| #
72a85c17 |
| 28-Jul-2022 |
Arne Schwabe |
Fix wrong default algorithm in openssl pkcs12 help
The default that pkcs12 -export uses is SHA256 and not SHA1.
CLA: Trivial
Reviewed-by: Todd Short <todd.short@me.com>
Fix wrong default algorithm in openssl pkcs12 help
The default that pkcs12 -export uses is SHA256 and not SHA1.
CLA: Trivial
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18904)
show more ...
|
| #
e393064e |
| 14-Jun-2022 |
Kan |
Update the default macsaltlen and Add the configure for macsaltlen
Fixed #18489
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by
Update the default macsaltlen and Add the configure for macsaltlen
Fixed #18489
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18550)
show more ...
|
| #
fecb3aae |
| 03-May-2022 |
Matt Caswell |
Update copyright year
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Release: yes
|
| #
2c272447 |
| 24-Aug-2021 |
Dr. David von Oheimb |
APPS: Add check for multiple 'unknown' options
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/16416)
|
| #
870871e5 |
| 24-Aug-2021 |
Dr. David von Oheimb |
PKCS12 app: Improve readability w.r.t. enc_flag, renamed to enc_name
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/16416)
|
| #
79b2a2f2 |
| 18-Dec-2021 |
Dr. David von Oheimb |
add OSSL_STACK_OF_X509_free() for commonly used pattern
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17307)
|
| #
d9f07357 |
| 27-Aug-2021 |
Dr. David von Oheimb |
APPS: Improve diagnostics on missing/extra args and unknown cipher/digest
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16450)
|
| #
adbd77f6 |
| 17-Aug-2021 |
Dr. David von Oheimb |
X509: Fix handling of AKID and SKID extensions according to configuration
Fixes #16300
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.o
X509: Fix handling of AKID and SKID extensions according to configuration
Fixes #16300
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/16342)
show more ...
|
| #
2bdab811 |
| 31-Aug-2021 |
Tomas Mraz |
apps/pkcs12: Do not assume null termination of ASN1_UTF8STRING
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https:/
apps/pkcs12: Do not assume null termination of ASN1_UTF8STRING
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/16433)
show more ...
|
| #
be618c7c |
| 05-Jul-2021 |
Matt Caswell |
Don't add the first pkcs12 certificate multiple times
This fixes a regression introduced by commit 1d6c867. When exporting a set
of certificates to a PKCS12 file we shouldn't add the fir
Don't add the first pkcs12 certificate multiple times
This fixes a regression introduced by commit 1d6c867. When exporting a set
of certificates to a PKCS12 file we shouldn't add the first one twice. Also
we restore historic behaviour with respect to the canames option where we
have no ee certificate with key.
Fixes #15983
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16001)
show more ...
|
| #
a89835f7 |
| 15-Jun-2021 |
Pauli |
apps: use get_cipher_any() instead of get_cipher() for commands that support these ciphers/modes
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/opens
apps: use get_cipher_any() instead of get_cipher() for commands that support these ciphers/modes
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15747)
show more ...
|
| #
09495e43 |
| 10-Jun-2021 |
Pauli |
pkcs12: use the app's libctx and property query when searching for algorithms
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15687)
|
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16 |
|
| #
b0f96018 |
| 01-May-2021 |
Dr. David von Oheimb |
APPS: Replace 'OPT_ERR = -1, OPT_EOF = 0, OPT_HELP' by OPT_COMMON macro
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15111)
|
| #
c7d848e2 |
| 29-Apr-2021 |
Pauli |
remove end of line whitespace
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14434)
|
|
Revision tags: openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13, openssl-3.0.0-alpha12 |
|
| #
b536880c |
| 17-Feb-2021 |
Jon Spillett |
Add library context and property query support into the PKCS12 API
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.
Add library context and property query support into the PKCS12 API
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14434)
show more ...
|
| #
d830526c |
| 21-Apr-2021 |
Dr. David von Oheimb |
APPS: Improve diagnostics for string options and options expecting int >= 0
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14970)
|
| #
606a417f |
| 17-Feb-2021 |
Rich Salz |
Fetch and free cipher and md's
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/p
Fetch and free cipher and md's
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/14219)
show more ...
|
| #
3ad60309 |
| 03-Apr-2021 |
Dr. David von Oheimb |
APPS: make apps strict on app_RAND_load() and app_RAND_write() failure
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14840)
|
| #
ea51096e |
| 05-Mar-2021 |
Tomas Mraz |
apps: Add maybe_stdin argument to load_certs and set it in pkcs12
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://
apps: Add maybe_stdin argument to load_certs and set it in pkcs12
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14449)
show more ...
|
| #
3711f4c3 |
| 11-Mar-2021 |
Tobias Nießen |
Fix option description for PKCS#12 export
Refs: https://github.com/openssl/openssl/pull/4930
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.or
Fix option description for PKCS#12 export
Refs: https://github.com/openssl/openssl/pull/4930
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14520)
show more ...
|
| #
762970bd |
| 05-Mar-2021 |
Tomas Mraz |
Change default algorithms in PKCS12_create() and PKCS12_set_mac()
Use the modern defaults as now set in the pkcs12 app. This also
allows modifying the application to not override the def
Change default algorithms in PKCS12_create() and PKCS12_set_mac()
Use the modern defaults as now set in the pkcs12 app. This also
allows modifying the application to not override the default values
when calling the API.
Fixes #14034
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/14450)
show more ...
|
| #
889ad4ef |
| 05-Mar-2021 |
Tomas Mraz |
apps/pkcs12: Allow continuing on absent mac
Just print a warning in that case.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14
apps/pkcs12: Allow continuing on absent mac
Just print a warning in that case.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14445)
show more ...
|
| #
5e9a8678 |
| 05-Mar-2021 |
Tomas Mraz |
apps/pkcs12: Detect missing PKCS12KDF support on import
Report error message with hint to use -nomacver if
MAC verification is not required.
Reviewed-by: Paul Dale <pauli@openss
apps/pkcs12: Detect missing PKCS12KDF support on import
Report error message with hint to use -nomacver if
MAC verification is not required.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14445)
show more ...
|
| #
913f9d5e |
| 05-Mar-2021 |
Tomas Mraz |
apps/pkcs12: Properly detect MAC setup failure
The MAC requires PKCS12KDF support which is not present
in FIPS provider as it is not an approved KDF algorithm.
Suggest using -nomac i
apps/pkcs12: Properly detect MAC setup failure
The MAC requires PKCS12KDF support which is not present
in FIPS provider as it is not an approved KDF algorithm.
Suggest using -nomac if MAC is not required.
Fixes #14057
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14445)
show more ...
|
| #
a28d06f3 |
| 18-Feb-2021 |
Matt Caswell |
Update copyright year
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14235)
|
