cmp_vfy.c - OpenGrok history log for /openssl/crypto/cmp/cmp

Revision (<<< Hide revision tags) (Show revision tags >>>)	Date	Author	Comments
# 7b1a3a50	18-Aug-2020	Dr. David von Oheimb	cmp_vfy.c: Fix bug: must verify msg signature also in 3GPP mode Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11808)
# eeccc237	26-Apr-2020	Dr. David von Oheimb	Introduce X509_add_cert[s] simplifying various additions to cert lists Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12615)
# c4a9e3eb	29-May-2020	Dr. David von Oheimb	Move part of OSSL_CMP_validate_msg() to ossl_cmp_msg_check_update() as checking expected_sender and adding caPubs is not part of msg validation. Also constify a couple of internal and pu Move part of OSSL_CMP_validate_msg() to ossl_cmp_msg_check_update() as checking expected_sender and adding caPubs is not part of msg validation. Also constify a couple of internal and public functions related to cmp_vfy.c Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11998) show more ...
# 12bbcee2	29-May-2020	Dr. David von Oheimb	Make CMP server use same protection for response as for request Also adds ossl_cmp_hdr_get_protection_nid() simplifying cmp_vfy.c Reviewed-by: Matt Caswell <matt@openssl.org> (M Make CMP server use same protection for response as for request Also adds ossl_cmp_hdr_get_protection_nid() simplifying cmp_vfy.c Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11998) show more ...
# 430efff1	28-May-2020	Dr. David von Oheimb	Improve ossl_cmp_msg_check_received() and rename to ossl_cmp_msg_check_update() Bugfix: allow using extraCerts contained in msg already while checking signature Improve function name, si Improve ossl_cmp_msg_check_received() and rename to ossl_cmp_msg_check_update() Bugfix: allow using extraCerts contained in msg already while checking signature Improve function name, simplify its return value, and update its documentation Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11998) show more ...
# ca6f1ba9	28-May-2020	Dr. David von Oheimb	Improve cert checking diagnostics of OSSL_CMP_validate_msg() Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11998)
# 7aa70fd5	27-May-2020	Dr. David von Oheimb	Remove misleading diagnostics on pinned sender cert in OSSL_CMP_validate_msg() Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11998)
# 032b13c7	27-May-2020	Dr. David von Oheimb	Correct error reason of verify_signature() in cmp_vfy.c Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11998)
# 6d934add	20-May-2020	Dr. David von Oheimb	Check expected sender not only for signature-protected CMP messages Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11998)
# b27ff9b8	19-May-2020	Dr. David von Oheimb	Streamline the approach to set CMP message recipient and expected sender Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11998)
Revision tags: openssl-3.0.0-alpha1, OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e, OpenSSL_1_0_2u
# 852c2ed2	19-Dec-2019	Rich Salz	In OpenSSL builds, declare STACK for datatypes ... ... and only define them in the source files that need them. Use DEFINE_OR_DECLARE which is set appropriately for internal builds In OpenSSL builds, declare STACK for datatypes ... ... and only define them in the source files that need them. Use DEFINE_OR_DECLARE which is set appropriately for internal builds and not non-deprecated builds. Deprecate stack-of-block Better documentation Move some ASN1 struct typedefs to types.h Update ParseC to handle this. Most of all, ParseC needed to be more consistent. The handlers are "recursive", in so far that they are called again and again until they terminate, which depends entirely on what the "massager" returns. There's a comment at the beginning of ParseC that explains how that works. {Richard Levtte} Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10669) show more ...
# e599d0ae	24-Mar-2020	Dr. David von Oheimb	Add CMP fuzzing to fuzz/cmp.c, including a couple of helpers in crypto/cmp/ Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https: Add CMP fuzzing to fuzz/cmp.c, including a couple of helpers in crypto/cmp/ Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11386) show more ...
# 642f60d8	23-Mar-2020	Dr. David von Oheimb	Rename CMP_PROTECTEDPART to OSSL_CMP_PROTECTEDPART for consistency Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github. Rename CMP_PROTECTEDPART to OSSL_CMP_PROTECTEDPART for consistency Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11386) show more ...
# d8039304	31-Mar-2020	Dr. David von Oheimb	Fix misleading error msg for PBM check w/o secret in OSSL_CMP_validate_msg() Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Fix misleading error msg for PBM check w/o secret in OSSL_CMP_validate_msg() Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/11448) show more ...
# a1e4c8ef	30-Mar-2020	Dr. David von Oheimb	Fix bugs in 3GPP exception checking and improve diagnostics in crypt/cmp/cmp_vfy.c Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.co Fix bugs in 3GPP exception checking and improve diagnostics in crypt/cmp/cmp_vfy.c Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/11448) show more ...
# 7e765f46	10-Mar-2020	Dr. David von Oheimb	Chunk 9 of CMP contribution to OpenSSL: CMP client and related tests Certificate Management Protocol (CMP, RFC 4210) extension to OpenSSL Also includes CRMF (RFC 4211) and HTTP transfer Chunk 9 of CMP contribution to OpenSSL: CMP client and related tests Certificate Management Protocol (CMP, RFC 4210) extension to OpenSSL Also includes CRMF (RFC 4211) and HTTP transfer (RFC 6712). Adds the CMP and CRMF API to libcrypto and the "cmp" app to the CLI. Adds extensive documentation and tests. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/11300) show more ...
# 31b28ad9	15-Feb-2020	Dr. David von Oheimb	chunk 7 of CMP contribution to OpenSSL add CMP message validation and related tests; while doing so: * add ERR_add_error_mem_bio() to crypto/err/err_prn.c * move ossl_cmp_add_error_t chunk 7 of CMP contribution to OpenSSL add CMP message validation and related tests; while doing so: * add ERR_add_error_mem_bio() to crypto/err/err_prn.c * move ossl_cmp_add_error_txt() as ERR_add_error_txt() to crypto/err/err_prn.c * add X509_STORE_CTX_print_verify_cb() to crypto/x509/t_x509.c, adding internally x509_print_ex_brief(), print_certs(), and print_store_certs() * move {ossl_cmp_,}X509_STORE_get1_certs() to crypto/x509/x509_lu.c Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/10620) show more ...
12