Extend EVP_PKEY_copy_parameters()

Make EVP_PKEY_copy_parameters() work if the destination has no type
(e.g. if obtained from EVP_PKEY_new()) or the underlying key is NULL.
This is useful where we want to copy the parameters from an existing
key to a new key.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

Fix a ** 0 mod 1 = 0 for real this time.

Commit 2b0180c37fa6ffc48ee40caa831ca398b828e680 attempted to do this but
only hit one of many BN_mod_exp codepaths. Fix remaining variants and add
a test for each method.

Thanks to Hanno Boeck for reporting this issue.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

crpyto/ppccpuid.pl: add FPU probe and fix OPENSSL_rdtsc.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

crypto/ppccap.c: add SIGILL-free processor capability detection code.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

add malloc fail check & fix memory leak

Signed-off-by: Hongze Zhu <hongze.zhu@gmail.com>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

Fix erroneous SO suffix in darwin64-debug-test-64-clang target

Reviewed-by: Richard Levitte <levitte@openssl.org>

Fix typo

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

Fix option value parsing in crl2pkcs7 -certfile

Reviewed-by: Rich Saltz <rsalz@openssl.org>

Avoid erroneous "assert(private)" failures.

When processing a public key input via "-pubin", "private" was
sometimes erroneously set, or else not set and incorrectly asserted.

Reviewed-by: Rich salz <rsalz@openssl.org>

x86_64 assembly pack: tune clang version detection even further.

RT#4171

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Configure: add framework for ChaCha and Poly1305 assembly.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Configure: 'reconf' to respect CROSS_COMPILE and CC.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Don't use EC when no-ec.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Remove no longer existant structure member and direct references to EVP_MD_CTX internals.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Fix (incorrect) uninitialised variable warning.

Reviewed-by: Richard Levitte <levitte@openssl.org>

fix warning

Reviewed-by: Ben Laurie <ben@openssl.org>

remove ancient SSLeay bug workaround

Reviewed-by: Matt Caswell <matt@openssl.org>

Allow ChaCha20-Poly1305 in DTLS

GCM and CCM are modes of operation for block ciphers only. ChaCha20-Poly1305
operates in neither of them but it is AEAD. This change also enables future
AEAD ciphers to be available for use with DTLS.

Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Matt Caswell <matt@openssl.org>

Revert "Allow ChaCha20-Poly1305 in DTLS"

This reverts commit 777f482d993322d69025014bf1b99c270c978fc0.
Author credit missing.  Reverting this and re-committing with
an Author line.

Reviewed-by: Matt Caswell <matt@openssl.org>

Use SHA256 not MD5 as default digest.

(Documentation update was in the MR but not the commit.  Oops.)
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

Support ccache.

Reviewed-by: Tim Hudson <tjh@openssl.org>

Fix compile failure with no-threads

The async code was causing a compile failure if no-threads was used.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Add extension utility documentation.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

add X509_up_ref() documentation

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

extension documentation

Reviewed-by: Kurt Roeckx <kurt@openssl.org>

Use OPENSSL_NO_DTLS instead of OPENSSL_NO_DTLS1

Reviewed-by: Richard Levitte <levitte@openssl.org>

Fix compile failure

Fix compile failure introduced by commit 94d61512360c due to a typo.

Reviewed-by: Richard Levitte <levitte@openssl.org>

evp/e_chacha20_poly1305.c: TLS interop fixes.

Thanks to: David Benjamin of Chromuim.

Reviewed-by: Rich Salz <rsalz@openssl.org>

Configurations/10-main.conf: fix typos in mingw/cygwin configs.

Reviewed-by: Rich Salz <rsalz@openssl.org>

Allow ChaCha20-Poly1305 in DTLS

GCM and CCM are modes of operation for block ciphers only. ChaCha20-Poly1305
operates in neither of them but it is AEAD. This change also enables future
AEAD ciphers to be available for use with DTLS.

Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Matt Caswell <matt@openssl.org>

Make no-dh work, plus other no-dh problems found by Richard.

