#
c54a6a4b |
| 31-May-2022 |
Dr. David von Oheimb |
apps/x509: add warnings for options ignored when -CA is not specified Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau
apps/x509: add warnings for options ignored when -CA is not specified Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18373)
show more ...
|
#
ec8a3409 |
| 30-May-2022 |
Dr. David von Oheimb |
APPS/x509: With -CA but both -CAserial and -CAcreateserial not given, use random serial. Also improve openssl-x509.pod.in and error handling of load_serial() in apps.c. Reviewed-by:
APPS/x509: With -CA but both -CAserial and -CAcreateserial not given, use random serial. Also improve openssl-x509.pod.in and error handling of load_serial() in apps.c. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18373)
show more ...
|
#
10c78873 |
| 20-May-2022 |
Dr. David von Oheimb |
apps/x509: Fix -CAfile option being neglected with -new or -in Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlanda
apps/x509: Fix -CAfile option being neglected with -new or -in Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18373)
show more ...
|
#
fecb3aae |
| 03-May-2022 |
Matt Caswell |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> Release: yes
|
#
e4cdcb8b |
| 25-Mar-2022 |
Tomas Mraz |
req, x509: Allow printing modulus of RSA-PSS keys Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/open
req, x509: Allow printing modulus of RSA-PSS keys Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17990)
show more ...
|
#
2a6994cf |
| 06-Feb-2022 |
Daniel |
Send auxiliary messages to bio_err. Fixes openssl#17613. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.c
Send auxiliary messages to bio_err. Fixes openssl#17613. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17650)
show more ...
|
#
2c272447 |
| 24-Aug-2021 |
Dr. David von Oheimb |
APPS: Add check for multiple 'unknown' options Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/16416)
|
#
d9f07357 |
| 27-Aug-2021 |
Dr. David von Oheimb |
APPS: Improve diagnostics on missing/extra args and unknown cipher/digest Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16450)
|
#
9567fd38 |
| 23-Nov-2021 |
Rami Khaldi |
x509: Return a nonzero exit code on error when checking ip/email/host In the x509 app when doing the ip/email/host validation of a certificate we return nonzero exit code if the validati
x509: Return a nonzero exit code on error when checking ip/email/host In the x509 app when doing the ip/email/host validation of a certificate we return nonzero exit code if the validation fails. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17022)
show more ...
|
#
adbd77f6 |
| 17-Aug-2021 |
Dr. David von Oheimb |
X509: Fix handling of AKID and SKID extensions according to configuration Fixes #16300 Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.o
X509: Fix handling of AKID and SKID extensions according to configuration Fixes #16300 Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/16342)
show more ...
|
#
9bf1061c |
| 27-Aug-2021 |
Dr. David von Oheimb |
APPS/x509: Fix generation of AKID via v2i_AUTHORITY_KEYID() Fixes #16300 Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16442)
|
#
18e0c544 |
| 05-Oct-2021 |
Dr. David von Oheimb |
apps/x509: Fix self-signed check to happen before setting issuer name Fixes #16720 Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pu
apps/x509: Fix self-signed check to happen before setting issuer name Fixes #16720 Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16747)
show more ...
|
#
611ef4f3 |
| 27-Aug-2021 |
Dr. David von Oheimb |
APPS/{x509,req}: Fix description and diagnostics of -key, -in, etc. options Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16440)
|
#
b4fec69b |
| 25-Aug-2021 |
Dr. David von Oheimb |
APPS/x509: fix -extfile option, which was ignored with -x509toreq Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16417)
|
#
89fe2952 |
| 24-Jun-2021 |
Christian Heimes |
Fix segfault in openssl x509 -modulus The command ``openssl x509 -noout -modulus -in cert.pem`` used to segfaults sometimes because an uninitialized variable was passed to ``BN_lebin
Fix segfault in openssl x509 -modulus The command ``openssl x509 -noout -modulus -in cert.pem`` used to segfaults sometimes because an uninitialized variable was passed to ``BN_lebin2bn``. The bug triggered an assertion in bn_expand_internal(). Fixes: https://github.com/openssl/openssl/issues/15899 Signed-off-by: Christian Heimes <christian@python.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15900)
show more ...
