summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Make sure srp_Calc_k() digest operations are checked for error; frommiod2014-07-101-9/+17
| | | | Florian Zumbiehl (florz , florz . de) on tech@
* Make sure SRP_Calc_client_key() returns NULL instead of a pristine BN_new()miod2014-07-101-4/+9
| | | | upon error; from Florian Zumbiehl (florz , florz . de) on tech@
* Nuke OPENSSL_NONPIC_relocated since nothing uses it.jsing2014-07-102-4/+2
| | | | ok miod@
* Kill a blatantly outdated (and now wrong) commentmiod2014-07-101-4/+1
|
* Try and fix the horrible coding style of the example code snippets.miod2014-07-107-178/+201
|
* Stop including standard headers via cryptlib.h - pull in the headers thatjsing2014-07-10134-210/+453
| | | | | | are needed in the source files that actually require them. ok beck@ miod@
* Remove empty sections and references to des_modes(7) which we don't have.miod2014-07-1022-73/+4
|
* Fewer lies, also do not document DES_3cbc_encrypt anymore.miod2014-07-101-22/+6
|
* Features introduce in OpenSSL 0.9.8 do not deserve their own section.miod2014-07-101-21/+19
| | | | | Instead, fold their description in the main documentation, and update the history section to mention them as well.
* Attempt to (incompletely) document EVP_aes_*().miod2014-07-103-10/+15
| | | | | | | | | When EVP_des_cbc() was suggested, suggest EVP_aes_256_cbc() instead. Remove mention of EVP_des_ede3_cbc() being the algorithm of choice for S/MIME. Don't mention US-export limited RC2 algorithms, you'd better not know about them.
* RSA_setup_blinding() gets a BN with BN_CTX_get(), returns `out of memory'miod2014-07-101-6/+1
| | | | | | | | if it fails, then never uses it anymore, and may invoke a function which needs more than one BN from the BN_CTX anyway, so this is pointless - remove the BN_CTX_get() call and the test. ok jsing
* make asn1 free safe to call with null pointers of any type.tedu2014-07-101-4/+3
| | | | ok jsing miod
* One sure hopes that OPENSSL_cleanse will:jsing2014-07-101-2/+2
| | | | /* Clear password from memory */
* Remove #if 0 code which dumps your data to stdout.miod2014-07-101-9/+1
|
* Tweak some comments. We do not really need to know that "New!" flags werejsing2014-07-101-9/+8
| | | | added 10+ years ago (they're kinda somewhat stale by now...)
* Stop playing with the RSA_FLAG_BLINDING flag. It does nothing.jsing2014-07-101-3/+1
| | | | ok miod@
* delete some casts. ok miodtedu2014-07-1012-35/+35
|
* Missing allocation checks and potential NULL pointer dereference in themiod2014-07-101-7/+15
| | | | error path in PEM_X509_INFO_read_bio(); ok guenther@ jsing@
* Remove RSA_FLAG_NO_EXP_CONSTTIME, which was deprecated 12+ years ago.jsing2014-07-101-13/+1
| | | | | | sthen@ confirmed that no ports are referencing it. ok miod@.
* Remove DEBUG_KEYGEN and DEBUG_DECRYPT support.miod2014-07-102-49/+2
|
* replace getservbyname_r with getaddrinfo for portabilitybcook2014-07-101-6/+11
| | | | ok jsing@
* Remove bogus preprocessor statements trying to pick the largest integermiod2014-07-104-32/+4
| | | | | | | | type for BF_LONG, MD[45]_LONG and SHA_LONG. First, the preprocessor symbols they check for a 64-bit system is __ILP64__ which no sane system provides; second, on the platforms which have assembler code to speed things up, the assembler code assumes a 32-bit type will be used.
