crypto: Replace HTTP links with HTTPS ones

Rationale:
Reduces attack surface on kernel devs opening the links for MITM
as HTTPS traffic is much harder to manipulate.

Deterministic algorithm:
For each file:
  If not .svg:
    For each line:
      If doesn't contain `\bxmlns\b`:
        For each link, `\bhttp://[^# \t\r\n]*(?:\w|/)`:
	  If neither `\bgnu\.org/license`, nor `\bmozilla\.org/MPL\b`:
            If both the HTTP and HTTPS versions
            return 200 OK and serve the same content:
              Replace HTTP with HTTPS.

Signed-off-by: Alexander A. Klimov <grandmaster@al2klimov.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This commit is contained in:
Alexander A. Klimov 2020-07-19 18:49:59 +02:00 committed by Herbert Xu
parent dd3240a28c
commit 9332a9e739
16 changed files with 43 additions and 43 deletions

View File

@ -169,7 +169,7 @@ Portions of this API were derived from the following projects:
and; and;
Nettle (http://www.lysator.liu.se/~nisse/nettle/) Nettle (https://www.lysator.liu.se/~nisse/nettle/)
Niels Möller Niels Möller
Original developers of the crypto algorithms: Original developers of the crypto algorithms:

View File

@ -23,7 +23,7 @@ user space, however. This includes the difference between synchronous
and asynchronous invocations. The user space API call is fully and asynchronous invocations. The user space API call is fully
synchronous. synchronous.
[1] http://www.chronox.de/libkcapi.html [1] https://www.chronox.de/libkcapi.html
User Space API General Remarks User Space API General Remarks
------------------------------ ------------------------------
@ -384,4 +384,4 @@ Please see [1] for libkcapi which provides an easy-to-use wrapper around
the aforementioned Netlink kernel interface. [1] also contains a test the aforementioned Netlink kernel interface. [1] also contains a test
application that invokes all libkcapi API calls. application that invokes all libkcapi API calls.
[1] http://www.chronox.de/libkcapi.html [1] https://www.chronox.de/libkcapi.html

View File

@ -39,7 +39,7 @@
* CRC32 polynomial:0x04c11db7(BE)/0xEDB88320(LE) * CRC32 polynomial:0x04c11db7(BE)/0xEDB88320(LE)
* PCLMULQDQ is a new instruction in Intel SSE4.2, the reference can be found * PCLMULQDQ is a new instruction in Intel SSE4.2, the reference can be found
* at: * at:
* http://www.intel.com/products/processor/manuals/ * https://www.intel.com/products/processor/manuals/
* Intel(R) 64 and IA-32 Architectures Software Developer's Manual * Intel(R) 64 and IA-32 Architectures Software Developer's Manual
* Volume 2B: Instruction Set Reference, N-Z * Volume 2B: Instruction Set Reference, N-Z
* *

View File

@ -13,7 +13,7 @@
@ Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL @ Written by Andy Polyakov <appro@fy.chalmers.se> for the OpenSSL
@ project. The module is, however, dual licensed under OpenSSL and @ project. The module is, however, dual licensed under OpenSSL and
@ CRYPTOGAMS licenses depending on where you obtain it. For further @ CRYPTOGAMS licenses depending on where you obtain it. For further
@ details see http://www.openssl.org/~appro/cryptogams/. @ details see https://www.openssl.org/~appro/cryptogams/.
@ ==================================================================== @ ====================================================================
@ sha1_block procedure for ARMv4. @ sha1_block procedure for ARMv4.

View File

@ -13,7 +13,7 @@
# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL # Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
# project. The module is, however, dual licensed under OpenSSL and # project. The module is, however, dual licensed under OpenSSL and
# CRYPTOGAMS licenses depending on where you obtain it. For further # CRYPTOGAMS licenses depending on where you obtain it. For further
# details see http://www.openssl.org/~appro/cryptogams/. # details see https://www.openssl.org/~appro/cryptogams/.
# ==================================================================== # ====================================================================
# SHA256 block procedure for ARMv4. May 2007. # SHA256 block procedure for ARMv4. May 2007.

View File

@ -12,7 +12,7 @@
@ Written by Andy Polyakov <appro@openssl.org> for the OpenSSL @ Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
@ project. The module is, however, dual licensed under OpenSSL and @ project. The module is, however, dual licensed under OpenSSL and
@ CRYPTOGAMS licenses depending on where you obtain it. For further @ CRYPTOGAMS licenses depending on where you obtain it. For further
@ details see http://www.openssl.org/~appro/cryptogams/. @ details see https://www.openssl.org/~appro/cryptogams/.
@ ==================================================================== @ ====================================================================
@ SHA256 block procedure for ARMv4. May 2007. @ SHA256 block procedure for ARMv4. May 2007.

