oweals/openssl.git
5 years agosslapitest: add test ktls
Boris Pismenny [Tue, 13 Feb 2018 18:22:09 +0000 (20:22 +0200)]
sslapitest: add test ktls

Add a unit-test for ktls.

Signed-off-by: Boris Pismenny <borisp@mellanox.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5253)

5 years agossl: Linux TLS Tx Offload
Boris Pismenny [Thu, 1 Jun 2017 06:25:47 +0000 (09:25 +0300)]
ssl: Linux TLS Tx Offload

This patch adds support for the Linux TLS Tx socket option.
If the socket option is successful, then the data-path of the TCP socket
is implemented by the kernel.
We choose to set this option at the earliest - just after CCS is complete.

Signed-off-by: Boris Pismenny <borisp@mellanox.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5253)

5 years agoevp/e_aes: Expose IV
Boris Pismenny [Thu, 1 Jun 2017 05:54:55 +0000 (08:54 +0300)]
evp/e_aes: Expose IV

This commit exposes the cipher's IV to applications.

Signed-off-by: Boris Pismenny <borisp@mellanox.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5253)

5 years agobio: Linux TLS Offload
Boris Pismenny [Thu, 1 Jun 2017 05:46:33 +0000 (08:46 +0300)]
bio: Linux TLS Offload

Add support for Linux TLS offload in the BIO layer
and specifically in bss_sock.c.

Signed-off-by: Boris Pismenny <borisp@mellanox.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5253)

5 years agoConfigure Kernel TLS datapath
Boris Pismenny [Thu, 1 Feb 2018 12:10:22 +0000 (14:10 +0200)]
Configure Kernel TLS datapath

Allow users to disable ktls using the "no-ktls" option.
Also, disable ktls when cross-compiling, non-linux, or too-old-kernel.

Signed-off-by: Boris Pismenny <borisp@mellanox.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5253)

5 years agoLinux ktls infrastructure
Boris Pismenny [Wed, 31 Jan 2018 14:43:35 +0000 (16:43 +0200)]
Linux ktls infrastructure

Introduce a compatability layer that exposes the required structures
and constants for supporting ktls.

Signed-off-by: Boris Pismenny <borisp@mellanox.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5253)

5 years agoMake EVP_PKEY_asn1_add0() stricter about its input
Richard Levitte [Fri, 7 Dec 2018 08:26:04 +0000 (09:26 +0100)]
Make EVP_PKEY_asn1_add0() stricter about its input

It turns out that the strictness that was implemented in
EVP_PKEY_asn1_new() (see Github openssl/openssl#6880) was badly placed
for some usages, and that it's better to do this check only when the
method is getting registered.

Fixes #7758

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7847)

5 years agoOnly include opensslconf.h once
Matt Caswell [Thu, 6 Dec 2018 15:44:45 +0000 (15:44 +0000)]
Only include opensslconf.h once

Fixes a pyca cryptography test failure.

[extended tests]

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7839)

5 years agoRemove the cast from the definition of OPENSSL_VERSION_NUMBER
Matt Caswell [Thu, 6 Dec 2018 14:42:17 +0000 (14:42 +0000)]
Remove the cast from the definition of OPENSSL_VERSION_NUMBER

If a cast is included in the definition it cannot be used in preprocessor
expressions, e.g. "#if OPENSSL_VERSION_NUMBER > 0x10000000L"

[extended tests]

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7839)

5 years agoDoc: fix reference to deprecated methods.
FdaSilvaYY [Wed, 17 Oct 2018 20:30:32 +0000 (22:30 +0200)]
Doc: fix reference to deprecated methods.

Reviewed-by: Paul Yang <yang.yang@baishancloud.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/7705)

5 years agocurve25519.c: improve formula alignment
Dr. Matthias St. Pierre [Tue, 4 Dec 2018 22:59:24 +0000 (23:59 +0100)]
curve25519.c: improve formula alignment

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7750)

5 years agocurve25519.c: reformat code to follow coding guidelines
Dr. Matthias St. Pierre [Mon, 3 Dec 2018 21:01:18 +0000 (22:01 +0100)]
curve25519.c: reformat code to follow coding guidelines

Fixes #7698

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7750)

5 years agoRemaining boilerplate change in doc/man3/OpenSSL_version.pod
Richard Levitte [Thu, 6 Dec 2018 14:44:29 +0000 (15:44 +0100)]
Remaining boilerplate change in doc/man3/OpenSSL_version.pod

