Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/mono/boringssl.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/include/openssl/digest.h
AgeCommit message (Collapse)Author
2016-05-20Add |EVP_dss1| as an alias for |EVP_sha1| in decrepit.Adam Langley
Change-Id: I51fa744c367d1f0c7044050f99c4992778e649bd Reviewed-on: https://boringssl-review.googlesource.com/8030 Reviewed-by: David Benjamin <davidben@google.com>
2016-04-19Reimplement PKCS#12 key derivation.David Benjamin
This is avoids pulling in BIGNUM for doing a straight-forward addition on a block-sized value, and avoids a ton of mallocs. It's also -Wconversion-clean, unlike the old one. In doing so, this replaces the HMAC_MAX_MD_CBLOCK with EVP_MAX_MD_BLOCK_SIZE. By having the maximum block size available, most of the temporary values in the key derivation don't need to be malloc'd. BUG=22 Change-Id: I940a62bba4ea32bf82b1190098f3bf185d4cc7fe Reviewed-on: https://boringssl-review.googlesource.com/7688 Reviewed-by: Steven Valdez <svaldez@google.com> Reviewed-by: David Benjamin <davidben@google.com>
2016-04-19Make EVP_MD_CTX size functions return size_t.David Benjamin
The EVP_MD versions do, so the types should bubble up. BUG=22 Change-Id: Ibccbc9ff35bbfd3d164fc28bcdd53ed97c0ab338 Reviewed-on: https://boringssl-review.googlesource.com/7687 Reviewed-by: Steven Valdez <svaldez@google.com> Reviewed-by: David Benjamin <davidben@google.com>
2015-09-29Documentation typo.David Benjamin
Change-Id: I2dc4253a2456625057c8188c6cb9b0b7300d6c79 Reviewed-on: https://boringssl-review.googlesource.com/5951 Reviewed-by: Adam Langley <agl@google.com>
2015-09-24Update comments in digest.h to consistently mention that digest size and ↵Eric Roman
block size are measured in bytes. Change-Id: Ie75c68132fd501549b2ad5203663f6e99867eed6 Reviewed-on: https://boringssl-review.googlesource.com/5970 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
2015-07-16Get rid of err function codes.David Benjamin
Running make_errors.go every time a function is renamed is incredibly tedious. Plus we keep getting them wrong. Instead, sample __func__ (__FUNCTION__ in MSVC) in the OPENSSL_PUT_ERROR macro and store it alongside file and line number. This doesn't change the format of ERR_print_errors, however ERR_error_string_n now uses the placeholder "OPENSSL_internal" rather than an actual function name since that only takes the uint32_t packed error code as input. This updates err scripts to not emit the function string table. The OPENSSL_PUT_ERROR invocations, for now, still include the extra parameter. That will be removed in a follow-up. BUG=468039 Change-Id: Iaa2ef56991fb58892fa8a1283b3b8b995fbb308d Reviewed-on: https://boringssl-review.googlesource.com/5275 Reviewed-by: Adam Langley <agl@google.com>
2015-06-25Remove EVP_PKEY_HMAC.David Benjamin
This removes EVP_PKEY_HMAC and all the support code around it. EVP_MD requires a lot of extra glue to support HMAC. This lets us prune it all away. As a bonus, it removes a (minor) dependency from EVP to the legacy ASN.1 stack. Change-Id: I5a9e3e39f518429828dbf13d14647fb37d9dc35a Reviewed-on: https://boringssl-review.googlesource.com/5120 Reviewed-by: Adam Langley <agl@google.com>
2015-06-04Add |EVP_get_digestbyname|.Matt Braithwaite
Change-Id: If7078ea68f037caf8e26fa0b714e96e64d50dfa9 Reviewed-on: https://boringssl-review.googlesource.com/5000 Reviewed-by: Adam Langley <agl@google.com>
2015-06-02Unexport and prune EVP_MD_CTX flags.David Benjamin
The only flag is EVP_MD_CTX_FLAG_NO_INIT and no good can possibly come of anyone outside EVP_PKEY_HMAC calling it. (And indeed no one calls it. EVP_MD_CTX_set_flags has a caller in wpa_supplicant, but it uses EVP_MD_CTX_FLAG_NON_FIPS_ALLOW which we don't define. The call is guarded by a pair of ifdefs for some FIPS mode wpa_supplicant.) Change-Id: I70ab8ffa646f3f75dfa4d37c96b9e82448ff1e40 Reviewed-on: https://boringssl-review.googlesource.com/4971 Reviewed-by: Adam Langley <agl@google.com>
2015-06-02EVP_Digest*Update, EVP_DigestFinal, and HMAC_Update can never fail.David Benjamin
Enough code fails to check their return codes anyway. We ought to make it official. Change-Id: Ie646360fd7073ea943036f5e21bed13df7e1b77a Reviewed-on: https://boringssl-review.googlesource.com/4954 Reviewed-by: Adam Langley <agl@google.com>
2015-04-13Replace MD5 in examples with SHA-256.Brian Smith
Avoiding superflous references to MD5 makes it easier to audit the code to find unsafe uses of it. It also avoids subtly encouraging users to choose MD5 instead of a better alternative. Change-Id: Ic78eb5dfbf44aac39e4e4eb29050e3337c4445cc Reviewed-on: https://boringssl-review.googlesource.com/3926 Reviewed-by: Adam Langley <agl@google.com>
