summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* The OPENSSL_cleanse() in aes_gcm_cleanup() only cleans the gcm field of thejsing2014-06-151-2/+2
| | | | | | | EVP_AES_GCM_CTX, leaving the AES key untouched - clean the entire context, rather than just part of it. ok beck@ miod@
* Add more bounded attributes to the buffer and md5/sha headers in libsslavsm2014-06-143-19/+35
| | | | ok miod@
* typomiod2014-06-131-2/+2
|
* replace atoi() calls with strtol(). Follow the idiomatic pattern in ourderaadt2014-06-123-40/+97
| | | | | | | | | manual page strictly. Return -2 if the strings are not strict numbers. The numbers remain in the range of "int". Range checking for these parameters is done later in the pkey_*_ctl() functions, or sometimes in functions much further downstream... but not always!!! ok millert miod mikeb
* tags as requested by miod and teduderaadt2014-06-12690-609/+697
|
* Stop setting the EVP_MD_CTX_FLAG_NON_FIPS_ALLOW - it has been ignored sincejsing2014-06-111-1/+0
| | | | | | OpenSSL 1.0.0. ok miod@ (a little while back)
* Tsk. Tsk. Someone forgot to compile test the other half.jsing2014-06-111-2/+2
|
* Provide support for non-funopen systems.deraadt2014-06-112-10/+32
| | | | ok beck
* c-file-style hints, begone; ok beckderaadt2014-06-1145-45/+45
|
* Abandon the auto-ENGINE /dev/crypto interface. VIA 3des cbc receivesderaadt2014-06-105-1370/+3
| | | | | | | | | | | | | collateral damage. The syncronous nature of this mechanism has hampered performance for symmetric crypto relative to brute-force cpu. The assymetric crypto support never really materialized in drivers. So abandon the complexity. ok tedu beck mikeb some disagrement from djm but if he wants to test /dev/crypto ciphers he should do it without this this gigantic API in the way
* KNF.jsing2014-06-108-756/+756
|
* KNF.jsing2014-06-1011-435/+516
|
* Use C99 initialisers for EVP_MD structs, for clarity, grepability and tojsing2014-06-1011-180/+266
| | | | | | protect from future field reordering/removal. No difference in generated assembly.
* use memset instead of bzeroderaadt2014-06-091-2/+2
|
* do not include dso.h where it is not needed; ok miodderaadt2014-06-093-3/+0
|
* Stop using DSO_global_lookup to reach getaddrinfo() and friendsderaadt2014-06-081-40/+3
| | | | discussed with tedu, ok jsing
* Remove various test stubs. The good ones have been moved by jsingderaadt2014-06-0724-2907/+0
| | | | | | and others to the regress framework. These remaining ones just muddle us up when re-reading code repeatedly. ok jsing
* malloc() result does not need a cast.deraadt2014-06-0748-71/+69
| | | | ok miod
* s/assember/assembler/ before someone gets offended. At the lastderaadt2014-06-0610-15/+15
| | | | | hackathon, just saying 'ass ember' was enough to start giggles. Unfortunately far more offensive stuff remains in here...
* Fix a leak that can occur when len == 0, and as a result we leak a \0 byte.logan2014-06-041-1/+1
| | | | | | (From Frantisek Boranek) OK from miod@
* Fix memory leak.logan2014-06-031-0/+1
| | | | | | (From Martin Brejcha) OK from tedu@, miod@ and deraadt@
* A few months back there was a big community fuss regarding direct-usederaadt2014-06-028-195/+2
| | | | | | | | | | | | of the intel RDRAND instruction. Consensus was RDRAND should probably only be used as an additional source of entropy in a mixer. Guess which library bends over backwards to provide easy access to RDRAND? Yep. Guess which applications are using this support? Not even one... but still, this is being placed as a trap for someone. Send this support straight to the abyss. ok kettenis
* Clean up some of the nightmare of string and pointer arithmatic inbeck2014-06-011-52/+36
| | | | | | | | | | | | | this nasty function. This gets rid of the nasty tmp variables used to hold temporary strings and the DECIMAL_SIZE hack. it gets rid of the rather pointless null checks for buf (since the original code dereferences it before checking). It also gets rid of the insane possibility this could return -1 when stuff is using the return values to compute lengths All the failure cases now return 0 and an empty string like the first error case in the original code. ok miod@ tedu@
* realloc with NULL is same as mallocderaadt2014-06-011-4/+1
| | | | ok guenther
* There is no need for is{upper,lower}() tests before to{lower,uppper}(),deraadt2014-06-012-27/+8
| | | | | since all other characters are mapped through transparently. ok jsing
* Commit this before the head-scratching leads to premature baldness:deraadt2014-06-011-1/+1
| | | | | | | | | | | | | memset(a->data, 0, (unsigned int)a->max); but the decl is: size_t max; size_t could be larger than int, especially in some of the systems OpenSSL purports to support. How do _intentionally truncating_ casts like enter into a codebase? Lack of understanding of C, at a minimum. Generally the objects are small, but this code is _intentionally unready_ for large objects. ok miod
* Remove __bio_h__attr__ wrapper around __attribute__, since earlier statementsmiod2014-06-011-10/+4
| | | | | | in this file directly use __attribute__. ok deraadt@
* Add a deprecated attribute to all CRYPTO_dbg_ functions.miod2014-06-011-10/+10
| | | | ok deraadt@
* Avoid the use of an uninitialised variable. In reality, this is a non-issuejsing2014-06-011-2/+1
| | | | | | | since the calculated value is not actually used in the uninitialised case. Change the code so that we only do the calculation if we actually need it. Issue detected by clang and reported by both brad@ and Brent Cook.
