#
da1c088f |
| 07-Sep-2023 |
Matt Caswell |
Copyright year updates Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes
|
#
3859a027 |
| 28-Aug-2023 |
slontis |
Change PBES2 KDF default salt length to 16 bytes. The PKCS5 (RFC 8018) standard uses a 64 bit salt length for PBE, and recommends a minimum of 64 bits for PBES2. For FIPS compliance PBKD
Change PBES2 KDF default salt length to 16 bytes. The PKCS5 (RFC 8018) standard uses a 64 bit salt length for PBE, and recommends a minimum of 64 bits for PBES2. For FIPS compliance PBKDF2 requires a salt length of 128 bits. This affects OpenSSL command line applications such as "genrsa" and "pkcs8" and API's such as PEM_write_bio_PrivateKey() that are reliant on the default salt length. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21858)
show more ...
|
#
b2ccfd81 |
| 04-Jul-2022 |
Clemens Lang |
APPS: genrsa: Support setting properties The -provider and -propquery options did not work on genrsa. Fix this and add a test that checks that operations that would usually fail with
APPS: genrsa: Support setting properties The -provider and -propquery options did not work on genrsa. Fix this and add a test that checks that operations that would usually fail with the FIPS provider work when run with | -provider default -propquery '?fips!=yes' See also 30b2c3592e8511b60d44f93eb657a1ecb3662c08, which previously fixed the same problem in dsaparam and gendsa. See also the initial report in https://bugzilla.redhat.com/show_bug.cgi?id=2094956. Signed-off-by: Clemens Lang <cllang@redhat.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/18717)
show more ...
|
#
fecb3aae |
| 03-May-2022 |
Matt Caswell |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> Release: yes
|
#
21095479 |
| 07-Jan-2022 |
Bernd Edlinger |
Add a test case for the short password Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17441)
|
#
64360304 |
| 01-Jun-2021 |
Pauli |
rsa: make the maximum key strength check FIPS only. To be reverted once key generation checks are added everywhere and a way to disable them implemented. Fixes #15502 R
rsa: make the maximum key strength check FIPS only. To be reverted once key generation checks are added everywhere and a way to disable them implemented. Fixes #15502 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15560)
show more ...
|
#
5c99d57e |
| 26-May-2021 |
Pauli |
test: add test for key generation strength > RNG strength Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.
test: add test for key generation strength > RNG strength Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15472)
show more ...
|
#
dfad3a00 |
| 26-May-2021 |
Pauli |
test: test genrsa in deprecated builds These tests were omitted when genrsa was deprecated but not returned when it was restored. Reviewed-by: Shane Lontis <shane.lontis@oracle.
test: test genrsa in deprecated builds These tests were omitted when genrsa was deprecated but not returned when it was restored. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15472)
show more ...
|
#
1ee04b79 |
| 25-May-2021 |
Shane Lontis |
Fix buffer overflow when generating large RSA keys in FIPS mode. A pairwise test runs only in FIPS mode. An assumption about the size of the 'to' buffer passed to RSA_private_decrypt
Fix buffer overflow when generating large RSA keys in FIPS mode. A pairwise test runs only in FIPS mode. An assumption about the size of the 'to' buffer passed to RSA_private_decrypt() was incorrect. It needs to be up to RSA_size() bytes long - so a fixed buffer of 256 bytes was not large enough. An exiting malloc has increased in size to allocate buffer space for both the encrypt and decrypt buffer. The existing test used 2080 bits which was not quite large enough to trigger the issue. A test using 3072 bits has been added. Reported by Mark Powers from Acumen. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15447)
show more ...
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13, openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11, openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7 |
|
#
e25b4db7 |
| 29-Sep-2020 |
Richard Levitte |
TEST: Remove the build of fipsmodule.cnf from test recipes The exception is the test recipe that tests 'openssl fipsinstall'. However, that one uses a different output file name, so it's
TEST: Remove the build of fipsmodule.cnf from test recipes The exception is the test recipe that tests 'openssl fipsinstall'. However, that one uses a different output file name, so it's safe. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14320)
show more ...
|
#
a28d06f3 |
| 18-Feb-2021 |
Matt Caswell |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14235)
|
#
7dc67708 |
| 26-Dec-2020 |
Petr Gotthard |
apps/openssl: add -propquery command line option Fixes #13656. Right now all openssl commands use a NULL propq. This patch adds a possibility to specify a custom propq. The impl
apps/openssl: add -propquery command line option Fixes #13656. Right now all openssl commands use a NULL propq. This patch adds a possibility to specify a custom propq. The implementation follows the example of set_nameopt/get_nameopt. Various tools had to be modified to call app_get0_propq after it has been populated. Otherwise the -propquery has no effect. The tests then verify the -propquery affects the tool behaviour by requesting a non-existing property. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13707)
show more ...
|
Revision tags: OpenSSL_1_1_1h |
|
#
7192e4df |
| 30-Aug-2020 |
Richard Levitte |
TEST: Ensure that the base provider i activated when needed The fips providers can't be activated alone if encoding, decoding or STORE are going to be used. To enable this, we s
TEST: Ensure that the base provider i activated when needed The fips providers can't be activated alone if encoding, decoding or STORE are going to be used. To enable this, we selectively use test/fips-and-base.cnf instead of test/fips.cnf in our test recipes. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12587)
show more ...
