summaryrefslogtreecommitdiff
path: root/src (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Nuke more leftover GOST tendrils.beck2024-03-284-1499/+2
| | | | ok tb@
* Tidy includes.jsing2024-03-281-4/+4
|
* Expand HASH_* defines.jsing2024-03-281-27/+29
| | | | No change to generated assembly.
* Reorder functions.jsing2024-03-281-109/+109
| | | | No functional change.
* Inline functions from md32_common.h for ripemd.jsing2024-03-281-1/+101
| | | | No change to generated assembly.
* Fix line wrapping.jsing2024-03-281-6/+4
|
* Remove fallback files that are now always included in the build.jsing2024-03-281-5/+1
|
* Use TLS_ERROR_OUT_OF_MEMORY error code for calloc errors in libtlsjoshua2024-03-281-6/+7
| | | | ok jsing
* Move rc4.c to primary Makefile.jsing2024-03-2812-32/+14
| | | | This is now built on all platforms.
* Use C functions for RC4 public API.jsing2024-03-285-21/+52
| | | | | | | | | | | | | | Rather than having public API switch between C and assembly, always use C functions as entry points, which then call an assembly implementation (if available). This makes it significantly easier to deal with symbol aliasing/namespaces and it also means we benefit from vulnerability prevention provided by the C compiler. Rename the assembly generated functions from RC4() to rc4_internal() and RC4_set_key() to rc4_set_key_internal(). Always include rc4.c and change it to use defines that are similar to those used in BN. ok beck@ joshua@ tb@
* Fix coverity complaints.beck2024-03-281-4/+6
|
* Check the return value of EVP_CIPHER_CTX_reset()tb2024-03-281-3/+5
| | | | | | | The function call can't actually fail, but all other calls check its return value. ok joshua jsing
* Move des sources to primary Makefile.jsing2024-03-2812-35/+13
| | | | | Now that all platforms use a C des implementation, move it to the primary Makefile.
* Remove now unused des assembly.jsing2024-03-283-2630/+0
|
* Stop building the assembly implementation of des on sparc64.jsing2024-03-281-6/+2
| | | | | | This one was hiding behind an m4 script. Build tested by tb@
* Remove now unused ripemd i386 assembly.jsing2024-03-281-591/+0
|
* Stop building the assembly implementation of des and ripemd on i386.jsing2024-03-281-6/+2
| | | | | | | | This is the only architecture that has an assembly implementation for these algorithms. There is little to gain from accelerating legacy algorithms on a legacy architecture. Discussed with beck@ and tb@
* Consolidate most of the AES modes into a single C file.jsing2024-03-286-293/+70
| | | | Discussed with tb@
* PKCS#1.5 PBE: test and assigntb2024-03-281-3/+2
|
* Stop pandering to the loadbalancer industrial complex.beck2024-03-281-17/+3
| | | | | | | | | | | | | | | | | So we initially kept this hack around for f5 boxes that should have been patched in 2014, and were not as of 2017. The f5 article for the bug archived on their web site, and any of these devices on the public internet will have since been upgraded to deal with a host of record layer, TLS, and other bugs, or they likely won't be talking to modern stacks, since as of this point the software with the bug would not have been updated in 10 years. So just make this spec compliant and reject a supported groups extension that should not have been sent by a server. ok tb@ jsing@
* fix leaks in the horrible ssl whackery necessary for this test.beck2024-03-271-4/+5
| | | | ok tb@
* Fix up server processing of key shares.beck2024-03-272-13/+173
| | | | | | | | | | | | | | | | | | | Ensure that the client can not provide a duplicate key share for any group, or send more key shares than groups they support. Ensure that the key shares must be provided in the same order as the client preference order specified in supported_groups. Ensure we only will choose to use a key share that is for the most preferred group by the client that we also support, to avoid the client being downgraded by sending a less preferred key share. If we do not end up with a key share for the most preferred mutually supported group, will then do a hello retry request selecting that group. Add regress for this to regress/tlsext/tlsexttest.c ok jsing@
* Remove unused rc4 parisc assembly.jsing2024-03-272-299/+1
| | | | This is already disabled since it is "about 35% slower than C code".
