summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Move some defines out of the sha3_internal.h header.jsing2023-04-152-10/+6
|
* Stop building GF2m assemblytb2023-04-153-8/+2
| | | | | | | GF2m support will be removed shortly. In the interim drop some of this unused code already and let it fall back to the C implementation. ok jsing
* Revise header guards.jsing2023-04-151-4/+4
|
* Pull constant tables out of sha3_keccakf().jsing2023-04-151-24/+24
|
* Strip and reformat comments.jsing2023-04-152-44/+14
| | | | | Remove various comments that are unhelpful or obvious. Reformat remaining comments per style(9).
* Apply style(9) (first pass).jsing2023-04-152-146/+152
|
* Import sha3_internal.h.jsing2023-04-151-2/+2
|
* Add license to sha3 files.jsing2023-04-152-0/+50
|
* Import tiny_sha3jsing2023-04-152-0/+238
| | | | | | This is a minimal and readable SHA3 implementation. ok tb@
* ssltest: Drop more policy go from this test.tb2023-04-151-357/+21
| | | | Hopefully that is all. What an absolutely horrid mess.
* ssltest: initial pass of dropping proxy cert gootb2023-04-151-89/+1
|
* symbols test: drop LIBRESSL_INTERNALtb2023-04-151-2/+1
| | | | | | This tests the external API, so it should not have visibility to the inside. Silences two warnings since EC_{GROUP,POINT}_clear_free() are now wrapped in #ifndef LIBRESSL_INTERNAL.
* Drop policy printing from openssltb2023-04-146-95/+6
| | | | | | | | | | | | Nothing really uses the policy tree. It's desgined with built-in DoS capabilities directly from the RFC. It will be removed from the attack surface and replaced with something equivalent that doesn't grow exponentially with the depth. This removes the only reason the policy tree itself ever leaked out of the library. ok jsing
* cttest: plug leak due to missing SCT_LIST_free()tb2023-04-141-1/+2
|
* Plug a memleak caused by an extra bump of a refcounttb2023-04-141-2/+1
| | | | SSL_set_session() should really be called SSL_set1_session()...
* Cast the uint64_t SCT timestamps to (unsigned long long) for printing.tb2023-04-141-3/+4
| | | | What a wonderful choice between this and that PRI ugliness...
* Make the signertest work better with the portable test frameworktb2023-04-142-14/+12
|
* Make the apitest work better with the portable tets frameworktb2023-04-142-13/+12
|
* Make cttest work better with the portable test harnesstb2023-04-142-9/+12
|
* Fix cttest to use public headertb2023-04-142-5/+3
|
* Rename the largely misnamed bn_print.c to bn_convert.cjsing2023-04-142-3/+3
| | | | | | | | This file primarily contains the various BN_bn2*() and BN_*2bn() functions (along with BN_print() and BN_options()). More function shuffling will follow. Discussed with tb@
* Provide and use bn_copy_words() in BN_copy().jsing2023-04-141-31/+15
| | | | | | | | This is simpler than the current code, while still being well optimised by compilers, across a range of architectures. In many cases we even get a performance gain for the BN sizes that we primarily care about. Joint work with tb@
* Add support for truncated SHA512 variants.jsing2023-04-142-2/+115
| | | | | | | This adds support for SHA512/224 and SHA512/256, as specified in FIPS FIPS 180-4. These are truncated versions of the SHA512 hash. ok tb@
* Provide soon to be used crypto_store_htobe32().jsing2023-04-141-1/+20
| | | | ok tb@
* Use memset() and only initialise non-zero struct members.jsing2023-04-141-7/+7
| | | | ok tb@
* Fix double free in error path in openssl(1) x509tb2023-04-141-4/+2
| | | | | | | | A conversion from X509_REQ_get_pubkey() to X509_REQ_get0_pubkey() missed one free of pkey in an unlikely error path. After the conversion pkey is no longer owned by us, so we mustn't free it. ok jsing
* The NBs have been duly noted and ignored. Drop them.tb2023-04-132-20/+2
|
* Zap trailing whitespacetb2023-04-131-9/+9
|
* Remove files that definitely contain no code anymoretb2023-04-135-354/+0
