Mirrors/openssl
0
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2026-01-18 17:11:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
38,783 Commits 37 Branches 420 Tags
master
Commit Graph

38783 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dmitry Belyavskiy
54d175c7d5 Disabling explicit EC curves encoding 
In case the parameters don't exactly match the well-known ones

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
(Merged from https://github.com/openssl/openssl/pull/29639)
 2026-01-17 10:31:43 +01:00
Kurt Roeckx
09c2bc5f6c Remove support for SSLv2 Client Hello 
Drop support for the SSLv2 Client Hello. We allowed that a client send
an SSLv2 compatible Client Hello.

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Alicja Kario <hkario@redhat.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28041)
 2026-01-16 15:52:49 +00:00
Neil Horman
90d6c3b260 Fix make check-format target 
With our move to clang-format we no longer have a check-format script,
and so this make target is broken.

Fix it up to use clang-format-diff instead

Fixes #29594

Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
MergeDate: Fri Jan 16 14:37:09 2026
(Merged from https://github.com/openssl/openssl/pull/29634)
 2026-01-16 09:37:05 -05:00
Igor Ustinov
ca20e54e86 SSL_CTX_is_server() was added. 
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
MergeDate: Fri Jan 16 13:19:25 2026
(Merged from https://github.com/openssl/openssl/pull/29635)
 2026-01-16 14:19:18 +01:00
Pauli
22e1d8971b test: fix tests in lightof test_strn2_ removals 
Reviewed-by: Norbert Pocs <norbertp@openssl.org>
Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
Reviewed-by: Frederik Wedel-Heinen <fwh.openssl@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/29627)
 2026-01-16 08:31:21 +11:00
Pauli
c90e160fe2 test: fix endecode_test in light of test_strn2 removal 
Reviewed-by: Norbert Pocs <norbertp@openssl.org>
Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
Reviewed-by: Frederik Wedel-Heinen <fwh.openssl@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/29627)
 2026-01-16 08:31:21 +11:00
Pauli
b79ec4cb22 test: get rid of the TEST_strn2_ functions 
Their semantics are poorly defined and they are rarely used.  The _ne
version being completely unused & tricky to define properly.

Reviewed-by: Norbert Pocs <norbertp@openssl.org>
Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
Reviewed-by: Frederik Wedel-Heinen <fwh.openssl@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/29627)
 2026-01-16 08:31:20 +11:00
Neil Horman
84ee443446 Fix search pattern in check-news-changes CI job 
The check for impacting a public api had an incorrect pattern in the
search, leading to erroneous failures.  Fix it up.

Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Norbert Pocs <norbertp@openssl.org>
MergeDate: Thu Jan 15 17:14:30 2026
(Merged from https://github.com/openssl/openssl/pull/29636)
 2026-01-15 12:14:25 -05:00
Milan Broz
f99eff7055 Add disabled-optimization and pointer-arith to compiler warnings 
These flags seems not to be part of -Wextra, but looks like
could be useful in CI. According to gcc man page:

 disabled-optimization
  Warn if a requested optimization pass is disabled.

 pointer-arith
  Warn about anything that depends on the "size of" a function
  type or of "void".

Fixes: https://github.com/openssl/project/issues/1809

Signed-off-by: Milan Broz <gmazyland@gmail.com>

Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Norbert Pocs <norbertp@openssl.org>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
MergeDate: Thu Jan 15 16:16:40 2026
(Merged from https://github.com/openssl/openssl/pull/29622)
 2026-01-15 17:16:24 +01:00
Viktor Dukhovni
e57f7941af Expose and report EC curve field degrees 
Expose the EC field degree as a gettable parameter for both provided
and legacy EC keys.  In the latter case, drop a spurious assertion,
since even in debug builds an application may try to get an unknown
parameter, and this should return an error rather than abort.

In the EC `TEXT` encoding format, instead of reporting the bit count of
the group order, report the field degree (which matches the size number
in the curve's name when present) and also the symmetric-equivalent
security-bits (adjusted down the the standard numbers (80, 112, 128,
192, 256).

Along the way, add a missing getter method for the EC_GROUP security
bits.

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
MergeDate: Thu Jan 15 16:10:26 2026
(Merged from https://github.com/openssl/openssl/pull/29539)
 2026-01-15 17:10:12 +01:00
Dmitry Belyavskiy
b6a281b75f Simultaneous derivation of several EVP_SKEY objects 
A proposed design for using EVP_SKEY objects in the TLS stack

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Simo Sorce <simo@redhat.com>
(Merged from https://github.com/openssl/openssl/pull/29160)
 2026-01-15 14:18:05 +01:00
Alexandr Nedvedicky
c478df55d5 BIO_FLAGS_BASE64_NO_NL ignored by b64_write() in OpenSSL 4.0.0 
Fixes #29618

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29629)
 2026-01-15 11:06:27 +01:00
Nikola Pajkovsky
7e535fe6b1 apps: check OPENSSL_uni2utf8 return value 
Signed-off-by: Nikola Pajkovsky <nikolap@openssl.org>

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29590)
 2026-01-14 11:26:59 +01:00
Norbert Pocs
2bc0ee0400 github/workflows: Update checkout@v5 to v6 
New version is out.

