| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
discussed with jsing
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Like most hashes, MD5 needs to keep count of the number of bits in the
message being processed. However, rather than using a 64 bit counter this
is implemented using two 32 bit values (which is exposed in the public
API). Even with this hurdle, we can still use 64 bit math and let the
compiler figure out how to best handle the situation (hopefully avoiding
compiler warnings on 16 bit platforms in the process!). On amd64 this code
now requires two instructions, instead of the previous five.
While here remove a comment that is excessively visible and no longer
completely accurate (and if you're going to redefine types like MD5_WORD
you kinda need to know what you're doing).
ok tb@ (who's going to miss the dear diary style comments)
|
| |
|
|
| |
requested by jsing on review
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
HMAC() and the one-step digests used to support passing a NULL buffer and
would return the digest in a static buffer. This design is firmly from the
nineties, not thread safe and it saves callers a single line. The few ports
that used to rely this were fixed with patches sent to non-hostile (and
non-dead) upstreams. It's early enough in the release cycle that remaining
uses hidden from the compiler should be caught, at least the ones that
matter.
There won't be that many since BoringSSL removed this feature in 2017.
https://boringssl-review.googlesource.com/14528
Add non-null attributes to the headers and add a few missing bounded
attributes.
ok beck jsing
|
| | |
|
| |
|
|
|
|
|
|
| |
Modified patch from Dmitry Eremin-Solenikov
leave the sole public define in ripemd.h
ok deraadt@ miod@
|
| |
|
|
| |
ok jsing@
|
| |
|
|
|
|
|
| |
while we can take it out in portable at compile time, it is still a problem
when we install this header file on a system that doesn't support __bounded__
if this is unguarded.
ok miod@ bcook@
|
| |
|
|
|
|
|
|
|
| |
an OPENSSL_NO_* define. This avoids relying on something else pulling it
in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is
never going to do anything, since OPENSSL_NO_XYZ will never defined, due
to the fact that opensslconf.h has not been included.
This also includes some miscellaneous sorting/tidying of headers.
|
| |
|
|
|
|
|
|
| |
type for BF_LONG, MD[45]_LONG and SHA_LONG.
First, the preprocessor symbols they check for a 64-bit system is __ILP64__
which no sane system provides; second, on the platforms which have assembler
code to speed things up, the assembler code assumes a 32-bit type will be used.
|
| |
|
|
| |
ok miod@
|
| | |
|
| |
|
|
|
|
|
| |
including it they get <openssl/opensslconf.h>. So instead of pulling in
<openssl/e_os2.h>, just pull in <openssl/opensslconf.h>.
"go ahead" miod@
|
| |
|
|
|
| |
fixed-width types instead of choosing int or long depending upon what we
think the architecture support.
|
| |
|
|
|
| |
meets their needs, but dumping it in here only penalizes the rest of us.
ok beck deraadt
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
*warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2
if you are using the ssl26 packages for ssh and other things to work you will
need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
|
| | |
|
|
|
functionality for shared libs.
Note that routines such as sslv2_init and friends that use RSA will
not work due to lack of RSA in this library.
Needs documentation and help from ports for easy upgrade to full
functionality where legally possible.
|
