Hide public symbols in evp.h

largely mechanically done by the guentherizer 9000

ok tb@

Clarify how the EVP IV is used with ChaCha

EVP_chacha20() was aligned to follow OpenSSL's nonconformant implementation
during a2k20 by djm and myself in an effort to allow OpenSSH to use the
OpenSSL 1.1 API. Some corresponding OpenSSL 1.1 documentation was imported
at the same time. A comment attempted to translate between implementation
and the incorrect documentation, which was necessarily gibberish. Improve
the situation by rephrasing and dropping nonsensical bits.

Prompted by a question of schwarze

Unbreak the namespace build after a broken mk.conf and tool misfire had
me aliasing symbols not in the headers I was procesing.

This unbreaks the namespace build so it will pass again

ok tb@

Hide symbols in hkdf, evp, err, ecdsa, and ec

(part 2 of commit)

ok jsing@

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.

Adjust all .c files in libcrypto, libssl and regress.

The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.

discussed with jsing,
no objection bcook

Reorder functions and remove unnecessary function prototypes.

typo

Improve the comment explaining why the previous change matches OpenSSL's
behavior.

ok jsing

Adjust EVP_chacha20()'s behavior to match OpenSSL's semantics:
The new IV is 128 bit long and is actually the 64 bit counter followed
by 64 the bit initialization vector. This is needed by an upcoming
change in OpenSSH and is a breaking change for all current callers.
There are language bindings for Node.js, Rust and Erlang, but none of
our ports use them.

Note that EVP_chacha20() was first introduced in LibreSSL on May 1, 2014
while the entirely incompatible version in OpenSSL was committed on
Dec 9, 2015.

Initial diff from djm and myself, further refinements by djm.
Ports grepping by sthen

ok jsing

In chacha_init(), allow for a NULL iv. Reported by znz on github.
ok guenther@ jsing@

Explicitly include <openssl/opensslconf.h> in every file that references
an OPENSSL_NO_* define. This avoids relying on something else pulling it
in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is
never going to do anything, since OPENSSL_NO_XYZ will never defined, due
to the fact that opensslconf.h has not been included.

This also includes some miscellaneous sorting/tidying of headers.

tags as requested by miod and tedu

KNF.

Provide an EVP implementation for ChaCha.

ok miod@

Clarify how the EVP IV is used with ChaCha

EVP_chacha20() was aligned to follow OpenSSL's nonconformant implementation
during a2k20 by djm and myself in an effort to allow OpenSSH to use the
OpenSSL 1.1 API. Some corresponding OpenSSL 1.1 documentation was imported
at the same time. A comment attempted to translate between implementation
and the incorrect documentation, which was necessarily gibberish. Improve
the situation by rephrasing and dropping nonsensical bits.

Prompted by a question of schwarze

Unbreak the namespace build after a broken mk.conf and tool misfire had
me aliasing symbols not in the headers I was procesing.

This unbreaks the namespace build so it will pass again

ok tb@

Hide symbols in hkdf, evp, err, ecdsa, and ec

(part 2 of commit)

ok jsing@

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.

Adjust all .c files in libcrypto, libssl and regress.

The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.

discussed with jsing,
no objection bcook

Reorder functions and remove unnecessary function prototypes.

typo

Improve the comment explaining why the previous change matches OpenSSL's
behavior.

ok jsing

Adjust EVP_chacha20()'s behavior to match OpenSSL's semantics:
The new IV is 128 bit long and is actually the 64 bit counter followed
by 64 the bit initialization vector. This is needed by an upcoming
change in OpenSSH and is a breaking change for all current callers.
There are language bindings for Node.js, Rust and Erlang, but none of
our ports use them.

Note that EVP_chacha20() was first introduced in LibreSSL on May 1, 2014
while the entirely incompatible version in OpenSSL was committed on
Dec 9, 2015.

Initial diff from djm and myself, further refinements by djm.
Ports grepping by sthen

ok jsing

In chacha_init(), allow for a NULL iv. Reported by znz on github.
ok guenther@ jsing@

Explicitly include <openssl/opensslconf.h> in every file that references
an OPENSSL_NO_* define. This avoids relying on something else pulling it
in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is
never going to do anything, since OPENSSL_NO_XYZ will never defined, due
to the fact that opensslconf.h has not been included.

This also includes some miscellaneous sorting/tidying of headers.

tags as requested by miod and tedu

KNF.

Provide an EVP implementation for ChaCha.

ok miod@

Unbreak the namespace build after a broken mk.conf and tool misfire had
me aliasing symbols not in the headers I was procesing.

This unbreaks the namespace build so it will pass again

ok tb@

Hide symbols in hkdf, evp, err, ecdsa, and ec

(part 2 of commit)

ok jsing@

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.

Adjust all .c files in libcrypto, libssl and regress.

The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.

discussed with jsing,
no objection bcook

Reorder functions and remove unnecessary function prototypes.

typo

Improve the comment explaining why the previous change matches OpenSSL's
behavior.

ok jsing

Adjust EVP_chacha20()'s behavior to match OpenSSL's semantics:
The new IV is 128 bit long and is actually the 64 bit counter followed
by 64 the bit initialization vector. This is needed by an upcoming
change in OpenSSH and is a breaking change for all current callers.
There are language bindings for Node.js, Rust and Erlang, but none of
our ports use them.

