summaryrefslogtreecommitdiff
path: root/src/lib (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Mark EC_KEY_{get,insert}_method_data() for removaltb2023-04-161-1/+5
| | | | | | | This is unused and in the way of some house keeping. Thus it will be relocated to the attic. ok jsing
* Mark TS_VERIFY_CTX_init() for removaltb2023-04-161-1/+3
| | | | | | | With opaque TS_VERIFY_CTX the init function dangerous and useless. It will be dropped. ok jsing
* Prepare addition of X509_STORE_CTX_get1_{certs,crls}(3)tb2023-04-162-2/+27
| | | | | | | | | | | | | | | X509_STORE_get1_{certs,crls}(3) was added to the OpenSSL 1.1 API with the usual care. At some point later it was noticed that they didn't deal with an X509_STORE at all, but rather with an X509_STORE_CTX, so were misnamed. The fact that X509_STORE_CTX and X509_STORE have their roles reversed when compared to other FOO vs FOO_CTX in this API may or may not be related. Anyway, the X509_STORE versions will be demoted to compat defines and the X509_STORE_CTX will be added to match OpenSSL 1.1 API more closely. This was pointed out by schwarze a long time ago and missed in a few bumps. Hopefully we'll manage to do it this time around. ok jsing
* Mark remaining policy tree public API for removaltb2023-04-162-3/+19
| | | | ok jsing
* Annotate policy tree STACK_OF() goo for removal from public APItb2023-04-161-1/+4
| | | | ok jsing
* The policy tree types become internal ony. Annotate them.tb2023-04-161-1/+7
| | | | ok jsing
* Cipher text stealing will go away. Mark it for removal.tb2023-04-161-1/+3
| | | | ok jsing
* Mark proxy policy API for removal in upcoming bumptb2023-04-161-1/+5
| | | | ok jsing
* Remove the now unused ex_pcpathlen from the X509 structtb2023-04-161-2/+1
| | | | ok jsing
* More ProxyCertInfo tentacles go to the attictb2023-04-162-65/+6
| | | | | | | | This removes ProxyCertInfo from extension caching, issuer checking and it also drops the special path validation for proxy certs from the legacy verifier. ok jsing
* Remove some dead code from the new verifiertb2023-04-161-7/+1
| | | | | | | | | The new verifier API is currently unused as we still operate the verifier in legacy mode. Therefore ctx->xsc is always set and the EXFLAG_PROXY will soon be dropped from the library, so this error on encountering proxy certs is effectively doubly dead code. ok jsing
* Drop support for the ProxyCertInfo extensiontb2023-04-161-3/+2
| | | | | | | | This removes the ProxyCertInfo extension from RFC 3820 from the list of supported extensions. Since it is a critical extension, this means that certificates containing it will no longer be considered valid by default. ok jsing
* Make pcy_int.h pull in x509_local.h it will need it soontb2023-04-161-1/+4
| | | | ok jsing
* Use size_t rather than int.jsing2023-04-152-13/+13
| | | | Also buy a vowel for rsiz.
* Add SHA3 digest length define that was previously missed.jsing2023-04-151-1/+2
|
* Remove sha3() function, which will not be used or exposed.jsing2023-04-152-16/+2
|
* Mark sha3_keccakf() as static and remove prototype from header.jsing2023-04-152-5/+3
|
* Use memset() to zero the context, instead of zeroing manually.jsing2023-04-151-5/+3
|
* Provide SHA3 length related defines.jsing2023-04-151-1/+27
| | | | | These will make EVP integration easier, as well as being used in the SHA3 implementation itself.