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7838)

5 years agoFollowing the license change, modify the boilerplates in include/ and crypto/include/
Richard Levitte [Thu, 6 Dec 2018 12:12:35 +0000 (13:12 +0100)]
Following the license change, modify the boilerplates in include/ and crypto/include/

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7770)

5 years agoFollowing the license change, modify the boilerplates in last few
Richard Levitte [Thu, 6 Dec 2018 13:08:43 +0000 (14:08 +0100)]
Following the license change, modify the boilerplates in last few

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7836)

5 years agoFollowing the license change, modify the boilerplates in external/
Richard Levitte [Thu, 6 Dec 2018 13:07:05 +0000 (14:07 +0100)]
Following the license change, modify the boilerplates in external/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7835)

5 years agoFollowing the license change, modify the boilerplates in demos/
Richard Levitte [Thu, 6 Dec 2018 13:08:15 +0000 (14:08 +0100)]
Following the license change, modify the boilerplates in demos/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7834)

5 years agoFollowing the license change, modify the boilerplates in fuzz/
Richard Levitte [Thu, 6 Dec 2018 13:07:47 +0000 (14:07 +0100)]
Following the license change, modify the boilerplates in fuzz/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7833)

5 years agoFollowing the license change, modify the boilerplates in engines/
Richard Levitte [Thu, 6 Dec 2018 13:07:27 +0000 (14:07 +0100)]
Following the license change, modify the boilerplates in engines/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7832)

5 years agoFollowing the license change, modify the boilerplates in doc/man7/
Richard Levitte [Thu, 6 Dec 2018 13:05:22 +0000 (14:05 +0100)]
Following the license change, modify the boilerplates in doc/man7/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7831)

5 years agoFollowing the license change, modify the boilerplates in doc/man5/
Richard Levitte [Thu, 6 Dec 2018 13:05:02 +0000 (14:05 +0100)]
Following the license change, modify the boilerplates in doc/man5/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7830)

5 years agoFollowing the license change, modify the boilerplates in doc/man3/
Richard Levitte [Thu, 6 Dec 2018 13:04:44 +0000 (14:04 +0100)]
Following the license change, modify the boilerplates in doc/man3/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7829)

5 years agoFollowing the license change, modify the boilerplates in doc/man1/
Richard Levitte [Thu, 6 Dec 2018 13:04:11 +0000 (14:04 +0100)]
Following the license change, modify the boilerplates in doc/man1/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7828)

5 years agoFollowing the license change, modify the boilerplates in crypto/
Richard Levitte [Thu, 6 Dec 2018 13:03:01 +0000 (14:03 +0100)]
Following the license change, modify the boilerplates in crypto/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7827)

5 years agoFollowing the license change, modify the boilerplates in crypto/ui/
Richard Levitte [Thu, 6 Dec 2018 12:59:46 +0000 (13:59 +0100)]
Following the license change, modify the boilerplates in crypto/ui/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7826)

5 years agoFollowing the license change, modify the boilerplates in crypto/x509v3/
Richard Levitte [Thu, 6 Dec 2018 13:00:54 +0000 (14:00 +0100)]
Following the license change, modify the boilerplates in crypto/x509v3/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7825)

5 years agoFollowing the license change, modify the boilerplates in crypto/x509/
Richard Levitte [Thu, 6 Dec 2018 13:00:36 +0000 (14:00 +0100)]
Following the license change, modify the boilerplates in crypto/x509/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7824)

5 years agoFollowing the license change, modify the boilerplates in crypto/whrlpool/
Richard Levitte [Thu, 6 Dec 2018 13:00:09 +0000 (14:00 +0100)]
Following the license change, modify the boilerplates in crypto/whrlpool/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7823)

5 years agoFollowing the license change, modify the boilerplates in crypto/ts/
Richard Levitte [Thu, 6 Dec 2018 12:58:46 +0000 (13:58 +0100)]
Following the license change, modify the boilerplates in crypto/ts/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7822)

5 years agoFollowing the license change, modify the boilerplates in crypto/store/
Richard Levitte [Thu, 6 Dec 2018 12:58:30 +0000 (13:58 +0100)]
Following the license change, modify the boilerplates in crypto/store/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7821)

