| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
Continuing from previous commit ensure our style is consistent for malloc
return checks.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
|
|
|
|
|
| |
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
|
|
|
|
|
| |
After openssl_zalloc, cleanup more "set to 0/NULL" assignments.
Many are from github feedback.
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
|
|
|
|
|
|
|
| |
Recent HMAC changes broke ABI compatibility due to a new field in HMAC_CTX.
This backs that change out, and does it a different way.
Thanks to Timo Teras for the concept.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
|
|
|
|
|
|
|
| |
In the event of an error in the HMAC function, leaks can occur because the
HMAC_CTX does not get cleaned up.
Thanks to the BoringSSL project for reporting this issue.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We had updates of certain header files in both Makefile.org and the
Makefile in the directory the header file lived in. This is error
prone and also sometimes generates slightly different results (usually
just a comment that differs) depending on which way the update was
done.
This removes the file update targets from the top level Makefile, adds
an update: target in all Makefiles and has it depend on the depend: or
local_depend: targets, whichever is appropriate, so we don't get a
double run through the whole file tree.
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
|
|
| |
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There are header files in crypto/ that are used by a number of crypto/
submodules. Move those to crypto/include/internal and adapt the
affected source code and Makefiles.
The header files that got moved are:
crypto/cryptolib.h
crypto/md32_common.h
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
|
|
|
|
|
| |
For the various string-compare routines (strcmp, strcasecmp, str.*cmp)
use "strcmp()==0" instead of "!strcmp()"
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For a local variable:
TYPE *p;
Allocations like this are "risky":
p = OPENSSL_malloc(sizeof(TYPE));
if the type of p changes, and the malloc call isn't updated, you
could get memory corruption. Instead do this:
p = OPENSSL_malloc(sizeof(*p));
Also fixed a few memset() calls that I noticed while doing this.
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
|
|
|
|
|
|
|
|
| |
Add OPENSSL_clear_free which merges cleanse and free.
(Names was picked to be similar to BN_clear_free, etc.)
Removed OPENSSL_freeFunc macro.
Fixed the small simple ones that are left:
CRYPTO_free CRYPTO_free_locked OPENSSL_free_locked
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
|
|
| |
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
With no more symlinks, there's no need for those variables, or the links
target. This also goes for all install: and uninstall: targets that do
nothing but copy $(EXHEADER) files, since that's now taken care of by the
top Makefile.
Also, removed METHTEST from test/Makefile. It looks like an old test that's
forgotten...
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rather than making include/openssl/foo.h a symlink to
crypto/foo/foo.h, this change moves the file to include/openssl/foo.h
once and for all.
Likewise, move crypto/foo/footest.c to test/footest.c, instead of
symlinking it there.
Originally-by: Geoff Thorpe <geoff@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
|
|
| |
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
|
|
| |
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
|
|
|
|
|
|
| |
create an HMAC
Inspired by BoringSSL commit 2fe7f2d0d9a6fcc75b4e594eeec306cc55acd594
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
|
|
| |
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
|
|
| |
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
|
|
|
|
| |
Move EVP internals to evp_int.h, remove -Ievp hack from crypto/Makefile
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
|
|
|
|
|
|
| |
Move ASN.1 internals used across multiple directories into new internal
header file asn1_int.h remove crypto/Makefile hack which allowed other
directories to include "asn1_locl.h"
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
|
|
|
|
| |
Mark them as such with OPENSSL_USE_DEPRECATED
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
|
|
|
|
|
| |
Disabling HMAC doesn't work. If it did it would end up disabling a lot of
OpenSSL functionality (it is required for all versions of TLS for example).
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
|
|
| |
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
|
|
| |
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
|
|
| |
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
|
|
| |
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
|
|
| |
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
|
|
| |
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
|
|
|
|
|
|
|
|
| |
This is a more comprehensive fix. It changes all
keygen apps to use 2K keys. It also changes the
default to use SHA256 not SHA1. This is from
Kurt's upstream Debian changes.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
|
|
|
|
|
| |
Signed-off-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
|
|
|
| |
Add functions to return the "bits of security" for various public key
algorithms. Based on SP800-57.
|
|
|
|
| |
aspirational __owur annotations.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
to EVP any more.
Move locking #define into fips.h.
Set FIPS locking callbacks at same time as OpenSSL locking callbacks.
|
|
|
|
|
|
| |
Use EVP macros.
Use tiny EVP in FIPS mode.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
now print out signatures instead of the standard hex dump.
More complex signatures (e.g. PSS) can print out more meaningful information.
Sample DSA version included that prints out the signature parameters r, s.
[Note EVP_PKEY_ASN1_METHOD is an application opaque structure so adding
new fields in the middle has no compatibility issues]
|
|
|
|
| |
later.
|
| |
|
| |
|
|
|
|
| |
test for them!
|
|
|
|
|
|
| |
knock-on work than expected - they've been extracted into a patch
series that can be completed elsewhere, or in a different branch,
before merging back to HEAD.
|
| |
|
| |
|