summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto (follow)
Commit message (Collapse)AuthorAgeFilesLines
* X509_GET_PUBKEY(3) return value check in libcryptoinoguchi2022-01-221-3/+4
| | | | | | | | CID 25131 ok beck@ tb@ suggest using X509_REQ_get0_pubkey() and remove the EVP_PKEY_free() from tb@
* X509_GET_PUBKEY(3) return value check in libcryptoinoguchi2022-01-221-3/+3
| | | | | | ok beck@ tb@ suggest using X509_get0_pubkey() and remove EVP_PKEY_free() from tb@
* X509_GET_PUBKEY(3) return value check in libcryptoinoguchi2022-01-222-4/+7
| | | | ok beck@ tb@
* Add check for EVP_CIPHER_CTX_ctrlinoguchi2022-01-201-4/+6
| | | | suggestion from tb@
* Add check for EVP_CIPHER_CTX_set_key_length return valueinoguchi2022-01-201-2/+3
| | | | | | CID 21653 ok jsing@ millert@ tb@
* Add check for OBJ_nid2obj return valueinoguchi2022-01-201-2/+3
| | | | input from tb@
* Add check for ASN1_INTEGER_setinoguchi2022-01-201-2/+3
| | | | | | CID 24893 ok jsing@ millert@ tb@
* Fix check for BN_mod_inverse_ct return valueinoguchi2022-01-205-13/+13
| | | | ok jsing@ millert@ tb@
* Add check for BN_sub return valueinoguchi2022-01-201-2/+3
| | | | | | CID 24839 ok jsing@ millert@ tb@
* Add check for BIO_indent return valueinoguchi2022-01-201-2/+3
| | | | | | CID 24778 ok jsing@ millert@ tb@
* Add check for BIO_indent return valueinoguchi2022-01-201-3/+5
| | | | | | CID 24812 ok jsing@ millert@ tb@
* Add check for EVP_CIPHER_CTX_set_key_length return valueinoguchi2022-01-201-2/+2
| | | | | | It returns 1 on success and 0 for failure, never negative value. ok jsing@ millert@ tb@
* Add and fix check for BN functions return valueinoguchi2022-01-201-4/+5
| | | | ok jsing@ millert@ tb@
* Add check for BN functions return valueinoguchi2022-01-201-3/+5
| | | | | | | CID 21665 24835 comment from jsing@ and tb@ ok jsing@ millert@ tb@
* Add check for BIO_indent return valueinoguchi2022-01-201-2/+3
| | | | | | CID 24869 ok jsing@ millert@ tb@
* Document the bizarre fact that {CMS,PCKS7}_get0_signers() needs sometb2022-01-192-4/+12
| | | | | | | | | | | freeing of what they return despite being get0 functions: the stack of X509s that they return must be freed with sk_X509_free(). The get0 thus probably refers to the individual certs, but not to the stack itself. The libcrypto and libssl APIs never cease to amaze with new traps. ok inoguchi
* Check return value from EVP_CIPHER_CTX_new in cms_pwri.cinoguchi2022-01-191-2/+4
| | | | | | CID 345137 ok jsing@ tb@
* spellingjsg2022-01-1510-33/+33
| | | | ok tb@
* Add back an accidentally dropped .Pptb2022-01-151-1/+2
|
* Update for HMAC_CTX_{init,cleanup} hand HMAC_cleanup removaltb2022-01-151-50/+2
|
* Stop documenting clone digests.tb2022-01-153-47/+7
|
* Minor cleanup and simplification in dsa_pub_encode()tb2022-01-151-15/+8
| | | | | | | | | This function has a weird dance of allocating an ASN1_STRING in an inner scope and assigning it to a void pointer in an outer scope for passing it to X509_PUBKEY_set0_param() and ASN1_STRING_free() on error. This can be simplified and streamlined. ok inoguchi
* Avoid buffer overflow in asn1_parse2inoguchi2022-01-141-2/+2
| | | | | | | | | | | | asn1_par.c r1.29 changed to access p[0] directly, and this pointer could be overrun since ASN1_get_object advances pointer to the first content octet. In case invalid ASN1 Boolean data, it has length but no content, I thought this could be happen. Adding check p with tot (diff below) will avoid this failure. Reported by oss-fuzz 43633 and 43648(later) ok tb@
* bump libcrypto, libssl, libtls majors after struct visibility changestb2022-01-141-1/+1
| | | | and Symbol addition and removal in libcrypto.
