Commit graph

571 commits

Author SHA1 Message Date
Richard Levitte
777a288270 unified build scheme: add build.info files
Now that we have the foundation for the "unified" build scheme in
place, we add build.info files.  They have been generated from the
Makefiles in the same directories.  Things that are platform specific
will appear in later commits.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2016-02-01 12:46:58 +01:00
Rich Salz
ced2c2c598 Templatize util/domd
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-29 16:56:07 -05:00
Rich Salz
349807608f Remove /* foo.c */ comments
This was done by the following
        find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
        print unless $. == 1 && m@/\* .*\.[ch] \*/@;
        close ARGV if eof; # Close file to reset $.

And then some hand-editing of other files.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-26 16:40:43 -05:00
FdaSilvaYY
98637bd30e Fix two possible leaks.
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>

GH: #580
2016-01-24 00:47:41 +01:00
Richard Levitte
24dfa621c8 Add an engine destructor to eng_cryptodev.
Reviewed-by: Ben Laurie <ben@openssl.org>
2016-01-20 18:43:38 +01:00
Richard Levitte
b61d2da71b Adapt BSD cryptodev engine to opaque EVP_MD_CTX, EVP_CIPHER_CTX, etc
Reviewed-by: Ben Laurie <ben@openssl.org>
2016-01-20 18:43:38 +01:00
Rich Salz
56c77c52e1 Remove update tags
Also remove depend/local_depend.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-20 09:09:14 -05:00
Matt Caswell
a8eda4312d Remove the GOST engine
The GOST engine is now out of date and is removed by this commit. An up
to date GOST engine is now being maintained in an external repository.

See:
https://wiki.openssl.org/index.php/Binaries

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-19 22:29:32 +00:00
Rich Salz
ee6d9f4eb6 Remove some old makefile targets
Remove lint, tags, dclean, tests.
This is prep for a new makedepend scheme.
This is temporary pending unified makefile, and might help it.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-17 14:47:32 -05:00
Rich Salz
d10dac1187 Move Makefiles to Makefile.in
Create Makefile's from Makefile.in
Rename Makefile.org to Makefile.in
Rename Makefiles to Makefile.in
Address review feedback from Viktor and Richard

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-12 16:26:56 -05:00
Richard Levitte
ff4b7fafb3 make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-12 13:58:29 +01:00
Richard Levitte
39e8d0ce73 Adapt all engines that need it to opaque EVP_CIPHER
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-12 13:52:22 +01:00
Richard Levitte
936166aff2 Adapt cipher implementations to opaque EVP_CIPHER_CTX
Note: there's a larger number of implementations in crypto/evp/ that
aren't affected because they include evp_locl.h.  They will be handled
in a separate commit.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-12 13:52:22 +01:00
Dr. Stephen Henson
89d6aa10a2 Use ossl_inline and DEFINE_LHASH_OF
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-11 17:50:42 +00:00
Dr. Stephen Henson
2a056de832 Add lh_doall_arg inlining
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-11 17:50:27 +00:00
Dr. Stephen Henson
63c75cd688 Add lh_doall inlining
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-11 17:50:27 +00:00
Dr. Stephen Henson
62d0577e0d Add lh_new() inlining
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-11 17:50:27 +00:00
Dr. Stephen Henson
e6b5c341b9 Inline LHASH_OF
Make LHASH_OF use static inline functions.

Add new lh_get_down_load and lh_set_down_load functions and their
typesafe inline equivalents.

Make lh_error a function instead of a macro.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-11 17:50:27 +00:00
Rich Salz
bbd86bf542 mem functions cleanup
Only two macros CRYPTO_MDEBUG and CRYPTO_MDEBUG_ABORT to control this.
If CRYPTO_MDEBUG is not set, #ifdef out the whole debug machinery.
        (Thanks to Jakob Bohm for the suggestion!)
Make the "change wrapper functions" be the only paradigm.
Wrote documentation!
Format the 'set func' functions so their paramlists are legible.
Format some multi-line comments.
Remove ability to get/set the "memory debug" functions at runtme.
Remove MemCheck_* and CRYPTO_malloc_debug_init macros.
Add CRYPTO_mem_debug(int flag) function.
Add test/memleaktest.
Rename CRYPTO_malloc_init to OPENSSL_malloc_init; remove needless calls.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 15:14:18 -05:00
Dr. Stephen Henson
8588571572 Rename DECLARE*STACK_OF to DEFINE*STACK_OF
Applications wishing to include their own stacks now just need to include

DEFINE_STACK_OF(foo)

in a header file.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-01-07 18:00:51 +00:00
Richard Levitte
31384753c7 Remove the "eay" c-file-style indicators
Since we don't use the eay style any more, there's no point tryint to
tell emacs to use it.

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-18 13:08:40 +01:00
Rich Salz
7644a9aef8 Rename some BUF_xxx to OPENSSL_xxx
Rename BUF_{strdup,strlcat,strlcpy,memdup,strndup,strnlen}
to OPENSSL_{strdup,strlcat,strlcpy,memdup,strndup,strnlen}
Add #define's for the old names.
Add CRYPTO_{memdup,strndup}, called by OPENSSL_{memdup,strndup} macros.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-12-16 16:14:49 -05:00
Rich Salz
2ab9687479 Remove GMP engine.
Reviewed-by: Ben Laurie <ben@openssl.org>
2015-12-15 07:59:56 -05:00
Ben Laurie
94d6151236 Make no-dh work, plus other no-dh problems found by Richard.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-11 18:38:38 +00:00
Dr. Stephen Henson
91e7bcc264 Use NULL comparison
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:20 +00:00
Dr. Stephen Henson
77d0d10db7 set standard EC method in eng_openssl
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:20 +00:00
Dr. Stephen Henson
3c4e064e78 make update
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:19 +00:00
Dr. Stephen Henson
7d711cbc33 Engine EC_KEY_METHOD functionality.
Rename ENGINE _EC_KEY functions to _EC.
Add support for EC_KEY_METHOD in ENGINE_set_default et al. Copy
ec_meth.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:19 +00:00
Dr. Stephen Henson
1eb97c3ecd remove ECDSA_METHOD from ENGINE
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:19 +00:00
Dr. Stephen Henson
f517ffbb83 remove ECDH_METHOD from ENGINE
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:17 +00:00
Dr. Stephen Henson
28572b577c Support for EC_KEY_METHOD.
Add EC_KEY_METHOD. This is part of the EC revision and will make EC behave
more like other algorithms. Specifically:

EC_KEY_METHOD is part of EC_KEY.
It is part of ENGINE.
Default or key specific implementations can be provided to redirect some
or all operations.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:17 +00:00
Richard Levitte
bf7c68177b Adapt the rest of the source to the opaque HMAC_CTX
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-07 17:39:23 +01:00
Richard Levitte
cddcea8c4b Adapt all engines that add new EVP_MDs
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-07 17:39:23 +01:00
Richard Levitte
6e59a892db Adjust all accesses to EVP_MD_CTX to use accessor functions.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-07 17:39:23 +01:00
Richard Levitte
fa0c23de83 Adapt HMAC to the EVP_MD_CTX changes
This change required some special treatment, as HMAC is intertwined
with EVP_MD.  For now, all local HMAC_CTX variables MUST be
initialised with HMAC_CTX_EMPTY, or whatever happens to be on the
stack will be mistaken for actual pointers to EVP_MD_CTX.  This will
change as soon as HMAC_CTX becomes opaque.

Also, since HMAC_CTX_init() can fail now, its return type changes from
void to int, and it will return 0 on failure, 1 on success.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-07 17:36:57 +01:00
Dr. Stephen Henson
7f572e958b Remove legacy sign/verify from EVP_MD.
Remove sign/verify and required_pkey_type fields of EVP_MD: these are a
legacy from when digests were linked to public key types. All signing is
now handled by the corresponding EVP_PKEY_METHOD.

Only allow supported digest types in RSA EVP_PKEY_METHOD: other algorithms
already block unsupported types.

Remove now obsolete EVP_dss1() and EVP_ecdsa().

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-02 17:52:01 +00:00
Rich Salz
e6390acac9 ex_data part 2: doc fixes and CRYPTO_free_ex_index.
Add CRYPTO_free_ex_index (for shared libraries)
Unify and complete the documentation for all "ex_data" API's and objects.
Replace xxx_get_ex_new_index functions with a macro.
Added an exdata test.
Renamed the ex_data internal datatypes.

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-01 11:48:37 -05:00
Matt Caswell
90945fa31a Continue standardising malloc style for libcrypto
Continuing from previous commit ensure our style is consistent for malloc
return checks.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-11-09 22:48:41 +00:00
Dr. Stephen Henson
b8fb59897b Rebuild error source files.
Rebuild error source files: the new mkerr.pl functionality will now
pick up and translate static function names properly.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-11-05 15:48:37 +00:00
Rich Salz
b0700d2c8d Replace "SSLeay" in API with OpenSSL
All instances of SSLeay (any combination of case) were replaced with
the case-equivalent OpenSSL.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-10-30 17:21:42 -04:00
Ben Laurie
d2c3d5d4fc Probably fix travis (wine build).
Reviewed-by: Stephen Henson <steve@openssl.org>
2015-10-25 17:23:57 +00:00
Ben Laurie
84cf97af06 Improve make depend.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-10-24 17:34:21 +01:00
Ben Laurie
2f1a5d1694 Fix undeclared variable warnings.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-10-24 16:42:51 +01:00
Matt Caswell
8b7080b0b7 Remove Obsolete engines
There are a number of engines in the OpenSSL source code which are now
obsolete. The following engines have been removed: 4758cca, aep, atalla,
cswift, nuron, sureware.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-10-15 17:02:06 +01:00
Richard Levitte
5850cc75ea When ENGINE_add finds that id or name is missing, actually return
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-10-08 11:53:07 +02:00
David Woodhouse
984d6c6052 Fix no-stdio build
Much related/similar work also done by
Ivan Nestlerode <ivan.nestlerode@sonos.com>

   +Replace FILE BIO's with dummy ops that fail.
   +Include <stdio.h> for sscanf() even with no-stdio (since the declaration
    is there). We rely on sscanf() to parse the OPENSSL_ia32cap environment
    variable, since it can be larger than a 'long'. And we don't rely on the
    availability of strtoull().
   +Remove OPENSSL_stderr(); not used.
   +Make OPENSSL_showfatal() do nothing (currently without stdio there's
    nothing we can do).
   +Remove file-based functionality from ssl/. The function
    prototypes were already gone, but not the functions themselves.
   +Remove unviable conf functionality via SYS_UEFI
   +Add fallback definition of BUFSIZ.
   +Remove functions taking FILE * from header files.
   +Add missing DECLARE_PEM_write_fp_const
   +Disable X509_LOOKUP_hash_dir(). X509_LOOKUP_file() was already compiled out,
    so remove its prototype.
   +Use OPENSSL_showfatal() in CRYPTO_destroy_dynlockid().
   +Eliminate SRP_VBASE_init() and supporting functions. Users will need to
    build the verifier manually instead.
   +Eliminate compiler warning for unused do_pk8pkey_fp().
   +Disable TEST_ENG_OPENSSL_PKEY.
   +Disable GOST engine as is uses [f]printf all over the place.
   +Eliminate compiler warning for unused send_fp_chars().

Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-09-29 21:59:19 -04:00
Matt Caswell
8011f64efb make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-16 12:40:55 +01:00
Ben Laurie
df2ee0e27d Enable -Wmissing-variable-declarations and
-Wincompatible-pointer-types-discards-qualifiers (the latter did not require
any code changes).

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-11 04:51:55 +01:00
Rich Salz
64b25758ed remove 0 assignments.
After openssl_zalloc, cleanup more "set to 0/NULL" assignments.
Many are from github feedback.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-09-03 16:26:34 -04:00
Rich Salz
b51bce9420 Add and use OPENSSL_zalloc
There are many places (nearly 50) where we malloc and then memset.
Add an OPENSSL_zalloc routine to encapsulate that.
(Missed one conversion; thanks Richard)
Also fixes GH328

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-09-02 22:05:37 -04:00
Rich Salz
7e5363abe3 Rewrite crypto/ex_data
Removed ability to set ex_data impl at runtime.  This removed these
three functions:
    const CRYPTO_EX_DATA_IMPL *CRYPTO_get_ex_data_implementation(void);
    int CRYPTO_set_ex_data_implementation(const CRYPTO_EX_DATA_IMPL *i);
    int CRYPTO_ex_data_new_class(void);
It is no longer possible to change the ex_data implementation at
runtime.  (Luckily those functions were never documented :)

Also removed the ability to add new exdata "classes."  We don't believe
this received much (if any) use, since you can't add it to OpenSSL objects,
and there are probably better (native) methods for developers to add
their own extensible data, if they really need that.

Replaced the internal hash table (of per-"class" stacks) with a simple
indexed array.  Reserved an index for "app" application.

Each API used to take the lock twice; now it only locks once.

Use local stack storage for function pointers, rather than malloc,
if possible (i.e., number of ex_data items is under a dozen).

Make CRYPTO_EX_DATA_FUNCS opaque/internal.

Also fixes RT3710; index zero is reserved.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-07-20 01:16:28 -04:00
Richard Levitte
0f539dc1a2 Fix the update target and remove duplicate file updates
We had updates of certain header files in both Makefile.org and the
Makefile in the directory the header file lived in.  This is error
prone and also sometimes generates slightly different results (usually
just a comment that differs) depending on which way the update was
done.

This removes the file update targets from the top level Makefile, adds
an update: target in all Makefiles and has it depend on the depend: or
local_depend: targets, whichever is appropriate, so we don't get a
double run through the whole file tree.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-22 18:44:33 +02:00
Richard Levitte
a3aadb2d9c make depend
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-14 17:38:31 +02:00
Richard Levitte
b39fc56061 Identify and move common internal libcrypto header files
There are header files in crypto/ that are used by a number of crypto/
submodules.  Move those to crypto/include/internal and adapt the
affected source code and Makefiles.

The header files that got moved are:

crypto/cryptolib.h
crypto/md32_common.h

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-14 17:21:40 +02:00
Rich Salz
86885c2895 Use "==0" instead of "!strcmp" etc
For the various string-compare routines (strcmp, strcasecmp, str.*cmp)
use "strcmp()==0" instead of "!strcmp()"

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-05-06 22:37:53 -04:00
Rich Salz
16f8d4ebf0 memset, memcpy, sizeof consistency fixes
Just as with the OPENSSL_malloc calls, consistently use sizeof(*ptr)
for memset and memcpy.  Remove needless casts for those functions.
For memset, replace alternative forms of zero with 0.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-05 22:18:59 -04:00
Rich Salz
b4faea50c3 Use safer sizeof variant in malloc
For a local variable:
        TYPE *p;
Allocations like this are "risky":
        p = OPENSSL_malloc(sizeof(TYPE));
if the type of p changes, and the malloc call isn't updated, you
could get memory corruption.  Instead do this:
        p = OPENSSL_malloc(sizeof(*p));
Also fixed a few memset() calls that I noticed while doing this.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-04 15:00:13 -04:00
Rich Salz
25aaa98aa2 free NULL cleanup -- coda
After the finale, the "real" final part. :)  Do a recursive grep with
"-B1 -w [a-zA-Z0-9_]*_free" to see if any of the preceeding lines are
an "if NULL" check that can be removed.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-05-01 14:37:16 -04:00
Rich Salz
efa7dd6444 free NULL cleanup 11
Don't check for NULL before calling free functions. This gets:
        ERR_STATE_free
        ENGINE_free
        DSO_free
        CMAC_CTX_free
        COMP_CTX_free
        CONF_free
        NCONF_free NCONF_free_data _CONF_free_data
        A sk_free use within OBJ_sigid_free
        TS_TST_INFO_free (rest of TS_ API was okay)
        Doc update for UI_free (all uses were fine)
        X509V3_conf_free
        X509V3_section_free
        X509V3_string_free

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-01 10:15:18 -04:00
Rich Salz
b548a1f11c free null cleanup finale
Don't check for NULL before calling OPENSSL_free

