summaryrefslogtreecommitdiff
path: root/lib/libcrypto/pkcs12
AgeCommit message (Collapse)Author
2018-08-24Remove EVP_PKEY2PKCS8_broken() and PKCS8_set_broken()Theo Buehler
Provide PKCS8_pkey_add1_attr_by_NID() and PKCS8_pkey_get0_attrs(). Remove the whole broken code and simplify pkcs8_priv_key_info_st accordingly. Based on OpenSSL commit 54dbf42398e23349b59f258a3dd60387bbc5ba13 plus some const that was added later. tested in a bulk build by sthen ok jsing
2018-05-30Add a const qualifier to the `uni' argument of OPENSSL_uni2asc().Theo Buehler
tested in a bulk build by sthen ok jsing
2018-05-13Add const qualifiers to the X509_SIG * and char * arguments ofTheo Buehler
PKCS8_decrypt(3). tested in a bulk build by sthen ok beck, jsing
2018-05-13Add const to the argument of PKCS12_pack_authsafes(3).Theo Buehler
tested in a bulk by sthen ok beck, jsing
2018-05-13Add const to the X509_ALGOR and other arguments ofTheo Buehler
PKCS12_item_decrypt_d2i(3), PKCS12_pbe_crypt(3), PKCS12_newpass(3). tested in a bulk by sthen ok beck, jsing
2018-05-13Add const to the attr argument of PKCS12_get_attr_gen(3).Theo Buehler
tested in a bulk by sthen ok beck, jsing
2018-05-13Add const qualifier to the PKCS12_SAFEBAG argument ofTheo Buehler
PKCS12_decrypt_skey(3). tested in a bulk by sthen ok beck, jsing
2018-05-13Add const qualifiers to the 'pass' and 'name' arguments ofTheo Buehler
PKCS12_add_key(3), PKCS12_add_safe(3), PKCS12_create(3). tested in a bulk build by sthen ok beck, jsing
2017-05-02use freezero() instead of memset/explicit_bzero + free. SubstantiallyTheo de Raadt
reduces conditional logic (-218, +82). MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH cache alignment calculation bn/bn_exp.c wasn'tt quite right. Two other tricky bits with ASN1_STRING_FLAG_NDEF and BN_FLG_STATIC_DATA where the condition cannot be collapsed completely. Passes regress. ok beck
2017-01-29Send the function codes from the error functions to the bit bucket,Bob Beck
as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@
2016-12-30Expand ASN1_ITEM_rptr macros - no change in generated assembly.Joel Sing
2016-12-30Place M_PKCS12_* compatibility macros under #ifndef LIBRESSL_INTERNAL.Joel Sing
2016-12-30Expand M_PKCS12_* "compatibility" macros. No change to generated assembly.Joel Sing
2016-12-27Remove all DECLARE_ASN1_SET_OF macro usage - since 2000 these have beenJoel Sing
nothing but markers for utils/mkstack.pl... and we removed the code that generated more macros from these markers in 2014.
2016-12-27Expand DECLARE_ASN1_ITEM macros - no change to preprocessor output.Joel Sing
2016-11-08Stricter checks of ASN1_INTEGER to reject ASN1_NEG_INTEGER in places whenMiod Vallat
they don't make sense. ok beck@
2016-11-05Stricter validation of inputs of OPENSSL_asc2uni() and OPENSSL_uni2asc().Miod Vallat
While there, try to make these slightly less obfuscated. ok beck@ jsing@
2016-11-05Do not leak the ressources possibly allocated by EVP_MD_CTX_init() in theMiod Vallat
trivial error path of PKCS12_key_gen_uni(). ok beck@ jsing@
2016-09-04Expand DECLARE_ASN1_.*FUNCTIONS macros.Joel Sing
No change in preprocessed output, ignoring whitespace and line numbers.
2016-03-11X509_free(3) is NULL-safe, so remove NULL checks before its calls.Michael McConville
ok doug@
2015-09-30Replace M_ASN1_OCTET_STRING_(free|new) with ASN1_OCTET_STRING_(free|new).Joel Sing
2015-09-30Replace M_ASN1_INTEGER_(new|free) with ASN1_INTEGER_(new|free) - this isJoel Sing
different from the macro expansion, but the result is the same. Also replace some ASN1_STRING_dup() with ASN1_INTEGER_dup(). ok beck@ doug@
2015-09-10Correct spelling of OPENSSL_cleanse.Joel Sing
ok miod@
2015-07-29Expand obsolete M_ASN1.*(cmp|dup|print|set) macros - no change in generatedJoel Sing
assembly. ok bcook@
2015-07-25Expand another ASN.1 template macro that snuck through last time around.Joel Sing
No change in generated assembly.
