Avoid NULL dereference in EVP_PKEY_paramgen()

If EVP_PKEY_new() returns NULL, it would be passed to the paramgen() pmeth
which would typically dereference it. This is identical to a recent change
in keygen().

ok jsing

Garbage collect various *_init() pmeths

It's unclear whether the functions these support were ever really
used for anything else than kicking off an overenginerred state
machine.

ok jsing

Fix a potential NULL-deref in EVP_PKEY_keygen()

After a EVP_PKEY_new() failure, a NULL pointer would be passed to the
keygen pmeth, which could result in tears.

ok beck jsing

Hide public symbols in evp.h

largely mechanically done by the guentherizer 9000

ok tb@

Fix bounds check in EVP_PKEY_CTX_get_keygen_info()

Replace > with >= for the upper array bound to disallow a 4 byte
overread. For RSA you can read the padding mode and for DH past
the DH_PKEY_CTX. Unfortunately, Ruby thought it important to use
this, so we can't kill it easily.

ok miod

Ignore ENGINE at the API boundary

This removes the remaining ENGINE members from various internal structs
and functions. Any ENGINE passed into a public API is now completely
ignored functions returning an ENGINE always return NULL.

ok jsing

Unbreak the namespace build after a broken mk.conf and tool misfire had
me aliasing symbols not in the headers I was procesing.

This unbreaks the namespace build so it will pass again

ok tb@

Hide symbols in hkdf, evp, err, ecdsa, and ec

(part 2 of commit)

ok jsing@

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.

Adjust all .c files in libcrypto, libssl and regress.

The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.

discussed with jsing,
no objection bcook

Prepare to provide EVP_PKEY_{public,param}_check

This implements checking of a public key and of key generation
parameters for DH and EC keys. With the same logic and setters
and const quirks as for EVP_PKEY_check().

There are a couple of quirks: For DH no default EVP_PKEY_check()
is implemented, instead EVP_PKEY_param_check() calls DH_check_ex()
even though DH_param_check_ex() was added for this purpose.
EVP_PKEY_public_check() for EC curves also checks the private key
if present.

ok inoguchi jsing

Prepare to provide EVP_PKEY_check()

This allows checking the validity of an EVP_PKEY. Only RSA and EC keys
are supported. If a check function is set the EVP_PKEY_METHOD, it will
be used, otherwise the check function on the EVP_PKEY_ASN1_METHOD is
used. The default ASN.1 methods wrap RSA_check_key() and
EC_KEY_check_key(), respectively.

The corresponding setters are EVP_PKEY_{asn1,meth}_set_check().

It is unclear why the PKEY method has no const while the ASN.1 method
has const.

Requested by tobhe and used by PHP 8.1.
Based on OpenSSL commit 2aee35d3

ok inoguchi jsing

Add #include "bn_lcl.h" to the files that will soon need it.

ok inoguchi jsing

Add semicolon that will become non-optional once BN_GENCB_set() will
move from an awful macro to a proper function.

Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@

if (x) FOO_free(x) -> FOO_free(x).
Improves readability, keeps the code smaller so that it is warmer in your
cache.

review & ok deraadt@

Only import cryptlib.h in the four source files that actually need it.
Remove the openssl public includes from cryptlib.h and add a small number
of includes into the source files that actually need them. While here,
also sort/group/tidy the includes.

ok beck@ miod@

tags as requested by miod and tedu

KNF.

branches: 1.1.1;
Initial revision

Garbage collect various *_init() pmeths

It's unclear whether the functions these support were ever really
used for anything else than kicking off an overenginerred state
machine.

ok jsing

Fix a potential NULL-deref in EVP_PKEY_keygen()

After a EVP_PKEY_new() failure, a NULL pointer would be passed to the
keygen pmeth, which could result in tears.

ok beck jsing

Hide public symbols in evp.h

largely mechanically done by the guentherizer 9000

ok tb@

Fix bounds check in EVP_PKEY_CTX_get_keygen_info()

Replace > with >= for the upper array bound to disallow a 4 byte
overread. For RSA you can read the padding mode and for DH past
the DH_PKEY_CTX. Unfortunately, Ruby thought it important to use
this, so we can't kill it easily.

ok miod

Ignore ENGINE at the API boundary

This removes the remaining ENGINE members from various internal structs
and functions. Any ENGINE passed into a public API is now completely
ignored functions returning an ENGINE always return NULL.

ok jsing

Unbreak the namespace build after a broken mk.conf and tool misfire had
me aliasing symbols not in the headers I was procesing.

