Commit graph

262 commits

Author SHA1 Message Date
Matt Caswell
3befffa39d Create BIO_write_ex() which handles size_t arguments
Also extend BIO_METHOD to be able to supply an implementation for the new
BIO_write_ex function.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-10-28 09:48:54 +01:00
Matt Caswell
d07aee2c7a Create BIO_read_ex() which handles size_t arguments
Also extend BIO_METHOD to be able to supply an implementation for the new
BIO_read function.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-10-28 09:48:54 +01:00
Dr. Stephen Henson
b1b4f0a580 make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-09-29 16:21:47 +01:00
Matt Caswell
a671b3e64a Add OCSP_RESPID_match()
Add a function for testing whether a given OCSP_RESPID matches with a
certificate.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-09-22 09:27:45 +01:00
Matt Caswell
e12c0beb5a Add the ability to set OCSP_RESPID fields
OCSP_RESPID was made opaque in 1.1.0, but no accessors were provided for
setting the name/key value for the OCSP_RESPID.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-09-22 09:27:45 +01:00
Viktor Dukhovni
4a7b3a7b4d Un-delete still documented X509_STORE_CTX_set_verify
It should not have been removed.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-24 20:30:45 +01:00
Rob Percival
63e27d4d0f Removes {i2o,o2i}_SCT_signature from the CT public API
They may return if an SCT_signature struct is added in the future that
allows them to be refactored to conform to the i2d/d2i function signature
conventions.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-23 20:23:28 +01:00
Rob Percival
cdb2a60347 Internalizes SCT_verify and removes SCT_verify_v1
SCT_verify is impossible to call through the public API (SCT_CTX_new() is
not part of the public API), so rename it to SCT_CTX_verify and move it
out of the public API.

SCT_verify_v1 is redundant, since SCT_validate does the same verification
(by calling SCT_verify) and more. The API is less confusing with a single
verification function (SCT_validate).

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-23 20:12:25 +01:00
Kazuki Yamaguchi
9ba6f347fe Expose alloc functions for EC{PK,}PARAMETERS
Declare EC{PK,}PARAMETERS_{new,free} functions in public headers. The
free functions are necessary because EC_GROUP_get_ec{pk,}parameters()
was made public by commit 60b350a3ef ("RT3676: Expose ECgroup i2d
functions").

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-22 15:10:02 +01:00
Andy Polyakov
9e6b2f54e4 crypto/pkcs12: add UTF8 support.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-22 13:50:04 +02:00
Dr. Stephen Henson
6b1f413c3a update ordinals
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-08-21 18:25:23 +01:00
Rich Salz
8b8d963db5 Add BIO_get_new_index()
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-08-19 21:04:41 -04:00
Dr. Stephen Henson
bb1c5bbe6b make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-19 18:40:55 +01:00
Dr. Stephen Henson
2729f62794 rename ordinals
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-19 18:40:55 +01:00
Dr. Stephen Henson
d5d9636a91 make update
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-19 15:46:19 +01:00
Dr. Stephen Henson
45dcb5cf3d make update
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-19 12:47:31 +01:00
Dr. Stephen Henson
67a014bfda make update
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-08-17 17:48:44 +01:00
Dr. Stephen Henson
34d4d74575 make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-16 16:05:36 +01:00
Richard Levitte
1940aa6e6b Remove duplicate ordinals
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-16 14:16:53 +02:00
Rob Percival
c35d339d98 Replaces CT_POLICY_EVAL_CTX_set0 entries with new setters in libcrypto.num
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1408)
2016-08-15 12:57:00 -04:00
Rob Percival
a1bb7708ce Improves CTLOG_STORE setters
Changes them to have clearer ownership semantics, as suggested in
https://github.com/openssl/openssl/pull/1372#discussion_r73232196.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1408)
2016-08-15 12:56:47 -04:00
Dr. Stephen Henson
c06f2aaa08 make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-13 14:11:05 +01:00
Rob Percival
a6f5d614c5 Mkae CT_log_new_from_base64 always return 0 on failure
In one failure case, it used to return -1. That failure case
(CTLOG_new() returning NULL) was not usefully distinct from all of the
other failure cases.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1407)
2016-08-05 21:34:59 -04:00
Richard Levitte
72c7658118 make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-05 21:18:15 +02:00
Rich Salz
684bc13e58 Make update, etc.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-08-05 11:19:33 -04:00
Rich Salz
412c8507ee Remove "lockit" from internal error-hash function
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1389)
2016-08-04 14:23:08 -04:00
Dr. Stephen Henson
10b0b817a0 make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-01 19:37:42 +01:00
FdaSilvaYY
9d7bfb14dd Discard BIO_set(BIO* bio) method
Simplify BIO init using OPENSSL_zalloc().

