#
7ed6de99 |
| 05-Sep-2024 |
Tomas Mraz |
Copyright year updates Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes
|
#
6d2a01cd |
| 07-Sep-2023 |
Bernd Edlinger |
Fix error handling in CMS_EncryptedData_encrypt That caused several memory leaks in case of error. Also when the CMS object that is created by CMS_EncryptedData_encrypt is not used i
Fix error handling in CMS_EncryptedData_encrypt That caused several memory leaks in case of error. Also when the CMS object that is created by CMS_EncryptedData_encrypt is not used in the normal way, but instead just deleted by CMS_ContentInfo_free some memory was lost. Fixes #21985 Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22031)
show more ...
|
#
da1c088f |
| 07-Sep-2023 |
Matt Caswell |
Copyright year updates Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes
|
#
13342efb |
| 07-Aug-2023 |
Olga Batyshkina |
Do not raise CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA error in CMS_ContentInfo_free This happens if this function is called for signed content. Added ossl_cms_env_enc_content_free() fo
Do not raise CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA error in CMS_ContentInfo_free This happens if this function is called for signed content. Added ossl_cms_env_enc_content_free() for cleaning enveloped content. Fixed indentation in ossl_cms_env_enc_content_free Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21676)
show more ...
|
#
d7d3dae6 |
| 27-Jun-2022 |
Dr. David von Oheimb |
CMS: add CMS_SignedData_verify(), a variant of CMS_verify() with extensions Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Rev
CMS: add CMS_SignedData_verify(), a variant of CMS_verify() with extensions Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18667)
show more ...
|
#
e2f6960f |
| 09-May-2022 |
Dr. David von Oheimb |
CMS: Export CMS_EnvelopedData and add CMS_EnvelopedData_decrypt() Also document CMS_decrypt_set1_password() and fix CMS_EnvelopedData_create.pod. Reviewed-by: Dmitry Belyavskiy <bel
CMS: Export CMS_EnvelopedData and add CMS_EnvelopedData_decrypt() Also document CMS_decrypt_set1_password() and fix CMS_EnvelopedData_create.pod. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18301)
show more ...
|
#
fecb3aae |
| 03-May-2022 |
Matt Caswell |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> Release: yes
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16 |
|
#
07342bad |
| 28-Apr-2021 |
Viktor Söderqvist |
CMS sign digest CLI changes: New parameter -digest to CLI command openssl cms, to provide pre-computed digest for use with -sign. API changes: New function CMS_final_digest(), l
CMS sign digest CLI changes: New parameter -digest to CLI command openssl cms, to provide pre-computed digest for use with -sign. API changes: New function CMS_final_digest(), like CMS_final() but uses a pre-computed digest instead of computing it from the data. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/15348)
show more ...
|
#
d15d5618 |
| 18-Feb-2022 |
Michael Baentsch |
enable CMS sign/verify for provider-implemented PKEYs We need to handle signatures with and without digest algs and we generalize the ossl_cms_ecdsa_dsa_sign() function to other algo
enable CMS sign/verify for provider-implemented PKEYs We need to handle signatures with and without digest algs and we generalize the ossl_cms_ecdsa_dsa_sign() function to other algorithms that are handled in the same way. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17733)
show more ...
|
Revision tags: openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13 |
|
#
3022b7f4 |
| 09-Mar-2021 |
Shane Lontis |
Rename CMS_si_check_attributes to ossl_cms_si_check_attributes Partial fix for #12964 Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/
Rename CMS_si_check_attributes to ossl_cms_si_check_attributes Partial fix for #12964 Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14473)
show more ...
|
#
63b64f19 |
| 12-Mar-2021 |
Dr. David von Oheimb |
TS and CMS CAdES-BES: Refactor check_signing_certs() funcs into common ESS func Also constify related CMS/PKCS7 functions and improve error codes thrown. Reviewed-by: Tomas Mraz <to
TS and CMS CAdES-BES: Refactor check_signing_certs() funcs into common ESS func Also constify related CMS/PKCS7 functions and improve error codes thrown. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14503)
show more ...
|
#
8020d79b |
| 11-Mar-2021 |
Matt Caswell |
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14512)
|
Revision tags: openssl-3.0.0-alpha12 |
|
#
53155f1c |
| 18-Feb-2021 |
Shane Lontis |
Fix external symbols for cms. Partial fix for #12964 This adds ossl_ names for symbols related to cms_* and ess_* Reviewed-by: Matt Caswell <matt@openssl.org> (Merged f
Fix external symbols for cms. Partial fix for #12964 This adds ossl_ names for symbols related to cms_* and ess_* Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14241)
show more ...
|
Revision tags: OpenSSL_1_1_1j, openssl-3.0.0-alpha11, openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7 |
|
#
b4250010 |
| 15-Oct-2020 |
Dr. Matthias St. Pierre |
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER.
