![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / lib / libcrypto
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.195 / (download) - annotate - [select for diffs], Fri May 24 19:16:53 2024 UTC (2 weeks, 3 days ago) by tb
Branch: MAIN
CVS Tags: HEAD
Changes since 1.194: +1 -2 lines
Diff to previous 1.194 (colored)
Stub out DES_enc_{read,write}(3)
The most terrible code in OpenSSL has its roots in libdes, which came
before SSLeay. Hello, LHASH. Hello speed app. Hello DES (obviously).
There are some diary-style changelog comments dating all the way back
to 1990.
/* This has some uglies in it but it works - even over sockets. */
Well, kind of:
* - This code cannot handle non-blocking sockets.
Also:
/* >output is a multiple of 8 byes, if len < rnum
* >we must be careful. The user must be aware that this
* >routine will write more bytes than he asked for.
* >The length of the buffer must be correct.
* FIXED - Should be ok now 18-9-90 - eay */
Or
/* This is really a bad error - very bad
* It will stuff-up both ends. */
Or
#ifdef _LIBC
extern unsigned long time();
extern int write();
#endif
I can't even...
Delete, delete, delete.
ok jsing
Revision 1.194 / (download) - annotate - [select for diffs], Thu Apr 25 16:14:00 2024 UTC (6 weeks, 4 days ago) by tb
Branch: MAIN
Changes since 1.193: +1 -2 lines
Diff to previous 1.193 (colored)
Take pem2.h behind the barn /* * This header only exists to break a circular dependency between pem and err * Ben 30 Jan 1999. */ 25 years of uselessness is about a quarter century more than enough. discussed with jsing
Revision 1.193 / (download) - annotate - [select for diffs], Mon Apr 15 15:55:01 2024 UTC (8 weeks ago) by tb
Branch: MAIN
Changes since 1.192: +1 -2 lines
Diff to previous 1.192 (colored)
Bye, bye, OPENSSL_str{,n}casecmp()
ok jsing
Revision 1.192 / (download) - annotate - [select for diffs], Fri Mar 29 07:36:38 2024 UTC (2 months, 1 week ago) by jsing
Branch: MAIN
Changes since 1.191: +2 -6 lines
Diff to previous 1.191 (colored)
Consolidate cast code.
Revision 1.191 / (download) - annotate - [select for diffs], Fri Mar 29 07:26:21 2024 UTC (2 months, 1 week ago) by jsing
Branch: MAIN
Changes since 1.190: +1 -7 lines
Diff to previous 1.190 (colored)
Consolidate camellia code.
Revision 1.190 / (download) - annotate - [select for diffs], Fri Mar 29 07:24:09 2024 UTC (2 months, 1 week ago) by jsing
Branch: MAIN
Changes since 1.189: +4 -4 lines
Diff to previous 1.189 (colored)
Move camellia to primary Makefile. These files are now built on all platforms.
Revision 1.189 / (download) - annotate - [select for diffs], Fri Mar 29 06:03:20 2024 UTC (2 months, 1 week ago) by jsing
Branch: MAIN
Changes since 1.188: +2 -2 lines
Diff to previous 1.188 (colored)
Move aes_core.c to the primary Makefile. This is now built on all platforms.
Revision 1.188 / (download) - annotate - [select for diffs], Fri Mar 29 05:23:50 2024 UTC (2 months, 1 week ago) by jsing
Branch: MAIN
Changes since 1.187: +2 -6 lines
Diff to previous 1.187 (colored)
Consolidate idea into a single C file.
Revision 1.187 / (download) - annotate - [select for diffs], Fri Mar 29 02:41:49 2024 UTC (2 months, 1 week ago) by jsing
Branch: MAIN
Changes since 1.186: +2 -3 lines
Diff to previous 1.186 (colored)
Consolidate whirlpool into a single C file. Buy a vowel at the same time, since we're no longer limited to 8.3 file names. Discussed with tb@
Revision 1.186 / (download) - annotate - [select for diffs], Fri Mar 29 02:33:44 2024 UTC (2 months, 1 week ago) by jsing
Branch: MAIN
Changes since 1.185: +2 -2 lines
Diff to previous 1.185 (colored)
Move wp_block.c to the primary Makefile. This is now built on all platforms.
Revision 1.185 / (download) - annotate - [select for diffs], Thu Mar 28 12:52:58 2024 UTC (2 months, 1 week ago) by jsing
Branch: MAIN
Changes since 1.184: +1 -2 lines
Diff to previous 1.184 (colored)
Merge aes_cbc.c into aes.c now that aes_cbc.c is used on all platforms.
Revision 1.184 / (download) - annotate - [select for diffs], Thu Mar 28 06:45:36 2024 UTC (2 months, 2 weeks ago) by beck
Branch: MAIN
Changes since 1.183: +1 -2 lines
Diff to previous 1.183 (colored)
Nuke more leftover GOST tendrils. ok tb@
Revision 1.183 / (download) - annotate - [select for diffs], Thu Mar 28 02:09:28 2024 UTC (2 months, 2 weeks ago) by jsing
Branch: MAIN
Changes since 1.182: +1 -5 lines
Diff to previous 1.182 (colored)
Remove fallback files that are now always included in the build.
Revision 1.182 / (download) - annotate - [select for diffs], Thu Mar 28 01:57:00 2024 UTC (2 months, 2 weeks ago) by jsing
Branch: MAIN
Changes since 1.181: +4 -1 lines
Diff to previous 1.181 (colored)
Move rc4.c to primary Makefile. This is now built on all platforms.
Revision 1.181 / (download) - annotate - [select for diffs], Thu Mar 28 01:41:16 2024 UTC (2 months, 2 weeks ago) by jsing
Branch: MAIN
Changes since 1.180: +3 -1 lines
Diff to previous 1.180 (colored)
Move des sources to primary Makefile. Now that all platforms use a C des implementation, move it to the primary Makefile.
Revision 1.180 / (download) - annotate - [select for diffs], Thu Mar 28 00:57:26 2024 UTC (2 months, 2 weeks ago) by jsing
Branch: MAIN
Changes since 1.179: +2 -6 lines
Diff to previous 1.179 (colored)
Consolidate most of the AES modes into a single C file. Discussed with tb@
Revision 1.179 / (download) - annotate - [select for diffs], Wed Mar 27 12:56:25 2024 UTC (2 months, 2 weeks ago) by jsing
Branch: MAIN
Changes since 1.178: +2 -2 lines
Diff to previous 1.178 (colored)
Catch the blowfish that escaped.
Revision 1.178 / (download) - annotate - [select for diffs], Wed Mar 27 12:54:42 2024 UTC (2 months, 2 weeks ago) by jsing
Branch: MAIN
Changes since 1.177: +2 -3 lines
Diff to previous 1.177 (colored)
Consolidate rc4 code. Discussed with tb@
Revision 1.177 / (download) - annotate - [select for diffs], Wed Mar 27 11:24:15 2024 UTC (2 months, 2 weeks ago) by jsing
Branch: MAIN
Changes since 1.176: +2 -6 lines
Diff to previous 1.176 (colored)
Consolidate blowfish code. Requested by tb@
Revision 1.176 / (download) - annotate - [select for diffs], Wed Mar 27 11:12:08 2024 UTC (2 months, 2 weeks ago) by jsing
Branch: MAIN
Changes since 1.175: +2 -1 lines
Diff to previous 1.175 (colored)
Move bf_enc.c to the primary Makefile. Now that all architectures are using bf_enc.c, it does not make sense to have it in every Makefile.inc file.
Revision 1.175 / (download) - annotate - [select for diffs], Tue Mar 19 19:27:33 2024 UTC (2 months, 3 weeks ago) by tb
Branch: MAIN
Changes since 1.174: +1 -2 lines
Diff to previous 1.174 (colored)
Move the OPENSSL_init() stub from o_init.c to crypto_init.c
Revision 1.174 / (download) - annotate - [select for diffs], Sat Mar 2 13:39:28 2024 UTC (3 months, 1 week ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5
Changes since 1.173: +1 -2 lines
Diff to previous 1.173 (colored)
Remove some GOST relics
Revision 1.173 / (download) - annotate - [select for diffs], Sat Mar 2 11:17:27 2024 UTC (3 months, 1 week ago) by tb
Branch: MAIN
Changes since 1.172: +1 -21 lines
Diff to previous 1.172 (colored)
Unhook and remove GOST and STREEBOG This stops compiling the GOST source. The current implementation is low quality and got in the way, especially in libssl. While we would be open for GOST support, it needs to be significantly better than what we have had and it also needs a maintainer. Add OPENSSL_NO_GOST to opensslfeatures and stop installing gost.h. Some code wrapped in #ifndef OPENSSL_NO_GOST will be removed later. ok jsing
Revision 1.172 / (download) - annotate - [select for diffs], Sat Mar 2 11:11:11 2024 UTC (3 months, 1 week ago) by tb
Branch: MAIN
Changes since 1.171: +3 -1 lines
Diff to previous 1.171 (colored)
Make LHASH_OF() and STACK_OF() use opaque structs This removes internals of these two special snowflakes and will allow further simplifications. Unfortunately, there are some pieces of software that actually use LHASH_OF() (looking at you, pound, Ruby, and openssl(1)), so we get to keep exposing this garbage, at least for now. Expose lh_error() as a symbol to replace a macro reaching into _LHASH. lh_down_load() is no longer available. _LHASH and _STACK are now opaque, LHASH_NODE becomes internal-only. from jsing
Revision 1.171 / (download) - annotate - [select for diffs], Sat Mar 2 11:04:51 2024 UTC (3 months, 1 week ago) by tb
Branch: MAIN
Changes since 1.170: +1 -2 lines
Diff to previous 1.170 (colored)
Remove lh stats This could have been removed in an earlier bump. Now it's time for it to say goodbye. ok jsing
Revision 1.170 / (download) - annotate - [select for diffs], Sat Mar 2 10:13:12 2024 UTC (3 months, 1 week ago) by tb
Branch: MAIN
Changes since 1.169: +1 -3 lines
Diff to previous 1.169 (colored)
Remove RC4-HMAC-MD5 and AES-{128,256}-CBC-HMAC-SHA-1
"Stitched" mode AEADs were removed from libssl a long time ago. Nothing
uses these CIPHERs anymore.
