summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/crypto (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Remove OpenSSL engine RSAX.doug2015-07-192-3/+2
| | | | | | | | | OpenSSL stopped building it last year and removed it this year. Based on OpenSSL commit c436e05bdc7f49985a750df64122c960240b3ae1. Also cranked major version in libcrypto, libssl and libtls. "fine with me" bcook@ miod@
* Fix pointer to unsigned long conversion.doug2015-06-271-2/+2
| | | | | | | bcook@ notes that this check really only impacted 64-bit Windows. Also, changed the check to be unsigned for consistency. ok bcook@
* Crank major for libcrypto, ssl and tls due to MDC-2DES removal.doug2015-06-201-1/+1
| | | | ok miod@ jsing@
* Remove obsolete MDC-2DES from libcrypto.doug2015-06-201-7/+2
| | | | ok deraadt@ jsing@ miod@
* Disable ENGINE_load_dynamic (dynamic engine support).bcook2015-06-1913-13/+0
| | | | | | | We do not build, test or ship any dynamic engines, so we can remove the dynamic engine loader as well. This leaves a stub initialization function in its place. ok beck@, reyk@, miod@
* Remove unneeded sys/sysctl.h on linux.bcook2015-06-131-2/+1
| | | | This only provides the sysctl wrapper in glibc, which we do not use and is not available in other libc implementations for Linux. Thanks to ncopa from github.
* Record inter-library dependencies between libcrypto, libssl and libtlskettenis2015-05-171-0/+1
|
* Not all Linux libc's include linux/sysctl.h in sys/sysctl.h.bcook2015-04-271-2/+3
| | | | Include it if we have the sysctl syscall.
* Support AIX versions without WPAR support.bcook2015-04-271-1/+5
| | | | From Michael Felt.
* Send OPENSSL_issetugid() straight to hell, no final cigarette.deraadt2015-04-112-3/+3
| | | | | | | | | | | | | | | | | | | The issetugid() API is supposed to make a strong promise where "0 means it is safe to look at the environment". Way back in the past someone on the OpenSSL team responded to the environment access danger by creating a wrapper called OPENSSL_issetugid, and went to use it a number of places. However, by default on systems lacking true issetugid(), OPENSSL_issetugid returns 0. 0 indicating safely. False safety. Which means OPENSSL_issetugid() fails to make any sort of promise about safety, in fact it is just the opposite. Can you believe the OpenSSL team? This nastiness was noticed over the years, however noone could gain traction and get it fixed in OpenSSL. Also see a paragraph about this in http://www.tedunangst.com/flak/post/worst-common-denominator-programming ok jsing
* add initial AIX getentropy/arc4random files. Thanks to Michael Felt.bcook2015-03-302-0/+501
|
* sys/sysctl.h includes linux/sysctl.h, remove the extra unchecked includebcook2015-03-221-2/+1
|
* In the neverending saga of enabling and disabling assembler code for shamiod2015-03-181-5/+1
| | | | | | | | | | | routines on hppa, the cause for sha512-parisc subtly misbehaving has been found: despite having fallback pa1.1 code when running on a 32-bit cpu, the shift constants used in the sigma computations in sha512 are >= 32 and are silently truncated to 5 bits by the assembler, so there is no chance of getting this code to work on a non-pa2.0 processor. However, the pa1.1 fallback code for sha256 is safe, as it never attempts to shift by more than 31, so reenable it again.
* Do not use sha512-parisc for now, as it is subtly bugged - passes the shamiod2015-03-051-1/+3
| | | | | | | | | | | regress tests but causes tls ciphersuite using sha386 to fail; found the hard way by henning@. I can't see anything wrong in the generated assembly code yet, but building a libcrypto with no assembler code but sha512_block_data_order() is enough to trigger Henning's issue, so the bug lies there. No ABI change; ok deraadt@
* Bump libcrypto and libssl majors, due to various recent churn.jsing2015-02-221-1/+1
| | | | Discussed with/requested by deraadt@ at the conclusion of s2k15.