2015-04-13Remove crypto/obj dependencies from low-level crypto tests.Brian Smith
The only dependency the low-level crypto modules have on code in crypto/obj is their use of OBJ_nid2sn, which is trivial to avoid. This facilitates future simplification of crypto/obj, including possibly the removal of functions like OBJ_nid2sn and the complex build infrastructure that supports them. This change also removes EVP_CIPHER_name and EVP_MD_name. Change-Id: I34ce7dc7e58d5c08b52f95d25eba3963590cf2f7 Reviewed-on: https://boringssl-review.googlesource.com/3932 Reviewed-by: Adam Langley <agl@google.com>
2015-01-15Various documentation fixes.David Benjamin
Add some missing headers and ensure each header has a short description. doc.go gets confused at declarations that break before the first (, so avoid doing that. Also skip a/an/deprecated: in markupFirstWord and process pipe words in the table of contents. Change-Id: Ia08ec5ae8e496dd617e377e154eeea74f4abf435 Reviewed-on: https://boringssl-review.googlesource.com/2839 Reviewed-by: Adam Langley <agl@google.com>
2015-01-15Deprecate EVP_PKEY_HMAC.David Benjamin
Now that BoringSSL no longer uses it internally, deprecate it until we can get any Google code off it and remove it altogether. Change-Id: I0e15525600b27a65f84b4bb820b879b2424a0ef7 Reviewed-on: https://boringssl-review.googlesource.com/2701 Reviewed-by: Adam Langley <agl@google.com>
2014-12-02Add EVP_md5_sha1.David Benjamin
Use it in ssl3_cert_verify_hash so signing a pre-TLS-1.2 handshake hash can go through RSA_sign and be intercepted via RSA_METHOD appropriately. This avoids Windows needing to intercept sign_raw. (CAPI keys cannot provide sign_raw, unless the input size happens to be that of NID_md5_sha1.) Also use it in processing ServerKeyExchange to avoid special-casing RSA. BUG=crbug.com/437023 Change-Id: Ia07433f468b75fdf7bfc8fa90c9751639b2478e6 Reviewed-on: https://boringssl-review.googlesource.com/2420 Reviewed-by: David Benjamin <davidben@google.com>
2014-11-06Add digest_test with tests for all existing EVP_MDs.David Benjamin
Remove the existing md5_test and sha1_test. They now are all covered by digest_test. For good measure, test the one-shot functions too. Change-Id: I8e144cc563fb8817144e26cbd2e10c15642464ba Reviewed-on: https://boringssl-review.googlesource.com/2211 Reviewed-by: Adam Langley <agl@google.com>
2014-09-19Add misc functions for easier porting.Adam Langley
Android requested that the wpa_supplicant go upstream. This change adds some dummy functions and reinstates DSA_dup_DH in order to make the diff smaller and easier for upstream. Change-Id: I77ac271b8652bae5a0bbe16afde51d9096f3dfb5 Reviewed-on: https://boringssl-review.googlesource.com/1740 Reviewed-by: Adam Langley <agl@google.com>
2014-08-27Readd MD4.Adam Langley
Sadly this is needed by wpa_supplicant for NTLM hashes. Change-Id: I1c362c676a11ee01f301ff6fbd33d0669396ea23 Reviewed-on: https://boringssl-review.googlesource.com/1620 Reviewed-by: Adam Langley <agl@google.com>
2014-08-01Add visibility rules.Adam Langley
This change marks public symbols as dynamically exported. This means that it becomes viable to build a shared library of libcrypto and libssl with -fvisibility=hidden. On Windows, one not only needs to mark functions for export in a component, but also for import when using them from a different component. Because of this we have to build with |BORINGSSL_IMPLEMENTATION| defined when building the code. Other components, when including our headers, won't have that defined and then the |OPENSSL_EXPORT| tag becomes an import tag instead. See the #defines in base.h In the asm code, symbols are now hidden by default and those that need to be exported are wrapped by a C function. In order to support Chromium, a couple of libssl functions were moved to ssl.h from ssl_locl.h: ssl_get_new_session and ssl_update_cache. Change-Id: Ib4b76e2f1983ee066e7806c24721e8626d08a261 Reviewed-on: https://boringssl-review.googlesource.com/1350 Reviewed-by: Adam Langley <agl@google.com>
2014-07-15Move public headers to include/openssl/Adam Langley
Previously, public headers lived next to the respective code and there were symlinks from include/openssl to them. This doesn't work on Windows. This change moves the headers to live in include/openssl. In cases where some symlinks pointed to the same header, I've added a file that just includes the intended target. These cases are all for backwards-compat. Change-Id: I6e285b74caf621c644b5168a4877db226b07fd92 Reviewed-on: https://boringssl-review.googlesource.com/1180 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
2014-06-21Inital import.Adam Langley
Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
    generated by cgit v1.2.3 (git 2.25.1) at 2024-08-29 09:15:54 +0300