ok jsing
Revision 1.169 / (download) - annotate - [select for diffs], Sat Mar 2 10:03:12 2024 UTC (3 months, 1 week ago) by tb
Branch: MAIN
Changes since 1.168: +1 -2 lines
Diff to previous 1.168 (colored)
Remove the ameth lib This is accessor API for ASN.1 methods needed for custom PKEYs. Nothing has ever used this. This has been neutered for months. The EVP_PKEY_asn1_* API that needs to stay was moved elsewhere. ok jsing
Revision 1.168 / (download) - annotate - [select for diffs], Sun Feb 18 16:28:37 2024 UTC (3 months, 3 weeks ago) by tb
Branch: MAIN
Changes since 1.167: +2 -1 lines
Diff to previous 1.167 (colored)
Add posix_time.h from BoringSSL This is prepares to expose some internal API as OPENSSL_tm_to_posix() and OPENSSL_posix_to_tm(). They will be used in libtls and ocspcheck(8) to get rid of the portability nightmare that is timegm(). Also fix the location of OPENSSL_gmtime() and OPENSSL_timegm() (this API is not yet exposed). The former is from OpenSSL and surprisingly lives in crypto.h, not asn1.h, and the latter is BoringSSL API and lives in the new posix_time.h. Initial diff from beck, this pulls in further upstream work after review feedback. ok jsing
Revision 1.167 / (download) - annotate - [select for diffs], Sat Jan 27 17:14:33 2024 UTC (4 months, 1 week ago) by tb
Branch: MAIN
Changes since 1.166: +1 -4 lines
Diff to previous 1.166 (colored)
Fold keyivgen functions into evp_pbe.c These are only used by the EVP_PBE routines and will become internal in the next major bump.
Revision 1.166 / (download) - annotate - [select for diffs], Sat Jan 13 12:18:52 2024 UTC (4 months, 4 weeks ago) by tb
Branch: MAIN
Changes since 1.165: +1 -2 lines
Diff to previous 1.165 (colored)
The OBJ_NAME API joins the party in evp_names.c ... and another file without license disappears.
Revision 1.165 / (download) - annotate - [select for diffs], Sat Jan 13 12:15:27 2024 UTC (4 months, 4 weeks ago) by tb
Branch: MAIN
Changes since 1.164: +1 -2 lines
Diff to previous 1.164 (colored)
Move EVP_add_{cipher,digest}() to the trashcan
They will await their removal in the next major bump.
Revision 1.164 / (download) - annotate - [select for diffs], Sat Jan 13 11:18:52 2024 UTC (4 months, 4 weeks ago) by tb
Branch: MAIN
Changes since 1.163: +1 -2 lines
Diff to previous 1.163 (colored)
Stub out {OpenSSL,OPENSSL}_add*
These serve no purpose anymore (and really haven't for many years) but
will have to be kept since there's a number of software that still uses
them because many years ago they had to.
Relocate the stubs to crypto_init.c since library initialization's what
they were there for.
ok jsing
Revision 1.163 / (download) - annotate - [select for diffs], Sat Jan 13 10:57:08 2024 UTC (4 months, 4 weeks ago) by tb
Branch: MAIN
Changes since 1.162: +2 -1 lines
Diff to previous 1.162 (colored)
Add a table of cipher names, ciphers and aliases This arranges the data provided by dynamic library initialization in a static table and will help avoid gross code with missing error checking and other defects on every use of the library. This table isn't pretty due to various naming inconsistecies accumulated over the decades. It will significantly simplify the implementation of API such as EVP_get_cipherbyname() and EVP_CIPHER_do_all(). All the table does is map strings to ciphers, typically used on the openssl(1) command line or in code it's the mechanism that underlies the map from NID_chacha20 to the data returned by EVP_chacha20(). It's of course more complicated because it just had to be stupid. This is one of the places where the use of bsearch() is justified. The price to pay for the simplification is that adding custom aliases and custom ciphers to this table will no longer be supported. It is one significant user of the LHASH madness. That's just another piece of the awful "toolkit aspect"-guided misdesign that contributes to making this codebase so terrible. A corresponding table for the digests will be added in the next commit. ok jsing
Revision 1.162 / (download) - annotate - [select for diffs], Fri Dec 29 06:56:38 2023 UTC (5 months, 1 week ago) by tb
Branch: MAIN
Changes since 1.161: +1 -2 lines
Diff to previous 1.161 (colored)
Merge the EVP_CIPHER_meth_* API into evp_cipher.c
Revision 1.161 / (download) - annotate - [select for diffs], Fri Dec 29 06:17:58 2023 UTC (5 months, 1 week ago) by tb
Branch: MAIN
Changes since 1.160: +1 -2 lines
Diff to previous 1.160 (colored)
Merge the remainder of evp_lib.c into evp_cipher.c
Revision 1.160 / (download) - annotate - [select for diffs], Fri Dec 29 05:57:24 2023 UTC (5 months, 1 week ago) by tb
Branch: MAIN
Changes since 1.159: +4 -4 lines
Diff to previous 1.159 (colored)
Use more consistent naming for some files in evp
EVP_Digest{Init,Update,Final}() move from digest.c to evp_digest.c which
will become the home of all things related to EVP_MD{,_CTX} handling.
EVP_Cipher{Init,Update,Final}() move from evp_enc.c to evp_cipher.c which
will become the home of all things related to EVP_CIPHER{,_CTX} handling.
EVP_Encode{Init,Update,Final}() move from encode.c to evp_encode.c which
already is the home of EVP_ENCODE_CTX_{new,free}().
discussed with jsing
Revision 1.159 / (download) - annotate - [select for diffs], Wed Dec 20 13:52:17 2023 UTC (5 months, 3 weeks ago) by tb
Branch: MAIN
Changes since 1.158: +1 -3 lines
Diff to previous 1.158 (colored)
Merge p_open and p_seal into p_legacy discussed with jsing
Revision 1.158 / (download) - annotate - [select for diffs], Wed Dec 20 13:46:05 2023 UTC (5 months, 3 weeks ago) by tb
Branch: MAIN
Changes since 1.157: +2 -3 lines
Diff to previous 1.157 (colored)
Fold p_dec.c and p_enc.c into a new p_legacy.c discussed with jsing
Revision 1.157 / (download) - annotate - [select for diffs], Wed Dec 20 06:28:04 2023 UTC (5 months, 3 weeks ago) by tb
Branch: MAIN
Changes since 1.156: +1 -2 lines
Diff to previous 1.156 (colored)
DES_random_key() sets the key There's no need to have 60 lines of license for 4 lines of actual code. Move DES_random_key() to set_key.c.
Revision 1.156 / (download) - annotate - [select for diffs], Sun Nov 12 10:49:27 2023 UTC (6 months, 4 weeks ago) by robert
Branch: MAIN
Changes since 1.155: +5 -1 lines
Diff to previous 1.155 (colored)
split the Symbols.list up so that arch specific symbols do not end up everywhere ok tb@
Revision 1.155 / (download) - annotate - [select for diffs], Wed Aug 9 09:32:22 2023 UTC (10 months ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_7_4_BASE,
OPENBSD_7_4
Changes since 1.154: +1 -2 lines
Diff to previous 1.154 (colored)
Merge remainder of rsa_crpt.c into rsa_eay.c Most of these are one line wrappers around methods implemented in rsa_eay.c by default.
Revision 1.154 / (download) - annotate - [select for diffs], Wed Aug 9 09:23:03 2023 UTC (10 months ago) by tb
Branch: MAIN
Changes since 1.153: +2 -2 lines
Diff to previous 1.153 (colored)
Move bn_blind.c to rsa_blinding.c discussed with jsing
Revision 1.153 / (download) - annotate - [select for diffs], Sat Jul 29 06:46:20 2023 UTC (10 months, 1 week ago) by tb
Branch: MAIN
Changes since 1.152: +1 -5 lines
Diff to previous 1.152 (colored)
Move HAVE_FUNOPEN out of !NOPIC Due to some historic accident, HAVE_FUNOPEN was grouped with DSO_DLFCN and HAVE_DLFCN_H inside !defined(NOPIC). While the two DLFCN bits belong there, HAVE_FUNOPEN doesn't. ok jsing, millert agrees
Revision 1.152 / (download) - annotate - [select for diffs], Fri Jul 28 11:08:01 2023 UTC (10 months, 2 weeks ago) by jsing
Branch: MAIN
Changes since 1.151: +2 -3 lines
Diff to previous 1.151 (colored)
Combine ripemd into a single C file.
Revision 1.151 / (download) - annotate - [select for diffs], Fri Jul 28 11:06:28 2023 UTC (10 months, 2 weeks ago) by jsing
Branch: MAIN
Changes since 1.150: +2 -3 lines
Diff to previous 1.150 (colored)
Combine md5 into a single C file.
Revision 1.150 / (download) - annotate - [select for diffs], Fri Jul 28 11:04:41 2023 UTC (10 months, 2 weeks ago) by jsing
Branch: MAIN
Changes since 1.149: +2 -3 lines
Diff to previous 1.149 (colored)
Combine md4 into a single C file.
