#
809526a0 |
| 07-Jun-2022 |
Michael Baentsch <57787676+baentsch@users.noreply.github.com> |
Fix for OSSL_PARAM sample code referencing OSSL_PARAM_UTF8_PTR Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz
Fix for OSSL_PARAM sample code referencing OSSL_PARAM_UTF8_PTR Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18490)
show more ...
|
#
b19fcc66 |
| 09-Jun-2021 |
Tomas Mraz |
Document that provider name can be a full path Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl
Document that provider name can be a full path Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15680)
show more ...
|
#
c4e91674 |
| 28-May-2021 |
Tomas Mraz |
Rename also the OSSL_PROVIDER_name() function Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15405)
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16 |
|
#
878be71c |
| 05-May-2021 |
Matt Caswell |
Update documentation following addition of OSSL_LIB_CTX_new_child() Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14991)
|
Revision tags: openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13, openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11, openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7 |
|
#
b0001d0c |
| 25-Sep-2020 |
Pauli |
provider: add an unquery function to allow providers to clean up. Without this, a provider has no way to know that an application has finished with the array it returned earlier. A non
provider: add an unquery function to allow providers to clean up. Without this, a provider has no way to know that an application has finished with the array it returned earlier. A non-caching provider requires this information. Fixes #12974 Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12974)
show more ...
|
#
299f5ff3 |
| 17-Feb-2021 |
Pauli |
provider: add option to load a provider without disabling the fallbacks. Add an argument to PROVIDER_try_load() that permits a provider to be loaded without changing the fallback status.
provider: add option to load a provider without disabling the fallbacks. Add an argument to PROVIDER_try_load() that permits a provider to be loaded without changing the fallback status. This is useful when an additional provider needs to be loaded without perturbing any other setup. E.g. adding mock providers as part of unit testing. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13652)
show more ...
|
#
4333b89f |
| 28-Jan-2021 |
Richard Levitte |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13999)
|
#
3bc061eb |
| 13-Jan-2021 |
Michael Baentsch |
Enhance default provider documentation Bring Wiki and man page documentation in line regarding default provider fall-back behaviour. Fixes #13844 Reviewed-by: Tomas Mra
Enhance default provider documentation Bring Wiki and man page documentation in line regarding default provider fall-back behaviour. Fixes #13844 Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13859)
show more ...
|
#
2645c94b |
| 12-Jan-2021 |
Richard Levitte |
Make the OSSL_PROVIDER manual conform with man-pages(7) Details from man-pages(7) that are used: Formatting conventions for manual pages describing functions ..
Make the OSSL_PROVIDER manual conform with man-pages(7) Details from man-pages(7) that are used: Formatting conventions for manual pages describing functions ... Variable names should, like argument names, be specified in italics. ... Formatting conventions (general) ... Special macros, which are usually in uppercase, are in bold. Exception: don't boldface NULL. ... Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13845)
show more ...
|
#
b4250010 |
| 15-Oct-2020 |
Dr. Matthias St. Pierre |
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER.
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER. The OPENSSL_CTX type stands out a little by using a different prefix. For consistency reasons, this type is renamed to OSSL_LIB_CTX. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12621)
show more ...
|
Revision tags: OpenSSL_1_1_1h |
|
#
ebe3f24b |
| 13-Aug-2020 |
Pauli |
provider: disable fall-backs if OSSL_PROVIDER_load() fails. If an attempt is made to load a provider and it fails, the fall-back mechanism should be disabled to prevent the user getting
provider: disable fall-backs if OSSL_PROVIDER_load() fails. If an attempt is made to load a provider and it fails, the fall-back mechanism should be disabled to prevent the user getting some weird happening. E.g. a failure to load the FIPS provider should not allow the default to load as a fall-back. The OSSL_PROVIDER_try_load() call has been added, to allow a provider to be loaded without disabling the fall-back mechanism if it fails. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12625)
show more ...
|
#
04cb5ec0 |
| 09-Aug-2020 |
Shane Lontis |
Add 'on demand self test' and status test to providers The default and legacy providers currently return 1 for status and self test checks. Added test to show the 3 different stages the
Add 'on demand self test' and status test to providers The default and legacy providers currently return 1 for status and self test checks. Added test to show the 3 different stages the self test can be run (for installation, loading and on demand). For the fips provider: - If the on demand self test fails, then any subsequent fetches should also fail. To implement this the cached algorithms are flushed on failure. - getting the self test callback in the fips provider is a bit complicated since the callback hangs off the core libctx (as it is set by the application) not the actual fips library context. Also the callback can be set at any time not just during the OSSL_provider_init() so it is calculated each time before doing any self test. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11752)
show more ...
