History log of /openssl/ (Results 326 – 350 of 36074)
Revision (<<< Hide revision tags) (Show revision tags >>>)Date Author Comments
(<<< Hide modified files)
(Show modified files >>>)
13add4d205-Sep-2024 Tomas Mraz

make update


Reviewed-by: Neil Horman <nhorman@openssl.org>
Release: yes

7ed6de9905-Sep-2024 Tomas Mraz

Copyright year updates


Reviewed-by: Neil Horman <nhorman@openssl.org>
Release: yes


.github/workflows/coveralls.yml
.github/workflows/fips-checksums.yml
.github/workflows/main.yml
.github/workflows/provider-compatibility.yml
apps/asn1parse.c
apps/ca.c
apps/cms.c
apps/dgst.c
apps/fipsinstall.c
apps/include/apps.h
apps/include/cmp_mock_srv.h
apps/include/platform.h
apps/info.c
apps/lib/apps.c
apps/lib/cmp_mock_srv.c
apps/lib/http_server.c
apps/lib/opt.c
apps/lib/s_socket.c
apps/lib/tlssrp_depr.c
apps/list.c
apps/ocsp.c
apps/passwd.c
apps/pkeyutl.c
apps/s_client.c
apps/smime.c
apps/speed.c
apps/ts.c
apps/version.c
crypto/aes/asm/aes-x86_64.pl
crypto/aes/asm/aesni-sha1-x86_64.pl
crypto/aes/asm/aesni-sha256-x86_64.pl
crypto/aes/asm/aesni-x86_64.pl
crypto/aes/asm/bsaes-armv8.pl
crypto/aes/asm/bsaes-x86_64.pl
crypto/aes/asm/vpaes-x86_64.pl
crypto/asn1/a_d2i_fp.c
crypto/asn1/a_dup.c
crypto/asn1/a_i2d_fp.c
crypto/asn1/a_object.c
crypto/asn1/a_strex.c
crypto/asn1/a_verify.c
crypto/asn1/asn1_item_list.c
crypto/asn1/asn1_item_list.h
crypto/asn1/f_int.c
crypto/asn1/f_string.c
crypto/asn1/p5_pbev2.c
crypto/asn1/standard_methods.h
crypto/asn1/tasn_fre.c
crypto/async/arch/async_posix.h
crypto/bio/bf_readbuff.c
crypto/bio/bio_addr.c
crypto/bio/bio_sock.c
crypto/bio/bss_conn.c
crypto/bn/asm/mips.pl
crypto/bn/asm/rsaz-2k-avx512.pl
crypto/bn/asm/rsaz-3k-avx512.pl
crypto/bn/asm/rsaz-4k-avx512.pl
crypto/bn/asm/rsaz-avx2.pl
crypto/bn/asm/rsaz-x86_64.pl
crypto/bn/asm/x86_64-mont5.pl
crypto/bn/bn_conv.c
crypto/bn/bn_gcd.c
crypto/bn/bn_lib.c
crypto/bn/bn_mod.c
crypto/bn/bn_mont.c
crypto/bn/bn_nist.c
crypto/bn/bn_rand.c
crypto/bn/bn_shift.c
crypto/bn/rsaz_exp_x2.c
crypto/camellia/asm/cmll-x86_64.pl
crypto/chacha/asm/chacha-riscv64-v-zbb.pl
crypto/chacha/asm/chacha-x86_64.pl
crypto/chacha/chacha_riscv.c
crypto/cmp/cmp_asn.c
crypto/cmp/cmp_genm.c
crypto/cmp/cmp_hdr.c
crypto/cmp/cmp_server.c
crypto/cms/cms_asn1.c
crypto/cms/cms_dh.c
crypto/cms/cms_env.c
crypto/cms/cms_lib.c
crypto/cms/cms_local.h
crypto/cms/cms_sd.c
crypto/cms/cms_smime.c
crypto/conf/conf_def.c
crypto/conf/conf_sap.c
crypto/core_namemap.c
crypto/crmf/crmf_asn.c
crypto/crmf/crmf_local.h
crypto/cversion.c
crypto/des/set_key.c
crypto/deterministic_nonce.c
crypto/dsa/dsa_ameth.c
crypto/dsa/dsa_ossl.c
crypto/dsa/dsa_pmeth.c
crypto/dsa/dsa_sign.c
crypto/ec/asm/ecp_nistz256-x86_64.pl
crypto/ec/curve25519.c
crypto/ec/curve448/curve448.c
crypto/ec/curve448/eddsa.c
crypto/ec/ec_backend.c
crypto/ec/ec_curve.c
crypto/ec/ec_key.c
crypto/ec/ec_lib.c
crypto/ec/ec_local.h
crypto/ec/ec_print.c
crypto/ec/ecdsa_ossl.c
crypto/ec/ecp_nistp256.c
crypto/ec/ecp_nistp384.c
crypto/ec/ecp_nistz256.c
crypto/engine/eng_list.c
crypto/engine/eng_table.c
crypto/ess/ess_lib.c
crypto/evp/bio_b64.c
crypto/evp/bio_ok.c
crypto/evp/ctrl_params_translate.c
crypto/evp/dh_support.c
crypto/evp/digest.c
crypto/evp/e_des3.c
crypto/evp/encode.c
crypto/evp/evp_enc.c
crypto/evp/m_sigver.c
crypto/evp/names.c
crypto/evp/p5_crpt.c
crypto/ffc/ffc_params.c
crypto/ffc/ffc_params_generate.c
crypto/idea/idea_local.h
crypto/info.c
crypto/mem.c
crypto/mem_sec.c
crypto/modes/asm/aes-gcm-avx512.pl
crypto/modes/asm/aesni-gcm-x86_64.pl
crypto/modes/asm/ghash-x86_64.pl
crypto/o_fopen.c
crypto/objects/obj_dat.pl
crypto/ocsp/ocsp_vfy.c
crypto/pem/pem_pkey.c
crypto/perlasm/riscv.pm
crypto/perlasm/x86_64-xlate.pl
crypto/pkcs12/p12_crt.c
crypto/pkcs12/p12_key.c
crypto/pkcs7/pk7_attr.c
