History log of /openssh-portable/cipher.c (Results 1 - 25 of 252)
Revision (<<< Hide revision tags) (Show revision tags >>>) Date Author Comments
# eba523f0 03-Apr-2020 djm@openbsd.org

upstream: make Chacha20-POLY1305 context struct opaque; ok tb@ as

part of a larger diff at a2k20

OpenBSD-Commit-ID: a4609b7263284f95c9417ef60ed7cdbb7bf52cfd


# d081f017 12-Mar-2020 djm@openbsd.org

upstream: spelling errors in comments; no code change from

OpenBSD-Commit-ID: 166ea64f6d84f7bac5636dbd38968592cb5eb924


# d5ba1c03 26-Feb-2020 jsg@openbsd.org

upstream: change explicit_bzero();free() to freezero()

While freezero() returns early if the pointer is NULL the tests for
NULL in callers are left to avoid warnings about passing an

upstream: change explicit_bzero();free() to freezero()

While freezero() returns early if the pointer is NULL the tests for
NULL in callers are left to avoid warnings about passing an
uninitialised size argument across a function boundry.

ok deraadt@ djm@

OpenBSD-Commit-ID: 2660fa334fcc7cd05ec74dd99cb036f9ade6384a

show more ...


Revision tags: V_8_2_P1
# 7f8e66fe 23-Jan-2020 dtucker@openbsd.org

upstream: Make zlib optional. This adds a "ZLIB" build time option

that allows building without zlib compression and associated options. With
feedback from markus@, ok djm@

Ope

upstream: Make zlib optional. This adds a "ZLIB" build time option

that allows building without zlib compression and associated options. With
feedback from markus@, ok djm@

OpenBSD-Commit-ID: 44c6e1133a90fd15a3aa865bdedc53bab28b7910

show more ...


Revision tags: V_8_1_P1
# 670104b9 06-Sep-2019 djm@openbsd.org

upstream: fixes for !WITH_OPENSSL compilation; ok dtucker@

OpenBSD-Commit-ID: 7fd68eaa9e0f7482b5d4c7e8d740aed4770a839f


Revision tags: V_8_0_P1, V_7_9_P1
# 48f54b9d 12-Sep-2018 Damien Miller

adapt -portable to OpenSSL 1.1x API

Polyfill missing API with replacement functions extracted from LibreSSL


# 482d23bc 12-Sep-2018 djm@openbsd.org

upstream: hold our collective noses and use the openssl-1.1.x API in

OpenSSH; feedback and ok tb@ jsing@ markus@

OpenBSD-Commit-ID: cacbcac87ce5da0d3ca7ef1b38a6f7fb349e4417


Revision tags: V_7_8_P1
# cec33896 18-Apr-2018 Darren Tucker

Omit 3des-cbc if OpenSSL built without DES.

Patch from hongxu.jia at windriver.com, ok djm@


Revision tags: V_7_7_P1
# 1b11ea7c 23-Feb-2018 markus@openbsd.org

upstream: Add experimental support for PQC XMSS keys (Extended

Hash-Based Signatures) The code is not compiled in by default (see WITH_XMSS
in Makefile.inc) Joint work with stefan-lukas_

upstream: Add experimental support for PQC XMSS keys (Extended

Hash-Based Signatures) The code is not compiled in by default (see WITH_XMSS
in Makefile.inc) Joint work with stefan-lukas_gazdag at genua.eu See
https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-12 ok
djm@

OpenBSD-Commit-ID: ef3eccb96762a5d6f135d7daeef608df7776a7ac

show more ...


# b8bbff3b 12-Feb-2018 djm@openbsd.org

upstream: remove space before tab

OpenBSD-Commit-ID: 674edd214d0a7332dd4623c9cf8117301b012890


# 7cd31632 06-Feb-2018 jsing@openbsd.org

upstream commit

Remove all guards for calls to OpenSSL free functions -
all of these functions handle NULL, from at least OpenSSL 1.0.1g onwards.

Prompted by dtucker@ asking abo

upstream commit

Remove all guards for calls to OpenSSL free functions -
all of these functions handle NULL, from at least OpenSSL 1.0.1g onwards.