* BN_free, BN_clear_free, BN_CTX_free, BN_BLINDING_free and BN_MONT_CTX_freejsing2014-07-106-55/+32
| | | | | | all have implicit NULL checks, so we do not need them here. ok miod@
* Use a while loop instead of an ifdowhile loop.jsing2014-07-102-12/+10
| | | | ok miod@ tedu@
* include <limits.h> for LONG_MIN/LONG_MAX.bcook2014-07-091-2/+2
| | | | | | | Also remove <sys/filio.h> added from previous commit. This was the wrong way to get FIONBIO. ok jsing@
* ASN1_STRING_free can handle NULL, so callers don't need to check. ok miodtedu2014-07-095-27/+17
|
* reset host, port, path to null after freeing so the caller doesn'ttedu2014-07-091-1/+4
| | | | | accidentally free them again. actually a bug in the caller and (hey hey) apps/ocsp.c has exactly that bug, but it's easier/safer to fix here.
* stale prototypetedu2014-07-091-2/+1
|
* Make comments readable.jsing2014-07-091-27/+33
|
* More KNF.jsing2014-07-0919-322/+331
|
* KNF.jsing2014-07-092-123/+108
|
* ocsp_check_ids says "If algoritm mismatch let caller deal with it" beforetedu2014-07-091-6/+1
| | | | | | returning 2. The one and only caller doesn't check for that, so... Stop returning it. ok miod
* Update to match the current state of crypto/rand, and remove MLINKS formiod2014-07-095-101/+16
| | | | RAND_event and RAND_screen.
* Remove mention that the PRNG needs to be seeded before invoking somemiod2014-07-0913-35/+4
| | | | functions.
* Unifdef -UPKCS_TESTVECT - we don't want the random data used in OAEP paddingmiod2014-07-091-6/+1
| | | | to get overwritten by a known value, ever.
* {malloc,reallocarray} + memset(,0,) -> callocmiod2014-07-092-7/+5
| | | | ok tedu@
* Replace memset(a, 0, ...); free(a); by explicit_bzero(a, ...); free(a); inmiod2014-07-091-2/+2
| | | | | | | fear a smartass-optimizing compiler decides memset is useless immediately before free(). ok jsing@ deraadt@ tedu@
* Remove leading underscore from _BYTE_ORDER and _{LITTLE,BIG}_ENDIAN, to bemiod2014-07-0910-58/+58
| | | | | more friendly to systems where the underscore flavours may be defined as empty. Found the hard way be bcook@; joint brainstrom with bcook beck and guenther
* miod@ fixed the "bug" so remove reference to it in the man pod^Wpage.jsing2014-07-091-5/+0
|
* add <sys/filio.h> header for FIONBIObcook2014-07-091-1/+2
| | | | ok beck@
* Simplify error path of DH_check_pub_key()miod2014-07-091-8/+4
|
* KNFmiod2014-07-099-567/+599
|
* remove unused variables getentropy for OS Xbcook2014-07-092-6/+6
| | | | ok beck@
* cast ASN1_STRING (unsigned char *) to match strlcat's argument (char *)bcook2014-07-091-2/+2
| | | | ok beck@
* remove unused, private version strings except SSL_version_strbcook2014-07-0933-162/+32
| | | | | | Also remove unused des_ver.h, which exports some of these strings, but is not installed. ok miod@ tedu@
* Make use of this wonderful modern C construct known as a `switch', instead ofmiod2014-07-091-11/+17
| | | | 8-line if() tests.
* KNFmiod2014-07-0911-906/+939
|
* Kill more FIPS tentacles by removing the private_AES_set_{enc,dec}rypt_key()miod2014-07-098-84/+60
| | | | | | | | internal interfaces, and promoting them to being the public AES_set_{enc,dec}rypt_key() interfaces. In non-FIPS mode, these public interfaces were directly calling the private ones. ok guenther@ jsing@
* Be more strict in RSA_padding_check_X931(), and thus avoid a possiblemiod2014-07-091-2/+2
| | | | | memcpy() with a negative size. ok tedu@
* In the old days (not in this century), SSLeay 0.4.5 would create X.509 RSAmiod2014-07-091-14/+3
| | | | | | | | | signatures using the wrong oid for the signature type. The signature verification code has thus been modified to allow these signatures to be accepted, with a printf to stderr to notify the user something was fishy. Remove this chunk; these signatures will no longer get accepted. ok deraadt@ guenther@ jsing@ tedu@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-26 18:26:32 +0000