summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Provide EVP_PKEY_CTX_get_signature_md() macro and implement thejsing2019-09-094-7/+25
| | | | | | | | EVP_PKEY_CTRL_GET_MD control for DSA, EC and RSA. This is used by the upcoming RSA CMS code. ok inoguchi@ tb@
* Load CMS error strings.jsing2019-09-091-1/+5
|
* Move #include <openssl/cms.h> to more appropriate location (since it isjsing2019-09-091-3/+2
| | | | now being installed).
* Install the openssl/cms.h header.jsing2019-09-091-1/+3
| | | | | | | | This header includes OPENSSL_NO_CMS guards, so even if things find the header it provides no useful content (and other code should technically also be using OPENSSL_NO_CMS...). ok deraadt@ inoguchi@
* Add CMS ECC support.jsing2019-09-081-2/+370
| | | | | | | | This brings in EC code from OpenSSL 1.1.1b, with style(9) and whitespace cleanups. All of this code is currently under OPENSSL_NO_CMS hence is a no-op. ok inoguchi@
* Add various macros and controls for EC_PKEY_CTX.jsing2019-09-064-28/+316
| | | | | | | | | These are needed for the upcoming EC CMS support (nothing else appears to use them). This largely syncs our ec_pmeth.c with OpenSSL 1.1.1b. With input from inoguchi@ and tb@. ok inoguchi@ tb@
* Handle CMS PEM headers.jsing2019-09-061-1/+11
| | | | ok inoguchi@ tb@
* Add objects for ECDH schemes in RFC 5753.jsing2019-09-052-0/+32
| | | | | | Based on OpenSSL 1.1.1b. ok inoguchi@ tb@
* Build ecdh_kdf.cjsing2019-09-051-2/+2
|
* Replace OPENSSL_cleanse() with explicit_bzero().jsing2019-09-051-1/+1
|
* Provide prototype for ecdh_KDF_X9_63()jsing2019-09-051-1/+7
|
* Include correct header.jsing2019-09-051-1/+1
|
* style(9) and whitespace.jsing2019-09-051-65/+72
|
* Restore per-file license/copyright removed in OpenSSL commit 4f22f40507f.jsing2019-09-051-5/+48
|
* Remove ECDH_KDF_X9_62 wrapper.jsing2019-09-051-12/+0
|
* Provide ECDH KDF for X9.63 as needed for CMS ECC.jsing2019-09-051-0/+81
| | | | | | From OpenSSL 1.1.1b. ok tb@ inoguchi@
* Feed the bntest output to bc(1). This checks the result of the bigbluhm2019-09-052-13/+16
| | | | | | num calculations and avoids lots of ugly output to stdout. Remove fflush(3) of stderr, it is unbuffered anyway. with Moritz Buhl
* Document EVP_PKEY_get0(3), EVP_PKEY_assign_GOST(3), EVP_PKEY_assign(3),schwarze2019-09-012-31/+116
| | | | | and EVP_PKEY_set_type(3). While here, clarify a few points regarding reference count and type checking.
* mop up resolver.3 rename; ok deraadtjmc2019-08-305-15/+15
|
* mop up for inet_net rename; ok deraadtjmc2019-08-303-9/+9
|
* adapt to bitstring(3) renaming, and look at that bit_ffs(3) is the actualderaadt2019-08-301-3/+3
| | | | | name we want to Xr... ok jmc
* Move 4 manual pages from not-a-function filenames to a correct filename,deraadt2019-08-306-16/+16
| | | | | and correct Xr. ok jmc
* Remove unnecessary NULL check before free function in openssl(1) dgstinoguchi2019-08-301-11/+6
|
* Wrap lines over 80 cols and put space before goto label in openssl(1) dgstinoguchi2019-08-301-20/+30
|
* Simplify checking and more readable descriptions in openssl(1) dgstinoguchi2019-08-301-8/+8
| | | | suggested from jsing@
* Convert openssl(1) dgst to the newer style of option handlinginoguchi2019-08-301-99/+216
| | | | | | | | Adapt openssl(1) dgst command to new option handling. Added dgst_options struct and option handlers, and replaced for-if-strcmp handling with options_parse(). ok bcook@ jsing@
* new manual page AES_encrypt(3)schwarze2019-08-284-5/+181
|
* document OCSP_parse_url(3)schwarze2019-08-271-6/+75
|
* document OCSP_cert_status_str(3)schwarze2019-08-271-3/+19
|
* document OCSP_response_status_str(3)schwarze2019-08-271-4/+19
|
* document i2a_ASN1_INTEGER(3)schwarze2019-08-261-5/+50
|
* document ASN1_put_object(3) and ASN1_put_eoc(3)schwarze2019-08-263-3/+186
|
* document ASN1_OCTET_STRING_cmp(3), ASN1_OCTET_STRING_dup(3), andschwarze2019-08-261-12/+45
| | | | ASN1_OCTET_STRING_set(3)
* Change generating and checking of primes so that the error rate ofschwarze2019-08-252-26/+93
| | | | | | | | | | | not being prime depends on the intended use based on the size of the input. For larger primes this will result in more rounds of Miller-Rabin. The maximal error rate for primes with more than 1080 bits is lowered to 2^-128. Patch from Kurt Roeckx <kurt@roeckx.be> and Annie Yousar via OpenSSL commit feac7a1c Jul 25 18:55:16 2018 +0200, still under a free license. OK tb@.
