Remove redundant ecdh.h header and any references to it.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Add keygen to EC_KEY_METHOD. Redirect EC_KEY_generate_key through
method and set the current EC key generation function as the default.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Add EC_KEY_METHOD. This is part of the EC revision and will make EC behave
more like other algorithms. Specifically:

EC_KEY_METHOD is part of EC_KEY.
It is part of ENGINE.
Default or key specific implementations can be provided to redirect some
or all operations.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NMatt Caswell <matt@openssl.org>

Add new flag TLS1_FLAGS_RECEIVED_EXTMS which is set when the peer sends
the extended master secret extension.

Server now sends extms if and only if the client sent extms.

Check consistency of extms extension when resuming sessions following (where
practical) RFC7627.
Reviewed-by: NMatt Caswell <matt@openssl.org>

Commit 6140f036 added some new ctrl constants. However due to a
merge error one of these values was duplicated with an existing
value.
Reviewed-by: NRich Salz <rsalz@openssl.org>

These are needed for GOST
Reviewed-by: NRichard Levitte <levitte@openssl.org>
Reviewed-by: NMatt Caswell <matt@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Looking over names, it seems like we usually use names ending with
_new and _free as object constructors and destructors.  Also, since
EVP_MD_CTX_init is now used to reset a EVP_MD_CTX, it might as well be
named accordingly.
Reviewed-by: NRich Salz <rsalz@openssl.org>

This follows the same idea as the combination of EVP_MD_CTX_cleanup
and EVP_MD_CTX_init into one function.
Reviewed-by: NRich Salz <rsalz@openssl.org>

The idea is that with EVP_MD_CTX_create() and EVP_MD_CTX_destroy(),
EVP_MD_CTX_cleanup and EVP_MD_CTX_init is not used the same as before.
Instead, we need a single function that can be used to reinitialise an
existing EVP_MD_CTX that's been created with EVP_MD_CTX_create()
previously.  Combining EVP_MD_CTX_cleanup and EVP_MD_CTX_init into
that one function is the answer.
Reviewed-by: NRich Salz <rsalz@openssl.org>

This moves the definition to crypto/hmac/hmac_lcl.h.  Constructor and
destructor added, and the typedef moved to include/openssl/ossl_typ.h.
Reviewed-by: NRich Salz <rsalz@openssl.org>

This moves the definition to crypto/include/internal/evp_int.h and
defines all the necessary method creators, destructors, writers and
accessors.  The name standard for the latter is inspired from the
corresponding functions to manipulate UI methods.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

This change required some special treatment, as HMAC is intertwined
with EVP_MD.  For now, all local HMAC_CTX variables MUST be
initialised with HMAC_CTX_EMPTY, or whatever happens to be on the
stack will be mistaken for actual pointers to EVP_MD_CTX.  This will
change as soon as HMAC_CTX becomes opaque.

Also, since HMAC_CTX_init() can fail now, its return type changes from
void to int, and it will return 0 on failure, 1 on success.
Reviewed-by: NRich Salz <rsalz@openssl.org>

This moves the definitionto crypto/evp/evp_locl.h, along with a few
associated accessor macros.  A few accessor/writer functions added.
Reviewed-by: NRich Salz <rsalz@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

MR: #364

Reviewed-by: NDr. Stephen Henson <steve@openssl.org>

This only gets used to set a specific curve without actually checking that the
peer supports it or not and can therefor result in handshake failures that can
be avoided by selecting a different cipher.
Reviewed-by: NDr. Stephen Henson <steve@openssl.org>

Reviewed-by: NRich Salz <rsalz@openssl.org>

Remove RSA_FLAG_SIGN_VER: this was origininally used to retain binary
compatibility after RSA_METHOD was extended to include rsa_sign and
rsa_verify fields. It is no longer needed.
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Remove sign/verify and required_pkey_type fields of EVP_MD: these are a
legacy from when digests were linked to public key types. All signing is
now handled by the corresponding EVP_PKEY_METHOD.

Only allow supported digest types in RSA EVP_PKEY_METHOD: other algorithms
already block unsupported types.

Remove now obsolete EVP_dss1() and EVP_ecdsa().
Reviewed-by: NRichard Levitte <levitte@openssl.org>

Reviewed-by: NRichard Levitte <levitte@openssl.org>

Add CRYPTO_free_ex_index (for shared libraries)
Unify and complete the documentation for all "ex_data" API's and objects.
Replace xxx_get_ex_new_index functions with a macro.
Added an exdata test.
Renamed the ex_data internal datatypes.
Reviewed-by: NMatt Caswell <matt@openssl.org>

Reviewed-by: NMatt Caswell <matt@openssl.org>

Now that X509_VERIFY_PARAM is opaque X509_VERIFY_PARAM_ID is no longer
needed.
Reviewed-by: NTim Hudson <tjh@openssl.org>

Following on from the previous commit this adds some documentation for the
BN_with_flags function which is easy to misuse.
Reviewed-by: NEmilia Käsper <emilia@openssl.org>

Reviewed-by: NTim Hudson <tjh@openssl.org>

Add a ctrl to EVP_md5_sha1() to handle the additional operations needed
to handle SSL v3 client authentication and finished message.
Reviewed-by: NTim Hudson <tjh@openssl.org>

Add digest combining MD5 and SHA1. This is used by RSA signatures for
TLS 1.1 and earlier.
Reviewed-by: NTim Hudson <tjh@openssl.org>

This patch contains the necessary changes to provide GOST 2012
ciphersuites in TLS. It requires the use of an external GOST 2012 engine.
Reviewed-by: NMatt Caswell <matt@openssl.org>
Reviewed-by: NRich Salz <rsalz@openssl.org>

During rebasing of the async changes some error codes ended up being
duplicated so that "make errors" fails. This removes the duplication.
Reviewed-by: NRich Salz <rsalz@openssl.org>
Reviewed-by: NStephen Henson <steve@openssl.org>

Implements Thread Local Storage in the windows async port. This also has
some knock on effects to the posix and null implementations.
Reviewed-by: NRich Salz <rsalz@openssl.org>

In theory the pthreads approach for Thread Local Storage should be more
portable.

This also changes some APIs in order to accommodate this change. In
particular ASYNC_init_pool is renamed ASYNC_init_thread and
ASYNC_free_pool is renamed ASYNC_cleanup_thread. Also introduced ASYNC_init
and ASYNC_cleanup.
Reviewed-by: NRich Salz <rsalz@openssl.org>