View File

@ -13,7 +13,7 @@
# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL # Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
# project. The module is, however, dual licensed under OpenSSL and # project. The module is, however, dual licensed under OpenSSL and
# CRYPTOGAMS licenses depending on where you obtain it. For further # CRYPTOGAMS licenses depending on where you obtain it. For further
# details see http://www.openssl.org/~appro/cryptogams/. # details see https://www.openssl.org/~appro/cryptogams/.
# ==================================================================== # ====================================================================
# SHA512 block procedure for ARMv4. September 2007. # SHA512 block procedure for ARMv4. September 2007.
@ -43,7 +43,7 @@
# terms it's 22.6 cycles per byte, which is disappointing result. # terms it's 22.6 cycles per byte, which is disappointing result.
# Technical writers asserted that 3-way S4 pipeline can sustain # Technical writers asserted that 3-way S4 pipeline can sustain
# multiple NEON instructions per cycle, but dual NEON issue could # multiple NEON instructions per cycle, but dual NEON issue could
# not be observed, see http://www.openssl.org/~appro/Snapdragon-S4.html # not be observed, see https://www.openssl.org/~appro/Snapdragon-S4.html
# for further details. On side note Cortex-A15 processes one byte in # for further details. On side note Cortex-A15 processes one byte in
# 16 cycles. # 16 cycles.

View File

@ -12,7 +12,7 @@
@ Written by Andy Polyakov <appro@openssl.org> for the OpenSSL @ Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
@ project. The module is, however, dual licensed under OpenSSL and @ project. The module is, however, dual licensed under OpenSSL and
@ CRYPTOGAMS licenses depending on where you obtain it. For further @ CRYPTOGAMS licenses depending on where you obtain it. For further
@ details see http://www.openssl.org/~appro/cryptogams/. @ details see https://www.openssl.org/~appro/cryptogams/.
@ ==================================================================== @ ====================================================================
@ SHA512 block procedure for ARMv4. September 2007. @ SHA512 block procedure for ARMv4. September 2007.
@ -42,7 +42,7 @@
@ terms it's 22.6 cycles per byte, which is disappointing result. @ terms it's 22.6 cycles per byte, which is disappointing result.
@ Technical writers asserted that 3-way S4 pipeline can sustain @ Technical writers asserted that 3-way S4 pipeline can sustain
@ multiple NEON instructions per cycle, but dual NEON issue could @ multiple NEON instructions per cycle, but dual NEON issue could
@ not be observed, see http://www.openssl.org/~appro/Snapdragon-S4.html @ not be observed, see https://www.openssl.org/~appro/Snapdragon-S4.html
@ for further details. On side note Cortex-A15 processes one byte in @ for further details. On side note Cortex-A15 processes one byte in
@ 16 cycles. @ 16 cycles.