crypto/pkcs7/pk7_doit.c
crypto/pkcs7/pk7_lib.c
crypto/pkcs7/pk7_local.h
crypto/poly1305/asm/poly1305-x86_64.pl
crypto/poly1305/poly1305.c
crypto/ppccap.c
crypto/property/property.c
crypto/rand/rand_lib.c
crypto/rand/randfile.c
crypto/riscv32cpuid.pl
crypto/riscvcap.c
crypto/rsa/rsa_ameth.c
crypto/rsa/rsa_mp.c
crypto/rsa/rsa_oaep.c
crypto/rsa/rsa_ossl.c
crypto/rsa/rsa_pmeth.c
crypto/rsa/rsa_pss.c
crypto/rsa/rsa_schemes.c
crypto/rsa/rsa_sign.c
crypto/rsa/rsa_x931.c
crypto/s390xcpuid.pl
crypto/self_test_core.c
crypto/sha/asm/keccak1600-x86_64.pl
crypto/sha/asm/sha1-mb-x86_64.pl
crypto/sha/asm/sha1-x86_64.pl
crypto/sha/asm/sha256-mb-x86_64.pl
crypto/sha/asm/sha512-x86_64.pl
crypto/sha/keccak1600.c
crypto/sha/sha256.c
crypto/sha/sha3.c
crypto/sha/sha512.c
crypto/sm2/sm2_sign.c
crypto/sm3/sm3_local.h
crypto/sm4/sm4.c
crypto/sparse_array.c
crypto/store/store_lib.c
crypto/store/store_strings.c
crypto/ts/ts_rsp_sign.c
crypto/ts/ts_rsp_verify.c
crypto/whrlpool/asm/wp-x86_64.pl
crypto/x509/by_dir.c
crypto/x509/by_store.c
crypto/x509/ext_dat.h
crypto/x509/pcy_tree.c
crypto/x509/standard_exts.h
crypto/x509/t_acert.c
crypto/x509/v3_extku.c
crypto/x509/v3_genn.c
crypto/x509/v3_ncons.c
crypto/x509/v3_pci.c
crypto/x509/v3_san.c
crypto/x509/v3_utl.c
crypto/x509/x509_acert.c
crypto/x509/x509_acert.h
crypto/x509/x509_d2.c
crypto/x509/x509_def.c
crypto/x509/x509_obj.c
crypto/x509/x509_set.c
crypto/x509/x509_v3.c
crypto/x509/x509aset.c
crypto/x509/x509rset.c
crypto/x509/x_all.c
crypto/x509/x_attrib.c
crypto/x509/x_exten.c
crypto/x509/x_ietfatt.c
crypto/x509/x_name.c
crypto/x509/x_pubkey.c
demos/bio/saccept.c
demos/bio/sconnect.c
demos/cipher/aesccm.c
demos/cipher/aesgcm.c
demos/cipher/aeskeywrap.c
demos/cipher/ariacbc.c
demos/digest/EVP_MD_xof.c
demos/guide/quic-client-non-block.c
demos/guide/quic-multi-stream.c
demos/guide/tls-client-non-block.c
demos/http3/ossl-nghttp3-demo.c
demos/keyexch/ecdh.c
demos/pkey/EVP_PKEY_DSA_keygen.c
demos/pkey/EVP_PKEY_DSA_paramvalidate.c
doc/man1/openssl-ca.pod.in
doc/man1/openssl-cms.pod.in
doc/man1/openssl-dgst.pod.in
doc/man1/openssl-enc.pod.in
doc/man1/openssl-fipsinstall.pod.in
doc/man1/openssl-list.pod.in
doc/man1/openssl-pkcs12.pod.in
doc/man1/openssl-pkeyutl.pod.in
doc/man1/openssl-s_client.pod.in
doc/man1/openssl-smime.pod.in
doc/man1/openssl-speed.pod.in
doc/man1/openssl-storeutl.pod.in
doc/man1/openssl-verification-options.pod
doc/man1/openssl-version.pod.in
doc/man1/openssl.pod
doc/man3/ASN1_INTEGER_new.pod
doc/man3/ASYNC_WAIT_CTX_new.pod
doc/man3/ASYNC_start_job.pod
doc/man3/BIO_ADDR.pod
doc/man3/BIO_ADDRINFO.pod
doc/man3/BIO_f_base64.pod
doc/man3/BN_add.pod
doc/man3/BN_generate_prime.pod
doc/man3/BN_set_bit.pod
doc/man3/BUF_MEM_new.pod
doc/man3/CMS_add0_cert.pod
doc/man3/CMS_verify.pod
doc/man3/COMP_CTX_new.pod
doc/man3/CRYPTO_THREAD_run_once.pod
doc/man3/CTLOG_STORE_new.pod
doc/man3/CTLOG_new.pod
doc/man3/CT_POLICY_EVAL_CTX_new.pod
doc/man3/DH_meth_new.pod
doc/man3/DSA_SIG_new.pod
doc/man3/DSA_meth_new.pod
doc/man3/ECDSA_SIG_new.pod
doc/man3/ENGINE_add.pod
doc/man3/EVP_ASYM_CIPHER_free.pod
doc/man3/EVP_CIPHER_meth_new.pod
doc/man3/EVP_DigestSignInit.pod
doc/man3/EVP_DigestVerifyInit.pod
doc/man3/EVP_EncodeInit.pod
doc/man3/EVP_KEM_free.pod
doc/man3/EVP_KEYEXCH_free.pod
doc/man3/EVP_KEYMGMT.pod
doc/man3/EVP_MD_meth_new.pod
doc/man3/EVP_PKEY_ASN1_METHOD.pod
doc/man3/EVP_PKEY_CTX_ctrl.pod
doc/man3/EVP_PKEY_CTX_set_params.pod
doc/man3/EVP_PKEY_check.pod
doc/man3/EVP_PKEY_decrypt.pod
doc/man3/EVP_PKEY_meth_new.pod
doc/man3/EVP_PKEY_sign.pod
doc/man3/EVP_PKEY_verify.pod
doc/man3/EVP_PKEY_verify_recover.pod
doc/man3/EVP_RAND.pod
doc/man3/EVP_SIGNATURE.pod
doc/man3/HMAC.pod
doc/man3/MD5.pod
doc/man3/NCONF_new_ex.pod
doc/man3/OCSP_REQUEST_new.pod
