Rename lots of *_intern or *_internal function to int_*

There was a lot of naming inconsistency, so we try and standardise on
one form.

Reviewed-by: Tim Hudson <tjh@openssl.org>

Rename lots of *_intern or *_internal function to int_*

There was a lot of naming inconsistency, so we try and standardise on
one form.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

show more ...

Move dso.h to internal

Reviewed-by: Richard Levitte <levitte@openssl.org>

Remove #error from include files.

Don't have #error statements in header files, but instead wrap
the contents of that file in #ifndef OPENSSL_NO_xxx
This means it is now always safe

Remove #error from include files.

Don't have #error statements in header files, but instead wrap
the contents of that file in #ifndef OPENSSL_NO_xxx
This means it is now always safe to include the header file.

Reviewed-by: Richard Levitte <levitte@openssl.org>

show more ...

Rename EVP_CIPHER_CTX_cipher_data to EVP_CIPHER_CTX_get_cipher_data

We had the function EVP_CIPHER_CTX_cipher_data which is newly added for
1.1.0. As we now also need an EVP_CIPHER_CTX_s

Rename EVP_CIPHER_CTX_cipher_data to EVP_CIPHER_CTX_get_cipher_data

We had the function EVP_CIPHER_CTX_cipher_data which is newly added for
1.1.0. As we now also need an EVP_CIPHER_CTX_set_cipher_data it makes
more sense for the former to be called EVP_CIPHER_CTX_get_cipher_data.

Reviewed-by: Tim Hudson <tjh@openssl.org>

show more ...

Don't run RC4 test with no-rc4

Reviewed-by: Richard Levitte <levitte@openssl.org>

Auto init/deinit libcrypto

This builds on the previous commit to auto initialise/deinitialise
libcrypto.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Remove /* foo.c */ comments

This was done by the following
find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
print unless $. == 1

Remove /* foo.c */ comments

This was done by the following
find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
print unless $. == 1 && m@/\* .*\.[ch] \*/@;
close ARGV if eof; # Close file to reset $.

And then some hand-editing of other files.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

show more ...

Adapt all engines that need it to opaque EVP_CIPHER

Reviewed-by: Rich Salz <rsalz@openssl.org>

Adapt cipher implementations to opaque EVP_CIPHER_CTX

Note: there's a larger number of implementations in crypto/evp/ that
aren't affected because they include evp_locl.h. They will be

Adapt cipher implementations to opaque EVP_CIPHER_CTX

Note: there's a larger number of implementations in crypto/evp/ that
aren't affected because they include evp_locl.h. They will be handled
in a separate commit.

Reviewed-by: Rich Salz <rsalz@openssl.org>

show more ...

set standard EC method in eng_openssl

Reviewed-by: Richard Levitte <levitte@openssl.org>

remove ECDSA_METHOD from ENGINE

Reviewed-by: Richard Levitte <levitte@openssl.org>

remove ECDH_METHOD from ENGINE

Reviewed-by: Richard Levitte <levitte@openssl.org>

Adapt the rest of the source to the opaque HMAC_CTX

Reviewed-by: Rich Salz <rsalz@openssl.org>

Adapt all engines that add new EVP_MDs

Reviewed-by: Rich Salz <rsalz@openssl.org>

Adjust all accesses to EVP_MD_CTX to use accessor functions.

Reviewed-by: Rich Salz <rsalz@openssl.org>

Adapt HMAC to the EVP_MD_CTX changes

This change required some special treatment, as HMAC is intertwined
with EVP_MD. For now, all local HMAC_CTX variables MUST be
initialised with

Adapt HMAC to the EVP_MD_CTX changes

This change required some special treatment, as HMAC is intertwined
with EVP_MD. For now, all local HMAC_CTX variables MUST be
initialised with HMAC_CTX_EMPTY, or whatever happens to be on the
stack will be mistaken for actual pointers to EVP_MD_CTX. This will
change as soon as HMAC_CTX becomes opaque.

Also, since HMAC_CTX_init() can fail now, its return type changes from
void to int, and it will return 0 on failure, 1 on success.

Reviewed-by: Rich Salz <rsalz@openssl.org>

show more ...

Remove legacy sign/verify from EVP_MD.

Remove sign/verify and required_pkey_type fields of EVP_MD: these are a
legacy from when digests were linked to public key types. All signing is

Remove legacy sign/verify from EVP_MD.

Remove sign/verify and required_pkey_type fields of EVP_MD: these are a
legacy from when digests were linked to public key types. All signing is
now handled by the corresponding EVP_PKEY_METHOD.

Only allow supported digest types in RSA EVP_PKEY_METHOD: other algorithms
already block unsupported types.

Remove now obsolete EVP_dss1() and EVP_ecdsa().

Reviewed-by: Richard Levitte <levitte@openssl.org>

show more ...

