WireGuard implementation for the OpenBSD kernel https://git.zx2c4.com/wireguard-openbsd/atom/lib/libcrypto/engine?h=master 2019-01-19T01:18:56Z 2019-01-19T01:18:56Z tb tb@openbsd.org 2019-01-19T01:18:56Z urn:sha1:34b9bf2fb57e28ce4b02f1cb4d6589459d5d415a 2019-01-19T01:07:00Z tb tb@openbsd.org 2019-01-19T01:07:00Z urn:sha1:95bbafee923fa6de163e3661c2a57ce6eb7f740e This commit adds init/free, support for signing, setting and getting the method, engine support as well as extra data. from markus 2018-11-11T06:41:28Z bcook bcook@openbsd.org 2018-11-11T06:41:28Z urn:sha1:3938ed1ebd7560655156b4463ed629b56b149c35 This implements automatic thread support initialization in libcrypto. This does not remove any functions from the ABI, but does turn them into no-ops. Stub implementations of pthread_mutex_(init|lock|unlock) are provided for ramdisks. This does not implement the new OpenSSL 1.1 thread API internally, keeping the original CRYTPO_lock / CRYPTO_add_lock functions for library locking. For -portable, crypto_lock.c can be reimplemented with OS-specific primitives as needed. ok beck@, tb@, looks sane guenther@ 2018-08-24T19:25:31Z tb tb@openbsd.org 2018-08-24T19:25:31Z urn:sha1:19166cdd9eb4d39c19693cfb1e8d47c7855dc1f3 failure accordingly. ok jsing 2018-04-14T07:18:37Z tb tb@openbsd.org 2018-04-14T07:18:37Z urn:sha1:e6afdd5eed7ac14c5f89dee26d6b4f12bd45dd3a simplifies the caller side. tested by & ok inoguchi; discussed with schwarze 2018-04-14T07:09:21Z tb tb@openbsd.org 2018-04-14T07:09:21Z urn:sha1:341fd9e0365d25e6e931af82db9dcc52a587c361 OpenSSL commit 7c96dbcdab9 by Rich Salz. This cleans up the caller side quite a bit and reduces the number of lines enclosed in #ifndef OPENSSL_NO_ENGINE. codesearch.debian.net shows that almost nothing checks the return value of ENGINE_finish(). While there, replace a few nearby 'if (!ptr)' with 'if (ptr == NULL)'. ok jsing, tested by & ok inoguchi 2018-03-17T16:20:01Z beck beck@openbsd.org 2018-03-17T16:20:01Z urn:sha1:e68eaf899d992866359733a944d0495c6196ce94 This adds OPENSSL_init_crypto and OPENSSL_init_ssl, as well thread safety modifications for the existing LibreSSL init functions. The initialization routines are called automatically by the normal entry points into the library, as in newer OpenSSL ok jsing@, nits by tb@ and deraadt@ 2017-01-29T17:49:22Z beck beck@openbsd.org 2017-01-29T17:49:22Z urn:sha1:5067ae9f807f8af9e6350e51e6a54619386c06ba as was done earlier in libssl. Thanks inoguchi@ for noticing libssl had more reacharounds into this. ok jsing@ inoguchi@ 2016-12-21T15:49:29Z jsing jsing@openbsd.org 2016-12-21T15:49:29Z urn:sha1:9c014357d27958b76f90d0f0c951814c3eef0a81 Move the "internal" BN functions from bn.h to bn_lcl.h and stop exporting the bn_* symbols. These are documented as only being intended for internal use, so why they were placed in a public header is beyond me... This hides 363 previously exported symbols, most of which exist in headers that are not installed and were never intended to be public. This also removes a few crusty old things that should have died long ago (like _ossl_old_des_read_pw). But don't worry... there are still 3451 symbols exported from the library. With input and testing from inoguchi@. ok beck@ inoguchi@ 2016-11-04T17:30:30Z miod miod@openbsd.org 2016-11-04T17:30:30Z urn:sha1:e60c46c4c9a5c27f2a64a9eeda73a83a36b3f7a8 meaningful constants in a private header file, so that reviewers can actually get a chance to figure out what the code is attempting to do without knowing all cpuid bits. While there, turn it from an array of two 32-bit ints into a properly aligned 64-bit int. Use of OPENSSL_ia32_P is now restricted to the assembler parts. C code will now always use OPENSSL_cpu_caps() and check for the proper bits in the whole 64-bit word it returns. i386 tests and ok jsing@