doc/man3/OCSP_cert_to_id.pod
doc/man3/OCSP_response_status.pod
doc/man3/OPENSSL_init_crypto.pod
doc/man3/OPENSSL_malloc.pod
doc/man3/OPENSSL_s390xcap.pod
doc/man3/OPENSSL_secure_malloc.pod
doc/man3/OSSL_CMP_ATAV_set0.pod
doc/man3/OSSL_CMP_ITAV_new_caCerts.pod
doc/man3/OSSL_CMP_SRV_CTX_new.pod
doc/man3/OSSL_CMP_exec_certreq.pod
doc/man3/OSSL_CMP_validate_msg.pod
doc/man3/OSSL_CRMF_MSG_get0_tmpl.pod
doc/man3/OSSL_DECODER.pod
doc/man3/OSSL_DECODER_CTX.pod
doc/man3/OSSL_DECODER_CTX_new_for_pkey.pod
doc/man3/OSSL_ENCODER.pod
doc/man3/OSSL_ENCODER_CTX.pod
doc/man3/OSSL_ERR_STATE_save.pod
doc/man3/OSSL_HPKE_CTX_new.pod
doc/man3/OSSL_IETF_ATTR_SYNTAX.pod
doc/man3/OSSL_IETF_ATTR_SYNTAX_print.pod
doc/man3/OSSL_LIB_CTX.pod
doc/man3/OSSL_PARAM_BLD.pod
doc/man3/OSSL_PARAM_dup.pod
doc/man3/OSSL_SELF_TEST_new.pod
doc/man3/OSSL_STORE_INFO.pod
doc/man3/OSSL_STORE_LOADER.pod
doc/man3/OSSL_STORE_SEARCH.pod
doc/man3/PEM_read_bio_PrivateKey.pod
doc/man3/PKCS7_verify.pod
doc/man3/RAND_get0_primary.pod
doc/man3/RAND_set_DRBG_type.pod
doc/man3/RSA_meth_new.pod
doc/man3/RSA_public_encrypt.pod
doc/man3/SCT_new.pod
doc/man3/SSL_CIPHER_get_name.pod
doc/man3/SSL_CONF_cmd.pod
doc/man3/SSL_CTX_flush_sessions.pod
doc/man3/SSL_CTX_set_alpn_select_cb.pod
doc/man3/SSL_CTX_set_cert_store.pod
doc/man3/SSL_CTX_set_cipher_list.pod
doc/man3/SSL_CTX_set_ct_validation_callback.pod
doc/man3/SSL_CTX_set_record_padding_callback.pod
doc/man3/SSL_CTX_set_tlsext_ticket_key_cb.pod
doc/man3/SSL_CTX_set_verify.pod
doc/man3/SSL_CTX_use_certificate.pod
doc/man3/TS_RESP_CTX_new.pod
doc/man3/X509V3_get_d2i.pod
doc/man3/X509_ACERT_add1_attr.pod
doc/man3/X509_ACERT_add_attr_nconf.pod
doc/man3/X509_ACERT_get0_holder_baseCertId.pod
doc/man3/X509_ACERT_get_attr.pod
doc/man3/X509_ACERT_print_ex.pod
doc/man3/X509_LOOKUP.pod
doc/man3/X509_LOOKUP_meth_new.pod
doc/man3/X509_REQ_get_extensions.pod
doc/man3/X509_STORE_new.pod
doc/man3/X509_get0_notBefore.pod
doc/man3/X509_get0_signature.pod
doc/man3/X509_get0_uids.pod
doc/man3/X509_get_serialNumber.pod
doc/man3/X509_get_subject_name.pod
doc/man3/X509_get_version.pod
doc/man3/X509_new.pod
doc/man3/X509_sign.pod
doc/man3/X509_verify.pod
doc/man3/X509v3_get_ext_by_NID.pod
doc/man3/d2i_X509.pod
doc/man5/fips_config.pod
doc/man7/EVP_ASYM_CIPHER-RSA.pod
doc/man7/EVP_CIPHER-DES.pod
doc/man7/EVP_KDF-ARGON2.pod
doc/man7/EVP_KDF-HKDF.pod
doc/man7/EVP_KDF-KB.pod
doc/man7/EVP_KDF-PBKDF2.pod
doc/man7/EVP_KDF-SS.pod
doc/man7/EVP_KDF-SSHKDF.pod
doc/man7/EVP_KDF-TLS13_KDF.pod
doc/man7/EVP_KDF-TLS1_PRF.pod
doc/man7/EVP_KDF-X963.pod
doc/man7/EVP_KEM-RSA.pod
doc/man7/EVP_KEYEXCH-DH.pod
doc/man7/EVP_KEYEXCH-ECDH.pod
doc/man7/EVP_MAC-CMAC.pod
doc/man7/EVP_MAC-HMAC.pod
doc/man7/EVP_MAC-KMAC.pod
doc/man7/EVP_MD-BLAKE2.pod
doc/man7/EVP_MD-SHAKE.pod
doc/man7/EVP_MD-common.pod
doc/man7/EVP_PKEY-DH.pod
doc/man7/EVP_PKEY-DSA.pod
doc/man7/EVP_PKEY-EC.pod
doc/man7/EVP_PKEY-SM2.pod
doc/man7/EVP_PKEY-X25519.pod
doc/man7/EVP_RAND-HASH-DRBG.pod
doc/man7/EVP_RAND-HMAC-DRBG.pod
doc/man7/EVP_RAND-TEST-RAND.pod
doc/man7/EVP_RAND.pod
doc/man7/EVP_SIGNATURE-DSA.pod
doc/man7/EVP_SIGNATURE-ECDSA.pod
doc/man7/EVP_SIGNATURE-ED25519.pod
doc/man7/EVP_SIGNATURE-RSA.pod
doc/man7/evp.pod
doc/man7/ossl-guide-introduction.pod
doc/man7/ossl-guide-tls-client-block.pod
doc/man7/ossl-guide-tls-introduction.pod
doc/man7/ossl_store.pod
doc/man7/provider-asym_cipher.pod
doc/man7/provider-kem.pod
doc/man7/provider-keyexch.pod
doc/man7/provider-mac.pod
doc/man7/provider-rand.pod
fuzz/acert.c
fuzz/bignum.c
fuzz/decoder.c
fuzz/provider.c
fuzz/quic-lcidm.c
fuzz/quic-srtm.c
fuzz/server.c
include/crypto/asn1.h
include/crypto/context.h
include/crypto/ecx.h
include/crypto/riscv_arch.def
include/crypto/riscv_arch.h
include/crypto/sm4_platform.h
