cmp_vfy.c - OpenGrok history log for /openssl/crypto/cmp/cmp

Revision (<<< Hide revision tags) (Show revision tags >>>)	Date	Author	Comments
# aeadd298	01-Aug-2022	Dr. David von Oheimb	CMP: fix crash in check_transactionID_or_nonce() on 'actual' being NULL Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: David vo CMP: fix crash in check_transactionID_or_nonce() on 'actual' being NULL Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18929) show more ...
# b6fbef11	14-Dec-2021	Dr. David von Oheimb	Add OSSL_CMP_CTX_get0_validatedSrvCert(), correcting OSSL_CMP_validate_msg() Also change ossl_cmp_ctx_set0_validatedSrvCert() to ossl_cmp_ctx_set1_validatedSrvCert(), and add respective Add OSSL_CMP_CTX_get0_validatedSrvCert(), correcting OSSL_CMP_validate_msg() Also change ossl_cmp_ctx_set0_validatedSrvCert() to ossl_cmp_ctx_set1_validatedSrvCert(), and add respective tests as well as the -srvcertout CLI option using the new function. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18656) show more ...
# c4ad4e5b	04-May-2022	Dr. David von Oheimb	CMP: introduce version 3, while version 2 stays the default Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@o CMP: introduce version 3, while version 2 stays the default Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18294) show more ...
# fecb3aae	03-May-2022	Matt Caswell	Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> Release: yes
# e304aa87	02-Jan-2022	Dimitris Apostolou	Fix typos Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17392)
# 79b2a2f2	18-Dec-2021	Dr. David von Oheimb	add OSSL_STACK_OF_X509_free() for commonly used pattern Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17307)
# e4699711	09-Dec-2021	Dr. David von Oheimb	ossl_cmp_msg_check_update(): align recipNone check with improved transactionID check Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17251)
# ecf60b9e	01-Dec-2021	x2018	remove redundant ERR_raise Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from remove redundant ERR_raise Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17175) show more ...
# 318e9799	01-Dec-2021	x2018	check the return value of BIO_new() in t_x509.c:471 & cmp_vfy.c:36 Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul D check the return value of BIO_new() in t_x509.c:471 & cmp_vfy.c:36 Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17175) show more ...
# a3ea35c2	07-Dec-2021	Dr. David von Oheimb	CMP check_msg_find_cert(): improve diagnostics on transactionID mismatch On this occasion, make use of i2s_ASN1_OCTET_STRING() wherever possible Reviewed-by: Paul Dale <pauli@openss CMP check_msg_find_cert(): improve diagnostics on transactionID mismatch On this occasion, make use of i2s_ASN1_OCTET_STRING() wherever possible Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17224) show more ...
# 374d5cf2	11-Oct-2021	Tomas Mraz	cmp_vfy.c, encoder_lib.c: Fix potential leak of a BIO Fixes #16787 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merg cmp_vfy.c, encoder_lib.c: Fix potential leak of a BIO Fixes #16787 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/16804) show more ...
# 7df56ada	16-Jun-2021	Dr. David von Oheimb	CMP: Add missing getter functions to CRMF API and CMP API Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl. CMP: Add missing getter functions to CRMF API and CMP API Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15790) show more ...
# 75e1191f	31-May-2021	Pauli	cmp: remove TODOs Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15539)
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13
# 4669015d	09-Mar-2021	Shane Lontis	Add ossl_ x509 symbols Partial fix for #12964 Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14473)
# 8020d79b	11-Mar-2021	Matt Caswell	Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14512)
Revision tags: openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11, openssl-3.0.0-alpha10
# daf1300b	23-Dec-2020	Dr. David von Oheimb	Add internal X509_add_certs_new(), which simplifies matters Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14039)
Revision tags: OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8
# 9311d0c4	04-Nov-2020	Richard Levitte	Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call This includes error reporting for libcrypto sub-libraries in surprising places. This was done using ut Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call This includes error reporting for libcrypto sub-libraries in surprising places. This was done using util/err-to-raise Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13318) show more ...
Revision tags: openssl-3.0.0-alpha7
# d8652be0	24-Sep-2020	Matt Caswell	Run the withlibctx.pl script Automatically rename all instances of _with_libctx() to _ex() as per our coding style. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged fro Run the withlibctx.pl script Automatically rename all instances of _with_libctx() to _ex() as per our coding style. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12970) show more ...
Revision tags: OpenSSL_1_1_1h
# e6623cfb	03-Sep-2020	Matt Caswell	Fix safestack issues in x509.h Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/1 Fix safestack issues in x509.h Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12781) show more ...
# b434b2c0	28-Aug-2020	Dr. David von Oheimb	Allow unauthenticated CMP server if missing -trusted, -srvcert, and -secret options Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pu Allow unauthenticated CMP server if missing -trusted, -srvcert, and -secret options Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12806) show more ...
# 0b86eefd	28-Aug-2020	Dr. David von Oheimb	OSSL_CMP_CTX: rename field and its getter/setter from 'untrusted_certs' to 'untrusted Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12 OSSL_CMP_CTX: rename field and its getter/setter from 'untrusted_certs' to 'untrusted Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12788) show more ...
# 1a5ae1da	26-Aug-2020	Dr. David von Oheimb	Add -verbosity option to apps/cmp.c and add log output also in crypto/cmp * In the cmp app so far the -verbosity option had been missing. * Extend log output helpful for debugging CMP ap Add -verbosity option to apps/cmp.c and add log output also in crypto/cmp * In the cmp app so far the -verbosity option had been missing. * Extend log output helpful for debugging CMP applications in setup_ssl_ctx() of the cmp app, ossl_cmp_msg_add_extraCerts(), OSSL_CMP_validate_msg(), and OSSL_CMP_MSG_http_perform(). * Correct suppression of log output with insufficient severity. * Add logging/severity level OSSL_CMP_LOG_TRACE = OSSL_CMP_LOG_MAX. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12739) show more ...
# 6d1f50b5	13-Aug-2020	Dr. David von Oheimb	Use in CMP+CRMF libctx and propq param added to sign/verify/HMAC/decrypt Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11808)
Revision tags: openssl-3.0.0-alpha6, openssl-3.0.0-alpha5, openssl-3.0.0-alpha4, openssl-3.0.0-alpha3, openssl-3.0.0-alpha2
# 28e9f62b	13-May-2020	Dr. David von Oheimb	cmp_util.c: Add OPENSSL_CTX parameter to ossl_cmp_build_cert_chain(), improve its doc Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/ cmp_util.c: Add OPENSSL_CTX parameter to ossl_cmp_build_cert_chain(), improve its doc Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11808) show more ...
# 23000838	12-Aug-2020	Dr. David von Oheimb	crypto/cmp: Prevent misleading errors in case x509v3_cache_extensions() fails Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/118 crypto/cmp: Prevent misleading errors in case x509v3_cache_extensions() fails Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11808) show more ...
12