| Age | Commit message (Collapse) | Author |
|---|
|
missing padding check in aesni functions
overflow in evp encode functions
use of invalid negative asn.1 types
ok beck
|
|
additions and functionality changes.
|
|
as reading passwords. allow ^C to break.
the pain was mine, the fix is miod's.
|
|
Rename the existing ChaCha20-Poly1305 cipher suites with an "-OLD" suffix,
effectively replaces the original Google implementation. We continue to
support both the IETF and Google versions, however the existing names
now refer to the ciphers from draft-ietf-tls-chacha20-poly1305-04.
Feedback from doug@
|
|
and replace with EVP_aead_chacha20_poly1305_ietf(). The IETF version will
become the standard version.
Discussed with many.
|
|
EVP_aead_chacha20_poly1305_ietf().
|
|
correctly - logically complete that now by removing MLINKS from base;
authors need only to ensure there is an entry in NAME for any function/
util being added. MLINKS will still work, and remain for perl to ease
upgrades;
ok nicm (curses) bcook (ssl)
ok schwarze, who provided a lot of feedback and assistance
ok tb natano jung
|
|
https://boringssl.googlesource.com/boringssl/+/6b6e0b20893e2be0e68af605a60ffa2cbb0ffa64%5E!/#F0
ok millert@, beck@
|
|
returning one (indicating success). Each function has only a single
usage, and both usages check the return value.
Merged from BoringSSL 0ce78a757d815c0dde9ed5884229f3a5b2cb3e9c:
https://boringssl.googlesource.com/boringssl/+/0ce78a757d815c0dde9ed5884229f3a5b2cb3e9c%5E!/#F0
ok beck@
|
|
"the" with the obviously intended word.
Started with a "the the" spotted by Mihal Mazurek.
|
|
information
and they should not be a performance bottleneck
ok miod@ krw@
|
|
Started by diff from Mical Mazurek.
|
|
Noted here, https://github.com/libressl-portable/portable/issues/161, we
document a non-existent constant in the examples for
EVP_PKEY_CTX_set_rsa_padding.
ok deraadt@
|
|
Noticed by pascal-cuoq from Github:
https://github.com/libressl-portable/openbsd/issues/56
ok beck@
|
|
void return types 'return no value'. This is obvious and therefore
unneccessary to mention.
We spare rewind(3)'s sentence because espie@ pointed out that it's a
warning - the function masks a potential error.
This commit also adds a sentence to X509_free clarifying that it's
NULL-safe. This bit was discussed with doug@.
ok martijn@, sentiment supported by schwarze@
|
|
|
|
|
|
ok doug@
|
|
|
|
|
|
|
|
ok doug@ bcook@
|
|
uses a macro with multiple-evaluations of arguments (different amount
than the previous version..), but doug/bcook's inline version makes
BIGNUM not opaque [problem spotted by naddy]
ok doug
|
|
|
|
inspired by guido vranken https://guidovranken.wordpress.com/2016/03/01/public-disclosure-malformed-private-keys-lead-to-heap-corruption-in-b2i_pvk_bio/
ok doug@
|
|
Need to make sure i * 4 won't overflow. Based on OpenSSL:
commit 99ba9fd02fd481eb971023a3a0a251a37eb87e4c
input + ok bcook@
ok beck@
|
|
ok deraadt@
|
|
Based on a few OpenSSL commits:
Remove ancient DSA workarounds
commit ab4a81f69ec88d06c9d8de15326b9296d7f498ed
Remove workaround for broken DSA implementations using negative integers
commit dfb10af92e9663ce4eefaa1d6b678817fa85344d
Typo in error name (EVP_R_DECODE_ERROR -> DSA_R_DECODE_ERROR)
commit f6fb7f1856d443185c23f1a5968c08b4269dd37d
ok beck@
|
|
ok doug@
|
|
from ray@, ok jmc@
|
|
ok jsing@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
ok guenther@
|
|
ok guenther@
|
|
ok guenther@
|
|
|
|
case is ok.
ok bcook@
|
|
ok bcook@
|
|
ok bcook@
|
|
ok jsing@, deraadt@, beck@
|
|
The recently-added EVP_aead_chacha20_poly1305_ietf() function, which implements
informational RFC 7539, "ChaCha20 and Poly1305 for IETF Protocols", needs a
64-bit counter to avoid truncation on 32-bit platforms.
The existing TLS ChaCha20-Poly1305 ciphersuite is not impacted by this, but
making this change requires an ABI bump.
ok jsing@, "Looks sane" beck@
|
|
This enables ENGINE_get_digest to work again with SHA1.
noted by NARUSE, Yui, @nurse from github
|
|
ok djm@ jsing@
|
|
ok krw@
|