include/crypto/x509_acert.h
include/internal/comp.h
include/internal/constant_time.h
include/internal/cryptlib.h
include/internal/namemap.h
include/internal/packet.h
include/internal/quic_ackm.h
include/internal/sha3.h
include/internal/sockets.h
include/openssl/core_dispatch.h
include/openssl/crmf.h.in
include/openssl/crypto.h.in
include/openssl/e_os2.h
include/openssl/evp.h
include/openssl/fips_names.h
include/openssl/fipskey.h.in
include/openssl/macros.h
include/openssl/objects.h
include/openssl/pem.h
include/openssl/pkcs12.h.in
include/openssl/tls1.h
include/openssl/ts.h
include/openssl/types.h
include/openssl/x509.h.in
include/openssl/x509_acert.h.in
include/openssl/x509v3.h.in
providers/baseprov.c
providers/common/capabilities.c
providers/common/digest_to_nid.c
providers/common/securitycheck.c
providers/common/securitycheck_default.c
providers/common/securitycheck_fips.c
providers/defltprov.c
providers/fips/include/fipscommon.h
providers/fips/self_test.c
providers/fips/self_test.h
providers/fips/self_test_kats.c
providers/implementations/asymciphers/rsa_enc.c
providers/implementations/ciphers/cipher_aes_gcm_siv_hw.c
providers/implementations/ciphers/cipher_aes_siv_hw.c
providers/implementations/ciphers/cipher_chacha20_poly1305_hw.c
providers/implementations/ciphers/cipher_cts.c
providers/implementations/ciphers/cipher_desx_hw.c
providers/implementations/ciphers/cipher_null.c
providers/implementations/ciphers/cipher_rc2.c
providers/implementations/ciphers/cipher_sm4_ccm_hw.c
providers/implementations/ciphers/cipher_sm4_gcm_hw.c
providers/implementations/ciphers/cipher_sm4_hw.c
providers/implementations/ciphers/cipher_sm4_xts_hw.c
providers/implementations/ciphers/cipher_tdes.h
providers/implementations/ciphers/cipher_tdes_common.c
providers/implementations/ciphers/cipher_tdes_wrap.c
providers/implementations/ciphers/ciphercommon.c
providers/implementations/ciphers/ciphercommon_gcm.c
providers/implementations/digests/sha3_prov.c
providers/implementations/encode_decode/decode_der2key.c
providers/implementations/exchange/dh_exch.c
providers/implementations/exchange/ecdh_exch.c
providers/implementations/exchange/ecx_exch.c
providers/implementations/exchange/kdf_exch.c
providers/implementations/include/prov/implementations.h
providers/implementations/include/prov/names.h
providers/implementations/kdfs/hkdf.c
providers/implementations/kdfs/hmacdrbg_kdf.c
providers/implementations/kdfs/kbkdf.c
providers/implementations/kdfs/pbkdf2.c
providers/implementations/kdfs/sshkdf.c
providers/implementations/kdfs/sskdf.c
providers/implementations/kdfs/x942kdf.c
providers/implementations/kem/rsa_kem.c
providers/implementations/keymgmt/dh_kmgmt.c
providers/implementations/keymgmt/dsa_kmgmt.c
providers/implementations/keymgmt/ec_kmgmt.c
providers/implementations/macs/cmac_prov.c
providers/implementations/macs/hmac_prov.c
providers/implementations/macs/kmac_prov.c
providers/implementations/rands/seeding/rand_unix.c
providers/implementations/rands/seeding/rand_vxworks.c
providers/implementations/rands/test_rng.c
providers/implementations/signature/dsa_sig.c
providers/implementations/signature/ecdsa_sig.c
providers/implementations/signature/eddsa_sig.c
providers/implementations/signature/rsa_sig.c
providers/implementations/signature/sm2_sig.c
ssl/d1_lib.c
ssl/priority_queue.c
ssl/quic/quic_cfq.c
ssl/quic/quic_record_util.c
ssl/quic/quic_trace.c
ssl/ssl_cert.c
ssl/ssl_cert_comp.c
ssl/ssl_init.c
ssl/ssl_mcnf.c
ssl/ssl_stat.c
ssl/ssl_txt.c
ssl/statem/extensions.c
ssl/statem/extensions_clnt.c
ssl/statem/extensions_srvr.c
ssl/t1_trce.c
ssl/tls13_enc.c
test/acvp_test.inc
test/asn1_encode_test.c
test/bad_dtls_test.c
test/bftest.c
test/bio_enc_test.c
test/bioprinttest.c
test/bntest.c