5 years agoFollowing the license change, modify the boilerplates in crypto/stack/
Richard Levitte [Thu, 6 Dec 2018 12:58:11 +0000 (13:58 +0100)]
Following the license change, modify the boilerplates in crypto/stack/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7820)

5 years agoFollowing the license change, modify the boilerplates in crypto/srp/
Richard Levitte [Thu, 6 Dec 2018 12:56:57 +0000 (13:56 +0100)]
Following the license change, modify the boilerplates in crypto/srp/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7819)

5 years agoFollowing the license change, modify the boilerplates in crypto/smN/
Richard Levitte [Thu, 6 Dec 2018 12:56:38 +0000 (13:56 +0100)]
Following the license change, modify the boilerplates in crypto/smN/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7818)

5 years agoFollowing the license change, modify the boilerplates in crypto/siphash/
Richard Levitte [Thu, 6 Dec 2018 12:56:12 +0000 (13:56 +0100)]
Following the license change, modify the boilerplates in crypto/siphash/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7817)

5 years agoFollowing the license change, modify the boilerplates in crypto/sha/
Richard Levitte [Thu, 6 Dec 2018 12:54:58 +0000 (13:54 +0100)]
Following the license change, modify the boilerplates in crypto/sha/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7816)

5 years agoFollowing the license change, modify the boilerplates in crypto/seed/
Richard Levitte [Thu, 6 Dec 2018 12:54:23 +0000 (13:54 +0100)]
Following the license change, modify the boilerplates in crypto/seed/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7815)

5 years agoFollowing the license change, modify the boilerplates in crypto/rsa/
Richard Levitte [Thu, 6 Dec 2018 12:54:02 +0000 (13:54 +0100)]
Following the license change, modify the boilerplates in crypto/rsa/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7814)

5 years agoFollowing the license change, modify the boilerplates in crypto/ripemd/
Richard Levitte [Thu, 6 Dec 2018 12:53:00 +0000 (13:53 +0100)]
Following the license change, modify the boilerplates in crypto/ripemd/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7813)

5 years agoFollowing the license change, modify the boilerplates in crypto/rcN/
Richard Levitte [Thu, 6 Dec 2018 12:52:38 +0000 (13:52 +0100)]
Following the license change, modify the boilerplates in crypto/rcN/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7812)

5 years agoFollowing the license change, modify the boilerplates in crypto/rand/
Richard Levitte [Thu, 6 Dec 2018 12:52:15 +0000 (13:52 +0100)]
Following the license change, modify the boilerplates in crypto/rand/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7811)

5 years agoFollowing the license change, modify the boilerplates in crypto/poly1305/
Richard Levitte [Thu, 6 Dec 2018 12:50:47 +0000 (13:50 +0100)]
Following the license change, modify the boilerplates in crypto/poly1305/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7810)

5 years agoFollowing the license change, modify the boilerplates in crypto/pkcs7/
Richard Levitte [Thu, 6 Dec 2018 12:50:13 +0000 (13:50 +0100)]
Following the license change, modify the boilerplates in crypto/pkcs7/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7809)

5 years agoFollowing the license change, modify the boilerplates in crypto/pkcs12/
Richard Levitte [Thu, 6 Dec 2018 12:49:51 +0000 (13:49 +0100)]
Following the license change, modify the boilerplates in crypto/pkcs12/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7808)

5 years agoFollowing the license change, modify the boilerplates in crypto/perlasm/
Richard Levitte [Thu, 6 Dec 2018 12:48:38 +0000 (13:48 +0100)]
Following the license change, modify the boilerplates in crypto/perlasm/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7807)

5 years agoFollowing the license change, modify the boilerplates in crypto/pem/
Richard Levitte [Thu, 6 Dec 2018 12:48:17 +0000 (13:48 +0100)]
Following the license change, modify the boilerplates in crypto/pem/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7806)

5 years agoFollowing the license change, modify the boilerplates in crypto/ocsp/
Richard Levitte [Thu, 6 Dec 2018 12:47:55 +0000 (13:47 +0100)]
Following the license change, modify the boilerplates in crypto/ocsp/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7805)

5 years agoFollowing the license change, modify the boilerplates in crypto/objects/
Richard Levitte [Thu, 6 Dec 2018 12:46:38 +0000 (13:46 +0100)]
Following the license change, modify the boilerplates in crypto/objects/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7804)