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1261)
2016-07-25 13:48:32 -04:00
Richard Levitte
fe0169b097 Make it possible for external code to set the certiciate proxy path length
This adds the functions X509_set_proxy_pathlen(), which sets the
internal pc path length cache for a given X509 structure, along with
X509_get_proxy_pathlen(), which retrieves it.

Along with the previously added X509_set_proxy_flag(), this provides
the tools needed to manipulate all the information cached on proxy
certificates, allowing external code to do what's necessary to have
them verified correctly by the libcrypto code.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-25 17:36:39 +02:00
Richard Levitte
3067095e8a Add X509_STORE lock and unlock functions
Since there are a number of function pointers in X509_STORE that might
lead to user code, it makes sense for them to be able to lock the
store while they do their work.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-25 17:33:41 +02:00
Richard Levitte
c1b4fa6ded make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-25 17:24:43 +02:00
Richard Levitte
1060a50b6d Add getters / setters for the X509_STORE_CTX and X509_STORE functions
We only add setters for X509_STORE function pointers except for the
verify callback function.  The thought is that the function pointers
in X509_STORE_CTX are a cache for the X509_STORE functions.
Therefore, it's preferable if the user makes the changes in X509_STORE
before X509_STORE_CTX_init is called, and otherwise use the verify
callback to override any results from OpenSSL's internal
calculations.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-25 17:20:58 +02:00
Jakub Zelenka
c1054bb4d2 Add EVP_ENCODE_CTX_copy
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1344)
2016-07-24 19:23:00 +01:00
Jakub Zelenka
47d96bcc6b Add missing X509_set_proxy_flag num
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1343)
2016-07-24 13:04:03 +01:00
Dr. Stephen Henson
d701504dfe make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-13 14:41:58 +01:00
Dr. Stephen Henson
4b0907e349 make update
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-07-11 23:30:04 +01:00
Rich Salz
7304e329bc Update ordinals
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-07-08 16:19:38 -04:00
Richard Levitte
85cdc842c8 make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-07-05 23:52:09 +02:00
Rich Salz
6f4a6a5cd4 RT4586: Remove RSA_memory_lock; unused, not needed
Reviewed-by: Ben Laurie <ben@openssl.org>
2016-06-27 07:39:53 -04:00
Matt Caswell
a6211814c4 Add a getter to obtain the HMAC_CTX md
As a result of opaque HMAC_CTX apps need a getter for the HMAC_CTX md.

GitHub Issue #1152

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-06-24 13:22:40 +01:00
Andy Polyakov
eeac54ef6d crypto/cryptlib.c: omit OPENSSL_ia32cap_loc().
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-22 20:20:37 +02:00
Rich Salz
d3b64b89ed Fix GCC build; make update; fix number re-use
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-16 15:48:03 -04:00
Nathaniel McCallum
ebad0b0beb Add EVP_PKEY_get0_hmac() function
Before the addition of this function, it was impossible to read the
symmetric key from an EVP_PKEY_HMAC type EVP_PKEY.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1217)
2016-06-16 13:33:47 -04:00
Rich Salz
cda3ae5bd0 RT4562: Fix misleading doc on OPENSSL_config
Also changed the code to use "appname" not "filename"

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-06-14 12:30:37 -04:00
Matt Caswell
5ec84dd75f make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-06-14 00:16:04 +01:00
Rich Salz
6670d55a84 Make a2i_ipadd an internal function
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-09 17:15:42 -04:00
Rich Salz
e417070c9f Add some accessor API's
GH1098: Add X509_get_pathlen() (and a test)
GH1097:  Add SSL_is_dtls() function.