* Update Symbols.listtb2022-01-141-49/+190
| | | | ok inoguchi
* Unconditionally comment out OPENSSL_NO_RFC3779tb2022-01-141-3/+1
| | | | ok inoguchi jsing
* Remove header guard around RFC 3779 declarationstb2022-01-141-3/+1
| | | | ok inoguchi jsing
* Expose Certificate Transparency symbols in headerstb2022-01-143-11/+3
| | | | ok inoguchi jsing
* Hide OBJ_bsearch_ from public visibility,tb2022-01-141-84/+4
| | | | | | | | | This removes OBJ_bsearch_ex_() from the exported symbols and makes OBJ_bsearch_() semi-private. It is still used in libssl. While here, remove some hideous unused macros ok inoguchi jsing
* Move ASN1_BOOLEAN to internal only.tb2022-01-142-5/+5
| | | | | | | This moves {d2i,i2d}_ASN1_BOOLEAN() to internal only. They are unused, but help us testing the encoding. ok jsing
* Remove check_defer and obj_cleanup_defer from public visibilitytb2022-01-141-1/+3
| | | | ok inoguchi jsing
* Remove name_cmp from public visibilitytb2022-01-142-2/+3
| | | | ok inoguchi jsing
* Remove all asn1_* symbols from public visibilitytb2022-01-142-18/+18
| | | | ok inoguchi jsing
* Implement new-style OpenSSL BIO callbackstb2022-01-1415-145/+266
| | | | | | | | | | This provides support for new-style BIO callbacks in BIO_{read,write,gets,puts}() and a helper function to work out whether it should call the new or the old style callback. It also adds a few typedefs and minor code cleanup as well as the BIO_{get,set}_callback_ex() from jsing, ok tb
* Remove legacy sign/verify from EVP_MD.tb2022-01-1420-657/+62
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | This removes m_dss.c, m_dss1.c, and m_ecdsa.c and the corresponding public API EVP_{dss,dss1,ecdsa}(). This is basically the following OpenSSL commit. The mentioned change in RSA is already present in rsa/rsa_pmeth.c. ok inoguchi jsing commit 7f572e958b13041056f377a62d3219633cfb1e8a Author: Dr. Stephen Henson <steve@openssl.org> Date: Wed Dec 2 13:57:04 2015 +0000 Remove legacy sign/verify from EVP_MD. Remove sign/verify and required_pkey_type fields of EVP_MD: these are a legacy from when digests were linked to public key types. All signing is now handled by the corresponding EVP_PKEY_METHOD. Only allow supported digest types in RSA EVP_PKEY_METHOD: other algorithms already block unsupported types. Remove now obsolete EVP_dss1() and EVP_ecdsa(). Reviewed-by: Richard Levitte <levitte@openssl.org> Plus OpenSSL commit 625a9baf11c1dd94f17e5876b6ee8d6271b3921d for m_dss.c
* Make RSA, RSA_PSS_PARAMS and RSA_METHOD opaquetb2022-01-143-83/+80
| | | | | | | Move the struct internals to rsa_locl.h and provide a missing typedef in ossl_typ.h. ok inoguchi jsing
* Make structs in ocsp.h opaquetb2022-01-142-234/+260
| | | | | | This adds a little order to this pig sty. ok inoguchi jsing
* Move ECDSA_SIG to ecs_locl.htb2022-01-142-11/+7
| | | | | | We can't make ECDSA_METHOD opaque since it is still used in smtpd(8) ok inoguchi jsing
* Simplify DSAPublicKey_ittb2022-01-144-56/+25
