#
7bc10f6c |
| 22-May-2024 |
Gerd Hoffmann |
uefi: move variables Fixes "unused variable" warnings with OPENSSL_SYS_UEFI. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Matt Caswell <matt@openssl.org>
uefi: move variables Fixes "unused variable" warnings with OPENSSL_SYS_UEFI. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24459)
show more ...
|
#
b6461792 |
| 20-Mar-2024 |
Richard Levitte |
Copyright year updates Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes (cherry picked from commit 0ce7d1f355c1240653e320a3f6f8109c1f05f8c0) Reviewed-by: Hugo Lan
Copyright year updates Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes (cherry picked from commit 0ce7d1f355c1240653e320a3f6f8109c1f05f8c0) Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24034)
show more ...
|
#
806bbafe |
| 18-Dec-2023 |
Neil Horman |
Check appropriate OSSL_PARAM_get_* functions for NULL The base type OSSL_PARAM getters will NULL deref if they are initalized as null. Add NULL checks for those parameters that have no
Check appropriate OSSL_PARAM_get_* functions for NULL The base type OSSL_PARAM getters will NULL deref if they are initalized as null. Add NULL checks for those parameters that have no expectation of returning null (int32/64/uint32/64/BN). Other types can be left as allowing NULL, as a NULL setting may be meaningful (string, utf8str, octet string, etc). Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23083)
show more ...
|
#
da1c088f |
| 07-Sep-2023 |
Matt Caswell |
Copyright year updates Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes
|
#
2c500578 |
| 16-May-2023 |
Yi Li |
crypto/params: drop float for UEFI Using floating point is not supported in UEFI and can cause build problems, for example due to SSE being disabled and x64 calling convention passin
crypto/params: drop float for UEFI Using floating point is not supported in UEFI and can cause build problems, for example due to SSE being disabled and x64 calling convention passing floats in SSE registers. Avoid those problems by not compiling the related code for floating point numbers. Signed-off-by: Yi Li <yi1.li@intel.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20992)
show more ...
|
#
79523d55 |
| 13-Apr-2023 |
Pauli |
params: add helper functions to allocate & copy params Added a function to allocate a buffer and copy a maching param. Added a function to allocate a buffer and concatenate all matching
params: add helper functions to allocate & copy params Added a function to allocate a buffer and copy a maching param. Added a function to allocate a buffer and concatenate all matching params. Fixes #20717 Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20724)
show more ...
|
#
c2ae8914 |
| 10-Jan-2023 |
Richard Levitte |
In OSSL_PARAM_set_BN(), make sure that the data_size field is at least 1 This way, we guarantee that a zero is represented with one byte of data that's set to zero. Reviewed-by:
In OSSL_PARAM_set_BN(), make sure that the data_size field is at least 1 This way, we guarantee that a zero is represented with one byte of data that's set to zero. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20013)
show more ...
|
#
e077455e |
| 29-Sep-2022 |
Richard Levitte |
Stop raising ERR_R_MALLOC_FAILURE in most places Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and at least handle the file name and line number they are called from,
Stop raising ERR_R_MALLOC_FAILURE in most places Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and at least handle the file name and line number they are called from, there's no need to report ERR_R_MALLOC_FAILURE where they are called directly, or when SSLfatal() and RLAYERfatal() is used, the reason `ERR_R_MALLOC_FAILURE` is changed to `ERR_R_CRYPTO_LIB`. There were a number of places where `ERR_R_MALLOC_FAILURE` was reported even though it was a function from a different sub-system that was called. Those places are changed to report ERR_R_{lib}_LIB, where {lib} is the name of that sub-system. Some of them are tricky to get right, as we have a lot of functions that belong in the ASN1 sub-system, and all the `sk_` calls or from the CRYPTO sub-system. Some extra adaptation was necessary where there were custom OPENSSL_malloc() wrappers, and some bugs are fixed alongside these changes. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19301)
show more ...
|
#
fecb3aae |
| 03-May-2022 |
Matt Caswell |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> Release: yes
|
#
327a720d |
| 28-Mar-2022 |
Tomas Mraz |
OSSL_PARAM_get_*_ptr: Drop errors from ptr/string mismatch Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.c
OSSL_PARAM_get_*_ptr: Drop errors from ptr/string mismatch Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17997)
show more ...
