#
fecb3aae |
| 03-May-2022 |
Matt Caswell |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> Release: yes
|
#
e4cdcb8b |
| 25-Mar-2022 |
Tomas Mraz |
req, x509: Allow printing modulus of RSA-PSS keys Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/open
req, x509: Allow printing modulus of RSA-PSS keys Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17990)
show more ...
|
#
df5c86e9 |
| 01-Mar-2022 |
Hugo Landau |
Enable openssl req -x509 to create certificates from CSRs `openssl req -x509` has code allowing it to generate certificates from CSRs as a replacement for `openssl x509`, but a bug preve
Enable openssl req -x509 to create certificates from CSRs `openssl req -x509` has code allowing it to generate certificates from CSRs as a replacement for `openssl x509`, but a bug prevents it from working properly. -CA and -CAkey can now be passed to generate a CA-signed certificate as documented in openssl-req(1). Regression testing has been added to `openssl req`. Fixes #17736. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17782)
show more ...
|
#
37be6fee |
| 21-Feb-2022 |
xkernel |
check the return value of CRYPTO_strdup() Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org>
check the return value of CRYPTO_strdup() Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17741)
show more ...
|
#
e1cd94f2 |
| 22-Dec-2021 |
Philip Prindeville |
Standardize progress callback for dhparam, dsaparam, etc. Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed
Standardize progress callback for dhparam, dsaparam, etc. Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17359)
show more ...
|
#
2c272447 |
| 24-Aug-2021 |
Dr. David von Oheimb |
APPS: Add check for multiple 'unknown' options Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/16416)
|
#
d9f07357 |
| 27-Aug-2021 |
Dr. David von Oheimb |
APPS: Improve diagnostics on missing/extra args and unknown cipher/digest Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16450)
|
#
adbd77f6 |
| 17-Aug-2021 |
Dr. David von Oheimb |
X509: Fix handling of AKID and SKID extensions according to configuration Fixes #16300 Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.o
X509: Fix handling of AKID and SKID extensions according to configuration Fixes #16300 Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/16342)
show more ...
|
#
1287dabd |
| 26-Oct-2021 |
x2018 |
fix some code with obvious wrong coding style Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org
fix some code with obvious wrong coding style Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16918)
show more ...
|
#
251e9412 |
| 20-Oct-2021 |
Dr. David von Oheimb |
APPS/req.c: Make -reqexts option an alias of -extensions option This simplifies code, doc, and use. Fixes issue ignoring one or the other. Reviewed-by: Tomas Mraz <tomas@openssl
APPS/req.c: Make -reqexts option an alias of -extensions option This simplifies code, doc, and use. Fixes issue ignoring one or the other. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16865)
show more ...
|
#
58608487 |
| 07-Oct-2021 |
Tomas Mraz |
req: Do not warn about using stdin when generating new request Fixes #16773 Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16774)
|
#
611ef4f3 |
| 27-Aug-2021 |
Dr. David von Oheimb |
APPS/{x509,req}: Fix description and diagnostics of -key, -in, etc. options Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16440)
|
#
4fdb0d25 |
| 25-Aug-2021 |
Dr. David von Oheimb |
APPS/req: Fix AKID generation in case -CA option is used Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16420)
|
#
f2b6edcf |
| 25-Aug-2021 |
Dr. David von Oheimb |
APPS/req: Fix misconceptions on -CA, -CAkey, and -key options. -CA now implies -x509 Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1642
APPS/req: Fix misconceptions on -CA, -CAkey, and -key options. -CA now implies -x509 Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16420)
show more ...
|
#
20432344 |
| 04-Aug-2021 |
Tomas Mraz |
req: Avoid segfault when -modulus is used Fixes #16196 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://git
req: Avoid segfault when -modulus is used Fixes #16196 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/16215)
show more ...
|
#
6b38d7dc |
| 02-Aug-2021 |
Dmitry Belyavskiy |
If we have passed the private key, don't copy it implicitly Fixes #16197 Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Paul Dale <pauli@openssl.org>
If we have passed the private key, don't copy it implicitly Fixes #16197 Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16199)
show more ...
|
#
426005ee |
| 25-Jun-2021 |
Richard Levitte |
Fix 'openssl req' to correctly use the algorithm from '-newkey algo:nnnn' We used the original string, which meant fetching for, for example, 'rsa:2048'. That was, of course, doomed to
Fix 'openssl req' to correctly use the algorithm from '-newkey algo:nnnn' We used the original string, which meant fetching for, for example, 'rsa:2048'. That was, of course, doomed to fail. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15912)
show more ...
|
#
d4af922c |
| 24-Jun-2021 |
Pauli |
apps: properly initialise arguments to EVP_PKEY_get_bn_param() This avoids use of uninitialised memory. Follow on to #15900 Reviewed-by: Shane Lontis <shane.lontis@oracle.c
apps: properly initialise arguments to EVP_PKEY_get_bn_param() This avoids use of uninitialised memory. Follow on to #15900 Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15908)
show more ...
|
#
51cda01c |
| 03-Jun-2021 |
Pauli |
req: detect a bad choice of digest early This is a regression against 1.1.1 when an unknown digest was detected early. Fixes #15285 Reviewed-by: Matt Caswell <matt@open
req: detect a bad choice of digest early This is a regression against 1.1.1 when an unknown digest was detected early. Fixes #15285 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15602)
show more ...
|
#
6a2f82b4 |
| 02-Jun-2021 |
Tomas Mraz |
req: fix default bits handling for -newkey Fixes #15569 Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15582)
|
#
ed576acd |
| 21-May-2021 |
Tomas Mraz |
Rename all getters to use get/get0 in name For functions that exist in 1.1.1 provide a simple aliases via #define. Fixes #15236 Functions with OSSL_DECODER_, OSSL_ENCODER_,
Rename all getters to use get/get0 in name For functions that exist in 1.1.1 provide a simple aliases via #define. Fixes #15236 Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_, EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_, EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_, EVP_MD_, and EVP_CIPHER_ prefixes are renamed. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15405)
show more ...
|
#
8ee66a09 |
| 30-May-2021 |
Pauli |
req: fix Coverity 1485137 Explicit null dereference Add a check for a non-existent file name when specifying params via file. Add a check for a failure to determine key type. Re
req: fix Coverity 1485137 Explicit null dereference Add a check for a non-existent file name when specifying params via file. Add a check for a failure to determine key type. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15534)
show more ...
|
#
8b893c35 |
| 26-May-2021 |
Dr. David von Oheimb |
APPS req: Extend the -keyout option to be respected also with -key Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.
APPS req: Extend the -keyout option to be respected also with -key Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13715)
show more ...
|
#
54e8f725 |
| 26-May-2021 |
Dr. David von Oheimb |
DOC: Improve description of 'req' app: -new, -newkey, and -keyout options Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://
DOC: Improve description of 'req' app: -new, -newkey, and -keyout options Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13715)
show more ...
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13, openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11, openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7, OpenSSL_1_1_1h, openssl-3.0.0-alpha6, openssl-3.0.0-alpha5, openssl-3.0.0-alpha4 |
|
#
a7e4ca5b |
| 09-Jun-2020 |
Dr. David von Oheimb |
Add warning to key/param generating apps on potential delay due to missing entropy This also introduces app_keygen() and app_paramgen() and cleans up err reporting. Reviewed-by: Tom
Add warning to key/param generating apps on potential delay due to missing entropy This also introduces app_keygen() and app_paramgen() and cleans up err reporting. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12095)
show more ...
|