summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* In the case where len is not a multiple of sizeof(RC4_CHUNK) the RC4 codejsing2015-10-211-63/+1
| | | | | | | | | | | | | | will end up doing a read and write of up to 7 bytes beyond the specified length. This is effectively a non-issue since we read and write back the same data and due to alignment it is within a page boundary. Regardless, avoid this by removing the "special" handling for the remaining length and allow the standard (non-chunk) code to process the remaining bytes, which does not result in overrun. Reported by Pascal Cuoq <cuoq at trust-in-soft.com> - thanks! ok beck@ miod@
* Lob a style(9) grenade in here.jsing2015-10-203-172/+185
|
* Stop supporing "legcay" time formats that OpenSSL supports. Rewrite thebeck2015-10-198-611/+350
| | | | | | utctime and gentime wrappers accordingly. Along with some other cleanup. this also removes the need for timegm. ok bcook@ sthen@ jsing@
* Remove pointless externs - the structs are declared in the same files ajsing2015-10-163-8/+3
| | | | few lines above.
* Expand DECLARE_ASN1_ALLOC_FUNCTIONS and DECLARE_ASN1_FUNCTIONS_constjsing2015-10-163-11/+34
| | | | macros. The only change in the generated assembly is due to line numbering.
* Remove pointless uses of DECLARE_ASN1_ENCODE_FUNCTIONS_const.jsing2015-10-163-8/+5
| | | | | DECLARE_ASN1_FUNCTIONS_const already includes this macro so using both means we end up with duplicate function prototypes and externs.
* actually include the prerequisite dependency for BIO instead of doing nastynessbeck2015-10-161-5/+2
|
* better fix for overrun reported by Qualys Security.tedu2015-10-141-4/+1
| | | | | | buf is at all times kept nul terminated, so there is no need to enforce this again upon exit. (no need to move buf around after we exahust space.) ok beck miod
* Bail out early if we have no buf_lenbeck2015-10-141-1/+5
| | | | ok miod@
* fix a memory leak reported by Qualys Security.tedu2015-10-141-3/+4
| | | | | | move the bndec variable in tighter since it's not used elsewhere in the loop, then always free it after use. ok bcook miod
* Ensure we don't write a 0 byte past end of the buffer in the error case.beck2015-10-141-3/+3
| | | | ok bcook@ deraadt@
* tweak previous (two details i apparently missed)schwarze2015-10-141-4/+6
|
* Add EVP_AEAD_CTX_init(3) manpage to document the new(ish) AEAD API.reyk2015-10-143-1/+281
| | | | | | | | | | | | The "authenticated encryption with additional data" API is used for ciphers like AES-GCM or ChaCha20-Poly1305. The manpage is a beginning and certainly needs more work, especially improvements in the EXAMPLES section. Based on agl's source code comments. Converted from pod to mandoc by schwarze@ OK schwarze@ jsing@
* Put ASN1_dup() under #ifndef LIBRESSL_INTERNAL.jsing2015-10-131-5/+5
|
* Convert ECParameters_dup() from a macro that uses ASN1_dup_of() into anjsing2015-10-133-5/+20
| | | | | | actual function. This removes the last ASN1_dup_of usage from the tree. Feedback from doug@ and miod@
* Convert a number of the old ASN1_{d2i,i2d}_{bio,fp}_of() macros tojsing2015-10-131-19/+19
| | | | | | ASN1_item_{d2i,i2d}_{bio,fp}() function calls. ok beck@ doug@
* Group d2i/i2d function prototypes by type and add missing externs for thejsing2015-10-131-7/+12
| | | | DSAPublicKey, DSAPrivateKey and DSAparams ASN1_ITEMs.
