summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/x509/x509_cmp.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Clean up EVP_MD_CTX_{legacy_clear,cleanup}() usage in x509/x509_cmp.cjoshua2024-03-251-21/+25
| | | | ok tb@
* Use EVP_MD_CTX_legacy_clear() internallytb2024-02-181-3/+3
| | | | ok jsing
* libressl *_namespace.h: adjust *_ALIAS() to require a semicolontb2023-02-161-26/+26
| | | | | | | | | | LCRYPTO_ALIAS() and LSSL_ALIAS() contained a trailing semicolon. This does not conform to style(9), breaks editors and ctags and (most importantly) my workflow. Fix this by neutering them with asm("") so that -Wpedantic doesn't complain. There's precedent in libc's namespace.h fix suggested by & ok jsing
* Make internal header file names consistenttb2022-11-261-3/+3
| | | | | | | | | | | | | | | | Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special. Adjust all .c files in libcrypto, libssl and regress. The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually. discussed with jsing, no objection bcook
* Hide public symbols in libcrypto/x509 .c filesbeck2022-11-141-1/+26
| | | | ok tb@
* Get rid of SHA1 for comparing CRL's - use SHA512 just like we do for certs.beck2022-02-241-2/+2
| | | | ok tb@
* Include evp_locl.h where it will be needed once most structs fromtb2021-12-121-1/+2
| | | | | | evp.h will be moved to evp_locl.h in an upcoming bump. ok inoguchi
* Cache sha512 hash and parsed not_before and not_after with X509 cert.beck2021-11-041-2/+2
| | | | | | | | | | | Replace sha1 hash use with sha512 for certificate comparisons internal to the library. use the cached sha512 for the validator's verification cache. Reduces our recomputation of hashes, and heavy use of time1 time conversion functions noticed bu claudio@ in rpki client. ok jsing@ tb@
* Move the now internal X.509-related structs into x509_lcl.h.tb2021-11-011-1/+3
| | | | | | | | Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and fix a couple of unnecessary reacharounds. ok jsing
* Fix a number of ASN1_INTEGER vs ASN1_STRING mixups coming from thetb2019-03-131-2/+2
| | | | | | | | | | | mechanical M_ASN1 macro expansion. The ASN1_INTEGER_cmp function takes signs into account while ASN1_STRING_cmp doesn't. The mixups mostly involve serialNumbers, which, in principle, should be positive. However, it is unclear whether that is checked or enforced anywhere in the code, so these are probably bugs. Patch from Holger Mikolon ok jsing
* Provide X509_get0_serialNumber()tb2018-08-241-1/+7
| | | | | tested in a bulk by sthen ok jsing
* Add const to both arguments of X509_check_private_key(3).tb2018-05-181-5/+4
| | | | | tested in a bulk build by sthen input & ok jsing
* Add const qualifier to the argument of X509_get_issuer_name(3) andtb2018-05-131-3/+3
| | | | | | | X509_get_subject_name(3). tested in a bulk build by sthen ok jsing (as part of a larger diff)
* Convert a handful of X509_*() functions to take const as in OpenSSL.tb2018-05-011-2/+2
| | | | | tested in a bulk by sthen ok jsing
* Fix X509_get0_pubkey() - X509_get_pubkey() is a misnamed "get1" function,jsing2018-03-171-2/+4
| | | | | | so call X509_PUBKEY_get0() instead. Spotted by schwarze@ while documenting.
* Provide X509_chain_up_ref().jsing2018-02-221-1/+19
| | | | From BoringSSL.
* Provide X509_get0_pubkey().jsing2018-02-221-2/+8
|
* Send the function codes from the error functions to the bit bucket,beck2017-01-291-7/+4
| | | | | | as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
* Expand obsolete M_ASN1.*(cmp|dup|print|set) macros - no change in generatedjsing2015-07-291-2/+2
| | | | | | assembly. ok bcook@
* X509_issuer_and_serial_hash(): do not leak memory if an error occurs duringmiod2014-09-261-1/+3
| | | | | | the first EVP block. ok tedu@
* Check X509_NAME_oneline() return value when it will have to allocate memory.miod2014-07-131-1/+3
|
* if (x) FOO_free(x) -> FOO_free(x).miod2014-07-121-3/+2
| | | | | | | Improves readability, keeps the code smaller so that it is warmer in your cache. review & ok deraadt@
* Only import cryptlib.h in the four source files that actually need it.jsing2014-07-111-2/+2
| | | | | | | | Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes. ok beck@ miod@
* Explicitly include <openssl/opensslconf.h> in every file that referencesjsing2014-07-101-1/+3
| | | | | | | | | an OPENSSL_NO_* define. This avoids relying on something else pulling it in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is never going to do anything, since OPENSSL_NO_XYZ will never defined, due to the fact that opensslconf.h has not been included. This also includes some miscellaneous sorting/tidying of headers.
* Stop including standard headers via cryptlib.h - pull in the headers thatjsing2014-07-101-2/+4
| | | | | | are needed in the source files that actually require them. ok beck@ miod@
* tags as requested by miod and teduderaadt2014-06-121-1/+1
|
* Stop setting the EVP_MD_CTX_FLAG_NON_FIPS_ALLOW - it has been ignored sincejsing2014-06-111-1/+0
| | | | | | OpenSSL 1.0.0. ok miod@ (a little while back)
* KNF.jsing2014-04-201-103/+128
|
* blunt force knftedu2014-04-181-57/+52
|
* Change library to use intrinsic memory allocation functions instead ofbeck2014-04-171-1/+1
| | | | | | | | OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
* Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.miod2014-04-131-8/+7
|
* resolve conflictsdjm2012-10-131-7/+20
|
* resolve conflicts, fix local changesdjm2010-10-011-169/+68
|
* resolve conflictsdjm2009-04-061-1/+2
|
* resolve conflictsdjm2009-01-091-1/+7
|
* resolve conflictsdjm2008-09-061-37/+22
|
* resolve conflictsdjm2005-04-291-13/+35
|
* merge 0.9.7b with local changes; crank majors for libssl/libcryptomarkus2003-05-121-7/+112
|
* OpenSSL 0.9.7 stable 2002 05 08 mergebeck2002-05-151-16/+21
|
* openssl-engine-0.9.6a mergebeck2001-06-221-12/+6
|
* openssl-engine-0.9.6 mergebeck2000-12-151-11/+17
|
* OpenSSL 0.9.5 mergebeck2000-03-191-4/+19
| | | | | | *warning* this bumps shared lib minors for libssl and libcrypto from 2.1 to 2.2 if you are using the ssl26 packages for ssh and other things to work you will need to get new ones (see ~beck/libsslsnap/<arch>) on cvs or ~beck/src-patent.tar.gz on cvs
* OpenSSL 0.9.4 mergebeck1999-09-291-51/+87
|
* Import of SSLeay-0.9.0b with RSA and IDEA stubbed + OpenBSD buildryker1998-10-051-0/+257
functionality for shared libs. Note that routines such as sslv2_init and friends that use RSA will not work due to lack of RSA in this library. Needs documentation and help from ports for easy upgrade to full functionality where legally possible.
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 07:02:50 +0000