test/ca_internals_test.c
test/casttest.c
test/ciphername_test.c
test/clienthellotest.c
test/cmp_hdr_test.c
test/cmsapitest.c
test/context_internal_test.c
test/crltest.c
test/ct_test.c
test/destest.c
test/drbgtest.c
test/dsatest.c
test/ec_internal_test.c
test/ecdsatest.c
test/ecstresstest.c
test/endecode_test.c
test/evp_xof_test.c
test/helpers/handshake.c
test/helpers/pkcs12.c
test/helpers/ssltestlib.c
test/helpers/ssltestlib.h
test/hexstr_test.c
test/hmactest.c
test/hpke_test.c
test/ideatest.c
test/lhash_test.c
test/modes_internal_test.c
test/namemap_internal_test.c
test/pkcs12_format_test.c
test/pkey_meth_kdf_test.c
test/prov_config_test.c
test/provider_fallback_test.c
test/provider_internal_test.c
test/provider_status_test.c
test/provider_test.c
test/quic_client_test.c
test/quic_record_test.c
test/rand_test.c
test/recipes/02-test_strtoul.t
test/recipes/03-test_fipsinstall.t
test/recipes/04-test_conf.t
test/recipes/05-test_rand.t
test/recipes/10-test_bn_data/bngcd.txt
test/recipes/20-test_cli_fips.t
test/recipes/20-test_dgst.t
test/recipes/20-test_pkeyutl.t
test/recipes/25-test_eai_data.t
test/recipes/30-test_defltfips.t
test/recipes/30-test_evp.t
test/recipes/30-test_evp_data/evpciph_des3_common.txt
test/recipes/30-test_evp_data/evpkdf_hkdf.txt
test/recipes/30-test_evp_data/evpkdf_kbkdf_counter.txt
test/recipes/30-test_evp_data/evpkdf_kbkdf_kmac.txt
test/recipes/30-test_evp_data/evpkdf_pbkdf2.txt
test/recipes/30-test_evp_data/evpkdf_ss.txt
test/recipes/30-test_evp_data/evpkdf_ssh.txt
test/recipes/30-test_evp_data/evpkdf_tls12_prf.txt
test/recipes/30-test_evp_data/evpkdf_tls13_kdf.txt
test/recipes/30-test_evp_data/evpkdf_x942.txt
test/recipes/30-test_evp_data/evpkdf_x963.txt
test/recipes/30-test_evp_data/evpmac_cmac_des.txt
test/recipes/30-test_evp_data/evpmac_common.txt
test/recipes/30-test_evp_data/evppkey_dsa.txt
test/recipes/30-test_evp_data/evppkey_ecc.txt
test/recipes/30-test_evp_data/evppkey_ecdh.txt
test/recipes/30-test_evp_data/evppkey_ecdsa.txt
test/recipes/30-test_evp_data/evppkey_ecx.txt
test/recipes/30-test_evp_data/evppkey_ffdhe.txt
test/recipes/30-test_evp_data/evppkey_kas.txt
test/recipes/30-test_evp_data/evppkey_kdf_hkdf.txt
test/recipes/30-test_evp_data/evppkey_kdf_tls1_prf.txt
test/recipes/30-test_evp_data/evppkey_rsa.txt
test/recipes/30-test_evp_data/evppkey_rsa_common.txt
test/recipes/30-test_evp_data/evppkey_rsa_sigalg.txt
test/recipes/30-test_evp_data/evppkey_sm2.txt
test/recipes/30-test_evp_data/evprand.txt
test/recipes/30-test_prov_config.t
test/recipes/30-test_provider_status.t
test/recipes/60-test_x509_acert.t
test/recipes/70-test_renegotiation.t
test/recipes/70-test_sslextension.t
test/recipes/70-test_sslmessages.t
test/recipes/70-test_tls13certcomp.t
test/recipes/70-test_tls13kexmodes.t
test/recipes/70-test_tls13messages.t
test/recipes/80-test_cms.t
test/recipes/80-test_ssl_new.t
test/recipes/80-test_ssl_old.t
test/recipes/90-test_sslapi.t
test/recipes/90-test_sysdefault.t
test/recipes/99-test_fuzz_acert.t
test/recipes/99-test_fuzz_hashtable.t
test/recipes/99-test_fuzz_provider.t
test/recipes/tconversion.pl
test/rsa_sp800_56b_test.c
test/safe_math_test.c
test/sm2_internal_test.c
test/ssl-tests/08-npn.cnf.in
test/ssl-tests/09-alpn.cnf.in
test/ssl-tests/28-seclevel.cnf.in
test/sslbuffertest.c
test/sysdefaulttest.c
test/testutil.h
test/testutil/helper.c
test/testutil/stanza.c
test/threadpool_test.c
test/threadstest.h
test/tls13secretstest.c
test/v3ext.c
test/wpackettest.c
test/x509_acert_test.c
test/x509_internal_test.c
test/x509_test.c
util/check-format-test-negatives.c
util/check-format.pl
util/mk-fipsmodule-cnf.pl
util/mkerr.pl
util/mkinstallvars.pl
util/perl/OpenSSL/ParseC.pm
util/perl/OpenSSL/Test/Utils.pm
210dc9a503-Sep-2024 Richard Levitte