Reviewed-by: Rich Salz <rsalz@openssl.org>

make update, missed file

Reviewed-by: Matt Caswell <matt@openssl.org>

Use SHA256 not MD5 as default digest.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>

make update

Reviewed-by: Rich Salz <rsalz@openssl.org>

Adapt EVP tests to the opaque EVP_ENCODE_CTX

Reviewed-by: Rich Salz <rsalz@openssl.org>

Adapt PEM routines to the opaque EVP_ENCODE_CTX

Reviewed-by: Rich Salz <rsalz@openssl.org>

Adapt BIO_f_base64 to the opaque EVP_ENCODE_CTX

Reviewed-by: Rich Salz <rsalz@openssl.org>

Make EVP_ENCODE_CTX opaque

Reviewed-by: Rich Salz <rsalz@openssl.org>

Fix OCB link

The link to the OCB patent pdf changed, so the link in CHANGES needs to be
updated.

Reviewed-by: Rich Salz <rsalz@openssl.org>

Support the TLS Feature (aka Must Staple) X.509v3 extension (RFC7633).

Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
GH: #495, MR: #1435

Restore full support for EVP_CTX_create() etc.

Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

Prepare for 1.1.0-pre2-dev

Reviewed-by: Richard Levitte <levitte@openssl.org>

Prepare for 1.1.0-pre1 release

Reviewed-by: Richard Levitte <levitte@openssl.org>

OpenSSL 1.1.0 is now in pre release

Reviewed-by: Richard Levitte <levitte@openssl.org>

make update

Reviewed-by: Richard Levitte <levitte@openssl.org>

Don't run rehash as part of building the openssl app

Reviewed-by: Matt Caswell <matt@openssl.org>

Update CHANGES and NEWS for alpha release

Misc updates to the CHANGES and NEWS files ready for the alpha release.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Ensure |rwstate| is set correctly on BIO_flush

A BIO_flush call in the DTLS code was not correctly setting the |rwstate|
variable to SSL_WRITING. This means that SSL_get_error() will not return
SSL_ERROR_WANT_WRITE in the event of an IO retry.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Fix DTLS handshake fragment retries

If using DTLS and NBIO then if a second or subsequent handshake message
fragment hits a retry, then the retry attempt uses the wrong fragment
offset value. This commit restores the fragment offset from the last
attempt.

Reviewed-by: Richard Levitte <levitte@openssl.org>

evp/e_aes.c: wire hardware-assisted block function to OCB.

Reviewed-by: Richard Levitte <levitte@openssl.org>

x86[_64] assembly pack: add optimized AES-NI OCB subroutines.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Fix mkfiles for new directories

Add the new chacha and poly1305 directories to mkfiles.pl to enable proper
building on windows.

Reviewed-by: Andy Polyakov <appro@openssl.org>

Add a return value check

If the call to OBJ_find_sigid_by_algs fails to find the relevant NID then
we should set the NID to NID_undef.

Reviewed-by: Richard Levitte <levitte@openssl.org>

modes/ocb128.c: fix overstep.

Reviewed-by: Richard Levitte <levitte@openssl.org>

make update.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Configure: make no-chacha and no-poly1305 work.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Wire ChaCha20-Poly1305 to TLS.

Reviewed-by: Richard Levitte <levitte@openssl.org>

evp/c_allc.c: wire ChaCha20-Poly1305 and add tests.

Reviewed-by: Richard Levitte <levitte@openssl.org>

test/evp_test.c: allow generic AEAD ciphers to be tested.

Reviewed-by: Richard Levitte <levitte@openssl.org>

crypto/evp: add e_chacha20_poly1305.c.

Reviewed-by: Richard Levitte <levitte@openssl.org>

evp/evp_enc.c: allow EVP_CIPHER.ctx_size to be 0.

In such case it would be EVP_CIPHER.cleanup's reponsibility to wipe
EVP_CIPHEX_CTX.cipher_data.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Add ChaCha20-Poly1305 and ChaCha20 NIDs.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Add reference ChaCha20 and Poly1305 implementations.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>

make default_ec_key_meth static

Reviewed-by: Rich Salz <rsalz@openssl.org>

remove deleted directories from mkfiles.pl

Reviewed-by: Matt Caswell <matt@openssl.org>

Fix warnings about unused variables when EC is disabled.