Documented.

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-06-08 11:37:06 -04:00
Rich Salz
ade82832cd Remove NOEXIST entries
checkpoint before release.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-06-01 13:08:03 -04:00
Joey Yandle
6378809b22 set RAND_event and RAND_screen to deprecated in 1.1.0 in librypto.num
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1079)
2016-05-29 13:36:59 -04:00
Richard Levitte
da32e04b5e make update
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-05-28 02:15:04 +02:00
Dr. Stephen Henson
60980390b1 make update
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-05-23 16:41:35 +01:00
Rich Salz
739a1eb196 Rename lh_xxx,sk_xxx tp OPENSSL_{LH,SK}_xxx
Rename sk_xxx to OPENSSL_sk_xxx and _STACK to OPENSSL_STACK
Rename lh_xxx API to OPENSSL_LH_xxx and LHASH_NODE to OPENSSL_LH_NODE
Make lhash stuff opaque.
Use typedefs for function pointers; makes the code simpler.
Remove CHECKED_xxx macros.
Add documentation; remove old X509-oriented doc.
Add API-compat names for entire old API

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-05-20 10:48:29 -04:00
Rich Salz
6ddbb4cd92 X509_STORE_CTX accessors.
Add some functions that were missing when a number of X509
objects became opaque (thanks, Roumen!)

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-17 16:06:09 -04:00
Richard Levitte
19252eef3e make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-05-11 22:12:57 +02:00
Andy Polyakov
bfcdd4d098 crypto/des: remove obsolete functions.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-05-10 20:32:20 +02:00
Matt Caswell
7cafbb4bd3 Fix some X509_STORE macros
Some X509_STORE macros do not work since the type was made opaque.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-04-29 23:13:58 +01:00
Christian Heimes
f0c58c3212 Add getters for X509_STORE and X509_OBJECT members
OpenSSL 1.1.0-pre5 has made some additional structs opaque. Python's ssl
module requires access to some of the struct members. Three new getters
are added:

int X509_OBJECT_get_type(X509_OBJECT *a);
STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *v);
X509_VERIFY_PARAM *X509_STORE_get0_param(X509_STORE *ctx);

Signed-off-by: Christian Heimes <cheimes@redhat.com>

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-28 20:02:27 +02:00
Viktor Dukhovni
d5553b4cb5 make update
Recycling an unused slot.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-28 13:50:13 -04:00
Kazuki Yamaguchi
8b12d59bf7 Add ex_data functions for X509_STORE
Add X509_STORE_{set,get}_ex_data() function and
X509_STORE_get_ex_new_index() macro.

X509_STORE has ex_data and the documentation also mentions them but they
are not actually implemented.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-04-26 14:16:12 -04:00
Viktor Dukhovni
5a6694e303 make update
And recycle some disused slots.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-25 15:26:43 -04:00
Matt Caswell
54c010ab80 Fix no-dsa on Windows/VMS
The no-dsa option was failing on Windows because some symbols were not
correctly flagged in libcrypto.num. Problem found due to the new symbol
consistency test.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-22 14:42:15 +01:00
Matt Caswell
b04e5c12c2 Fix no-cmac on Windows/VMS
no-cmac was failing on Windows/VMS due to libcrypto.num not marking the
CMAC functions properly. Found due to the new symbol consistency test.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-22 14:39:30 +01:00
Matt Caswell
5951e840d9 Fix no-ocsp on Windows (and probably VMS)
The ocsp.h file did not have appropriate guards causing link failures on
Windows.

GH Issue 900

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-21 17:03:02 +01:00
Matt Caswell
00deac3ef6 Fix no-ui on Windows
Ensure public functions have appropriate guards in header files.

