summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Split EVP_aes_128_cbc(3) out of EVP_EncryptInit(3):schwarze2019-03-184-74/+322
| | | | | | | | | | | | both resulting pages are still long. Mention a number of missing functions. Add some text from the OpenSSL 1.1.1 EVP_aes.pod manual page, which is still under a free license. Add missing HISTORY information. Triggered by tb@ providing EVP_aes_{128,192,256}_wrap(3) in evp.h rev. 1.74.
* Document SM4; related to evp.h rev. 1.73.schwarze2019-03-184-6/+93
|
* Expand the ERR_PACK() macro to ERR_REASON() for consistency.tb2019-03-181-2/+2
| | | | No binary change.
* In evp.h rev. 1.75, tb@ provided EVP_PKEY_get0_hmac(3).schwarze2019-03-181-3/+29
| | | | | | | | | Document it. Even though OpenSSL muddles the waters by lumping the description together with the other EVP_PKEY_get0_*() functions, describe it separately because a char * has no reference count and because the function fills in an additional length parameter.
* bump minors after symbol additiontb2019-03-171-1/+1
|
* Provide EVP_PKEY_get0_hmac(). From OpenSSL 1.1.1 which is stilltb2019-03-174-3/+23
| | | | | | freely licensed. From jsing
* Provide EVP_aes_{128,192,256}_wrap(). This is a compatibletb2019-03-176-6/+174
| | | | | | | | | | | | | implementation based on the one in OpenSSL 1.0.2r which is still freely licensed. The functions are undocumented in OpenSSL. To use them, one needs to set the undocumented EVP_CIPHER_CTX_FLAG_WRAP_ALLOW flag on the EVP_CIPHER_CTX. resolves #505 ok jsing
* Add the SM4 block cipher from the Chinese standard GB/T 32907-2016.tb2019-03-178-3/+479
| | | | | | | | This is an ISC licensed version based on the sources by Ribose Inc that were ported to OpenSSL in 2017. Patch from Daniel Wyatt with minor tweaks. ok inoguchi, jsing
* Document the return values of X509_delete_ext(3) and X509_add_ext(3).schwarze2019-03-151-11/+15
| | | | | | From Viktor Dukhovni via OpenSSL commit 0df65d82 Jun 12 11:51:53 2018 -0400 which is still under a free license because it is before the 1.1.1 branch point. While here, add several missing const qualifiers.
* OpenSSL documents the macro OPENSSL_VERSION_TEXT since Sep 24, 2018;schwarze2019-03-151-4/+7
| | | | so mention it here, too.
* Document OCSP_basic_verify(3).schwarze2019-03-151-5/+75
| | | | | | From David dot von dot Oheimb at siemens dot com via OpenSSL commit b8c32081 Feb 10 15:45:11 2018 +0100, which is still under a free license because it is before the 1.1.1 branch point.
* Fix a number of ASN1_INTEGER vs ASN1_STRING mixups coming from thetb2019-03-135-13/+11
| | | | | | | | | | | mechanical M_ASN1 macro expansion. The ASN1_INTEGER_cmp function takes signs into account while ASN1_STRING_cmp doesn't. The mixups mostly involve serialNumbers, which, in principle, should be positive. However, it is unclear whether that is checked or enforced anywhere in the code, so these are probably bugs. Patch from Holger Mikolon ok jsing
* add a comment to format-pem.pl documenting typical steps to updatesthen2019-03-131-1/+9
| | | | cert.pem from Mozilla NSS.