|
#
c9dcbc07 |
| 17-Aug-2020 |
Pauli |
Apps: change provider_path option to provider-path. The applications use '-' in options not '_'. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.c
Apps: change provider_path option to provider-path. The applications use '-' in options not '_'. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12662)
show more ...
|
Revision tags: openssl-3.0.0-alpha6, openssl-3.0.0-alpha5, openssl-3.0.0-alpha4 |
|
#
7c9a7cf1 |
| 16-Jun-2020 |
Shane Lontis |
Add fix for RSA keygen in FIPS using keysizes 2048 < bits < 3072 Fixes #11863 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1
Add fix for RSA keygen in FIPS using keysizes 2048 < bits < 3072 Fixes #11863 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12162)
show more ...
|
#
8bf37709 |
| 09-Jun-2020 |
Shane Lontis |
Update RSA keygen to use sp800-56b by default Fixes #11742 Fixes #11764 The newer RSA sp800-56b algorithm is being used for the normal case of a non multiprime key of at least l
Update RSA keygen to use sp800-56b by default Fixes #11742 Fixes #11764 The newer RSA sp800-56b algorithm is being used for the normal case of a non multiprime key of at least length 2048. Insecure key lengths and mutltiprime RSA will use the old method. Bad public exponents are no longer allowed (i.e values less than 65537 or even). Values such as 2 that would cause a infinite loop now result in an error. The value of 3 has been marked as deprecated but is still allowed for legacy purposes. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11765)
show more ...
|
Revision tags: openssl-3.0.0-alpha3, openssl-3.0.0-alpha2, openssl-3.0.0-alpha1 |
|
#
33388b44 |
| 23-Apr-2020 |
Matt Caswell |
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11616)
|
Revision tags: OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e |
|
#
c5f87134 |
| 12-Feb-2020 |
Pauli |
Deprecate the low level RSA functions. Use of the low level RSA functions has been informally discouraged for a long time. We now formally deprecate them. Reviewed-by: Richard L
Deprecate the low level RSA functions. Use of the low level RSA functions has been informally discouraged for a long time. We now formally deprecate them. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11063)
show more ...
|
Revision tags: OpenSSL_1_0_2u, OpenSSL_1_0_2t, OpenSSL_1_1_0l, OpenSSL_1_1_1d, OpenSSL_1_1_1c, OpenSSL_1_1_0k, OpenSSL_1_0_2s, OpenSSL_1_0_2r, OpenSSL_1_1_1b |
|
#
909f1a2e |
| 06-Dec-2018 |
Richard Levitte |
Following the license change, modify the boilerplates in test/ Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7767)
|
Revision tags: OpenSSL_1_0_2q, OpenSSL_1_1_0j, OpenSSL_1_1_1a, OpenSSL_1_1_1, OpenSSL_1_1_1-pre9, OpenSSL_1_0_2p, OpenSSL_1_1_0i, OpenSSL_1_1_1-pre8, OpenSSL_1_1_1-pre7, OpenSSL_1_1_1-pre6, OpenSSL_1_1_1-pre5 |
|
#
28428130 |
| 17-Apr-2018 |
Richard Levitte |
Update copyright year Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5990)
|
Revision tags: OpenSSL_1_1_1-pre4, OpenSSL_1_0_2o, OpenSSL_1_1_0h |
|
#
1b9f41a0 |
| 26-Mar-2018 |
Richard Levitte |
test/recipes/test_genrsa.t : don't fail because of size limit changes There is a test to check that 'genrsa' doesn't accept absurdly low number of bits. Apart from that, this test is de
test/recipes/test_genrsa.t : don't fail because of size limit changes There is a test to check that 'genrsa' doesn't accept absurdly low number of bits. Apart from that, this test is designed to check the working functionality of 'openssl genrsa', so instead of having a hard coded lower limit on the size key, let's figure out what it is. Partially fixes #5751 Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/5754) (cherry picked from commit ec46830f8a4ce62c0c8ee7677b1eb8e53ee16df1)
show more ...
|
Revision tags: OpenSSL_1_1_1-pre3, OpenSSL_1_1_1-pre2, OpenSSL_1_1_1-pre1, OpenSSL_1_0_2n, OpenSSL_1_0_2m, OpenSSL_1_1_0g |
|
#
cac19d19 |
| 18-Oct-2017 |
Sebastian Andrzej Siewior |
rsa: Do not allow less than 512 bit RSA keys As per documentation, the RSA keys should not be smaller than 64bit (the documentation mentions something about a quirk in the prime generati
rsa: Do not allow less than 512 bit RSA keys As per documentation, the RSA keys should not be smaller than 64bit (the documentation mentions something about a quirk in the prime generation algorithm). I am adding check into the code which used to be 16 for some reason. My primary motivation is to get rid of the last sentence in the documentation which suggest that typical keys have 1024 bits (instead updating it to the now default 2048). I *assume* that keys less than the 2048 bits (say 512) are used for education purposes. The 512 bits as the minimum have been suggested by Bernd Edlinger. Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4547)
show more ...
|
Revision tags: OpenSSL_1_0_2l, OpenSSL_1_1_0f, OpenSSL-fips-2_0_16 |
|
#
69795831 |
| 06-Mar-2017 |
Rich Salz |
Fix an endless loop in rsa_builtin_keygen. And add a test case. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from ht
Fix an endless loop in rsa_builtin_keygen. And add a test case. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2757)
show more ...
|