| #
aac96e27 |
| 31-May-2019 |
Rich Salz |
Remove function name from errors
Deprecate all xxx_F_ defines.
Removed some places that tested for a specific function.
Use empty field for the function names in output.
Update d
Remove function name from errors
Deprecate all xxx_F_ defines.
Removed some places that tested for a specific function.
Use empty field for the function names in output.
Update documentation.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9058)
show more ...
|
| #
b481fbe6 |
| 14-Jul-2019 |
Pauli |
Coverity #1451595: use correct free function.
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/9362)
|
| #
c2969ff6 |
| 02-Jul-2019 |
Antoine Cœur |
Fix Typos
CLA: trivial
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/ope
Fix Typos
CLA: trivial
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/9288)
show more ...
|
| #
6b10d29c |
| 20-Jun-2019 |
Rich Salz |
Remove NextStep support
Because of that we can remove OPENSSL_UNISTD and some other
macros from e_os2.h and opensslconf.h
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-
Remove NextStep support
Because of that we can remove OPENSSL_UNISTD and some other
macros from e_os2.h and opensslconf.h
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9204)
show more ...
|
| #
9a131ad7 |
| 28-Jun-2019 |
Matt Caswell |
Change RC5_32_set_key to return an int type
If the key is too long we now return an error.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/
Change RC5_32_set_key to return an int type
If the key is too long we now return an error.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8834)
show more ...
|
| #
5d238a10 |
| 13-Apr-2019 |
Bernd Edlinger |
Fix a crash in the speed command with wrap ciphers
e.g. openssl speed -evp id-aes256-wrap-pad
was crashing because the return code from EVP_CipherInit_ex
was ignored.
Not going t
Fix a crash in the speed command with wrap ciphers
e.g. openssl speed -evp id-aes256-wrap-pad
was crashing because the return code from EVP_CipherInit_ex
was ignored.
Not going to allow that cipher mode because wrap ciphers
produces more bytes output than the input length
and EVP_Update_loop is not really prepared for that.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8739)
show more ...
|
| #
fd367b4c |
| 09-Apr-2019 |
Matt Caswell |
Deprecate AES_ige_encrypt() and AES_bi_ige_encrypt()
These undocumented functions were never integrated into the EVP layer
and implement the AES Infinite Garble Extension (IGE) mode and
Deprecate AES_ige_encrypt() and AES_bi_ige_encrypt()
These undocumented functions were never integrated into the EVP layer
and implement the AES Infinite Garble Extension (IGE) mode and AES
Bi-directional IGE mode. These modes were never formally standardised
and usage of these functions is believed to be very small. In particular
AES_bi_ige_encrypt() has a known bug. It accepts 2 AES keys, but only
one is ever used. The security implications are believed to be minimal,
but this issue was never fixed for backwards compatibility reasons.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8710)
show more ...
|
| #
9bba2c4c |
| 10-Apr-2019 |
Bernd Edlinger |
Add CMAC speed measurements
usage: openssl speed -cmac aes128
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8721)
|
| #
f5c99167 |
| 05-Mar-2019 |
Vitezslav Cizek |
apps/speed.c: properly address NO_EC2M on systems without SIGALRM
The ecdh_c array is allocated of the same size as ecdh_choices,
whose size depends on whether the support for binary cur
apps/speed.c: properly address NO_EC2M on systems without SIGALRM
The ecdh_c array is allocated of the same size as ecdh_choices,
whose size depends on whether the support for binary curves is enabled
or not. (The same goes for ecdsa_c).
On systems without SIGALRM, ecdh_c is indexed by predefined constants
intended for representing the index of the ciphers in the ecdh_choices
array.
However, in case of NO_EC2M some of the #defined constants won't match
and would actually access the ecdh_c out-of-bounds.
Use enum instead of a macro to define the curve indexes so they're
within the bounds of the ecdh_c array.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8422)
show more ...
|
| #
d61f489b |
| 05-Mar-2019 |
Vitezslav Cizek |
apps/speed.c: skip binary curves when compiling with OPENSSL_NO_EC2M
openssl speed doesn't take into account that the library could be
compiled without the support for the binary curves
apps/speed.c: skip binary curves when compiling with OPENSSL_NO_EC2M
openssl speed doesn't take into account that the library could be
compiled without the support for the binary curves and happily uses
them, which results in EC_GROUP_new_by_curve_name() errors.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8422)
show more ...
|
| #
5c8b7b4c |
| 20-Dec-2018 |
Klotz, Tobias |
Cleanup vxworks support to be able to compile for VxWorks 7
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from
Cleanup vxworks support to be able to compile for VxWorks 7
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/7569)
show more ...
|
|
Revision tags: OpenSSL_1_1_1-pre6, OpenSSL_1_1_1-pre5, OpenSSL_1_1_1-pre4, OpenSSL_1_0_2o, OpenSSL_1_1_0h, OpenSSL_1_1_1-pre3, OpenSSL_1_1_1-pre2, OpenSSL_1_1_1-pre1, OpenSSL_1_0_2n, OpenSSL_1_0_2m, OpenSSL_1_1_0g, OpenSSL_1_0_2l, OpenSSL_1_1_0f |
|
| #
b1ceb439 |
| 19-May-2017 |
Todd Short |
Add RFC5297 AES-SIV support
Based originally on github.com/dfoxfranke/libaes_siv
This creates an SIV128 mode that uses EVP interfaces for the CBC, CTR
and CMAC code to reduce co
Add RFC5297 AES-SIV support
Based originally on github.com/dfoxfranke/libaes_siv
This creates an SIV128 mode that uses EVP interfaces for the CBC, CTR
and CMAC code to reduce complexity at the cost of perfomance. The
expected use is for short inputs, not TLS-sized records.