* Backport support for probing ARMv8 HW acceleration capabilities on armv7patrick2019-03-133-32/+121
| | | | | | in preparation for adding support for the probing code for arm64. ok bcook@
* fix some cases of spaces before full stops, where none were neccessary;jmc2019-03-101-3/+3
|
* rename CRYPTO_set_locking_callback.3 to CRYPTO_lock.3schwarze2019-03-102-4/+4
| | | | | | | because CRYPTO_set_locking_callback() is now a no-op and was never documented in the first place; no text change; requested by jmc@ long ago
* delete functions from the manual page that do nothing in LibreSSLschwarze2019-03-103-318/+87
| | | | | | | and that don't do anything in OpenSSL either; no significant amount of text remains from OpenSSL, so change the Copyright information and license of CRYPTO_set_locking_callback.3; OK inoguchi@ jmc@
* Typo in comment.tb2019-03-061-2/+2
| | | | From Holger Mikolon
* Fix OID for sm3WithRSAEncryption which was apparently mixed uptb2019-03-021-1/+1
| | | | | | with the OID for SM2 signing with SM3. From Daniel Wyatt
* instead of calling abort() for 3 "must not use anymore" interfaces,deraadt2019-01-291-7/+4
| | | | | | call OPENSSL_assert() with the specific message, which due to recent changes will end up syslog :) ok jsing
* Recent discussions about abort() potentially leaving key material inderaadt2019-01-261-5/+8
| | | | | | | | core files (which can depend upon various file layouts) have resonated with my hate for this function outside a purely debugging context. I also dislike how the report goes to stderr which may get lost or ignored. Increase the noise (with syslog_r) and use _exit(1) to gaurantee termination. ok jsing
* No need to include <bsd.prog.mk> here.tb2019-01-231-2/+1
| | | | ok bcook
* bump minors after symbol additiontb2019-01-221-1/+1
|
* Add missing symbols from the EC_KEY_METHOD port.tb2019-01-221-0/+8
| | | | Reported by bcook and sthen
* add support for xchacha20 and xchacha20-poly1305dlg2019-01-227-8/+208
| | | | | | | xchacha is a chacha stream that allows for an extended nonce, which in turn makes it feasible to use random nonces. ok tb@
* lenght -> lengthjsg2019-01-212-3/+3
|
* Fix BN_is_prime_* calls in libcrypto, the API returns -1 on error.tb2019-01-203-18/+35
| | | | | | | From BoringSSL's commit 53409ee3d7595ed37da472bc73b010cd2c8a5ffd by David Benjamin. ok djm, jsing
* spelling;jmc2019-01-191-2/+2
|
* In evp.h rev. 1.71, tb@ added EVP_ENCODE_CTX_new(3) andschwarze2019-01-191-4/+38
| | | | | EVP_ENCODE_CTX_free(3). Docomuent them, in part using text from OpenSSL that was still published under a free license.
* bump minors after symbol additiontb2019-01-191-1/+1
|
* provide EVP_ENCODE_CTX_{new,free}().tb2019-01-193-2/+18
| | | | ok jsing
* $OpenBSD$tb2019-01-192-0/+2
|
* Partial port of EC_KEY_METHOD from OpenSSL 1.1.tb2019-01-193-12/+12
| | | | | | | Pass const method to EC_KEY_METHOD_get_*() to get rid of an XXX. from markus
* Partial port of EC_KEY_METHOD from OpenSSL 1.1.tb2019-01-199-63/+213
| | | | | | This commit adds missing API for ECDH/ECDSA_verify. from markus
* Partial port of EC_KEY_METHOD from OpenSSL 1.1.tb2019-01-1916-56/+659
| | | | | | | This commit adds init/free, support for signing, setting and getting the method, engine support as well as extra data. from markus
* correct article;jmc2019-01-022-6/+6
|
* Make AES CCM available in tables.tb2018-12-261-1/+4
| | | | | | Omission reported by reyk and Alice Wonder. ok bcook jsing
* Make this page much more readable by deleting as much text as possibleschwarze2018-12-241-28/+9
| | | | | | | | | about functions that are deprecated, identical to other functions, and never made sense in the first place. As deraadt@ points out, we should not hide the information that matters in a heap of clutter. It would waste reader's time and make confusion and accidental misuse more likely. OK deraadt@ jmc@
* EVP_MD_CTX_cleanup() is deprecated and doesn't free, so recommend usingtb2018-12-234-12/+12
| | | | | | EVP_MD_CTX_free() instead if the goal is to avoid leaking memory. From my corresponding upstream commit, reminded by schwarze
* Document EVP_PKEY_new_mac_key(3);schwarze2018-12-221-8/+50
| | | | | from Matt Caswell <matt at openssl dot org> via OpenSSL commit d45a97f4 Mar 5 17:41:49 2018 +0000.
