5c825881 | 05-Sep-2024 |
Tomas Mraz |
CHANGES.md, NEWS.md: Add 3.5 sections Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com>
CHANGES.md, NEWS.md: Add 3.5 sections Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from https://github.com/openssl/openssl/pull/25393)
show more ...
|
3e3a2bfc | 05-Sep-2024 |
Tomas Mraz |
libcrypto/libssl.num: Set the numbers for 3_4_0 symbols Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <ppzg
libcrypto/libssl.num: Set the numbers for 3_4_0 symbols Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from https://github.com/openssl/openssl/pull/25393)
show more ...
|
314c327b | 05-Sep-2024 |
Tomas Mraz |
NEWS.md: Add missing link to 3.4 section Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com>
NEWS.md: Add missing link to 3.4 section Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from https://github.com/openssl/openssl/pull/25393)
show more ...
|
dc5afb7e | 04-Sep-2024 |
Ingo Franzki |
s390x: Fix s390x_shake_squeeze() when MSA 12 is available On the first squeeze call, when finishing the absorb process, also set the NIP flag, if we are still in XOF_STATE_INIT state. Wh
s390x: Fix s390x_shake_squeeze() when MSA 12 is available On the first squeeze call, when finishing the absorb process, also set the NIP flag, if we are still in XOF_STATE_INIT state. When MSA 12 is available, the state buffer A has not been zeroed during initialization, thus we must also pass the NIP flag here. This situation can happen when a squeeze is performed without a preceding absorb (i.e. a SHAKE of the empty message). Add a test that performs a squeeze without a preceding absorb and check if the result is correct. Fixes: https://github.com/openssl/openssl/commit/25f5d7b85f6657cd2f9f1ab7ae87f319d9bafe54 Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25388)
show more ...
|
979dc530 | 05-Sep-2024 |
Ingo Franzki |
s390x: Fix s390x_sha3_absorb() when no data is processed by KIMD If the data to absorb is less than a block, then the KIMD instruction is called with zero bytes. This is superfluous, and
s390x: Fix s390x_sha3_absorb() when no data is processed by KIMD If the data to absorb is less than a block, then the KIMD instruction is called with zero bytes. This is superfluous, and causes incorrect hash output later on if this is the very first absorb call, i.e. when the xof_state is still XOF_STATE_INIT and MSA 12 is available. In this case the NIP flag is set in the function code for KIMD, but KIMD ignores the NIP flag when it is called with zero bytes to process. Skip any KIMD calls for zero length data. Also do not set the xof_state to XOF_STATE_ABSORB until the first call to KIMD with data. That way, the next KIMD (with non-zero length data) or KLMD call will get the NIP flag set and will then honor it to produce correct output. Fixes: https://github.com/openssl/openssl/commit/25f5d7b85f6657cd2f9f1ab7ae87f319d9bafe54 Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25388)
show more ...
|
8af4c02e | 29-Aug-2024 |
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
Dependabot update CLA: trivial (deps): Bump actions/setup-python Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.1.1 to 5.2.0. - [Release n
Dependabot update CLA: trivial (deps): Bump actions/setup-python Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.1.1 to 5.2.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v5.1.1...v5.2.0) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25328)
show more ...
|
65e32c68 | 04-Sep-2024 |
dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
Dependabot update CLA: trivial (deps): bump actions/download-artifact Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.1.7 to 4.1.8.
Dependabot update CLA: trivial (deps): bump actions/download-artifact Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.1.7 to 4.1.8. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v4.1.7...v4.1.8) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25385)
show more ...
|
60725f85 | 04-Sep-2024 |
PIums |
argon2: Fixed an thread availability error string Correctly display the number of requested threads and the number of available threads. CLA: trivial Reviewed-by: Paul
argon2: Fixed an thread availability error string Correctly display the number of requested threads and the number of available threads. CLA: trivial Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25375)
show more ...
|
f60b3c5f | 03-Sep-2024 |
Jiasheng Jiang |
crypto/pkcs12/p12_mutl.c: Add check and EVP_MD_free() for EVP_MD_fetch() Add check and EVP_MD_free() for EVP_MD_fetch() to avoid NULL pointer dereference and memory leak, like "md_fetch"
crypto/pkcs12/p12_mutl.c: Add check and EVP_MD_free() for EVP_MD_fetch() Add check and EVP_MD_free() for EVP_MD_fetch() to avoid NULL pointer dereference and memory leak, like "md_fetch". Fixes: fe79159be0 ("Implementation of the RFC 9579, PBMAC1 in PKCS#12") Signed-off-by: Jiasheng Jiang <jiashengjiangcool@outlook.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25370)
show more ...
|
84393370 | 31-Aug-2024 |
Viktor Dukhovni |
Drop redundant non-negative checks on unsigned values Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove
Drop redundant non-negative checks on unsigned values Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> (Merged from https://github.com/openssl/openssl/pull/25341)
show more ...
|
6fd9bc65 | 30-Aug-2024 |
Pablo Rodríguez |
blank line required to display code in `openssl-ts.pod.in` CLA:trivial Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Revi
blank line required to display code in `openssl-ts.pod.in` CLA:trivial Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25338)
show more ...
