Commit Graph

33 Commits

Author SHA1 Message Date
Dr. David von Oheimb
af16097feb Move more general parts of internal/cryptlib.h to new internal/common.h
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15847)
2021-11-17 15:48:37 +01:00
Dr. David von Oheimb
747adb6a01 Add and use HAS_CASE_PREFIX(), CHECK_AND_SKIP_CASE_PREFIX(), and HAS_CASE_SUFFIX()
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15847)
2021-11-17 15:48:37 +01:00
x2018
1287dabd0b fix some code with obvious wrong coding style
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16918)
2021-10-28 13:10:46 +10:00
Bernd Edlinger
64da15c40d Replace the AES-128-CBC-HMAC-SHA1 cipher in e_ossltest.c
This replaces the AES-128-CBC-HMAC-SHA1 cipher with a
non-encrypting version for use the test suite.

[extended tests]

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16693)
2021-10-06 15:18:10 +02:00
Matt Caswell
38fc02a708 Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15801)
2021-06-17 13:24:59 +01:00
Tomas Mraz
ed576acdf5 Rename all getters to use get/get0 in name
For functions that exist in 1.1.1 provide a simple aliases via #define.

Fixes #15236

Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_,
EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_,
EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_,
EVP_MD_, and EVP_CIPHER_ prefixes are renamed.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15405)
2021-06-01 12:40:00 +02:00
Richard Levitte
0a3b330cf0 Add test to demonstrate the app's new engine key loading
This adds a bit of functionality in ossltest, so it can now be used to
load PEM files.  It takes the file name as key ID, but just to make
sure faults aren't ignored, it requires all file names to be prefixed
with 'ot:'.

Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/13570)
2020-12-02 20:19:41 +01:00
Pauli
cf8e8cba93 deprecate engines
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12226)
2020-07-16 09:12:27 +02:00
Matt Caswell
33388b44b6 Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11616)
2020-04-23 13:55:52 +01:00
Pauli
85d843c8ec Deprecate the low level SHA functions.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10791)
2020-01-19 10:14:39 +10:00
Richard Levitte
ab3fa1c0ad Following the license change, modify the boilerplates in engines/
[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7832)
2018-12-06 15:36:54 +01:00
Matt Caswell
3295d24238 Use the TLSv1.3 record header as AAD
As of TLSv1.3 draft-25 the record header data must be used as AAD

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/5604)
2018-03-14 09:51:20 +00:00
Matt Caswell
6738bf1417 Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
2018-02-13 13:59:25 +00:00
Matt Caswell
04e3bb045f Fix some undefined behaviour in ossltest engine
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5266)
2018-02-07 21:34:18 +00:00
Dr. Stephen Henson
c57c32a8b1 Add predicatable RAND_METHOD to test ENGINE
The test ENGINE effectively used a predictable PRNG because it supplied
a bogus implementation of SHA256 which the old version of OpenSSL's PRNG
used. The new DRBG does not use SHA256 so it is no longer predictable
if the SHA256 implementation is replaced. Use an explicit predictable
PRNG instead.

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/4098)
2017-08-06 19:24:32 +01:00
Rich Salz
52df25cf2e make error tables const and separate header file
Run perltidy on util/mkerr
Change some mkerr flags, write some doc comments
Make generated tables "const" when genearting lib-internal ones.
Add "state" file for mkerr
Renerate error tables and headers
Rationalize declaration of ERR_load_XXX_strings
Fix out-of-tree build
Add -static; sort flags/vars for options.
Also tweak code output
Moved engines/afalg to engines (from master)
Use -static flag
Standard engine #include's of errors
Don't linewrap err string tables unless necessary

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3392)
2017-06-07 15:12:03 -04:00
Matt Caswell
6606d60054 Fix some style issues in the TLSv1.3 nonce construction code
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-11-29 23:31:10 +00:00
Matt Caswell
bebc0c7d85 Use the TLSv1.3 nonce construction
This updates the record layer to use the TLSv1.3 style nonce construciton.
It also updates TLSProxy and ossltest to be able to recognise the new
layout.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-11-29 23:31:10 +00:00
Matt Caswell
ca0b75ade0 Fix some style issues in ossltest
Based on feedback received