| | | | | | | | | | | | | | | | | | | | | | | | | This was obtained by porting the OpenSSL commit below and then using expand_crypto_asn1.go to unroll the new ASN.1 macros - actually the ones from 987157f6f63 which fixed the omission of dsa_cb() in the first commit. ok inoguchi jsing commit ea6b07b54c1f8fc2275a121cdda071e2df7bd6c1 Author: Dr. Stephen Henson <steve@openssl.org> Date: Thu Mar 26 14:35:49 2015 +0000 Simplify DSA public key handling. DSA public keys could exist in two forms: a single Integer type or a SEQUENCE containing the parameters and public key with a field called "write_params" deciding which form to use. These forms are non standard and were only used by functions containing "DSAPublicKey" in the name. Simplify code to only use the parameter form and encode the public key component directly in the DSA public key method. Reviewed-by: Richard Levitte <levitte@openssl.org>
* Make DSA opaquetb2022-01-142-65/+57
| | | | | | This moves DSA_SIG, DSA and DSA_METHOD to dsa_locl.h. ok inoguchi jsing
* Make structs in dh.h opaquetb2022-01-142-51/+44
| | | | | | This moves the struct internals for DH and DH_METHOD to dh_local.h. ok inoguchi jsing
* Garbage collect the unused OPENSSL_ITEMtb2022-01-141-10/+1
| | | | ok inoguchi jsing
* Make structs in comp.h opaquetb2022-01-143-30/+32
| | | | | | | This moves COMP_CTX and COMP_METHOD to comp_local.h and provides missing typedefs in ossl_typ.h. ok inoguchi jsing
* Make structs in bio.h opaquetb2022-01-143-61/+62
| | | | | | | Move BIO, BIO_METHOD and BIO_F_BUFFER_CTX to bio_local.h and provide BIO typedef in ossl_typ.h. ok inoguchi jsing
* Garbage collect the app_items field of ASN1_ADBtb2022-01-146-14/+6
| | | | | | | This is unused and was removed in OpenSSL 5b70372d when it was replaced with an ASN.1 ADB callback (which we don't support). ok inoguchi jsing
* Remove NO_ASN1_FIELD_NAMEStb2022-01-141-5/+1
| | | | | | This follows OpenSSL commit 26f2412d. ok inoguchi jsing
* Remove obsolete key formatstb2022-01-145-578/+3
| | | | | | | | | | This removes NETSCAPE_X509, NETSCAPE{,_ENCRYPTED}_PKEY, RSA_NET, Netscape_RSA things. Some of the nasty tentacles that could go in principle are used in some test suites, so we need to keep them... All this was removed as part of OpenSSL commit 0bc2f365. ok inoguchi jsing
* Remove ASN1_OBJECT internals from public visibility.tb2022-01-143-17/+19
| | | | | | | | Move the struct declaration to asn1_locl.h and add a forward declaration to ossl_typ.h. This makes struct visibility in the asn1 headers match OpenSSL. ok inoguchi jsing
* Remove HMAC_CTX_{init,cleanup}() and HMAC_init from public visibilitytb2022-01-142-6/+5
| | | | | | | | | | | | | | | | In OpenSSL commit 32fd54a9a3 HMAC_CTX_cleanup() was integrated into HMAC_CTX_init(), then HMAC_CTX_init() was renamed to HMAC_CTX_reset() in dc0099e1. LibreSSL retained them for API compatibility with OpenSSL 1.0. Not many things use them anymore. In fact, some projects that didn't want to modify their code for OpenSSL 1.1 API compatibility used the removed functions to wrap the OpenSSL 1.1 API. We had to patch some of these and this will now no longer be necessary. Also remove HMAC_cleanup(). Nothing uses this. ok inoguchi jsing
* Make structs in evp.h and hmac.h opaquetb2022-01-144-146/+142
| | | | | | This moves most structs to evp_locl.h and moves HMAC_CTX to hmac_local.h. ok inoguchi jsing
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-28 05:12:21 +0000