#
16249341 |
| 12-Jun-2022 |
Kan |
Add sensitive memory clean in priv encode Fixed #18540 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/open
Add sensitive memory clean in priv encode Fixed #18540 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18541)
show more ...
|
#
1287dabd |
| 26-Oct-2021 |
x2018 |
fix some code with obvious wrong coding style Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org
fix some code with obvious wrong coding style Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16918)
show more ...
|
#
d101700d |
| 06-Jul-2021 |
Richard Levitte |
CRYPTO: Remove the check for built-in methods in the export_to function That check was seen as necessary at the time, but other changes have been made since, so we now have better contro
CRYPTO: Remove the check for built-in methods in the export_to function That check was seen as necessary at the time, but other changes have been made since, so we now have better control on when we're handling legacy structures and methods, making it safe to run the export_to function on keys with foreign methods. The basic message is that foreign methods must set key structure values according to our standards no matter what, or not set them at all. This has really always been the case, but was harder to see at the time because of interaction with other bugs. Fixes #15927 Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15996)
show more ...
|
#
ed576acd |
| 21-May-2021 |
Tomas Mraz |
Rename all getters to use get/get0 in name For functions that exist in 1.1.1 provide a simple aliases via #define. Fixes #15236 Functions with OSSL_DECODER_, OSSL_ENCODER_,
Rename all getters to use get/get0 in name For functions that exist in 1.1.1 provide a simple aliases via #define. Fixes #15236 Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_, EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_, EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_, EVP_MD_, and EVP_CIPHER_ prefixes are renamed. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15405)
show more ...
|
#
6229815a |
| 25-May-2021 |
Rich Salz |
Use <> for #include openssl/xxx Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15
Use <> for #include openssl/xxx Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15468)
show more ...
|
Revision tags: openssl-3.0.0-alpha17 |
|
#
bed7437b |
| 15-May-2021 |
Richard Levitte |
Modify EVP_PKEY_ASN1_METHOD's export_to function to take an importer We previously took an EVP_KEYMGMT pointer, but now found it necessary to use a different import function in some case
Modify EVP_PKEY_ASN1_METHOD's export_to function to take an importer We previously took an EVP_KEYMGMT pointer, but now found it necessary to use a different import function in some cases. Since that's the only thing we use from EVP_KEYMGMT, we might as well pass the import function directly, allowing for some flexibility in how export_to is used. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15293)
show more ...
|
Revision tags: openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14 |
|
#
3f883c7c |
| 07-Apr-2021 |
Shane Lontis |
Replace OSSL_PARAM_BLD_free_params() with OSSL_PARAM_free(). Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14785)
|
Revision tags: OpenSSL_1_1_1k |
|
#
2145ba5e |
| 19-Mar-2021 |
Tomas Mraz |
Implement EVP_PKEY_dup() function Fixes #14501 Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14624)
|
#
cf333799 |
| 18-Mar-2021 |
Richard Levitte |
PROV: Add type specific PKCS#8 decoding to the DER->key decoders This required refactoring a number of functions from the diverse EVP_PKEY_ASN1_METHOD implementations to become shared ba
PROV: Add type specific PKCS#8 decoding to the DER->key decoders This required refactoring a number of functions from the diverse EVP_PKEY_ASN1_METHOD implementations to become shared backend functions. It also meant modifying a few of them to return pointers to our internal RSA / DSA/ DH / EC_KEY, ... structures instead of manipulating an EVP_PKEY pointer directly, letting the caller do the latter. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14314)
show more ...
|
Revision tags: openssl-3.0.0-alpha13 |
|
#
4669015d |
| 09-Mar-2021 |
Shane Lontis |
Add ossl_ x509 symbols Partial fix for #12964 Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14473)
|
#
adf7e6d1 |
| 08-Mar-2021 |
Shane Lontis |
Add ossl_asn1 symbols Partial fix for #12964 Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14473)
|
#
7bc0fdd3 |
| 02-Mar-2021 |
Matt Caswell |
Make the EVP_PKEY_get0* functions have a const return type OTC have decided that the EVP_PKEY_get0* functions should have a const return type. This is a breaking change to emphasise that
Make the EVP_PKEY_get0* functions have a const return type OTC have decided that the EVP_PKEY_get0* functions should have a const return type. This is a breaking change to emphasise that these values should be considered as immutable. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14319)
show more ...
