| Age | Commit message (Collapse) | Author |
|---|
|
|
|
case is ok.
ok bcook@
|
|
ok bcook@
|
|
ok bcook@
|
|
ok jsing@, deraadt@, beck@
|
|
The recently-added EVP_aead_chacha20_poly1305_ietf() function, which implements
informational RFC 7539, "ChaCha20 and Poly1305 for IETF Protocols", needs a
64-bit counter to avoid truncation on 32-bit platforms.
The existing TLS ChaCha20-Poly1305 ciphersuite is not impacted by this, but
making this change requires an ABI bump.
ok jsing@, "Looks sane" beck@
|
|
This enables ENGINE_get_digest to work again with SHA1.
noted by NARUSE, Yui, @nurse from github
|
|
ok djm@ jsing@
|
|
ok krw@
|
|
|
|
|
|
|
|
bn_internal(3) and lhash(3)
|
|
entry for them;
feedback/ok schwarze
|
|
reported by Ruslan Babayev.
|
|
24 bits; if we don't, Td4[] gets cast to signed int, and according to C>=99
6.5.7, signed int shifted by enough bits to cause a the sign bit to be set
is an UB.
Reported by Pascal Cuoq on behalf of the trust-in-soft.com mafia I am
{partial,slightly related} to.
|
|
CAST_KEY is constructed. This is expected to reduce blood pressure in
auditors.
|
|
Suggested by WubTheCaptain so the same comparison code can be used with
LibreSSL.
https://www.openssl.org/docs/manmaster/crypto/OPENSSL_VERSION_NUMBER.html
|
|
|
|
OK jsing@
|
|
"ChaCha20 and Poly1305 for IETF Protocols", introduced a modified AEAD
construction that is incompatible with the common style that has been
already used in TLS with EVP_aead_chacha20_poly1305(). The IETF
version also adds a constant (salt) that is prepended to the nonce.
OK mikeb@ jsing@
|
|
relying upon previously included headers to do this, to enhance portability;
from Pascal Cuoq, libressl github pull request #52
|
|
|
|
For backward compatibility, the flags are redefined as 0.
ok jsing@
|
|
No part of LibreSSL checks for this flag any longer.
ok jsing@
|
|
ssl23_get_client_hello sets type=1 on error and continues processing.
It should return an error immediately to simplify things. This also
allows us to start removing the last of SSL_OP_NO_SSL*.
Added extra paranoia for s->version to make sure it is set properly.
ok jsing@
|
|
ASN1_{GENERALIZED,UTC}TIME_set_string(), which allows it to be called
with a NULL pointer.
ok beck@
|
|
ASN1_{GENERALIZED,UTC,}TIME_set_string() to be called with a NULL pointer.
Found the hard way by @kinichiro on github.
ok beck@
|
|
becoming negative in probable_prime_dh_safe(). Reported by Franck Denis who
noticed `openssl gendh 0' would segfault.
Fix adapted from OpenSSL RT#2701.
ok beck@ jsing@
|
|
will end up doing a read and write of up to 7 bytes beyond the specified
length. This is effectively a non-issue since we read and write back the
same data and due to alignment it is within a page boundary.
Regardless, avoid this by removing the "special" handling for the remaining
length and allow the standard (non-chunk) code to process the remaining
bytes, which does not result in overrun.
Reported by Pascal Cuoq <cuoq at trust-in-soft.com> - thanks!
ok beck@ miod@
|
|
|
|
ok jsing@
|
|
utctime and gentime wrappers accordingly. Along with some other cleanup.
this also removes the need for timegm.
ok bcook@ sthen@ jsing@
|
|
few lines above.
|
|
macros. The only change in the generated assembly is due to line numbering.
|
|
DECLARE_ASN1_FUNCTIONS_const already includes this macro so using both
means we end up with duplicate function prototypes and externs.
|
|
ok bcook@
|
|
|
|
buf is at all times kept nul terminated, so there is no need to enforce
this again upon exit. (no need to move buf around after we exahust space.)
ok beck miod
|
|
ok miod@
|
|
move the bndec variable in tighter since it's not used elsewhere in the
loop, then always free it after use.
ok bcook miod
|
|
ok bcook@ deraadt@
|
|
The "authenticated encryption with additional data" API is used for
ciphers like AES-GCM or ChaCha20-Poly1305. The manpage is a beginning
and certainly needs more work, especially improvements in the EXAMPLES
section.
Based on agl's source code comments.
Converted from pod to mandoc by schwarze@
OK schwarze@ jsing@
|
|
|
|
actual function. This removes the last ASN1_dup_of usage from the tree.
Feedback from doug@ and miod@
|
|
ASN1_item_{d2i,i2d}_{bio,fp}() function calls.
ok beck@ doug@
|
|
DSAPublicKey, DSAPrivateKey and DSAparams ASN1_ITEMs.
|
|
error was present in the original 2004 commit, so it hasn't been used in
over 11 years, thus exceeding our deprecation requirements by over a decade.
OpenSSL has chosen to *fix it*; we'll gladly watch it burn
ok jsing@
|
|
mark it as #ifndef LIBRESSL_INTERNAL at least we don't use this.
ok jsing@
|
|
|
