summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/evp (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Use C99 initialisers for the AEAD struct.jsing2014-05-151-9/+9
|
* KNF.jsing2014-05-151-70/+67
|
* Add a ChaCha20-Poly1305 AEAD EVP implementation to libcrypto, from Adamjsing2014-05-153-0/+272
| | | | | | Langley's Chromium OpenSSL patches. ok miod@
* KNF.jsing2014-05-152-74/+75
|
* Add an AEAD EVP interface to libcrypto, along with AES-GCM AEADjsing2014-05-155-33/+549
| | | | | | | implementations. This largely pulls in Adam Langley's AEAD patches from Chromium's OpenSSL. ok miod@
* Stop being a dummy... presumably these are left overs from pedantic modejsing2014-05-151-3/+1
| | | | | | that were not wrapped with #if PEDANTIC. ok miod@
* More KNF.jsing2014-05-115-16/+27
|
* KNF.jsing2014-05-112-322/+287
|
* More KNF.jsing2014-05-0811-45/+94
|
* KNF.jsing2014-05-0812-308/+383
|
* Remove KSSL debug code.jsing2014-05-081-21/+0
| | | | "fire bomb" tedu@
* KNF.jsing2014-05-087-912/+917
|
* Nuke OPENSSL_FIPS - having #ifdefs inside a #ifndef for the same thingjsing2014-05-082-18/+0
| | | | | | is amusing. ok deraadt@
* KNF.jsing2014-05-0816-1499/+1544
|
* KNF.jsing2014-05-0714-944/+984
|
* Add checks for invalid base64 encoded data, specifically relating to thejsing2014-05-031-0/+12
| | | | | | | | | | | | | | | | | | | | | handling of padding. This fixes a crash that can be triggered by feeding base64 data followed by 64 or more padding characters, which results in a negative output length. This issue was reported by David Ramos, although the same bug has been sitting in the OpenSSL RT since 2011: https://rt.openssl.org/Ticket/Display.html?id=2608 Worse still, BIO_read seems to be completely unable to detect that the base64 input was invalid/corrupt - in particular, enabling BIO_FLAGS_BASE64_NO_NL results in a stream of zero value bytes rather than no input (possibly a good replacement for /dev/null...), which could result in nasty consequences. Prior to this fix some zero value bytes were also injected without this flag being enabled. The recently added base64 regress triggers and documents these issues (and also ensures that this change retains functional behaviour).
* It is definitly not the correct spelling.jsing2014-05-031-2/+2
|
* KNF.jsing2014-05-034-932/+910
|
* KNF.jsing2014-05-034-495/+514
|
* Nuke unused evptests.txt - the real one is over in regress.jsing2014-05-011-334/+0
| | | | ok miod@
* Provide an EVP implementation for ChaCha.jsing2014-05-013-0/+73
| | | | ok miod@
* Use C99 initializers for the various FOO_METHOD structs. More readable, andmiod2014-04-274-48/+42
| | | | | | | | | | | | | | | | | | | | | | | | | | | | avoid unreadable/unmaintainable constructs like that: const EVP_PKEY_ASN1_METHOD cmac_asn1_meth = { EVP_PKEY_CMAC, EVP_PKEY_CMAC, 0, "CMAC", "OpenSSL CMAC method", 0,0,0,0, 0,0,0, cmac_size, 0, 0,0,0,0,0,0,0, cmac_key_free, 0, 0,0 }; ok matthew@ deraadt@
* Replace all use of ERR_add_error_data with ERR_asprintf_error_data.beck2014-04-262-2/+2
| | | | | | | | This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
* Unifdef -UPEDANTIC. ok beck@ tedu@miod2014-04-233-13/+1
|
* Figure out endianness at compile-time, using _BYTE_ORDER frommiod2014-04-231-3/+3
| | | | | | | <machine/endian.h>, rather than writing 1 to a 32-bit variable and checking whether the first byte is nonzero. tweaks and ok matthew@; ok beck@ tedu@
* Remove files which look like actual code compiled in libcrypto, but isn't.miod2014-04-221-71/+0