Signed-off-by: Norbert Pocs <norbertp@openssl.org>

Reviewed-by: Dmitry Misharov <dmitry@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29566)
 2026-01-14 10:27:17 +01:00
slontis
175cda569d ML-DSA: Add a digest that can calculate external mu. 
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/29223)
 2026-01-14 18:15:12 +11:00
Neil Horman
faf48d097b Update .github/workflows/check-news-changes.yml 
Co-authored-by: Pocs Norbert <norbertpocs0@gmail.com>

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Norbert Pocs <norbertp@openssl.org>
MergeDate: Tue Jan 13 19:17:42 2026
(Merged from https://github.com/openssl/openssl/pull/29536)
 2026-01-13 14:17:34 -05:00
Neil Horman
4e1ee1662a Add script to aid scanning of a release branch for missed NEWS/CHANGES 
Add script to run over a commit range looking for PR's that didn't add a
NEWS/CHANGES entry, but perhaps should have.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Norbert Pocs <norbertp@openssl.org>
MergeDate: Tue Jan 13 19:17:39 2026
(Merged from https://github.com/openssl/openssl/pull/29536)
 2026-01-13 14:17:26 -05:00
Neil Horman
7f51fd8ef7 Create a simple check for suggesting NEWS/CHANGES additions 
During a release cycle we always wind up going through our git history
to try make sure we caught all the stuff that needed a CHANGES/NEWS
entry.  Lets try make that at least a little more automated here.  PR's
that reference CVEs, come from feature branches or impact public apis
generally need a NEWS/CHANGES entry, so lets flag those during CI.  It
should serve as a reminder to add entries to NEWS/CHANGES to prs meeting
the above criteria, and can be ignored via the application of the
no_news_changes_needed label to the PR.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Norbert Pocs <norbertp@openssl.org>
MergeDate: Tue Jan 13 19:17:37 2026
(Merged from https://github.com/openssl/openssl/pull/29536)
 2026-01-13 14:17:26 -05:00
Bob Beck
c082649033 Ensure ASN1 types are checked before use. 
Some of these were fixed by LibreSSL in commit aa1f637d45
this fix includes the other fixes in that commit, as well as fixes for others found by a scan
for a similar unvalidated access paradigm in the tree.

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29582)
 2026-01-13 12:11:18 +01:00
slontis
a62d247888 Add clang-format file exclusions for generated files related to OBJ 
objects.

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
MergeDate: Tue Jan 13 10:13:37 2026
(Merged from https://github.com/openssl/openssl/pull/29599)
 2026-01-13 11:13:33 +01:00
slontis
9bd2f96139 Add an OID for "id-alg-hss-lms-hashsig" 
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
MergeDate: Tue Jan 13 10:13:35 2026
(Merged from https://github.com/openssl/openssl/pull/29599)
 2026-01-13 11:13:33 +01:00
Eugene Syromiatnikov
4d3d1c9f01 ml_dsa_kmgmt: check params against len and not pointers in ml_dsa_key_fromdata 
The rest of the function conditions the presence/usage of pk/seed/sk
on the non-zeroness of pk_len/seed_len/sk_len, respectively, so perform
the *_len checks in a similar fashion;  that makes it in line
with the similarly written ml_kem_key_fromdata() and stops giving Coverity
ideas that the pointers can be NULL when the respective len variables
are non-zero.

Fixes: 5421423ef9 "Flexible encoders for ML-DSA"
Resolves: https://scan5.scan.coverity.com/#/project-view/65248/10222?selectedIssue=1680314
Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org>

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Norbert Pocs <norbertp@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29596)
 2026-01-12 16:12:09 -05:00
Joshua Rogers
0f20676e99 quic: remove dead VERSION_NEG handling in ch_rx_handle_packet 
VERSION_NEG packets are handled and returned from earlier in the function.
The later switch case and its helper are unreachable and contradictory.
Remove them to avoid confusion and future behavior drift.

