| Age | Commit message (Collapse) | Author |
|---|
|
Intel. Obtained from BoringSSL, with some integration work borrowed from
OpenSSL 1.0.2; assembler code for arm and sparc64 borrowed from OpenSSL 1.1.0.
None of this code is enabled in libcrypto yet.
ok beck@ jsing@
|
|
|
|
|
|
ok krw@
|
|
"the" with the obviously intended word.
Started with a "the the" spotted by Mihal Mazurek.
|
|
Noticed by pascal-cuoq from Github:
https://github.com/libressl-portable/openbsd/issues/56
ok beck@
|
|
|
|
few lines above.
|
|
macros. The only change in the generated assembly is due to line numbering.
|
|
DECLARE_ASN1_FUNCTIONS_const already includes this macro so using both
means we end up with duplicate function prototypes and externs.
|
|
actual function. This removes the last ASN1_dup_of usage from the tree.
Feedback from doug@ and miod@
|
|
ASN1_BIT_STRING_(new|free).
ok beck@ doug@
|
|
ok miod@
|
|
This is not the same as the macro expansion, however the ASN1_STRING_*
functions do match the macro expansions.
ok doug@ miod@
|
|
assembly.
ok bcook@
|
|
changes to line numbers.
|
|
From OpenSSL.
ok miod@ (a while ago)
|
|
From OpenSSL.
ok miod@ (a while ago).
|
|
From OpenSSL.
Rides libcrypto bump.
ok miod@ (a while ago)
|
|
pointer for NULL the line above; ok doug@
|
|
After calling BN_CTX_start(), there must be a BN_CTX_end() before
returning. There were missing BN_CTX_end() calls in error paths. One diff
chunk was simply removing redundant code related to this.
ok deraadt@
|
|
From OpenSSL commit 5e5d53d341fd9a9b9cc0a58eb3690832ca7a511f.
ok guenther@, logan@
|
|
These include:
CVE-2015-0209 - Use After Free following d2i_ECPrivatekey error
CVE-2015-0286 - Segmentation fault in ASN1_TYPE_cmp
CVE-2015-0287 - ASN.1 structure reuse memory corruption
CVE-2015-0289 - PKCS7 NULL pointer dereferences
Several other issues did not apply or were already fixed.
Refer to https://www.openssl.org/news/secadv_20150319.txt
joint work with beck, doug, guenther, jsing, miod
|
|
all the function's exit paths can make sure it gets freed. Coverity CID 78861
tweaks & ok doug@ jsing@
|
|
ok doug@
|
|
|
|
ok miod@
|
|
and functions can be readily located.
Change has been scripted and the generated assembly only differs by changes
to line numbers.
Discussed with beck@ miod@ tedu@
|
|
code is visible and functions can be readily located.
Change has been scripted and the generated assembly only differs by changes
to line numbers.
Discussed with beck@ miod@ tedu@
|
|
There are currently cases where the return from each call is checked,
the return from only the last call is checked and cases where it is not
checked at all (including code in bn, ec and engine).
Checking the last return value is valid as once the function fails it will
continue to return NULL. However, in order to be consistent check each
call with the same idiom. This makes it easy to verify.
Note there are still a handful of cases that do not follow the idiom -
these will be handled separately.
ok beck@ doug@
|
|
clang warns that it is unused and we have -Werror enabled. This test isn't
hooked up to anything yet. We can add it back with a future GOST update.
clang 3.5 can now build libssl and libcrypto as long as you use
CFLAGS=-Wno-pointer-sign.
"seems reasonable" bcook@, miod@
|
|
EC_POINT_is_at_infinity() and EC_POINT_is_on_curve(), for they may return -1
should an error arise.
ok doug@ jsing@
|
|
There are a few instances where #if 1 is removed but the code remains.
Based on the following OpenSSL commits. Some of the commits weren't
strictly deletions so they are going to be split up into separate commits.
6f91b017bbb7140f816721141ac156d1b828a6b3
3d47c1d331fdc7574d2275cda1a630ccdb624b08
dfb56425b68314b2b57e17c82c1df42e7a015132
c8fa2356a00cbaada8963f739e5570298311a060
f16a64d11f55c01f56baa62ebf1dec7f8fe718cb
9ccc00ef6ea65567622e40c49aca43f2c6d79cdb
02a938c953b3e1ced71d9a832de1618f907eb96d
75d0ebef2aef7a2c77b27575b8da898e22f3ccd5
d6fbb194095312f4722c81c9362dbd0de66cb656
6f1a93ad111c7dfe36a09a976c4c009079b19ea1
1a5adcfb5edfe23908b350f8757df405b0f5f71f
8de24b792743d11e1d5a0dcd336a49368750c577
a2b18e657ea1a932d125154f4e13ab2258796d90
8e964419603d2478dfb391c66e7ccb2dcc9776b4
32dfde107636ac9bc62a5b3233fe2a54dbc27008
input + ok jsing@, miod@, tedu@
|
|
EC_POINT_point2oct so that later allocation does not overflow
with miod
|
|
ok miod
|
|
|
|
other allocations in the same block couldn't.
problem pointed out by David Ramos on the openssl-dev list
ok miod@ doug@
|
|
engine to regular EVP citizens, contributed by Dmitry Eremin-Solenikov;
libcrypto bits only for now.
This is a verbatim import of Dmitry's work, and does not compile in this
state; the forthcoming commits will address these issues.
None of the GOST code is enabled in libcrypto yet, for it still gets
compiled with OPENSSL_NO_GOST defined. However, the public header gost.h
will be installed.
|
|
need to do it in ec_copy_parameters() prior to invoking EC_KEY_set_group().
ok doug@ jsing@
|
|
OK from beck@ and miod@
|
|
Improves readability, keeps the code smaller so that it is warmer in your
cache.
review & ok deraadt@
|
|
Remove the openssl public includes from cryptlib.h and add a small number
of includes into the source files that actually need them. While here,
also sort/group/tidy the includes.
ok beck@ miod@
|
|
an OPENSSL_NO_* define. This avoids relying on something else pulling it
in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is
never going to do anything, since OPENSSL_NO_XYZ will never defined, due
to the fact that opensslconf.h has not been included.
This also includes some miscellaneous sorting/tidying of headers.
|
|
are needed in the source files that actually require them.
ok beck@ miod@
|
|
Also remove unused des_ver.h, which exports some of these strings, but is not installed.
ok miod@ tedu@
|
|
member (which is perfectly acceptable).
From BoringSSL (Adam Langley), commit f71a27920a903c9c36bcb31e68781b17674d3fd2
|
|
|
|
ok miod
|
|
|
|
ok tedu guenther
|
