summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/pem/pem_lib.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Handle CMS PEM headers.jsing2019-09-061-1/+11
| | | | ok inoguchi@ tb@
* Check return value of EVP_EncodeUpdate() in PEM_write_bio().tb2018-08-241-2/+3
| | | | ok jsing
* Add const qualifier to the 'name', 'header', and 'data' arguments oftb2018-05-131-4/+5
| | | | | | | PEM_write(3) and PEM_write_bio(3). tested in a bulk build by sthen ok jsing
* make ENGINE_finish() succeed on NULL and simplify callers as intb2018-04-141-3/+2
| | | | | | | | | | | OpenSSL commit 7c96dbcdab9 by Rich Salz. This cleans up the caller side quite a bit and reduces the number of lines enclosed in #ifndef OPENSSL_NO_ENGINE. codesearch.debian.net shows that almost nothing checks the return value of ENGINE_finish(). While there, replace a few nearby 'if (!ptr)' with 'if (ptr == NULL)'. ok jsing, tested by & ok inoguchi
* use freezero() instead of memset/explicit_bzero + free. Substantiallyderaadt2017-05-021-11/+4
| | | | | | | | | | reduces conditional logic (-218, +82). MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH cache alignment calculation bn/bn_exp.c wasn'tt quite right. Two other tricky bits with ASN1_STRING_FLAG_NDEF and BN_FLG_STATIC_DATA where the condition cannot be collapsed completely. Passes regress. ok beck
* Send the function codes from the error functions to the bit bucket,beck2017-01-291-38/+31
| | | | | | as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
* unifdef OPENSSL_NO_CMSjsing2016-10-191-10/+1
|
* Correct spelling of OPENSSL_cleanse.jsing2015-09-101-11/+11
| | | | ok miod@
* Drop stupid (int) casts for the arguments of malloc() and friends. This ismiod2015-07-191-2/+2
| | | | | not 16-bit MS-DOS anymore. ok bcook@ tedu@
* Make sure the `reject negative sizes' logic introduced in 1.34 is actuallymiod2015-07-161-3/+4
| | | | | applied to all code paths. ok beck@ bcook@ doug@ guenther@
* Guenther has plans for OPENSSL_NO_CMS, so revert this for the moment.beck2015-02-111-1/+10
|
* get rid of OPENSSL_NO_CMS code we do not use.beck2015-02-111-10/+1
| | | | ok miod@
* Enable building with -DOPENSSL_NO_DEPRECATED.doug2015-02-111-1/+2
| | | | | | | | | | | | | | | If you didn't enable deprecated code, there were missing err.h and bn.h includes. This commit allows building with or without deprecated code. This was not derived from an OpenSSL commit. However, they recently enabled OPENSSL_NO_DEPRECATED in git and fixed these header problems in a different way. Verified with clang that this only changes line numbers in the generated asm. ok miod@
* Replace assert() and OPENSSL_assert() calls with proper error return paths.miod2015-02-101-4/+10
| | | | Careful review, feedback & ok doug@ jsing@
* Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes().jsing2014-10-221-4/+3
| | | | | | | | arc4random_buf() is guaranteed to always succeed - it is worth noting that a number of the replaced function calls were already missing return value checks. ok deraadt@
* Make sure PEM_def_callback() correctly handles negative buffer sizes; all usesmiod2014-07-231-10/+17
| | | | | | | within libcrypto are safe, but until we can change this function prototype to use size_t instead of int, better be safe than sorry. tweaks and ok guenther@
* Only import cryptlib.h in the four source files that actually need it.jsing2014-07-111-6/+7
| | | | | | | | Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes. ok beck@ miod@
* Explicitly include <openssl/opensslconf.h> in every file that referencesjsing2014-07-101-1/+3
| | | | | | | | | an OPENSSL_NO_* define. This avoids relying on something else pulling it in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is never going to do anything, since OPENSSL_NO_XYZ will never defined, due to the fact that opensslconf.h has not been included. This also includes some miscellaneous sorting/tidying of headers.
