Commits · ef30a6845a538067829deadca61b000cedf214fd · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

12 Jan, 2016 28 commits

Fix typo in error message · ef30a684
Rich Salz authored Jan 12, 2016
```
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
```
ef30a684

Move Makefiles to Makefile.in · d10dac11

Rich Salz authored Jan 12, 2016



Create Makefile's from Makefile.in
Rename Makefile.org to Makefile.in
Rename Makefiles to Makefile.in
Address review feedback from Viktor and Richard

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

d10dac11

STACK_OF(SSL_COMP) is a public type · 4b1fa408
Viktor Dukhovni authored Jan 12, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
4b1fa408
fix jpaketest and correct comment · cf926b45
Dr. Stephen Henson authored Jan 12, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
cf926b45
Correct a small typo in CHANGES · d5b33a51
Richard Levitte authored Jan 12, 2016
```
Reviewed-by: Stephen Henson <steve@openssl.org>
```
d5b33a51
Add notes in CHANGES and NEWS · a718c627
Richard Levitte authored Jan 02, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
a718c627

Remove unused internal macros · 512fdfdf

Richard Levitte authored Dec 20, 2015



The M_EVP_* macros related to EVP_CIPHER / EVP_CIPHER_CTX are not
public, and are unused.

Reviewed-by: Rich Salz <rsalz@openssl.org>

512fdfdf

make update · ff4b7faf
Richard Levitte authored Dec 18, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
ff4b7faf
Document the new EVP_CIPHER and EVP_CIPHER_CTX functionality · 05fdb8d3
Richard Levitte authored Dec 18, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
05fdb8d3
Add back deprecated functions in macro form · 0ce56222
Richard Levitte authored Jan 08, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
0ce56222
Adapt all EVP_CIPHER users for it becoming opaque · 6c2ff56e
Richard Levitte authored Dec 18, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
6c2ff56e
EVP_CIPHER_CTX_new_cipher_data was a temporary measure, not needed any more · 3dcb9e4e
Richard Levitte authored Dec 18, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
3dcb9e4e
Adapt all engines that need it to opaque EVP_CIPHER · 39e8d0ce
Richard Levitte authored Dec 18, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
39e8d0ce

Adapt builtin cipher implementations to opaque EVP_CIPHER · 6435f0f6

Richard Levitte authored Dec 18, 2015



They all stop including evp_locl.h, so we also take care of their
adaptation to opaque EVP_CIPHER_CTX, as was promised in an earlier
commit.

Reviewed-by: Rich Salz <rsalz@openssl.org>

6435f0f6

Adapt the internal EVP routines to opaque EVP_CIPHER · 135727ab
Richard Levitte authored Dec 18, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
135727ab

Make EVP_CIPHER opaque and add creator/destructor/accessor/writer functions · e79f8773

Richard Levitte authored Dec 18, 2015



We follow the method used for EVP_MD.
Also, move all the internal EVP_CIPHER building macros from evp_locl.h
to evp_int.h.  This will benefit our builtin EVP_CIPHERs.

Reviewed-by: Rich Salz <rsalz@openssl.org>

e79f8773

Remove EVP_CIPHER_CTX_flags, it's only confusing · 480d3323

Richard Levitte authored Dec 18, 2015



EVP_CIPHER_CTX_flags was returning the flags of its associated
EVP_CIPHER.  However, EVP_CIPHER_CTX has flags of its own, so this
function is quite confusing and therefore error prone.

Reviewed-by: Rich Salz <rsalz@openssl.org>

480d3323

Adapt all EVP_CIPHER_CTX users for it becoming opaque · 846ec07d
Richard Levitte authored Dec 13, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
846ec07d

Adapt cipher implementations to opaque EVP_CIPHER_CTX · 936166af

Richard Levitte authored Dec 13, 2015



Note: there's a larger number of implementations in crypto/evp/ that
aren't affected because they include evp_locl.h.  They will be handled
in a separate commit.

Reviewed-by: Rich Salz <rsalz@openssl.org>

936166af

Adapt the internal EVP routines to opaque EVP_CIPHER_CTX · c0ca39bd
Richard Levitte authored Dec 13, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
c0ca39bd

Add accessors and writers for EVP_CIPHER_CTX · 83b06347

Richard Levitte authored Dec 13, 2015



New functions:

- EVP_CIPHER_CTX_encrypting()
- EVP_CIPHER_CTX_iv()
- EVP_CIPHER_CTX_iv_noconst()
- EVP_CIPHER_CTX_original_iv()
- EVP_CIPHER_CTX_buf_noconst()
- EVP_CIPHER_CTX_num()
- EVP_CIPHER_CTX_set_num()
- EVP_CIPHER_CTX_cipher_data()
- EVP_CIPHER_CTX_new_cipher_data()

Note that the accessors / writers for iv, buf and num may go away, as
those rather belong in the implementation's own structure (cipher_data)
when the implementation would affect them (that would be the case when
they are flagged EVP_CIPH_CUSTOM_IV or EVP_CIPH_FLAG_CUSTOM_CIPHER).