|
Revision tags: openssl-3.0.0-alpha6, openssl-3.0.0-alpha5, openssl-3.0.0-alpha4, openssl-3.0.0-alpha3 |
|
#
3c49e4ff |
| 21-May-2020 |
Matt Caswell |
Add documentation about Capabilities Document the OSSL_PROVIDER_get_capabilities() function as well as the provider side support for capabilities. Reviewed-by: Shane Lontis <sha
Add documentation about Capabilities Document the OSSL_PROVIDER_get_capabilities() function as well as the provider side support for capabilities. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11914)
show more ...
|
Revision tags: openssl-3.0.0-alpha2 |
|
#
d01d3752 |
| 08-May-2020 |
Matt Caswell |
Implement OSSL_PROVIDER_get0_provider_ctx() Implement a function which enables us to get hold of the provider ctx for a loaded provider. Reviewed-by: Shane Lontis <shane.lontis@
Implement OSSL_PROVIDER_get0_provider_ctx() Implement a function which enables us to get hold of the provider ctx for a loaded provider. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11834)
show more ...
|
#
5f603a28 |
| 04-May-2020 |
Matt Caswell |
Enable applications to directly call a provider's query operation This is useful to get hold of the low-level dispatch tables. This could be used to create a new provider based on an exi
Enable applications to directly call a provider's query operation This is useful to get hold of the low-level dispatch tables. This could be used to create a new provider based on an existing one. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11834)
show more ...
|
#
a7ad40c5 |
| 18-May-2020 |
Richard Levitte |
Add OSSL_PROVIDER_do_all() This allows applications to iterate over all loaded providers. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/op
Add OSSL_PROVIDER_do_all() This allows applications to iterate over all loaded providers. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11858)
show more ...
|
Revision tags: openssl-3.0.0-alpha1 |
|
#
33388b44 |
| 23-Apr-2020 |
Matt Caswell |
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11616)
|
Revision tags: OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e |
|
#
6bd4e3f2 |
| 25-Feb-2020 |
Pauli |
cmdline app: add provider commandline options. Add a -provider option to allow providers to be loaded. This option can be specified multiple times. Add a -provider_path option t
cmdline app: add provider commandline options. Add a -provider option to allow providers to be loaded. This option can be specified multiple times. Add a -provider_path option to allow the path to providers to be specified. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11167)
show more ...
|
Revision tags: OpenSSL_1_0_2u, OpenSSL_1_0_2t, OpenSSL_1_1_0l, OpenSSL_1_1_1d |
|
#
dca97d00 |
| 14-Aug-2019 |
Richard Levitte |
Rename provider and core get_param_types functions It was argued that names like SOMETHING_set_param_types were confusing, and a rename has been proposed to SOMETHING_settable_params, an
Rename provider and core get_param_types functions It was argued that names like SOMETHING_set_param_types were confusing, and a rename has been proposed to SOMETHING_settable_params, and by consequence, SOMETHING_get_param_types is renamed SOMETHING_gettable_params. This changes implements this change for the dispatched provider and core functions. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/9591)
show more ...
|
#
36f5ec55 |
| 17-Jul-2019 |
Richard Levitte |
Add functions to see if a provider is available for use. Public function OSSL_PROVIDER_available() takes a library context and a provider name, and returns 1 if it's available for use, i
Add functions to see if a provider is available for use. Public function OSSL_PROVIDER_available() takes a library context and a provider name, and returns 1 if it's available for use, i.e. if it's possible to fetch implementations from it, otherwise 0. Internal function ossl_provider_activated() returns 1 if the given OSSL_PROVIDER is activated, otherwise 0. To make this possible, the activation of fallbacks got refactored out to a separate function, which ended up simplifying the code. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9398)
show more ...
|
#
26175013 |
| 11-Jul-2019 |
Richard Levitte |
Replace OSSL_ITEM with OSSL_PARAM as parameter descriptor, everywhere Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9346)
|
#
b37066fd |
| 10-Jul-2019 |
Richard Levitte |
Add OSSL_PROVIDER_name() Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9356)
|
#
4e7991b4 |
| 24-Jun-2019 |
Pauli |
Change OSSL_PARAM return size to not be a pointer. Instead of referencing the return size from the OSSL_PARAM structure, make the size a field within the structure. Reviewed-by:
Change OSSL_PARAM return size to not be a pointer. Instead of referencing the return size from the OSSL_PARAM structure, make the size a field within the structure. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9135)
show more ...
|
Revision tags: OpenSSL_1_1_1c, OpenSSL_1_1_0k, OpenSSL_1_0_2s, OpenSSL_1_0_2r, OpenSSL_1_1_1b |
|
#
c4532834 |
| 21-Feb-2019 |
Richard Levitte |
Add documentation Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8287)
|