_after to match other, similar manualstb2024-09-021-13/+13
|
* More X509at_* removaltb2024-09-021-8/+4
|
* Remove mention of the no longer public X509at_* functionstb2024-09-021-23/+12
|
* Adjust function signatures for const X509_LOOKUP_METHODtb2024-09-022-8/+8
|
* symbols: remove special case for cpuid_setup and cpu_capstb2024-09-011-8/+1
| | | | The former is gone and the latter is available in crypto.h.
* sync x509v3_add_value with x509_utl.ctb2024-08-311-19/+32
|
* Rewrite X509V3_add_value() to a single exit idiomtb2024-08-311-19/+32
| | | | ok jsing
* Remove redundant COPYRIGHT file.jsing2024-08-311-50/+0
| | | | | | This is already included at the top of each file in this directory. Prompted by tb@
* Make fcrypt_body() static and remove prototype.jsing2024-08-312-6/+3
|
* Unifdef DES_PTR, DES_RISC1 and DES_RISC2.jsing2024-08-313-162/+3
| | | | | | | These are all go fast knobs that convolute the code and can be dangerous. Lets presume that we have a modern and somewhat capable C compiler instead. ok tb@
* Unifdef OPENBSD_DES_ASM.jsing2024-08-312-10/+2
| | | | | | There are no assembly implementations now. ok tb@
* Inline and remove spr.h.jsing2024-08-312-211/+149
| | | | | | This is only included once in des_enc.c - inline the tables instead. Prompted by tb@
* Combine DES code into a smaller set of files.jsing2024-08-3119-1967/+1185
| | | | Discussed with tb@
* Merge fcrypt_b.c into fcrypt.c.jsing2024-08-313-148/+136
| | | | | | | There is no need for these to be separate (presumably done due to assembly implementations, even though there are #ifdef as well). Discussed with tb@
* Remove now unused ncbc_enc.c.jsing2024-08-311-160/+0
|
* Expand DES_ncbc_encrypt() in des_enc.c.jsing2024-08-311-3/+80
| | | | | | | Copy ncbc_enc.c where it was previously #included, then clean up with `unifdef -m -UCBC_ENC_C__DONT_UPDATE_IV`. Discussed with tb@
* Expand DES_cbc_encrypt() in cbc_enc.c.jsing2024-08-311-3/+73
| | | | | | | Copy ncbc_enc.c where it was previously #included, then clean up with `unifdef -m -DCBC_ENC_C__DONT_UPDATE_IV`. Discussed with tb@
* Update for OPENSSL_cpu_caps() now being machine independent.jsing2024-08-313-17/+5
|
* Update for OPENSSL_cpu_caps() now being machine independent.jsing2024-08-311-6/+2
| | | | ok tb@
* Make OPENSSL_cpu_caps() machine independent.jsing2024-08-312-18/+23
| | | | | | | | | | | OPENSSL_cpu_caps() is currently machine dependent and exposes CPUID data on amd64 and i386. However, what it is really used for is to indicate whether specific algorithms are accelerated on the given hardware. Change OPENSSL_cpu_caps() so that it returns a machine indepent value, which decouples it from amd64/i386 and will allow it to be used appropriately on other platforms in the future. ok tb@
* Undo workaround for EVP_PKEY_*check() removaltb2024-08-311-3/+2
|
* major bump for libcrypto libssl and libtlstb2024-08-313-5/+5
|
* Bump LIBRESSL_VERSION_NUMBERtb2024-08-311-3/+3
|
* Remove SSL_add_compression_methodtb2024-08-316-36/+10
|
* Expose X509_get_signature_infotb2024-08-312-3/+2
| | | | | | | | To compensate for all the removals, a single, small, constructive piece of this bump: expose X509_get_signature_info() so that libssl's security level API can handle RSA-PSS certificates correctly. ok beck jsing
* Make X509at_* API internaltb2024-08-315-75/+19
| | | | | | | | The only consumer, yara, has been adjusted. It will be some more work to remove this idiocy internally, but at least we will no longer have to care about external consumers. ok beck jsing
* Unexport OPENSSL_cpuid_setup and OPENSSL_ia32cap_Ptb2024-08-314-8/+1