5 years agoFollowing the license change, modify the boilerplates in crypto/modes/
Richard Levitte [Thu, 6 Dec 2018 12:46:12 +0000 (13:46 +0100)]
Following the license change, modify the boilerplates in crypto/modes/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7803)

5 years agoFollowing the license change, modify the boilerplates in crypto/mdc2/
Richard Levitte [Thu, 6 Dec 2018 12:45:46 +0000 (13:45 +0100)]
Following the license change, modify the boilerplates in crypto/mdc2/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7802)

5 years agoFollowing the license change, modify the boilerplates in crypto/mdN/
Richard Levitte [Thu, 6 Dec 2018 12:44:44 +0000 (13:44 +0100)]
Following the license change, modify the boilerplates in crypto/mdN/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7801)

5 years agoFollowing the license change, modify the boilerplates in crypto/lhash/
Richard Levitte [Thu, 6 Dec 2018 12:44:07 +0000 (13:44 +0100)]
Following the license change, modify the boilerplates in crypto/lhash/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7800)

5 years agoFollowing the license change, modify the boilerplates in crypto/hmac/
Richard Levitte [Thu, 6 Dec 2018 12:41:14 +0000 (13:41 +0100)]
Following the license change, modify the boilerplates in crypto/hmac/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7799)

5 years agoFollowing the license change, modify the boilerplates in crypto/gmac/
Richard Levitte [Thu, 6 Dec 2018 12:40:55 +0000 (13:40 +0100)]
Following the license change, modify the boilerplates in crypto/gmac/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7798)

5 years agoFollowing the license change, modify the boilerplates in crypto/kmac/
Richard Levitte [Thu, 6 Dec 2018 12:42:17 +0000 (13:42 +0100)]
Following the license change, modify the boilerplates in crypto/kmac/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7797)

5 years agoFollowing the license change, modify the boilerplates in crypto/kdf/
Richard Levitte [Thu, 6 Dec 2018 12:41:54 +0000 (13:41 +0100)]
Following the license change, modify the boilerplates in crypto/kdf/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7796)

5 years agoFollowing the license change, modify the boilerplates in crypto/idea/
Richard Levitte [Thu, 6 Dec 2018 12:41:33 +0000 (13:41 +0100)]
Following the license change, modify the boilerplates in crypto/idea/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7795)

5 years agoFollowing the license change, modify the boilerplates in crypto/evp/
Richard Levitte [Thu, 6 Dec 2018 12:40:06 +0000 (13:40 +0100)]
Following the license change, modify the boilerplates in crypto/evp/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7794)

5 years agoFollowing the license change, modify the boilerplates in crypto/err/
Richard Levitte [Thu, 6 Dec 2018 12:39:21 +0000 (13:39 +0100)]
Following the license change, modify the boilerplates in crypto/err/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7793)

5 years agoFollowing the license change, modify the boilerplates in crypto/engine/
Richard Levitte [Thu, 6 Dec 2018 12:39:00 +0000 (13:39 +0100)]
Following the license change, modify the boilerplates in crypto/engine/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7792)

5 years agoFollowing the license change, modify the boilerplates in crypto/ec/
Richard Levitte [Thu, 6 Dec 2018 12:38:06 +0000 (13:38 +0100)]
Following the license change, modify the boilerplates in crypto/ec/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7791)

5 years agoFollowing the license change, modify the boilerplates in crypto/dso/
Richard Levitte [Thu, 6 Dec 2018 12:37:48 +0000 (13:37 +0100)]
Following the license change, modify the boilerplates in crypto/dso/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7790)

5 years agoFollowing the license change, modify the boilerplates in crypto/dsa/
Richard Levitte [Thu, 6 Dec 2018 12:36:26 +0000 (13:36 +0100)]
Following the license change, modify the boilerplates in crypto/dsa/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7789)

5 years agoFollowing the license change, modify the boilerplates in crypto/dh/
Richard Levitte [Thu, 6 Dec 2018 12:36:05 +0000 (13:36 +0100)]
Following the license change, modify the boilerplates in crypto/dh/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7788)

5 years agoFollowing the license change, modify the boilerplates in crypto/des/
Richard Levitte [Thu, 6 Dec 2018 12:35:45 +0000 (13:35 +0100)]
Following the license change, modify the boilerplates in crypto/des/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7787)