* Catch the blowfish that escaped.jsing2024-03-271-2/+2
|
* Consolidate rc4 code.jsing2024-03-2712-119/+50
| | | | Discussed with tb@
* Remove assembly for stitched modes.jsing2024-03-273-1756/+1
| | | | | The stitched modes have been removed, so having assembly for them is of little use.
* Remove empty rc4_local.h include.jsing2024-03-273-10/+2
| | | | Discussed with tb@
* Remove private_RC4_set_key() from the public rc4.h header.jsing2024-03-271-2/+1
| | | | This does not exist in libcrypto.
* Unifdef BF_PTR2.jsing2024-03-272-95/+4
| | | | | | This removes the unused Intel special version of BF_ENC(). ok tb@
* Remove unused c2l/c2ln/l2c/l2cn macros.jsing2024-03-271-47/+3
|
* Consolidate blowfish code.jsing2024-03-276-639/+381
| | | | Requested by tb@
* Replace GETU32 and PUTU32.jsing2024-03-272-29/+26
| | | | | | | | Replace GETU32 with crypto_load_be32toh() and PUTU32 with crypto_store_htobe32(). Make the offset handling cleaner at the same time. ok beck@ joshua@ tb@
* Remove now unused files.jsing2024-03-272-274/+0
|
* Move bf_enc.c to the primary Makefile.jsing2024-03-2712-34/+12
| | | | | Now that all architectures are using bf_enc.c, it does not make sense to have it in every Makefile.inc file.
* Stop building the assembly implementation of blowfish on i386.jsing2024-03-271-3/+2
| | | | | | | | This is the only architecture that has an assembly implementation. There is little to gain from accelerating a legacy algorithm on a legacy architecture. ok beck@ tb@
* Do not allow duplicate groups in supported groups.beck2024-03-271-18/+39
| | | | | | While we are here refactor this to single return. ok jsing@ tb@
* Remove near duplicate AES_set_{encrypt,decrypt}_key() functions.jsing2024-03-271-208/+2
| | | | | | | | | | | | | | | There are currently three ways in which AES is implemented - all in assembly (amd64 et al), all in C (aarch64 et al) and, half in C and half in assembly (hppa and sparc64). The last of these cases currently makes use of a near duplicate AES_set_{encrypt,decrypt}_key() implementation that avoids using the AES tables. Remove the near duplicate version and if only a half assembly version is implemented, use the same C version of AES_set_{encrypt,decrypt}_key() as everyone else. This adds around 8KB of rodata to libcrypto on these two platforms. Discussed with beck and tb.
* Explain the weird copy dance in EVP_DigestSignFinal()tb2024-03-271-2/+3
| | | | with jsing
* Add TLS_ERROR_INVALID_ARGUMENT error code to libtlsjoshua2024-03-273-12/+15
| | | | | | | This is an initial pass, defining the error code and using it for "too long"/length-related errors. ok beck jsing
* Fix whitespacetb2024-03-271-2/+2
|
* Use crypto_rol_u32() instead of an undefined ROTATE macro.jsing2024-03-271-9/+5
| | | | ok tb@
* Unify up_ref implementations in libssltb2024-03-272-8/+5
| | | | ok jsing
* Remove unused NDEBUG define.jsing2024-03-271-7/+1
|
* Tidy includes and a comment.jsing2024-03-271-3/+7
|
* Remove rather scary unused experimental code.jsing2024-03-271-1081/+0
| | | | ok tb@
* Clean up use of EVP_MD_CTX_{legacy_clear,cleanup} injoshua2024-03-271-18/+24
| | | | | | | | | EVP_DigestSignFinal Additionally, this cleans up some more surrounding code. This is a fixed version of r1.21. ok tb
* Demacro md4.jsing2024-03-271-100/+84
| | | | | | | Use static inline functions instead of macros. Also number rounds as per the RFC. ok joshua@ tb@
* Hide symbols in enginetb2024-03-273-1/+87
| | | | ok jsing
* Recommit r1.20joshua2024-03-271-27/+31
| | | | ok tb jsing
* Revert to r1.19 while we track down a bug in the last two commits.jsing2024-03-271-38/+29
|
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-28 02:43:14 +0000