| #
7bc10f6c |
| 22-May-2024 |
Gerd Hoffmann |
uefi: move variables
Fixes "unused variable" warnings with OPENSSL_SYS_UEFI.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
uefi: move variables
Fixes "unused variable" warnings with OPENSSL_SYS_UEFI.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24459)
show more ...
|
| #
b6461792 |
| 20-Mar-2024 |
Richard Levitte |
Copyright year updates
Reviewed-by: Neil Horman <nhorman@openssl.org>
Release: yes
(cherry picked from commit 0ce7d1f355c1240653e320a3f6f8109c1f05f8c0)
Reviewed-by: Hugo Lan
Copyright year updates
Reviewed-by: Neil Horman <nhorman@openssl.org>
Release: yes
(cherry picked from commit 0ce7d1f355c1240653e320a3f6f8109c1f05f8c0)
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24034)
show more ...
|
| #
806bbafe |
| 18-Dec-2023 |
Neil Horman |
Check appropriate OSSL_PARAM_get_* functions for NULL
The base type OSSL_PARAM getters will NULL deref if they are initalized
as null. Add NULL checks for those parameters that have no
Check appropriate OSSL_PARAM_get_* functions for NULL
The base type OSSL_PARAM getters will NULL deref if they are initalized
as null. Add NULL checks for those parameters that have no expectation
of returning null (int32/64/uint32/64/BN). Other types can be left as
allowing NULL, as a NULL setting may be meaningful (string, utf8str,
octet string, etc).
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23083)
show more ...
|
| #
da1c088f |
| 07-Sep-2023 |
Matt Caswell |
Copyright year updates
Reviewed-by: Richard Levitte <levitte@openssl.org>
Release: yes
|
| #
2c500578 |
| 16-May-2023 |
Yi Li |
crypto/params: drop float for UEFI
Using floating point is not supported in UEFI and can cause build
problems, for example due to SSE being disabled and x64 calling
convention passin
crypto/params: drop float for UEFI
Using floating point is not supported in UEFI and can cause build
problems, for example due to SSE being disabled and x64 calling
convention passing floats in SSE registers.
Avoid those problems by not compiling the related code for floating
point numbers.
Signed-off-by: Yi Li <yi1.li@intel.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20992)
show more ...
|
| #
79523d55 |
| 13-Apr-2023 |
Pauli |
params: add helper functions to allocate & copy params
Added a function to allocate a buffer and copy a maching param.
Added a function to allocate a buffer and concatenate all matching
params: add helper functions to allocate & copy params
Added a function to allocate a buffer and copy a maching param.
Added a function to allocate a buffer and concatenate all matching params.
Fixes #20717
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20724)
show more ...
|
| #
c2ae8914 |
| 10-Jan-2023 |
Richard Levitte |
In OSSL_PARAM_set_BN(), make sure that the data_size field is at least 1
This way, we guarantee that a zero is represented with one byte of data
that's set to zero.
Reviewed-by:
In OSSL_PARAM_set_BN(), make sure that the data_size field is at least 1
This way, we guarantee that a zero is represented with one byte of data
that's set to zero.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20013)
show more ...
|
| #
e077455e |
| 29-Sep-2022 |
Richard Levitte |
Stop raising ERR_R_MALLOC_FAILURE in most places
Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and
at least handle the file name and line number they are called from,
Stop raising ERR_R_MALLOC_FAILURE in most places
Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and
at least handle the file name and line number they are called from,
there's no need to report ERR_R_MALLOC_FAILURE where they are called
directly, or when SSLfatal() and RLAYERfatal() is used, the reason
`ERR_R_MALLOC_FAILURE` is changed to `ERR_R_CRYPTO_LIB`.
There were a number of places where `ERR_R_MALLOC_FAILURE` was reported
even though it was a function from a different sub-system that was
called. Those places are changed to report ERR_R_{lib}_LIB, where
{lib} is the name of that sub-system.
Some of them are tricky to get right, as we have a lot of functions
that belong in the ASN1 sub-system, and all the `sk_` calls or from
the CRYPTO sub-system.