View File

@ -548,7 +548,7 @@ config CRYPTO_XCBC
select CRYPTO_MANAGER select CRYPTO_MANAGER
help help
XCBC: Keyed-Hashing with encryption algorithm XCBC: Keyed-Hashing with encryption algorithm
http://www.ietf.org/rfc/rfc3566.txt https://www.ietf.org/rfc/rfc3566.txt
http://csrc.nist.gov/encryption/modes/proposedmodes/ http://csrc.nist.gov/encryption/modes/proposedmodes/
xcbc-mac/xcbc-mac-spec.pdf xcbc-mac/xcbc-mac-spec.pdf
@ -561,7 +561,7 @@ config CRYPTO_VMAC
very high speed on 64-bit architectures. very high speed on 64-bit architectures.
See also: See also:
<http://fastcrypto.org/vmac> <https://fastcrypto.org/vmac>
comment "Digest" comment "Digest"
@ -816,7 +816,7 @@ config CRYPTO_RMD128
RIPEMD-160 should be used. RIPEMD-160 should be used.
Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> See <https://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
config CRYPTO_RMD160 config CRYPTO_RMD160
tristate "RIPEMD-160 digest algorithm" tristate "RIPEMD-160 digest algorithm"
@ -833,7 +833,7 @@ config CRYPTO_RMD160
against RIPEMD-160. against RIPEMD-160.
Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> See <https://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
config CRYPTO_RMD256 config CRYPTO_RMD256
tristate "RIPEMD-256 digest algorithm" tristate "RIPEMD-256 digest algorithm"
@ -845,7 +845,7 @@ config CRYPTO_RMD256
(than RIPEMD-128). (than RIPEMD-128).
Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> See <https://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
config CRYPTO_RMD320 config CRYPTO_RMD320
tristate "RIPEMD-320 digest algorithm" tristate "RIPEMD-320 digest algorithm"
@ -857,7 +857,7 @@ config CRYPTO_RMD320
(than RIPEMD-160). (than RIPEMD-160).
Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. Developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel.
See <http://homes.esat.kuleuven.be/~bosselae/ripemd160.html> See <https://homes.esat.kuleuven.be/~bosselae/ripemd160.html>
config CRYPTO_SHA1 config CRYPTO_SHA1
tristate "SHA1 digest algorithm" tristate "SHA1 digest algorithm"
@ -1045,7 +1045,7 @@ config CRYPTO_TGR192
Tiger was developed by Ross Anderson and Eli Biham. Tiger was developed by Ross Anderson and Eli Biham.
See also: See also:
<http://www.cs.technion.ac.il/~biham/Reports/Tiger/>. <https://www.cs.technion.ac.il/~biham/Reports/Tiger/>.
config CRYPTO_WP512 config CRYPTO_WP512
tristate "Whirlpool digest algorithms" tristate "Whirlpool digest algorithms"
@ -1221,7 +1221,7 @@ config CRYPTO_BLOWFISH
designed for use on "large microprocessors". designed for use on "large microprocessors".
See also: See also:
<http://www.schneier.com/blowfish.html> <https://www.schneier.com/blowfish.html>
config CRYPTO_BLOWFISH_COMMON config CRYPTO_BLOWFISH_COMMON
tristate tristate
@ -1230,7 +1230,7 @@ config CRYPTO_BLOWFISH_COMMON
generic c and the assembler implementations. generic c and the assembler implementations.
See also: See also:
<http://www.schneier.com/blowfish.html> <https://www.schneier.com/blowfish.html>
config CRYPTO_BLOWFISH_X86_64 config CRYPTO_BLOWFISH_X86_64
tristate "Blowfish cipher algorithm (x86_64)" tristate "Blowfish cipher algorithm (x86_64)"
@ -1245,7 +1245,7 @@ config CRYPTO_BLOWFISH_X86_64
designed for use on "large microprocessors". designed for use on "large microprocessors".
See also: See also:
<http://www.schneier.com/blowfish.html> <https://www.schneier.com/blowfish.html>
config CRYPTO_CAMELLIA config CRYPTO_CAMELLIA
tristate "Camellia cipher algorithms" tristate "Camellia cipher algorithms"
@ -1441,10 +1441,10 @@ config CRYPTO_SALSA20
Salsa20 stream cipher algorithm. Salsa20 stream cipher algorithm.
Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT Salsa20 is a stream cipher submitted to eSTREAM, the ECRYPT
Stream Cipher Project. See <http://www.ecrypt.eu.org/stream/> Stream Cipher Project. See <https://www.ecrypt.eu.org/stream/>
The Salsa20 stream cipher algorithm is designed by Daniel J. The Salsa20 stream cipher algorithm is designed by Daniel J.
Bernstein <djb@cr.yp.to>. See <http://cr.yp.to/snuffle.html> Bernstein <djb@cr.yp.to>. See <https://cr.yp.to/snuffle.html>
config CRYPTO_CHACHA20 config CRYPTO_CHACHA20
tristate "ChaCha stream cipher algorithms" tristate "ChaCha stream cipher algorithms"
@ -1456,7 +1456,7 @@ config CRYPTO_CHACHA20
ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J. ChaCha20 is a 256-bit high-speed stream cipher designed by Daniel J.