Revision 1.149 / (download) - annotate - [select for diffs], Fri Jul 28 10:35:14 2023 UTC (10 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.148: +1 -2 lines
Diff to previous 1.148 (colored)
Remove various ${thing}_options
Various, ancient ciphers exposed some of their innards via an _options()
API. Apart from openssl version/speed, only some lua thingie in nmap ever
looked at these. Go figure.
hppa testing by miod, i386 testing by sthen. Thanks!
ok jsing
Revision 1.148 / (download) - annotate - [select for diffs], Fri Jul 28 10:17:21 2023 UTC (10 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.147: +1 -2 lines
Diff to previous 1.147 (colored)
Remove BUF_[a-z]* API This are a bunch of strange string handlers with NULL checks that make no real sense except to some devs who like to sprinkle them everywhere. Fortunately, nothing uses these anymore, so they can go. ok jsing
Revision 1.147 / (download) - annotate - [select for diffs], Fri Jul 28 10:02:11 2023 UTC (10 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.146: +1 -2 lines
Diff to previous 1.146 (colored)
Remove ASN1_bn_print() and ASN1_buf_print() ASN1_bn_print() is a hilariously bad API that was replaced with a saner interface internally. ASN1_buf_print() isn't terrible, but it is too specialized to be of real use. It was only exposed because ASN1_bn_print() was already there. Its only use had been in the EdDSA printing code before it was replaced with an internal helper. ok jsing
Revision 1.146 / (download) - annotate - [select for diffs], Fri Jul 28 09:53:55 2023 UTC (10 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.145: +1 -26 lines
Diff to previous 1.145 (colored)
Set OPENSSL_NO_ENGINE, remove engine code ENGINE was special. It's horrible code even by the low standards of this library. Some ports may now try to use the stubs which will fail, but the fallout from this should be minimal. Of course there are various language bindings that expose the ENGINE API. OpenSSL 3 disabling ENGINE by default will likely help fixing this at some point. ok jsing
Revision 1.145 / (download) - annotate - [select for diffs], Fri Jul 28 09:46:36 2023 UTC (10 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.144: +2 -11 lines
Diff to previous 1.144 (colored)
Drop DSO and define OPENSSL_NO_DSO DSO and in particular dlopen() was used for dynamic engines, which we removed a long time ago and for dynamic conf modules, which we removed only very recently. Now remove this dangerous interface. ok jsing
Revision 1.144 / (download) - annotate - [select for diffs], Fri Jul 28 09:42:44 2023 UTC (10 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.143: +1 -7 lines
Diff to previous 1.143 (colored)
Drop the comp module opensslfeatures.h has long defined OPENSSL_NO_COMP and the build with ZLIB was broken in openssl(1) since 2015 and in libcrypto since 2022. ZLIB was unifdefed a while ago, now we can retire the public API. The comp.h header stays devoid of code because a number of ports use it for historic reasons. ok jsing
Revision 1.143 / (download) - annotate - [select for diffs], Fri Jul 28 09:22:26 2023 UTC (10 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.142: +1 -3 lines
Diff to previous 1.142 (colored)
Excise ECDH_METHOD Unlike ECDSA_METHOD, this has been unused forever but kind of needed to stay for symmetry with ECDSA_METHOD. Now we can finally take it behind the barn and remove its tendrils into ENGINE. ok jsing
Revision 1.142 / (download) - annotate - [select for diffs], Fri Jul 28 09:19:58 2023 UTC (10 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.141: +1 -2 lines
Diff to previous 1.141 (colored)
Remove ECDH errors Much like the ECDSA errors, the ECDH errors have been unused for a while. Garbage collect them. ok jsing
Revision 1.141 / (download) - annotate - [select for diffs], Fri Jul 28 09:08:31 2023 UTC (10 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.140: +1 -3 lines
Diff to previous 1.140 (colored)
Remove ECDSA_METHOD After smtpd (in base) and libtls finally switched from ECDSA_METHOD to EC_KEY_METHOD, much of the ECDSA_METHOD code was neutered. Remove the remaining public API as well as numerous tentacles into ENGINE. ok jsing
Revision 1.140 / (download) - annotate - [select for diffs], Fri Jul 28 09:01:25 2023 UTC (10 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.139: +1 -2 lines
Diff to previous 1.139 (colored)
Remove ecs_err.c These error codes have been unused for a while, so the public API loading them is pointless. ok jsing
Revision 1.139 / (download) - annotate - [select for diffs], Fri Jul 21 09:04:23 2023 UTC (10 months, 3 weeks ago) by tb
Branch: MAIN
Changes since 1.138: +2 -1 lines
Diff to previous 1.138 (colored)
Provide a bunch of always failing ENGINE API This commit adds a few symbols under OPENSSL_NO_ENGINE. They will be used after the main ENGINE code is disabled in the next bump. The ecosystem is mostly prepared for dealing with a libcrypto compiled with OPENSSL_NO_ENGINE. There are a few stragglers like M2Crypto, dovecot and the latest apr-util release (fixed in their development branch). To avoid intrusive patching in these ports, we need to keep a bunch of ENGINE symbols around despite adding OPENSSL_NO_ENGINE. This of course meant patching some other ports, but that was way easier. ok jsing
Revision 1.138 / (download) - annotate - [select for diffs], Thu Jul 20 16:36:06 2023 UTC (10 months, 3 weeks ago) by tb
Branch: MAIN
Changes since 1.137: +1 -3 lines
Diff to previous 1.137 (colored)
Remove some ancient cruft that hasn't been used in ages discussed with jsing
Revision 1.137 / (download) - annotate - [select for diffs], Fri Jul 7 06:10:14 2023 UTC (11 months ago) by jsing
Branch: MAIN
Changes since 1.136: +10 -5 lines
Diff to previous 1.136 (colored)
One source file per line.
Revision 1.136 / (download) - annotate - [select for diffs], Thu Jul 6 14:37:39 2023 UTC (11 months ago) by tb
Branch: MAIN
Changes since 1.135: +2 -1 lines
Diff to previous 1.135 (colored)
Add bn_printf(), a replacement for ASN1_bn_print() ASN1_bn_print() will be removed in an upcoming bump. This adds an internal API that covers the same functionality but doesn't require that the caller pass in a sufficiently large scratch space that ASN1_bn_print() may or may not use. In addition, this takes a format string, which allows us to ditch some extra dances. ok jsing
Revision 1.135 / (download) - annotate - [select for diffs], Wed Jul 5 12:31:14 2023 UTC (11 months, 1 week ago) by tb
Branch: MAIN
Changes since 1.134: +2 -3 lines
Diff to previous 1.134 (colored)
Merge ECDH code that will stay into ecdh.c
Revision 1.134 / (download) - annotate - [select for diffs], Wed Jul 5 12:18:21 2023 UTC (11 months, 1 week ago) by tb
Branch: MAIN
Changes since 1.133: +2 -3 lines
Diff to previous 1.133 (colored)
Merge ECDSA code that will stay into ecdsa.c discussed with jsing
Revision 1.133 / (download) - annotate - [select for diffs], Thu Jun 29 06:12:04 2023 UTC (11 months, 1 week ago) by tb
Branch: MAIN
Changes since 1.132: +2 -2 lines
Diff to previous 1.132 (colored)
Drop the no longer necessary -DLIBRESSL_CRYPTO_INTERNAL ok miod
Revision 1.132 / (download) - annotate - [select for diffs], Sun Jun 25 19:29:30 2023 UTC (11 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.131: +1 -2 lines
Diff to previous 1.131 (colored)
With ech_local.h gone, we no longer need to -I ecdh
Revision 1.131 / (download) - annotate - [select for diffs], Wed Jun 21 07:41:55 2023 UTC (11 months, 3 weeks ago) by jsing
Branch: MAIN
Changes since 1.130: +2 -1 lines
Diff to previous 1.130 (colored)
Make BN_num_bits() independent of bn->top. Provide bn_bitsize(), which performs a constant time scan of a BN in order to determine the bit size of the BN value. Use this for BN_num_bits() such that it is no longer dependent on the bn->top value. ok tb@
Revision 1.130 / (download) - annotate - [select for diffs], Sun Jun 11 05:35:43 2023 UTC (12 months ago) by tb
Branch: MAIN
Changes since 1.129: +1 -2 lines
Diff to previous 1.129 (colored)
Unifdef ZLIB This has long been unused code and compilation with -DZLIB was broken for a long time after BIO was made opaque. ok jsing
Revision 1.129 / (download) - annotate - [select for diffs], Sun May 7 14:39:55 2023 UTC (13 months ago) by tb
Branch: MAIN
Changes since 1.128: +2 -2 lines
Diff to previous 1.128 (colored)
Recommit -Wshadow now that the warning on BIG_ENDIAN is fixed
Revision 1.128 / (download) - annotate - [select for diffs], Sun May 7 12:47:48 2023 UTC (13 months ago) by bluhm
Branch: MAIN
Changes since 1.127: +2 -2 lines
Diff to previous 1.127 (colored)
Backout -Wshadow, it breaks build on powerpc64.
Revision 1.127 / (download) - annotate - [select for diffs], Fri May 5 21:23:02 2023 UTC (13 months ago) by tb
Branch: MAIN
Changes since 1.126: +2 -2 lines
Diff to previous 1.126 (colored)
Use -Wshadow with clang ok jsing (a very long time ago)
Revision 1.126 / (download) - annotate - [select for diffs], Fri May 5 12:20:03 2023 UTC (13 months, 1 week ago) by tb
Branch: MAIN
Changes since 1.125: +2 -1 lines
Diff to previous 1.125 (colored)
Link rsa_x931.c to build
Revision 1.125 / (download) - annotate - [select for diffs], Fri Apr 28 16:30:14 2023 UTC (13 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.124: +1 -2 lines
Diff to previous 1.124 (colored)
Unifdef LIBRESSL_HAS_POLICY_DAG and remove it from the Makefile with beck
Revision 1.124 / (download) - annotate - [select for diffs], Fri Apr 28 16:21:57 2023 UTC (13 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.123: +1 -7 lines
Diff to previous 1.123 (colored)
Take the old policy code behind the barn It can go play in the fields with all the other exponential time policy "code". discussed with jsing ok & commit message beck
Revision 1.123 / (download) - annotate - [select for diffs], Fri Apr 28 16:14:46 2023 UTC (13 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.122: +2 -4 lines
Diff to previous 1.122 (colored)
Enable the new policy checking code in x509_policy.c ok beck jsing
Revision 1.122 / (download) - annotate - [select for diffs], Wed Apr 26 21:36:42 2023 UTC (13 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.121: +4 -1 lines
Diff to previous 1.121 (colored)
Allow compiling with -DHAS_DAG to enable the policy check with a DAG. ok beck
Revision 1.121 / (download) - annotate - [select for diffs], Wed Apr 26 19:16:02 2023 UTC (13 months, 2 weeks ago) by beck
Branch: MAIN
Changes since 1.120: +2 -1 lines
Diff to previous 1.120 (colored)
Add the new policy code to the build. ok tb@ jsing@
Revision 1.120 / (download) - annotate - [select for diffs], Wed Apr 26 14:27:40 2023 UTC (13 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.119: +1 -2 lines
Diff to previous 1.119 (colored)
Remove the now unused bio_pk7.c
Revision 1.119 / (download) - annotate - [select for diffs], Wed Apr 26 08:25:37 2023 UTC (13 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.118: +1 -2 lines
Diff to previous 1.118 (colored)
Remove e_old.c again Also remove nonexistent symbols #defined to other symbols that confuse some linkers in -portable. This commit entails no ABI change on OpenBSD. Discussed with jsing
Revision 1.118 / (download) - annotate - [select for diffs], Tue Apr 25 23:16:31 2023 UTC (13 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.117: +2 -1 lines
Diff to previous 1.117 (colored)
Reinstate e_old.c it is still used by -portable
Revision 1.117 / (download) - annotate - [select for diffs], Tue Apr 25 20:06:35 2023 UTC (13 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.116: +1 -2 lines
Diff to previous 1.116 (colored)
e_old can also go
Revision 1.116 / (download) - annotate - [select for diffs], Tue Apr 25 19:53:30 2023 UTC (13 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.115: +1 -5 lines
Diff to previous 1.115 (colored)
GF2m bites the dust. It won't be missed.