* Delete irrelevant HISTORY details. Simply use BN_rand(3); thereschwarze2018-12-221-12/+2
| | | | | | | is no need to know at which time BN_pseudo_rand(3) was made the same as BN_rand(3). Considering that question might even mislead people to attempt ill-advised #ifdef'ing. Pointed out by deraadt@.
* The wrong header file was given for EVP_PKEY_CTX_set_signature_md(3).schwarze2018-12-211-13/+69
| | | | | | | | | | | | | Also clarify to which algorithms it applies. From Matt Caswell <matt at openssl dot org> via OpenSSL commit d45a97f4 Mar 5 17:41:49 2018 +0000. Document EVP_PKEY_CTX_get_rsa_padding(3), EVP_PKEY_CTX_get_rsa_pss_saltlen(3), EVP_PKEY_CTX_set_rsa_mgf1_md(3), and EVP_PKEY_CTX_get_rsa_mgf1_md(3). From Antoine Salon <asalon at vmware dot com> via OpenSSL commit 87103969 Oct 1 14:11:57 2018 -0700 from the OpenSSL_1_1_1-stable branch, which is still under a free license.
* Document the ECDSA_SIG_new(3) return value.schwarze2018-12-211-2/+10
| | | | | | Inspired by OpenSSL commit 6da34cfb Jun 2 16:17:32 2018 -0400 by Ken Goldman <kgoldman at us dot ibm dot com>, but use the same wording as in ASN1_item_new(3) instead.
* Clarify behaviour of DH_get0_pqg(3) and DH_get0_key(3) with NULL arguments;schwarze2018-12-211-4/+19
| | | | | from <Matthias dot St dot Pierre at ncp dash e dot com> via OpenSSL commit 5777254b May 27 09:07:07 2018 +0200.
* grammar and style fixes from wesinator at githubschwarze2018-12-211-13/+14
| | | | via OpenSSL commit 521738e9 Oct 5 14:58:30 2018 -0400
* Since OpenBSD 6.1, BN_pseudo_rand*(3) does the same as BN_rand*(3).schwarze2018-12-211-10/+18
| | | | | Say so, and note that OpenSSL followed suit in 1.1.0 according to OpenSSL commit 5ecff87d Jun 21 13:55:02 2017 +0100.
* Mention that some functions call BN_GENCB_call(3) with a secondschwarze2018-12-211-4/+15
| | | | | argument of 3; from Beat Bolli <dev at drbeat dot li> via OpenSSL commit bd93f1ac Jul 28 16:45:22 2018 -0400.
* Correctly describe the return values of BN_hex2bn(3) and BN_dec2bn(3).schwarze2018-12-191-5/+8
| | | | | | Inspired by OpenSSL commit a130950d Aug 23 12:06:41 2017 -0400 by Rich Salz <rsalz at openssl dot org>, but using a more explicit wording, and fixing *both* places rather than only half of them.
* Specify the return values of some of these functions more precisely;schwarze2018-12-191-15/+16
| | | | | | | | inspired by OpenSSL commit 1f13ad31 Dec 25 17:50:39 2017 +0800 by Paul Yang <yang sot yang at baishancloud dot com>, but without creating a RETURN VALUES section because that makes no sense here: it would either result in a confusing order of information or in duplicate information.
* typo;schwarze2018-12-191-4/+5
| | | | | from Jakub Wilk <jwilk at jwilk dot net> via OpenSSL commit a21285b3 Aug 21 18:30:34 2018 +0200
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-25 13:48:28 +0000