| | | | | | | | | This allows us in particular to get rid of the MD Symbols.list which were needed on amd64 and i386 for llvm 16 a while back. OPENSSL_ia32cap_P was never properly exported since the symbols were marked .hidden in the asm. ok beck jsing
* Zap HMAC_Inittb2024-08-314-16/+3
| | | | | | Long deprecated, last users have been fixed. ok beck jsing
* Nuke the whrlpool (named after the galaxy) from orbittb2024-08-3110-1018/+6
| | | | | | | It's just gross. Only used by a popular disk encryption utility on an all-too-popular OS one or two decades back. ok beck jsing
* Remove DES_enc_{read,write} and DES_rw_modetb2024-08-315-101/+3
| | | | | | | Unfortunately we'll probably never be able to get rid of DES entirely. One part of it that is old enough to be a grandparent can go, though. ok beck jsing
* Garbage collec UI_UTIL remnantstb2024-08-315-89/+3
| | | | ok beck jsing
* Remove EVP_PKEY.*attr* APItb2024-08-314-119/+3
| | | | | | I ranted enough about this recently. PKCS#12. Microsoft. 'nuff said. ok beck jsing
* Move BIT_STRING_BITNAME tables to consttb2024-08-312-6/+6
| | | | | | | | | Another bunch of const correctness fixes for global tables. These are used to map ns cert types, key usage types and CRL reasons to strings and vice versa. By the looks of it, nobody ever figured out how to use this (need I mention that it's convoluted?). ok beck jsing
* const correct X509_LOOKUP_METHODtb2024-08-316-19/+19
| | | | | | | With this another family of global tables becomes const as it should always have been. ok beck jsing
* Remove X509_REQ_{set,get}_extension_nids()tb2024-08-314-28/+3
| | | | | | | | LibreSSL no longer supports non-standard OIDs for use in the extensions attribute of CSRs. The API that enabled that (and nobody used of course) can now go. ok beck jsing
* Make X509_VAL opaquetb2024-08-313-7/+11
| | | | | | | Nothing needs to reach into this structure, which is part of certificates. So hide its innards. ok beck jsing
* Remove X509_check_trust() and some related definestb2024-08-315-35/+11
| | | | | | | | | Someone thought it would be a good idea to append non-standard trust information to the certs in the trust store. This API is used to inspect that depending on the intended purpose of the cert. Only M2Crypto thought it necessary to expose this. It was adjusted. ok beck jsing
* Remove ERR_add_{,v}data()tb2024-08-314-40/+3
| | | | | | Another unused bit of legacy API... ok beck jsing
* The X509V3_CONF_METHOD goes awaytb2024-08-311-10/+1
| | | | | | No longer used, never really needed. ok beck jsing
* Remove X509V3_get_string/X509V3_string_freetb2024-08-312-19/+2
| | | | | | | These have always been unused, but the db_meth abstraction hid that very well. Bye. ok beck jsing
* Make some more x509 conf stuff internaltb2024-08-3113-72/+42
| | | | | | | This internalizes a particularly scary layer of conf used for X.509 extensions. Again unused public API... ok beck jsing
* Retire X509V3_set_conf_lhash()tb2024-08-314-16/+3
| | | | | | | | Thankfully sthen removed the out-of-support PHP versions 7.4 and 8.0, which were the last users of this API, which in turn permitted much of this conf rampage. Now the stub can join its guts in the attic. ok beck jsing
* Retire X509V3_EXT_{,CRL_,REQ_}add_conf()tb2024-08-314-42/+3
| | | | | | | | Fortunately all projects who want to configure their extensions using a dangerous string DSL/API figured out the fact that one was supposed to be using the nconf version of these (the hint is the 'n', as in new). ok beck jsing
* Remove OPENSSL_load_builtin_modulestb2024-08-316-10/+9
| | | | | | | This became obsolete with the automatic library initialization. Now it is time for it to become an internal API. ok beck jsing
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-31 18:04:56 +0000