|
#
d4af922c |
| 24-Jun-2021 |
Pauli |
apps: properly initialise arguments to EVP_PKEY_get_bn_param() This avoids use of uninitialised memory. Follow on to #15900 Reviewed-by: Shane Lontis <shane.lontis@oracle.c
apps: properly initialise arguments to EVP_PKEY_get_bn_param() This avoids use of uninitialised memory. Follow on to #15900 Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15908)
show more ...
|
#
e493d6e0 |
| 21-Jun-2021 |
Richard Levitte |
APPS & TEST: Use ossl_[u]intmax_t rather than [u]intmax_t Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15825)
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13 |
|
#
8c5bff22 |
| 01-Mar-2021 |
William Edmisten |
Add support for ISO 8601 datetime format Fixes #5430 Added the configuration file option "date_opt" to the openssl applications ca, crl and x509. Added ASN1_TIME_print_ex wh
Add support for ISO 8601 datetime format Fixes #5430 Added the configuration file option "date_opt" to the openssl applications ca, crl and x509. Added ASN1_TIME_print_ex which supports the new datetime format using the flag ASN1_DTFLGS_ISO8601 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14384)
show more ...
|
#
db70dc2c |
| 31-May-2021 |
Pauli |
apps: remove TODOs Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15539)
|
#
d382e796 |
| 30-Apr-2021 |
Tomas Mraz |
Make the -inform option to be respected if possible Add OSSL_STORE_PARAM_INPUT_TYPE and make it possible to be set when OSSL_STORE_open_ex() or OSSL_STORE_attach() is called. Th
Make the -inform option to be respected if possible Add OSSL_STORE_PARAM_INPUT_TYPE and make it possible to be set when OSSL_STORE_open_ex() or OSSL_STORE_attach() is called. The input type format is enforced only in case the file type file store is used. By default we use FORMAT_UNDEF meaning the input type is not enforced. Fixes #14569 Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15100)
show more ...
|
#
b0f96018 |
| 01-May-2021 |
Dr. David von Oheimb |
APPS: Replace 'OPT_ERR = -1, OPT_EOF = 0, OPT_HELP' by OPT_COMMON macro Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15111)
|
#
28407698 |
| 01-May-2021 |
Dr. David von Oheimb |
APPS: Slightly extend and improve documentation of the opt_ API Also remove redundant opt_name() and make names of opt_{i,u}ntmax() consistent. Reviewed-by: Tomas Mraz <tomas@openss
APPS: Slightly extend and improve documentation of the opt_ API Also remove redundant opt_name() and make names of opt_{i,u}ntmax() consistent. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15111)
show more ...
|
#
91034b68 |
| 24-Apr-2021 |
Petr Gotthard |
apps/ca,req,x509: Switch to EVP_DigestSignInit_ex Switch lib/apps.c do_sign_init() to use EVP_DigestSignInit_ex, so it works with external providers. Since EVP_DigestSignInit_ex requ
apps/ca,req,x509: Switch to EVP_DigestSignInit_ex Switch lib/apps.c do_sign_init() to use EVP_DigestSignInit_ex, so it works with external providers. Since EVP_DigestSignInit_ex requires a digest name instead of an EVP_MD pointer, the apps using do_sign_init() had to be modified to pass char* instead of EVP_MD*. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/15014)
show more ...
|
Revision tags: openssl-3.0.0-alpha12 |
|
#
606a417f |
| 17-Feb-2021 |
Rich Salz |
Fetch and free cipher and md's Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/p
Fetch and free cipher and md's Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/14219)
show more ...
|
#
3ad60309 |
| 03-Apr-2021 |
Dr. David von Oheimb |
APPS: make apps strict on app_RAND_load() and app_RAND_write() failure Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14840)
|