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER. The OPENSSL_CTX type stands out a little by using a different prefix. For consistency reasons, this type is renamed to OSSL_LIB_CTX. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12621)
show more ...
|
#
9ab7fe48 |
| 07-Oct-2020 |
Matt Caswell |
Move CMS signing code out of the algorithms and into CMS There is a large amount of CMS sepcific code in the algorithms. This is in the wrong place and breaks layering. This code should
Move CMS signing code out of the algorithms and into CMS There is a large amount of CMS sepcific code in the algorithms. This is in the wrong place and breaks layering. This code should be in the CMS layer. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13088)
show more ...
|
#
0b3a4ef2 |
| 06-Oct-2020 |
Matt Caswell |
Move CMS enveloping code out of the algorithms and into CMS There is quite a large amount of algorithm specific CMS code sitting in the algorithm directories. However, this seems to brea
Move CMS enveloping code out of the algorithms and into CMS There is quite a large amount of algorithm specific CMS code sitting in the algorithm directories. However, this seems to break layering. Algorithms really have no business knowing anything about CMS. Really it should be the other way around. Where there is algorithm specific CMS code it is the CMS layer that should know how to handle different algorithms. Therefore we move this code into the CMS layer. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13088)
show more ...
|
Revision tags: OpenSSL_1_1_1h |
|
#
924663c3 |
| 06-Sep-2020 |
Jakub Zelenka |
Add CMS AuthEnvelopedData with AES-GCM support Add the AuthEnvelopedData as defined in RFC 5083 with AES-GCM parameter as defined in RFC 5084. Reviewed-by: Shane Lontis <shane.l
Add CMS AuthEnvelopedData with AES-GCM support Add the AuthEnvelopedData as defined in RFC 5083 with AES-GCM parameter as defined in RFC 5084. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/8024)
show more ...
|
Revision tags: openssl-3.0.0-alpha6 |
|
#
c1669f41 |
| 25-Jul-2020 |
Shane Lontis |
Add libctx support to CMS. -Public CMS methods that create a CMS_ContentInfo object now have variants that also add a libctx and propq. This includes CMS_ContentInfo_new_with_libctx(),
Add libctx support to CMS. -Public CMS methods that create a CMS_ContentInfo object now have variants that also add a libctx and propq. This includes CMS_ContentInfo_new_with_libctx(), CMS_sign_with_libctx(), CMS_data_create_with_libctx(), CMS_digest_create_with_libctx(), CMS_EncryptedData_encrypt_with_libctx(), CMS_EnvelopedData_create_with_libctx(). -Added CMS_ReceiptRequest_create0_with_libctx(). -Added SMIME_read_CMS_ex() so that a new CMS_ContentInfo object (created using CMS_ContentInfo_new_with_libctx()) can be passed to the read. -d2i_CMS_bio() has been modified so that after it loads the CMS_ContentInfo() it then resolves any subobjects that require the libctx/propq (such as objects containing X509 certificates). Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11884)
show more ...
|
Revision tags: openssl-3.0.0-alpha5, openssl-3.0.0-alpha4, openssl-3.0.0-alpha3, openssl-3.0.0-alpha2, openssl-3.0.0-alpha1, OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e, OpenSSL_1_0_2u, OpenSSL_1_0_2t, OpenSSL_1_1_0l, OpenSSL_1_1_1d |
|
#
9e3c510b |
| 12-Jun-2019 |
FdaSilvaYY |
crypto/cms: add CAdES-BES signed attributes validation for signing certificate V2 and signing certificate extensions. CAdES: lowercase name for now internal methods. crypto
crypto/cms: add CAdES-BES signed attributes validation for signing certificate V2 and signing certificate extensions. CAdES: lowercase name for now internal methods. crypto/cms: generated file changes. Add some CHANGES entries. [extended tests] Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/8098)
show more ...
|
#
33388b44 |
| 23-Apr-2020 |
Matt Caswell |
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11616)
|
#
71434aed |
| 20-Jan-2020 |
Dmitry Belyavskiy |
Implementation of Russian GOST CMS Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/p
Implementation of Russian GOST CMS Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10904)
show more ...
|
#
ae4186b0 |
| 27-Sep-2019 |
Dr. Matthias St. Pierre |
Fix header file include guard names Make the include guards consistent by renaming them systematically according to the naming conventions below For the public header files (in
Fix header file include guard names Make the include guards consistent by renaming them systematically according to the naming conventions below For the public header files (in the 'include/openssl' directory), the guard names try to match the path specified in the include directives, with all letters converted to upper case and '/' and '.' replaced by '_'. For the private header files files, an extra 'OSSL_' is added as prefix. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9333)
show more ...
|
#
706457b7 |
| 27-Sep-2019 |
Dr. Matthias St. Pierre |
Reorganize local header files Apart from public and internal header files, there is a third type called local header files, which are located next to source files in the source direc
Reorganize local header files Apart from public and internal header files, there is a third type called local header files, which are located next to source files in the source directory. Currently, they have different suffixes like '*_lcl.h', '*_local.h', or '*_int.h' This commit changes the different suffixes to '*_local.h' uniformly. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9333)
show more ...
|