summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/evp (follow)
Commit message (Collapse)AuthorAgeFilesLines
* This commit was manufactured by cvs2git to create tag 'OPENBSD_5_8_BASE'.OPENBSD_5_8_BASEcvs2svn2015-08-0258-15942/+0
|
* Replace remaining CRYPTO_memcmp() calls with timingsafe_memcmp().jsing2015-06-202-4/+4
| | | | ok doug@ deraadt@
* Remove obsolete MDC-2DES from libcrypto.doug2015-06-203-126/+2
| | | | ok deraadt@ jsing@ miod@
* Regenmiod2015-02-151-89/+99
|
* 1.18 would introduce a possible out-of-bounds access in the error path;miod2015-02-141-7/+5
| | | | | Coverity CID 105346 ok doug@
* Remove DEBUG_PKCS5V2 code.miod2015-02-141-25/+1
|
* Enable building with -DOPENSSL_NO_DEPRECATED.doug2015-02-112-2/+4
| | | | | | | | | | | | | | | If you didn't enable deprecated code, there were missing err.h and bn.h includes. This commit allows building with or without deprecated code. This was not derived from an OpenSSL commit. However, they recently enabled OPENSSL_NO_DEPRECATED in git and fixed these header problems in a different way. Verified with clang that this only changes line numbers in the generated asm. ok miod@
* unifdef OPENSSL_NO_RC5jsing2015-02-103-29/+3
|
* Remove RC5 code - this is not currently enabled and is not likely to everjsing2015-02-101-128/+0
| | | | | | | | be enabled. Removes one symbol from libcrypto, however there is no ABI change. ok beck@ miod@ tedu@
* EVP_BytesToKey(): return through the error path (which cleans things up)miod2015-02-101-3/+3
| | | | if EVP_DigestInit_ex() fails.
* Replace assert() and OPENSSL_assert() calls with proper error return paths.miod2015-02-108-30/+87
| | | | Careful review, feedback & ok doug@ jsing@
* Remove unnecessary include of assert.hmiod2015-02-102-4/+2
|
* Move a few typedef up in this file in order to be able to use them in env_md_stmiod2015-02-081-14/+10
| | | | | and get rid of a silly FIXME comment. ok doug@ jsing@
* Check memory allocation results in EVP_PBE_alg_add_type().miod2015-02-081-3/+10
| | | | ok doug@ jsing@
* Delete a lot of #if 0 code in libressl.doug2015-02-074-60/+4
| | | | | | | | | | | | | | | | | | | | | | | | | There are a few instances where #if 1 is removed but the code remains. Based on the following OpenSSL commits. Some of the commits weren't strictly deletions so they are going to be split up into separate commits. 6f91b017bbb7140f816721141ac156d1b828a6b3 3d47c1d331fdc7574d2275cda1a630ccdb624b08 dfb56425b68314b2b57e17c82c1df42e7a015132 c8fa2356a00cbaada8963f739e5570298311a060 f16a64d11f55c01f56baa62ebf1dec7f8fe718cb 9ccc00ef6ea65567622e40c49aca43f2c6d79cdb 02a938c953b3e1ced71d9a832de1618f907eb96d 75d0ebef2aef7a2c77b27575b8da898e22f3ccd5 d6fbb194095312f4722c81c9362dbd0de66cb656 6f1a93ad111c7dfe36a09a976c4c009079b19ea1 1a5adcfb5edfe23908b350f8757df405b0f5f71f 8de24b792743d11e1d5a0dcd336a49368750c577 a2b18e657ea1a932d125154f4e13ab2258796d90 8e964419603d2478dfb391c66e7ccb2dcc9776b4 32dfde107636ac9bc62a5b3233fe2a54dbc27008 input + ok jsing@, miod@, tedu@
* Combine c_allc.c and c_alld.c into c_all.c - there is not much point havingjsing2015-02-073-361/+230
| | | | | | | this split across files, especially when two of them have less code than license text. ok bcook@ beck@ doug@ miod@
* More missing error checks I forgot to commit last week, part of the largemiod2014-11-181-12/+23
| | | | cleanup diff.
* KNF (when not conflicting with other cleanup changes in progress)miod2014-11-094-44/+61
|
* GOST crypto algorithms (well, most of them), ported from the removed GOSTmiod2014-11-098-5/+594
| | | | | | | | | | | | engine to regular EVP citizens, contributed by Dmitry Eremin-Solenikov; libcrypto bits only for now. This is a verbatim import of Dmitry's work, and does not compile in this state; the forthcoming commits will address these issues. None of the GOST code is enabled in libcrypto yet, for it still gets compiled with OPENSSL_NO_GOST defined. However, the public header gost.h will be installed.
* Introduce EVP_MD_CTX_ctrl(), to allow for fine control of a given digest.miod2014-11-091-1/+25
| | | | | | | | | This functionality was already available (and optional), and used in the bowels of the ASN.1 code. This exposes it as a public interface, which will be used by the upcoming GOST code. Crank libcrypto minor version. From Dmitry Eremin-Solenikov.
* Check the result of sk_*_push() operations for failure.miod2014-10-281-4/+8
| | | | ok doug@ jsing@
* Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes().jsing2014-10-223-12/+10
| | | | | | | | arc4random_buf() is guaranteed to always succeed - it is worth noting that a number of the replaced function calls were already missing return value checks. ok deraadt@
* None of these need to include <openssl/rand.h>jsing2014-10-185-10/+5
|
* Guard RSA / RC4-5 ASM when NO_ASM is not definedbcook2014-08-111-2/+2
| | | | | | | | | Most assembly blocks remain inactive if OPENSSL_NO_ASM is not defined, only enabling inline assembly, but the RSA / RC4-5 blocks (used only in amd64 systems) turn on implicitly. Guard these two as well. This simplifies enabling just inline ASM in portable, no effective change in OpenBSD.