5 years agoFollowing the license change, modify the boilerplates in crypto/ct/
Richard Levitte [Thu, 6 Dec 2018 12:34:58 +0000 (13:34 +0100)]
Following the license change, modify the boilerplates in crypto/ct/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7786)

5 years agoFollowing the license change, modify the boilerplates in crypto/conf/
Richard Levitte [Thu, 6 Dec 2018 12:34:05 +0000 (13:34 +0100)]
Following the license change, modify the boilerplates in crypto/conf/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7785)

5 years agoFollowing the license change, modify the boilerplates in crypto/comp/
Richard Levitte [Thu, 6 Dec 2018 12:33:32 +0000 (13:33 +0100)]
Following the license change, modify the boilerplates in crypto/comp/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7784)

5 years agoFollowing the license change, modify the boilerplates in crypto/cms/
Richard Levitte [Thu, 6 Dec 2018 12:32:50 +0000 (13:32 +0100)]
Following the license change, modify the boilerplates in crypto/cms/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7783)

5 years agoFollowing the license change, modify the boilerplates in crypto/cmac/
Richard Levitte [Thu, 6 Dec 2018 12:32:17 +0000 (13:32 +0100)]
Following the license change, modify the boilerplates in crypto/cmac/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7782)

5 years agoFollowing the license change, modify the boilerplates in crypto/chacha/
Richard Levitte [Thu, 6 Dec 2018 12:31:54 +0000 (13:31 +0100)]
Following the license change, modify the boilerplates in crypto/chacha/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7781)

5 years agoFollowing the license change, modify the boilerplates in crypto/cast/
Richard Levitte [Thu, 6 Dec 2018 12:31:06 +0000 (13:31 +0100)]
Following the license change, modify the boilerplates in crypto/cast/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7780)

5 years agoFollowing the license change, modify the boilerplates in crypto/camellia/
Richard Levitte [Thu, 6 Dec 2018 12:29:51 +0000 (13:29 +0100)]
Following the license change, modify the boilerplates in crypto/camellia/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7779)

5 years agoFollowing the license change, modify the boilerplates in crypto/buffer/
Richard Levitte [Thu, 6 Dec 2018 12:23:18 +0000 (13:23 +0100)]
Following the license change, modify the boilerplates in crypto/buffer/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7778)

5 years agoFollowing the license change, modify the boilerplates in crypto/bn/
Richard Levitte [Thu, 6 Dec 2018 12:22:12 +0000 (13:22 +0100)]
Following the license change, modify the boilerplates in crypto/bn/

[skip ci]

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7777)

5 years agoFollowing the license change, modify the boilerplates in crypto/blake2/
Richard Levitte [Thu, 6 Dec 2018 12:21:01 +0000 (13:21 +0100)]
Following the license change, modify the boilerplates in crypto/blake2/

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7776)

5 years agoFollowing the license change, modify the boilerplates in crypto/bio/
Richard Levitte [Thu, 6 Dec 2018 12:20:10 +0000 (13:20 +0100)]
Following the license change, modify the boilerplates in crypto/bio/

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7775)

5 years agoFollowing the license change, modify the boilerplates in crypto/bf/
Richard Levitte [Thu, 6 Dec 2018 12:19:23 +0000 (13:19 +0100)]
Following the license change, modify the boilerplates in crypto/bf/

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7774)

5 years agoFollowing the license change, modify the boilerplates in crypto/async/
Richard Levitte [Thu, 6 Dec 2018 12:18:31 +0000 (13:18 +0100)]
Following the license change, modify the boilerplates in crypto/async/

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7773)

5 years agoFollowing the license change, modify the boilerplates in crypto/asn1/
Richard Levitte [Thu, 6 Dec 2018 12:17:34 +0000 (13:17 +0100)]
Following the license change, modify the boilerplates in crypto/asn1/

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7772)

5 years agoFollowing the license change, modify the boilerplates in crypto/aes/
Richard Levitte [Thu, 6 Dec 2018 12:16:23 +0000 (13:16 +0100)]
Following the license change, modify the boilerplates in crypto/aes/

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7771)

5 years agoFollowing the license change, modify the boilerplates in ms/
Richard Levitte [Thu, 6 Dec 2018 12:10:33 +0000 (13:10 +0100)]
Following the license change, modify the boilerplates in ms/