* document EVP_sm3(3) and EVP_whirlpool(3), loosely based on theschwarze2019-08-255-6/+177
| | | | OpenSSL 1.1.1 pages, which are still under a free license
* fix reversed meaning of error codes;schwarze2019-08-251-7/+7
| | | | | from Martin Ukrop <mukrop at mail dot muni dot cz> via OpenSSL commit bb00b040 Aug 5 14:14:54 2019 +0200
* typo in function argument type;schwarze2019-08-251-4/+4
| | | | | from Jan Macku <jamacku at redhat dot com> via OpenSSL commit a9b9d265 Jan 30 16:09:50 2019 +0100
* Correctly document the return values of i2d_ECDSA_SIG(3) andschwarze2019-08-251-25/+28
| | | | | | | d2i_ECDSA_SIG(3); triggered by OpenSSL commit da4ea0cf Aug 5 16:13:24 2019 +0100, but solved differently. While here, adjust argument placeholders and wording to our usual conventions, and don't try to reiterate the complicated contents of ASN1_item_d2i(3) here.
* import the CRYPTO_memcmp(3) manual from OpenSSL 1.1.1,schwarze2019-08-252-1/+97
| | | | still under a free license, tweaked by me
* document RSAPrivateKey_dup(3) and RSAPublicKey_dup(3)schwarze2019-08-231-11/+55
|
* document X509_get1_email(3), X509_get1_ocsp(3), X509_email_free(3)schwarze2019-08-236-12/+141
|
* document X509_dup(3)schwarze2019-08-231-8/+40
|
* document X509_check_purpose(3)schwarze2019-08-226-9/+403
|
* New manual page X509_cmp(3) documenting the same public functionsschwarze2019-08-206-10/+241
| | | | | | as in OpenSSL 1.1.1. I rewrote most of the text for clarity, precision, and conciseness and added some additional information. A few sentences from Paul Yang remain.
* Add static_ASN1_* macroinoguchi2019-08-201-1/+72
| | | | - Add static_ASN1_* macro. Patch was provided by steils AT gentoo.org
* make BN_CTX_end(NULL) a NOOP for compatibility with documented behaviourschwarze2019-08-202-4/+12
| | | | | | | | | in OpenSSL 1.1.1 even though in general, letting random functions accept NULL is not advisable because it can hide programming errors; "yes please" tb@ "unfortunately I suspect you're right" jsing@ "oh well" deraadt@
* document X509_INFO_new(3) and X509_INFO_free(3)schwarze2019-08-194-10/+78
|
* document ECDH_compute_key(3) and ECDH_size(3);schwarze2019-08-198-15/+110
| | | | feedback and OK tb@
* Tweak cross references, in particular making sure thatschwarze2019-08-1823-48/+85
| | | | | all CMS pages are linked to CMS_ContentInfo_new(3) both ways and that closely related pages reference each other.
* minor cleanup:schwarze2019-08-182-63/+37
| | | | | | * avoid jumping back and forth between use cases * delete duplicate information * and minor wording improvements
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-06 16:43:17 +0000