* unifdef OPENSSL_NO_RFC3779 - this is currently disabled and unlikely tojsing2015-02-101-2/+1
| | | | | | be enabled, mostly since people use SANs instead. ok beck@ guenther@
* Remove RC5 code - this is not currently enabled and is not likely to everjsing2015-02-101-8/+2
| | | | | | | | be enabled. Removes one symbol from libcrypto, however there is no ABI change. ok beck@ miod@ tedu@
* Remove crypto/store - part of which is "currently highly experimental".jsing2015-02-101-6/+1
| | | | | | | This code is not compiled in and OPENSSL_NO_STORE is already defined in opensslfeatures.h. No symbol removal for libcrypto. ok beck@
* Crank major for libcrypto since symbols have been removed.jsing2015-02-071-2/+2
| | | | Requested by deraadt@
* Combine c_allc.c and c_alld.c into c_all.c - there is not much point havingjsing2015-02-071-2/+2
| | | | | | | this split across files, especially when two of them have less code than license text. ok bcook@ beck@ doug@ miod@
* Add X509_STORE_load_mem() to load certificates from a memory bufferreyk2015-01-222-3/+3
| | | | | | | | | | | instead of disk. OpenSSL didn't provide a built-in API from loading certificates in a chroot'ed process that doesn't have direct access to the files. X509_STORE_load_mem() provides a new backend that will be used by libssl and libtls to implement such privsep-friendly functionality. Adopted for LibreSSL based on older code from relayd (by pyr@ and myself) With feedback and OK bluhm@
* Add arc4random/getentropy shims for NetBSD.bcook2015-01-192-0/+150
| | | | | | | | | | The latest NetBSD (6.1.5) arc4random does not appear to reseed the CRNG state after a fork, so provide an override until the fork-safe version in CVS appears in a release. These are the same as the FreeBSD shims. ok deraadt@
* back in september I did the large abstraction refactoring to allow thesederaadt2015-01-156-6/+12
| | | | other systems to fit into the same mold, so add copyright
* mix in more virtual memory and process informationbcook2015-01-071-2/+4
|
* add initial HP-UX getentropy/arc4random support.bcook2015-01-062-0/+496
| | | | | | patch from Kinichiro Inoguchi, tested on HP-UX 11.31 ok deraadt@
* Revert to the use of C code for the basic BN routines (bn_add_words,miod2014-12-071-2/+7
| | | | | bn_div_words, bn_mul_add_words, bn_mul_words, bn_sqr_words, bn_sub_words) on sgi, because the generated assembly code isn't R4000-safe.
* Move Windows OS-specific functions to make porting easier.bcook2014-12-031-5/+5
| | | | | | | | | Several functions that need to be redefined for a Windows port are right in the middle of other code that is relatively portable. This patch isolates the functions that need Windows-specific implementations so they can be built conditionally in the portable tree. ok jsing@ deraadt@
* mop up a barely started project... getting in the way of grepping the tree!deraadt2014-11-221-4/+0
|
* Oops, make sure camellia is compiled on platforms without an arch-specificmiod2014-11-201-1/+2
| | | | Makefile.inc (i.e. landisk and m88k)
* Enable the build of GOST routines in libcrypto. Riding upon the Cammeliamiod2014-11-181-6/+6
| | | | libcrypto minor bump.
* Add the Cammelia cipher to libcrypto.miod2014-11-1712-12/+33
| | | | | | | | | | | | | | | | | | There used to be a strong reluctance to provide this cipher in LibreSSL in the past, because the licence terms under which Cammelia was released by NTT were free-but-not-in-the-corners, by restricting the right to modify the source code, as well retaining the right to enforce their patents against anyone in the future. However, as stated in http://www.ntt.co.jp/news/news06e/0604/060413a.html , NTT changed its mind and made this code truly free. We only wish there had been more visibility of this, for we could have had enabled Cammelia earlier (-: Licence change noticed by deraadt@. General agreement from the usual LibreSSL suspects. Crank libcrypto.so minor version due to the added symbols.
* correct the failure case for getentropy on win32bcook2014-11-111-3/+3
| | | | | | CryptAcquireContext and CryptGenRandom returns zero (FALSE) if fails. From: Dongsheng Song <dongsheng.song@gmail.com>
* GOST crypto algorithms (well, most of them), ported from the removed GOSTmiod2014-11-091-1/+10
| | | | | | | | | | | | engine to regular EVP citizens, contributed by Dmitry Eremin-Solenikov; libcrypto bits only for now. This is a verbatim import of Dmitry's work, and does not compile in this state; the forthcoming commits will address these issues. None of the GOST code is enabled in libcrypto yet, for it still gets compiled with OPENSSL_NO_GOST defined. However, the public header gost.h will be installed.