Revision 1.115 / (download) - annotate - [select for diffs], Tue Apr 25 19:01:01 2023 UTC (13 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.114: +1 -3 lines
Diff to previous 1.114 (colored)
Remove proxy cert remnants
Revision 1.114 / (download) - annotate - [select for diffs], Tue Apr 25 18:57:57 2023 UTC (13 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.113: +1 -2 lines
Diff to previous 1.113 (colored)
Remove NETSCAPE_CERT_SEQUENCE
Revision 1.113 / (download) - annotate - [select for diffs], Tue Apr 25 18:48:32 2023 UTC (13 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.112: +1 -2 lines
Diff to previous 1.112 (colored)
Remove SXNET Unused and no authorative information was found online in 2016
Revision 1.112 / (download) - annotate - [select for diffs], Tue Apr 25 17:54:10 2023 UTC (13 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.111: +1 -2 lines
Diff to previous 1.111 (colored)
Remove CTS mode ok jsing
Revision 1.111 / (download) - annotate - [select for diffs], Tue Apr 25 17:42:07 2023 UTC (13 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.110: +1 -3 lines
Diff to previous 1.110 (colored)
Remove the horror show that is bn_nist and ecp_nist This code is full of problematic C and is also otherwise of questionable quality. It is far from constant time and jsing informs me it also isn't faster. Good riddance.
Revision 1.110 / (download) - annotate - [select for diffs], Tue Apr 25 16:50:33 2023 UTC (13 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.109: +1 -3 lines
Diff to previous 1.109 (colored)
Remove X9.31 support ok jsing
Revision 1.109 / (download) - annotate - [select for diffs], Tue Apr 25 15:51:31 2023 UTC (13 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.108: +14 -14 lines
Diff to previous 1.108 (colored)
Comment out a few now unused files from Makefile
Revision 1.108 / (download) - annotate - [select for diffs], Fri Apr 21 06:14:42 2023 UTC (13 months, 3 weeks ago) by tb
Branch: MAIN
Changes since 1.107: +1 -2 lines
Diff to previous 1.107 (colored)
Remove the now unused x509_enum.c
Revision 1.107 / (download) - annotate - [select for diffs], Mon Apr 17 12:46:36 2023 UTC (13 months, 3 weeks ago) by jsing
Branch: MAIN
Changes since 1.106: +3 -1 lines
Diff to previous 1.106 (colored)
Hook sha3 up to build. ok tb@
Revision 1.106 / (download) - annotate - [select for diffs], Mon Apr 17 12:36:59 2023 UTC (13 months, 3 weeks ago) by jsing
Branch: MAIN
Changes since 1.105: +1 -2 lines
Diff to previous 1.105 (colored)
Move BN_bn2mpi()/BN_mpi2bn() into bn_convert.c
Revision 1.105 / (download) - annotate - [select for diffs], Mon Apr 17 05:54:20 2023 UTC (13 months, 3 weeks ago) by tb
Branch: MAIN
Changes since 1.104: +1 -2 lines
Diff to previous 1.104 (colored)
Drop dh_prn.c
Revision 1.104 / (download) - annotate - [select for diffs], Sun Apr 16 16:42:06 2023 UTC (13 months, 3 weeks ago) by jsing
Branch: MAIN
Changes since 1.103: +2 -1 lines
Diff to previous 1.103 (colored)
Provide EVP methods for SHA512/224 and SHA512/256. ok tb@
Revision 1.103 / (download) - annotate - [select for diffs], Fri Apr 14 11:10:11 2023 UTC (13 months, 4 weeks ago) by jsing
Branch: MAIN
Changes since 1.102: +2 -2 lines
Diff to previous 1.102 (colored)
Rename the largely misnamed bn_print.c to bn_convert.c This file primarily contains the various BN_bn2*() and BN_*2bn() functions (along with BN_print() and BN_options()). More function shuffling will follow. Discussed with tb@
Revision 1.102 / (download) - annotate - [select for diffs], Thu Apr 13 15:01:18 2023 UTC (13 months, 4 weeks ago) by tb
Branch: MAIN
Changes since 1.101: +1 -6 lines
Diff to previous 1.101 (colored)
Drop now useless files from the Makefile
Revision 1.101 / (download) - annotate - [select for diffs], Tue Apr 11 10:41:10 2023 UTC (14 months ago) by jsing
Branch: MAIN
Changes since 1.100: +2 -3 lines
Diff to previous 1.100 (colored)
Consolidate sha1 into a single file.
Revision 1.100 / (download) - annotate - [select for diffs], Tue Apr 11 10:08:44 2023 UTC (14 months ago) by tb
Branch: MAIN
Changes since 1.99: +2 -2 lines
Diff to previous 1.99 (colored)
Add a new implementation of BN_mod_sqrt() This is a reimplementation from scratch of the Tonelli-Shanks algorithm based on Henri Cohen "A Course in Computational Algebraic Number Theory", Springer GTM 138, section 1.5.1. It is API compatible with the previous implementation, so no documentation change is required. Contrary to the old implementation, this does not have any infinite loops and has various additional sanity checks to prevent misbehavior in case the input modulus is not a prime. It contains extensive comments and the individual parts of the algorithm are split into digestible chunks instead of having one huge function. One difference of note is that it BN_mod_sqrt() now always returns the smaller of the two possible answers. In other words, while its core is non-deterministic, its answer is not. ok jsing
Revision 1.99 / (download) - annotate - [select for diffs], Wed Mar 1 11:28:30 2023 UTC (15 months, 1 week ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_7_3_BASE,
OPENBSD_7_3
Changes since 1.98: +2 -1 lines
Diff to previous 1.98 (colored)
Link evp/cipher_method_lib.c to the build ok jsing
Revision 1.98 / (download) - annotate - [select for diffs], Mon Feb 13 09:21:35 2023 UTC (15 months, 3 weeks ago) by tb
Branch: MAIN
Changes since 1.97: +1 -3 lines
Diff to previous 1.97 (colored)
Merge dsa_sign.c and dsa_vrf.c into dsa_ossl.c discussed with jsing
Revision 1.97 / (download) - annotate - [select for diffs], Sat Feb 11 12:17:57 2023 UTC (15 months, 4 weeks ago) by jsing
Branch: MAIN
Changes since 1.96: +1 -2 lines
Diff to previous 1.96 (colored)
Remove bn_exp2.c, which is now empty.
Revision 1.96 / (download) - annotate - [select for diffs], Tue Jan 31 06:17:10 2023 UTC (16 months, 1 week ago) by jsing
Branch: MAIN
Changes since 1.95: +1 -2 lines
Diff to previous 1.95 (colored)
Remove the now empty bn_asm.c. This rather misnamed file (bn_asm.c) previously contained the C code that was needed to build libcrypto bignum on platforms that did not have assembly implementations of the functions it contained.
Revision 1.95 / (download) - annotate - [select for diffs], Sun Jan 29 14:06:58 2023 UTC (16 months, 1 week ago) by jsing
Branch: MAIN
Changes since 1.94: +1 -2 lines
Diff to previous 1.94 (colored)
Remove the now empty/unused bn_depr.c.