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7769)

5 years agoFollowing the license change, modify the boilerplates in ssl/
Richard Levitte [Thu, 6 Dec 2018 12:08:51 +0000 (13:08 +0100)]
Following the license change, modify the boilerplates in ssl/

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7768)

5 years agoFollowing the license change, modify the boilerplates in test/
Richard Levitte [Thu, 6 Dec 2018 12:05:25 +0000 (13:05 +0100)]
Following the license change, modify the boilerplates in test/

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7767)

5 years agoFollowing the license change, modify the boilerplates in util/, tools/
Richard Levitte [Thu, 6 Dec 2018 12:03:50 +0000 (13:03 +0100)]
Following the license change, modify the boilerplates in util/, tools/

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7766)

5 years agoFollowing the license change, modify the boilerplates in apps/
Richard Levitte [Thu, 6 Dec 2018 12:00:26 +0000 (13:00 +0100)]
Following the license change, modify the boilerplates in apps/

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7765)

5 years agoChange license to the Apache License v2.0
Richard Levitte [Thu, 6 Dec 2018 11:52:18 +0000 (12:52 +0100)]
Change license to the Apache License v2.0

This applies to the 'master' git branch and OpenSSL version 3.0.0 and
up.  Pre-3.0.0 versions retain the previous license.

The boilerplate will change in increments after this change.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7764)

5 years agoLicense: change any non-boilerplate comment referring to "OpenSSL license"
Richard Levitte [Thu, 6 Dec 2018 11:50:26 +0000 (12:50 +0100)]
License: change any non-boilerplate comment referring to "OpenSSL license"

Make it just say "the License", which refers back to the standard
boilerplate.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7764)

5 years agoRefactor the computation of API version limits
Richard Levitte [Thu, 29 Nov 2018 23:05:03 +0000 (23:05 +0000)]
Refactor the computation of API version limits

Previously, the API version limit was indicated with a numeric version
number.  This was "natural" in the pre-3.0.0 because the version was
this simple number.

With 3.0.0, the version is divided into three separate numbers, and
it's only the major number that counts, but we still need to be able
to support pre-3.0.0 version limits.

Therefore, we allow OPENSSL_API_COMPAT to be defined with a pre-3.0.0
style numeric version number or with a simple major number, i.e. can
be defined like this for any application:

    -D OPENSSL_API_COMPAT=0x10100000L
    -D OPENSSL_API_COMPAT=3

Since the pre-3.0.0 numerical version numbers are high, it's easy to
distinguish between a simple major number and a pre-3.0.0 numerical
version number and to thereby support both forms at the same time.

Internally, we define the following macros depending on the value of
OPENSSL_API_COMPAT:

    OPENSSL_API_0_9_8
    OPENSSL_API_1_0_0
    OPENSSL_API_1_1_0
    OPENSSL_API_3

They indicate that functions marked for deprecation in the
corresponding major release shall not be built if defined.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7724)

5 years agoutil/find-doc-nits: allow #undef
Richard Levitte [Thu, 29 Nov 2018 11:03:03 +0000 (11:03 +0000)]
util/find-doc-nits: allow #undef

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7724)

5 years agoinclude/openssl/opensslconf.h.in: allow future deprecation for v4.0
Richard Levitte [Thu, 27 Sep 2018 14:15:54 +0000 (16:15 +0200)]
include/openssl/opensslconf.h.in: allow future deprecation for v4.0

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7724)

5 years agoConfigure: allow building without things deprecated up to and including v3.0
Richard Levitte [Thu, 27 Sep 2018 14:14:45 +0000 (16:14 +0200)]
Configure: allow building without things deprecated up to and including v3.0

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7724)

5 years agoSwitch to MAJOR.MINOR.PATCH versioning and version 3.0.0-dev
Richard Levitte [Thu, 27 Sep 2018 13:56:35 +0000 (15:56 +0200)]
Switch to MAJOR.MINOR.PATCH versioning and version 3.0.0-dev

We're strictly use version numbers of the form MAJOR.MINOR.PATCH.
Letter releases are things of days past.

