History log of /openssl/ (Results 501 – 525 of 36074)
Revision (<<< Hide revision tags) (Show revision tags >>>)Date Author Comments
(<<< Hide modified files)
(Show modified files >>>)
068c9bee08-Aug-2024 Pauli

test: add error reasons to RSA tests

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/open

test: add error reasons to RSA tests

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/25135)

show more ...

8e316edd08-Aug-2024 Pauli

fips: change from function call to macro in rsa_enc.c

Use of the function instead of the macro for the indicator unapproved check was
noted in: https://github.com/openssl/openssl/pull/25

fips: change from function call to macro in rsa_enc.c

Use of the function instead of the macro for the indicator unapproved check was
noted in: https://github.com/openssl/openssl/pull/25070#discussion_r1706564363
Fix things to use the macro properly.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/25134)

show more ...

f076837626-Jul-2024 Neil Horman

limit bignums to 128 bytes

Keep us from spinning forever doing huge amounts of math in the fuzzer

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmai

limit bignums to 128 bytes

Keep us from spinning forever doing huge amounts of math in the fuzzer

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/25013)

show more ...

250a7adb01-Aug-2024 slontis

Add "no-fips-post" configure option.

Using this option disables the OpenSSL FIPS provider
self tests.
This is intended for debugging purposes only,
as it breaks FIPS compliance.

Add "no-fips-post" configure option.

Using this option disables the OpenSSL FIPS provider
self tests.
This is intended for debugging purposes only,
as it breaks FIPS compliance.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25063)

show more ...

ea3888a307-Aug-2024 slontis

Fix FIPS indicator defines for larger indicies.

A newer PR is using setable3 now so these indicies should be fixed.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul

Fix FIPS indicator defines for larger indicies.

A newer PR is using setable3 now so these indicies should be fixed.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25118)

show more ...

fd39d1c805-Aug-2024 Pauli

test: add negative tests for KBKDF key size check under FIPS

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://gith

test: add negative tests for KBKDF key size check under FIPS

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/25095)

show more ...

ae87c48805-Aug-2024 Pauli

fips: add kbkdf key length check as per SP 800-131a revision 2

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://gi

fips: add kbkdf key length check as per SP 800-131a revision 2

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/25095)

show more ...

6cb6b17105-Aug-2024 Pauli

fips: add kbkdf key check checking function

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/op

fips: add kbkdf key check checking function

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/25095)

show more ...

57fb884105-Aug-2024 Pauli

doc: docment key-check param for kbkdf

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl

doc: docment key-check param for kbkdf

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/25095)

show more ...

8d52cf5205-Aug-2024 Pauli

doc: document kbkdf key check argument for fipsinstall

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com

doc: document kbkdf key check argument for fipsinstall

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/25095)

show more ...

243b7f3905-Aug-2024 Pauli

fips: install with the kbkdf key check option set

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/open

fips: install with the kbkdf key check option set

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/25095)

show more ...

c2b8af8905-Aug-2024 Pauli

params: add kbkdf key check param

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull

params: add kbkdf key check param

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/25095)

show more ...

090247b205-Aug-2024 Pauli

fipsinstall: add kbkdf key check option

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openss

fipsinstall: add kbkdf key check option

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/25095)

show more ...

e77eb1dc19-Apr-2024 JulieDzeze1

Update BN_add.pod documentation so it is consistent with header declarations

CLA: trivial

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove@

Update BN_add.pod documentation so it is consistent with header declarations

CLA: trivial

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24215)

show more ...

de8861a701-Aug-2024 Mathis Marion

Remove duplicate colon in otherName display

The colon is already added in X509V3_EXT_val_prn(). In fact, the other
branches from i2v_GENERAL_NAME() do not include a trailing colon.

Remove duplicate colon in otherName display

The colon is already added in X509V3_EXT_val_prn(). In fact, the other
branches from i2v_GENERAL_NAME() do not include a trailing colon.

