summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/evp/evp.h (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Fix some annoying whitespace inconsistencies.tb2021-11-301-20/+20
|
* Provide EVP_CTRL_AEAD_* defines.tb2021-11-301-7/+10
| | | | | | | | | This commit adds generic EVP_CTRL_AEAD_{SET,GET}_TAG and _SET_IVLEN defines and aliases the GCM and CCM versions to those. This is the publicly visible part of OpenSSL's e640fa02005. ok inoguchi jsing
* Unifdef LIBRESSL_NEW_API. Now that the library is bumped, this istb2021-11-011-3/+1
| | | | | | no longer needed. ok jsing
* Prepare to provide EVP_MD_CTX_get_md_data()tb2021-10-241-1/+4
| | | | ok beck jsing
* Expose EVP_Digest{Sign,Verify}(3)tb2021-05-101-5/+1
| | | | ok jsing
* Prepare to provide EVP_Digest{Sign,Verify}tb2021-05-091-2/+12
| | | | | | | | | | | These are one-shot versions combining EVP_Digest{Sign,Verify}{Update,Final}. and are part of the OpenSSL 1.1.1 API. While they simplify callers in some situations slightly, their real use is for EdDSA that by design can't be split into Update/Final steps. Based on OpenSSL commit 7539418981c140648a620d72edd7398564878b5c ok inoguchi
* Provide EVP_PKEY_new_CMAC_key(3)tb2021-03-311-5/+1
| | | | ok bcook inoguchi jsing
* Prepare to provide EVP_PKEY_new_CMAC_key()tb2021-03-291-1/+8
| | | | | | | sebastia ran into this when attempting to update security/hcxtools. This will be tested via wycheproof.go once the symbol is public. ok jsing, tested by sebastia
* Disallow the use of zero length IVs in AES-GCM viatb2020-04-271-1/+2
| | | | | | | | | | | EVP_AEAD_CTX_{open,seal}, as this leaks the authentication key. Issue reported and fix tested by Guido Vranken. ok beck, jsing This commit adds a constant to a public header despite library lock, as discussed with deraadt and sthen.
* Add EVP_PKEY_RSA_PSS.jsing2019-10-241-1/+2
| | | | ok tb@
* Provide EVP_PKEY_CTX_get_signature_md() macro and implement thejsing2019-09-091-4/+10
| | | | | | | | EVP_PKEY_CTRL_GET_MD control for DSA, EC and RSA. This is used by the upcoming RSA CMS code. ok inoguchi@ tb@
* Provide ASN1_PKEY_CTRL_CMS_RI_TYPE.jsing2019-08-111-1/+2
|
* Provide EVP_PKEY_get0_hmac(). From OpenSSL 1.1.1 which is stilltb2019-03-171-1/+3
| | | | | | freely licensed. From jsing
* Provide EVP_aes_{128,192,256}_wrap(). This is a compatibletb2019-03-171-1/+12
| | | | | | | | | | | | | implementation based on the one in OpenSSL 1.0.2r which is still freely licensed. The functions are undocumented in OpenSSL. To use them, one needs to set the undocumented EVP_CIPHER_CTX_FLAG_WRAP_ALLOW flag on the EVP_CIPHER_CTX. resolves #505 ok jsing
* Add the SM4 block cipher from the Chinese standard GB/T 32907-2016.tb2019-03-171-1/+10
| | | | | | | | This is an ISC licensed version based on the sources by Ribose Inc that were ported to OpenSSL in 2017. Patch from Daniel Wyatt with minor tweaks. ok inoguchi, jsing
* add support for xchacha20 and xchacha20-poly1305dlg2019-01-221-1/+3
| | | | | | | xchacha is a chacha stream that allows for an extended nonce, which in turn makes it feasible to use random nonces. ok tb@
* provide EVP_ENCODE_CTX_{new,free}().tb2019-01-191-1/+3
| | | | ok jsing
* Add Ribose Inc's implementation of the SM3 hashing function withtb2018-11-111-1/+4
| | | | | | | | | tweaks from jsing and myself. The SM2/SM3/SM4 algorithms are mandatory for legal use of cryptography within China and [are] widely applied in the country, covering identification/financial cards, contactless, TPM 2.0 and PKI. ok beck inoguchi jsing