* Introduce EVP_MD_CTX_ctrl(), to allow for fine control of a given digest.miod2014-11-091-1/+1
| | | | | | | | | This functionality was already available (and optional), and used in the bowels of the ASN.1 code. This exposes it as a public interface, which will be used by the upcoming GOST code. Crank libcrypto minor version. From Dmitry Eremin-Solenikov.
* Add hooks to override native arc4random_buf on FreeBSD.bcook2014-11-032-0/+149
| | | | | | | | | | | | | | | | The FreeBSD-native arc4random_buf implementation falls back to weak sources of entropy if the sysctl fails. Remove these dangerous fallbacks by overriding locally. Unfortunately, pthread_atfork() is also broken on FreeBSD (at least 9 and 10) if a program does not link to -lthr. Callbacks registered with pthread_atfork() simply fail silently. So, it is not always possible to detect a PID wraparound. I wish we could do better. This improves arc4random_buf's safety compared to the native FreeBSD implementation. Tested on FreeBSD 9 and 10.
* include header needed by older linux kernelsbcook2014-10-111-1/+2
| | | | not all versions of <linux/random.h> include <linux/types.h> by default
* Revert r1.5 and reenable assembler version of ghash now that it has beenmiod2014-09-271-3/+3
| | | | fixed.
* Disable assembler code for ghash on hppa, causes wrong computations in somemiod2014-09-272-4/+4
| | | | | cases and breaks TLS 1.2; crank libcrypto.so minor version out of safety and to be able to tell broken versions apart easily.
* preserve errno value on success.bcook2014-08-281-4/+6
| | | | | If getrandom returns a temporary failure, make sure errno is not polluted when it succeeds. Thanks to deraadt@ for pointing it out.
* only build the getrandom path if SYS_getrandom is defined.bcook2014-08-161-3/+7
| | | | like the sysctl path
* getrandom(2) support for getentropy_linuxbcook2014-08-161-13/+10
| | | | | | | | | | | This enables support for the new getrandom(2) syscall in Linux 3.17. If the call exists and fails, return a failure in getentropy(2) emulation as well. This adds a EINTR check in case the urandom pool is not initialized. Tested on Fedora Rawhide with 3.17rc0 and Ubuntu 14.04 ok deraadt@
* munmap correct object in (extremely unlikely, and effectively terminal)deraadt2014-08-133-6/+6
| | | | | case of failing to map the 2nd object. found by Paul Maurers
* Guard RSA / RC4-5 ASM when NO_ASM is not definedbcook2014-08-111-1/+3
| | | | | | | | | Most assembly blocks remain inactive if OPENSSL_NO_ASM is not defined, only enabling inline assembly, but the RSA / RC4-5 blocks (used only in amd64 systems) turn on implicitly. Guard these two as well. This simplifies enabling just inline ASM in portable, no effective change in OpenBSD.
* Remove SRP code. It contains a bug (this should not surprise anyone), buttedu2014-07-281-5/+1
| | | | | | | | | | | the details are under embargo. The original plan was to wait for the embargo to lift, but we've been waiting for quite some time, and there's no indication of when or even if it will end. No sense in dragging this out any longer. The SRP code has never been enabled in OpenBSD, though I understand it is in use by some other people. However, in light of this and other issues, we're officially saying SRP is outside the scope of libressl. (For now.)
* better match proposed syscall apibcook2014-07-221-8/+2
|
* protect sysctl path with SYS__sysctl instead; from enh@google, ok bcookderaadt2014-07-211-6/+6
|
* Use explicit_bzero() instead of memset() on buffers going out of scope.guenther2014-07-213-6/+9
| | | | | | | Also, zero the SHA256 context. suggested by "eric" in a comment on an opensslrampage.org post ok miod@ deraadt@
* cast from void * before math; enh@googlederaadt2014-07-211-2/+2
|
* Move more OS-specific functionality to arc4random.h headers.bcook2014-07-204-4/+37
| | | | | | | | Move <sys/mman.h> and raise(SIGKILL) calls to OS-specific headers. On OpenBSD, move thread_private.h as well to arc4random.h. On Windows, use TerminateProcess on getentropy failure. ok deraadt@
* initial win32 ARC4_LOCK/UNLOCK implementation.bcook2014-07-201-1/+21
| | | | | It may make sense to later replace this with a Critical Section later. ok guenther@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 18:22:11 +0000