Reviewed-by: Stephen Henson <steve@openssl.org>

Move the definitions of EC_KEY and EC_KEY_METHOD to ossl_typ.h

Most of all, that has inclusion of openssl/engine.h work even if EC
has been disabled.  This is the same as has been done for DH, DSA, RSA
and more...

Reviewed-by: Stephen Henson <steve@openssl.org>

add CHANGES and NEWS entry

Todo: update documentation.

Reviewed-by: Richard Levitte <levitte@openssl.org>

remove ECDSA error line

Reviewed-by: Richard Levitte <levitte@openssl.org>

add compatibility headers

Reviewed-by: Richard Levitte <levitte@openssl.org>

Use NULL comparison

Reviewed-by: Richard Levitte <levitte@openssl.org>

add block comment

Reviewed-by: Richard Levitte <levitte@openssl.org>

set standard EC method in eng_openssl

Reviewed-by: Richard Levitte <levitte@openssl.org>

make update

Reviewed-by: Richard Levitte <levitte@openssl.org>

remove ecdsa.h header references.

Reviewed-by: Richard Levitte <levitte@openssl.org>

EC_KEY_METHOD accessors.

Set of accessors to set and get each field.

Reviewed-by: Richard Levitte <levitte@openssl.org>

make errors

Reviewed-by: Richard Levitte <levitte@openssl.org>

Top level ECDSA sign/verify redirection.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Engine EC_KEY_METHOD functionality.

Rename ENGINE _EC_KEY functions to _EC.
Add support for EC_KEY_METHOD in ENGINE_set_default et al. Copy
ec_meth.

Reviewed-by: Richard Levitte <levitte@openssl.org>

remove ecdsa from mkdef.pl

Reviewed-by: Richard Levitte <levitte@openssl.org>

remove ECDSA_METHOD from ENGINE

Reviewed-by: Richard Levitte <levitte@openssl.org>

remove ECDSA_METHOD typedef

Reviewed-by: Richard Levitte <levitte@openssl.org>

add missing prototypes

Reviewed-by: Richard Levitte <levitte@openssl.org>

remove ecdsa.h header

Reviewed-by: Richard Levitte <levitte@openssl.org>

add ECDSA_size to ec_asn1.c

Reviewed-by: Richard Levitte <levitte@openssl.org>

remove errors

Reviewed-by: Richard Levitte <levitte@openssl.org>

remove crypto/ecdsa

Reviewed-by: Richard Levitte <levitte@openssl.org>

add sign/verify methods

Reviewed-by: Richard Levitte <levitte@openssl.org>

return errors for unsupported operations

Reviewed-by: Richard Levitte <levitte@openssl.org>

Remove reference to ECDSA_OpenSSL.

Reviewed-by: Richard Levitte <levitte@openssl.org>

Move and adapt ECDSA sign and verify functions.

Reviewed-by: Richard Levitte <levitte@openssl.org>

modify ecdsatest to use accessor

Reviewed-by: Richard Levitte <levitte@openssl.org>

Add ECDSA_SIG accessor.

Reviewed-by: Richard Levitte <levitte@openssl.org>

move ECDSA_SIG prototypes

Reviewed-by: Richard Levitte <levitte@openssl.org>

make errors

Reviewed-by: Richard Levitte <levitte@openssl.org>

extend EC_KEY_METHOD for signing support

Reviewed-by: Richard Levitte <levitte@openssl.org>

adapt ossl_ecdsa.c to crypto/ec

Reviewed-by: Richard Levitte <levitte@openssl.org>

move ECDSA_SIG definition

Reviewed-by: Richard Levitte <levitte@openssl.org>

Move ECDSA implementation to crypto/ec

Reviewed-by: Richard Levitte <levitte@openssl.org>

Move ECDSA_SIG ASN.1 to crypto/ec

Reviewed-by: Richard Levitte <levitte@openssl.org>