* Add some accessor functions:djm2018-09-121-1/+5
| | | | | | RSA_meth_get_finish() RSA_meth_set1_name() EVP_CIPHER_CTX_(get|set)_iv() feedback and ok jsing@ tb@
* Add consts to EVP_PKEY_asn1_set_private()tb2018-08-241-2/+2
| | | | | | | | | Requires adding a const to the priv_decode() member of EVP_PKEY_ASN1_METHOD and adjusting all *_priv_decode() functions. All this is already documented this way. tested in a bulk build by sthen ok jsing
* Convert EVP_EncodeUpdate() to return an int to allow for errortb2018-08-241-2/+2
| | | | | | | | | checking. Matches our documented behavior. Based on OpenSSL commit c5ebfcab713a82a1d46a51c8c2668c419425b387 tested in a bulk by sthen ok jsing
* Provide EVP_CIPHER_CTX_encrypting().tb2018-08-241-1/+2
| | | | | tested in a bulk by sthen ok jsing
* Return an int in BIO_set_cipher() to be able to report errors.tb2018-08-241-2/+2
| | | | | tested in a bulk by sthen ok jsing
* Add a const qualifier to the argument of EVP_PKEY_size().tb2018-05-301-2/+2
| | | | | tested in a bulk build by sthen ok jsing
* Add a const qualifier to the argument of EVP_PKEY_get0_asn1(3).tb2018-05-131-2/+2
| | | | | tested in a bulk build by sthen ok beck (as part of a larger diff)
* Add a const qualifier to the argument of EVP_PKEY_get0(3).tb2018-05-131-2/+2
| | | | | tested in a bulk build by sthen ok beck (as part of a larger diff)
* Add a const qualifier to the argument of EVP_PKEY_bits(3).tb2018-05-131-2/+2
| | | | | tested in a bulk build by sthen ok beck (as part of a larger diff)
* Add a const qualifier to the second argument of EVP_DigestVerifyFinal(3).tb2018-05-131-2/+3
| | | | | tested in a bulk build by sthen ok beck (as part of a larger diff)
* Add const qualifiers to return value of BIO_f_{base64,cipher,md}().tb2018-05-021-4/+4
| | | | | tested in bulk by sthen ok jsing
* Provide EVP_PKEY_get0_EC_KEY() and 'if (ret)' vs 'if (ret != 0)' cosmetics.tb2018-02-201-2/+3
| | | | ok jsing
* Provide EVP_CIPHER_CTX_reset().jsing2018-02-171-1/+2
| | | | Rides previous minor bump.
* Provide EVP_MD_CTX_new(), EVP_MD_CTX_free() and EVP_MD_CTX_reset().jsing2018-02-171-2/+6
|
* Provide further parts of the OpenSSL 1.1 API: {DH,DSA}_get0_{key,pqg}(),tb2018-02-171-4/+7
| | | | | | EVP_PKEY_get0_{DH,DSA,RSA}(), RSA_{g,s}et0_key(). ok jsing
* Provide EVP_PKEY_up_ref().jsing2018-02-141-1/+2
|
* Remove EVP_aead_chacha20_poly1305_old() now that the original/oldjsing2017-08-281-2/+1
| | | | chacha20-poly1305 cipher suites have been removed from libssl.
* Add an EVP interface that provides concatenated MD5+SHA1 hashes, which arejsing2017-02-281-1/+2
| | | | | | | | | | used in various parts of TLS 1.0/1.1. This will allow for code simplification in libssl. The same interface exists in OpenSSL 1.1. ok beck@ deraadt@ inoguchi@ millert@
* deprecate internal use of EVP_[Cipher|Encrypt|Decrypt]_Final.beck2016-05-301-4/+10
| | | | | | | 14 years ago these were changed in OpenSSL to be the same as the _ex functions. We use the _ex functions only internally to ensure it is obvious the ctx must be cleared. ok bcook@
* Rename EVP_aead_chacha20_poly1305() to EVP_aead_chacha20_poly1305_old()jsing2016-04-281-2/+2
| | | | | | | and replace with EVP_aead_chacha20_poly1305_ietf(). The IETF version will become the standard version. Discussed with many.
