|
Revision tags: openssl-3.0.0-alpha17 |
|
| #
2710ddef |
| 14-May-2021 |
Jon Spillett |
Add an evp_libctx_test test run for legacy provider
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@ora
Add an evp_libctx_test test run for legacy provider
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/15276)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13 |
|
| #
8020d79b |
| 11-Mar-2021 |
Matt Caswell |
Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14512)
|
|
Revision tags: openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11, openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7 |
|
| #
e25b4db7 |
| 29-Sep-2020 |
Richard Levitte |
TEST: Remove the build of fipsmodule.cnf from test recipes
The exception is the test recipe that tests 'openssl fipsinstall'.
However, that one uses a different output file name, so it's
TEST: Remove the build of fipsmodule.cnf from test recipes
The exception is the test recipe that tests 'openssl fipsinstall'.
However, that one uses a different output file name, so it's safe.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14320)
show more ...
|
| #
d5e8d260 |
| 02-Dec-2020 |
Matt Caswell |
Don't load the legacy provider in test_evp_libctx unnecessarily
We don't need the legacy provider, so don't load it. This avoids
problems in a no-legacy build
Reviewed-by: Richa
Don't load the legacy provider in test_evp_libctx unnecessarily
We don't need the legacy provider, so don't load it. This avoids
problems in a no-legacy build
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13595)
show more ...
|
| #
122e81f0 |
| 17-Oct-2020 |
Richard Levitte |
test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
The FIPS provider module doesn't have any encoders, the base provider
is needed for that.
Reviewed-by: Paul Dale <paul.d
test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
The FIPS provider module doesn't have any encoders, the base provider
is needed for that.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13167)
show more ...
|
|
Revision tags: OpenSSL_1_1_1h, openssl-3.0.0-alpha6 |
|
| #
90409da6 |
| 22-Jul-2020 |
Shane Lontis |
Fix provider cipher reinit issue
Fixes #12405
Fixes #12377
Calling Init()/Update() and then Init()/Update() again gave a different result when using the same key and iv.
Cip
Fix provider cipher reinit issue
Fixes #12405
Fixes #12377
Calling Init()/Update() and then Init()/Update() again gave a different result when using the same key and iv.
Cipher modes that were using ctx->num were not resetting this value, this includes OFB, CFB & CTR.
The fix is to reset this value during the ciphers einit() and dinit() methods.
Most ciphers go thru a generic method so one line fixes most cases.
Add test for calling EVP_EncryptInit()/EVP_EncryptUpdate() multiple times for all ciphers.
Ciphers should return the same value for both updates.
DES3-WRAP does not since it uses a random in the update.
CCM modes currently also fail on the second update (This also happens in 1_1_1).
Fix memory leak in AES_OCB cipher if EVP_EncryptInit is called multiple times.
Fix AES_SIV cipher dup_ctx and init.
Calling EVP_CIPHER_init multiple times resulted in a memory leak in the siv.
Fixing this leak also showed that the dup ctx was not working for siv mode.
Note: aes_siv_cleanup() can not be used by aes_siv_dupctx() as it clears data
that is required for the decrypt (e.g the tag).
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12413)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha5 |
|
| #
29571504 |
| 09-Jul-2020 |
Shane Lontis |
Fix wrong fipsinstall key used in test
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/124
Fix wrong fipsinstall key used in test
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12402)
show more ...
|
| #
63794b04 |
| 09-Jul-2020 |
Shane Lontis |
Add multiple fixes for ffc key generation using invalid p,q,g parameters.
Fixes #11864
- The dsa keygen assumed valid p, q, g values were being passed. If this is not correct then i
Add multiple fixes for ffc key generation using invalid p,q,g parameters.
Fixes #11864
- The dsa keygen assumed valid p, q, g values were being passed. If this is not correct then it is
possible that dsa keygen can either hang or segfault.
The fix was to do a partial validation of p, q, and g inside the keygen.
- Fixed a potential double free in the dsa keypair test in the case when in failed (It should never fail!).
It freed internal object members without setting them to NULL.
- Changed the FFC key validation to accept 1024 bit keys in non fips mode.
- Added tests that use both the default provider & fips provider to test these cases.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12176)
show more ...
|
