#
aac96e27 |
| 31-May-2019 |
Rich Salz |
Remove function name from errors Deprecate all xxx_F_ defines. Removed some places that tested for a specific function. Use empty field for the function names in output. Update d
Remove function name from errors Deprecate all xxx_F_ defines. Removed some places that tested for a specific function. Use empty field for the function names in output. Update documentation. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9058)
show more ...
|
#
b481fbe6 |
| 14-Jul-2019 |
Pauli |
Coverity #1451595: use correct free function. Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/9362)
|
#
c2969ff6 |
| 02-Jul-2019 |
Antoine Cœur |
Fix Typos CLA: trivial Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/ope
Fix Typos CLA: trivial Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/9288)
show more ...
|
#
6b10d29c |
| 20-Jun-2019 |
Rich Salz |
Remove NextStep support Because of that we can remove OPENSSL_UNISTD and some other macros from e_os2.h and opensslconf.h Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-
Remove NextStep support Because of that we can remove OPENSSL_UNISTD and some other macros from e_os2.h and opensslconf.h Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9204)
show more ...
|
#
9a131ad7 |
| 28-Jun-2019 |
Matt Caswell |
Change RC5_32_set_key to return an int type If the key is too long we now return an error. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/
Change RC5_32_set_key to return an int type If the key is too long we now return an error. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8834)
show more ...
|
#
5d238a10 |
| 13-Apr-2019 |
Bernd Edlinger |
Fix a crash in the speed command with wrap ciphers e.g. openssl speed -evp id-aes256-wrap-pad was crashing because the return code from EVP_CipherInit_ex was ignored. Not going t
Fix a crash in the speed command with wrap ciphers e.g. openssl speed -evp id-aes256-wrap-pad was crashing because the return code from EVP_CipherInit_ex was ignored. Not going to allow that cipher mode because wrap ciphers produces more bytes output than the input length and EVP_Update_loop is not really prepared for that. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8739)
show more ...
|
#
fd367b4c |
| 09-Apr-2019 |
Matt Caswell |
Deprecate AES_ige_encrypt() and AES_bi_ige_encrypt() These undocumented functions were never integrated into the EVP layer and implement the AES Infinite Garble Extension (IGE) mode and
Deprecate AES_ige_encrypt() and AES_bi_ige_encrypt() These undocumented functions were never integrated into the EVP layer and implement the AES Infinite Garble Extension (IGE) mode and AES Bi-directional IGE mode. These modes were never formally standardised and usage of these functions is believed to be very small. In particular AES_bi_ige_encrypt() has a known bug. It accepts 2 AES keys, but only one is ever used. The security implications are believed to be minimal, but this issue was never fixed for backwards compatibility reasons. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8710)
show more ...
|
#
9bba2c4c |
| 10-Apr-2019 |
Bernd Edlinger |
Add CMAC speed measurements usage: openssl speed -cmac aes128 Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8721)
|
#
f5c99167 |
| 05-Mar-2019 |
Vitezslav Cizek |
apps/speed.c: properly address NO_EC2M on systems without SIGALRM The ecdh_c array is allocated of the same size as ecdh_choices, whose size depends on whether the support for binary cur
apps/speed.c: properly address NO_EC2M on systems without SIGALRM The ecdh_c array is allocated of the same size as ecdh_choices, whose size depends on whether the support for binary curves is enabled or not. (The same goes for ecdsa_c). On systems without SIGALRM, ecdh_c is indexed by predefined constants intended for representing the index of the ciphers in the ecdh_choices array. However, in case of NO_EC2M some of the #defined constants won't match and would actually access the ecdh_c out-of-bounds. Use enum instead of a macro to define the curve indexes so they're within the bounds of the ecdh_c array. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8422)
show more ...
|
#
d61f489b |
| 05-Mar-2019 |
Vitezslav Cizek |
apps/speed.c: skip binary curves when compiling with OPENSSL_NO_EC2M openssl speed doesn't take into account that the library could be compiled without the support for the binary curves
apps/speed.c: skip binary curves when compiling with OPENSSL_NO_EC2M openssl speed doesn't take into account that the library could be compiled without the support for the binary curves and happily uses them, which results in EC_GROUP_new_by_curve_name() errors. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8422)
show more ...
|
#
5c8b7b4c |
| 20-Dec-2018 |
Klotz, Tobias |
Cleanup vxworks support to be able to compile for VxWorks 7 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from
Cleanup vxworks support to be able to compile for VxWorks 7 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/7569)
show more ...
|
Revision tags: OpenSSL_1_1_1-pre6, OpenSSL_1_1_1-pre5, OpenSSL_1_1_1-pre4, OpenSSL_1_0_2o, OpenSSL_1_1_0h, OpenSSL_1_1_1-pre3, OpenSSL_1_1_1-pre2, OpenSSL_1_1_1-pre1, OpenSSL_1_0_2n, OpenSSL_1_0_2m, OpenSSL_1_1_0g, OpenSSL_1_0_2l, OpenSSL_1_1_0f |
|
#
b1ceb439 |
| 19-May-2017 |
Todd Short |
Add RFC5297 AES-SIV support Based originally on github.com/dfoxfranke/libaes_siv This creates an SIV128 mode that uses EVP interfaces for the CBC, CTR and CMAC code to reduce co
Add RFC5297 AES-SIV support Based originally on github.com/dfoxfranke/libaes_siv This creates an SIV128 mode that uses EVP interfaces for the CBC, CTR and CMAC code to reduce complexity at the cost of perfomance. The expected use is for short inputs, not TLS-sized records. Add multiple AAD input capacity in the EVP tests. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/3540)
show more ...
