#
d977a26e |
| 06-Dec-2021 |
Richard Levitte |
Make OSSL_provider_init() OPENSSL_EXPORT, not just extern On non-Windows systems, there's no difference at all. On Windows systems, __declspec(dllexport) is added, which ensures it gets
Make OSSL_provider_init() OPENSSL_EXPORT, not just extern On non-Windows systems, there's no difference at all. On Windows systems, __declspec(dllexport) is added, which ensures it gets exported no matter what. Fixes #17203 Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17215)
show more ...
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16 |
|
#
7b88c184 |
| 23-Apr-2021 |
Matt Caswell |
Register callbacks with core for child provider creation/deletion By adding callbacks to the core this will enable (in future commits) the ability to add/remove child providers as the pr
Register callbacks with core for child provider creation/deletion By adding callbacks to the core this will enable (in future commits) the ability to add/remove child providers as the providers are added/removed from the parent libctx. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14991)
show more ...
|
Revision tags: openssl-3.0.0-alpha15 |
|
#
f12a5690 |
| 21-Apr-2021 |
Matt Caswell |
Add the concept of a child OSSL_LIB_CTX Add a child OSSL_LIB_CTX that will mirror the providers loaded into the parent libctx. This is useful for providers that want to use algorithms
Add the concept of a child OSSL_LIB_CTX Add a child OSSL_LIB_CTX that will mirror the providers loaded into the parent libctx. This is useful for providers that want to use algorithms from other providers and just need to inherit the providers used by the application. Fixes #14925 Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14991)
show more ...
|
#
6ef2f71a |
| 05-May-2021 |
Daniel Bevenius |
Clarify where dispatch functions/ids are defined When reading the comment for ossl_dispatch_st it seems to indicate that the function_id numbers are defined further down in the same file
Clarify where dispatch functions/ids are defined When reading the comment for ossl_dispatch_st it seems to indicate that the function_id numbers are defined further down in the same file. But I was not able to find them there, but instead in core_dispatch.h. This commit suggests updating the comment to point to core_dispatch.h Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15156)
show more ...
|
Revision tags: openssl-3.0.0-alpha14, OpenSSL_1_1_1k |
|
#
309a78aa |
| 16-Mar-2021 |
Richard Levitte |
CORE: Add an algorithm_description field to OSSL_ALGORITHM This corresponds to the |info| field in EVP_PKEY_ASN1_METHOD, as well as the generic use of OBJ_nid2ln() as a one line descript
CORE: Add an algorithm_description field to OSSL_ALGORITHM This corresponds to the |info| field in EVP_PKEY_ASN1_METHOD, as well as the generic use of OBJ_nid2ln() as a one line description. We also add the base functionality to make use of this field. Fixes #14514 Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14656)
show more ...
|
Revision tags: openssl-3.0.0-alpha13, openssl-3.0.0-alpha12 |
|
#
a28d06f3 |
| 18-Feb-2021 |
Matt Caswell |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14235)
|
Revision tags: OpenSSL_1_1_1j |
|
#
d59068bd |
| 06-Feb-2021 |
FdaSilvaYY |
include/openssl: add a few missing #pragma once directives Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from htt
include/openssl: add a few missing #pragma once directives Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/14096)
show more ...
|
Revision tags: openssl-3.0.0-alpha11, openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7, OpenSSL_1_1_1h |
|
#
c0f39ded |
| 22-Aug-2020 |
Shane Lontis |
Add Explicit EC parameter support to providers. This was added for backward compatability. Added EC_GROUP_new_from_params() that supports explicit curve parameters. This fixes t
Add Explicit EC parameter support to providers. This was added for backward compatability. Added EC_GROUP_new_from_params() that supports explicit curve parameters. This fixes the 15-test_genec.t TODO. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12604)
show more ...
|
Revision tags: openssl-3.0.0-alpha6, openssl-3.0.0-alpha5, openssl-3.0.0-alpha4, openssl-3.0.0-alpha3 |
|
#
c3fc2c53 |
| 25-May-2020 |
Pauli |
core: add OSSL_INOUT_CALLBACK Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/11682)
|
Revision tags: openssl-3.0.0-alpha2 |
|
#
d40b42ab |
| 06-May-2020 |
Matt Caswell |
Maintain strict type discipline between the core and providers A provider could be linked against a different version of libcrypto than the version of libcrypto that loaded the provider.