Prompted by dtucker@ asking about guards for RSA_free(), when looking at
openssh-portable pr#84 on github.

ok deraadt@ dtucker@

OpenBSD-Commit-ID: 954f1c51b94297d0ae1f749271e184141e0cadae

show more ...


# 41bff4da 02-Nov-2017 djm@openbsd.org@openbsd.org

upstream commit

avoid unused variable warnings for !WITH_OPENSSL; patch from
Marcus Folkesson

OpenBSD-Commit-ID: c01d27a3f907acdc3dd4ea48170fac3ba236d229


Revision tags: V_7_6_P1
# acaf34fd 07-May-2017 djm@openbsd.org

upstream commit

As promised in last release announcement: remove
support for Blowfish, RC4 and CAST ciphers. ok markus@ deraadt@

Upstream-ID: 21f8facdba3fd8da248df6417000867cec6

upstream commit

As promised in last release announcement: remove
support for Blowfish, RC4 and CAST ciphers. ok markus@ deraadt@

Upstream-ID: 21f8facdba3fd8da248df6417000867cec6ba222

show more ...


# 0c378ff6 03-May-2017 djm@openbsd.org

upstream commit

another tentacle: cipher_set_key_string() was only ever
used for SSHv1

Upstream-ID: 7fd31eb6c48946f7e7cc12af0699fe8eb637e94a


# e77e1562 30-Apr-2017 djm@openbsd.org

upstream commit

fixup setting ciphercontext->plaintext (lost in SSHv1 purge),
though it isn't really used for much anymore.

Upstream-ID: 859b8bce84ff4865b32097db5430349d04b9b747


# cdccebdf 30-Apr-2017 djm@openbsd.org

upstream commit

remove SSHv1 ciphers; ok markus@

Upstream-ID: e5ebc5e540d7f23a8c1266db1839794d4d177890


# 56912dea 30-Apr-2017 djm@openbsd.org

upstream commit

unifdef WITH_SSH1 ok markus@

Upstream-ID: 9716e62a883ef8826c57f4d33b4a81a9cc7755c7


Revision tags: V_7_5_P1, V_7_4_P1
# 315d2a4e 27-Oct-2016 Damien Miller

Unbreak AES-CTR ciphers on old (~0.9.8) OpenSSL

ok dtucker@


# 4706c1d8 03-Aug-2016 djm@openbsd.org

upstream commit

small refactor of cipher.c: make ciphercontext opaque to
callers feedback and ok markus@

Upstream-ID: 094849f8be68c3bdad2c0f3dee551ecf7be87f6f


Revision tags: V_7_3_P1
# 832b7443 15-Jul-2016 Damien Miller

disable ciphers not supported by OpenSSL

bz#2466 ok dtucker@


Revision tags: V_7_2_P2, V_7_2_P1, V_7_1_P2
# d59ce088 10-Dec-2015 mmcc@openbsd.org

upstream commit

Remove NULL-checks before free().

ok dtucker@

Upstream-ID: e3d3cb1ce900179906af36517b5eea0fb15e6ef8


Revision tags: V_7_1_P1, V_7_0_P1, V_6_9_P1, V_6_8_P1
# 540e8911 14-Jan-2015 djm@openbsd.org

upstream commit

make non-OpenSSL aes-ctr work on sshd w/ privsep; ok
markus@


Revision tags: V_6_7_P1
# 55731713 20-Jul-2014 Darren Tucker

- (dtucker) [cipher.c openbsd-compat/openssl-compat.h] Restore the bits
needed to build AES CTR mode against OpenSSL 0.9.8f and above. ok djm


# 8668706d 02-Jul-2014 Damien Miller

- djm@cvs.openbsd.org 2014/06/24 01:13:21
[Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c
[auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c

- djm@cvs.openbsd.org 2014/06/24 01:13:21
[Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c
[auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c
[cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h
[digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h
[hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h
[ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c
[ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c
[ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c
[sshconnect2.c sshd.c sshkey.c sshkey.h
[openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h]
New key API: refactor key-related functions to be more library-like,
existing API is offered as a set of wrappers.

with and ok markus@

Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew
Dempsky and Ron Bowes for a detailed review a few months ago.

NB. This commit also removes portable OpenSSH support for OpenSSL
<0.9.8e.

show more ...


# eae88744 27-May-2014 Damien Miller

- (djm) [cipher.c] Fix merge botch.


1234567891011