Revision 1.94 / (download) - annotate - [select for diffs], Sat Jan 28 19:14:38 2023 UTC (16 months, 1 week ago) by tb
Branch: MAIN
Changes since 1.93: +1 -2 lines
Diff to previous 1.93 (colored)
Stop installing x509_verify.h ok jsing
Revision 1.93 / (download) - annotate - [select for diffs], Sat Jan 21 17:29:56 2023 UTC (16 months, 2 weeks ago) by jsing
Branch: MAIN
Changes since 1.92: +3 -2 lines
Diff to previous 1.92 (colored)
Provide an implementation of bn_sqr() that calls s2n-bignum's bignum_sqr(). ok tb@
Revision 1.92 / (download) - annotate - [select for diffs], Fri Jan 20 10:04:33 2023 UTC (16 months, 3 weeks ago) by jsing
Branch: MAIN
Changes since 1.91: +2 -1 lines
Diff to previous 1.91 (colored)
Provide a per machine bn_arch.h. This will provide a location for machine specific defines, prototypes and inline functions. ok tb@
Revision 1.91 / (download) - annotate - [select for diffs], Sat Jan 14 15:45:43 2023 UTC (16 months, 3 weeks ago) by jsing
Branch: MAIN
Changes since 1.90: +1 -5 lines
Diff to previous 1.90 (colored)
Remove unused Elliptic Curve code. For various reasons, the ecp_nistp* and ecp_nistz* code is unused. While ecp_nistp* was being compiled, it is disabled due to OPENSSL_NO_EC_NISTP_64_GCC_128 being defined. On the other hand, ecp_nistz* was not even being built. We will bring in new versions or alternative versions of such code, if we end up enabling it in the future. For now it is just causing complexity (and grep noise) while trying to improve the EC code. Discussed with tb@
Revision 1.90 / (download) - annotate - [select for diffs], Sat Dec 17 22:01:29 2022 UTC (17 months, 3 weeks ago) by tb
Branch: MAIN
Changes since 1.89: +2 -1 lines
Diff to previous 1.89 (colored)
Link ui_null.c to build
Revision 1.89 / (download) - annotate - [select for diffs], Sat Nov 26 11:18:49 2022 UTC (18 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.88: +1 -2 lines
Diff to previous 1.88 (colored)
cms_lcl.h should not be part of SRCS
Revision 1.88 / (download) - annotate - [select for diffs], Fri Nov 11 11:25:18 2022 UTC (18 months, 4 weeks ago) by beck
Branch: MAIN
Changes since 1.87: +15 -2 lines
Diff to previous 1.87 (colored)
Add support for symbol hiding disabled by default. Fully explained in libcrypto/README. TL;DR make sure libcrypto and libssl's function calls internally and to each other are via symbol names that won't get overridden by linking other libraries. Mostly work by guenther@, which will currently be gated behind a build setting NAMESPACE=yes. once we convert all the symbols to this method we will do a major bump and pick up the changes. ok tb@ jsing@
Revision 1.87 / (download) - annotate - [select for diffs], Thu Nov 10 17:53:45 2022 UTC (19 months ago) by joshua
Branch: MAIN
Changes since 1.86: +78 -17 lines
Diff to previous 1.86 (colored)
Finish migrating to one source file per line. ok jsing@ tb@
Revision 1.86 / (download) - annotate - [select for diffs], Thu Nov 10 16:37:51 2022 UTC (19 months ago) by jsing
Branch: MAIN
Changes since 1.85: +3 -1 lines
Diff to previous 1.85 (colored)
Implement EVP interfaces for Ed25519 and X25519. ok beck@ tb@
Revision 1.85 / (download) - annotate - [select for diffs], Thu Nov 10 16:00:34 2022 UTC (19 months ago) by joshua
Branch: MAIN
Changes since 1.84: +121 -30 lines
Diff to previous 1.84 (colored)
Continue migrating to one source file per line. ok jsing@ tb@
Revision 1.84 / (download) - annotate - [select for diffs], Thu Nov 10 15:13:52 2022 UTC (19 months ago) by joshua
Branch: MAIN
Changes since 1.83: +163 -37 lines
Diff to previous 1.83 (colored)
Continue migrating to one source file per line. ok jsing@ tb@
Revision 1.83 / (download) - annotate - [select for diffs], Thu Nov 10 12:55:49 2022 UTC (19 months ago) by joshua
Branch: MAIN
Changes since 1.82: +110 -26 lines
Diff to previous 1.82 (colored)
Continue migrating to one source file per line. ok jsing@ tb@
Revision 1.82 / (download) - annotate - [select for diffs], Wed Nov 9 23:33:08 2022 UTC (19 months ago) by joshua
Branch: MAIN
Changes since 1.81: +83 -18 lines
Diff to previous 1.81 (colored)
Start migrating to one source file per line. ok jsing@ tb@
Revision 1.81 / (download) - annotate - [select for diffs], Wed Nov 9 22:52:51 2022 UTC (19 months ago) by tb
Branch: MAIN
Changes since 1.80: +2 -2 lines
Diff to previous 1.80 (colored)
Move table in bn_primes.h to a .c file and get rid of prime_t This way we deduplicate two inclusions of the same big table and eliminate lots of stupid casts. input and ok many
Revision 1.80 / (download) - annotate - [select for diffs], Tue Nov 8 12:56:00 2022 UTC (19 months ago) by beck
Branch: MAIN
Changes since 1.79: +3 -3 lines
Diff to previous 1.79 (colored)
Replace the old OpenSSL julian date stuff with BoringSSL's OpenSSL dealt with time conversion using a classical julian day scheme. BoringSSL got rid of it and uses only a julian style calculation for seconds since the POSIX time epoch. This changes libressl to use the seconds calculation exculusively instead of a mix of the julian day based conversions and the system time conversions to and from time_t to tm. ok tb@ jsing@
Revision 1.79 / (download) - annotate - [select for diffs], Sat Aug 20 09:16:18 2022 UTC (21 months, 3 weeks ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2
Changes since 1.78: +2 -1 lines
Diff to previous 1.78 (colored)
Add an empty pkcs12_local.h and include it where it will soon be needed.
Revision 1.78 / (download) - annotate - [select for diffs], Wed Aug 3 20:16:06 2022 UTC (22 months, 1 week ago) by tb
Branch: MAIN
Changes since 1.77: +2 -2 lines
Diff to previous 1.77 (colored)
Prepare to provide PKCS12 accessors In order to be able to make pkcs12/ opaque, we need an entire family of accessors. These are in a particularly nasty tangle since this was done in about a dozen steps while sprinkling const, renaming functions, etc. The public API also adds backward compat macros for functions that were in the tree for half a day and then renamed. Of course some of them got picked up by some ports. Some of the gruesome hacks in here will go away with the next bump, but that doesn't mean that the pkcs12 directory will be prettier afterward. ok jsing
Revision 1.77 / (download) - annotate - [select for diffs], Sun Jul 24 08:16:47 2022 UTC (22 months, 2 weeks ago) by tb
Branch: MAIN
Changes since 1.76: +2 -1 lines
Diff to previous 1.76 (colored)
Start making ts opaque Move the not yet exposed EssCertIDv2 struct internals to ts_local.h and move the ASN.1 function prototypes that we don't want to expose with them. Include ts_local.h where necessary or where it will be needed soon. ok jsing
Revision 1.76 / (download) - annotate - [select for diffs], Wed Jul 13 06:32:54 2022 UTC (22 months, 4 weeks ago) by tb
Branch: MAIN
Changes since 1.75: +1 -1 lines
Diff to previous 1.75 (colored)
Link bn_bpsw.c to build ok jsing
Revision 1.75 / (download) - annotate - [select for diffs], Wed Jul 13 06:28:58 2022 UTC (22 months, 4 weeks ago) by tb
Branch: MAIN
Changes since 1.74: +2 -1 lines
Diff to previous 1.74 (colored)
Link bn_isqrt.c to build ok jsing
Revision 1.74 / (download) - annotate - [select for diffs], Sun May 8 20:59:32 2022 UTC (2 years, 1 month ago) by tb
Branch: MAIN
Changes since 1.73: +1 -2 lines
Diff to previous 1.73 (colored)
Remove openssl/cterr.h and inline it in openssl/ct.h ok jsing
Revision 1.73 / (download) - annotate - [select for diffs], Thu May 5 08:50:35 2022 UTC (2 years, 1 month ago) by tb
Branch: MAIN
Changes since 1.72: +7 -1 lines
Diff to previous 1.72 (colored)
Link kdf/ to the build ok beck jsing
Revision 1.72 / (download) - annotate - [select for diffs], Wed Mar 23 15:13:31 2022 UTC (2 years, 2 months ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.71: +2 -1 lines
Diff to previous 1.71 (colored)
Start disentangling armv7 and aarch64 code
arm_arch.h and armcap.c are shared between armv7 and aarch64 which
results in an inscrutable #ifdef maze. Move copies of these files
into arch/{arm,aarch64}/ with appropriate names and some trivial
minor adjustments.
ok deraadt inoguchi kettenis
Revision 1.71 / (download) - annotate - [select for diffs], Fri Jan 14 08:38:05 2022 UTC (2 years, 4 months ago) by tb
Branch: MAIN
Changes since 1.70: +2 -3 lines
Diff to previous 1.70 (colored)
Remove legacy sign/verify from EVP_MD.
This removes m_dss.c, m_dss1.c, and m_ecdsa.c and the corresponding
public API EVP_{dss,dss1,ecdsa}().
This is basically the following OpenSSL commit. The mentioned change in
RSA is already present in rsa/rsa_pmeth.c.
ok inoguchi jsing
commit 7f572e958b13041056f377a62d3219633cfb1e8a
Author: Dr. Stephen Henson <steve@openssl.org>
Date: Wed Dec 2 13:57:04 2015 +0000
Remove legacy sign/verify from EVP_MD.
Remove sign/verify and required_pkey_type fields of EVP_MD: these are a
legacy from when digests were linked to public key types. All signing is
now handled by the corresponding EVP_PKEY_METHOD.
Only allow supported digest types in RSA EVP_PKEY_METHOD: other algorithms
already block unsupported types.
Remove now obsolete EVP_dss1() and EVP_ecdsa().
Reviewed-by: Richard Levitte <levitte@openssl.org>
Plus OpenSSL commit 625a9baf11c1dd94f17e5876b6ee8d6271b3921d for m_dss.c
Revision 1.70 / (download) - annotate - [select for diffs], Fri Jan 14 08:12:31 2022 UTC (2 years, 4 months ago) by tb
Branch: MAIN
Changes since 1.69: +1 -3 lines
Diff to previous 1.69 (colored)
Remove obsolete key formats
This removes NETSCAPE_X509, NETSCAPE{,_ENCRYPTED}_PKEY, RSA_NET,
Netscape_RSA things. Some of the nasty tentacles that could go in
principle are used in some test suites, so we need to keep them...