| | | | One even says (in comments): HAS BUGS! DON'T USE
* use intrinsic strlcpy and strlcat everywhere so we only have one set ofbeck2014-04-191-1/+1
| | | | | | funcitons to check for incorrect use. keep BUF_strlcpy and BUF_strlcat for API comptibility only. ok tedu@
* kill REF_PRINT/REF_CHECK debugging framework noone would usederaadt2014-04-171-10/+1
| | | | ok miod
* Change library to use intrinsic memory allocation functions instead ofbeck2014-04-1710-31/+31
| | | | | | | | OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
* Do not feed RSA private key information to the random subsystem asderaadt2014-04-171-2/+0
| | | | | | | | entropy. It might be fed to a pluggable random subsystem.... What were they thinking?! ok guenther
* call the correct decrypt function in aes_cbc_cipher()jsg2014-04-171-1/+1
| | | | | | | | | | | | | | | | From: commit e9c80e04c1a3b5a0de8e666155ab4ecb2697a77d Author: Andy Polyakov <appro@openssl.org> Date: Wed Dec 18 21:42:46 2013 +0100 evp/e_[aes|camellia].c: fix typo in CBC subroutine. It worked because it was never called. Our e_camellia.c does not have this problem. ok miod@ deraadt@
* Clean up dangerous strncpy use. This included a use where the resultingbeck2014-04-161-2/+1
| | | | | | | string was potentially not nul terminated and a place where malloc return was unchecked. while we're at it remove dummytest.c ok miod@
* remove md2, jpake, and seed clutter.tedu2014-04-152-184/+0
|
* we don't use these files for buildingtedu2014-04-151-100/+0
|
* remove FIPS mode support. people who require FIPS can buy something thattedu2014-04-1510-213/+2
| | | | | meets their needs, but dumping it in here only penalizes the rest of us. ok beck deraadt
* Moved to regress/lib/libcrypto.miod2014-04-151-450/+0
|
* Send the rotIBM stream cipher (ebcdic) to Valhalla to party for eternitybeck2014-04-151-11/+0
| | | | | with the bearded ones... some API's that nobody should be using will dissapear with this commit.
* unifdef -U OPENBSD_DEV_CRYPTO and OPENSSL_OPENBSD_DEV_CRYPTO. This code was themiod2014-04-142-455/+0
| | | | | | early attempt at getting kernel-assisted crypto(4) used by libcrypto, before the engine API existed, and has been #if 0'd out for ages anyway. No API/ABI change.
* remove auto-generated dependencies from the old unused build system, soderaadt2014-04-141-676/+0
| | | | | that it is easier to find code pieces. They are getting in the way. ok miod
* Cope with the removal of openssl/symhacks.hderaadt2014-04-131-2/+0
|
* Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.miod2014-04-1314-55/+108
|
* cherry pick bugfixes for http://www.openssl.org/news/secadv_20130205.txtmarkus2013-02-141-21/+195
| | | | | from the openssl git (changes between openssl 1.0.1c and 1.0.1d). ok djm@
* remove ACSS, crank libcrypto major; ok markus@ deraadt@djm2013-01-262-91/+0
|
* resolve conflictsdjm2012-10-1333-179/+1806
|
* This commit was generated by cvs2git to track changes on a CVS vendordjm2012-10-131-0/+113
|\ | | | | branch.
| * import OpenSSL-1.0.1cdjm2012-10-131-0/+113
| |
* | This commit was generated by cvs2git to track changes on a CVS vendordjm2012-10-136-3/+765
|\ \ | | | | | | branch.
| * | import OpenSSL-1.0.1cdjm2012-10-1333-131/+2412
| | |
* | | openssl-1.0.0e: resolve conflictsdjm2011-11-036-4/+8
| | |
* | | This commit was generated by cvs2git to track changes on a CVS vendordjm2011-11-032-2/+4
|\| | | | | | | | branch.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-09-02 05:31:09 +0000