This unbreaks the namespace build so it will pass again

ok tb@

Hide symbols in hkdf, evp, err, ecdsa, and ec

(part 2 of commit)

ok jsing@

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.

Adjust all .c files in libcrypto, libssl and regress.

The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.

discussed with jsing,
no objection bcook

Prepare to provide EVP_PKEY_{public,param}_check

This implements checking of a public key and of key generation
parameters for DH and EC keys. With the same logic and setters
and const quirks as for EVP_PKEY_check().

There are a couple of quirks: For DH no default EVP_PKEY_check()
is implemented, instead EVP_PKEY_param_check() calls DH_check_ex()
even though DH_param_check_ex() was added for this purpose.
EVP_PKEY_public_check() for EC curves also checks the private key
if present.

ok inoguchi jsing

Prepare to provide EVP_PKEY_check()

This allows checking the validity of an EVP_PKEY. Only RSA and EC keys
are supported. If a check function is set the EVP_PKEY_METHOD, it will
be used, otherwise the check function on the EVP_PKEY_ASN1_METHOD is
used. The default ASN.1 methods wrap RSA_check_key() and
EC_KEY_check_key(), respectively.

The corresponding setters are EVP_PKEY_{asn1,meth}_set_check().

It is unclear why the PKEY method has no const while the ASN.1 method
has const.

Requested by tobhe and used by PHP 8.1.
Based on OpenSSL commit 2aee35d3

ok inoguchi jsing

Add #include "bn_lcl.h" to the files that will soon need it.

ok inoguchi jsing

Add semicolon that will become non-optional once BN_GENCB_set() will
move from an awful macro to a proper function.

Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@

if (x) FOO_free(x) -> FOO_free(x).
Improves readability, keeps the code smaller so that it is warmer in your
cache.

review & ok deraadt@

Only import cryptlib.h in the four source files that actually need it.
Remove the openssl public includes from cryptlib.h and add a small number
of includes into the source files that actually need them. While here,
also sort/group/tidy the includes.

ok beck@ miod@

tags as requested by miod and tedu

KNF.

branches: 1.1.1;
Initial revision

Hide public symbols in evp.h

largely mechanically done by the guentherizer 9000

ok tb@

Fix bounds check in EVP_PKEY_CTX_get_keygen_info()

Replace > with >= for the upper array bound to disallow a 4 byte
overread. For RSA you can read the padding mode and for DH past
the DH_PKEY_CTX. Unfortunately, Ruby thought it important to use
this, so we can't kill it easily.

ok miod

Ignore ENGINE at the API boundary

This removes the remaining ENGINE members from various internal structs
and functions. Any ENGINE passed into a public API is now completely
ignored functions returning an ENGINE always return NULL.

ok jsing

Unbreak the namespace build after a broken mk.conf and tool misfire had
me aliasing symbols not in the headers I was procesing.

This unbreaks the namespace build so it will pass again

ok tb@

Hide symbols in hkdf, evp, err, ecdsa, and ec

(part 2 of commit)

ok jsing@

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.

Adjust all .c files in libcrypto, libssl and regress.

The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.

discussed with jsing,
no objection bcook

Prepare to provide EVP_PKEY_{public,param}_check

This implements checking of a public key and of key generation
parameters for DH and EC keys. With the same logic and setters
and const quirks as for EVP_PKEY_check().

There are a couple of quirks: For DH no default EVP_PKEY_check()
is implemented, instead EVP_PKEY_param_check() calls DH_check_ex()
even though DH_param_check_ex() was added for this purpose.
EVP_PKEY_public_check() for EC curves also checks the private key
if present.

ok inoguchi jsing

Prepare to provide EVP_PKEY_check()

This allows checking the validity of an EVP_PKEY. Only RSA and EC keys
are supported. If a check function is set the EVP_PKEY_METHOD, it will
be used, otherwise the check function on the EVP_PKEY_ASN1_METHOD is
used. The default ASN.1 methods wrap RSA_check_key() and
EC_KEY_check_key(), respectively.

The corresponding setters are EVP_PKEY_{asn1,meth}_set_check().

It is unclear why the PKEY method has no const while the ASN.1 method
has const.

Requested by tobhe and used by PHP 8.1.
Based on OpenSSL commit 2aee35d3

ok inoguchi jsing

Add #include "bn_lcl.h" to the files that will soon need it.

ok inoguchi jsing

Add semicolon that will become non-optional once BN_GENCB_set() will
move from an awful macro to a proper function.

Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@

if (x) FOO_free(x) -> FOO_free(x).
Improves readability, keeps the code smaller so that it is warmer in your
cache.

review & ok deraadt@

Only import cryptlib.h in the four source files that actually need it.
Remove the openssl public includes from cryptlib.h and add a small number
of includes into the source files that actually need them. While here,
also sort/group/tidy the includes.

ok beck@ miod@

tags as requested by miod and tedu

KNF.

branches: 1.1.1;
Initial revision

Fix bounds check in EVP_PKEY_CTX_get_keygen_info()

Replace > with >= for the upper array bound to disallow a 4 byte
overread. For RSA you can read the padding mode and for DH past
the DH_PKEY_CTX. Unfortunately, Ruby thought it important to use
this, so we can't kill it easily.

ok miod

Ignore ENGINE at the API boundary

This removes the remaining ENGINE members from various internal structs
and functions. Any ENGINE passed into a public API is now completely
ignored functions returning an ENGINE always return NULL.

ok jsing

Unbreak the namespace build after a broken mk.conf and tool misfire had
me aliasing symbols not in the headers I was procesing.

This unbreaks the namespace build so it will pass again

ok tb@

Hide symbols in hkdf, evp, err, ecdsa, and ec

(part 2 of commit)

ok jsing@

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.

Adjust all .c files in libcrypto, libssl and regress.

The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.

discussed with jsing,
no objection bcook

Prepare to provide EVP_PKEY_{public,param}_check

This implements checking of a public key and of key generation
parameters for DH and EC keys. With the same logic and setters
and const quirks as for EVP_PKEY_check().

There are a couple of quirks: For DH no default EVP_PKEY_check()
is implemented, instead EVP_PKEY_param_check() calls DH_check_ex()
even though DH_param_check_ex() was added for this purpose.
EVP_PKEY_public_check() for EC curves also checks the private key
if present.

ok inoguchi jsing

Prepare to provide EVP_PKEY_check()

This allows checking the validity of an EVP_PKEY. Only RSA and EC keys
are supported. If a check function is set the EVP_PKEY_METHOD, it will
be used, otherwise the check function on the EVP_PKEY_ASN1_METHOD is
used. The default ASN.1 methods wrap RSA_check_key() and
EC_KEY_check_key(), respectively.

The corresponding setters are EVP_PKEY_{asn1,meth}_set_check().

It is unclear why the PKEY method has no const while the ASN.1 method
has const.

Requested by tobhe and used by PHP 8.1.
Based on OpenSSL commit 2aee35d3

ok inoguchi jsing

Add #include "bn_lcl.h" to the files that will soon need it.

ok inoguchi jsing

Add semicolon that will become non-optional once BN_GENCB_set() will
move from an awful macro to a proper function.

Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@

if (x) FOO_free(x) -> FOO_free(x).
Improves readability, keeps the code smaller so that it is warmer in your
cache.

review & ok deraadt@

Only import cryptlib.h in the four source files that actually need it.
Remove the openssl public includes from cryptlib.h and add a small number
of includes into the source files that actually need them. While here,
also sort/group/tidy the includes.

ok beck@ miod@

tags as requested by miod and tedu

KNF.

branches: 1.1.1;
Initial revision

Ignore ENGINE at the API boundary

This removes the remaining ENGINE members from various internal structs
and functions. Any ENGINE passed into a public API is now completely
ignored functions returning an ENGINE always return NULL.

ok jsing

Unbreak the namespace build after a broken mk.conf and tool misfire had
me aliasing symbols not in the headers I was procesing.

This unbreaks the namespace build so it will pass again

ok tb@

Hide symbols in hkdf, evp, err, ecdsa, and ec

(part 2 of commit)

ok jsing@

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.

Adjust all .c files in libcrypto, libssl and regress.

The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.

discussed with jsing,
no objection bcook

Prepare to provide EVP_PKEY_{public,param}_check

This implements checking of a public key and of key generation
parameters for DH and EC keys. With the same logic and setters
and const quirks as for EVP_PKEY_check().

There are a couple of quirks: For DH no default EVP_PKEY_check()
is implemented, instead EVP_PKEY_param_check() calls DH_check_ex()
even though DH_param_check_ex() was added for this purpose.
EVP_PKEY_public_check() for EC curves also checks the private key
if present.

ok inoguchi jsing

Prepare to provide EVP_PKEY_check()

This allows checking the validity of an EVP_PKEY. Only RSA and EC keys
are supported. If a check function is set the EVP_PKEY_METHOD, it will
be used, otherwise the check function on the EVP_PKEY_ASN1_METHOD is
used. The default ASN.1 methods wrap RSA_check_key() and
EC_KEY_check_key(), respectively.