All this was removed as part of OpenSSL commit 0bc2f365.
ok inoguchi jsing
Revision 1.69 / (download) - annotate - [select for diffs], Fri Jan 14 07:52:24 2022 UTC (2 years, 4 months ago) by tb
Branch: MAIN
Changes since 1.68: +2 -2 lines
Diff to previous 1.68 (colored)
Remove PEM_Seal{Init,Update,Final}
This unused, bug-ridden API was removed in OpenSSL commit 0674427f.
ok inoguchi jsing
Revision 1.68 / (download) - annotate - [select for diffs], Fri Jan 7 09:55:31 2022 UTC (2 years, 5 months ago) by tb
Branch: MAIN
Changes since 1.67: +2 -1 lines
Diff to previous 1.67 (colored)
Prepare to make RSA and RSA_METHOD opaque by including rsa_locl.h where it will be needed in the upcoming bump. discussed with jsing
Revision 1.67 / (download) - annotate - [select for diffs], Fri Jan 7 09:45:52 2022 UTC (2 years, 5 months ago) by tb
Branch: MAIN
Changes since 1.66: +2 -1 lines
Diff to previous 1.66 (colored)
Add an essentially empty ocsp_local.h and include it in the files that will need it in the upcoming bump. discussed with jsing
Revision 1.66 / (download) - annotate - [select for diffs], Fri Jan 7 09:35:36 2022 UTC (2 years, 5 months ago) by tb
Branch: MAIN
Changes since 1.65: +2 -1 lines
Diff to previous 1.65 (colored)
Prepare the move of DSA_SIG, DSA_METHOD and DSA to dsa_locl.h by including the local header where it will be needed. discussed with jsing
Revision 1.65 / (download) - annotate - [select for diffs], Fri Jan 7 09:27:13 2022 UTC (2 years, 5 months ago) by tb
Branch: MAIN
Changes since 1.64: +2 -1 lines
Diff to previous 1.64 (colored)
Add an essentially empty dh_local.h and include it in the files where it will be needed in the upcoming bump. discussed with jsing
Revision 1.64 / (download) - annotate - [select for diffs], Fri Jan 7 09:02:17 2022 UTC (2 years, 5 months ago) by tb
Branch: MAIN
Changes since 1.63: +2 -1 lines
Diff to previous 1.63 (colored)
Add a new, mostly empty, bio_local.h and include it in the files that will need it in the upcoming bump. discussed with jsing
Revision 1.63 / (download) - annotate - [select for diffs], Sat Dec 25 12:21:36 2021 UTC (2 years, 5 months ago) by jsing
Branch: MAIN
Changes since 1.62: +2 -2 lines
Diff to previous 1.62 (colored)
Merge asn_pack.c into asn1_item.c - these are two ASN1_item_* functions. No functional change.
Revision 1.62 / (download) - annotate - [select for diffs], Sat Dec 25 12:19:16 2021 UTC (2 years, 5 months ago) by jsing
Branch: MAIN
Changes since 1.61: +2 -2 lines
Diff to previous 1.61 (colored)
Merge evp_asn1.c into a_type.c - these are all ASN1_TYPE_* functions. No functional change.
Revision 1.61 / (download) - annotate - [select for diffs], Sat Dec 25 12:00:22 2021 UTC (2 years, 5 months ago) by jsing
Branch: MAIN
Changes since 1.60: +4 -4 lines
Diff to previous 1.60 (colored)
More consolidation of ASN.1 code. Consolidate various ASN1_item_* functions into asn1_item.c and the remaining NO_OLD_ASN1 code (not to be confused with the NO_ASN1_OLD code) into asn1_old.c. This is preferable to having many files, often with one or two functions per file. No functional change. Discussed with tb@
Revision 1.60 / (download) - annotate - [select for diffs], Sat Dec 25 07:04:03 2021 UTC (2 years, 5 months ago) by jsing
Branch: MAIN
Changes since 1.59: +2 -2 lines
Diff to previous 1.59 (colored)
Rewrite ASN.1 identifier/length parsing in CBS. Provide internal asn1_get_identifier_cbs() and asn1_get_length_cbs() functions that are called from asn1_get_object_cbs(). Convert the existing ASN1_get_object() function so that it calls asn1_get_object_cbs(), before mapping the result into the API that it implements. ok tb@
Revision 1.59 / (download) - annotate - [select for diffs], Fri Dec 17 11:28:05 2021 UTC (2 years, 5 months ago) by tb
Branch: MAIN
Changes since 1.58: +2 -2 lines
Diff to previous 1.58 (colored)
alphabetical order is hard, tb...
Revision 1.58 / (download) - annotate - [select for diffs], Wed Dec 15 18:12:10 2021 UTC (2 years, 5 months ago) by jsing
Branch: MAIN
Changes since 1.57: +2 -2 lines
Diff to previous 1.57 (colored)
Rename asn1_lib.c to asn1_old_lib.c This will allow us to add a new asn1_lib.c while replacing the code that is in currently in asn1_old_lib.c. Discussed with tb@
Revision 1.57 / (download) - annotate - [select for diffs], Wed Dec 15 18:00:31 2021 UTC (2 years, 5 months ago) by jsing
Branch: MAIN
Changes since 1.56: +5 -5 lines
Diff to previous 1.56 (colored)
Consolidate various ASN.1 code. Rather than having multiple files per type (with minimal code per file), use one file per type (a_<type>.c). No functional change. Discussed with tb@
Revision 1.56 / (download) - annotate - [select for diffs], Tue Dec 14 17:35:21 2021 UTC (2 years, 5 months ago) by jsing
Branch: MAIN
Changes since 1.55: +2 -2 lines
Diff to previous 1.55 (colored)
Consolidate ASN.1 universal tag type data. There are currently three different tables in three different files that contain information about ASN.1 universal class tag types. Range checking is also implemented in three different places (with different implementations). Consolidate all of this into a single table, provide a lookup function that deals with the range checks and wrappers to deal with specific types. ok inoguchi@ tb@
Revision 1.55 / (download) - annotate - [select for diffs], Mon Dec 13 17:56:15 2021 UTC (2 years, 5 months ago) by jsing
Branch: MAIN
Changes since 1.54: +2 -2 lines
Diff to previous 1.54 (colored)
Clean up d2i_ASN1_BOOLEAN() and i2d_ASN1_BOOLEAN(). Convert these to templated ASN.1, given we already have ASN1_BOOLEAN_it. ok inoguchi@ tb@
Revision 1.54 / (download) - annotate - [select for diffs], Sun Dec 12 21:23:47 2021 UTC (2 years, 5 months ago) by tb
Branch: MAIN
Changes since 1.53: +2 -1 lines
Diff to previous 1.53 (colored)
Add -I${LIBCRYPTO_SRC}/hmac to CFLAGS. Needed in an upcoming commit.
ok inoguchi
Revision 1.53 / (download) - annotate - [select for diffs], Sat Dec 4 16:29:25 2021 UTC (2 years, 6 months ago) by tb
Branch: MAIN
Changes since 1.52: +8 -6 lines
Diff to previous 1.52 (colored)
List subdirectories as a simple list. Avoids a source of many merge conflicts in my work on making much of libcrypto opaque. discussed with jsing
Revision 1.52 / (download) - annotate - [select for diffs], Sat Dec 4 15:38:10 2021 UTC (2 years, 6 months ago) by jsing
Branch: MAIN
Changes since 1.51: +3 -3 lines
Diff to previous 1.51 (colored)
Consolidate {d2i,i2d}_{pr,pu}.c
Currently there are two files for private key ASN.1 (d2i_pr.c, i2d_pr.c)
and two files for public key ASN.1 (d2i_pu.c, i2d_pu.c). All of the other
ASN.1 code has d2i and i2d in the same per-object file.
Consolidate d2i_pr.c/i2d_pr.c into a_pkey.c and consolidate
d2i_pu.c/i2d_pu.c into a_pubkey.c before making any further changes to
this code.
ok tb@
Revision 1.51 / (download) - annotate - [select for diffs], Wed Nov 24 01:12:43 2021 UTC (2 years, 6 months ago) by beck
Branch: MAIN
Changes since 1.50: +9 -2 lines
Diff to previous 1.50 (colored)
Make the certificate transparency code build with the rest of the library Do not expose it yet, this will wait for an upcoming bump ok tb@
Revision 1.50 / (download) - annotate - [select for diffs], Sat Nov 20 18:10:52 2021 UTC (2 years, 6 months ago) by jsing
Branch: MAIN
Changes since 1.49: +7 -3 lines
Diff to previous 1.49 (colored)
Provide the bytestring APIs for libcrypto internal use. Bring a copy of the bytestring APIs (CBB/CBS) from libssl, for use in libcrypto - these are not exposed publicly. Discussed with beck@ and tb@
Revision 1.49 / (download) - annotate - [select for diffs], Mon Nov 1 20:53:08 2021 UTC (2 years, 7 months ago) by tb
Branch: MAIN
Changes since 1.48: +3 -3 lines
Diff to previous 1.48 (colored)
Move the now internal X.509-related structs into x509_lcl.h. Garbage collect the now unused LIBRESSL_CRYPTO_INTERNAL and LIBRESSL_OPAQUE_X509. Include "x509_lcl.h" where needed and fix a couple of unnecessary reacharounds. ok jsing
Revision 1.48 / (download) - annotate - [select for diffs], Sun Oct 31 16:51:16 2021 UTC (2 years, 7 months ago) by tb
Branch: MAIN
Changes since 1.47: +2 -2 lines
Diff to previous 1.47 (colored)
Hide struct internals under LIBRESSL_CRYPTO_INTERNAL so that other parts of LibreSSL can no longer reach into them. discussed with beck, jsing
Revision 1.47 / (download) - annotate - [select for diffs], Sat Oct 23 09:13:51 2021 UTC (2 years, 7 months ago) by beck
Branch: MAIN
Changes since 1.46: +2 -2 lines
Diff to previous 1.46 (colored)
Add back the fips mode test functions, new stuff requires this. Symbols.list changes to follow with tb's upcoming bump ok jsing@
Revision 1.46 / (download) - annotate - [select for diffs], Fri Sep 3 23:30:42 2021 UTC (2 years, 9 months ago) by job
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0
Changes since 1.45: +2 -1 lines
Diff to previous 1.45 (colored)
Add X509 Extensions for IP Addresses and AS Identifiers (subordinate code paths are include guarded) OK tb@
Revision 1.45 / (download) - annotate - [select for diffs], Sun Sep 13 15:06:16 2020 UTC (3 years, 8 months ago) by beck
Branch: MAIN
CVS Tags: OPENBSD_6_9_BASE,
OPENBSD_6_9,
OPENBSD_6_8_BASE,
OPENBSD_6_8
Changes since 1.44: +3 -2 lines
Diff to previous 1.44 (colored)
Add new x509 certificate chain validator in x509_verify.c The new validator finds multiple validated chains to handle the modern PKI cases which may frequently have multiple paths via different intermediates to different roots. It is loosely based on golang's x509 validator This includes integration so that the new validator can be used via X509_verify_cert() as well as a new api x509_verify() which will return multiple chains (similar to go). The new validator is not enabled by default with this commit, this will be changed in a follow on commit. The new public API is not yet exposed, and will be finalized and exposed with a man page and a library minor bump later. ok tb@ inoguchi@ jsing@
Revision 1.44 / (download) - annotate - [select for diffs], Fri Sep 11 18:34:29 2020 UTC (3 years, 8 months ago) by beck
Branch: MAIN
Changes since 1.43: +2 -2 lines
Diff to previous 1.43 (colored)
Add x509_constraints.c - a new implementation of x509 name constraints, with regression tests. The use of the new name constraints is not yet activated in x509_vfy.c and will be activated in a follow on commit ok jsing@
Revision 1.43 / (download) - annotate - [select for diffs], Fri Sep 11 14:30:51 2020 UTC (3 years, 8 months ago) by beck
Branch: MAIN
Changes since 1.42: +2 -1 lines
Diff to previous 1.42 (colored)
Add issuer cache, to be used by upcoming changes to validation code. ok tb@ jsing@
Revision 1.42 / (download) - annotate - [select for diffs], Tue Jun 9 16:53:52 2020 UTC (4 years ago) by deraadt
Branch: MAIN
Changes since 1.41: +1 -11 lines
Diff to previous 1.41 (colored)
The check_includes step is incorrect dependency management model for how our tree gets built. If this was done in all the libraries (imagine sys/dev), it would disrupt the development process hugely. So it should not be done here either. use 'make includes' by hand instead.
