summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Group d2i/i2d function prototypes by type and add missing externs for thejsing2015-10-131-7/+12
| | | | DSAPublicKey, DSAPrivateKey and DSAparams ASN1_ITEMs.
* unifdef EVP_CHECK_DES_KEY: Ben Kaduk noticed it has a syntax error; thatguenther2015-10-122-20/+2
| | | | | | | | error was present in the original 2004 commit, so it hasn't been used in over 11 years, thus exceeding our deprecation requirements by over a decade. OpenSSL has chosen to *fix it*; we'll gladly watch it burn ok jsing@
* Rip the guts out of another gibbering horror of a time comparison function, andbeck2015-10-082-37/+24
| | | | | mark it as #ifndef LIBRESSL_INTERNAL at least we don't use this. ok jsing@
* revert previous accidental commitbeck2015-10-082-23/+36
|
* Spelling in commentbeck2015-10-083-39/+25
|
* prefer limits.h over sys/limits.hbcook2015-10-061-3/+3
| | | | ok deraadt@
* Make sure dot is not set after tz - fixes incorrect handling, which allowsjsing2015-10-051-2/+2
| | | | | | 20151005171301+1.09Z to be treated as a valid time. ok beck@
* Apply some style(9), tweak a few things for readability and add somejsing2015-10-041-36/+40
| | | | | | additional bounds checks. ok beck@
* Flense the greasy black guts of unreadble string parsing code out of three areasbeck2015-10-028-272/+334
| | | | | | | | | in asn1 and x509 code, all dealing with an ASN1_TIME. This brings the parsing together in one function that converts into a struct tm. While we are at it this also brings us into conformance with RFC 5280 for times allowed in an X509 cert, as OpenSSL is very liberal with what it allows. input and fixes from deraadt@ jsing@ guethther@ and others. ok krw@, guenther@, jsing@
* Place all of the ASN1 M_ macros under #ifndef LIBRESSL_INTERNAL.jsing2015-09-301-30/+37
|
* Expand M_i2d_ASN1_OCTET_STRING macros - no change in generated assembly,jsing2015-09-301-3/+5
| | | | aside from line numbers.
* s/M_ASN1_ENUMERATED_free/ASN1_ENUMERATED_free/jsing2015-09-301-2/+2
|
* Replace M_ASN1_ENUMERATED_(free|new) with ASN1_ENUMERATED_(free|new).jsing2015-09-301-3/+3
|
* Replace M_ASN1_OCTET_STRING_(free|new) with ASN1_OCTET_STRING_(free|new).jsing2015-09-3015-49/+49
|
* Replace M_ASN1_UTCTIME_(new|free) with ASN1_UTCTIME_(new|free).jsing2015-09-301-3/+3
|
* Replace M_ASN1_IA5STRING_(new|free) with ASN1_IA5STRING_(new|free). Samejsing2015-09-303-9/+9
| | | | with one s/M_ASN1_VISIBLESTRING_new/ASN1_VISIBLESTRING_new/.
* Replace M_ASN1_GENERALIZEDTIME_(new|free) withjsing2015-09-303-7/+7
| | | | ASN1_GENERALIZEDTIME_(new|free).
* s/M_ASN1_TIME_free/ASN1_TIME_free/jsing2015-09-302-7/+7
|
* Replace M_ASN1_INTEGER_(new|free) with ASN1_INTEGER_(new|free) - this isjsing2015-09-3012-41/+41
| | | | | | | different from the macro expansion, but the result is the same. Also replace some ASN1_STRING_dup() with ASN1_INTEGER_dup(). ok beck@ doug@
* Remove unnecessary type assignments - M_ASN1_INTEGER_new() already setsjsing2015-09-301-3/+1
| | | | | | the type to V_ASN1_INTEGER. ok doug@
* Remove support for NO_ASN1_TYPEDEFS.doug2015-09-301-21/+1
| | | | | | | This ifdef was introduced 15 years ago and was known to cause problems with STACK_OF() back then. ok jsing@, beck@, jca@
* Replace remaining M_ASN1_BIT_STRING_(new|free) macros with calls tojsing2015-09-293-9/+9
| | | | | | ASN1_BIT_STRING_(new|free). ok beck@ doug@
* remove excessive brackets on pointer mathderaadt2015-09-281-8/+8
|
* Redo 1.25, without the NULL deref.miod2015-09-271-22/+31
| | | | ok sthen@ bcook@
* bump to 2.3.1bcook2015-09-271-3/+3
|
* Use ASN1_item_dup() instead of ASN1_dup().jsing2015-09-262-7/+5
| | | | ok bcook@
* We don't need no stinking "EXAMPLE OF THE DSA" or README (the credits arejsing2015-09-262-126/+0
| | | | | | already in the code). ok beck@ miod@
