| Age | Commit message (Collapse) | Author |
|---|
|
These files are now built on all platforms.
|
|
ok tb
|
|
|
|
|
|
This is a legacy algorithm and the assembly is only marginally faster than
the C code.
Discussed with beck@ and tb@
|
|
is being deleted.
|
|
(libobjc) had been removed from the build years ago, there is no need to
keep the compiler.
ok beck@ joshua@
|
|
ok guenther@ deraadt@
|
|
md files lists.
ok guenther@ deraadt@
|
|
Also, the details described in sigaltstack(2) are no longer true.
ok jmc
|
|
was a big coding effort to ensure that system calls could only be performed
from static-binary/ld.so/libc.so/sigtramp regions of memory, by caching a
uvm entry with a serial number; new mmap/mprotect calls would increment
the map serial, and the entry would need to be looked up again. So the
cost was O(1) in the usual case, but O(log n) with some locking if a map
change required a new lookup.
In the new world order, such regions are immutable so they cannot be
changed/split by mmap/mprotect; also we know the precise entry locations
of the syscalls due to system call pinning (ELF OPENBSD_SYSCALL and
pinsyscalls(2)), and this is all done as O(1) without any locking.
All the other parts of the subsystem will be ripped out but please
run a kernel with this before I make changes to ld.so..
ok kettenis
|
|
|
|
|
|
This adds support for Edwards curve digital signature algorithms in the
cryptographic message syntax, as specified in RFC 8419. Only Ed25519 is
supported since that is the only EdDSA algorithm that LibreSSL supports
(this is unlikely to change ever, but, as they say - never is a very
long time).
This has the usual curly interactions between EVP and CMS with poorly
documented interfaces and lots of confusing magic return values and
controls. This improves upon existing control handlers by documenting
what is being done and why. Unlike other (draft) implementations we
also happen to use the correct hashing algorithm.
There are no plans to implement RFC 8418.
joint work with job at p2k23
ok jsing
|
|
This is now built on all platforms.
|
|
|
|
|
|
If any OBJ_dup() fails along the way, a partially copied policy stack
would remain on the params object. This makes no sense. Implement and
use an sk_ASN1_OBJECT_deep_copy(), that copies the full stack or else
returns NULL.
Remove unnecessary NULL check and streamline some other logic.
ok jsing
|
|
Streamline some checks and use more idiomatic sk_push() error check
ok jsing
|
|
Always include aes_core.c and provide AES_set_{encrypt,decrypt}_key() via C
functions, which then either use a C implementation or call the assembly
implementation.
ok tb@
|
|
discussed with jsing
|
|
The streaming BIO API is full of missing error checks. This diff reverts
the logic so that the single call to ASN1_item_i2d_bio() is error checked
(it has the usual 1/0 return values), unindents the bulk of the code and
propagates the SMIME_crlf_copy() return value (alos 1/0) to be the actual
error.
ok jsing
|
|
Buy a vowel at the same time, since we're no longer limited to 8.3 file
names.
Discussed with tb@
|
|
|
|
ok jsing tb
|
|
fixes accessing eMMC on a machine with Celeron J6413
from and tested by Sven Falempin
|
|
This is now built on all platforms.
|
|
discussed with djm
|
|
|
|
Rather than making prototypes appear and disappear depending on whether
or not you've included pem.h before cms.h, just include pem.h from cms.h
itself.
ok joshua@ tb@
|
|
Somewhere in the past 25 years, the circular dependency between err and pem
went away. Stop pulling in pem2.h and just use pem.h directly (pem2.h can
probably be removed at some point, but that remains for another day).
ok joshua@ tb@
|
|
ok jsing beck
|
|
Should fix windows build.
|
|
This is a legacy algorithm and the assembly is only marginally faster than
the C code.
Discussed with beck@ and tb@
|
|
|
|
This has the greatest impact on makewhatis, which used to make
thousands of calls to issetugid(2) via localtime(3) and strftime(3).
Inspired by a different diff from miod@. OK miod@
|
|
|
|
The code is still a horrific mess, but at least the braces are in the right
place...
|
|
ok beck jsing
|
|
fixes accessing eMMC on MeLE Quieter 4C
from and tested by Colin Didier
|
|
|
|
Rename the assembly generated functions from AES_cbc_encrypt() to
aes_cbc_encrypt_internal(). Always include aes_cbc.c and change it
to use defines that are similar to those used in BN.
ok tb@
|
|
|
|
Along with the misnamed SM3_transform() prototype.
|
|
|
|
|
|
Replace loads with crypto_load_be32toh() or be32toh(). Use
crypto_store_htobe32() or htobe32() for stores.
ok tb@
|
|
OPENSSL_cpuid_setup() is already called from OPENSSL_crypto_init(), hence
we do not need or want automatic initialisation on library load.
|
|
OPENSSL_cpuid_setup() is already called from OPENSSL_crypto_init(), hence
we do not need or want automatic initialisation on library load.
ok tb@
|
|
Replace loads with crypto_load_le32toh() or le32toh(). Use
crypto_store_htole32() or htole32() for stores.
ok joshua@ tb@
|