Bernstein and further specified in RFC7539 for use in IETF protocols. Bernstein and further specified in RFC7539 for use in IETF protocols.
This is the portable C implementation of ChaCha20. See also: This is the portable C implementation of ChaCha20. See also:
<http://cr.yp.to/chacha/chacha-20080128.pdf> <https://cr.yp.to/chacha/chacha-20080128.pdf>
XChaCha20 is the application of the XSalsa20 construction to ChaCha20 XChaCha20 is the application of the XSalsa20 construction to ChaCha20
rather than to Salsa20. XChaCha20 extends ChaCha20's nonce length rather than to Salsa20. XChaCha20 extends ChaCha20's nonce length
@ -1509,7 +1509,7 @@ config CRYPTO_SERPENT
variant of Serpent for compatibility with old kerneli.org code. variant of Serpent for compatibility with old kerneli.org code.
See also: See also:
<http://www.cl.cam.ac.uk/~rja14/serpent.html> <https://www.cl.cam.ac.uk/~rja14/serpent.html>
config CRYPTO_SERPENT_SSE2_X86_64 config CRYPTO_SERPENT_SSE2_X86_64
tristate "Serpent cipher algorithm (x86_64/SSE2)" tristate "Serpent cipher algorithm (x86_64/SSE2)"
@ -1528,7 +1528,7 @@ config CRYPTO_SERPENT_SSE2_X86_64
blocks parallel using SSE2 instruction set. blocks parallel using SSE2 instruction set.
See also: See also:
<http://www.cl.cam.ac.uk/~rja14/serpent.html> <https://www.cl.cam.ac.uk/~rja14/serpent.html>
config CRYPTO_SERPENT_SSE2_586 config CRYPTO_SERPENT_SSE2_586
tristate "Serpent cipher algorithm (i586/SSE2)" tristate "Serpent cipher algorithm (i586/SSE2)"
@ -1547,7 +1547,7 @@ config CRYPTO_SERPENT_SSE2_586
blocks parallel using SSE2 instruction set. blocks parallel using SSE2 instruction set.
See also: See also:
<http://www.cl.cam.ac.uk/~rja14/serpent.html> <https://www.cl.cam.ac.uk/~rja14/serpent.html>
config CRYPTO_SERPENT_AVX_X86_64 config CRYPTO_SERPENT_AVX_X86_64
tristate "Serpent cipher algorithm (x86_64/AVX)" tristate "Serpent cipher algorithm (x86_64/AVX)"
@ -1567,7 +1567,7 @@ config CRYPTO_SERPENT_AVX_X86_64
eight blocks parallel using the AVX instruction set. eight blocks parallel using the AVX instruction set.
See also: See also:
<http://www.cl.cam.ac.uk/~rja14/serpent.html> <https://www.cl.cam.ac.uk/~rja14/serpent.html>
config CRYPTO_SERPENT_AVX2_X86_64 config CRYPTO_SERPENT_AVX2_X86_64
tristate "Serpent cipher algorithm (x86_64/AVX2)" tristate "Serpent cipher algorithm (x86_64/AVX2)"
@ -1583,7 +1583,7 @@ config CRYPTO_SERPENT_AVX2_X86_64
blocks parallel using AVX2 instruction set. blocks parallel using AVX2 instruction set.
See also: See also:
<http://www.cl.cam.ac.uk/~rja14/serpent.html> <https://www.cl.cam.ac.uk/~rja14/serpent.html>
config CRYPTO_SM4 config CRYPTO_SM4
tristate "SM4 cipher algorithm" tristate "SM4 cipher algorithm"
@ -1640,7 +1640,7 @@ config CRYPTO_TWOFISH
bits. bits.
See also: See also:
<http://www.schneier.com/twofish.html> <https://www.schneier.com/twofish.html>
config CRYPTO_TWOFISH_COMMON config CRYPTO_TWOFISH_COMMON
tristate tristate
@ -1662,7 +1662,7 @@ config CRYPTO_TWOFISH_586
bits. bits.
See also: See also:
<http://www.schneier.com/twofish.html> <https://www.schneier.com/twofish.html>
config CRYPTO_TWOFISH_X86_64 config CRYPTO_TWOFISH_X86_64
tristate "Twofish cipher algorithm (x86_64)" tristate "Twofish cipher algorithm (x86_64)"
@ -1678,7 +1678,7 @@ config CRYPTO_TWOFISH_X86_64
bits. bits.
See also: See also:
<http://www.schneier.com/twofish.html> <https://www.schneier.com/twofish.html>
config CRYPTO_TWOFISH_X86_64_3WAY config CRYPTO_TWOFISH_X86_64_3WAY
tristate "Twofish cipher algorithm (x86_64, 3-way parallel)" tristate "Twofish cipher algorithm (x86_64, 3-way parallel)"
@ -1699,7 +1699,7 @@ config CRYPTO_TWOFISH_X86_64_3WAY
blocks parallel, utilizing resources of out-of-order CPUs better. blocks parallel, utilizing resources of out-of-order CPUs better.
See also: See also:
<http://www.schneier.com/twofish.html> <https://www.schneier.com/twofish.html>
config CRYPTO_TWOFISH_AVX_X86_64 config CRYPTO_TWOFISH_AVX_X86_64
tristate "Twofish cipher algorithm (x86_64/AVX)" tristate "Twofish cipher algorithm (x86_64/AVX)"
@ -1722,7 +1722,7 @@ config CRYPTO_TWOFISH_AVX_X86_64
eight blocks parallel using the AVX Instruction Set. eight blocks parallel using the AVX Instruction Set.
See also: See also:
<http://www.schneier.com/twofish.html> <https://www.schneier.com/twofish.html>
comment "Compression" comment "Compression"

