summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/evp/evp_enc.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* back out calls to EVP_CIPHER_CTX_cleanup() in EVP_Cipher/Encrypt/DecryptFinalbcook2016-09-091-4/+1
| | | | | Software that refers to ctx after calling Final breaks with these changes. revert parts of 1.31 and 1.32
* include <sys/types.h> to get <sys/cdefs.h> instead (for __warn_references)bcook2016-09-041-2/+2
| | | | corrected by deraadt@ / guenther@
* include <sys/cdefs.h> for portablebcook2016-09-041-1/+3
|
* deprecate EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal()bcook2016-09-031-3/+15
| | | | | | | | | | This switches EVP_CipherFinal() to work as EVP_EncryptFinal() and EVP_DecryptFinal() do, always clearing the cipher context on completion. Indicate that, since it is not possible to tell whether this function will clear the context (the API has changed over time in OpenSSL), it is better to use the _ex() variants and explicitly clear instead. ok beck@
* deprecate internal use of EVP_[Cipher|Encrypt|Decrypt]_Final.beck2016-05-301-4/+6
| | | | | | | 14 years ago these were changed in OpenSSL to be the same as the _ex functions. We use the _ex functions only internally to ensure it is obvious the ctx must be cleared. ok bcook@
* fix for integer overflow in encode and encrypt update functions.tedu2016-05-041-2/+2
| | | | | | additionally, in EncodeUpdate, if the amount written would overflow, return 0 instead to prevent bugs in the caller. CVE-2016-2105 and CVE-2016-2106 from openssl.
* revert the big change from yesterday to prepare for smaller commits.tedu2016-05-041-2/+2
|
* patch from openssl for multiple issues:tedu2016-05-031-2/+2
| | | | | | | missing padding check in aesni functions overflow in evp encode functions use of invalid negative asn.1 types ok beck
* Correct spelling of OPENSSL_cleanse.jsing2015-09-101-2/+2
| | | | ok miod@
* Replace assert() and OPENSSL_assert() calls with proper error return paths.miod2015-02-101-14/+31
| | | | Careful review, feedback & ok doug@ jsing@
* Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes().jsing2014-10-221-4/+3
| | | | | | | | arc4random_buf() is guaranteed to always succeed - it is worth noting that a number of the replaced function calls were already missing return value checks. ok deraadt@
* Only import cryptlib.h in the four source files that actually need it.jsing2014-07-111-3/+4
| | | | | | | | Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes. ok beck@ miod@
* Explicitly include <openssl/opensslconf.h> in every file that referencesjsing2014-07-101-1/+3
| | | | | | | | | an OPENSSL_NO_* define. This avoids relying on something else pulling it in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is never going to do anything, since OPENSSL_NO_XYZ will never defined, due to the fact that opensslconf.h has not been included. This also includes some miscellaneous sorting/tidying of headers.
* Stop including standard headers via cryptlib.h - pull in the headers thatjsing2014-07-101-1/+3
| | | | | | are needed in the source files that actually require them. ok beck@ miod@
* remove unused, private version strings except SSL_version_strbcook2014-07-091-3/+1
| | | | | | Also remove unused des_ver.h, which exports some of these strings, but is not installed. ok miod@ tedu@
* Simplify EVP_CIPHER_CTX_new() - stop pretending that EVP_CIPHER_CTX_init()jsing2014-06-151-6/+2
| | | | | | does something special... just use calloc() instead. ok beck@ miod@
* tags as requested by miod and teduderaadt2014-06-121-1/+1
|
* no need for null check before free. from Brendan MacDonelltedu2014-05-301-2/+1
|
* KNF.jsing2014-05-081-339/+333
|
* Change library to use intrinsic memory allocation functions instead ofbeck2014-04-171-5/+5
| | | | | | | | OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
* remove FIPS mode support. people who require FIPS can buy something thattedu2014-04-151-21/+0
| | | | | meets their needs, but dumping it in here only penalizes the rest of us. ok beck deraadt
* resolve conflictsdjm2012-10-131-9/+86
|
* openssl-1.0.0e: resolve conflictsdjm2011-11-031-0/+1
|
* resolve conflicts, fix local changesdjm2010-10-011-52/+215
|
* resolve conflictsdjm2009-01-091-191/+63
|
* update to openssl-0.9.8i; tested by several, especially krw@djm2009-01-051-4/+9
|
* resolve conflictsdjm2008-09-061-78/+49
|
* resolve conflictsdjm2005-04-291-1/+60
|
* merge 0.9.7dmarkus2004-04-081-1/+13
|
* merge 0.9.7b with local changes; crank majors for libssl/libcryptomarkus2003-05-121-8/+22
|
* Merge openssl-0.9.7-stable-SNAP-20020519beck2002-05-211-16/+14
|
* OpenSSL 0.9.7 stable 2002 05 08 mergebeck2002-05-151-61/+229
|
* openssl-engine-0.9.6 mergebeck2000-12-151-39/+110
|
* OpenSSL 0.9.4 mergebeck1999-09-291-52/+19
|
* Import of SSLeay-0.9.0b with RSA and IDEA stubbed + OpenBSD buildryker1998-10-051-0/+303
functionality for shared libs. Note that routines such as sslv2_init and friends that use RSA will not work due to lack of RSA in this library. Needs documentation and help from ports for easy upgrade to full functionality where legally possible.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-09-04 04:47:31 +0000