Maintain strict type discipline between the core and providers A provider could be linked against a different version of libcrypto than the version of libcrypto that loaded the provider. Different versions of libcrypto could define opaque types differently. It must never occur that a type created in one libcrypto is used directly by the other libcrypto. This will cause crashes. We can "cheat" for "built-in" providers that are part of libcrypto itself, because we know that the two libcrypto versions are the same - but not for other providers. To ensure this does not occur we use different types names for the handful of opaque types that are passed between the core and providers. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11758)
show more ...
|
Revision tags: openssl-3.0.0-alpha1 |
|
#
33388b44 |
| 23-Apr-2020 |
Matt Caswell |
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11616)
|
Revision tags: OpenSSL_1_1_1g |
|
#
82e1fc1b |
| 07-Apr-2020 |
Pauli |
params: add a warning about the PTR types. The warning is deter the unsure -- if in doubt the PTR type is almost certainly NOT what you should be using. Reviewed-by: Tomas Mraz
params: add a warning about the PTR types. The warning is deter the unsure -- if in doubt the PTR type is almost certainly NOT what you should be using. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11480)
show more ...
|
Revision tags: OpenSSL_1_1_1f, OpenSSL_1_1_1e, OpenSSL_1_0_2u |
|
#
0d003c52 |
| 18-Nov-2019 |
Richard Levitte |
SERIALIZER: New API for serialization of objects through providers Serialization is needed to be able to take a provider object (such as the provider side key data) and output it in PEM
SERIALIZER: New API for serialization of objects through providers Serialization is needed to be able to take a provider object (such as the provider side key data) and output it in PEM form, DER form, text form (for display), and possibly other future forms (XML? JSON? JWK?) The idea is that a serializer should be able to handle objects it has intimate knowledge of, as well as object data in OSSL_PARAM form. The latter will allow libcrypto to serialize some object with a different provider than the one holding the data, if exporting of that data is allowed and there is a serializer that can handle it. We will provide serializers for the types of objects we know about, which should be useful together with any other provider that provides implementations of the same type of object. Serializers are selected by method name and a couple of additional properties: - format used to tell what format the output should be in. Possibilities could include "format=text", "format=pem", "format=der", "format=pem-pkcs1" (traditional), "format=der-pkcs1" (traditional) - type used to tell exactly what type of data should be output, for example "type=public" (the public part of a key), "type=private" (the private part of a key), "type=domainparams" (domain parameters). This also adds a passphrase callback function type, OSSL_PASSPHRASE_CALLBACK, which is a bit like OSSL_CALLBACK, but it takes a few extra arguments to place the result in. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10394)
show more ...
|
#
10e7216e |
| 11-Nov-2019 |
Richard Levitte |
CORE: Add a generic callback function type This offers a very generic way to define a callback as well as calling it. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged fr
CORE: Add a generic callback function type This offers a very generic way to define a callback as well as calling it. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10412)
show more ...
|
Revision tags: OpenSSL_1_0_2t, OpenSSL_1_1_0l, OpenSSL_1_1_1d, OpenSSL_1_1_1c, OpenSSL_1_1_0k, OpenSSL_1_0_2s |
|
#
695d195b |
| 23-May-2019 |
Richard Levitte |
Replumbing: make it possible for providers to specify multiple names This modifies the treatment of algorithm name strings to allow multiple names separated with colons. Reviewe
Replumbing: make it possible for providers to specify multiple names This modifies the treatment of algorithm name strings to allow multiple names separated with colons. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/8985)
show more ...
|
#
ae4186b0 |
| 27-Sep-2019 |
Dr. Matthias St. Pierre |
Fix header file include guard names Make the include guards consistent by renaming them systematically according to the naming conventions below For the public header files (in
Fix header file include guard names Make the include guards consistent by renaming them systematically according to the naming conventions below For the public header files (in the 'include/openssl' directory), the guard names try to match the path specified in the include directives, with all letters converted to upper case and '/' and '.' replaced by '_'. For the private header files files, an extra 'OSSL_' is added as prefix. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9333)
show more ...
|
#
50cd4768 |
| 27-Sep-2019 |
Dr. Matthias St. Pierre |
Reorganize public header files (part 1) Rename <openssl/ossl_typ.h> to <openssl/types.h>. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/open
Reorganize public header files (part 1) Rename <openssl/ossl_typ.h> to <openssl/types.h>. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9333)
show more ...
