Add missing HISTORY sections for OpenSSL 3.0 related documents.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com

Add missing HISTORY sections for OpenSSL 3.0 related documents.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19690)

show more ...

Update copyright year

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Release: yes

doc: fix example in ssh KDF man page.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17

doc: fix example in ssh KDF man page.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17972)

show more ...

Fix the example SSH KDF code.

A salt was being set instead of a session ID.

Fixes #16525

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/ope

Fix the example SSH KDF code.

A salt was being set instead of a session ID.

Fixes #16525

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16550)

show more ...

doc: document additional argument to KDF derive calls

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14310)

Allow the sshkdf type to be passed as a single character

This partially reverts commit 270a5ce1d9ea579a2f1d45887971582b1ef2b6a1.

This also slightly modifies the way diverse paramete

Allow the sshkdf type to be passed as a single character

This partially reverts commit 270a5ce1d9ea579a2f1d45887971582b1ef2b6a1.

This also slightly modifies the way diverse parameters in are
specified in providers/fips/self_test_data.inc for better consistency.

Fixes #14027

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14035)

show more ...

OSSL_PARAM: Correct the assumptions on the UTF8 string length

When the string "ABCDEFGH" is passed, what's considered its data, this?

{ 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H' }

OSSL_PARAM: Correct the assumptions on the UTF8 string length

When the string "ABCDEFGH" is passed, what's considered its data, this?

{ 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H' }

or this?

{ 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', '\0' }

If it's passed as a pass phrase, should the terminating NUL byte be
considered part of the pass phrase, or not?

Our treatment of OSSL_PARAMs with the data type OSSL_PARAM_UTF8_STRING
set the length of the string to include the terminating NUL byte,
which is quite confusing. What should the recipient of such a string
believe?

Instead of perpetuating this confusion, we change the assumption to
set the OSSL_PARAM to the length of the string, not including the
terminating NUL byte, thereby giving it the same value as a strlen()
call would give.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14168)

show more ...

Update copyright year

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14235)

Fix parameter types in sshkdf

Handling of parameter OSSL_KDF_PARAM_SSHKDF_TYPE mixed integer and string
parameters. This caused endianness problems on big-endian machines. As a
res

Fix parameter types in sshkdf

Handling of parameter OSSL_KDF_PARAM_SSHKDF_TYPE mixed integer and string
parameters. This caused endianness problems on big-endian machines. As a
result, it is not possible to pass FIPS tests since the parameter was stored
with an integer value but read via a cast to char pointer. While this works
on little endian machines, big endian s390 read the most significant bits
instead of the least significant (as done by, e.g., x86). Change the
parameter to char array and fix the usages.

Signed-off-by: Juergen Christ <jchrist@linux.ibm.com>

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com>
(Merged from https://github.com/openssl/openssl/pull/13781)

show more ...

Rename EVP_KDF_size() to EVP_KDF_CTX_get_kdf_size().

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13116)

Revert "kdf: make function naming consistent."

The commit claimed to make things more consistent. In fact it makes it
less so. Revert back to the previous namig convention.

This

Revert "kdf: make function naming consistent."

The commit claimed to make things more consistent. In fact it makes it
less so. Revert back to the previous namig convention.

This reverts commit 765d04c9460a304c8119f57941341a149498b9db.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12186)

show more ...

kdf: make function naming consistent.

The EVP_KDF_CTX_* functions have been relocated to the EVP_KDF_* namespace
for consistency.

Reviewed-by: Richard Levitte <levitte@openssl.o

kdf: make function naming consistent.

The EVP_KDF_CTX_* functions have been relocated to the EVP_KDF_* namespace
for consistency.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11996)

show more ...

Update copyright year

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11839)

Amend references to "OpenSSL license"

A small number of files contain references to the "OpenSSL license"
which has been deprecated and replaced by the "Apache License 2.0".
Amend th

Amend references to "OpenSSL license"

A small number of files contain references to the "OpenSSL license"
which has been deprecated and replaced by the "Apache License 2.0".
Amend the occurences.

Fixes #11649

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11663)

show more ...

Fix L<> entries without sections

Add sections (almost always "(3)" to L<> references that were missing
them. Among other things, this
Fixes: #10226

Also remove two reference

Fix L<> entries without sections

Add sections (almost always "(3)" to L<> references that were missing
them. Among other things, this
Fixes: #10226

Also remove two references to non-existant manpages that have never
existed, and with the 3.0 structure, are unlikely to do so.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10240)

show more ...

Fix L<EVP_KDF-derive> to L<EVP_DEF_derive>

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://git

Fix L<EVP_KDF-derive> to L<EVP_DEF_derive>

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/10096)

show more ...

Make doc/man7/ and doc/internal/man3/ conform with man-pages(7)

It's all in the details, from man-pages(7):

Formatting conventions for manual pages describing functions

Make doc/man7/ and doc/internal/man3/ conform with man-pages(7)

It's all in the details, from man-pages(7):

Formatting conventions for manual pages describing functions

...
Variable names should, like argument names, be specified in italics.
...

Formatting conventions (general)

...
Special macros, which are usually in uppercase, are in bold.
Exception: don't boldface NULL.
...

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10034)

show more ...

Reformat param description lines

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10024)

Use OSSL_PARAM types for KDF documentation

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10011)

Fix links to functions.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9905)

Clean up KDF documentation in section 7.

The EVP_KDF_ctrl function doesn't exist anymore and have been replaced by
EVP_KDF_CTX_set_params.

The EVP_KDF_new_id function doesn't ex

Clean up KDF documentation in section 7.

The EVP_KDF_ctrl function doesn't exist anymore and have been replaced by
EVP_KDF_CTX_set_params.

The EVP_KDF_new_id function doesn't exist either and EVP_KDF_new should be
used instead.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9905)

show more ...

Fix examples in the section 7 KDF man pages.

All of the examples called EVP_KDF_set_params() when they should have been
calling EVP_KDF_CTX_set_params().

Reviewed-by: Richard Le

Fix examples in the section 7 KDF man pages.

All of the examples called EVP_KDF_set_params() when they should have been
calling EVP_KDF_CTX_set_params().

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9898)

show more ...

Update KDF documentation (section 7)

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9662)