Revision 1.41 / (download) - annotate - [select for diffs], Fri Jun 5 15:28:33 2020 UTC (4 years ago) by jsing
Branch: MAIN
Changes since 1.40: +2 -2 lines
Diff to previous 1.40 (colored)
One error file per directory is plenty.
Revision 1.40 / (download) - annotate - [select for diffs], Thu Jun 4 15:19:31 2020 UTC (4 years ago) by jsing
Branch: MAIN
Changes since 1.39: +7 -10 lines
Diff to previous 1.39 (colored)
Collapse the x509v3 directory into x509. This avoids the need to grep across directories to find functions and prepares for further rototilling and chainsawing. Discussed with tb@ (who also tested the release build)
Revision 1.39 / (download) - annotate - [select for diffs], Wed Jan 22 07:58:27 2020 UTC (4 years, 4 months ago) by jsing
Branch: MAIN
CVS Tags: OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.38: +11 -1 lines
Diff to previous 1.38 (colored)
Add checks to ensure that lib{crypto,ssl,tls} public headers have actually
been installed prior to building.
Requested by and ok tb@
Revision 1.38 / (download) - annotate - [select for diffs], Wed Jan 22 06:56:50 2020 UTC (4 years, 4 months ago) by jsing
Branch: MAIN
Changes since 1.37: +2 -9 lines
Diff to previous 1.37 (colored)
Simplify header installation by combining the HDRS and HDRS_GEN loops. ok beck@
Revision 1.37 / (download) - annotate - [select for diffs], Sat Nov 2 13:38:04 2019 UTC (4 years, 7 months ago) by jsing
Branch: MAIN
Changes since 1.36: +6 -1 lines
Diff to previous 1.36 (colored)
Enable CMS in LibreSSL. ok bcook@ deraadt@ inoguchi@ job@ tb@
Revision 1.36 / (download) - annotate - [select for diffs], Mon Sep 9 16:49:03 2019 UTC (4 years, 9 months ago) by jsing
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.35: +3 -1 lines
Diff to previous 1.35 (colored)
Install the openssl/cms.h header. This header includes OPENSSL_NO_CMS guards, so even if things find the header it provides no useful content (and other code should technically also be using OPENSSL_NO_CMS...). ok deraadt@ inoguchi@
Revision 1.35 / (download) - annotate - [select for diffs], Fri Sep 6 17:59:24 2019 UTC (4 years, 9 months ago) by jsing
Branch: MAIN
Changes since 1.34: +2 -1 lines
Diff to previous 1.34 (colored)
Add various macros and controls for EC_PKEY_CTX. These are needed for the upcoming EC CMS support (nothing else appears to use them). This largely syncs our ec_pmeth.c with OpenSSL 1.1.1b. With input from inoguchi@ and tb@. ok inoguchi@ tb@
Revision 1.34 / (download) - annotate - [select for diffs], Thu Sep 5 16:16:05 2019 UTC (4 years, 9 months ago) by jsing
Branch: MAIN
Changes since 1.33: +2 -2 lines
Diff to previous 1.33 (colored)
Build ecdh_kdf.c
Revision 1.33 / (download) - annotate - [select for diffs], Sun Mar 17 17:42:37 2019 UTC (5 years, 2 months ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5
Changes since 1.32: +7 -1 lines
Diff to previous 1.32 (colored)
Add the SM4 block cipher from the Chinese standard GB/T 32907-2016. This is an ISC licensed version based on the sources by Ribose Inc that were ported to OpenSSL in 2017. Patch from Daniel Wyatt with minor tweaks. ok inoguchi, jsing
Revision 1.32 / (download) - annotate - [select for diffs], Wed Jan 23 00:50:39 2019 UTC (5 years, 4 months ago) by tb
Branch: MAIN
Changes since 1.31: +1 -2 lines
Diff to previous 1.31 (colored)
No need to include <bsd.prog.mk> here. ok bcook
Revision 1.31 / (download) - annotate - [select for diffs], Sat Jan 19 01:07:00 2019 UTC (5 years, 4 months ago) by tb
Branch: MAIN
Changes since 1.30: +7 -3 lines
Diff to previous 1.30 (colored)
Partial port of EC_KEY_METHOD from OpenSSL 1.1. This commit adds init/free, support for signing, setting and getting the method, engine support as well as extra data. from markus
Revision 1.30 / (download) - annotate - [select for diffs], Sun Nov 11 06:53:31 2018 UTC (5 years, 7 months ago) by tb
Branch: MAIN
Changes since 1.29: +7 -2 lines
Diff to previous 1.29 (colored)
Add Ribose Inc's implementation of the SM3 hashing function with tweaks from jsing and myself. The SM2/SM3/SM4 algorithms are mandatory for legal use of cryptography within China and [are] widely applied in the country, covering identification/financial cards, contactless, TPM 2.0 and PKI. ok beck inoguchi jsing
Revision 1.29 / (download) - annotate - [select for diffs], Sun Nov 11 06:41:28 2018 UTC (5 years, 7 months ago) by bcook
Branch: MAIN
Changes since 1.28: +2 -2 lines
Diff to previous 1.28 (colored)
Add automatic threading initialization for libcrypto. This implements automatic thread support initialization in libcrypto. This does not remove any functions from the ABI, but does turn them into no-ops. Stub implementations of pthread_mutex_(init|lock|unlock) are provided for ramdisks. This does not implement the new OpenSSL 1.1 thread API internally, keeping the original CRYTPO_lock / CRYPTO_add_lock functions for library locking. For -portable, crypto_lock.c can be reimplemented with OS-specific primitives as needed. ok beck@, tb@, looks sane guenther@
Revision 1.28 / (download) - annotate - [select for diffs], Wed Oct 24 17:57:22 2018 UTC (5 years, 7 months ago) by jsing
Branch: MAIN
Changes since 1.27: +2 -4 lines
Diff to previous 1.27 (colored)
Remove a bunch of ancient and highly crufty ASN.1 related code from libcrypto (the "new" stuff replaced this back around 2000 or so...). ok tb@
Revision 1.27 / (download) - annotate - [select for diffs], Sat Mar 17 16:20:01 2018 UTC (6 years, 2 months ago) by beck
Branch: MAIN
CVS Tags: OPENBSD_6_4_BASE,
OPENBSD_6_4,
OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.26: +2 -2 lines
Diff to previous 1.26 (colored)
Bring in compatibility for OpenSSL 1.1 style init functions. This adds OPENSSL_init_crypto and OPENSSL_init_ssl, as well thread safety modifications for the existing LibreSSL init functions. The initialization routines are called automatically by the normal entry points into the library, as in newer OpenSSL ok jsing@, nits by tb@ and deraadt@
Revision 1.26 / (download) - annotate - [select for diffs], Sat Mar 17 15:19:12 2018 UTC (6 years, 2 months ago) by tb
Branch: MAIN
Changes since 1.25: +2 -1 lines
Diff to previous 1.25 (colored)
Add DSA_meth_{dup,free,new,set_{finish,sign}}()
As in RSA_meth_*, note that these functions return NULL in
out-of-memory situations, but they do not set an error explicitly.
ok jsing
Revision 1.25 / (download) - annotate - [select for diffs], Sat Mar 17 15:12:56 2018 UTC (6 years, 2 months ago) by tb
Branch: MAIN
Changes since 1.24: +2 -2 lines
Diff to previous 1.24 (colored)
Provide RSA_meth_{dup,free,new,set_{finish,priv_{dec,enc}}}()
Note that these functions return NULL in out-of-memory situations,
but contrary to OpenSSL's versions they do not set an error.
ok jsing
Revision 1.24 / (download) - annotate - [select for diffs], Sat Feb 17 13:57:14 2018 UTC (6 years, 3 months ago) by tb
Branch: MAIN
Changes since 1.23: +2 -2 lines
Diff to previous 1.23 (colored)
Provide BIO_meth_{free,new}() and BIO_meth_set_{create,crtl,destroy}()
and BIO_meth_set_{puts,read,write}().