Signed-off-by: Joshua Rogers <MegaManSec@users.noreply.github.com>

Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
MergeDate: Mon Jan 12 18:54:09 2026
(Merged from https://github.com/openssl/openssl/pull/28920)
 2026-01-12 19:54:03 +01:00
Joshua Rogers
92b5ba86f6 quic: remove redundant free of inner TLS in accept_connection 
SSL_free(conn_ssl) for a QCSO enters ossl_quic_free, which calls qc_cleanup.
qc_cleanup already frees qc->tls via SSL_free(qc->tls) and then frees qc->ch.
The additional SSL_free(ossl_quic_channel_get0_tls(new_ch)) releases the same
TLS a second time, which is redundant.

We also replace some of the pure condition checks with ossl_assert() checks
as these conditions cannot really fail.

Signed-off-by: Joshua Rogers <MegaManSec@users.noreply.github.com>

Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
MergeDate: Mon Jan 12 18:54:07 2026
(Merged from https://github.com/openssl/openssl/pull/28920)
 2026-01-12 19:51:35 +01:00
Joshua Rogers
d62febf758 quic: free popped incoming channel on early exit in accept_connection 
If we pop a channel but fail to extract or adopt its SSL pointer,
we return without releasing the channel. Add a small cleanup at
the function epilogue to free new_ch when conn_ssl is NULL.

Signed-off-by: Joshua Rogers <MegaManSec@users.noreply.github.com>

Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
MergeDate: Mon Jan 12 18:54:05 2026
(Merged from https://github.com/openssl/openssl/pull/28920)
 2026-01-12 19:49:41 +01:00
Liu-ErMeng
a8f8e64a56 fix vpsm4_ex bug in AARCH64 big-endian platform 
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
MergeDate: Mon Jan 12 18:46:42 2026
(Merged from https://github.com/openssl/openssl/pull/29504)
 2026-01-12 19:46:26 +01:00
Gleb Popov
ea7cbff76d bn: Remove the BN_RECURSION cpp define 
Just like in previous commit, this define does not represent a toggleable
feature, but is entirely dependent on the OPENSSL_SMALL_FOOTPRINT define.

Reviewed-by: Frederik Wedel-Heinen <fwh.openssl@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
MergeDate: Mon Jan 12 18:44:27 2026
(Merged from https://github.com/openssl/openssl/pull/29204)
 2026-01-12 19:44:10 +01:00
Gleb Popov
2dcf5361dd bn: Remove the BN_SQR_COMBA cpp define 
Just like in previous commit, this define does not represent a toggleable
feature, but is entirely dependent on the OPENSSL_SMALL_FOOTPRINT define.

Reviewed-by: Frederik Wedel-Heinen <fwh.openssl@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
MergeDate: Mon Jan 12 18:44:25 2026
(Merged from https://github.com/openssl/openssl/pull/29204)
 2026-01-12 19:44:10 +01:00
Gleb Popov
9c26985326 bn: Remove the BN_MUL_COMBA cpp define 
It does not represent a feature that some arch may or may not possess, but
instead is entirely dependent on the OPENSSL_SMALL_FOOTPRINT option.

Reviewed-by: Frederik Wedel-Heinen <fwh.openssl@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
MergeDate: Mon Jan 12 18:44:24 2026
(Merged from https://github.com/openssl/openssl/pull/29204)
 2026-01-12 19:44:10 +01:00
Jiasheng Jiang
ffb5ca705b test/bio_base64_test.c: Add check for BIO_new() 
Add check for the return value of BIO_new() to avoid NULL pointer dereference.

Fixes: 0cd9dd703e ("Improve base64 BIO correctness and error reporting")
Signed-off-by: Jiasheng Jiang <jiashengjiangcool@gmail.com>

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Frederik Wedel-Heinen <fwh.openssl@gmail.com>
MergeDate: Mon Jan 12 18:42:15 2026
(Merged from https://github.com/openssl/openssl/pull/27993)
 2026-01-12 19:42:02 +01:00
Jiasheng Jiang
669815e846 fuzz/cmp.c: Correct the usages of BIO_new() 
Use BIO_free() to free "in" if error occurs to avoid memory leak.
Moreover, add check for "out" to avoid NULL pointer dereference.
Also replace OPENSSL_assert with return.

Fixes: e599d0a ("Add CMP fuzzing to fuzz/cmp.c, including a couple of helpers in crypto/cmp/")
Signed-off-by: Jiasheng Jiang <jiashengjiangcool@gmail.com>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Frederik Wedel-Heinen <fwh.openssl@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
MergeDate: Mon Jan 12 18:40:14 2026
(Merged from https://github.com/openssl/openssl/pull/27920)
 2026-01-12 19:39:23 +01:00
Tomas Mraz
eea134e1f5 Add WSAIoctl to allowed platform symbols on Windows 
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Norbert Pocs <norbertp@openssl.org>
MergeDate: Mon Jan 12 18:37:12 2026
(Merged from https://github.com/openssl/openssl/pull/29608)