util/mkinstallvars.pl: replace List::Util::pairs with out own

Unfortunately, List::Util::pairs didn't appear in perl core modules
before 5.19.3, and our minimum requirement is 5.10.

util/mkinstallvars.pl: replace List::Util::pairs with out own

Unfortunately, List::Util::pairs didn't appear in perl core modules
before 5.19.3, and our minimum requirement is 5.10.

Fortunately, we already have a replacement implementation, and can
re-apply it in this script.

Fixes #25366

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25367)

show more ...

c4a5d70d04-Sep-2024 Tomas Mraz

CI: Update upload-artifact action to be compatible

The download-artifact action was updated to 4.x
and the upload-artifact must be kept in sync.

Reviewed-by: Richard Levitte <le

CI: Update upload-artifact action to be compatible

The download-artifact action was updated to 4.x
and the upload-artifact must be kept in sync.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25383)

show more ...

2a6305df03-Sep-2024 dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

build(deps): bump actions/download-artifact in /.github/workflows

Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 3 to 4.1.7.
- [Release notes](https

build(deps): bump actions/download-artifact in /.github/workflows

Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 3 to 4.1.7.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v3...v4.1.7)

---
updated-dependencies:
- dependency-name: actions/download-artifact
dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
CLA: trivial

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25374)

show more ...

bbe4571f28-Aug-2024 Alexandr Nedvedicky

EVP_CIPHER_CTX_get_algor_params() may attempt to access params array
at position -1 (prams[=1]).

The issue has been reported by coverity check.

Reviewed-by: Richard Levitte <lev

EVP_CIPHER_CTX_get_algor_params() may attempt to access params array
at position -1 (prams[=1]).