* Allow B64_EOF to follow a base64 padding character. This restores previousjsing2014-08-061-2/+3
| | | | | | | | behaviour that allows a PEM block to be fed through the base64 decoder. Reported by Dmitry Eremin-Solenikov on tech@ ok deraadt@ tedu@
* Correct error checks in EVP_read_pw_string_min(): UI_add_input_string()guenther2014-08-061-3/+3
| | | | | | | | and UI_add_verify_string() return -1 (and maybe -2?) on failure and >=0 on success, instead of always zero on success problem reported by Mark Patruck (mark (at) wrapped.cx) ok miod@
* In chacha_init(), allow for a NULL iv. Reported by znz on github.miod2014-08-041-2/+3
| | | | ok guenther@ jsing@
* Check the return value of the UI functions (including UI_new() which returnmiod2014-07-231-6/+11
| | | | | | value is happily dereferenced without checking it for being non-NULL). ok beck@
* Now that DES_random_key() can be trusted, use it to generate DES keys in themiod2014-07-222-12/+10
| | | | | | | EVP_CTRL_RAND_KEY method handlers, rather than generating a random odd key and not even checking it against the weak keys list. ok beck@
* Possible PBEPARAM leak in the error path.miod2014-07-131-6/+8
|
* EVP_DigestInit_ex() may be used to recycle an existing EVP_MD_CTX without havingmiod2014-07-131-3/+9
| | | | | | | | | | | | | to reinitialize all of it, especially if it is used with the same MD algorithm. However, when the MD algorithm changes, it needs to perform more cleanups. Make that code more closer to what EVP_MD_CTX_cleanup() does by: - only freeing md_data if EVP_MD_CTX_FLAG_REUSE is not set - performing an explicit_bzero of md_data before freeing it - making sure we call EVP_PKEY_CTX_free on the pctx if the allocation for the new md_data fails. ok tedu@
* No need to include evp_locl.h in there.miod2014-07-136-18/+6
|
* No need to include asn1_mac.h here.miod2014-07-121-2/+1
|
* We have EVP_CIPH_FLAG_DEFAULT_ASN1 in evp.h; no need to keep constructs tomiod2014-07-121-34/+28
| | | | | | build on pre-EVP_CIPH_FLAG_DEFAULT_ASN1 codebases. ok jsing@
* Make the BLOCK_CIPHER_{generic,custom} macros expand to more readable structmiod2014-07-121-67/+102
| | | | definitions using C99 field initializers. No functional change.
* if (x) FOO_free(x) -> FOO_free(x).miod2014-07-125-16/+11
| | | | | | | Improves readability, keeps the code smaller so that it is warmer in your cache. review & ok deraadt@
* OPENSSL_ALGORITHM_DEFINES has been removed from conf.h, no need for it nowtedu2014-07-111-8/+2
|
* Fix copy for CCM, GCM and XTS.miod2014-07-111-12/+70
| | | | | | | | Internal pointers in CCM, GCM and XTS contexts should either be NULL or set to point to the appropriate key schedule. This needs to be adjusted when copying contexts. OpenSSL PR #3272 with further fixes, from OpenSSL trunk
* In EVP_PBE_alg_add don't use the underlying NID for the ciphermiod2014-07-111-2/+2
| | | | as it may have a non-standard key size; OpenSSL PR #3206 via OpenSSL trunk.
* Missing initialization; OpenSSL PR#3289 and #3345 via OpenSSL trunk.miod2014-07-111-2/+3
|
* Only import cryptlib.h in the four source files that actually need it.jsing2014-07-1147-155/+157
| | | | | | | | Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes. ok beck@ miod@
* Explicitly include <openssl/opensslconf.h> in every file that referencesjsing2014-07-1040-53/+155
| | | | | | | | | an OPENSSL_NO_* define. This avoids relying on something else pulling it in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is never going to do anything, since OPENSSL_NO_XYZ will never defined, due to the fact that opensslconf.h has not been included. This also includes some miscellaneous sorting/tidying of headers.
* Kill a blatantly outdated (and now wrong) commentmiod2014-07-101-4/+1
|
* Stop including standard headers via cryptlib.h - pull in the headers thatjsing2014-07-1014-17/+45
| | | | | | are needed in the source files that actually require them. ok beck@ miod@
* remove unused, private version strings except SSL_version_strbcook2014-07-091-3/+1
| | | | | | Also remove unused des_ver.h, which exports some of these strings, but is not installed. ok miod@ tedu@
* Remove BIO_f_reliable(), guilty of playing with EVP_MD_CTX internals itmiod2014-06-242-627/+1
| | | | | should not know anything about. Verified not to be used in ports; riding upon the recent libcrypto major bump.
* Switch to the ISC licensed versions of these files, which Google has madejsing2014-06-212-101/+26
| | | | | | available via boringssl. ok deraadt@
* free iv, then cleanse. from Cyril Jouvetedu2014-06-151-2/+2
|
* Simplify EVP_MD_CTX_create() by just using calloc(). Also, use 0 ratherjsing2014-06-151-9/+4
| | | | | | than '\0' for several memset(). ok beck@ miod@
* Simplify EVP_CIPHER_CTX_new() - stop pretending that EVP_CIPHER_CTX_init()jsing2014-06-151-6/+2
| | | | | | does something special... just use calloc() instead. ok beck@ miod@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-21 16:48:59 +0000