GH Issue 899

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-20 16:49:27 +01:00
Matt Caswell
f863ad0c59 Fix no-sock on Windows
Link errors were occurring on Windows because the header files were not
correctly guarding some functions with OPENSSL_NO_SOCK

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-20 14:52:46 +01:00
Matt Caswell
9fb80e3ceb Fix no-dgram on Windows
Link errors were occurring on Windows because the header files were not
correctly guarding some functions with OPENSSL_NO_DGRAM

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-20 14:52:45 +01:00
Rich Salz
14f051a0ae Make string_to_hex/hex_to_string public
Give the API new names, document it.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-18 09:02:11 -04:00
Rich Salz
9021a5dfb3 Rename some lowercase API's
Make OBJ_name_cmp internal
Rename idea_xxx to IDEA_xxx
Rename get_rfc_xxx to BN_get_rfc_xxx
Rename v3_addr and v3_asid functions to X509v3_...

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-18 08:22:00 -04:00
Richard Levitte
4e727a8d87 Remove declaration of function that isn't implemented
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-17 23:22:29 +02:00
Dr. Stephen Henson
4dba585f79 Add X509_STORE_CTX_set0_untrusted function.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-16 18:26:19 +01:00
Rich Salz
f0e0fd51fd Make many X509_xxx types opaque.
Make X509_OBJECT, X509_STORE_CTX, X509_STORE, X509_LOOKUP,
and X509_LOOKUP_METHOD opaque.
Remove unused X509_CERT_FILE_CTX

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-04-15 13:21:43 -04:00
Matt Caswell
a50ad1daaa make update
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-13 21:28:17 +01:00
Dr. Stephen Henson
37d0764d5b make update
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-04-13 15:08:27 +01:00
Richard Levitte
72d3bcd144 Cleanup libcrypto.num and make update
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-04-13 15:23:47 +02:00
Matt Caswell
b3599dbb6a Rename int_*() functions to *_int()
There is a preference for suffixes to indicate that a function is internal
rather than prefixes. Note: the suffix is only required to disambiguate
internal functions and public symbols with the same name (but different
case)

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-13 08:59:03 +01:00
Matt Caswell
20c56358e6 Fix symbols missing from shared build
libssl needs to have access to some internal libcrypto symbols.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-13 08:58:59 +01:00
Matt Caswell
e6216feb4c make update
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-13 08:52:33 +01:00
Matt Caswell
cf430d0593 make update
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-09 10:10:55 +01:00
Matt Caswell
32bf92f9c8 make update
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-04-09 10:10:55 +01:00
Viktor Dukhovni
a4ccf06808 make update
Signed-off-by: Rob Percival <robpercival@google.com>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-04-07 14:41:34 -04:00
Richard Levitte
c014a7cb82 make update
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-04-06 16:19:21 +02:00
FdaSilvaYY
97458daade Add X509_REQ_get0_pubkey method
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-04-04 20:38:11 +02:00
Viktor Dukhovni
bb3bdf0507 make update
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-04-03 11:37:42 -04:00
Richard Levitte
0f1ef63bf1 Ordinals adjustment
Two renamed functions were forgotten in util/libcrypto.num

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-04-03 09:15:19 +02:00
Matt Caswell
a517f7fcdc Various DSA opacity fixups
Numerous fixups based on feedback of the DSA opacity changes.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-04-03 00:23:56 +01:00
Matt Caswell
a60e6a7af4 make update
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Stephen Henson <steve@openssl.org>
2016-04-03 00:23:56 +01:00
Matt Caswell
0c767ddcbb Fix build compilation failures
BIO_f_linebuffer() is now built by default instead of just on VMS, but
the prototype in the header was still only available on VMS.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-30 10:59:32 +01:00
Matt Caswell
1737552558 make update
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-29 17:40:54 +01:00
Rich Salz
3d8b2ec42b Remove several unused undocumented functions.
Removed the following:
    DSO_bind_var, DSO_bind_var, DSO_get_default_method,
    DSO_get_loaded_filename, DSO_get_loaded_filename, DSO_get_method,
    DSO_new_method, DSO_pathbyaddr, DSO_set_default_method, DSO_set_method,
    DSO_set_name_converter, DSO_set_name_converter