* EBCDIC support died a while ago, except in a comment.deraadt2014-06-011-2/+0
|
* Get the public headers from the official place with <openssl/ >deraadt2014-05-316-6/+7
| | | | from Brent Cook
* annoying whitespacederaadt2014-05-311-3/+3
|
* Change the actual default for returned asn1 strings to be utf8 in the code,beck2014-05-311-1/+1
| | | | | | | rather than only in the config file, to trip people up later. Found, and fix pleaded for by <spider@skuggor.se> who apparently spent hours chasing it down. ok miod@
* Add a comment documenting where libssl depends upon the current (objectionable)miod2014-05-311-0/+1
| | | | behaviour of this code, to prevent people from blindly changing it.
* copy a comment placed in other files; req from miodderaadt2014-05-311-1/+3
|
* Move the cts128 and gcm128 tests to regress.jsing2014-05-312-459/+0
|
* Don't add potentially nasty stderr uses to dead CRYPTO_dbg_mem functions.deraadt2014-05-301-3/+3
| | | | | | | | But do use the abort(), which we are hoping all future vendors will move towards the more modern "do not flush streams"; hint hint, if you didn't do that already, there are grave risks because much software brings risk without that behaviour. We didn't cause the change.. POSIX did... ok beck
* Move sha256 and sha512 tests to regress and wire them up.jsing2014-05-302-331/+0
|
* Move the AES wrap test code into regress.jsing2014-05-301-129/+0
|
* Fix some more nasty stringyness in here by using asprintf instead of cruft.beck2014-05-301-10/+7
| | | | gets rid of the second last use of the awful DECIMAL_SIZE.
* more: no need to null check before free; ok guentherderaadt2014-05-304-4/+4
|
* more: no need for null check before freederaadt2014-05-3044-212/+103
| | | | ok tedu guenther
* remove CONST_STRICT. ok beck deraadttedu2014-05-303-14/+1
|
* no need for null check before free. from Brendan MacDonelltedu2014-05-3019-53/+27
|
* Don't write out more than we have allocated in obj_txt, as the glorybeck2014-05-301-1/+2
| | | | | that is OBJ_obj2txt() can return a larger value.. ok tedu@
* remove some of the bigger lies, as applicable to libressl.tedu2014-05-301-9/+3
|
* I do not have time to describe how bad the realloc() uses in here, nowderaadt2014-05-291-4/+2
| | | | | | | being relaced by reallocarray(). you will have to look at the diff. there can be no explanations for the extra casts. as beck says, "Don't go towards the light theo!" ok beck tedu
* ok, next pass after review: when possible, put the reallocarray argumentsderaadt2014-05-297-12/+12
| | | | in the "size_t nmemb, size_t size"
* convert 53 malloc(a*b) to reallocarray(NULL, a, b). that is 53deraadt2014-05-2923-42/+50
| | | | | | | | | potential integer overflows easily changed into an allocation return of NULL, with errno nicely set if need be. checks for an allocations returning NULL are commonplace, or if the object is dereferenced (quite normal) will result in a nice fault which can be detected & repaired properly. ok tedu
* Everything sane has stdio, and FILE *. we don't need ifdefs for this.beck2014-05-2939-165/+0
| | | | ok to firebomb from tedu@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-21 01:41:07 +0000