aboutsummaryrefslogtreecommitdiff
path: root/include/libssh/libcrypto.h
AgeCommit message (Collapse)AuthorFilesLines
2023-12-18CVE-2023-6918: Remove unused evp functions and typesJakub Jelen1-5/+0
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2023-08-25crypto: Add ssh_crypto_free().Simon Josefsson1-0/+7
The intention is that this releases memory allocated by the crypto library, for functions like bignum_bn2hex() and bignum_bn2dec(). Consequently, ssh_gcry_bn2dec and ssh_mbedcry_bn2num should use gcry_malloc() and mbedtls_calloc() respectively to allocate memory since it will/should be released by ssh_crypto_free() so that the internal APIs are consistent between crypto libraries. Signed-off-by: Simon Josefsson <simon@josefsson.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2023-02-02Remove support for DSA KeysMohammad Shehar Yaar Tausif1-1/+0
Solving issue #110. The original work is at !231 Some changes were needed because the newly added features in master through time Signed-off-by: Mohammad Shehar Yaar Tausif <sheharyaar48@gmail.com> Signed-off-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2023-01-25Get rid of the deprecated OpenSSL APIJakub Jelen1-0/+4
It turns out there is a way to get the uncompressed format from the low-level API, which is not (yet?) deprecated so this removes all of the TODO's for ECDSA keys and moves the EC_KEY structure in the high-level EVP_PKEY. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Norbert Pocs <npocs@redhat.com>
2022-03-09Fix fips mode check in openssl3Norbert Pocs1-0/+2
FIPS_mode function is no longer supported in openssl version 3 Signed-off-by: Norbert Pocs <npocs@redhat.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2021-01-11Move HMAC implementation to EVP APIDirkjan Bussink1-1/+1
Now that the minimum OpenSSL version is 1.0.1, we know that the EVP HMAC API is always available. This switches to this API. The existing API is deprecated for OpenSSL 3.0. Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2020-12-22Cleanup old OpenSSL 0.9.7 compatibility codeDirkjan Bussink1-4/+0
OpenSSL 0.9.7 is already not supported, so clean up the old legacy bits for that as well. Signed-off-by: Dirkjan Bussink <d.bussink@gmail.com> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-12-09bignum: Fix integer types for ssh_make_bignum_string()Andreas Schneider1-3/+3
Fixes T188 Signed-off-by: Andreas Schneider <asn@cryptomilk.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2019-07-04libcrypto: fix compilation with LibreSSLStefan Strogin1-0/+4
LibreSSL does not support FIPS mode, check for FIPS_mode() in ConfigureChecks.cmake. Signed-off-by: Stefan Strogin <steils@gentoo.org> Reviewed-by: Jakub Jelen <jjelen@redhat.com>
2019-06-12bignum: Define bignum_dup(bignum orig, bignum *dest)Anderson Toshiyuki Sasaki1-0/+8
The macro is defined for each crypto back end. If (*dest) is NULL, a new bignum is allocated. Otherwise the value of orig is copied to (*dest). Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2019-04-29Provide a function to query crypto backend for FIPS statusJakub Jelen1-0/+4
Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-04-04dh: Confine DH KEX keys handling into fewer functionsSimo Sorce1-0/+1
In preparation for deferring computation on DH secret material to crypto library specific backends Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2019-01-24bignum: harmonize gcrypt, libcrypto and libmcrypt bignumAris Adamantiadis1-4/+17
Ensure most of the abstraction around the 3 libs are consistent. Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-05bignum: Make bignum_free saferAris Adamantiadis1-1/+6
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-05crypto: Split init and finalize functionsAris Adamantiadis1-15/+0
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-07-05bignum: Harmonize ssh_get_random()Aris Adamantiadis1-1/+1
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2018-06-28chacha: packet encryptionAris Adamantiadis1-0/+1
Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2015-09-07crypto: Add OpenSSL EVP functions for FIPS compatibilityMichael Wilder1-7/+5
Signed-off-by: Michael Wilder <wilder.michael@cimcor.com>
2014-04-22Add SHA2 algorithms for HMACDirkjan Bussink1-0/+13
BUG: https://red.libssh.org/issues/91 Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
2013-10-21include: Fix build on platforms without ECC.Andreas Schneider1-0/+2
2013-10-18wrapper: Add more evp functions.Andreas Schneider1-0/+3
2013-01-23include: Fix the LGPL header.Andreas Schneider1-12/+11
This has been reported by rpmlint: libssh-devel.x86_64: W: incorrect-fsf-address libssh.h
2012-02-04crypto: Add evp hashing function.Andreas Schneider1-0/+8
2011-09-18crypto: rename crypto_struct -> ssh_cipher_structAris Adamantiadis1-1/+1
2011-06-13[crypto] initial support for ecdh-sha2-nistp256Aris Adamantiadis1-0/+5
Works with openssl Still requires work for libgcrypt and other modes
2010-05-14Separation work between openssl and libgcryptAris Adamantiadis1-0/+74