#
b6461792 |
| 20-Mar-2024 |
Richard Levitte |
Copyright year updates Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes (cherry picked from commit 0ce7d1f355c1240653e320a3f6f8109c1f05f8c0) Reviewed-by: Hugo Lan
Copyright year updates Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes (cherry picked from commit 0ce7d1f355c1240653e320a3f6f8109c1f05f8c0) Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24034)
show more ...
|
#
cf57c3ec |
| 16-Dec-2023 |
Neil Horman |
Check for NULL cleanup function before using it in encoder_process encoder_process assumes a cleanup function has been set in the currently in-use encoder during processing, which can le
Check for NULL cleanup function before using it in encoder_process encoder_process assumes a cleanup function has been set in the currently in-use encoder during processing, which can lead to segfaults if said function hasn't been set Add a NULL check for this condition, returning -1 if it is not set Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23069)
show more ...
|
#
e077455e |
| 29-Sep-2022 |
Richard Levitte |
Stop raising ERR_R_MALLOC_FAILURE in most places Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and at least handle the file name and line number they are called from,
Stop raising ERR_R_MALLOC_FAILURE in most places Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and at least handle the file name and line number they are called from, there's no need to report ERR_R_MALLOC_FAILURE where they are called directly, or when SSLfatal() and RLAYERfatal() is used, the reason `ERR_R_MALLOC_FAILURE` is changed to `ERR_R_CRYPTO_LIB`. There were a number of places where `ERR_R_MALLOC_FAILURE` was reported even though it was a function from a different sub-system that was called. Those places are changed to report ERR_R_{lib}_LIB, where {lib} is the name of that sub-system. Some of them are tricky to get right, as we have a lot of functions that belong in the ASN1 sub-system, and all the `sk_` calls or from the CRYPTO sub-system. Some extra adaptation was necessary where there were custom OPENSSL_malloc() wrappers, and some bugs are fixed alongside these changes. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19301)
show more ...
|
#
fecb3aae |
| 03-May-2022 |
Matt Caswell |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> Release: yes
|
#
fba140c7 |
| 12-Apr-2022 |
Dmitry Belyavskiy |
str[n]casecmp => OPENSSL_strncasecmp Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18069)
|
#
d5f9166b |
| 04-Feb-2022 |
Richard Levitte |
Move e_os.h to include/internal Including e_os.h with a path from a header file doesn't work well on certain exotic platform. It simply fails to build. Since we don't seem to b
Move e_os.h to include/internal Including e_os.h with a path from a header file doesn't work well on certain exotic platform. It simply fails to build. Since we don't seem to be able to stop ourselves, the better move is to move e_os.h to an include directory that's part of the inclusion path given to the compiler. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17641)
show more ...
|
#
e304aa87 |
| 02-Jan-2022 |
Dimitris Apostolou |
Fix typos Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17392)
|
#
374d5cf2 |
| 11-Oct-2021 |
Tomas Mraz |
cmp_vfy.c, encoder_lib.c: Fix potential leak of a BIO Fixes #16787 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merg
cmp_vfy.c, encoder_lib.c: Fix potential leak of a BIO Fixes #16787 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/16804)
show more ...
|
#
ef2194c4 |
| 27-May-2021 |
Richard Levitte |
DECODER & ENCODER: Add better tracing Now that we have functions to get the name and properties of the diverse implementations, we can as well display them for clarity. Reviewed
DECODER & ENCODER: Add better tracing Now that we have functions to get the name and properties of the diverse implementations, we can as well display them for clarity. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15498)
show more ...
|
#
e982e04f |
| 02-Jun-2021 |
Richard Levitte |
ENCODER: use property definitions instead of getting implementation parameters The OSSL_ENCODER library used to ask each encoder implementation for certain data in form of parameters to
ENCODER: use property definitions instead of getting implementation parameters The OSSL_ENCODER library used to ask each encoder implementation for certain data in form of parameters to place them correctly in the encoder chain, if at all. These parameters were duplicates of properties of those same implementations, and therefore unnecessarily redundant. Now that we have functionality to query property definition values, those duplicates are no longer needed, and are therefore not looked at any more. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15570)
show more ...
|
#
73c02a62 |
| 02-Jun-2021 |
Richard Levitte |
ENCODER: Drop OSSL_ENCODER_PARAM_INPUT_TYPE This was a poor substitute for using the name of the decoder implementation, and since there is functionality to get the latter now, this para
ENCODER: Drop OSSL_ENCODER_PARAM_INPUT_TYPE This was a poor substitute for using the name of the decoder implementation, and since there is functionality to get the latter now, this parameter can be dropped. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15570)
show more ...