| | | | (experts disagree whether they ever did)
* Drop now useless files from the Makefiletb2023-04-131-6/+1
|
* Fold ECDSA sign and verify mess into ecs_ossl.ctb2023-04-133-63/+68
| | | | discussed with jsing
* Move RSA_generate_key() from rsa_depr.c to rsa_gen.ctb2023-04-132-34/+35
| | | | Discussed with jsing
* Move DSA_generate_parameters() from dsa_depr.c to dsa_gen.ctb2023-04-132-21/+23
| | | | Discussed with jsing
* Move DH_generate_parameters() from dh_depr.c to dh_gen.ctb2023-04-132-20/+21
| | | | discussed with jsing
* Fix compilation on sparc64.mbuhl2023-04-131-2/+3
|
* ec_lib.c: fix a few NULL misspellingstb2023-04-131-6/+6
|
* Fix various early return issues spotted by coveritytb2023-04-131-13/+13
| | | | | | | A large mechanical diff led to sloppy review and gave coverity an opportunity to be right for once. First time in a good many weeks. same diff/ok jsing
* ectest: missing error checkingtb2023-04-131-5/+11
| | | | CID 452228
* remove duplicate linesjsg2023-04-121-3/+2
|
* Remove now unused sha_local.h.jsing2023-04-121-419/+0
|
* Provide and use crypto_ro{l,r}_u{32,64}().jsing2023-04-123-25/+39
| | | | | | | | | | | | | | | Various code in libcrypto needs bitwise rotation - rather than defining different versions across the code base, provide a common set that can be reused. Any sensible compiler optimises these to a single instruction where the architecture supports it, which means we can ditch the inline assembly. On the chance that we need to provide a platform specific versions, this follows the approach used in BN where a MD crypto_arch.h header could be added in the future, which would then provide more specific versions of these functions. ok tb@
* Provide and use crypto_store_htobe64().jsing2023-04-122-23/+43
| | | | | | | | | It is common to need to store data in a specific endianness - rather than handrolling and deduplicating code to do this, provide a crypto_store_htobe64() function that converts from host endian to big endian, before storing the data to a location with unknown alignment. ok tb@
* Handle BN_CTX at the EC API boundary.jsing2023-04-1111-491/+553
| | | | | | | | | | | The EC API allows callers to optionally pass in a BN_CTX, which means that any code needing a BN_CTX has to check if one was provided, allocate one if not, then free it again. Rather than doing this dance throughout the EC code, handle the BN_CTX existance at the EC API boundary. This means that lower level implementation code can simply assume that the BN_CTX is available. ok tb@
* Clean up unused BIGNUM.jsing2023-04-111-4/+1
|
* Document the RETURN VALUES of BIO_method_type(3) and BIO_method_name(3)schwarze2023-04-1114-28/+160
| | | | for the various BIO types.
* Recommit jsing's r1.27 - portable is readytb2023-04-111-23/+4
| | | | | | Use htobe64() instead of testing BYTE_ORDER and then handrolling htobe64(). Thanks to tobhe for providing most of the fix via openiked-portable
* While all the BIO_TYPE_* constants are part of the API, most of theirschwarze2023-04-111-32/+77
| | | | | | | | | | | | | values are only part of the ABI and not of the API, so delete them from the SYNOPSIS: application programmers must not rely on the specific values. Instead of listing the specific values, properly describe the meaning of all these constants. However, the values of BIO_TYPE_NONE and BIO_TYPE_START are hard-coded into the API and application programmers need to be aware of their values, so those remain in the SYNOPSIS.
* Back out r1.27 using htobe64() - apparently some OS don't have it.tb2023-04-111-4/+23
| | | | ok jsing
* Consolidate sha1 into a single file.jsing2023-04-113-91/+23
|
* Simplify handling of big vs little endian.jsing2023-04-111-40/+5
| | | | | | | Rather than sprinkling BYTE_ORDER checks throughout the implementation, always define PULL64 - on big endian platforms it just becomes a no-op. ok tb@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-02 14:44:03 +0000