* Add EVP_aead_chacha20_poly1305_ietf() - The informational RFC 7539,reyk2015-11-021-1/+2
| | | | | | | | | "ChaCha20 and Poly1305 for IETF Protocols", introduced a modified AEAD construction that is incompatible with the common style that has been already used in TLS with EVP_aead_chacha20_poly1305(). The IETF version also adds a constant (salt) that is prepended to the nonce. OK mikeb@ jsing@
* Temporarily revive MD4 for MS CHAP support.doug2015-09-141-1/+4
|
* Remove MD4 support from LibreSSL.doug2015-09-131-4/+1
| | | | | | | | MD4 should have been removed a long time ago. Also, RFC 6150 moved it to historic in 2011. Rides the major crank from removing SHA-0. Discussed with many including beck@, millert@, djm@, sthen@ ok jsing@, input + ok bcook@
* Remove SHA-0 support.doug2015-09-131-2/+1
| | | | | | | SHA-0 was withdrawn shortly after publication 20 years ago and replaced with SHA-1. This will require a major crank. ok bcook@, jsing@
* Remove obsolete MDC-2DES from libcrypto.doug2015-06-201-4/+1
| | | | ok deraadt@ jsing@ miod@
* unifdef OPENSSL_NO_RC5jsing2015-02-101-8/+1
|
* Replace assert() and OPENSSL_assert() calls with proper error return paths.miod2015-02-101-1/+8
| | | | Careful review, feedback & ok doug@ jsing@
* Move a few typedef up in this file in order to be able to use them in env_md_stmiod2015-02-081-14/+10
| | | | | and get rid of a silly FIXME comment. ok doug@ jsing@
* Delete a lot of #if 0 code in libressl.doug2015-02-071-5/+1
| | | | | | | | | | | | | | | | | | | | | | | | | There are a few instances where #if 1 is removed but the code remains. Based on the following OpenSSL commits. Some of the commits weren't strictly deletions so they are going to be split up into separate commits. 6f91b017bbb7140f816721141ac156d1b828a6b3 3d47c1d331fdc7574d2275cda1a630ccdb624b08 dfb56425b68314b2b57e17c82c1df42e7a015132 c8fa2356a00cbaada8963f739e5570298311a060 f16a64d11f55c01f56baa62ebf1dec7f8fe718cb 9ccc00ef6ea65567622e40c49aca43f2c6d79cdb 02a938c953b3e1ced71d9a832de1618f907eb96d 75d0ebef2aef7a2c77b27575b8da898e22f3ccd5 d6fbb194095312f4722c81c9362dbd0de66cb656 6f1a93ad111c7dfe36a09a976c4c009079b19ea1 1a5adcfb5edfe23908b350f8757df405b0f5f71f 8de24b792743d11e1d5a0dcd336a49368750c577 a2b18e657ea1a932d125154f4e13ab2258796d90 8e964419603d2478dfb391c66e7ccb2dcc9776b4 32dfde107636ac9bc62a5b3233fe2a54dbc27008 input + ok jsing@, miod@, tedu@
* GOST crypto algorithms (well, most of them), ported from the removed GOSTmiod2014-11-091-1/+34
| | | | | | | | | | | | engine to regular EVP citizens, contributed by Dmitry Eremin-Solenikov; libcrypto bits only for now. This is a verbatim import of Dmitry's work, and does not compile in this state; the forthcoming commits will address these issues. None of the GOST code is enabled in libcrypto yet, for it still gets compiled with OPENSSL_NO_GOST defined. However, the public header gost.h will be installed.
* OPENSSL_ALGORITHM_DEFINES has been removed from conf.h, no need for it nowtedu2014-07-111-8/+2
|
* Remove BIO_f_reliable(), guilty of playing with EVP_MD_CTX internals itmiod2014-06-241-2/+1
| | | | | should not know anything about. Verified not to be used in ports; riding upon the recent libcrypto major bump.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-19 22:54:40 +0000