#
72a85c17 |
| 28-Jul-2022 |
Arne Schwabe |
Fix wrong default algorithm in openssl pkcs12 help The default that pkcs12 -export uses is SHA256 and not SHA1. CLA: Trivial Reviewed-by: Todd Short <todd.short@me.com>
Fix wrong default algorithm in openssl pkcs12 help The default that pkcs12 -export uses is SHA256 and not SHA1. CLA: Trivial Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18904)
show more ...
|
#
e393064e |
| 14-Jun-2022 |
Kan |
Update the default macsaltlen and Add the configure for macsaltlen Fixed #18489 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by
Update the default macsaltlen and Add the configure for macsaltlen Fixed #18489 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18550)
show more ...
|
#
fecb3aae |
| 03-May-2022 |
Matt Caswell |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> Release: yes
|
#
2c272447 |
| 24-Aug-2021 |
Dr. David von Oheimb |
APPS: Add check for multiple 'unknown' options Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/16416)
|
#
870871e5 |
| 24-Aug-2021 |
Dr. David von Oheimb |
PKCS12 app: Improve readability w.r.t. enc_flag, renamed to enc_name Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/16416)
|
#
79b2a2f2 |
| 18-Dec-2021 |
Dr. David von Oheimb |
add OSSL_STACK_OF_X509_free() for commonly used pattern Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17307)
|
#
d9f07357 |
| 27-Aug-2021 |
Dr. David von Oheimb |
APPS: Improve diagnostics on missing/extra args and unknown cipher/digest Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16450)
|
#
adbd77f6 |
| 17-Aug-2021 |
Dr. David von Oheimb |
X509: Fix handling of AKID and SKID extensions according to configuration Fixes #16300 Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.o
X509: Fix handling of AKID and SKID extensions according to configuration Fixes #16300 Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/16342)
show more ...
|
#
2bdab811 |
| 31-Aug-2021 |
Tomas Mraz |
apps/pkcs12: Do not assume null termination of ASN1_UTF8STRING Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https:/
apps/pkcs12: Do not assume null termination of ASN1_UTF8STRING Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/16433)
show more ...
|
#
be618c7c |
| 05-Jul-2021 |
Matt Caswell |
Don't add the first pkcs12 certificate multiple times This fixes a regression introduced by commit 1d6c867. When exporting a set of certificates to a PKCS12 file we shouldn't add the fir
Don't add the first pkcs12 certificate multiple times This fixes a regression introduced by commit 1d6c867. When exporting a set of certificates to a PKCS12 file we shouldn't add the first one twice. Also we restore historic behaviour with respect to the canames option where we have no ee certificate with key. Fixes #15983 Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16001)
show more ...
|
#
a89835f7 |
| 15-Jun-2021 |
Pauli |
apps: use get_cipher_any() instead of get_cipher() for commands that support these ciphers/modes Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/opens
apps: use get_cipher_any() instead of get_cipher() for commands that support these ciphers/modes Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15747)
show more ...
|
#
09495e43 |
| 10-Jun-2021 |
Pauli |
pkcs12: use the app's libctx and property query when searching for algorithms Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15687)
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16 |
|
#
b0f96018 |
| 01-May-2021 |
Dr. David von Oheimb |
APPS: Replace 'OPT_ERR = -1, OPT_EOF = 0, OPT_HELP' by OPT_COMMON macro Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15111)
|
#
c7d848e2 |
| 29-Apr-2021 |
Pauli |
remove end of line whitespace Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14434)
|
Revision tags: openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13, openssl-3.0.0-alpha12 |
|
#
b536880c |
| 17-Feb-2021 |
Jon Spillett |
Add library context and property query support into the PKCS12 API Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.
Add library context and property query support into the PKCS12 API Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14434)
show more ...
|
#
d830526c |
| 21-Apr-2021 |
Dr. David von Oheimb |
APPS: Improve diagnostics for string options and options expecting int >= 0 Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14970)
|
#
606a417f |
| 17-Feb-2021 |
Rich Salz |
Fetch and free cipher and md's Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/p
Fetch and free cipher and md's Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/14219)
show more ...
|
#
3ad60309 |
| 03-Apr-2021 |
Dr. David von Oheimb |
APPS: make apps strict on app_RAND_load() and app_RAND_write() failure Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14840)
|
#
ea51096e |
| 05-Mar-2021 |
Tomas Mraz |
apps: Add maybe_stdin argument to load_certs and set it in pkcs12 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://
apps: Add maybe_stdin argument to load_certs and set it in pkcs12 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14449)
show more ...
|
#
3711f4c3 |
| 11-Mar-2021 |
Tobias Nießen |
Fix option description for PKCS#12 export Refs: https://github.com/openssl/openssl/pull/4930 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.or
Fix option description for PKCS#12 export Refs: https://github.com/openssl/openssl/pull/4930 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14520)
show more ...
|
#
762970bd |
| 05-Mar-2021 |
Tomas Mraz |
Change default algorithms in PKCS12_create() and PKCS12_set_mac() Use the modern defaults as now set in the pkcs12 app. This also allows modifying the application to not override the def
Change default algorithms in PKCS12_create() and PKCS12_set_mac() Use the modern defaults as now set in the pkcs12 app. This also allows modifying the application to not override the default values when calling the API. Fixes #14034 Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/14450)
show more ...
|
#
889ad4ef |
| 05-Mar-2021 |
Tomas Mraz |
apps/pkcs12: Allow continuing on absent mac Just print a warning in that case. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14
apps/pkcs12: Allow continuing on absent mac Just print a warning in that case. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14445)
show more ...
|
#
5e9a8678 |
| 05-Mar-2021 |
Tomas Mraz |
apps/pkcs12: Detect missing PKCS12KDF support on import Report error message with hint to use -nomacver if MAC verification is not required. Reviewed-by: Paul Dale <pauli@openss
apps/pkcs12: Detect missing PKCS12KDF support on import Report error message with hint to use -nomacver if MAC verification is not required. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14445)
show more ...
|
#
913f9d5e |
| 05-Mar-2021 |
Tomas Mraz |
apps/pkcs12: Properly detect MAC setup failure The MAC requires PKCS12KDF support which is not present in FIPS provider as it is not an approved KDF algorithm. Suggest using -nomac i
apps/pkcs12: Properly detect MAC setup failure The MAC requires PKCS12KDF support which is not present in FIPS provider as it is not an approved KDF algorithm. Suggest using -nomac if MAC is not required. Fixes #14057 Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14445)
show more ...
|
#
a28d06f3 |
| 18-Feb-2021 |
Matt Caswell |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14235)
|