| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
"Stitched" mode AEADs were removed from libssl a long time ago. Nothing
uses these CIPHERs anymore.
ok jsing
|
| | |
|
| |
|
|
|
|
|
|
| |
me aliasing symbols not in the headers I was procesing.
This unbreaks the namespace build so it will pass again
ok tb@
|
| |
|
|
|
|
| |
(part 2 of commit)
ok jsing@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.
Adjust all .c files in libcrypto, libssl and regress.
The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.
discussed with jsing,
no objection bcook
|
| |
|
|
|
|
| |
evp.h will be moved to evp_locl.h in an upcoming bump.
ok inoguchi
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The plen variable can be NO_PAYLOAD_LENGTH == (size_t)-1, so doing
tls_aad[plen-4] is no good. Also check that the length of the AAD
set via the control interface is equal to 13 since the whole file
is written with that case in mind.
Note that we no longer use this code in LibreSSL/OpenBSD. We
eliminated the use of these control interfaces and stitched cipher
modes in libssl a while ago.
Problem found by Guido Vranken with his cryptofuzz - thanks!
input & ok beck, jsing
|
| |
|
|
| |
ok bock@ jsing@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
meaningful constants in a private header file, so that reviewers can actually
get a chance to figure out what the code is attempting to do without knowing
all cpuid bits.
While there, turn it from an array of two 32-bit ints into a properly aligned
64-bit int.
Use of OPENSSL_ia32_P is now restricted to the assembler parts. C code will
now always use OPENSSL_cpu_caps() and check for the proper bits in the
whole 64-bit word it returns.
i386 tests and ok jsing@
|
| |
|
|
|
| |
for both the mac and padding bytes.
CVE-2016-2107 from openssl
|
| | |
|
| |
|
|
|
|
|
| |
missing padding check in aesni functions
overflow in evp encode functions
use of invalid negative asn.1 types
ok beck
|
| |
|
|
| |
ok miod@
|
| |
|
|
|
|
| |
build on pre-EVP_CIPH_FLAG_DEFAULT_ASN1 codebases.
ok jsing@
|
| |
|
|
|
|
|
|
|
| |
an OPENSSL_NO_* define. This avoids relying on something else pulling it
in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is
never going to do anything, since OPENSSL_NO_XYZ will never defined, due
to the fact that opensslconf.h has not been included.
This also includes some miscellaneous sorting/tidying of headers.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
from the openssl git (changes between openssl 1.0.1c and 1.0.1d).
ok djm@
|
| |
|
