| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
|
| |
This adds the EVP_PKEY_ED25519 and EVP_PKEY_X25519 aliases for the NIDs
and exposes the raw public key API.
The ED25519_KEYLEN and X25519_KEYLEN defines are still kept internal for
now to match what OpenSSL have. We may want to expose those later.
|
| |
|
|
| |
The Ed25519 versions already existed, but OpenSSL chose to uppercase the D.
|
| |
|
|
|
| |
This is needed to print the 32-byte Ed25519 keys which aren't handled
as BNs.
|
| |
|
|
| |
ok jsing@
|
| |
|
|
| |
ok jsing@
|
| |
|
|
|
|
|
|
| |
This applies the guentherizer 9000(tm) to pkcs7, after moving
several pkcs7 funcitions back to pkcs7 that were in x509/x_all.c
for reasons known only to the miasma.
ok jsing@
|
| |
|
|
|
|
|
| |
Automated change from the first attempts at the semi automated
Guentherizer 2000.
ok jsing@ tb@ joshua@
|
| |
|
|
|
|
|
|
|
| |
This cleans up the code that handles command execution for openssl(1),
displays the help message when 'openssl help' is executed, and exits
with code 1 when an invalid command is executed, matching the behaviour
of OpenSSL version 1.1+ and above.
ok tb@
|
| |
|
|
|
|
|
|
|
|
| |
This converts the legacy TLS stack to tls_content - records are now
opened into a tls_content structure, rather than being written back into
the same buffer that the sealed record was read into.
This will allow for further clean up of the legacy record layer.
ok tb@
|
| |
|
|
|
|
|
|
| |
This removes the legacy interactive mode from openssl(1) since it is
rarely used, complicates the code, and has also been removed from
OpenSSL in version 3.x.x.
ok tb@ jsing@
|
| |
|
|
|
|
|
| |
While grouping the API by its purpose is nice, it doesn't help much if >90%
is "general API".
ok jsing
|
| |
|
|
| |
Requested by tb@
|
| |
|
|
|
|
|
| |
There's not much point having a static table in a header file that is only
included in one source file.
Discussed with tb@
|
| | |
|
| | |
|
| |
|
|
| |
ok jsing@ tb@
|
| |
|
|
|
|
|
|
| |
This is effectively:
unifdef -m -DUSE_OBJ_MAC objects/objects.h
ok beck@, with extreme prejudice.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fully explained in libcrypto/README. TL;DR make sure libcrypto
and libssl's function calls internally and to each other are via
symbol names that won't get overridden by linking other libraries.
Mostly work by guenther@, which will currently be gated behind a
build setting NAMESPACE=yes. once we convert all the symbols to
this method we will do a major bump and pick up the changes.
ok tb@ jsing@
|
| | |
|
| | |
|
| |
|
|
|
|
| |
This avoids a bunch of pointer munging and a handrolled memmove.
ok tb@
|
| |
|
|
| |
ok jsing@ tb@
|
| |
|
|
|
|
|
|
|
| |
ASN1_TIME_normalize(3), ASN1_TIME_to_tm(3), ASN1_TIME_cmp_time_t(3),
and ASN1_TIME_compare(3).
Merge documentation from the OpenSSL 1.1.1 branch, which is still
under a free license, with tweaks by me in several respects to match
our implementation, and also using some feedback from beck@.
OK beck@.
|
| |
|
|
|
|
|
|
|
| |
This matches the current OpenSSL behaviour introduced
in their commit:
commit 0daccd4dc1f1ac62181738a91714f35472e50f3c
Date: Thu Jan 28 03:01:45 2016 -0500
ok jsing@ tb@
|
| | |
|
| |
|
|
| |
ok beck@ tb@
|
| |
|
|
|
|
|
|
|
|
| |
that tb@ removed from asn1.h on January 14:
rev. 1.58: ASN1_CTX ASN1_const_CTX
rev. 1.60: ASN1_OBJECT_FLAG_CRITICAL ASN1_OBJECT_FLAG_DYNAMIC
rev. 1.60: ASN1_OBJECT_FLAG_DYNAMIC_DATA ASN1_OBJECT_FLAG_DYNAMIC_STRINGS
rev. 1.61: NETSCAPE_X509 NETSCAPE_X509_free NETSCAPE_X509_new
rev. 1.61: d2i_NETSCAPE_X509 i2d_NETSCAPE_X509
|
| |
|
|
|
|
|
| |
OpenSSL used ED25519, even though the RFCs use Ed25519 - as such, we get to
provide both.
ok tb@
|
| |
|
|
| |
ok jsing@ tb@
|
| |
|
|
|
|
| |
These are needed for EVP implementations of Ed25519 and X25519.
ok beck@ tb@
|
| |
|
|
| |
ok jsing@ tb@
|
| |
|
|
|
|
| |
This will be needed to deal with Curve25519 based keys.
ok beck@ tb@
|
| |
|
|
|
|
| |
This is needed to print byte array based keys, such as Ed25519 and X25519.
ok beck@ tb@
|
| |
|
|
| |
ok jsing@ tb@
|
| |
|
|
| |
files.
|
| |
|
|
| |
ok jsing@
|
| |
|
|
|
|
| |
It's entirely trivial.
ok beck
|
| |
|
|
| |
ok jsing@ tb@
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
This way we deduplicate two inclusions of the same big table and eliminate
lots of stupid casts.
input and ok many
|
| | |
|
| |
|
|
|
|
|
| |
CBS_strdup() now internally checks if the data contains NUL, failing if it
does.
Prompted by beck@
|
| |
|
|
|
|
|
| |
This is effectively the same as done for EVP_PKEY_ASN1_METHOD, although
this table only has nine entries.
ok tb@
|
| |
|
|
|
|
|
|
|
|
|
| |
Rather than messing around with an OBJ_bsearch() for a table that contains
16 entries (and a stack find for any application added methods), simply do
a reverse linear scan. This maintains the application method first
behaviour, while removing a chunk of code.
While here rename some variables and do some style clean up.
ok tb@
|
| |
|
|
| |
Struct tm is limited by it's year being an int.
|
| | |
|
| | |
|
| |
|
|
| |
ok tb@
|