Add multiple AAD input capacity in the EVP tests.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/3540)
show more ...
|
| #
dffa7520 |
| 06-Dec-2018 |
Richard Levitte |
Following the license change, modify the boilerplates in apps/
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7765)
|
| #
3a63dbef |
| 27-Sep-2018 |
Richard Levitte |
Switch to MAJOR.MINOR.PATCH versioning and version 3.0.0-dev
We're strictly use version numbers of the form MAJOR.MINOR.PATCH.
Letter releases are things of days past.
The most
Switch to MAJOR.MINOR.PATCH versioning and version 3.0.0-dev
We're strictly use version numbers of the form MAJOR.MINOR.PATCH.
Letter releases are things of days past.
The most central change is that we now express the version number with
three macros, one for each part of the version number:
OPENSSL_VERSION_MAJOR
OPENSSL_VERSION_MINOR
OPENSSL_VERSION_PATCH
We also provide two additional macros to express pre-release and build
metadata information (also specified in semantic versioning):
OPENSSL_VERSION_PRE_RELEASE
OPENSSL_VERSION_BUILD_METADATA
To get the library's idea of all those values, we introduce the
following functions:
unsigned int OPENSSL_version_major(void);
unsigned int OPENSSL_version_minor(void);
unsigned int OPENSSL_version_patch(void);
const char *OPENSSL_version_pre_release(void);
const char *OPENSSL_version_build_metadata(void);
Additionally, for shared library versioning (which is out of scope in
semantic versioning, but that we still need):
OPENSSL_SHLIB_VERSION
We also provide a macro that contains the release date. This is not
part of the version number, but is extra information that we want to
be able to display:
OPENSSL_RELEASE_DATE
Finally, also provide the following convenience functions:
const char *OPENSSL_version_text(void);
const char *OPENSSL_version_text_full(void);
The following macros and functions are deprecated, and while currently
existing for backward compatibility, they are expected to disappear:
OPENSSL_VERSION_NUMBER
OPENSSL_VERSION_TEXT
OPENSSL_VERSION
OpenSSL_version_num()
OpenSSL_version()
Also, this function is introduced to replace OpenSSL_version() for all
indexes except for OPENSSL_VERSION:
OPENSSL_info()
For configuration, the option 'newversion-only' is added to disable all
the macros and functions that are mentioned as deprecated above.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7724)
show more ...
|
| #
628ee796 |
| 09-Oct-2018 |
Tomas Mraz |
Fix copy&paste error found in Coverity scan
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openss
Fix copy&paste error found in Coverity scan
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7377)
show more ...
|
| #
f88b9b79 |
| 14-Aug-2018 |
Pauli |
Speed for HMACs.
Add support for HMAC over any evp supported digest.
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6945)
|
| #
52307f94 |
| 10-Sep-2018 |
Matt Caswell |
Don't cast an int * to a size_t *
If sizeof(int) != sizeof(size_t) this may not work correctly.
Fixes a Coverity issue.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Don't cast an int * to a size_t *
If sizeof(int) != sizeof(size_t) this may not work correctly.
Fixes a Coverity issue.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7168)
show more ...
|
| #
d3a9fb10 |
| 07-Sep-2018 |
Paul Yang |
Support EdDSA in apps/speed
This addresses issue #6922.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7073)
|
| #
7da84e0f |
| 02-Feb-2018 |
Patrick Steuer |
apps/speed.c: let EVP_Update_loop_ccm behave more like EVP_Update_loop
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Review
apps/speed.c: let EVP_Update_loop_ccm behave more like EVP_Update_loop
Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5246)
show more ...
|
| #
3445872e |
| 24-Jun-2018 |
捷成吴 |
apps/speed.c: add missing checks for RAND_bytes()
Function RAND_bytes() may return 0 or -1 on error, simply
goto end label when it fails.
Fixes #6567
Reviewed-by: Rich
apps/speed.c: add missing checks for RAND_bytes()
Function RAND_bytes() may return 0 or -1 on error, simply
goto end label when it fails.
Fixes #6567
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/6582)
show more ...
|
| #
2fc45cb8 |
| 21-May-2018 |
Andy Polyakov |
apps/speed.c: address asan failure with small -bytes and large -misalign.
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6311)
|
| #
44ca7565 |
| 19-May-2018 |
Andy Polyakov |
apps/speed.c: add -aead flag.
Goal is to exercise AEAD ciphers in TLS-like sequence, i.e. 13-byte
AAD followed by payload. Update doc/man1/speed.pod accordingly.
[While we are a
apps/speed.c: add -aead flag.
Goal is to exercise AEAD ciphers in TLS-like sequence, i.e. 13-byte
AAD followed by payload. Update doc/man1/speed.pod accordingly.
[While we are at it, address even some styling and readability issues.]
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6311)
show more ...
|
| #
ffcca684 |
| 19-May-2018 |
Andy Polyakov |
apps/speed.c: clean up SIGARM handling.
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6311)
|
| #
8e51a340 |
| 21-May-2018 |
Rich Salz |
Check malloc failure via app_malloc
Thanks to GitHUb user murugesandins for reporting this.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/
Check malloc failure via app_malloc
Thanks to GitHUb user murugesandins for reporting this.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6322)
show more ...
|
| #
1c534560 |
| 08-May-2018 |
FdaSilvaYY |
apps/speed: Add brainpool curves support
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pul
apps/speed: Add brainpool curves support
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6133)
show more ...
|