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-11-02 13:28:21 +00:00
Matt Caswell
aad22ba2c6 Make sure ossltest engine works with TLS1.3
This might need more changes once we do a "real" TLS1.3 ciphersuite. But it
should do for now.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-11-02 13:12:11 +00:00
Rich Salz
440e5d805f Copyright consolidation 02/10
Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-05-17 14:20:27 -04:00
Matt Caswell
7b9f8f7f03 Auto init/deinit libcrypto
This builds on the previous commit to auto initialise/deinitialise
libcrypto.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2016-02-09 15:11:38 +00:00
Rich Salz
349807608f Remove /* foo.c */ comments
This was done by the following
        find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
        print unless $. == 1 && m@/\* .*\.[ch] \*/@;
        close ARGV if eof; # Close file to reset $.

And then some hand-editing of other files.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-01-26 16:40:43 -05:00
Richard Levitte
39e8d0ce73 Adapt all engines that need it to opaque EVP_CIPHER
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-12 13:52:22 +01:00
Richard Levitte
936166aff2 Adapt cipher implementations to opaque EVP_CIPHER_CTX
Note: there's a larger number of implementations in crypto/evp/ that
aren't affected because they include evp_locl.h.  They will be handled
in a separate commit.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-01-12 13:52:22 +01:00
Richard Levitte
cddcea8c4b Adapt all engines that add new EVP_MDs
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-07 17:39:23 +01:00
Richard Levitte
6e59a892db Adjust all accesses to EVP_MD_CTX to use accessor functions.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-07 17:39:23 +01:00
Dr. Stephen Henson
7f572e958b Remove legacy sign/verify from EVP_MD.
Remove sign/verify and required_pkey_type fields of EVP_MD: these are a
legacy from when digests were linked to public key types. All signing is
now handled by the corresponding EVP_PKEY_METHOD.

Only allow supported digest types in RSA EVP_PKEY_METHOD: other algorithms
already block unsupported types.

Remove now obsolete EVP_dss1() and EVP_ecdsa().

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-02 17:52:01 +00:00
Matt Caswell
55646005a9 Continue malloc standardisation in engines
Continuing from previous work standardise use of malloc in the engine code.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-11-09 22:48:41 +00:00
Andy Polyakov
16a9542a17 Fix prototypes in e_ossttest.c.
Problem was exposed in mingw64 build, or in other words on P64 platform.

Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-09-29 18:05:29 +02:00
Matt Caswell
51a6081719 Change ossltest engine to manually allocate cipher_data
The ossltest engine wraps the built-in implementation of aes128-cbc.
Normally in an engine the cipher_data structure is automatically allocated
by the EVP layer. However this relies on the engine specifying up front
the size of that cipher_data structure. In the case of ossltest this value
isn't available at compile time. This change makes the ossltest engine
allocate its own cipher_data structure instead of leaving it to the EVP
layer.

Reviewed-by: Andy Polyakov <appro@openssl.org>
2015-09-25 15:13:57 +01:00
Richard Levitte
c0cbb4c19b Use dynamic engine for libssl test harness
Use a dynamic engine for ossltest engine so that we can build it without
subsequently deploying it during install. We do not want people accidentally
using this engine.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-08-11 20:27:46 +01:00
Matt Caswell
2d5d70b155 Add OSSLTest Engine
This engine is for testing purposes only. It provides crippled crypto
implementations and therefore must not be used in any instance where
security is required.

This will be used by the forthcoming libssl test harness which will operate
as a man-in-the-middle proxy. The test harness will be able to modify
TLS packets and read their contents. By using this test engine packets are
not encrypted and MAC codes always verify.

Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-08-11 20:27:46 +01:00