ok jsing
Revision 1.23 / (download) - annotate - [select for diffs], Mon Aug 28 17:41:59 2017 UTC (6 years, 9 months ago) by jsing
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.22: +2 -2 lines
Diff to previous 1.22 (colored)
Remove RSA_padding_add_SSLv23()/RSA_padding_check_SSLv23() and related code. We removed SSLv2/SSLv3 a long time ago... Discussed with doug@
Revision 1.22 / (download) - annotate - [select for diffs], Sun Aug 20 17:53:12 2017 UTC (6 years, 9 months ago) by espie
Branch: MAIN
Changes since 1.21: +3 -3 lines
Diff to previous 1.21 (colored)
sprinkle a few missing dependencies on perl scripts internal bits. 'it works' deraadt@
Revision 1.21 / (download) - annotate - [select for diffs], Sun Aug 13 19:42:33 2017 UTC (6 years, 9 months ago) by doug
Branch: MAIN
Changes since 1.20: +2 -2 lines
Diff to previous 1.20 (colored)
Switch to -Werror with clang for libressl. Discussed with beck@ and jsing@ ok beck@
Revision 1.20 / (download) - annotate - [select for diffs], Mon Jul 10 21:30:37 2017 UTC (6 years, 11 months ago) by espie
Branch: MAIN
Changes since 1.19: +1 -2 lines
Diff to previous 1.19 (colored)
remove misc. depend and yacc nits that no longer matter. okay millert@
Revision 1.19 / (download) - annotate - [select for diffs], Fri Jun 16 10:25:54 2017 UTC (6 years, 11 months ago) by espie
Branch: MAIN
Changes since 1.18: +2 -1 lines
Diff to previous 1.18 (colored)
mark files as BUILDFIRST, or write explicit dependencies, so that most programs will build even without a make depend first. okay tb@ millert@
Revision 1.18 / (download) - annotate - [select for diffs], Mon May 29 09:44:01 2017 UTC (7 years ago) by deraadt
Branch: MAIN
Changes since 1.17: +2 -1 lines
Diff to previous 1.17 (colored)
Randomize link-order of libcrypto as we do with libc. This library has many small functions without significant local storage, therefore less tail protection from -fstack-protector-strong to prevent their use as ROP gadgets. It is used in security contexts. Also many functions dribble pointers onto the stack, allowing discovery of gadgets via the fixed relative addresses, so let's randomly bias those. ok tedu jsing The rc script will soon need a strategy for skipping this step on machines with poor IO performance. Or maybe do it less often? However, I don't see many more libraries we'll do this with, these are the two most important ones.
Revision 1.17 / (download) - annotate - [select for diffs], Sat May 6 20:42:57 2017 UTC (7 years, 1 month ago) by beck
Branch: MAIN
Changes since 1.16: +6 -1 lines
Diff to previous 1.16 (colored)
Bring in HKDF, from BoringSSL, with regress tests modified to be in C. Ride previous minor bump ok tom@ inoguchi@ jsing@
Revision 1.16 / (download) - annotate - [select for diffs], Sun Apr 30 04:44:58 2017 UTC (7 years, 1 month ago) by jsing
Branch: MAIN
Changes since 1.15: +6 -3 lines
Diff to previous 1.15 (colored)
Only enable -Werror on libcrypto/libssl/libtls if we are building with gcc4. This should avoid failed builds while transitioning compilers. While here also make the CFLAGS blocks consistent across makefiles. Discussed with deraadt@, ok beck@
Revision 1.15 / (download) - annotate - [select for diffs], Tue Feb 28 14:15:37 2017 UTC (7 years, 3 months ago) by jsing
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1
Changes since 1.14: +2 -1 lines
Diff to previous 1.14 (colored)
Add an EVP interface that provides concatenated MD5+SHA1 hashes, which are used in various parts of TLS 1.0/1.1. This will allow for code simplification in libssl. The same interface exists in OpenSSL 1.1. ok beck@ deraadt@ inoguchi@ millert@
Revision 1.14 / (download) - annotate - [select for diffs], Sat Jan 21 09:38:58 2017 UTC (7 years, 4 months ago) by beck
Branch: MAIN
Changes since 1.13: +3 -2 lines
Diff to previous 1.13 (colored)
Make explicit _ct and _nonct versions of bn_mod_exp funcitons that matter for constant time, and make the public interface only used external to the library. This moves us to a model where the important things are constant time versions unless you ask for them not to be, rather than the opposite. I'll continue with this method by method. Add regress tests for same. ok jsing@
Revision 1.13 / (download) - annotate - [select for diffs], Wed Dec 21 15:49:29 2016 UTC (7 years, 5 months ago) by jsing
Branch: MAIN
Changes since 1.12: +10 -2 lines
Diff to previous 1.12 (colored)
Explicitly export a list of symbols from libcrypto. Move the "internal" BN functions from bn.h to bn_lcl.h and stop exporting the bn_* symbols. These are documented as only being intended for internal use, so why they were placed in a public header is beyond me... This hides 363 previously exported symbols, most of which exist in headers that are not installed and were never intended to be public. This also removes a few crusty old things that should have died long ago (like _ossl_old_des_read_pw). But don't worry... there are still 3451 symbols exported from the library. With input and testing from inoguchi@. ok beck@ inoguchi@
Revision 1.12 / (download) - annotate - [select for diffs], Sat Nov 5 15:01:54 2016 UTC (7 years, 7 months ago) by schwarze
Branch: MAIN
Changes since 1.11: +5 -2 lines
Diff to previous 1.11 (colored)
after getting rid of the pod files, clean up the Makefiles; ok bcook@
Revision 1.11 / (download) - annotate - [select for diffs], Sat Nov 5 14:57:29 2016 UTC (7 years, 7 months ago) by jsing
Branch: MAIN
Changes since 1.10: +6 -1 lines
Diff to previous 1.10 (colored)
Add support for X25519. This brings in code from BoringSSL, which is mostly taken from SUPERCOP. ok beck@ bcook@
Revision 1.10 / (download) - annotate - [select for diffs], Fri Nov 4 18:12:49 2016 UTC (7 years, 7 months ago) by jsing
Branch: MAIN
Changes since 1.9: +1 -6 lines
Diff to previous 1.9 (colored)
Nuke the KRB5 ASN.1 code from orbit. ok beck@
Revision 1.9 / (download) - annotate - [select for diffs], Fri Nov 4 13:57:38 2016 UTC (7 years, 7 months ago) by miod
Branch: MAIN
Changes since 1.8: +1 -4 lines
Diff to previous 1.8 (colored)
No need to reach libssl private headers and to define TERMIOS anymore. ok bcook@
Revision 1.8 / (download) - annotate - [select for diffs], Sun Oct 16 19:28:44 2016 UTC (7 years, 7 months ago) by tb
Branch: MAIN
Changes since 1.7: +4 -2 lines
Diff to previous 1.7 (colored)
Move libcrypto, librpcsvc and gnu/usr.bin/cc/include from RDIRS to PRDIRS,
and add prereq targets, so some header files are generated by BUILDUSER
during 'make prereq' instead of by root during 'make includes'.
Switch the order of 'make cleandir' and 'make includes' during 'make build'
so we don't generate many files twice.
Except for some machine@ symlinks from ${MACHINE}/stand, /usr/obj is now
clean from files generated by root during 'make build'. Those will be
cleaned up in a second step.
help, testing & ok deraadt, input from natano, further testing rpe
Revision 1.7 / (download) - annotate - [select for diffs], Fri Sep 23 21:49:30 2016 UTC (7 years, 8 months ago) by natano
Branch: MAIN
Changes since 1.6: +2 -2 lines
Diff to previous 1.6 (colored)
Append to CLEANFILES instead of replacing it, so libcrypto.pc is deleted on make clean. ok millert
Revision 1.6 / (download) - annotate - [select for diffs], Wed Sep 14 06:26:02 2016 UTC (7 years, 8 months ago) by natano
Branch: MAIN
Changes since 1.5: +3 -2 lines
Diff to previous 1.5 (colored)
Generate pkg-config files at build time like everything else. This avoids permission problems due to the build and install stages being run by different users. ok deraadt jasper
Revision 1.5 / (download) - annotate - [select for diffs], Sun Sep 11 14:31:02 2016 UTC (7 years, 9 months ago) by natano
Branch: MAIN
Changes since 1.4: +4 -4 lines
Diff to previous 1.4 (colored)
Files in /etc/ssl belong to root. ok deraadt
Revision 1.4 / (download) - annotate - [select for diffs], Sun Sep 4 17:59:26 2016 UTC (7 years, 9 months ago) by jsing
Branch: MAIN
Changes since 1.3: +1 -8 lines
Diff to previous 1.3 (colored)
Remove cms.
Revision 1.3 / (download) - annotate - [select for diffs], Sun Sep 4 09:54:25 2016 UTC (7 years, 9 months ago) by natano
Branch: MAIN
Changes since 1.2: +5 -5 lines
Diff to previous 1.2 (colored)
only regen pkg-config files when required; ok jasper
Revision 1.2 / (download) - annotate - [select for diffs], Sat Sep 3 12:42:46 2016 UTC (7 years, 9 months ago) by beck
Branch: MAIN
Changes since 1.1: +427 -2 lines
Diff to previous 1.1 (colored)
Make tree build again
Revision 1.1 / (download) - annotate - [select for diffs], Fri Apr 11 22:51:53 2014 UTC (10 years, 2 months ago) by miod
Branch: MAIN
CVS Tags: OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9,
OPENBSD_5_8_BASE,
OPENBSD_5_8,
OPENBSD_5_7_BASE,
OPENBSD_5_7,
OPENBSD_5_6_BASE,
OPENBSD_5_6
Move build machinery for libcrypto from libssl/crypto to libcrypto, as well as configuration files; split manpages and .pc files between libcrypto and libssl. No functional change, only there to make engineering easier, and libcrypto sources are still found in libssl/src/crypto at the moment. ok reyk@, also discussed with deraadt@ beck@ and the usual crypto suspects.