|
#
dffa7520 |
| 06-Dec-2018 |
Richard Levitte |
Following the license change, modify the boilerplates in apps/ Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7765)
|
#
3a63dbef |
| 27-Sep-2018 |
Richard Levitte |
Switch to MAJOR.MINOR.PATCH versioning and version 3.0.0-dev We're strictly use version numbers of the form MAJOR.MINOR.PATCH. Letter releases are things of days past. The most
Switch to MAJOR.MINOR.PATCH versioning and version 3.0.0-dev We're strictly use version numbers of the form MAJOR.MINOR.PATCH. Letter releases are things of days past. The most central change is that we now express the version number with three macros, one for each part of the version number: OPENSSL_VERSION_MAJOR OPENSSL_VERSION_MINOR OPENSSL_VERSION_PATCH We also provide two additional macros to express pre-release and build metadata information (also specified in semantic versioning): OPENSSL_VERSION_PRE_RELEASE OPENSSL_VERSION_BUILD_METADATA To get the library's idea of all those values, we introduce the following functions: unsigned int OPENSSL_version_major(void); unsigned int OPENSSL_version_minor(void); unsigned int OPENSSL_version_patch(void); const char *OPENSSL_version_pre_release(void); const char *OPENSSL_version_build_metadata(void); Additionally, for shared library versioning (which is out of scope in semantic versioning, but that we still need): OPENSSL_SHLIB_VERSION We also provide a macro that contains the release date. This is not part of the version number, but is extra information that we want to be able to display: OPENSSL_RELEASE_DATE Finally, also provide the following convenience functions: const char *OPENSSL_version_text(void); const char *OPENSSL_version_text_full(void); The following macros and functions are deprecated, and while currently existing for backward compatibility, they are expected to disappear: OPENSSL_VERSION_NUMBER OPENSSL_VERSION_TEXT OPENSSL_VERSION OpenSSL_version_num() OpenSSL_version() Also, this function is introduced to replace OpenSSL_version() for all indexes except for OPENSSL_VERSION: OPENSSL_info() For configuration, the option 'newversion-only' is added to disable all the macros and functions that are mentioned as deprecated above. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7724)
show more ...
|
#
628ee796 |
| 09-Oct-2018 |
Tomas Mraz |
Fix copy&paste error found in Coverity scan Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openss
Fix copy&paste error found in Coverity scan Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7377)
show more ...
|
#
f88b9b79 |
| 14-Aug-2018 |
Pauli |
Speed for HMACs. Add support for HMAC over any evp supported digest. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6945)
|
#
52307f94 |
| 10-Sep-2018 |
Matt Caswell |
Don't cast an int * to a size_t * If sizeof(int) != sizeof(size_t) this may not work correctly. Fixes a Coverity issue. Reviewed-by: Richard Levitte <levitte@openssl.org>
Don't cast an int * to a size_t * If sizeof(int) != sizeof(size_t) this may not work correctly. Fixes a Coverity issue. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7168)
show more ...
|
#
d3a9fb10 |
| 07-Sep-2018 |
Paul Yang |
Support EdDSA in apps/speed This addresses issue #6922. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7073)
|
#
7da84e0f |
| 02-Feb-2018 |
Patrick Steuer |
apps/speed.c: let EVP_Update_loop_ccm behave more like EVP_Update_loop Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Tim Hudson <tjh@openssl.org> Review
apps/speed.c: let EVP_Update_loop_ccm behave more like EVP_Update_loop Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5246)
show more ...
|
#
3445872e |
| 24-Jun-2018 |
捷成吴 |
apps/speed.c: add missing checks for RAND_bytes() Function RAND_bytes() may return 0 or -1 on error, simply goto end label when it fails. Fixes #6567 Reviewed-by: Rich
apps/speed.c: add missing checks for RAND_bytes() Function RAND_bytes() may return 0 or -1 on error, simply goto end label when it fails. Fixes #6567 Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/6582)
show more ...
|
#
2fc45cb8 |
| 21-May-2018 |
Andy Polyakov |
apps/speed.c: address asan failure with small -bytes and large -misalign. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6311)
|
#
44ca7565 |
| 19-May-2018 |
Andy Polyakov |
apps/speed.c: add -aead flag. Goal is to exercise AEAD ciphers in TLS-like sequence, i.e. 13-byte AAD followed by payload. Update doc/man1/speed.pod accordingly. [While we are a
apps/speed.c: add -aead flag. Goal is to exercise AEAD ciphers in TLS-like sequence, i.e. 13-byte AAD followed by payload. Update doc/man1/speed.pod accordingly. [While we are at it, address even some styling and readability issues.] Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6311)
show more ...
|
#
ffcca684 |
| 19-May-2018 |
Andy Polyakov |
apps/speed.c: clean up SIGARM handling. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6311)
|
#
8e51a340 |
| 21-May-2018 |
Rich Salz |
Check malloc failure via app_malloc Thanks to GitHUb user murugesandins for reporting this. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/
Check malloc failure via app_malloc Thanks to GitHUb user murugesandins for reporting this. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6322)
show more ...
|
#
1c534560 |
| 08-May-2018 |
FdaSilvaYY |
apps/speed: Add brainpool curves support Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pul
apps/speed: Add brainpool curves support Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6133)
show more ...
|