summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/buffer (unfollow)
Commit message (Collapse)AuthorFilesLines
2018-12-15Backport getentropy changes from deraadt@ on MAINbcook5-144/+27
Saw a mention somewhere a while back that the gotdata() function in here could creates non-uniformity since very short fetches of 0 would be excluded. blocks of 0 are just as random as any other data, including blocks of 4 4 4.. This is a misguided attempt to identify errors from the entropy churn/gather code doesn't make sense, errors don't happen. ok bcook
2018-11-17Use a blinding value when generating DSA and ECDSA signatures, in order totb2-23/+104
reduce the possibility of a side-channel attack leaking the private key. OpenBSD 6.3 errata 022
2018-06-13MFC: Reject excessively large primes in DH key generation. Problem reportedlibressl-v2.7.4jsing1-1/+6
by Guido Vranken to OpenSSL (https://github.com/openssl/openssl/pull/6457) and based on his diff. suggestions from tb@, ok tb@ jsing@ Original commit by sthen@
2018-06-13MFC: Avoid a timing side-channel leak when generating DSA and ECDSAjsing2-7/+4
signatures. This is caused by an attempt to do fast modular arithmetic, which introduces branches that leak information regarding secret values. Issue identified and reported by Keegan Ryan of NCC Group. ok beck@ tb@
2018-06-13Bump to LibreSSL 2.6.4bcook1-3/+3
2018-05-03bump to 2.7.3libressl-v2.7.3bcook1-3/+3
2018-05-02MFC:tb1-5/+1
Remove incorrect NULL checks in DH_set0_key(). Reported by Ondrej Sury, LibreSSL-portable issue #92. ok inoguchi, jsing
2018-04-18Limit tls_config_clear_keys() to only clearing private keys.jsing3-8/+6
This was inadvertently clearing the keypair, which includes the OCSP staple and pubkey hash - if an application called tls_configure() followed by tls_config_clear_keys(), this would prevent OCSP staples from working. ok beck@
2018-03-24bump to 2.7.2bcook1-3/+3
2018-03-24finish ssl HISTORY; mostly 1.1.0/6.3, but also various other fixeslibressl-v2.7.1schwarze18-47/+104
2018-03-24ouch, previous was wrong; revert it and fix HISTORY insteadschwarze1-2/+29
2018-03-23delete two functions that do not existschwarze1-22/+1
2018-03-23finish crypto HISTORY; mostly 1.1.0/6.3, but also various other fixesschwarze52-155/+289
2018-03-23ssl.h HISTORY up to 1.0.2; researched from OpenSSL git and OpenBSD CVSschwarze6-9/+41
2018-03-23crypto HISTORY up to 1.0.2; researched from OpenSSL git and OpenBSD CVSschwarze6-12/+41
2018-03-23ssl.h HISTORY up to 1.0.1; researched from OpenSSL gitschwarze9-18/+60
2018-03-23crypto HISTORY up to 1.0.1; researched from OpenSSL gitschwarze10-16/+79
2018-03-23ssl.h HISTORY up to 1.0.0; researched from OpenSSL gitschwarze2-5/+15
2018-03-23crypto HISTORY up to 1.0.0; researched from OpenSSL gitschwarze43-114/+299
2018-03-23ssl.h HISTORY up to 0.9.8zh; researched from OpenSSL gitschwarze2-8/+11
2018-03-23crypto HISTORY up to 0.9.8zh; researched from OpenSSL gitschwarze3-4/+18
2018-03-23ssl.h HISTORY up to 0.9.8h; researched from OpenSSL gitschwarze3-6/+23
2018-03-23crypto HISTORY up to 0.9.8h; researched from OpenSSL gitschwarze7-14/+59
2018-03-23ssl.h HISTORY up to 0.9.8; researched from OpenSSL gitschwarze4-8/+31
2018-03-23crypto HISTORY up to 0.9.8; researched from OpenSSL gitschwarze29-68/+329
2018-03-22crypto HISTORY up to 0.9.7h; researched from OpenSSL gitschwarze6-10/+34
2018-03-22ssl.h HISTORY up to 0.9.7; researched from OpenSSL gitschwarze4-12/+19
2018-03-22crypto HISTORY up to 0.9.7; researched from OpenSSL gitschwarze51-134/+383
2018-03-22organizationUnitName -> organizationalUnitName;jmc1-3/+3
from matt schwartz
2018-03-22crypto HISTORY up to 0.9.6h; researched from OpenSSL gitschwarze1-2/+6
2018-03-22ssl.h HISTORY up to 0.9.6c; researched from OpenSSL gitschwarze1-2/+8
2018-03-22crypto HISTORY up to 0.9.6c; researched from OpenSSL gitschwarze2-5/+7
2018-03-22crypto HISTORY up to 0.9.6a; researched from OpenSSL gitschwarze1-2/+4
2018-03-22crypto HISTORY up to 0.9.6; researched from OpenSSL gitschwarze19-36/+141
2018-03-22bump for 2.7.1bcook1-3/+4
2018-03-22ssl.h HISTORY up to 0.9.5; researched from OpenSSL gitschwarze3-6/+22
2018-03-22crypto HISTORY up to 0.9.5; researched from OpenSSL gitschwarze48-140/+362
2018-03-22Call strlen() if name length provided is 0, like OpenSSL does.beck1-1/+3
Issue notice by Christian Heimes <christian@python.org> ok deraadt@ jsing@
2018-03-21Catch up after beck@ fixed autoconfiguration:schwarze3-62/+55
* Say more precisely what OPENSSL_config(3) and OPENSSL_no_config(3) do. * Revert the deprecation notice for them, nothing wrong with them. * Document OPENSSL_INIT_LOAD_CONFIG. * Deprecate OpenSSL_add_all_algorithms(3), it's now automatic. * Add OpenSSL_add_all_algorithms(3) HISTORY. Substantial feedback and OK beck@.
2018-03-21ssl.h HISTORY up to 0.9.4; researched from OpenSSL gitschwarze2-3/+15
2018-03-21crypto HISTORY up to 0.9.4; researched from OpenSSL gitschwarze12-25/+92
2018-03-21ssl.h HISTORY up to 0.9.3; researched from OpenSSL gitlibressl-v2.7.0schwarze3-4/+19
2018-03-21crypto HISTORY up to 0.9.3; researched from OpenSSL gitschwarze21-43/+178
2018-03-21ssl.h HISTORY up to 0.9.2b; researched from OpenSSL gitschwarze8-11/+49
2018-03-21crypto HISTORY up to OpenSSL 0.9.2b; researched from OpenSSL gitschwarze18-30/+134
2018-03-21Full sync of CA list with Mozilla's.sthen1-580/+3448
Produced using curl's make-ca-bundle.pl and then reformatted with our format-pem.pl from: https://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt OK benno@. juanfra agrees with syncing with Mozilla. No objections received.
2018-03-21Adjust (non-installed) helper script to cope better with CAs that don't havesthen1-2/+6
"o=" in their subject.
2018-03-21crypto HISTORY up to OpenSSL 0.9.1c; researched from OpenSSL gitschwarze1-3/+6
2018-03-21ssl.h HISTORY up to SSLeay 0.9.1; researched from OpenSSL gitschwarze2-4/+12
2018-03-21crypto HISTORY up to SSLeay 0.9.1; researched from OpenSSL gitschwarze17-34/+101
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-05-12 19:48:01 +0000