Up to [local] / src / lib / libssl
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.4 / (download) - annotate - [select for diffs], Sat Feb 3 15:58:34 2024 UTC (3 months, 4 weeks ago) by beck
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
HEAD
Changes since 1.3: +1 -5 lines
Diff to previous 1.3 (colored)
Remove GOST and STREEBOG support from libssl. This version of GOST is old and not anywhere close to compliant with modern GOST standards. It is also very intrusive in libssl and makes a mess everywhere. Efforts to entice a suitably minded anyone to care about it have been unsuccessful. At this point it is probably best to remove this, and if someone ever showed up who truly needed a working version, it should be a clean implementation from scratch, and have it use something closer to the typical API in libcrypto so it would integrate less painfully here. This removes it from libssl in preparation for it's removal from libcrypto with a future major bump ok tb@
Revision 1.3 / (download) - annotate - [select for diffs], Sat Nov 26 16:08:56 2022 UTC (18 months ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_7_4_BASE,
OPENBSD_7_4,
OPENBSD_7_3_BASE,
OPENBSD_7_3
Changes since 1.2: +2 -2 lines
Diff to previous 1.2 (colored)
Make internal header file names consistent Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special. Adjust all .c files in libcrypto, libssl and regress. The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually. discussed with jsing, no objection bcook
Revision 1.2 / (download) - annotate - [select for diffs], Mon Nov 7 11:58:45 2022 UTC (18 months, 3 weeks ago) by jsing
Branch: MAIN
Changes since 1.1: +121 -1 lines
Diff to previous 1.1 (colored)
Rewrite TLSv1.2 key exporter. Replace the grotty TLSv1.2 key exporter with a cleaner version that uses CBB and CBS. ok tb@
Revision 1.1 / (download) - annotate - [select for diffs], Wed May 5 10:05:27 2021 UTC (3 years ago) by jsing
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1,
OPENBSD_7_0_BASE,
OPENBSD_7_0
Rewrite TLSv1.2 key block handling. For TLSv1.2 a single key block is generated, then partitioned into individual secrets for use as IVs and keys. The previous implementation splits this across two functions tls1_setup_key_block() and tls1_change_cipher_state(), which means that the IV and key sizes have to be known in multiple places. This implementation generates and partitions the key block in a single step, meaning that the secrets are then simply handed out when requested. ok inoguchi@ tb@