The issue has been reported by coverity check.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25303)

show more ...

c23ce35202-Sep-2024 Ingo Franzki

s390x: Fix prehash-by-caller handling for ED25519 and ED448

In case of prehash or prehash-by-caller is set skip the s390x specific
acceleration an fallback to the non-accelerated code pa

s390x: Fix prehash-by-caller handling for ED25519 and ED448

In case of prehash or prehash-by-caller is set skip the s390x specific
acceleration an fallback to the non-accelerated code path.

Fixes: 66966827740a04249300b0b25735e9d4c9bcab26

Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25351)

show more ...

a75d626326-Aug-2024 Ingo Franzki

s390x: Disable HMAC hardware acceleration when an engine is used for the digest

The TLSProxy uses the 'ossltest' engine to produce known output for digests
and HMAC calls. However, when

s390x: Disable HMAC hardware acceleration when an engine is used for the digest

The TLSProxy uses the 'ossltest' engine to produce known output for digests
and HMAC calls. However, when running on a s390x system that supports
hardware acceleration of HMAC, the engine is not used for calculating HMACs,
but the s390x specific HMAC implementation is used, which does produce correct
output, but not the known output that the engine would produce. This causes
some tests (i.e. test_key_share, test_sslextension, test_sslrecords,
test_sslvertol, and test_tlsextms) to fail.

Disable the s390x HMAC hardware acceleration if an engine is used for the
digest of the HMAC calculation. This provides compatibility for engines that
provide digest implementations, and assume that these implementations are also
used when calculating an HMAC.

Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25287)

show more ...

03b22b4d03-Sep-2024 Tomas Mraz

Add CVE-2024-5535 to CHANGES and NEWS

Reviewed-by: Neil Horman <nhorman@openssl.org>
Release: yes
(cherry picked from commit abcb0f83d060eb816503a6a36959ce8498a24111)

ca979e8510-Jul-2024 Viktor Dukhovni

Updated CHANGES and NEWS for CVE-2024-6119 fix

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(cherry picked from commit cf384d35aa7142cc3

Updated CHANGES and NEWS for CVE-2024-6119 fix

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(cherry picked from commit cf384d35aa7142cc3b5de19f64d3972e77d3ff74)

show more ...

0890cd1319-Jun-2024 Viktor Dukhovni

Avoid type errors in EAI-related name check logic.

The incorrectly typed data is read only, used in a compare operation, so
neither remote code execution, nor memory content disclosure w

Avoid type errors in EAI-related name check logic.

The incorrectly typed data is read only, used in a compare operation, so
neither remote code execution, nor memory content disclosure were possible.
However, applications performing certificate name checks were vulnerable to
denial of service.

The GENERAL_TYPE data type is a union, and we must take care to access the
correct member, based on `gen->type`, not all the member fields have the same
structure, and a segfault is possible if the wrong member field is read.

The code in question was lightly refactored with the intent to make it more
obviously correct.

Fixes CVE-2024-6119

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>

show more ...

5650289730-Aug-2024 Tomas Mraz

Add CHANGES.md and NEWS.md updates for the 3.4 release

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosg

Add CHANGES.md and NEWS.md updates for the 3.4 release

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/25339)

show more ...

01f4b44e01-Sep-2024 Brad Smith

Add support for elf_aux_info() on OpenBSD

CLA: trivial

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas

Add support for elf_aux_info() on OpenBSD

CLA: trivial

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25346)

show more ...

16e7da0930-Aug-2024 Theo Buehler

Missing .rodata for AVX2/AVX512 codepaths

This is a follow-up to #23997

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by:

Missing .rodata for AVX2/AVX512 codepaths

This is a follow-up to #23997

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25340)

show more ...

c94d13a029-Jul-2024 Adam (ThinLinc team) <146726448+CendioHalim@users.noreply.github.com>

Detect MinGW 32 bit for NO_INTERLOCKEDOR64

Builds using 32 bit MinGW will fail, due to the same reasoning described in commit 2d46a44ff24173d2cf5ea2196360cb79470d49c7.

CLA: trivial

Detect MinGW 32 bit for NO_INTERLOCKEDOR64

Builds using 32 bit MinGW will fail, due to the same reasoning described in commit 2d46a44ff24173d2cf5ea2196360cb79470d49c7.

CLA: trivial

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25025)

show more ...

d5b3c0e228-Aug-2024 Ingo Franzki

s390x: Fix HMAC digest detection

Use EVP_MD_is_a() instead of EVP_MD_get_type() to detect the digest
type. EVP_MD_get_type() does not always return the expected NID, e.g.
when runnin

s390x: Fix HMAC digest detection

Use EVP_MD_is_a() instead of EVP_MD_get_type() to detect the digest
type. EVP_MD_get_type() does not always return the expected NID, e.g.
when running in the FIPS provider, EVP_MD_get_type() returns zero,
causing to skip the HMAC acceleration path.

Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25304)

show more ...

0cd9dd7021-Aug-2024 Viktor Dukhovni

Improve base64 BIO correctness and error reporting

Also improve related documentation.