|
#
26175013 |
| 11-Jul-2019 |
Richard Levitte |
Replace OSSL_ITEM with OSSL_PARAM as parameter descriptor, everywhere Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9346)
|
#
4bd8b240 |
| 16-Jul-2019 |
Pauli |
remove end of line spaces Reviewed-by: Paul Yang <yang.yang@baishancloud.com> (Merged from https://github.com/openssl/openssl/pull/9397)
|
#
4e7991b4 |
| 24-Jun-2019 |
Pauli |
Change OSSL_PARAM return size to not be a pointer. Instead of referencing the return size from the OSSL_PARAM structure, make the size a field within the structure. Reviewed-by:
Change OSSL_PARAM return size to not be a pointer. Instead of referencing the return size from the OSSL_PARAM structure, make the size a field within the structure. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9135)
show more ...
|
#
da747958 |
| 27-May-2019 |
Matt Caswell |
Tell the FIPS provider about thread stop events The RAND code needs to know about threads stopping in order to cleanup local thread data. Therefore we add a callback for libcrypto to tel
Tell the FIPS provider about thread stop events The RAND code needs to know about threads stopping in order to cleanup local thread data. Therefore we add a callback for libcrypto to tell providers about such events. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9040)
show more ...
|
#
a39eb840 |
| 30-Apr-2019 |
Richard Levitte |
Replumbing: give the possibility for the provider to create a context OSSL_provider_init() gets another output parameter, holding a pointer to a provider side context. It's entirely up
Replumbing: give the possibility for the provider to create a context OSSL_provider_init() gets another output parameter, holding a pointer to a provider side context. It's entirely up to the provider to define the context and what it's being used for. This pointer is passed back to other provider functions, typically the provider global get_params and set_params functions, and also the diverse algorithm context creators, and of course, the teardown function. With this, a provider can be instantiated more than once, or be re-loaded as the case may be, while maintaining instance state. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8848)
show more ...
|
#
d88736df |
| 19-Mar-2019 |
Richard Levitte |
Windows, VMS: build fixes The naming of generated assembler wasn't done quite right. There are assembler files that are generated from a perl script, and there are those who are not
Windows, VMS: build fixes The naming of generated assembler wasn't done quite right. There are assembler files that are generated from a perl script, and there are those who are not. Only the former must be renamed to the platform specific asm extension. Furthermore, we need to make sure that 'OSSL_provider_init' isn't case sensitive on VMS, to allow for the least surprise for provider builders. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8529)
show more ...
|
Revision tags: OpenSSL_1_0_2r, OpenSSL_1_1_1b |
|
#
7ffbd7ca |
| 22-Feb-2019 |
Pauli |
OSSL_PARAM helper functions. Provide a number of functions to allow parameters to be set and retrieved in a type safe manner. Functions are provided for many integral types plus dou
OSSL_PARAM helper functions. Provide a number of functions to allow parameters to be set and retrieved in a type safe manner. Functions are provided for many integral types plus double, BIGNUM, UTF8 strings and OCTET strings. All of the integer functions will widen the parameter data as required. This permits a degree of malleability in the parameter definition. For example a type can be changed from a thirty two bit integer to a sixty four bit one without changing application code. Only four and eight byte integral sizes are supported here. A pair of real functions are available for doubles. A pair of functions is available for BIGNUMs. These accept any sized unsigned integer input and convert to/from a BIGNUM. For each OCTET and UTF8 strings, four functions are defined. This provide get and set functionality for string and for pointers to strings. The latter avoiding copies but have other inherent risks. Finally, some utility macros and functions are defined to allow OSSL_PARAM definition arrays to be specified in a simple manner. There are two macro and one function for most types. The exception being BIGNUM, for which there is one macro and one function. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8451)
show more ...
|
#
8c4412ed |
| 11-Mar-2019 |
Richard Levitte |
Rename 'buffer' to 'data' in OSSL_PARAM The OSSL_PARAM attribute names |buffer| and |buffer_size| may lead to confusion, as they may make some think that the memory pointed at is an
Rename 'buffer' to 'data' in OSSL_PARAM The OSSL_PARAM attribute names |buffer| and |buffer_size| may lead to confusion, as they may make some think that the memory pointed at is an intermediate memory are. This is not generally the case, so we rename |buffer| and |buffer_size| to |data| and |data_size| Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8451)
show more ...
|