APPS/dsaparam: fix case where infile and outfile are the same

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://githu

APPS/dsaparam: fix case where infile and outfile are the same

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25552)

show more ...

Fix some memory leaks in the openssl app

In some error cases the normal cleanup did not
happen, but instead an exit(1) which caused some
memory leaks, as reported in #22049.

Fix some memory leaks in the openssl app

In some error cases the normal cleanup did not
happen, but instead an exit(1) which caused some
memory leaks, as reported in #22049.

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/22055)

show more ...

Copyright year updates


Reviewed-by: Richard Levitte <levitte@openssl.org>
Release: yes

Added tests and updated help

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19898)

Add an option to specify number of bits in the subprime (q) when generating DSA keys

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged fr

Add an option to specify number of bits in the subprime (q) when generating DSA keys

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19898)

show more ...

APPS: dsaparam, gendsa: Support setting properties

The -provider and -propquery options did not work on dsaparam and
gendsa. Fix this and add tests that check that operations that are no

APPS: dsaparam, gendsa: Support setting properties

The -provider and -propquery options did not work on dsaparam and
gendsa. Fix this and add tests that check that operations that are not
supported by the FIPS provider work when run with

| -provider default -propquery '?fips!=yes'

See also https://bugzilla.redhat.com/show_bug.cgi?id=2094956, where this
was initially reported.

Signed-off-by: Clemens Lang <cllang@redhat.com>

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18576)

show more ...

Fix the checks of EVP_PKEY_CTX_set/get_* functions

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/open

Fix the checks of EVP_PKEY_CTX_set/get_* functions

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18399)

show more ...

Update copyright year

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Release: yes

Add -verbose/-queit flags to dhparam

Allow dhparam to run quietly in scripts, etc.

For other commands that took a -verbose flag already, also support -quiet.

For genpkey wh

Add -verbose/-queit flags to dhparam

Allow dhparam to run quietly in scripts, etc.

For other commands that took a -verbose flag already, also support -quiet.

For genpkey which only supported -quiet, add the -verbose flag.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17336)

show more ...

Standardize progress callback for dhparam, dsaparam, etc.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed

Standardize progress callback for dhparam, dsaparam, etc.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17359)

show more ...

APPS: Improve diagnostics on missing/extra args and unknown cipher/digest

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16450)

EVP_PKEY_keygen_init: fix return check

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged

EVP_PKEY_keygen_init: fix return check

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17031)

show more ...

Add warning to key/param generating apps on potential delay due to missing entropy

This also introduces app_keygen() and app_paramgen() and cleans up err reporting.

Reviewed-by: Tom

Add warning to key/param generating apps on potential delay due to missing entropy

This also introduces app_keygen() and app_paramgen() and cleans up err reporting.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12095)

show more ...

Make the -inform option to be respected if possible

Add OSSL_STORE_PARAM_INPUT_TYPE and make it possible to be
set when OSSL_STORE_open_ex() or OSSL_STORE_attach() is called.

Th

Make the -inform option to be respected if possible

Add OSSL_STORE_PARAM_INPUT_TYPE and make it possible to be
set when OSSL_STORE_open_ex() or OSSL_STORE_attach() is called.

The input type format is enforced only in case the file
type file store is used.

By default we use FORMAT_UNDEF meaning the input type
is not enforced.

Fixes #14569

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15100)

show more ...

APPS: Replace 'OPT_ERR = -1, OPT_EOF = 0, OPT_HELP' by OPT_COMMON macro

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15111)

APPS: make apps strict on app_RAND_load() and app_RAND_write() failure

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14840)

Update copyright year

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14235)

Load rand state after loading providers

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>

Load rand state after loading providers

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14135)

show more ...

Check non-option arguments

Make sure all commands check to see if there are any "extra" arguments
after the options, and print an error if so.

Made all error messages consistent

Check non-option arguments

Make sure all commands check to see if there are any "extra" arguments
after the options, and print an error if so.

Made all error messages consistent (which is to say, minimal).

Fixes: #13527

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13563)

show more ...

Remove -C from dhparam,dsaparam,ecparam

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/opens

Remove -C from dhparam,dsaparam,ecparam

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13384)

show more ...

Fix the reading of DSA parameters files using the dsaparam app

DSA parameters files were failing to load correctly. We also fix a number
of follow on issues which resulted in multiple si

Fix the reading of DSA parameters files using the dsaparam app

DSA parameters files were failing to load correctly. We also fix a number
of follow on issues which resulted in multiple similar errors messages
being displayed for the same problem, as well as a seg-fault.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13317)

show more ...

APPS: Implement load_keyparams() to load key parameters

'openssl dsaparam' is affected as an obvious usage example.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from ht

APPS: Implement load_keyparams() to load key parameters

'openssl dsaparam' is affected as an obvious usage example.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13191)

show more ...

coverity 1464212, 1464214 & 1464215: Resource leaks

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12149)

Make error output of dhparams and dsaparams app more consistent

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12062)

APPS: Fix 'openssl dsaparam -genkey'

Using a parameter EVP_PKEY for key generation with EVP_PKEY routines
works a little differently than the raw DSA routines that were used
before.

APPS: Fix 'openssl dsaparam -genkey'

Using a parameter EVP_PKEY for key generation with EVP_PKEY routines
works a little differently than the raw DSA routines that were used
before.

While fixing that, clean away all remaining use of the DSA type, which
simplifies the code a bit more.

Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/12048)

show more ...