|
Revision tags: openssl-3.0.0-alpha12 |
|
#
32ab57cb |
| 18-Feb-2021 |
Shane Lontis |
Fix external symbols related to ec & sm2 keys Partial fix for #12964 This adds ossl_ names for the following symbols: ec_*, ecx_*, ecdh_*, ecdsa_*, sm2_* Reviewed-
Fix external symbols related to ec & sm2 keys Partial fix for #12964 This adds ossl_ names for the following symbols: ec_*, ecx_*, ecdh_*, ecdsa_*, sm2_* Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14231)
show more ...
|
Revision tags: OpenSSL_1_1_1j, openssl-3.0.0-alpha11 |
|
#
4333b89f |
| 28-Jan-2021 |
Richard Levitte |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13999)
|
Revision tags: openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9 |
|
#
3e878d92 |
| 18-Nov-2020 |
Shane Lontis |
Remove pkey_downgrade from PKCS7 code Fixes #12991 Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13435)
|
Revision tags: openssl-3.0.0-alpha8 |
|
#
9311d0c4 |
| 04-Nov-2020 |
Richard Levitte |
Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call This includes error reporting for libcrypto sub-libraries in surprising places. This was done using ut
Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call This includes error reporting for libcrypto sub-libraries in surprising places. This was done using util/err-to-raise Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13318)
show more ...
|
Revision tags: openssl-3.0.0-alpha7 |
|
#
b4250010 |
| 15-Oct-2020 |
Dr. Matthias St. Pierre |
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER.
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER. The OPENSSL_CTX type stands out a little by using a different prefix. For consistency reasons, this type is renamed to OSSL_LIB_CTX. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12621)
show more ...
|
#
7022d9b9 |
| 07-Oct-2020 |
Matt Caswell |
Remove CMS recipient info information out of the algorithm implementations Low level algorithm implementations have no business knowing about details of the higher level CMS concept. Thi
Remove CMS recipient info information out of the algorithm implementations Low level algorithm implementations have no business knowing about details of the higher level CMS concept. This knowledge is therefore moved into the CMS layer. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13088)
show more ...
|
#
9ab7fe48 |
| 07-Oct-2020 |
Matt Caswell |
Move CMS signing code out of the algorithms and into CMS There is a large amount of CMS sepcific code in the algorithms. This is in the wrong place and breaks layering. This code should
Move CMS signing code out of the algorithms and into CMS There is a large amount of CMS sepcific code in the algorithms. This is in the wrong place and breaks layering. This code should be in the CMS layer. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13088)
show more ...
|
#
0b3a4ef2 |
| 06-Oct-2020 |
Matt Caswell |
Move CMS enveloping code out of the algorithms and into CMS There is quite a large amount of algorithm specific CMS code sitting in the algorithm directories. However, this seems to brea
Move CMS enveloping code out of the algorithms and into CMS There is quite a large amount of algorithm specific CMS code sitting in the algorithm directories. However, this seems to break layering. Algorithms really have no business knowing anything about CMS. Really it should be the other way around. Where there is algorithm specific CMS code it is the CMS layer that should know how to handle different algorithms. Therefore we move this code into the CMS layer. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13088)
show more ...
|
#
d8652be0 |
| 24-Sep-2020 |
Matt Caswell |
Run the withlibctx.pl script Automatically rename all instances of _with_libctx() to _ex() as per our coding style. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged fro
Run the withlibctx.pl script Automatically rename all instances of _with_libctx() to _ex() as per our coding style. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12970)
show more ...
|
#
66066e1b |
| 28-Sep-2020 |
Dr. David von Oheimb |
Prune low-level ASN.1 parse errors from error queue in der2key_decode() etc. Also adds error output tests on loading key files with unsupported algorithms to 30-test_evp.t Reviewed-
Prune low-level ASN.1 parse errors from error queue in der2key_decode() etc. Also adds error output tests on loading key files with unsupported algorithms to 30-test_evp.t Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13023)
show more ...
|
Revision tags: OpenSSL_1_1_1h |
|
#
29844ea5 |
| 16-Sep-2020 |
Dr. David von Oheimb |
Prune low-level ASN.1 parse errors from error queue in decoder_process() Fixes #12840 Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Richard Levitte <levitte@ope
Prune low-level ASN.1 parse errors from error queue in decoder_process() Fixes #12840 Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12893)
show more ...
|
#
c4b3ea73 |
| 22-Sep-2020 |
Shane Lontis |
Fix missing propq in ecdh_cms_set_shared_info() Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12944)
|
#
fa519461 |
| 11-Aug-2020 |
Shane Lontis |
Fix coverity CID #1458644 - Negative return passed to function taking size_t in ecdh_cms_set_shared_info() Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.c
Fix coverity CID #1458644 - Negative return passed to function taking size_t in ecdh_cms_set_shared_info() Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12628)
show more ...
|