|
#
ed576acd |
| 21-May-2021 |
Tomas Mraz |
Rename all getters to use get/get0 in name For functions that exist in 1.1.1 provide a simple aliases via #define. Fixes #15236 Functions with OSSL_DECODER_, OSSL_ENCODER_,
Rename all getters to use get/get0 in name For functions that exist in 1.1.1 provide a simple aliases via #define. Fixes #15236 Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_, EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_, EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_, EVP_MD_, and EVP_CIPHER_ prefixes are renamed. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15405)
show more ...
|
Revision tags: openssl-3.0.0-alpha17 |
|
#
40692ed7 |
| 15-May-2021 |
Matt Caswell |
Better error messages if there are no encoders/decoders/store loaders If you don't have the base or default providers loaded and therefore there are no encoders/decoders or store loaders
Better error messages if there are no encoders/decoders/store loaders If you don't have the base or default providers loaded and therefore there are no encoders/decoders or store loaders then the error messages can be cryptic. We provide better hints about how to fix the problem. Fixes #13798 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15306)
show more ...
|
Revision tags: openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13 |
|
#
8020d79b |
| 11-Mar-2021 |
Matt Caswell |
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14512)
|
#
141cc94e |
| 04-Mar-2021 |
Pauli |
Add a real type for OSSL_CORE_BIO which is distinct from and not castable to BIO Providers (particularly the FIPS provider) needs access to BIOs from libcrypto. Libcrypto is allowed to c
Add a real type for OSSL_CORE_BIO which is distinct from and not castable to BIO Providers (particularly the FIPS provider) needs access to BIOs from libcrypto. Libcrypto is allowed to change the internal format of the BIO structure and it is still expected to work with providers that were already built. This means that the libcrypto BIO must be distinct from and not castable to the provider side OSSL_CORE_BIO. Unfortunately, this requirement was broken in both directions. This fixes things by forcing the two to be different and any casts break loudly. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14419)
show more ...
|
Revision tags: openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11, openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8 |
|
#
0b9f90f5 |
| 28-Oct-2020 |
Richard Levitte |
ENCODER: Add tracing Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13167)
|
#
b9a2afdf |
| 17-Oct-2020 |
Richard Levitte |
ENCODER: Add output structure support for EVP_PKEY encoding OSSL_ENCODER_CTX_new_by_EVP_PKEY() takes one more argument to express the desired outermost structure for the output.
ENCODER: Add output structure support for EVP_PKEY encoding OSSL_ENCODER_CTX_new_by_EVP_PKEY() takes one more argument to express the desired outermost structure for the output. This also adds OSSL_ENCODER_CTX_prune_encoders(), which is used to reduce the stack of encoders found according to criteria formed from the combination of desired selection, output type and output structure. squash! ENCODER: Add output structure support for EVP_PKEY encoding Replace the paragraph talking about OSSL_ENCODER_CTX_prune_encoders() with: The encoding processor encoder_process() is enhanced with better analysis of the stack of encoder implementations. To avoid having to keep an on the side array of information, it uses recursion. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13167)
show more ...
|
#
8a98a507 |
| 17-Oct-2020 |
Richard Levitte |
ENCODER: Add support for specifying the outermost output structure Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13167)
|
Revision tags: openssl-3.0.0-alpha7 |
|
#
eec0ad10 |
| 15-Oct-2020 |
Matt Caswell |
Update copyright year Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/13144)
|
#
b4250010 |
| 15-Oct-2020 |
Dr. Matthias St. Pierre |
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER.
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER. The OPENSSL_CTX type stands out a little by using a different prefix. For consistency reasons, this type is renamed to OSSL_LIB_CTX. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12621)
show more ...
|
#
25cf949f |
| 05-Oct-2020 |
Richard Levitte |
ENCODER / DECODER: Add functions to encode/decode to/from a buffer This adds OSSL_ENCODER_to_data() and OSSL_DECODER_from_data(). These functions allow fairly simple rewrites of type-sp
ENCODER / DECODER: Add functions to encode/decode to/from a buffer This adds OSSL_ENCODER_to_data() and OSSL_DECODER_from_data(). These functions allow fairly simple rewrites of type-specific i2d and d2i calls. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13094)
show more ...
|
Revision tags: OpenSSL_1_1_1h |
|
#
b8975c68 |
| 14-Sep-2020 |
Richard Levitte |
ENCODER: Refactor the OSSL_ENCODER API to be more like OSSL_DECODER OSSL_ENCODER was developed before OSSL_DECODER, so the idea of chaining and the resulting API came later. This series
ENCODER: Refactor the OSSL_ENCODER API to be more like OSSL_DECODER OSSL_ENCODER was developed before OSSL_DECODER, so the idea of chaining and the resulting API came later. This series of changes brings the same sort of API and functionality back to OSSL_ENCODER, making the two APIs more consistent with each other. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12873)
show more ...
|
#
ece9304c |
| 16-Aug-2020 |
Richard Levitte |
Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE Fixes #12455 Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openss
Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE Fixes #12455 Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12660)
show more ...
|