2015-07-25Expand ASN.1 template macros - no change in generated assembly.Joel Sing
2015-05-15Fix return paths with missing EVP_CIPHER_CTX_cleanup() calls.Jonathan Gray
ok doug@
2015-02-14Attempt to correctly free temporary storage upon error. With help fromMiod Vallat
doug@ and jsing@, ok doug@ three months ago (sigh... I sometimes suck bigtime at commiting bugfixes)
2015-02-14Try and fix a bunch of memory leaks upon error;Miod Vallat
ok tedu@ about 7 months ago and I was sitting upon this diff for no reason
2015-02-09Expand the IMPLEMENT_ASN1_FUNCTIONS macro so that the code is visible andJoel Sing
functions can be readily located. Change has been scripted and there is no change to the generated assembly. Discussed with beck@ miod@ tedu@
2015-02-07Delete a lot of #if 0 code in libressl.Doug Hogan
There are a few instances where #if 1 is removed but the code remains. Based on the following OpenSSL commits. Some of the commits weren't strictly deletions so they are going to be split up into separate commits. 6f91b017bbb7140f816721141ac156d1b828a6b3 3d47c1d331fdc7574d2275cda1a630ccdb624b08 dfb56425b68314b2b57e17c82c1df42e7a015132 c8fa2356a00cbaada8963f739e5570298311a060 f16a64d11f55c01f56baa62ebf1dec7f8fe718cb 9ccc00ef6ea65567622e40c49aca43f2c6d79cdb 02a938c953b3e1ced71d9a832de1618f907eb96d 75d0ebef2aef7a2c77b27575b8da898e22f3ccd5 d6fbb194095312f4722c81c9362dbd0de66cb656 6f1a93ad111c7dfe36a09a976c4c009079b19ea1 1a5adcfb5edfe23908b350f8757df405b0f5f71f 8de24b792743d11e1d5a0dcd336a49368750c577 a2b18e657ea1a932d125154f4e13ab2258796d90 8e964419603d2478dfb391c66e7ccb2dcc9776b4 32dfde107636ac9bc62a5b3233fe2a54dbc27008 input + ok jsing@, miod@, tedu@
2014-10-22In PKCS12_setup_mac(), do not assign p12->mac->salt->length until the allocationMiod Vallat
of p12->mac->salt->data has actually succeeded. In one of my trees for a long time already...
2014-10-22Use arc4random_buf() instead of RAND_bytes() or RAND_pseudo_bytes().Joel Sing
arc4random_buf() is guaranteed to always succeed - it is worth noting that a number of the replaced function calls were already missing return value checks. ok deraadt@
2014-07-12if (x) FOO_free(x) -> FOO_free(x).Miod Vallat
Improves readability, keeps the code smaller so that it is warmer in your cache. review & ok deraadt@
2014-07-11Only import cryptlib.h in the four source files that actually need it.Joel Sing
Remove the openssl public includes from cryptlib.h and add a small number of includes into the source files that actually need them. While here, also sort/group/tidy the includes. ok beck@ miod@
2014-07-10Explicitly include <openssl/opensslconf.h> in every file that referencesJoel Sing
an OPENSSL_NO_* define. This avoids relying on something else pulling it in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is never going to do anything, since OPENSSL_NO_XYZ will never defined, due to the fact that opensslconf.h has not been included. This also includes some miscellaneous sorting/tidying of headers.
2014-07-10Stop including standard headers via cryptlib.h - pull in the headers thatJoel Sing
are needed in the source files that actually require them. ok beck@ miod@
2014-07-10One sure hopes that OPENSSL_cleanse will:Joel Sing
/* Clear password from memory */
2014-07-10Remove DEBUG_KEYGEN and DEBUG_DECRYPT support.Miod Vallat
2014-07-08KNF.Joel Sing
2014-07-08KNF.Joel Sing
2014-06-12tags as requested by miod and teduTheo de Raadt
2014-06-04Fix a leak that can occur when len == 0, and as a result we leak a \0 byte.Loganaden Velvindron
(From Frantisek Boranek) OK from miod@
2014-05-29Everything sane has stdio, and FILE *. we don't need ifdefs for this.Bob Beck
ok to firebomb from tedu@
2014-04-17Change library to use intrinsic memory allocation functions instead ofBob Beck
OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free
2014-04-15we don't use these files for buildingTed Unangst
2014-04-15remove FIPS mode support. people who require FIPS can buy something thatTed Unangst
meets their needs, but dumping it in here only penalizes the rest of us. ok beck deraadt
2014-04-14remove auto-generated dependencies from the old unused build system, soTheo de Raadt
that it is easier to find code pieces. They are getting in the way. ok miod
2014-04-13Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery.Miod Vallat
2012-10-13resolve conflictsDamien Miller