#
94289779 |
| 06-Jun-2021 |
Pauli |
pkcs12: fix Coverity 1485667 logically dead code Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15635)
|
#
ed576acd |
| 21-May-2021 |
Tomas Mraz |
Rename all getters to use get/get0 in name For functions that exist in 1.1.1 provide a simple aliases via #define. Fixes #15236 Functions with OSSL_DECODER_, OSSL_ENCODER_,
Rename all getters to use get/get0 in name For functions that exist in 1.1.1 provide a simple aliases via #define. Fixes #15236 Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_, EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_, EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_, EVP_MD_, and EVP_CIPHER_ prefixes are renamed. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15405)
show more ...
|
#
28cab209 |
| 31-May-2021 |
Pauli |
crypto: updates to pass size_t to RAND_bytes_ex() Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/open
crypto: updates to pass size_t to RAND_bytes_ex() Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/15540)
show more ...
|
#
5cbd2ea3 |
| 28-May-2021 |
Pauli |
add zero strenght arguments to BN and RAND RNG calls Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15513)
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13, openssl-3.0.0-alpha12 |
|
#
b536880c |
| 17-Feb-2021 |
Jon Spillett |
Add library context and property query support into the PKCS12 API Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.
Add library context and property query support into the PKCS12 API Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14434)
show more ...
|
#
42e7d2f1 |
| 12-Apr-2021 |
Shane Lontis |
Add more negative checks for integers passed to OPENSSL_malloc(). Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.c
Add more negative checks for integers passed to OPENSSL_malloc(). Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14830)
show more ...
|
#
8020d79b |
| 11-Mar-2021 |
Matt Caswell |
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14512)
|
#
762970bd |
| 05-Mar-2021 |
Tomas Mraz |
Change default algorithms in PKCS12_create() and PKCS12_set_mac() Use the modern defaults as now set in the pkcs12 app. This also allows modifying the application to not override the def
Change default algorithms in PKCS12_create() and PKCS12_set_mac() Use the modern defaults as now set in the pkcs12 app. This also allows modifying the application to not override the default values when calling the API. Fixes #14034 Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/14450)
show more ...
|
Revision tags: OpenSSL_1_1_1j, openssl-3.0.0-alpha11, openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8 |
|
#
9311d0c4 |
| 04-Nov-2020 |
Richard Levitte |
Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call This includes error reporting for libcrypto sub-libraries in surprising places. This was done using ut
Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call This includes error reporting for libcrypto sub-libraries in surprising places. This was done using util/err-to-raise Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13318)
show more ...
|
Revision tags: openssl-3.0.0-alpha7, OpenSSL_1_1_1h, openssl-3.0.0-alpha6, openssl-3.0.0-alpha5, openssl-3.0.0-alpha4, openssl-3.0.0-alpha3, openssl-3.0.0-alpha2, openssl-3.0.0-alpha1 |
|
#
33388b44 |
| 23-Apr-2020 |
Matt Caswell |
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11616)
|
Revision tags: OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e |
|
#
dbde4726 |
| 14-Jan-2020 |
Pauli |
Deprecate the low level HMAC functions Use of the low level HMAC functions has been informally discouraged for a long time. We now formally deprecate them. Applications should
Deprecate the low level HMAC functions Use of the low level HMAC functions has been informally discouraged for a long time. We now formally deprecate them. Applications should instead use EVP_MAC_CTX_new(3), EVP_MAC_CTX_free(3), EVP_MAC_init(3), EVP_MAC_update(3) and EVP_MAC_final(3). Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10836)
show more ...
|
Revision tags: OpenSSL_1_0_2u |
|
#
12a765a5 |
| 16-Sep-2019 |
Rich Salz |
Explicitly test against NULL; do not use !p or similar Also added blanks lines after declarations in a couple of places. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Review
Explicitly test against NULL; do not use !p or similar Also added blanks lines after declarations in a couple of places. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9916)
show more ...
|
#
706457b7 |
| 27-Sep-2019 |
Dr. Matthias St. Pierre |
Reorganize local header files Apart from public and internal header files, there is a third type called local header files, which are located next to source files in the source direc
Reorganize local header files Apart from public and internal header files, there is a third type called local header files, which are located next to source files in the source directory. Currently, they have different suffixes like '*_lcl.h', '*_local.h', or '*_int.h' This commit changes the different suffixes to '*_local.h' uniformly. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9333)
show more ...
|
Revision tags: OpenSSL_1_0_2t, OpenSSL_1_1_0l, OpenSSL_1_1_1d, OpenSSL_1_1_1c, OpenSSL_1_1_0k, OpenSSL_1_0_2s, OpenSSL_1_0_2r, OpenSSL_1_1_1b |
|
#
54fffdf4 |
| 06-Dec-2018 |
Richard Levitte |
Following the license change, modify the boilerplates in crypto/pkcs12/ [skip ci] Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pu
Following the license change, modify the boilerplates in crypto/pkcs12/ [skip ci] Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7808)
show more ...