Some extra adaptation was necessary where there were custom OPENSSL_malloc()
wrappers, and some bugs are fixed alongside these changes.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19301)
show more ...
|
| #
fecb3aae |
| 03-May-2022 |
Matt Caswell |
Update copyright year
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Release: yes
|
| #
327a720d |
| 28-Mar-2022 |
Tomas Mraz |
OSSL_PARAM_get_*_ptr: Drop errors from ptr/string mismatch
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.c
OSSL_PARAM_get_*_ptr: Drop errors from ptr/string mismatch
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17997)
show more ...
|
| #
f1719858 |
| 25-Nov-2021 |
Richard Levitte |
Add support for signed BIGNUMs in the OSSL_PARAM API
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17162)
|
| #
ac1082f0 |
| 07-Jan-2022 |
Pauli |
params: add error messages for built in param conversions
Specifically:
* out of range
* unsigned negatives
* inexact reals
* bad param types
* buffers that are too small
params: add error messages for built in param conversions
Specifically:
* out of range
* unsigned negatives
* inexact reals
* bad param types
* buffers that are too small
* null function arguments
* unknown sizes of real
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17440)
show more ...
|
| #
b9d022d7 |
| 18-Jun-2021 |
Pauli |
params: fix range check when converting double to uint64_t.
Found in #15815
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Re
params: fix range check when converting double to uint64_t.
Found in #15815
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15819)
show more ...
|
| #
d7c88f76 |
| 18-Jun-2021 |
Pauli |
params: avoid using intmax_t since it's not well supported
Converting doubles to integers used to go via intmax_t which isn't properly
defined on some platforms. The alternative is to g
params: avoid using intmax_t since it's not well supported
Converting doubles to integers used to go via intmax_t which isn't properly
defined on some platforms. The alternative is to go via int64_t.
Fixes #15815
Alternative to #15816
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15817)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15 |
|
| #
1fac2705 |
| 19-Apr-2021 |
Tomas Mraz |
Fix potential NULL dereference in OSSL_PARAM_get_utf8_string()
Fixes Coverity ID 1476283
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/opens
Fix potential NULL dereference in OSSL_PARAM_get_utf8_string()
Fixes Coverity ID 1476283
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14928)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha14 |
|
| #
884314ca |
| 07-Apr-2021 |
Shane Lontis |
Add OSSL_PARAM_dup() and OSSL_PARAM_merge().
These functions are prerequisites for implementing EVP_PKEY_todata().
OSSL_PARAM_dup() is required to make a deep copy of the exported
Add OSSL_PARAM_dup() and OSSL_PARAM_merge().
These functions are prerequisites for implementing EVP_PKEY_todata().
OSSL_PARAM_dup() is required to make a deep copy of the exported
params (since the provider export() uses a OSSL_PARAM_BLD which throws away the
data after the call), and then use OSSL_PARAM_merge() to add some additional params
that can be passed to the EVP_PKEY_todata().
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14785)
show more ...
|
|
Revision tags: OpenSSL_1_1_1k, openssl-3.0.0-alpha13 |
|
| #
8020d79b |
| 11-Mar-2021 |
Matt Caswell |
Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14512)
|
|
Revision tags: openssl-3.0.0-alpha12, OpenSSL_1_1_1j |
|
| #
247a1786 |
| 12-Feb-2021 |
Richard Levitte |
OSSL_PARAM: Correct the assumptions on the UTF8 string length
When the string "ABCDEFGH" is passed, what's considered its data, this?
{ 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H' }
OSSL_PARAM: Correct the assumptions on the UTF8 string length
When the string "ABCDEFGH" is passed, what's considered its data, this?
{ 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H' }
or this?
{ 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', '\0' }
If it's passed as a pass phrase, should the terminating NUL byte be
considered part of the pass phrase, or not?
Our treatment of OSSL_PARAMs with the data type OSSL_PARAM_UTF8_STRING
set the length of the string to include the terminating NUL byte,
which is quite confusing. What should the recipient of such a string
believe?
Instead of perpetuating this confusion, we change the assumption to
set the OSSL_PARAM to the length of the string, not including the
terminating NUL byte, thereby giving it the same value as a strlen()
call would give.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14168)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha11, openssl-3.0.0-alpha10 |
|
| #
e9c5e642 |
| 11-Dec-2020 |
Pauli |
params: allow more variations in integer conversions.