|
f2b7a00f | 29-Aug-2024 |
Alessandro Chitarrini |
Fix inaccurate comment about default nonce length in demos/cipher/aesccm.c Fixes #25270 CLA: trivial Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Da
Fix inaccurate comment about default nonce length in demos/cipher/aesccm.c Fixes #25270 CLA: trivial Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25318)
show more ...
|
91833068 | 28-Aug-2024 |
Jonathan M. Wilbur |
feat: add TCG / platform certificate OIDs Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openss
feat: add TCG / platform certificate OIDs Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25312)
show more ...
|
36840ab5 | 27-Aug-2024 |
Zhihao Yuan |
Recycle the TLS key that holds thread_event_handler Fixes #25278 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from http
Recycle the TLS key that holds thread_event_handler Fixes #25278 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25300)
show more ...
|
09ae1c9f | 30-Aug-2024 |
Jiasheng Jiang |
Add error return value information for EVP_MD_get_size() Add error return value information for EVP_MD_get_size() and EVP_MD_CTX_get_size() to better guide their usages and avoid the
Add error return value information for EVP_MD_get_size() Add error return value information for EVP_MD_get_size() and EVP_MD_CTX_get_size() to better guide their usages and avoid the integer overflow, such as 4a50882 ("ssl_cipher_get_overhead(): Replace size_t with int and add the checks") and ef9ac2f ("test/bad_dtls_test.c: Add checks for the EVP_MD_CTX_get_size()"). Signed-off-by: Jiasheng Jiang <jiashengjiangcool@outlook.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25282)
show more ...
|
d15077d3 | 22-Jul-2024 |
erbsland-dev |
Clarify EVP_CipherUpdate() authenticated bytes behavior Fixes #8310: Document that the number of authenticated bytes returned by EVP_CipherUpdate() varies with the cipher used. Mention that
Clarify EVP_CipherUpdate() authenticated bytes behavior Fixes #8310: Document that the number of authenticated bytes returned by EVP_CipherUpdate() varies with the cipher used. Mention that stream ciphers like ChaCha20 can handle 1 byte at a time, while OCB mode requires processing data one block at a time. Ensure it's clear that passing unpadded data in one call is safe. Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24961)
show more ...
|
71ae4661 | 19-Jul-2024 |
Georgi Valkov |
threads_win: fix improper cast to long * instead of LONG * InterlockedExchangeAdd expects arguments of type LONG *, LONG but the int arguments were improperly cast to long *, long
threads_win: fix improper cast to long * instead of LONG * InterlockedExchangeAdd expects arguments of type LONG *, LONG but the int arguments were improperly cast to long *, long Note: - LONG is always 32 bit - long is 32 bit on Win32 VC x86/x64 and MingW-W64 - long is 64 bit on cygwin64 Signed-off-by: Georgi Valkov <gvalkov@gmail.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24941)
show more ...
|
9f4d8c63 | 19-Jul-2024 |
Georgi Valkov |
threads: follow formatting rules Adjust long lines and correct padding in preprocessor lines to match the formatting rules Signed-off-by: Georgi Valkov <gvalkov@gmail.com>
threads: follow formatting rules Adjust long lines and correct padding in preprocessor lines to match the formatting rules Signed-off-by: Georgi Valkov <gvalkov@gmail.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24941)
show more ...
|
5efc57ca | 12-Jul-2024 |
Daniel Gustafsson |
Fix memleak in rsa_cms_sign error path If the call to X509_ALGOR_set0 fails then the allocated ASN1_STRING variable passed as parameter leaks. Fix by explicitly freeing like how all
Fix memleak in rsa_cms_sign error path If the call to X509_ALGOR_set0 fails then the allocated ASN1_STRING variable passed as parameter leaks. Fix by explicitly freeing like how all other codepaths with X509_ALGOR_set0 do. Fixes #22680 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24868)
show more ...
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13 |
|
2bb83824 | 20-Feb-2021 |
FdaSilvaYY |
ssl: rework "e_os.h" inclusions - Remove e_os.h include from "ssl_local.h" - Added e_os.h into the files that need it now. - Move e_os.h to be the very first include Review
ssl: rework "e_os.h" inclusions - Remove e_os.h include from "ssl_local.h" - Added e_os.h into the files that need it now. - Move e_os.h to be the very first include Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14344)
show more ...
|
23b795d3 | 20-Feb-2021 |
FdaSilvaYY |
apps: directly inclusion of "e_os.h when needed Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/
apps: directly inclusion of "e_os.h when needed Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14344)
show more ...
|
0022bc81 | 20-Feb-2021 |
FdaSilvaYY |
crypto: fix missing <winsock.h> indirection inclusion. Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/o
crypto: fix missing <winsock.h> indirection inclusion. Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14344)
show more ...
|
b2ac9c71 | 20-Feb-2021 |
FdaSilvaYY |
Move inclusion of <winsock.h> out of "e_os.h" into a dedicated header file. Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https:/
Move inclusion of <winsock.h> out of "e_os.h" into a dedicated header file. Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14344)
show more ...
|
54727869 | 05-Sep-2024 |
Tomas Mraz |
Prepare for 3.4 beta 1 Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes |
2648f68f | 05-Sep-2024 |
Tomas Mraz |
Prepare for release of 3.4 alpha 1 Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes |