wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
14656 commits 20 branches 302 tags 153 MiB
Commit graph

281 commits

Author SHA1 Message Date
Dr. Stephen Henson
59b1696c0c SSL library configuration module. 
This adds support for SSL/TLS configuration using configuration modules.
Sets of command value pairs are store and can be replayed through an
SSL_CTX or SSL structure using SSL_CTX_config or SSL_config.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-22 15:14:14 +00:00
Rich Salz
4fae386cb0 Cleanup CRYPTO_{push,pop}_info 
Rename to OPENSSL_mem_debug_{push,pop}.
Remove simple calls; keep only calls used in recursive functions.
Ensure we always push, to simplify so that we can always pop

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-22 09:11:07 -05:00
Rich Salz
c99de0533d Rename *_realloc_clean to *_clear_realloc 
Just like *_clear_free routines.  Previously undocumented, used
a half-dozen times within OpenSSL source.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-22 07:32:51 -05:00
Richard Levitte
31384753c7 Remove the "eay" c-file-style indicators 
Since we don't use the eay style any more, there's no point tryint to
tell emacs to use it.

Reviewed-by: Matt Caswell <matt@openssl.org>
 2015-12-18 13:08:40 +01:00
Richard Levitte
ff8428561a Modify the lower level memory allocation routines to take size_t 
We've been using int for the size for a long time, it's about time...

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2015-12-17 08:24:26 +01:00
Rich Salz
33eaf4c27e mem-cleanup, cont'd. 
Remove LEVITTE_DEBUG_MEM.
Remove {OPENSSL,CRYPTO}_remalloc.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
 2015-12-16 22:23:57 -05:00
Rich Salz
7644a9aef8 Rename some BUF_xxx to OPENSSL_xxx 
Rename BUF_{strdup,strlcat,strlcpy,memdup,strndup,strnlen}
to OPENSSL_{strdup,strlcat,strlcpy,memdup,strndup,strnlen}
Add #define's for the old names.
Add CRYPTO_{memdup,strndup}, called by OPENSSL_{memdup,strndup} macros.

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-12-16 16:14:49 -05:00
Dr. Stephen Henson
2c61a5ecca Constify EC_KEY in ECDH_compute_key. 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-16 14:17:53 +00:00
Dr. Stephen Henson
57be4444c6 Remove SSL_OP_SINGLE_ECDH_USE code. 
Since auto ecdh is now always used SSL_OP_SINGLE_ECDH_USE is
redundant. Simplify associated code.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-16 14:17:53 +00:00
Dr. Stephen Henson
981bd8a2f2 New EC functions. 
New functions EC_POINT_point2buf and EC_KEY_key2buf which encode
a point and allocate a buffer in one call.

New function EC_KEY_oct2key() which sets public key in an EC_KEY
structure from an encoded point.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-16 14:17:53 +00:00
Rich Salz
2ab9687479 Remove GMP engine. 
Reviewed-by: Ben Laurie <ben@openssl.org>
 2015-12-15 07:59:56 -05:00
Dr. Stephen Henson
c01ff880d4 New function X509_get0_pubkey 
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
 2015-12-14 23:06:14 +00:00
Dr. Stephen Henson
2872dbe1c4 Add EVP_PKEY_get0_* functions. 
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
 2015-12-14 23:06:14 +00:00
Dr. Stephen Henson
7538cb82f9 remove ancient SSLeay bug workaround 
Reviewed-by: Matt Caswell <matt@openssl.org>
 2015-12-13 00:43:43 +00:00
Richard Levitte
601ab3151f Adapt PEM routines to the opaque EVP_ENCODE_CTX 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2015-12-11 16:18:01 +01:00
Richard Levitte
a0be4fd17b Make EVP_ENCODE_CTX opaque 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2015-12-11 16:18:01 +01:00
Rob Stradling
ba67253db1 Support the TLS Feature (aka Must Staple) X.509v3 extension (RFC7633). 
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

GH: #495, MR: #1435
 2015-12-10 19:27:40 +01:00
Viktor Dukhovni
f8137a62d9 Restore full support for EVP_CTX_create() etc. 
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-10 11:05:07 -05:00
Matt Caswell
278d6b3663 Prepare for 1.1.0-pre2-dev 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-10 14:24:22 +00:00
Matt Caswell
22c21b60af Prepare for 1.1.0-pre1 release 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-10 14:23:10 +00:00
Matt Caswell
ac7f47dce1 OpenSSL 1.1.0 is now in pre release 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-10 14:21:59 +00:00
Andy Polyakov
bd30091c97 x86[_64] assembly pack: add optimized AES-NI OCB subroutines. 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-10 13:11:26 +01:00
Andy Polyakov
a76ba82ccb Wire ChaCha20-Poly1305 to TLS. 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-10 12:05:30 +01:00
Andy Polyakov
bd989745b7 crypto/evp: add e_chacha20_poly1305.c. 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-10 12:00:29 +01:00
Andy Polyakov
72bb2f64fc Add ChaCha20-Poly1305 and ChaCha20 NIDs. 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-10 11:59:49 +01:00
Richard Levitte
f8d3ab4928 Move the definitions of EC_KEY and EC_KEY_METHOD to ossl_typ.h 
Most of all, that has inclusion of openssl/engine.h work even if EC
has been disabled.  This is the same as has been done for DH, DSA, RSA
and more...

Reviewed-by: Stephen Henson <steve@openssl.org>
 2015-12-09 23:56:57 +01:00
Dr. Stephen Henson
970e7b5bf8 add compatibility headers 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-09 22:09:20 +00:00
Dr. Stephen Henson
7bb75a5d08 add block comment 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-09 22:09:20 +00:00
Dr. Stephen Henson
f8d7d2d6df EC_KEY_METHOD accessors. 
Set of accessors to set and get each field.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-09 22:09:19 +00:00
Dr. Stephen Henson
89313de5cb make errors 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-09 22:09:19 +00:00
Dr. Stephen Henson
7d711cbc33 Engine EC_KEY_METHOD functionality. 
Rename ENGINE _EC_KEY functions to _EC.
Add support for EC_KEY_METHOD in ENGINE_set_default et al. Copy
ec_meth.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-09 22:09:19 +00:00
Dr. Stephen Henson
1eb97c3ecd remove ECDSA_METHOD from ENGINE 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-09 22:09:19 +00:00
Dr. Stephen Henson
c8bfd40a92 remove ECDSA_METHOD typedef 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-09 22:09:19 +00:00
Dr. Stephen Henson
180eec1666 add missing prototypes 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-09 22:09:19 +00:00
Dr. Stephen Henson
fb29bb5926 remove ecdsa.h header 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-09 22:09:19 +00:00
Dr. Stephen Henson
cf517a6d3d add ECDSA_size to ec_asn1.c 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-09 22:09:19 +00:00
Dr. Stephen Henson
6e73d12e76 return errors for unsupported operations 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-09 22:09:19 +00:00
Dr. Stephen Henson
bd3602eb89 Move and adapt ECDSA sign and verify functions. 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-09 22:09:18 +00:00
Dr. Stephen Henson
7236e3c8f7 Add ECDSA_SIG accessor. 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-09 22:09:18 +00:00
Dr. Stephen Henson
ef5b2ba6fb move ECDSA_SIG prototypes 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-09 22:09:18 +00:00
Dr. Stephen Henson
8c661f76b6 make errors 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-09 22:09:18 +00:00
Dr. Stephen Henson
714b2abb29 move ECDSA_SIG definition 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-09 22:09:18 +00:00
Dr. Stephen Henson
1e8622297d remove ECDH_METHOD typedef 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-09 22:09:18 +00:00
Dr. Stephen Henson
30243c9523 remove ecdh.h header 
Remove redundant ecdh.h header and any references to it.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-09 22:09:18 +00:00
Dr. Stephen Henson
f517ffbb83 remove ECDH_METHOD from ENGINE 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-09 22:09:17 +00:00
Dr. Stephen Henson
53e3189d0c make errors 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-09 22:09:17 +00:00
Dr. Stephen Henson
a22a7e7089 Add compute key support to EC_KEY_METHOD 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-09 22:09:17 +00:00
Dr. Stephen Henson
768c53e1b6 Move ECDH_KDF_X9_62 to crypto/ec 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-09 22:09:17 +00:00
Dr. Stephen Henson
5a6a1029d2 EC_KEY_METHOD keygen support. 
Add keygen to EC_KEY_METHOD. Redirect EC_KEY_generate_key through
method and set the current EC key generation function as the default.

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-09 22:09:17 +00:00
Dr. Stephen Henson
d2fa70d82b make errors 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-09 22:09:17 +00:00