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-23 08:34:33 -04:00
Rich Salz
38186bfd4e Have only one DSO_METHOD_openssl
Instead of have every DSO_METHOD_xxx in all platforms, ensure that only
one DSO_METHOD_openssl is available on all platforms.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-03-22 13:35:03 -04:00
Rich Salz
3c27208fab Remove #error from include files.
Don't have #error statements in header files, but instead wrap
the contents of that file in #ifndef OPENSSL_NO_xxx
This means it is now always safe to include the header file.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-20 19:48:36 -04:00
Richard Levitte
b4ae886121 make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-18 20:17:19 +01:00
Matt Caswell
114de5b595 Ensure that no-comp functions are flagged as such
mkdef.pl was not detecting no-comp functions. This updates the header file
so that mkdef.pl detects that no-comp applies, and the functions are marked
accordingly.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-18 12:09:27 +00:00
Rich Salz
1fbab1dc6f Remove Netware and OS/2
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-17 17:06:57 -04:00
Dr. Stephen Henson
bf8bdbc678 make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-11 17:41:24 +00:00
Rich Salz
178da24425 Make update to catch function renames.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-03-11 11:24:56 -05:00
Kurt Roeckx
208527a75d Review comments
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-11 10:39:10 -05:00
Bill Cox
2d0b441267 Add blake2 support.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-11 10:39:10 -05:00
Rob Percival
8359b57f27 check reviewer --reviewer=emilia
Remove 'log' field from SCT and related accessors

In order to still have access to an SCT's CTLOG when calling SCT_print,
SSL_CTX_get0_ctlog_store has been added.

Improved documentation for some CT functions in openssl/ssl.h.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-10 14:53:04 -05:00
Rich Salz
599eccfcbf RT3676 add: Export ASN.1 DHparams
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-03-09 20:58:08 -05:00
Rich Salz
60b350a3ef RT3676: Expose ECgroup i2d functions
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-03-09 12:25:21 -05:00
Rob Percival
14db9bbd71 Removes SCT_LIST_set_source and SCT_LIST_set0_logs
Both of these functions can easily be implemented by callers instead.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-09 11:34:48 -05:00
Alessandro Ghedini
0b1a07c8a7 Convert RSA blinding to new multi-threading API
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-08 23:52:48 +00:00
Rich Salz
040d43b3ff OpenSSLDie --> OPENSSL_die
Also removed a bunch of unused define's from e_os.h

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-03-08 14:46:17 -05:00
Dr. Stephen Henson
939bd84090 make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-08 17:02:49 +00:00
Alessandro Ghedini
638b3c8837 make update
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-08 11:10:34 -05:00
Alessandro Ghedini
8509dcc9f3 Convert ERR_STATE to new multi-threading API
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-08 14:11:09 +00:00
Matt Caswell
44ab2dfdf9 Rename EVP_CIPHER_CTX_cipher_data to EVP_CIPHER_CTX_get_cipher_data
We had the function EVP_CIPHER_CTX_cipher_data which is newly added for
1.1.0. As we now also need an EVP_CIPHER_CTX_set_cipher_data it makes
more sense for the former to be called EVP_CIPHER_CTX_get_cipher_data.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-03-07 21:42:09 +00:00
Matt Caswell
98ee75439d Update the dasync engine to add a pipeline cipher
Implement aes128-cbc as a pipeline capable cipher in the dasync engine.
As dasync is just a dummy engine, it actually just performs the parallel
encrypts/decrypts in serial.

Reviewed-by: Tim Hudson <tjh@openssl.org>
2016-03-07 21:26:04 +00:00
Matt Caswell
122499dd14 make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-07 21:19:30 +00:00
Dr. Stephen Henson
48fe8ab02e make update
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-07 17:11:21 +00:00
Richard Levitte
a2ed050328 New ordinal files, recreated from scratch
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-05 09:06:09 +01:00