|
#
f1719858 |
| 25-Nov-2021 |
Richard Levitte |
Add support for signed BIGNUMs in the OSSL_PARAM API Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17162)
|
#
ac1082f0 |
| 07-Jan-2022 |
Pauli |
params: add error messages for built in param conversions Specifically: * out of range * unsigned negatives * inexact reals * bad param types * buffers that are too small
params: add error messages for built in param conversions Specifically: * out of range * unsigned negatives * inexact reals * bad param types * buffers that are too small * null function arguments * unknown sizes of real Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17440)
show more ...
|
#
b9d022d7 |
| 18-Jun-2021 |
Pauli |
params: fix range check when converting double to uint64_t. Found in #15815 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Re
params: fix range check when converting double to uint64_t. Found in #15815 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15819)
show more ...
|
#
d7c88f76 |
| 18-Jun-2021 |
Pauli |
params: avoid using intmax_t since it's not well supported Converting doubles to integers used to go via intmax_t which isn't properly defined on some platforms. The alternative is to g
params: avoid using intmax_t since it's not well supported Converting doubles to integers used to go via intmax_t which isn't properly defined on some platforms. The alternative is to go via int64_t. Fixes #15815 Alternative to #15816 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15817)
show more ...
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15 |
|
#
1fac2705 |
| 19-Apr-2021 |
Tomas Mraz |
Fix potential NULL dereference in OSSL_PARAM_get_utf8_string() Fixes Coverity ID 1476283 Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/opens
Fix potential NULL dereference in OSSL_PARAM_get_utf8_string() Fixes Coverity ID 1476283 Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14928)
show more ...
|
Revision tags: openssl-3.0.0-alpha14 |
|
#
884314ca |
| 07-Apr-2021 |
Shane Lontis |
Add OSSL_PARAM_dup() and OSSL_PARAM_merge(). These functions are prerequisites for implementing EVP_PKEY_todata(). OSSL_PARAM_dup() is required to make a deep copy of the exported
Add OSSL_PARAM_dup() and OSSL_PARAM_merge(). These functions are prerequisites for implementing EVP_PKEY_todata(). OSSL_PARAM_dup() is required to make a deep copy of the exported params (since the provider export() uses a OSSL_PARAM_BLD which throws away the data after the call), and then use OSSL_PARAM_merge() to add some additional params that can be passed to the EVP_PKEY_todata(). Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14785)
show more ...
|
Revision tags: OpenSSL_1_1_1k, openssl-3.0.0-alpha13 |
|
#
8020d79b |
| 11-Mar-2021 |
Matt Caswell |
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14512)
|
Revision tags: openssl-3.0.0-alpha12, OpenSSL_1_1_1j |
|
#
247a1786 |
| 12-Feb-2021 |
Richard Levitte |
OSSL_PARAM: Correct the assumptions on the UTF8 string length When the string "ABCDEFGH" is passed, what's considered its data, this? { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H' }
OSSL_PARAM: Correct the assumptions on the UTF8 string length When the string "ABCDEFGH" is passed, what's considered its data, this? { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H' } or this? { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', '\0' } If it's passed as a pass phrase, should the terminating NUL byte be considered part of the pass phrase, or not? Our treatment of OSSL_PARAMs with the data type OSSL_PARAM_UTF8_STRING set the length of the string to include the terminating NUL byte, which is quite confusing. What should the recipient of such a string believe? Instead of perpetuating this confusion, we change the assumption to set the OSSL_PARAM to the length of the string, not including the terminating NUL byte, thereby giving it the same value as a strlen() call would give. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14168)
show more ...
|
Revision tags: openssl-3.0.0-alpha11, openssl-3.0.0-alpha10 |
|
#
e9c5e642 |
| 11-Dec-2020 |
Pauli |
params: allow more variations in integer conversions. Allow any sized integer to be converted to any other size integer via the helpers. Support for converting reals to/from int
params: allow more variations in integer conversions. Allow any sized integer to be converted to any other size integer via the helpers. Support for converting reals to/from integers remains restricted. Fixes: #13429 Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13663)
show more ...