The corresponding setters are EVP_PKEY_{asn1,meth}_set_check().

It is unclear why the PKEY method has no const while the ASN.1 method
has const.

Requested by tobhe and used by PHP 8.1.
Based on OpenSSL commit 2aee35d3

ok inoguchi jsing

Add #include "bn_lcl.h" to the files that will soon need it.

ok inoguchi jsing

Add semicolon that will become non-optional once BN_GENCB_set() will
move from an awful macro to a proper function.

Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@

if (x) FOO_free(x) -> FOO_free(x).
Improves readability, keeps the code smaller so that it is warmer in your
cache.

review & ok deraadt@

Only import cryptlib.h in the four source files that actually need it.
Remove the openssl public includes from cryptlib.h and add a small number
of includes into the source files that actually need them. While here,
also sort/group/tidy the includes.

ok beck@ miod@

tags as requested by miod and tedu

KNF.

branches: 1.1.1;
Initial revision

Unbreak the namespace build after a broken mk.conf and tool misfire had
me aliasing symbols not in the headers I was procesing.

This unbreaks the namespace build so it will pass again

ok tb@

Hide symbols in hkdf, evp, err, ecdsa, and ec

(part 2 of commit)

ok jsing@

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.

Adjust all .c files in libcrypto, libssl and regress.

The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.

discussed with jsing,
no objection bcook

Prepare to provide EVP_PKEY_{public,param}_check

This implements checking of a public key and of key generation
parameters for DH and EC keys. With the same logic and setters
and const quirks as for EVP_PKEY_check().

There are a couple of quirks: For DH no default EVP_PKEY_check()
is implemented, instead EVP_PKEY_param_check() calls DH_check_ex()
even though DH_param_check_ex() was added for this purpose.
EVP_PKEY_public_check() for EC curves also checks the private key
if present.

ok inoguchi jsing

Prepare to provide EVP_PKEY_check()

This allows checking the validity of an EVP_PKEY. Only RSA and EC keys
are supported. If a check function is set the EVP_PKEY_METHOD, it will
be used, otherwise the check function on the EVP_PKEY_ASN1_METHOD is
used. The default ASN.1 methods wrap RSA_check_key() and
EC_KEY_check_key(), respectively.

The corresponding setters are EVP_PKEY_{asn1,meth}_set_check().

It is unclear why the PKEY method has no const while the ASN.1 method
has const.

Requested by tobhe and used by PHP 8.1.
Based on OpenSSL commit 2aee35d3

ok inoguchi jsing

Add #include "bn_lcl.h" to the files that will soon need it.

ok inoguchi jsing

Add semicolon that will become non-optional once BN_GENCB_set() will
move from an awful macro to a proper function.

Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@

if (x) FOO_free(x) -> FOO_free(x).
Improves readability, keeps the code smaller so that it is warmer in your
cache.

review & ok deraadt@

Only import cryptlib.h in the four source files that actually need it.
Remove the openssl public includes from cryptlib.h and add a small number
of includes into the source files that actually need them. While here,
also sort/group/tidy the includes.

ok beck@ miod@

tags as requested by miod and tedu

KNF.

branches: 1.1.1;
Initial revision

Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names
used for internal headers. Move all these headers we inherited from
OpenSSL to *_local.h, reserving the name *_internal.h for our own code.
Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h.
constant_time_locl.h is moved to constant_time.h since it's special.

Adjust all .c files in libcrypto, libssl and regress.

The diff is mechanical with the exception of tls13_quic.c, where
#include <ssl_locl.h> was fixed manually.

discussed with jsing,
no objection bcook

Prepare to provide EVP_PKEY_{public,param}_check

This implements checking of a public key and of key generation
parameters for DH and EC keys. With the same logic and setters
and const quirks as for EVP_PKEY_check().

There are a couple of quirks: For DH no default EVP_PKEY_check()
is implemented, instead EVP_PKEY_param_check() calls DH_check_ex()
even though DH_param_check_ex() was added for this purpose.
EVP_PKEY_public_check() for EC curves also checks the private key
if present.

ok inoguchi jsing

Prepare to provide EVP_PKEY_check()

This allows checking the validity of an EVP_PKEY. Only RSA and EC keys
are supported. If a check function is set the EVP_PKEY_METHOD, it will
be used, otherwise the check function on the EVP_PKEY_ASN1_METHOD is
used. The default ASN.1 methods wrap RSA_check_key() and
EC_KEY_check_key(), respectively.

The corresponding setters are EVP_PKEY_{asn1,meth}_set_check().