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-05-01 10:02:07 -04:00
Rich Salz
4b45c6e52b free cleanup almost the finale
Add OPENSSL_clear_free which merges cleanse and free.
(Names was picked to be similar to BN_clear_free, etc.)
Removed OPENSSL_freeFunc macro.
Fixed the small simple ones that are left:
        CRYPTO_free CRYPTO_free_locked OPENSSL_free_locked

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-30 17:57:32 -04:00
Rich Salz
b196e7d936 remove malloc casts
Following ANSI C rules, remove the casts from calls to
OPENSSL_malloc and OPENSSL_realloc.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-28 15:28:14 -04:00
Rich Salz
3e47caff48 ERR_ cleanup
Remove ERR_[gs]et_implementation as they were not undocumented and
useless (the data structure was opaque).

Halve the number of lock/unlock calls in almost all ERR_
functions by letting the caller of get_hash or int_thread_set
able to lock.  Very useful when looping, such as adding errors,
or when getting the hash and immediately doing a lookup on it.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-04-28 10:50:54 -04:00
Richard Levitte
a80e33b991 Remove EXHEADER, TEST, APPS, links:, install: and uninstall: where relevant
With no more symlinks, there's no need for those variables, or the links
target.  This also goes for all install: and uninstall: targets that do
nothing but copy $(EXHEADER) files, since that's now taken care of by the
top Makefile.

Also, removed METHTEST from test/Makefile.  It looks like an old test that's
forgotten...

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-31 20:16:01 +02:00
Richard Levitte
dee502be89 Stop symlinking, move files to intended directory
Rather than making include/openssl/foo.h a symlink to
crypto/foo/foo.h, this change moves the file to include/openssl/foo.h
once and for all.

Likewise, move crypto/foo/footest.c to test/footest.c, instead of
symlinking it there.

Originally-by: Geoff Thorpe <geoff@openssl.org>

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-03-31 20:16:01 +02:00
Dr. Stephen Henson
86d20cb6fd make depend
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-24 12:05:05 +00:00
Dr. Stephen Henson
5fe736e5fc Move some ASN.1 internals to asn1_int.h
Move ASN.1 internals used across multiple directories into new internal
header file asn1_int.h remove crypto/Makefile hack which allowed other
directories to include "asn1_locl.h"

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-24 12:03:36 +00:00
Richard Levitte
2383a74be1 Use OPENSSL_malloc rather than malloc/calloc
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-24 12:21:12 +01:00
Richard Levitte
912d7c75d4 Fix eng_cryptodev to not depend on BN internals.
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-24 12:21:12 +01:00
Rich Salz
10bf4fc2c3 Merge OPENSSL_NO_EC{DH,DSA} into OPENSSL_NO_EC
Suggested by John Foley <foleyj@cisco.com>.

Reviewed-by: Matt Caswell <matt@openssl.org>
2015-03-11 09:29:37 -04:00
Rich Salz
f16a64d11f Dead code cleanup; remove #if 0 from crypto/engine
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-02-02 11:40:36 -05:00
Ben Laurie
4de8385796 Build correctly for me on FreeBSD 10.
Reviewed-by: Rich Salz

Don't debug.
2015-01-30 22:23:17 +00:00
Rich Salz
474e469bbd OPENSSL_NO_xxx cleanup: SHA
Remove support for SHA0 and DSS0 (they were broken), and remove
the ability to attempt to build without SHA (it didn't work).
For simplicity, remove the option of not building various SHA algorithms;
you could argue that SHA_224/256/384/512 should be kept, since they're
like crypto algorithms, but I decided to go the other way.
So these options are gone:
	GENUINE_DSA         OPENSSL_NO_SHA0
	OPENSSL_NO_SHA      OPENSSL_NO_SHA1
	OPENSSL_NO_SHA224   OPENSSL_NO_SHA256
	OPENSSL_NO_SHA384   OPENSSL_NO_SHA512