|
Revision tags: OpenSSL_1_1_1i, openssl-3.0.0-alpha9 |
|
#
5b1d94c1 |
| 11-Nov-2020 |
Pauli |
Fix some warnings from clang 10 in params.c clang 10 was emitting warnings similar to the following from params.c: crypto/params.c:411:40: error: implicit conversion from 'long' to
Fix some warnings from clang 10 in params.c clang 10 was emitting warnings similar to the following from params.c: crypto/params.c:411:40: error: implicit conversion from 'long' to 'double' changes value from 9223372036854775807 to 9223372036854775808 [-Werror,-Wimplicit-int-float-conversion] if (d >= INT64_MIN && d <= INT64_MAX && d == (int64_t)d) { Also fixed some other conversion problems when sizeof(double) == 4. Alternative to #13366 Fixes #13365 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13377)
show more ...
|
Revision tags: openssl-3.0.0-alpha8, openssl-3.0.0-alpha7, OpenSSL_1_1_1h, openssl-3.0.0-alpha6 |
|
#
ab00ddb5 |
| 28-Jul-2020 |
Richard Levitte |
OSSL_PARAM: Add string pointer getters When some function receives an OSSL_PARAM array to pilfer for data, and there is a string of some sort, and all the code needs is to get the po
OSSL_PARAM: Add string pointer getters When some function receives an OSSL_PARAM array to pilfer for data, and there is a string of some sort, and all the code needs is to get the pointer to the data, rather than a copy, there is currently no other way than to use |param->data| directly. This is of course a valid method, but lacks any safety check (is |param->data_type| correct, for example?). OSSL_PARAM_get_utf8_string_ptr() and OSSL_PARAM_get_octet_string_ptr() helps the programmer with such things, by setting the argument pointer to |param->data|. Additionally, the handle the data types OSSL_PARAM_UTF8_PTR and OSSL_PARAM_OCTET_PTR as well. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12512)
show more ...
|
Revision tags: openssl-3.0.0-alpha5, openssl-3.0.0-alpha4, openssl-3.0.0-alpha3, openssl-3.0.0-alpha2 |
|
#
5fdaa38f |
| 10-May-2020 |
Pauli |
params: add OSSL_PARAM helpers for time_t. POSIX mandates that time_t is a signed integer but it doesn't specify the lenght. Having wrappers lets uses ignore this. Reviewed-by:
params: add OSSL_PARAM helpers for time_t. POSIX mandates that time_t is a signed integer but it doesn't specify the lenght. Having wrappers lets uses ignore this. Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/11682)
show more ...
|
#
7c302f8a |
| 21-May-2020 |
Benjamin Kaduk |
params: do not ignore zero-length strings Prior to this commit, if a string (or octet string) parameter was present but indicated it was zero-length, we would return success but with
params: do not ignore zero-length strings Prior to this commit, if a string (or octet string) parameter was present but indicated it was zero-length, we would return success but with a NULL output value. This can be problematic in cases where there is a protocol-level distinction between parameter-absent and parameter-present-but-zero-length, which is uncommon but can happen. Since OPENSSL_malloc() returns NULL for zero-length allocation requests, make a dummy allocation for this case, to give a signal that the string parameter does exist but has zero length. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11920)
show more ...
|
#
b756626a |
| 28-Apr-2020 |
Matt Caswell |
Allow OSSL_PARAM_get_octet_string() to pass a NULL buffer We may just want to know the number of octets so allow passing a NULL buffer. Reviewed-by: Shane Lontis <shane.lontis@o
Allow OSSL_PARAM_get_octet_string() to pass a NULL buffer We may just want to know the number of octets so allow passing a NULL buffer. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11635)
show more ...
|
Revision tags: openssl-3.0.0-alpha1 |
|
#
3873887e |
| 23-Apr-2020 |
Pauli |
params: change OSSL_PARAM_set_unmodified() to operate on a params array Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged f
params: change OSSL_PARAM_set_unmodified() to operate on a params array Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11601)
show more ...
|