* typos in documentation; better wording, suggested by jmc@libressl-v2.3.0sobrado2015-09-2226-45/+45
| | | | ok jmc@
* avoid void * pointer arithmeticbcook2015-09-181-2/+2
| | | | ok miod@
* Revert bn_print.c:r1.25 ("handle negative-zero in BN_bn2dec() too") forsthen2015-09-181-31/+22
| | | | now, it has a NULL deref. Segfault reported by Mikolaj Kucharski, ok bcook
* Remove more EVP_sha() SHA-0 references.bcook2015-09-172-4/+3
|
* Re-add missing comma from SHA-0 removal which breaks mlinks generation.sthen2015-09-171-1/+1
| | | | Worked out by bcook@
* include stdint.h for uint64_tbcook2015-09-171-1/+2
| | | | noted by Bernard Spil
* Add support for disabling certificate and CRL validity checking.jsing2015-09-142-11/+15
| | | | | | Loosely based on changes in OpenSSL. ok beck@
* Temporarily revive MD4 for MS CHAP support.doug2015-09-1411-19/+654
|
* Crank major version due to removal of SHA-0 and MD4 from libcrypto.doug2015-09-132-4/+4
|
* Remove MD4 support from LibreSSL.doug2015-09-1311-654/+19
| | | | | | | | MD4 should have been removed a long time ago. Also, RFC 6150 moved it to historic in 2011. Rides the major crank from removing SHA-0. Discussed with many including beck@, millert@, djm@, sthen@ ok jsing@, input + ok bcook@
* Remove SHA-0 support.doug2015-09-1311-326/+19
| | | | | | | SHA-0 was withdrawn shortly after publication 20 years ago and replaced with SHA-1. This will require a major crank. ok bcook@, jsing@
* Since a major bump of libcrypto is coming, remove OPENSSL_ia32cap andmiod2015-09-132-17/+2
| | | | | OPENSSL_ia32cap_loc; nothing in ports uses them besides embedded copies of OpenSSL. This opens the `all hell gets loose' window.
* Handle negative-zero in BN_bn2dec() too, just like in BN_print().deraadt2015-09-131-22/+31
| | | | ok miod
* Reorder functions for readability/consistency.jsing2015-09-131-235/+228
|
* BN does support negative-zero -- BN_print() sets the standard here.deraadt2015-09-131-3/+3
| | | | | | | BN_bn2hex() had a 1-byte overflow when creating "-0\0". Reported to me a while back by unknown person -- did not have enough experience to push this through then. advice from jsing, ok miod
* Only check for key truncation if no KDF function is being used.jsing2015-09-131-4/+4
| | | | ok beck@ miod@
* Merge ech_ossl.c into ech_key.c - not much point having one file with ajsing2015-09-133-217/+148
| | | | | | four line function and a tonne of license text. ok beck@
* Nuke openssl/e_os2.h, since nothing should be using it.jsing2015-09-131-2/+1
| | | | ok deraadt@ "hurray! finally!" miod@ "Yay!" sthen@
* Provide ECDH_size().jsing2015-09-133-4/+11
| | | | "jajaja" miod@
* Check ECDH output buffer length and avoid truncation.jsing2015-09-133-6/+16
| | | | | | | | | Currently, if you call ECDH_compute_key() it will silently truncate the resulting key if the output buffer is less than the key size. Instead, detect this condition and return an error. If the buffer provided is larger than the key length, zero the remainder. ok beck@ miod@ "+ shivers"
* Add Certplus CA root certificate:sthen2015-09-131-0/+86
| | | | | | C=FR, O=Certplus, CN=Class 2 Primary CA req by beck@, ok miod@ beck@
* Lob a style(9) grenade in here.jsing2015-09-136-181/+176
|
* Add a new interface, OPENSSL_cpu_caps(), to return the currently runningmiod2015-09-134-4/+19
| | | | | | | | | | | | | cpu's specific hardware capabilities users of libcrypto might be interested in, as an integer value. This deprecates the existing OPENSSL_ia32cap() macro and the OPENSSL_ia32cap_loc() function (which returns the pointer so that you can mess with stuff you shouldn't mess with). Interpreting the value returned by OPENSSL_cpu_caps() is, of course, machine-dependent. Minor version bump for libcrypto. ok beck@ jsing@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-20 16:52:09 +0000