Note that EVP_chacha20() was first introduced in LibreSSL on May 1, 2014
while the entirely incompatible version in OpenSSL was committed on
Dec 9, 2015.

Initial diff from djm and myself, further refinements by djm.
Ports grepping by sthen

ok jsing

In chacha_init(), allow for a NULL iv. Reported by znz on github.
ok guenther@ jsing@

Explicitly include <openssl/opensslconf.h> in every file that references
an OPENSSL_NO_* define. This avoids relying on something else pulling it
in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is
never going to do anything, since OPENSSL_NO_XYZ will never defined, due
to the fact that opensslconf.h has not been included.

This also includes some miscellaneous sorting/tidying of headers.

tags as requested by miod and tedu

KNF.

Provide an EVP implementation for ChaCha.

ok miod@

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.

Adjust all .c files in libcrypto, libssl and regress.

The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.

discussed with jsing,
no objection bcook

Reorder functions and remove unnecessary function prototypes.

typo

Improve the comment explaining why the previous change matches OpenSSL's
behavior.

ok jsing

Adjust EVP_chacha20()'s behavior to match OpenSSL's semantics:
The new IV is 128 bit long and is actually the 64 bit counter followed
by 64 the bit initialization vector. This is needed by an upcoming
change in OpenSSH and is a breaking change for all current callers.
There are language bindings for Node.js, Rust and Erlang, but none of
our ports use them.

Note that EVP_chacha20() was first introduced in LibreSSL on May 1, 2014
while the entirely incompatible version in OpenSSL was committed on
Dec 9, 2015.

Initial diff from djm and myself, further refinements by djm.
Ports grepping by sthen

ok jsing

In chacha_init(), allow for a NULL iv. Reported by znz on github.
ok guenther@ jsing@

Explicitly include <openssl/opensslconf.h> in every file that references
an OPENSSL_NO_* define. This avoids relying on something else pulling it
in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is
never going to do anything, since OPENSSL_NO_XYZ will never defined, due
to the fact that opensslconf.h has not been included.

This also includes some miscellaneous sorting/tidying of headers.

tags as requested by miod and tedu

KNF.

Provide an EVP implementation for ChaCha.

ok miod@

Reorder functions and remove unnecessary function prototypes.

typo

Improve the comment explaining why the previous change matches OpenSSL's
behavior.

ok jsing

Adjust EVP_chacha20()'s behavior to match OpenSSL's semantics:
The new IV is 128 bit long and is actually the 64 bit counter followed
by 64 the bit initialization vector. This is needed by an upcoming
change in OpenSSH and is a breaking change for all current callers.
There are language bindings for Node.js, Rust and Erlang, but none of
our ports use them.

Note that EVP_chacha20() was first introduced in LibreSSL on May 1, 2014
while the entirely incompatible version in OpenSSL was committed on
Dec 9, 2015.

Initial diff from djm and myself, further refinements by djm.
Ports grepping by sthen

ok jsing

In chacha_init(), allow for a NULL iv. Reported by znz on github.
ok guenther@ jsing@

Explicitly include <openssl/opensslconf.h> in every file that references
an OPENSSL_NO_* define. This avoids relying on something else pulling it
in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is
never going to do anything, since OPENSSL_NO_XYZ will never defined, due
to the fact that opensslconf.h has not been included.

This also includes some miscellaneous sorting/tidying of headers.

tags as requested by miod and tedu

KNF.

Provide an EVP implementation for ChaCha.

ok miod@

typo

Improve the comment explaining why the previous change matches OpenSSL's
behavior.

ok jsing

Adjust EVP_chacha20()'s behavior to match OpenSSL's semantics:
The new IV is 128 bit long and is actually the 64 bit counter followed
by 64 the bit initialization vector. This is needed by an upcoming
change in OpenSSH and is a breaking change for all current callers.
There are language bindings for Node.js, Rust and Erlang, but none of
our ports use them.

Note that EVP_chacha20() was first introduced in LibreSSL on May 1, 2014
while the entirely incompatible version in OpenSSL was committed on
Dec 9, 2015.

Initial diff from djm and myself, further refinements by djm.
Ports grepping by sthen

ok jsing

In chacha_init(), allow for a NULL iv. Reported by znz on github.
ok guenther@ jsing@

Explicitly include <openssl/opensslconf.h> in every file that references
an OPENSSL_NO_* define. This avoids relying on something else pulling it
in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is
never going to do anything, since OPENSSL_NO_XYZ will never defined, due
to the fact that opensslconf.h has not been included.

This also includes some miscellaneous sorting/tidying of headers.

tags as requested by miod and tedu

KNF.

Provide an EVP implementation for ChaCha.

ok miod@

In chacha_init(), allow for a NULL iv. Reported by znz on github.
ok guenther@ jsing@

Explicitly include <openssl/opensslconf.h> in every file that references
an OPENSSL_NO_* define. This avoids relying on something else pulling it
in for us, plus it fixes several cases where the #ifndef OPENSSL_NO_XYZ is
never going to do anything, since OPENSSL_NO_XYZ will never defined, due
to the fact that opensslconf.h has not been included.

This also includes some miscellaneous sorting/tidying of headers.

tags as requested by miod and tedu

KNF.

Provide an EVP implementation for ChaCha.

ok miod@