* Use the same byte order tests as we do elsewhere in libcrypto.jsing2023-04-151-3/+5
|
* Adjust documentation of X9.31 padding modetb2023-04-151-6/+6
|
* Stop supporting the long-retired X9.31 standardtb2023-04-152-113/+57
| | | | | | | | This isolates the three API functions from the library so they can be easily removed and any attempt to use RSA_X931_PADDING mode will now result in an error. ok jsing
* Prepare rsa.h for X9.31 support removaltb2023-04-151-1/+5
| | | | | | | | | | This wraps the three public functions in the usual #if stanza. RSA_X931_PADDING is unfortunately exposed by rust-openssl and erlang. Therefore it will remain visible to avoid breaking the build of lang/rust. Its use in the library will be neutered shortly. ok jsing
* Remove now unused GF2m perlasm generatorstb2023-04-153-980/+0
|
* Rename SHA3 context struct field from 'st' to 'state'.jsing2023-04-152-15/+15
|
* Rename SHA3 context to align with existing code.jsing2023-04-152-14/+14
|
* Move some defines out of the sha3_internal.h header.jsing2023-04-152-10/+6
|
* Stop building GF2m assemblytb2023-04-153-8/+2
| | | | | | | GF2m support will be removed shortly. In the interim drop some of this unused code already and let it fall back to the C implementation. ok jsing
* Revise header guards.jsing2023-04-151-4/+4
|
* Pull constant tables out of sha3_keccakf().jsing2023-04-151-24/+24
|
* Strip and reformat comments.jsing2023-04-152-44/+14
| | | | | Remove various comments that are unhelpful or obvious. Reformat remaining comments per style(9).
* Apply style(9) (first pass).jsing2023-04-152-146/+152
|
* Import sha3_internal.h.jsing2023-04-151-2/+2
|
* Add license to sha3 files.jsing2023-04-152-0/+50
|
* Import tiny_sha3jsing2023-04-152-0/+238
| | | | | | This is a minimal and readable SHA3 implementation. ok tb@
* Rename the largely misnamed bn_print.c to bn_convert.cjsing2023-04-142-3/+3
| | | | | | | | This file primarily contains the various BN_bn2*() and BN_*2bn() functions (along with BN_print() and BN_options()). More function shuffling will follow. Discussed with tb@
* Provide and use bn_copy_words() in BN_copy().jsing2023-04-141-31/+15
| | | | | | | | This is simpler than the current code, while still being well optimised by compilers, across a range of architectures. In many cases we even get a performance gain for the BN sizes that we primarily care about. Joint work with tb@
* Add support for truncated SHA512 variants.jsing2023-04-142-2/+115
| | | | | | | This adds support for SHA512/224 and SHA512/256, as specified in FIPS FIPS 180-4. These are truncated versions of the SHA512 hash. ok tb@
* Provide soon to be used crypto_store_htobe32().jsing2023-04-141-1/+20
| | | | ok tb@
* Use memset() and only initialise non-zero struct members.jsing2023-04-141-7/+7
| | | | ok tb@
* The NBs have been duly noted and ignored. Drop them.tb2023-04-132-20/+2
|
* Zap trailing whitespacetb2023-04-131-9/+9
|
* Remove files that definitely contain no code anymoretb2023-04-135-354/+0
| | | | (experts disagree whether they ever did)
* Drop now useless files from the Makefiletb2023-04-131-6/+1
|
* Fold ECDSA sign and verify mess into ecs_ossl.ctb2023-04-133-63/+68
| | | | discussed with jsing
* Move RSA_generate_key() from rsa_depr.c to rsa_gen.ctb2023-04-132-34/+35
| | | | Discussed with jsing
* Move DSA_generate_parameters() from dsa_depr.c to dsa_gen.ctb2023-04-132-21/+23
| | | | Discussed with jsing
* Move DH_generate_parameters() from dh_depr.c to dh_gen.ctb2023-04-132-20/+21
| | | | discussed with jsing
* ec_lib.c: fix a few NULL misspellingstb2023-04-131-6/+6
|
* Fix various early return issues spotted by coveritytb2023-04-131-13/+13
| | | | | | | A large mechanical diff led to sloppy review and gave coverity an opportunity to be right for once. First time in a good many weeks. same diff/ok jsing
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-27 22:11:37 +0000