Continue standardising malloc style for libcrypto

Continuing from previous commit ensure our style is consistent for malloc
return checks.

Reviewed-by: Kurt Roeckx <kurt@openssl

Continue standardising malloc style for libcrypto

Continuing from previous commit ensure our style is consistent for malloc
return checks.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

show more ...

Replace "SSLeay" in API with OpenSSL

All instances of SSLeay (any combination of case) were replaced with
the case-equivalent OpenSSL.

Reviewed-by: Richard Levitte <levitte@open

Replace "SSLeay" in API with OpenSSL

All instances of SSLeay (any combination of case) were replaced with
the case-equivalent OpenSSL.

Reviewed-by: Richard Levitte <levitte@openssl.org>

show more ...

Fix no-stdio build

Much related/similar work also done by
Ivan Nestlerode <ivan.nestlerode@sonos.com>

+Replace FILE BIO's with dummy ops that fail.
+Include <stdio.h>

Fix no-stdio build

Much related/similar work also done by
Ivan Nestlerode <ivan.nestlerode@sonos.com>

+Replace FILE BIO's with dummy ops that fail.
+Include <stdio.h> for sscanf() even with no-stdio (since the declaration
is there). We rely on sscanf() to parse the OPENSSL_ia32cap environment
variable, since it can be larger than a 'long'. And we don't rely on the
availability of strtoull().
+Remove OPENSSL_stderr(); not used.
+Make OPENSSL_showfatal() do nothing (currently without stdio there's
nothing we can do).
+Remove file-based functionality from ssl/. The function
prototypes were already gone, but not the functions themselves.
+Remove unviable conf functionality via SYS_UEFI
+Add fallback definition of BUFSIZ.
+Remove functions taking FILE * from header files.
+Add missing DECLARE_PEM_write_fp_const
+Disable X509_LOOKUP_hash_dir(). X509_LOOKUP_file() was already compiled out,
so remove its prototype.
+Use OPENSSL_showfatal() in CRYPTO_destroy_dynlockid().
+Eliminate SRP_VBASE_init() and supporting functions. Users will need to
build the verifier manually instead.
+Eliminate compiler warning for unused do_pk8pkey_fp().
+Disable TEST_ENG_OPENSSL_PKEY.
+Disable GOST engine as is uses [f]printf all over the place.
+Eliminate compiler warning for unused send_fp_chars().

Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>

show more ...

remove 0 assignments.

After openssl_zalloc, cleanup more "set to 0/NULL" assignments.
Many are from github feedback.

Reviewed-by: Tim Hudson <tjh@openssl.org>

Identify and move common internal libcrypto header files

There are header files in crypto/ that are used by a number of crypto/
submodules. Move those to crypto/include/internal and ada

Identify and move common internal libcrypto header files

There are header files in crypto/ that are used by a number of crypto/
submodules. Move those to crypto/include/internal and adapt the
affected source code and Makefiles.

The header files that got moved are:

crypto/cryptolib.h
crypto/md32_common.h

Reviewed-by: Rich Salz <rsalz@openssl.org>

show more ...

Use "==0" instead of "!strcmp" etc

For the various string-compare routines (strcmp, strcasecmp, str.*cmp)
use "strcmp()==0" instead of "!strcmp()"

Reviewed-by: Tim Hudson <tjh@o

Use "==0" instead of "!strcmp" etc

For the various string-compare routines (strcmp, strcasecmp, str.*cmp)
use "strcmp()==0" instead of "!strcmp()"

Reviewed-by: Tim Hudson <tjh@openssl.org>

show more ...

Use safer sizeof variant in malloc

For a local variable:
TYPE *p;
Allocations like this are "risky":
p = OPENSSL_malloc(sizeof(TYPE));
if the type of p change

Use safer sizeof variant in malloc

For a local variable:
TYPE *p;
Allocations like this are "risky":
p = OPENSSL_malloc(sizeof(TYPE));
if the type of p changes, and the malloc call isn't updated, you
could get memory corruption. Instead do this:
p = OPENSSL_malloc(sizeof(*p));
Also fixed a few memset() calls that I noticed while doing this.

Reviewed-by: Richard Levitte <levitte@openssl.org>

show more ...

free cleanup almost the finale

Add OPENSSL_clear_free which merges cleanse and free.
(Names was picked to be similar to BN_clear_free, etc.)
Removed OPENSSL_freeFunc macro.
Fixed

free cleanup almost the finale

Add OPENSSL_clear_free which merges cleanse and free.
(Names was picked to be similar to BN_clear_free, etc.)
Removed OPENSSL_freeFunc macro.
Fixed the small simple ones that are left:
CRYPTO_free CRYPTO_free_locked OPENSSL_free_locked

Reviewed-by: Richard Levitte <levitte@openssl.org>

show more ...