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-01-27 12:34:45 -05:00
Rich Salz
c436e05bdc Remove unused eng_rsax and related asm file
Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-01-24 16:27:03 -05:00
Kurt Roeckx
2747d73c14 Fix segfault with empty fields as last in the config.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-24 14:46:50 +01:00
Viktor Dkhovni
c963c421fb Replace exit() with error return.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-23 15:39:40 -05:00
Matt Caswell
0f113f3ee4 Run util/openssl-format-source -v -c .
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:09 +00:00
Matt Caswell
76712e81e0 Fix indent issue with engine.h
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-22 09:20:07 +00:00
Matt Caswell
3a83462dfe Further comment amendments to preserve formatting prior to source reformat
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-01-06 15:45:25 +00:00
Tim Hudson
1d97c84351 mark all block comments that need format preserving so that
indent will not alter them when reformatting comments

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2014-12-30 22:10:26 +00:00
Matt Caswell
53e95716f5 Change all instances of OPENSSL_NO_DEPRECATED to OPENSSL_USE_DEPRECATED
Introduce use of DECLARE_DEPRECATED

Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-12-18 19:57:14 +00:00
Emilia Kasper
b597aab84e Build fixes
Various build fixes, mostly uncovered by clang's unused-const-variable
and unused-function errors.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(cherry picked from commit 0e1c318ece)
2014-12-17 14:31:05 +01:00
Matt Caswell
29e7a56d54 Disable engines that will fail to build when bn is made opaque
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-12-08 21:41:12 +00:00
Dr. Stephen Henson
f072785eb4 Remove fipscanister build functionality from makefiles.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-12-08 13:23:45 +00:00
Rich Salz
8cfe08b4ec Remove all .cvsignore files
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-11-28 18:32:43 -05:00
Justin Blanchard
f756fb430e RT1815: More const'ness improvements
Add a dozen more const declarations where appropriate.
These are from Justin; while adding his patch, I noticed
ASN1_BIT_STRING_check could be fixed, too.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2014-08-18 11:49:16 -04:00
Jonas Maebe
d6f69ae547 cryptodev_digest_copy: return error if allocating dstate->mac_data fails
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-08-15 22:38:51 +02:00
Jonas Maebe
349e6b2b0a cryptodev_digest_update: don't leak original state->mac_data if realloc fails
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2014-08-15 22:38:36 +02:00
Emilia Kasper
f0ca9ccaef make depend
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2014-08-14 15:24:58 +02:00
Dr. Stephen Henson
03c075e572 Windows build fixes.
Add cmac.h to mkdef.pl
Remove ENGINE_load_rsax from engine.h: no longer built.
Update ordinals
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-07-19 22:57:37 +01:00
Andy Polyakov
d11c70b2c2 Please Clang's sanitizer, addendum. 2014-07-08 23:06:59 +02:00
Ben Laurie
e3ba6a5f83 Make depend. 2014-06-30 16:03:29 +01:00
Dr. Stephen Henson
4cfeb00be9 make depend 2014-02-19 20:09:08 +00:00
Dr. Stephen Henson
6ecbc2bb62 Don't use CRYPTO_AES_CTR if it isn't defined. 2014-02-18 22:20:30 +00:00
Klaus-Peter Junghanns
be2c4d9bd9 Add support for aes-128/192/256-ctr to the cryptodev engine.
This can be used to speed up SRTP with libsrtp, e.g. on TI omap/sitara based devices.
2014-02-15 00:01:40 +00:00
Dr. Stephen Henson
e933f91f50 Add loaded dynamic ENGINEs to list.
Always add a dynamically loaded ENGINE to list. Otherwise it can cause
problems when multiply loaded, especially if it adds new public key methods.
For all current engines we only want a single implementation anyway.
2014-01-28 13:51:58 +00:00
Dr. Stephen Henson
8a1956f3ea Don't use rdrand engine as default unless explicitly requested.
(cherry picked from commit 16898401bd47a153fbf799127ff57fdcfcbd324f)
2013-12-13 15:39:55 +00:00
Veres Lajos
478b50cf67 misspellings fixes by https://github.com/vlajos/misspell_fixer 2013-09-05 21:39:42 +01:00
Andy Polyakov
f5b132d652 Remove RSAX engine, superseded by RSAZ module. 2013-07-05 22:11:28 +02:00
Ben Laurie
ea5003bd1e Include correctly. 2013-03-04 14:31:18 +00:00
Ben Laurie
975dfb1c6c make depend. 2013-02-21 18:17:38 +00:00
Dr. Stephen Henson
98a7edf9f0 make depend 2012-11-19 13:18:09 +00:00
Ben Laurie
71fa451343 Version skew reduction: trivia (I hope). 2012-06-03 22:00:21 +00:00
Andy Polyakov
884c580e05 eng_all.c: revert previous "disable Padlock" commit, which was unjustified. 2012-03-19 20:20:41 +00:00
Dr. Stephen Henson
d441e6d8db PR: 2735
Make cryptodev digests work. Thanks to Nikos Mavrogiannopoulos for
this fix.
2012-02-27 16:33:34 +00:00
Ben Laurie
b9ef708e40 Padlock engine doesn't build (the asm parts are not built for some reason),
so remove for now.
2011-12-13 15:56:40 +00:00
Andy Polyakov
af9b610cef Remove eng_aesni.c as AES-NI support is integrated directly at EVP. 2011-10-13 19:46:44 +00:00
Bodo Möller
bf6d2f986d Make CTR mode behaviour consistent with other modes:
- clear ctx->num in EVP_CipherInit_ex
- adapt e_eas.c changes from http://cvs.openssl.org/chngview?cn=19816
  for eng_aesni.c