|
Revision tags: OpenSSL_1_0_2q, OpenSSL_1_1_0j, OpenSSL_1_1_1a |
|
#
5c39a55d |
| 24-Sep-2018 |
Pauli |
Use secure_getenv(3) when available. Change all calls to getenv() inside libcrypto to use a new wrapper function that use secure_getenv() if available and an issetugid then getenv if not
Use secure_getenv(3) when available. Change all calls to getenv() inside libcrypto to use a new wrapper function that use secure_getenv() if available and an issetugid then getenv if not. CPU processor override flags are unchanged. Extra checks for OPENSSL_issetugid() have been removed in favour of the safe getenv. Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/7047)
show more ...
|
Revision tags: OpenSSL_1_1_1 |
|
#
1212818e |
| 11-Sep-2018 |
Matt Caswell |
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7176)
|
#
f5cee414 |
| 04-Sep-2018 |
Shane Lontis |
key zeroisation fix for p12 Reviewed-by: Paul Yang <yang.yang@baishancloud.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/710
key zeroisation fix for p12 Reviewed-by: Paul Yang <yang.yang@baishancloud.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7109)
show more ...
|
Revision tags: OpenSSL_1_1_1-pre9, OpenSSL_1_0_2p, OpenSSL_1_1_0i, OpenSSL_1_1_1-pre8, OpenSSL_1_1_1-pre7, OpenSSL_1_1_1-pre6, OpenSSL_1_1_1-pre5, OpenSSL_1_1_1-pre4, OpenSSL_1_0_2o, OpenSSL_1_1_0h, OpenSSL_1_1_1-pre3, OpenSSL_1_1_1-pre2, OpenSSL_1_1_1-pre1, OpenSSL_1_0_2n, OpenSSL_1_0_2m, OpenSSL_1_1_0g |
|
#
d3c3dfc5 |
| 05-Sep-2017 |
Rich Salz |
Add checks for alloc failing. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4341)
|
Revision tags: OpenSSL_1_0_2l, OpenSSL_1_1_0f, OpenSSL-fips-2_0_16 |
|
#
1b8f1937 |
| 18-Feb-2017 |
Dmitry Belyavskiy |
Fix memory leak in pkcs12 -export Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2676)
|
Revision tags: OpenSSL_1_1_0e, OpenSSL_1_0_2k, OpenSSL_1_1_0d, OpenSSL-fips-2_0_15, OpenSSL-fips-2_0_14, OpenSSL_1_1_0c, OpenSSL_1_0_2j, OpenSSL_1_1_0b, OpenSSL_1_0_1u, OpenSSL_1_0_2i, OpenSSL_1_1_0a, OpenSSL_1_1_0 |
|
#
0fe17491 |
| 24-Aug-2016 |
Andy Polyakov |
Don't switch password formats using global state. To avoid possible race conditions don't switch password format using global state in crypto/pkcs12 Reviewed-by: Richard Levitte
Don't switch password formats using global state. To avoid possible race conditions don't switch password format using global state in crypto/pkcs12 Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
Revision tags: OpenSSL_1_1_0-pre6 |
|
#
1194ea8d |
| 26-Jul-2016 |
Andy Polyakov |
crypto/pkcs12: facilitate accessing data with non-interoperable password. Originally PKCS#12 subroutines treated password strings as ASCII. It worked as long as they were pure ASCII, but
crypto/pkcs12: facilitate accessing data with non-interoperable password. Originally PKCS#12 subroutines treated password strings as ASCII. It worked as long as they were pure ASCII, but if there were some none-ASCII characters result was non-interoperable. But fixing it poses problem accessing data protected with broken password. In order to make asscess to old data possible add retry with old-style password. Reviewed-by: Richard Levitte <levitte@openssl.org>
show more ...
|
#
0b7347ef |
| 20-Aug-2016 |
Dr. Stephen Henson |
Add X509_getm_notBefore, X509_getm_notAfter Add mutable versions of X509_get0_notBefore and X509_get0_notAfter. Rename X509_SIG_get0_mutable to X509_SIG_getm. Reviewed-by:
Add X509_getm_notBefore, X509_getm_notAfter Add mutable versions of X509_get0_notBefore and X509_get0_notAfter. Rename X509_SIG_get0_mutable to X509_SIG_getm. Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
show more ...
|
#
28da1455 |
| 13-Aug-2016 |
Matt Caswell |
Convert PKCS12* functions to use const getters Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Stephen Henson <steve@openssl.org>
|
#
59b4da05 |
| 17-Aug-2016 |
Dr. Stephen Henson |
Constify X509_SIG. Constify X509_SIG_get0() and order arguments to mactch new standard. Add X509_SIG_get0_mutable() to support modification or initialisation of an X509_SIG stru
Constify X509_SIG. Constify X509_SIG_get0() and order arguments to mactch new standard. Add X509_SIG_get0_mutable() to support modification or initialisation of an X509_SIG structure. Reviewed-by: Matt Caswell <matt@openssl.org>
show more ...
|
#
ac4e2577 |
| 16-Aug-2016 |
Dr. Stephen Henson |
constify X509_ALGOR_get0() Reviewed-by: Richard Levitte <levitte@openssl.org>
|