Reviewed-by: Rich Salz <rsalz@openssl.org>

83b06347

Make EVP_CIPHER_CTX opaque and renew the creator / destructor functions · 8baf9968

Richard Levitte authored Dec 13, 2015



Following the method used for EVP_MD_CTX and HMAC_CTX,
EVP_CIPHER_CTX_init and EVP_CIPHER_CTX_cleanup are joined together
into one function, EVP_CIPHER_CTX_reset, with EVP_CIPHER_CTX_init kept
as an alias.
EVP_CIPHER_CTX_cleanup fills no purpose of its own any more and is
therefore removed.

Reviewed-by: Rich Salz <rsalz@openssl.org>

8baf9968

RT4227: Range-check in apps. · bd4850df

Rich Salz authored Jan 11, 2016



Implement range-checking in all counts in apps.  Turns out only a couple
of cases were missing.  And make the range-checking code more strict.
Replace almost all opt_ulong() calls with opt_long()

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

bd4850df

Yet another make update. · 2bec39eb
Rich Salz authored Jan 11, 2016
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
2bec39eb

Make sure to have both upper and mixed case symbols in SYMBOL_VECTOR · d9aad55a

Richard Levitte authored Jan 12, 2016

It was assumed that the syntax FOO/Foo=PROCEDURE would create both an
upper case and mixed case symbol in the GST. Not so, it requires
having both FOO/Foo=PROCEDURE (to create the upper case alias) and
Foo=PROCEDURE (to create the mixed case slot).

We make sure that any symbol always occupies two slots (even those
that don't exist) by filling up with SPARE when necessary. That will
assure that any changes will still have the same symbols in the same
slots no matter what (save a complete rewrite of the ordinals files).

Reviewed-by: Rich Salz <rsalz@openssl.org>

d9aad55a

Use SPARE instead of PRIVATE_PROCEDURE to reserve unused SYMBOL_VECTOR slots · d4b009d5

Richard Levitte authored Jan 12, 2016



It was assumed that a dummy with the type PRIVATE_PROCEDURE would
simply occupy a slot but otherwise ignore the symbol.  Not so, but
there is SPARE for that purpose.

Reviewed-by: Rich Salz <rsalz@openssl.org>

d4b009d5

The limit per SYMBOL_VECTOR isn't the amount of symbols, it's the line length · fd40db9e
Richard Levitte authored Jan 12, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
fd40db9e
VMS INDENTIFICATION should only have the version number · 6bd3e10b
Richard Levitte authored Jan 12, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
6bd3e10b

11 Jan, 2016 12 commits
- GH528: "cipher -v" output is confusing. · baf245ec
  Rich Salz authored Jan 09, 2016
```
Fix the docs, and refactor some common code.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
```
  baf245ec
- Have mkdef.pl use case sensitive symbols for shareable symbol vector · 855eff54
  Richard Levitte authored Jan 11, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  855eff54
- Function pop_info() returned a dangling pointer · 96e25c49
  Pascal Cuoq authored Jan 10, 2016
```
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  96e25c49
- update ordinals · abf81f1f
  Dr. Stephen Henson authored Jan 11, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  abf81f1f
- Use ossl_inline and DEFINE_LHASH_OF · 89d6aa10
  Dr. Stephen Henson authored Jan 11, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  89d6aa10
- Remove mkstack.pl: it is no longer needed. · 26a884c2
  Dr. Stephen Henson authored Dec 24, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  26a884c2
- Add lh_doall_arg inlining · 2a056de8
  Dr. Stephen Henson authored Dec 24, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  2a056de8
- Add lh_doall inlining · 63c75cd6
  Dr. Stephen Henson authored Dec 24, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  63c75cd6
- Add lh_new() inlining · 62d0577e
  Dr. Stephen Henson authored Dec 24, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  62d0577e
- Inline LHASH_OF · e6b5c341
  Dr. Stephen Henson authored Jan 11, 2016
```
Make LHASH_OF use static inline functions.

Add new lh_get_down_load and lh_set_down_load functions and their
typesafe inline equivalents.

Make lh_error a function instead of a macro.

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  e6b5c341
- GH540: add casts to safestack.h · 8e423bde
  Alessandro Ghedini authored Jan 10, 2016
```
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
```
  8e423bde
- Fix jpaketest compilation error. · 7d57d4d0
  Dr. Stephen Henson authored Jan 11, 2016
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  7d57d4d0