* Stop including standard headers via cryptlib.h - pull in the headers thatjsing2014-07-101-2/+4
| | | | | | are needed in the source files that actually require them. ok beck@ miod@
* delete some casts. ok miodtedu2014-07-101-2/+2
|
* remove unused, private version strings except SSL_version_strbcook2014-07-091-3/+1
| | | | | | Also remove unused des_ver.h, which exports some of these strings, but is not installed. ok miod@ tedu@
* tags as requested by miod and teduderaadt2014-06-121-1/+1
|
* malloc() result does not need a cast.deraadt2014-06-071-1/+1
| | | | ok miod
* Avoid the use of an uninitialised variable. In reality, this is a non-issuejsing2014-06-011-2/+1
| | | | | | | since the calculated value is not actually used in the uninitialised case. Change the code so that we only do the calculation if we actually need it. Issue detected by clang and reported by both brad@ and Brent Cook.
* convert 53 malloc(a*b) to reallocarray(NULL, a, b). that is 53deraadt2014-05-291-1/+1
| | | | | | | | | potential integer overflows easily changed into an allocation return of NULL, with errno nicely set if need be. checks for an allocations returning NULL are commonplace, or if the object is dereferenced (quite normal) will result in a nice fault which can be detected & repaired properly. ok tedu
* Everything sane has stdio, and FILE *. we don't need ifdefs for this.beck2014-05-291-15/+0
| | | | ok to firebomb from tedu@
* Replace all use of ERR_add_error_data with ERR_asprintf_error_data.beck2014-04-261-1/+1
| | | | | | | | This avoids a lot of ugly gymnastics to do snprintfs before sending the bag of strings to ERR, and eliminates at least one place in dso_dlfctn.c where it was being called with the incorrect number of arguments and using random things off the stack as addresses of strings. ok krw@, jsing@
* More KNF.jsing2014-04-211-2/+2
|
* KNF.jsing2014-04-211-504/+532
|
* use intrinsic strlcpy and strlcat everywhere so we only have one set ofbeck2014-04-191-6/+6
| | | | | | funcitons to check for incorrect use. keep BUF_strlcpy and BUF_strlcat for API comptibility only. ok tedu@
* Change library to use intrinsic memory allocation functions instead ofbeck2014-04-171-14/+14
| | | | | | | | OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
* Do not feed RSA private key information to the random subsystem asderaadt2014-04-171-1/+0
| | | | | | | | entropy. It might be fed to a pluggable random subsystem.... What were they thinking?! ok guenther
* Send the rotIBM stream cipher (ebcdic) to Valhalla to party for eternitybeck2014-04-151-15/+0
| | | | | with the bearded ones... some API's that nobody should be using will dissapear with this commit.
* Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.miod2014-04-131-10/+17
|
* openssl-1.0.0e: resolve conflictsdjm2011-11-031-2/+0
|
* resolve conflicts, fix local changesdjm2010-10-011-15/+85
|
* resolve conflictsdjm2009-01-091-0/+3
|
* resolve conflictsdjm2008-09-061-14/+19
|
* resolve conflictsdjm2005-04-291-5/+10
|
* merge 0.9.7dmarkus2004-04-081-8/+11
|
* merge 0.9.7b with local changes; crank majors for libssl/libcryptomarkus2003-05-121-11/+15
|
* str{cat,cpy}/sprintf cleanup. markus@, deraadt@ okho2003-04-031-6/+8
|
* merge with openssl-0.9.7-stable-SNAP-20020911,markus2002-09-141-2/+5
| | | | | new minor for libcrypto (_X509_REQ_print_ex) tested by miod@, pb@
* OpenSSL 0.9.7 stable 2002 05 08 mergebeck2002-05-151-241/+37
|
* openssl-engine-0.9.6 mergebeck2000-12-151-13/+13
|
* OpenSSL 0.9.5a mergebeck2000-04-151-1/+1
|
* OpenSSL 0.9.5 mergebeck2000-03-191-31/+191
| | | | | | *warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
* OpenSSL 0.9.4 mergebeck1999-09-291-116/+157
|
* Import of SSLeay-0.9.0b with RSA and IDEA stubbed + OpenBSD buildryker1998-10-051-0/+762
functionality for shared libs. Note that routines such as sslv2_init and friends that use RSA will not work due to lack of RSA in this library. Needs documentation and help from ports for easy upgrade to full functionality where legally possible.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-25 05:24:24 +0000