* unifdef EVP_CHECK_DES_KEY: Ben Kaduk noticed it has a syntax error; thatguenther2015-10-122-20/+2
| | | | | | | | error was present in the original 2004 commit, so it hasn't been used in over 11 years, thus exceeding our deprecation requirements by over a decade. OpenSSL has chosen to *fix it*; we'll gladly watch it burn ok jsing@
* Rip the guts out of another gibbering horror of a time comparison function, andbeck2015-10-082-37/+24
| | | | | mark it as #ifndef LIBRESSL_INTERNAL at least we don't use this. ok jsing@
* revert previous accidental commitbeck2015-10-082-23/+36
|
* Spelling in commentbeck2015-10-083-39/+25
|
* prefer limits.h over sys/limits.hbcook2015-10-061-3/+3
| | | | ok deraadt@
* Make sure dot is not set after tz - fixes incorrect handling, which allowsjsing2015-10-051-2/+2
| | | | | | 20151005171301+1.09Z to be treated as a valid time. ok beck@
* Apply some style(9), tweak a few things for readability and add somejsing2015-10-041-36/+40
| | | | | | additional bounds checks. ok beck@
* Flense the greasy black guts of unreadble string parsing code out of three areasbeck2015-10-028-272/+334
| | | | | | | | | in asn1 and x509 code, all dealing with an ASN1_TIME. This brings the parsing together in one function that converts into a struct tm. While we are at it this also brings us into conformance with RFC 5280 for times allowed in an X509 cert, as OpenSSL is very liberal with what it allows. input and fixes from deraadt@ jsing@ guethther@ and others. ok krw@, guenther@, jsing@
* Place all of the ASN1 M_ macros under #ifndef LIBRESSL_INTERNAL.jsing2015-09-301-30/+37
|
* Expand M_i2d_ASN1_OCTET_STRING macros - no change in generated assembly,jsing2015-09-301-3/+5
| | | | aside from line numbers.
* s/M_ASN1_ENUMERATED_free/ASN1_ENUMERATED_free/jsing2015-09-301-2/+2
|
* Replace M_ASN1_ENUMERATED_(free|new) with ASN1_ENUMERATED_(free|new).jsing2015-09-301-3/+3
|
* Replace M_ASN1_OCTET_STRING_(free|new) with ASN1_OCTET_STRING_(free|new).jsing2015-09-3015-49/+49
|
* Replace M_ASN1_UTCTIME_(new|free) with ASN1_UTCTIME_(new|free).jsing2015-09-301-3/+3
|
* Replace M_ASN1_IA5STRING_(new|free) with ASN1_IA5STRING_(new|free). Samejsing2015-09-303-9/+9
| | | | with one s/M_ASN1_VISIBLESTRING_new/ASN1_VISIBLESTRING_new/.
* Replace M_ASN1_GENERALIZEDTIME_(new|free) withjsing2015-09-303-7/+7
| | | | ASN1_GENERALIZEDTIME_(new|free).
* s/M_ASN1_TIME_free/ASN1_TIME_free/jsing2015-09-302-7/+7
|
* Replace M_ASN1_INTEGER_(new|free) with ASN1_INTEGER_(new|free) - this isjsing2015-09-3012-41/+41
| | | | | | | different from the macro expansion, but the result is the same. Also replace some ASN1_STRING_dup() with ASN1_INTEGER_dup(). ok beck@ doug@
* Remove unnecessary type assignments - M_ASN1_INTEGER_new() already setsjsing2015-09-301-3/+1
| | | | | | the type to V_ASN1_INTEGER. ok doug@
* Remove support for NO_ASN1_TYPEDEFS.doug2015-09-301-21/+1
| | | | | | | This ifdef was introduced 15 years ago and was known to cause problems with STACK_OF() back then. ok jsing@, beck@, jca@
* Replace remaining M_ASN1_BIT_STRING_(new|free) macros with calls tojsing2015-09-293-9/+9
| | | | | | ASN1_BIT_STRING_(new|free). ok beck@ doug@
* remove excessive brackets on pointer mathderaadt2015-09-281-8/+8
|
* Redo 1.25, without the NULL deref.miod2015-09-271-22/+31
| | | | ok sthen@ bcook@
* bump to 2.3.1bcook2015-09-271-3/+3
|
* Use ASN1_item_dup() instead of ASN1_dup().jsing2015-09-262-7/+5
| | | | ok bcook@
* We don't need no stinking "EXAMPLE OF THE DSA" or README (the credits arejsing2015-09-262-126/+0
| | | | | | already in the code). ok beck@ miod@
* typos in documentation; better wording, suggested by jmc@libressl-v2.3.0sobrado2015-09-2226-45/+45
| | | | ok jmc@
* avoid void * pointer arithmeticbcook2015-09-181-2/+2
| | | | ok miod@
* Revert bn_print.c:r1.25 ("handle negative-zero in BN_bn2dec() too") forsthen2015-09-181-31/+22
| | | | now, it has a NULL deref. Segfault reported by Mikolaj Kucharski, ok bcook
* Remove more EVP_sha() SHA-0 references.bcook2015-09-172-4/+3
|
* Re-add missing comma from SHA-0 removal which breaks mlinks generation.sthen2015-09-171-1/+1
| | | | Worked out by bcook@
* include stdint.h for uint64_tbcook2015-09-171-1/+2
| | | | noted by Bernard Spil
* Add support for disabling certificate and CRL validity checking.jsing2015-09-142-11/+15
| | | | | | Loosely based on changes in OpenSSL. ok beck@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-23 19:34:46 +0000