Allow any sized integer to be converted to any other size integer via the
helpers.
Support for converting reals to/from int
params: allow more variations in integer conversions.
Allow any sized integer to be converted to any other size integer via the
helpers.
Support for converting reals to/from integers remains restricted.
Fixes: #13429
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13663)
show more ...
|
|
Revision tags: OpenSSL_1_1_1i, openssl-3.0.0-alpha9 |
|
| #
5b1d94c1 |
| 11-Nov-2020 |
Pauli |
Fix some warnings from clang 10 in params.c
clang 10 was emitting warnings similar to the following from params.c:
crypto/params.c:411:40: error: implicit conversion from 'long' to
Fix some warnings from clang 10 in params.c
clang 10 was emitting warnings similar to the following from params.c:
crypto/params.c:411:40: error: implicit conversion from 'long' to 'double' changes value from 9223372036854775807 to 9223372036854775808 [-Werror,-Wimplicit-int-float-conversion]
if (d >= INT64_MIN && d <= INT64_MAX && d == (int64_t)d) {
Also fixed some other conversion problems when sizeof(double) == 4.
Alternative to #13366
Fixes #13365
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13377)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha8, openssl-3.0.0-alpha7, OpenSSL_1_1_1h, openssl-3.0.0-alpha6 |
|
| #
ab00ddb5 |
| 28-Jul-2020 |
Richard Levitte |
OSSL_PARAM: Add string pointer getters
When some function receives an OSSL_PARAM array to pilfer for data,
and there is a string of some sort, and all the code needs is to get
the po
OSSL_PARAM: Add string pointer getters
When some function receives an OSSL_PARAM array to pilfer for data,
and there is a string of some sort, and all the code needs is to get
the pointer to the data, rather than a copy, there is currently no
other way than to use |param->data| directly. This is of course a
valid method, but lacks any safety check (is |param->data_type|
correct, for example?).
OSSL_PARAM_get_utf8_string_ptr() and OSSL_PARAM_get_octet_string_ptr()
helps the programmer with such things, by setting the argument pointer
to |param->data|.
Additionally, the handle the data types OSSL_PARAM_UTF8_PTR and
OSSL_PARAM_OCTET_PTR as well.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12512)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha5, openssl-3.0.0-alpha4, openssl-3.0.0-alpha3, openssl-3.0.0-alpha2 |
|
| #
5fdaa38f |
| 10-May-2020 |
Pauli |
params: add OSSL_PARAM helpers for time_t.
POSIX mandates that time_t is a signed integer but it doesn't specify the
lenght. Having wrappers lets uses ignore this.
Reviewed-by:
params: add OSSL_PARAM helpers for time_t.
POSIX mandates that time_t is a signed integer but it doesn't specify the
lenght. Having wrappers lets uses ignore this.
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)
show more ...
|
| #
7c302f8a |
| 21-May-2020 |
Benjamin Kaduk |
params: do not ignore zero-length strings
Prior to this commit, if a string (or octet string) parameter
was present but indicated it was zero-length, we would return success
but with
params: do not ignore zero-length strings
Prior to this commit, if a string (or octet string) parameter
was present but indicated it was zero-length, we would return success
but with a NULL output value. This can be problematic in cases where
there is a protocol-level distinction between parameter-absent and
parameter-present-but-zero-length, which is uncommon but can happen.
Since OPENSSL_malloc() returns NULL for zero-length allocation requests,
make a dummy allocation for this case, to give a signal that the string
parameter does exist but has zero length.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11920)
show more ...
|
| #
b756626a |
| 28-Apr-2020 |
Matt Caswell |
Allow OSSL_PARAM_get_octet_string() to pass a NULL buffer
We may just want to know the number of octets so allow passing a NULL
buffer.
Reviewed-by: Shane Lontis <shane.lontis@o
Allow OSSL_PARAM_get_octet_string() to pass a NULL buffer
We may just want to know the number of octets so allow passing a NULL
buffer.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11635)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha1 |
|
| #
3873887e |
| 23-Apr-2020 |
Pauli |
params: change OSSL_PARAM_set_unmodified() to operate on a params array
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged f
params: change OSSL_PARAM_set_unmodified() to operate on a params array
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11601)
show more ...
|