It is unclear why the PKEY method has no const while the ASN.1 method
has const.

Requested by tobhe and used by PHP 8.1.
Based on OpenSSL commit 2aee35d3

ok inoguchi jsing

Add #include "bn_lcl.h" to the files that will soon need it.

ok inoguchi jsing

Add semicolon that will become non-optional once BN_GENCB_set() will
move from an awful macro to a proper function.

Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@

if (x) FOO_free(x) -> FOO_free(x).
Improves readability, keeps the code smaller so that it is warmer in your
cache.

review & ok deraadt@

Only import cryptlib.h in the four source files that actually need it.
Remove the openssl public includes from cryptlib.h and add a small number
of includes into the source files that actually need them. While here,
also sort/group/tidy the includes.

ok beck@ miod@

tags as requested by miod and tedu

KNF.

branches: 1.1.1;
Initial revision

Prepare to provide EVP_PKEY_{public,param}_check

This implements checking of a public key and of key generation
parameters for DH and EC keys. With the same logic and setters
and const quirks as for EVP_PKEY_check().

There are a couple of quirks: For DH no default EVP_PKEY_check()
is implemented, instead EVP_PKEY_param_check() calls DH_check_ex()
even though DH_param_check_ex() was added for this purpose.
EVP_PKEY_public_check() for EC curves also checks the private key
if present.

ok inoguchi jsing

Prepare to provide EVP_PKEY_check()

This allows checking the validity of an EVP_PKEY. Only RSA and EC keys
are supported. If a check function is set the EVP_PKEY_METHOD, it will
be used, otherwise the check function on the EVP_PKEY_ASN1_METHOD is
used. The default ASN.1 methods wrap RSA_check_key() and
EC_KEY_check_key(), respectively.

The corresponding setters are EVP_PKEY_{asn1,meth}_set_check().

It is unclear why the PKEY method has no const while the ASN.1 method
has const.

Requested by tobhe and used by PHP 8.1.
Based on OpenSSL commit 2aee35d3

ok inoguchi jsing

Add #include "bn_lcl.h" to the files that will soon need it.

ok inoguchi jsing

Add semicolon that will become non-optional once BN_GENCB_set() will
move from an awful macro to a proper function.

Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@

if (x) FOO_free(x) -> FOO_free(x).
Improves readability, keeps the code smaller so that it is warmer in your
cache.

review & ok deraadt@

Only import cryptlib.h in the four source files that actually need it.
Remove the openssl public includes from cryptlib.h and add a small number
of includes into the source files that actually need them. While here,
also sort/group/tidy the includes.

ok beck@ miod@

tags as requested by miod and tedu

KNF.

branches: 1.1.1;
Initial revision

Add #include "bn_lcl.h" to the files that will soon need it.

ok inoguchi jsing

Add semicolon that will become non-optional once BN_GENCB_set() will
move from an awful macro to a proper function.

Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@

if (x) FOO_free(x) -> FOO_free(x).
Improves readability, keeps the code smaller so that it is warmer in your
cache.

review & ok deraadt@

Only import cryptlib.h in the four source files that actually need it.
Remove the openssl public includes from cryptlib.h and add a small number
of includes into the source files that actually need them. While here,
also sort/group/tidy the includes.

ok beck@ miod@

tags as requested by miod and tedu

KNF.

branches: 1.1.1;
Initial revision

Add semicolon that will become non-optional once BN_GENCB_set() will
move from an awful macro to a proper function.

Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@

if (x) FOO_free(x) -> FOO_free(x).
Improves readability, keeps the code smaller so that it is warmer in your
cache.

review & ok deraadt@

Only import cryptlib.h in the four source files that actually need it.
Remove the openssl public includes from cryptlib.h and add a small number
of includes into the source files that actually need them. While here,
also sort/group/tidy the includes.

ok beck@ miod@

tags as requested by miod and tedu

KNF.

branches: 1.1.1;
Initial revision

Send the function codes from the error functions to the bit bucket,
as was done earlier in libssl. Thanks inoguchi@ for noticing
libssl had more reacharounds into this.
ok jsing@ inoguchi@

if (x) FOO_free(x) -> FOO_free(x).
Improves readability, keeps the code smaller so that it is warmer in your
cache.

review & ok deraadt@

Only import cryptlib.h in the four source files that actually need it.
Remove the openssl public includes from cryptlib.h and add a small number
of includes into the source files that actually need them. While here,
also sort/group/tidy the includes.

ok beck@ miod@

tags as requested by miod and tedu

KNF.

branches: 1.1.1;
Initial revision