View File

@ -8,7 +8,7 @@
* *
* - CC0 1.0 Universal : http://creativecommons.org/publicdomain/zero/1.0 * - CC0 1.0 Universal : http://creativecommons.org/publicdomain/zero/1.0
* - OpenSSL license : https://www.openssl.org/source/license.html * - OpenSSL license : https://www.openssl.org/source/license.html
* - Apache 2.0 : http://www.apache.org/licenses/LICENSE-2.0 * - Apache 2.0 : https://www.apache.org/licenses/LICENSE-2.0
* *
* More information about the BLAKE2 hash function can be found at * More information about the BLAKE2 hash function can be found at
* https://blake2.net. * https://blake2.net.

View File

@ -6,7 +6,7 @@
/* /*
* Algorithm Specification * Algorithm Specification
* http://info.isl.ntt.co.jp/crypt/eng/camellia/specifications.html * https://info.isl.ntt.co.jp/crypt/eng/camellia/specifications.html
*/ */
/* /*

View File

@ -940,7 +940,7 @@ static bool ecc_point_is_zero(const struct ecc_point *point)
} }
/* Point multiplication algorithm using Montgomery's ladder with co-Z /* Point multiplication algorithm using Montgomery's ladder with co-Z
* coordinates. From http://eprint.iacr.org/2011/338.pdf * coordinates. From https://eprint.iacr.org/2011/338.pdf
*/ */
/* Double in place */ /* Double in place */

View File

@ -7,7 +7,7 @@
* Design * Design
* ====== * ======
* *
* See http://www.chronox.de/jent.html * See https://www.chronox.de/jent.html
* *
* License * License
* ======= * =======
@ -47,7 +47,7 @@
/* /*
* This Jitterentropy RNG is based on the jitterentropy library * This Jitterentropy RNG is based on the jitterentropy library
* version 2.2.0 provided at http://www.chronox.de/jent.html * version 2.2.0 provided at https://www.chronox.de/jent.html
*/ */
#ifdef __OPTIMIZE__ #ifdef __OPTIMIZE__

View File

@ -9,7 +9,7 @@
*/ */
/* This implementation is checked against the test vectors in the above /* This implementation is checked against the test vectors in the above
* document and by a test vector provided by Ken Buchanan at * document and by a test vector provided by Ken Buchanan at
* http://www.mail-archive.com/stds-p1619@listserv.ieee.org/msg00173.html * https://www.mail-archive.com/stds-p1619@listserv.ieee.org/msg00173.html
* *
* The test vectors are included in the testing module tcrypt.[ch] */ * The test vectors are included in the testing module tcrypt.[ch] */

View File

@ -9,8 +9,8 @@
* Salsa20 is a stream cipher candidate in eSTREAM, the ECRYPT Stream * Salsa20 is a stream cipher candidate in eSTREAM, the ECRYPT Stream
* Cipher Project. It is designed by Daniel J. Bernstein <djb@cr.yp.to>. * Cipher Project. It is designed by Daniel J. Bernstein <djb@cr.yp.to>.
* More information about eSTREAM and Salsa20 can be found here: * More information about eSTREAM and Salsa20 can be found here:
* http://www.ecrypt.eu.org/stream/ * https://www.ecrypt.eu.org/stream/
* http://cr.yp.to/snuffle.html * https://cr.yp.to/snuffle.html
* *
* This program is free software; you can redistribute it and/or modify it * This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free * under the terms of the GNU General Public License as published by the Free

View File

@ -3,7 +3,7 @@
* Cryptographic API. * Cryptographic API.
* *
* SHA-3, as specified in * SHA-3, as specified in
* http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf * https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf
* *
* SHA-3 code by Jeff Garzik <jeff@garzik.org> * SHA-3 code by Jeff Garzik <jeff@garzik.org>
* Ard Biesheuvel <ard.biesheuvel@linaro.org> * Ard Biesheuvel <ard.biesheuvel@linaro.org>