Submitted by: Emilia Kasper
2011-10-13 13:41:34 +00:00
Dr. Stephen Henson
a59163f6b6 def_rsa_finish not used any more. 2011-10-10 20:35:09 +00:00
Dr. Stephen Henson
fe4394cf1d remove some debugging code 2011-10-10 19:09:01 +00:00
Dr. Stephen Henson
84a75ba38c fix leak properly this time... 2011-10-10 14:08:55 +00:00
Dr. Stephen Henson
42753a4f67 fix memory leaks 2011-10-09 23:08:15 +00:00
Bodo Möller
ae53b299fa make update 2011-09-05 09:46:15 +00:00
Andy Polyakov
c2d4c2867b eng_rsax.c: improve portability. 2011-08-22 19:01:16 +00:00
Andy Polyakov
f744bcfd73 eng_rdrand.c: make it link in './config 386' case. 2011-08-14 08:30:56 +00:00
Dr. Stephen Henson
19ad345739 prevent compilation errors and warnings 2011-08-11 21:12:17 +00:00
Andy Polyakov
37f010e248 Add provisory support for RDRAND instruction. 2011-08-10 18:52:42 +00:00
Dr. Stephen Henson
8a8cc84f74 fix memory leak 2011-08-03 16:39:58 +00:00
Dr. Stephen Henson
4f275f248e stop warnings 2011-07-21 13:45:06 +00:00
Andy Polyakov
be9a8cc2af Add RSAX builtin engine. It optimizes RSA1024 sign benchmark. 2011-07-20 21:49:46 +00:00
Andy Polyakov
fe9a5107be Various mingw64 fixes. 2011-05-29 13:51:14 +00:00
Dr. Stephen Henson
b9b0a177f8 new flag to stop ENGINE methods being registered 2011-05-15 15:56:49 +00:00
Richard Levitte
487b023f3d make update (1.1.0-dev)
This meant alarger renumbering in util/libeay.num due to symbols
appearing in 1.0.0-stable and 1.0.1-stable.  However, since there's
been no release on this branch yet, it should be harmless.
2011-03-23 00:11:32 +00:00
Ben Laurie
edc032b5e3 Add SRP support. 2011-03-12 17:01:19 +00:00
Dr. Stephen Henson
a3654f0586 Include openssl/crypto.h first in several other files so FIPS renaming
is picked up.
2011-02-16 17:25:01 +00:00
Bodo Möller
9d0397e977 make update 2011-02-03 10:17:53 +00:00
Dr. Stephen Henson
eb164d0b12 stop warnings about no previous prototype when compiling shared engines 2011-01-30 01:30:48 +00:00
Dr. Stephen Henson
df6de39fe7 Change AR to ARX to allow exclusion of fips object modules 2011-01-26 16:08:08 +00:00
Dr. Stephen Henson
fa71cc7bce fix typo in HMAC redirection, add HMAC INIT tracing 2010-11-24 19:14:59 +00:00
Dr. Stephen Henson
e77906b9fa VERY EXPERIMENTAL HMAC redirection example in OpenSSL ENGINE. Untested at this
stage and probably wont work properly.
2010-11-24 18:32:06 +00:00
Dr. Stephen Henson
0c7246ed4b fix warnings 2010-10-04 13:45:15 +00:00
Andy Polyakov
3d85668ba2 eng_aesni.c: switch to CRYPTO_ctr128_encrypt_ctr32. 2010-07-26 21:50:39 +00:00
Dr. Stephen Henson
7bbd0de88d Add call to ENGINE_register_all_complete() to ENGINE_load_builtin_engines(),
this means that some implementations will be used automatically, e.g. aesni,
we do this for cryptodev anyway.