The most central change is that we now express the version number with
three macros, one for each part of the version number:

    OPENSSL_VERSION_MAJOR
    OPENSSL_VERSION_MINOR
    OPENSSL_VERSION_PATCH

We also provide two additional macros to express pre-release and build
metadata information (also specified in semantic versioning):

    OPENSSL_VERSION_PRE_RELEASE
    OPENSSL_VERSION_BUILD_METADATA

To get the library's idea of all those values, we introduce the
following functions:

    unsigned int OPENSSL_version_major(void);
    unsigned int OPENSSL_version_minor(void);
    unsigned int OPENSSL_version_patch(void);
    const char *OPENSSL_version_pre_release(void);
    const char *OPENSSL_version_build_metadata(void);

Additionally, for shared library versioning (which is out of scope in
semantic versioning, but that we still need):

    OPENSSL_SHLIB_VERSION

We also provide a macro that contains the release date.  This is not
part of the version number, but is extra information that we want to
be able to display:

    OPENSSL_RELEASE_DATE

Finally, also provide the following convenience functions:

    const char *OPENSSL_version_text(void);
    const char *OPENSSL_version_text_full(void);

The following macros and functions are deprecated, and while currently
existing for backward compatibility, they are expected to disappear:

    OPENSSL_VERSION_NUMBER
    OPENSSL_VERSION_TEXT
    OPENSSL_VERSION
    OpenSSL_version_num()
    OpenSSL_version()

Also, this function is introduced to replace OpenSSL_version() for all
indexes except for OPENSSL_VERSION:

    OPENSSL_info()

For configuration, the option 'newversion-only' is added to disable all
the macros and functions that are mentioned as deprecated above.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7724)

5 years agoSwitch future deprecation version from 1.2.0 to 3.0
Richard Levitte [Thu, 27 Sep 2018 13:40:03 +0000 (15:40 +0200)]
Switch future deprecation version from 1.2.0 to 3.0

This is in preparation for a switch to MAJOR.MINOR.PATCH versioning
and calling the next major version 3.0.0.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7724)

5 years agoutil/mkdef.pl: prepare for DEPRECATEDIN_X
Richard Levitte [Thu, 27 Sep 2018 13:29:29 +0000 (15:29 +0200)]
util/mkdef.pl: prepare for DEPRECATEDIN_X

This is in preparation for new versioning scheme, where the
recommendation is to start deprecations at major version boundary.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7724)

5 years agoFix some SSL_export_keying_material() issues
Matt Caswell [Tue, 4 Dec 2018 08:37:04 +0000 (08:37 +0000)]
Fix some SSL_export_keying_material() issues

Fix some issues in tls13_hkdf_expand() which impact the above function
for TLSv1.3. In particular test that we can use the maximum label length
in TLSv1.3.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7755)

5 years agoRevert "Reduce stack usage in tls13_hkdf_expand"
Matt Caswell [Mon, 3 Dec 2018 18:14:57 +0000 (18:14 +0000)]
Revert "Reduce stack usage in tls13_hkdf_expand"

This reverts commit ec0c5f5693e39c5a013f81e6dd9dfd09ec65162d.

SSL_export_keying_material() may use longer label lengths.

Fixes #7712

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7755)

5 years agobn/bn_{div|shift}.c: introduce fixed-top interfaces.
Andy Polyakov [Fri, 23 Nov 2018 16:23:31 +0000 (17:23 +0100)]
bn/bn_{div|shift}.c: introduce fixed-top interfaces.

Fixed-top interfaces tolerate zero-padded inputs and facilitate
constant-time-ness. bn_div_fixed_top tolerates zero-padded dividend,
but not divisor. It's argued that divisor's length is public even
when value is secret.

[extended tests]

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7589)

5 years agobn/bn_div.c: make conditional addition unconditional
Andy Polyakov [Wed, 7 Nov 2018 21:18:33 +0000 (22:18 +0100)]
bn/bn_div.c: make conditional addition unconditional

and add template for constant-time bn_div_3_words.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7589)

5 years agoConfigure: recognize div3w modules and add -DBN_DIV3W.
Andy Polyakov [Mon, 12 Nov 2018 14:13:48 +0000 (15:13 +0100)]
Configure: recognize div3w modules and add -DBN_DIV3W.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7589)

5 years agoConfigurations/10-main.conf: remove MIPS bn_div_3_words.
Andy Polyakov [Mon, 12 Nov 2018 14:03:39 +0000 (15:03 +0100)]
Configurations/10-main.conf: remove MIPS bn_div_3_words.

It's being replaced with constant-time alternative.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7589)