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23428)

show more ...

387491d512-Jan-2024 Mathis Marion

Add OIDs id-kp-wisun-fan-device and id-on-hardwareModule

Sub-OIDs for {iso(1) identified-organization(3) dod(6) internet(1)
private(4) enterprise(1) 45605} are recorded in the document "

Add OIDs id-kp-wisun-fan-device and id-on-hardwareModule

Sub-OIDs for {iso(1) identified-organization(3) dod(6) internet(1)
private(4) enterprise(1) 45605} are recorded in the document "Wi-SUN
Assigned Value Registry" (WAVR).

OID id-on-hardwareModule is defined in RFC 4108.

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23428)

show more ...

c0c4e6ba06-Aug-2024 Matt Caswell

Remove the event queue code

PR #18345 added some code for an event queue. It also added a test for it.
Unfortunately this event queue code has never been used for anything.
Additiona

Remove the event queue code

PR #18345 added some code for an event queue. It also added a test for it.
Unfortunately this event queue code has never been used for anything.
Additionally the test was never integrated into a test recipe, so it never
actually gets invoked via "make test". This makes the code entirely dead,
unnecessarily bloats the size of libssl and causes a decrease in our
testing code coverage value.

We remove the dead code.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25100)

show more ...

e70e34d805-Aug-2024 Tomas Mraz

dh_kmgmt.c: Avoid expensive public key validation for known safe-prime groups

The partial validation is fully sufficient to check the key validity.

Thanks to Szilárd Pfeiffer for re

dh_kmgmt.c: Avoid expensive public key validation for known safe-prime groups

The partial validation is fully sufficient to check the key validity.

Thanks to Szilárd Pfeiffer for reporting the issue.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/25088)

show more ...

7bcfb41405-Aug-2024 Tomas Mraz

ossl_print_attribute_value(): use a sequence value only if type is a sequence

Move the switch to print a distinguished name inside the
switch by the printed attribute type, otherwise a m

ossl_print_attribute_value(): use a sequence value only if type is a sequence

Move the switch to print a distinguished name inside the
switch by the printed attribute type, otherwise a malformed
attribute will cause a crash.

Updated the fuzz corpora with the testcase

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/25087)

show more ...

217e215e05-Aug-2024 Tomas Mraz

rsa_pss_compute_saltlen(): Avoid integer overflows and check MD and RSA sizes

Fixes Coverity 1604651

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tom Cosgrove

rsa_pss_compute_saltlen(): Avoid integer overflows and check MD and RSA sizes

Fixes Coverity 1604651

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/25085)

show more ...

e3e15e7705-Aug-2024 Tomas Mraz

do_print_ex(): Avoid possible integer overflow

Fixes Coverity 1604657
Fixes openssl/project#780

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tom Cosgrove <tom

do_print_ex(): Avoid possible integer overflow

Fixes Coverity 1604657
Fixes openssl/project#780

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/25084)

show more ...

00f32b2202-Aug-2024 Pauli

test: update SSL API test in light of PKCS#1 version 1.5 padding change under FIPS

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>

test: update SSL API test in light of PKCS#1 version 1.5 padding change under FIPS

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/25070)

show more ...

d057561902-Aug-2024 Pauli

test: update SSL old test in light of PKCS#1 version 1.5 padding change under FIPS

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>

test: update SSL old test in light of PKCS#1 version 1.5 padding change under FIPS

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/25070)

show more ...

449bc10401-Aug-2024 Pauli

sslapitest: add meaningful skip messages

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openss

sslapitest: add meaningful skip messages

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/25070)

show more ...

29a0f04001-Aug-2024 Pauli

cms: fix tests in light of PKCS#1 version 1.5 padding check

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https:

cms: fix tests in light of PKCS#1 version 1.5 padding check

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/25070)

show more ...

1...<<21222324252627282930>>...1443