- The BIO_FLAGS_BASE64_NO_NL flag did not behave as advertised, only
leading and trailin

Improve base64 BIO correctness and error reporting

Also improve related documentation.

- The BIO_FLAGS_BASE64_NO_NL flag did not behave as advertised, only
leading and trailing, but not internal, whitespace was supported:

$ echo 'AA AA' | openssl base64 -A -d | wc -c
0

- Switching from ignored leading input to valid base64 input misbehaved
when the length of the skipped input was one more than the length of
the second and subsequent valid base64 lines in the internal 1k
buffer:

$ printf '#foo\n#bar\nA\nAAA\nAAAA\n' | openssl base64 -d | wc -c
0

- When the underlying BIO is retriable, and a read returns less than
1k of data, some of the already buffered input lines that could have
been decoded and returned were retained internally for a retry by the
caller. This is somewhat surprising, and the new code decodes as many
of the buffered lines as possible. Issue reported by Michał Trojnara.

- After all valid data has been read, the next BIO_read(3) should
return 0 when the input was all valid or -1 if an error was detected.
This now occurs in more consistently, but further tests and code
refactoring may be needed to ensure this always happens.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25253)

show more ...

d1c2c05428-Aug-2024 Richard Levitte

fix: ossl_digest_get_approved_nid() returns NID_undef on invalid digest

We checked using 'md_nid < 0', which is faulty.

Impact: DSA and ECDSA signature provider implementations

fix: ossl_digest_get_approved_nid() returns NID_undef on invalid digest

We checked using 'md_nid < 0', which is faulty.

Impact: DSA and ECDSA signature provider implementations

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24992)

show more ...

f68ba38e24-Jul-2024 Richard Levitte

Refactor OpenSSL 'ECDSA' EVP_SIGNATURE to also include ECDSA+hash composites

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-b

Refactor OpenSSL 'ECDSA' EVP_SIGNATURE to also include ECDSA+hash composites

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24992)

show more ...

bb2be4f024-Jul-2024 Richard Levitte

Refactor OpenSSL 'DSA' EVP_SIGNATURE to also include DSA+hash composites

(in the code, "sigalg" is used to refer to these composite algorithms,
which is a nod to libcrypto and libssl, wh

Refactor OpenSSL 'DSA' EVP_SIGNATURE to also include DSA+hash composites

(in the code, "sigalg" is used to refer to these composite algorithms,
which is a nod to libcrypto and libssl, where that term is commonly used
for composite algorithms)

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24992)

show more ...

c6c6af1830-Aug-2024 Pauli

endecode_test.c: Fix !fips v3.0.0 check

The fips_provider_version_* functions return true if the FIPS provider isn't
loaded. This is somewhat counterintuitive and the fix in #25327 negl

endecode_test.c: Fix !fips v3.0.0 check

The fips_provider_version_* functions return true if the FIPS provider isn't
loaded. This is somewhat counterintuitive and the fix in #25327 neglected
this nuance resulting in not running the SM2 tests when the FIPS provider
wasn't being loaded.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25331)

show more ...

15b7484928-Aug-2024 Richard Levitte

exporters for pkg-config: align with the changes for CMake

The latest CMake exporter changes reworked the the variables in builddata.pm
and installdata.pm. Unfortunately, the pkg-config

exporters for pkg-config: align with the changes for CMake

The latest CMake exporter changes reworked the the variables in builddata.pm
and installdata.pm. Unfortunately, the pkg-config exporter templates were
forgotten in that effort.

Fixes #25299

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25308)

show more ...

0b97a55029-Aug-2024 Tomas Mraz

endecode_test.c: Avoid running the SM2 tests with 3.0.0 FIPS provider

Fixes #25326

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.o

endecode_test.c: Avoid running the SM2 tests with 3.0.0 FIPS provider

Fixes #25326

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25327)

show more ...

b4e4bf2928-Aug-2024 Viktor Dukhovni

Check for excess data in CertificateVerify

As reported by Alicja Kario, we ignored excess bytes after the
signature payload in TLS CertificateVerify Messages. These
should not be pr

Check for excess data in CertificateVerify

As reported by Alicja Kario, we ignored excess bytes after the
signature payload in TLS CertificateVerify Messages. These
should not be present.

Fixes: #25298

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25302)

show more ...

25f5d7b829-Feb-2024 Joerg Schmidbauer

s390x: support CPACF sha3/shake performance improvements

On newer machines the SHA3/SHAKE performance of CPACF instructions KIMD and KLMD
can be enhanced by using additional modifier bit

s390x: support CPACF sha3/shake performance improvements

On newer machines the SHA3/SHAKE performance of CPACF instructions KIMD and KLMD
can be enhanced by using additional modifier bits. This allows the application
to omit initializing the ICV, but also affects the internal processing of the
instructions. Performance is mostly gained when processing short messages.

The new CPACF feature is backwards compatible with older machines, i.e. the new
modifier bits are ignored on older machines. However, to save the ICV
initialization, the application must detect the MSA level and omit the ICV
initialization only if this feature is supported.

Signed-off-by: Joerg Schmidbauer <jschmidb@de.ibm.com>

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25235)

show more ...

1...<<11121314151617181920>>...1443