summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/objects (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Add OIDs for HMAC using Streebog (GOST R 34.11-2012) hash function.jsing2020-06-052-0/+4
| | | | | | | | Diff from Dmitry Baryshkov <dbaryshkov@gmail.com> Sponsored by ROSA Linux ok inoguchi@ tb@
* Add support for additional GOST curves.jsing2020-06-052-4/+16
| | | | | | | | | | | | | These GOST curves are defined in RFC 7836 and draft-deremin-rfc4491-bis. Add aliases for 256-bit GOST curves (see draft-smyshlyaev-tls12-gost-suites) and rename the 512-bit curve ids to follow names defined in tc26 OID registry. Diff from Dmitry Baryshkov <dbaryshkov@gmail.com> Sponsored by ROSA Linux. ok inoguchi@
* Provide NID for pSpecified.jsing2019-11-012-0/+2
| | | | ok tb@
* Add objects for ECDH schemes in RFC 5753.jsing2019-09-052-0/+32
| | | | | | Based on OpenSSL 1.1.1b. ok inoguchi@ tb@
* snprintf/vsnprintf return < 0 on error, rather than -1.deraadt2019-07-031-3/+3
|
* Allocate fixed NIDs for SM3/SM4.jsing2019-04-191-0/+12
|
* Add the SM4 block cipher from the Chinese standard GB/T 32907-2016.tb2019-03-171-0/+16
| | | | | | | | This is an ISC licensed version based on the sources by Ribose Inc that were ported to OpenSSL in 2017. Patch from Daniel Wyatt with minor tweaks. ok inoguchi, jsing
* Fix OID for sm3WithRSAEncryption which was apparently mixed uptb2019-03-021-1/+1
| | | | | | with the OID for SM2 signing with SM3. From Daniel Wyatt
* Add Ribose Inc's implementation of the SM3 hashing function withtb2018-11-111-0/+5
| | | | | | | | | tweaks from jsing and myself. The SM2/SM3/SM4 algorithms are mandatory for legal use of cryptography within China and [are] widely applied in the country, covering identification/financial cards, contactless, TPM 2.0 and PKI. ok beck inoguchi jsing
* ASN1_OBJECTs should be freed with ASN1_OBJECT_free(3), not with free(3).tb2018-09-081-2/+2
| | | | ok inoguchi, jsing
* indent labelstb2018-09-082-8/+8
|
* missing word & a couple of typostb2018-09-081-3/+3
|
* Provide object identifier for chacha20-poly1305.jsing2018-03-172-0/+3
|
* Provide object identifiers for TLS cipher suite key exchange andjsing2018-03-172-0/+20
| | | | authentication.
* Add definitions for three OIDs used in EV certificates.jsing2017-05-252-0/+9
| | | | From Kyle J. McKay <mackyle at gmail dot com>
* Fix typo in issuingDistributionPoint description.jsing2017-02-281-1/+1
|
* Send the function codes from the error functions to the bit bucket,beck2017-01-294-23/+17
| | | | | | as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
* Place {DECLARE,IMPLEMENT}_OBJ_BSEARCH{_GLOBAL,}_CMP_FN macros undefjsing2017-01-211-1/+5
| | | | LIBRESSL_INTERNAL.
* Expand DECLARE_OBJ_BSEARCH_CMP_FN and IMPLEMENT_OBJ_BSEARCH_CMP_FN macros.jsing2017-01-212-12/+92
| | | | No change to generated assembly excluding line numbers.
* OBJ_obj2txt() should return the total amount of space requiredinoguchi2016-12-221-5/+1
| | | | | reported by @rhenium on GitHub ok jsing@
* Explicitly export a list of symbols from libcrypto.jsing2016-12-211-1/+4
| | | | | | | | | | | | | | | | Move the "internal" BN functions from bn.h to bn_lcl.h and stop exporting the bn_* symbols. These are documented as only being intended for internal use, so why they were placed in a public header is beyond me... This hides 363 previously exported symbols, most of which exist in headers that are not installed and were never intended to be public. This also removes a few crusty old things that should have died long ago (like _ossl_old_des_read_pw). But don't worry... there are still 3451 symbols exported from the library. With input and testing from inoguchi@. ok beck@ inoguchi@
* Add objects for X25519, X448, Ed25519 and Ed448.jsing2016-11-052-0/+15
| | | | ok miod@
* remove unused OPENSSL_NO_OBJECT casebcook2016-07-171-14/+1
| | | | ok tedu@
* better fix for overrun reported by Qualys Security.tedu2015-10-141-4/+1
| | | | | | buf is at all times kept nul terminated, so there is no need to enforce this again upon exit. (no need to move buf around after we exahust space.) ok beck miod
* Bail out early if we have no buf_lenbeck2015-10-141-1/+5
| | | | ok miod@
* fix a memory leak reported by Qualys Security.tedu2015-10-141-3/+4
| | | | | | move the bndec variable in tighter since it's not used elsewhere in the loop, then always free it after use. ok bcook miod
* Ensure we don't write a 0 byte past end of the buffer in the error case.beck2015-10-141-3/+3
| | | | ok bcook@ deraadt@
* Coverity ID 78910 - Yet another stupid API designed to not show failures. do thebeck2015-07-181-6/+8
| | | | | | | | | | lease worst alternative and do nothing rather than dereference NULL, but having a function with fundamentally broken API to simply make a list of strings, sort them, and call a function with each string as an argument is really quite silly.... and of course it was exposed API that the ecosystem uses that we can't delete.. yet. ok miod@ doug@
* Remove more IMPLEMENT_STACK_OF noops that have been hiding for the lastjsing2015-02-101-2/+1
| | | | 15 years.
* GOST crypto algorithms (well, most of them), ported from the removed GOSTmiod2014-11-094-1/+34
| | | | | | | | | | | | engine to regular EVP citizens, contributed by Dmitry Eremin-Solenikov; libcrypto bits only for now. This is a verbatim import of Dmitry's work, and does not compile in this state; the forthcoming commits will address these issues. None of the GOST code is enabled in libcrypto yet, for it still gets compiled with OPENSSL_NO_GOST defined. However, the public header gost.h will be installed.
* Check the result of sk_*_push() operations for failure.miod2014-10-281-2/+6
| | | | ok doug@ jsing@
* Use strdup() instead of malloc() + memcpy().miod2014-10-071-8/+3
| | | | ok doug@ jsing@
* Fix CVE-2014-3508, pretty printing and OID validation:guenther2014-08-081-2/+7
| | | | | | | | | | | - make sure the output buffer is always NUL terminated if buf_len was initially greater than zero. - reject OIDs that are too long, too short, or not in proper base-127 Based on https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=0042fb5fd1c9d257d713b15a1f45da05cf5c1c87 ok bcook@
* Fix OID encoding for single components. OpenSSL PR #2556 via OpenSSL trunk.miod2014-07-111-1/+1
| | | | (be sure to make cleandir and make includes before building)
* Only import cryptlib.h in the four source files that actually need it.jsing2014-07-112-7/+7
| | | | | | | | Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes. ok beck@ miod@
* Explicitly include <openssl/opensslconf.h> in every file that referencesjsing2014-07-102-2/+7
| | | | | | | | | an OPENSSL_NO_* define. This avoids relying on something else pulling it in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is never going to do anything, since OPENSSL_NO_XYZ will never defined, due to the fact that opensslconf.h has not been included. This also includes some miscellaneous sorting/tidying of headers.
* Stop including standard headers via cryptlib.h - pull in the headers thatjsing2014-07-102-3/+7
| | | | | | are needed in the source files that actually require them. ok beck@ miod@
* tags as requested by miod and teduderaadt2014-06-127-5/+7
|
* Remove various test stubs. The good ones have been moved by jsingderaadt2014-06-071-28/+0
| | | | | | and others to the regress framework. These remaining ones just muddle us up when re-reading code repeatedly. ok jsing
* malloc() result does not need a cast.deraadt2014-06-072-7/+7
| | | | ok miod
* Clean up some of the nightmare of string and pointer arithmatic inbeck2014-06-011-52/+36
| | | | | | | | | | | | | this nasty function. This gets rid of the nasty tmp variables used to hold temporary strings and the DECIMAL_SIZE hack. it gets rid of the rather pointless null checks for buf (since the original code dereferences it before checking). It also gets rid of the insane possibility this could return -1 when stuff is using the return values to compute lengths All the failure cases now return 0 and an empty string like the first error case in the original code. ok miod@ tedu@
* more: no need for null check before freederaadt2014-05-302-14/+7
| | | | ok tedu guenther
* ok, next pass after review: when possible, put the reallocarray argumentsderaadt2014-05-291-1/+1
| | | | in the "size_t nmemb, size_t size"
* convert 53 malloc(a*b) to reallocarray(NULL, a, b). that is 53deraadt2014-05-292-2/+3
| | | | | | | | | potential integer overflows easily changed into an allocation return of NULL, with errno nicely set if need be. checks for an allocations returning NULL are commonplace, or if the object is dereferenced (quite normal) will result in a nice fault which can be detected & repaired properly. ok tedu
* Turn off MemCheck_on and MemCheck_off. These calls are pointless since thejsing2014-05-251-13/+3
| | | | | | crypto memory debugging code has been castrated. ok miod@ "kill it" beck@
* Almost nothing actually needs to include <openssl/e_os2.h>, however byjsing2014-05-241-1/+2
| | | | | | | including it they get <openssl/opensslconf.h>. So instead of pulling in <openssl/e_os2.h>, just pull in <openssl/opensslconf.h>. "go ahead" miod@
* Update with recently added objects.jsing2014-05-011-0/+18
| | | | ok miod@
* Provide an EVP implementation for ChaCha.jsing2014-05-011-0/+4
| | | | ok miod@
* Add support for the french ANSSI FRP256v1 elliptic curve.miod2014-05-011-0/+2
| | | | | | | | | | While not to be considered a good choice of elliptic curve (refer to http://safecurves.cr.yp.to/ for more details), it is nevertheless deemed a good decision to allow developers with requirements to use such a curve, to be able to do this via a crypto library allowing for much better choices to be made, without having to change (much of) their code to get better crypto. ok beck@ deraadt@
* Add Brainpool elliptic curves. From OpenSSL RT#2239 via ${DAYJOB}.miod2014-05-011-0/+17
| | | | | Be sure to rerun `make includes' after updating. ok tedu@ beck@ deraadt@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-21 07:19:59 +0000