Setup cpuid in ENGINE_load_builtin_engines() too as some ENGINEs use it.
2010-07-21 16:14:48 +00:00
Dr. Stephen Henson
9f08866940 Stop compiler complaining in pedantic mode: may be a better way to do this... 2010-05-22 00:20:42 +00:00
Andy Polyakov
6c83629bd9 AESNI engine: add counter mode. 2010-04-10 13:56:59 +00:00
Dr. Stephen Henson
ac495542a6 PR: 1813
Submitted by: Torsten Hilbrich <torsten.hilbrich@secunet.com>

Fix memory leak when engine name cannot be loaded.
2010-03-27 18:28:02 +00:00
Dr. Stephen Henson
2c772c8700 don't mix definitions and code 2010-03-03 15:30:42 +00:00
Dr. Stephen Henson
f84c85b0e3 PR: 2178
Submitted by: "Kennedy, Brendan" <brendan.kennedy@intel.com>

Handle error codes correctly: cryptodev returns 0 for success whereas OpenSSL
returns 1.
2010-03-01 23:54:47 +00:00
Dr. Stephen Henson
ff2fdbf2f8 oops, reinstate correct prototype 2010-03-01 03:01:27 +00:00
Dr. Stephen Henson
5e28ccb798 make USE_CRYPTODEV_DIGESTS work 2010-03-01 01:19:18 +00:00
Dr. Stephen Henson
a6575572c6 load cryptodev if HAVE_CRYPTODEV is set too 2010-03-01 00:40:10 +00:00
Dr. Stephen Henson
c3951d8973 update cryptodev to match 1.0.0 stable branch version 2010-03-01 00:37:58 +00:00
Dr. Stephen Henson
29e722f031 Fix memory leak in ENGINE autoconfig code. Improve error logging. 2010-02-09 14:17:14 +00:00
Dr. Stephen Henson
92714455af In engine_table_select() don't clear out entire error queue: just clear
out any we added using ERR_set_mark() and ERR_pop_to_mark() otherwise
errors from other sources (e.g. SSL library) can be wiped.
2010-01-28 17:49:25 +00:00
Dr. Stephen Henson
891d3c7a60 revert previous change 2010-01-28 14:17:39 +00:00
Dr. Stephen Henson
9fb6fd34f8 reword RI description 2010-01-27 18:53:33 +00:00
Dr. Stephen Henson
f8e1ab79f5 ENGINE_load_capi() now exists on all platforms (but no op on non-WIN32) 2010-01-06 13:21:08 +00:00
Dr. Stephen Henson
a25f33d28a Submitted by: Julia Lawall <julia@diku.dk>
The functions ENGINE_ctrl(), OPENSSL_isservice(), EVP_PKEY_sign(),
CMS_get1_RecipientRequest() and RAND_bytes() can return <=0 on error fix
so the return code is checked correctly.
2009-09-13 11:29:29 +00:00
Dr. Stephen Henson
0f1d77a870 Fix error code. 2009-08-06 16:39:34 +00:00
Dr. Stephen Henson
c869da8839 Update from 1.0.0-stable 2009-07-27 21:10:00 +00:00