(cherry picked from commit 0f8166512f)
 2026-01-12 19:37:25 +01:00
zhoulu
f1482a709d Instruction reordering to further improve SM4-CBC decryption performance on the RISC-V architecture 
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/29544)
 2026-01-12 10:13:07 -05:00
Heath Dutton🕴️
d2e4f588b6 apps/speed.c: support algorithm name aliases in kem and sig lookup 
Fixes #29355

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/29571)
 2026-01-12 12:31:19 +01:00
Heath Dutton🕴️
b45fb748bd Add PKCS12 fuzzer 
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/29572)
 2026-01-12 12:28:56 +01:00
Milan Broz
f442c00266 Add clang-21 to CI compilers 
Signed-off-by: Milan Broz <gmazyland@gmail.com>

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29587)
 2026-01-12 12:20:16 +01:00
Dmitry Misharov
ca58a66e31 do not hardcode CI workspace path 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29577)
 2026-01-12 12:07:45 +01:00
Simo Sorce
16fe8dc019 Fix max index define that was not updated 
In PR #29145 a new OSSL_LIB_CTX_SSL_CONF_IMODULE was added, but
the OSSL_LIB_CTX_MAX_INDEXES value was left behind.

This should probably be converted to an enum, but I'll leave that work
to some other brave soul.

Signed-off-by: Simo Sorce <simo@redhat.com>

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29581)
 2026-01-12 11:47:48 +01:00
Norbert Pocs
d130c5f748 windows-makefile: Don't prefix libdir when it is absolute path 
When --libdir was passed to configuration as an absolute path then
the makefile MODULESDIR_dir became concat(prefix, libdir) creating
an invalid path.

Fixes: https://github.com/openssl/project/issues/1797

Signed-off-by: Norbert Pocs <norbertp@openssl.org>

Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29579)
 2026-01-12 11:43:43 +01:00
Alexandr Nedvedicky
4a7d9705f3 QUIC listener may fail with SSL_POLL_EVENT_EL on windows. 
recvfrom() may return WSAECONNRESET when the destination port
used in a previous sendto() call is no longer available. This
causes QUIC PORT to swich from running state. This behavior
is not desired for QUIC protocol. The trick is to disable
SIO_UDP_CONNRESET flag on UDP port used by QUIC.

The issue was kindly reported and root caused by goforit22123-netizen@

Fixes: #29530

Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Norbert Pocs <norbertp@openssl.org>
MergeDate: Mon Jan 12 10:27:25 2026
(Merged from https://github.com/openssl/openssl/pull/29538)
 2026-01-12 11:27:22 +01:00
Nikola Pajkovsky
277634a842 lhash_test: set back num_workers to 16 
commit 131c2a1adb ("Defang the lhash test") has reduced default number
of the thread workers in CI to HARNESS_JOBS / 4. Setting LHASH_WORKERS
will set it back.

Resolves: https://github.com/openssl/project/issues/1769
Signed-off-by: Nikola Pajkovsky <nikolap@openssl.org>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
MergeDate: Mon Jan 12 10:09:54 2026
(Merged from https://github.com/openssl/openssl/pull/29565)
 2026-01-12 11:09:47 +01:00
Matt Caswell
85645be82e Clean up some unnecessary includes 
Now that we have removed lots of deadcode various files are including
more than they need to. We can slim down the list of includes.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29446)
 2026-01-12 08:31:38 +00:00
Matt Caswell
b217b18009 Remove dead EVP_rc5() code 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29446)
 2026-01-12 08:31:38 +00:00
Matt Caswell
6215430101 Remove legacy fields from the EVP_CIPHER structure 
We remove legacy fields that are no longer used for anything from the
EVP_CIPHER structure.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29446)
 2026-01-12 08:31:38 +00:00
Matt Caswell
f9bdb61bbf Remove some last remaining EVP_CIPHER related legacy paths 
There were some final remaining legacy paths that are now redundant and
can be removed.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29446)
 2026-01-12 08:31:38 +00:00
Matt Caswell
86d7f1665d Remove dead EVP_rc4_hmac_md5() code 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29446)
 2026-01-12 08:31:38 +00:00
Matt Caswell
4c8280a13c Remove dead EVP_enc_null() code 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29446)
 2026-01-12 08:31:38 +00:00
Matt Caswell
4237166530 Remove dead EVP_chacha20_*() code 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29446)
 2026-01-12 08:31:38 +00:00
Matt Caswell
32eaa748a3 Cleanup block cipher macros in include/crypto/evp.h 
Remove some unneeded deadcode and fix the formatting

Also fix all users of those macros to avoid compilation warnings

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29446)
 2026-01-12 08:31:38 +00:00
Matt Caswell
d4c1efccab Remove dead EVP_aes_*() code 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29446)
 2026-01-12 08:31:38 +00:00