#
95a6fbdf |
| 20-Jun-2022 |
Tomas Mraz |
The flag "decoded-from-explicit" must be imp/exportable Otherwise the information that the EC group was imported from explicit parameters is lost when the key is moved across providers.
The flag "decoded-from-explicit" must be imp/exportable Otherwise the information that the EC group was imported from explicit parameters is lost when the key is moved across providers. Fixes #18600 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/18609)
show more ...
|
#
fecb3aae |
| 03-May-2022 |
Matt Caswell |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> Release: yes
|
#
fba140c7 |
| 12-Apr-2022 |
Dmitry Belyavskiy |
str[n]casecmp => OPENSSL_strncasecmp Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18069)
|
#
53137462 |
| 31-Mar-2022 |
Tomas Mraz |
Add error code for unsupported explicit parameters Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/o
Add error code for unsupported explicit parameters Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17998)
show more ...
|
#
638c3a28 |
| 28-Mar-2022 |
Tomas Mraz |
Import only named params into FIPS module Fixes #17978 Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.
Import only named params into FIPS module Fixes #17978 Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17998)
show more ...
|
#
d5f9166b |
| 04-Feb-2022 |
Richard Levitte |
Move e_os.h to include/internal Including e_os.h with a path from a header file doesn't work well on certain exotic platform. It simply fails to build. Since we don't seem to b
Move e_os.h to include/internal Including e_os.h with a path from a header file doesn't work well on certain exotic platform. It simply fails to build. Since we don't seem to be able to stop ourselves, the better move is to move e_os.h to an include directory that's part of the inclusion path given to the compiler. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17641)
show more ...
|
#
10481d33 |
| 05-Jan-2022 |
Peiwei Hu |
Fix: some patches related to error exiting Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull
Fix: some patches related to error exiting Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17417)
show more ...
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13, openssl-3.0.0-alpha12 |
|
#
32ab57cb |
| 18-Feb-2021 |
Shane Lontis |
Fix external symbols related to ec & sm2 keys Partial fix for #12964 This adds ossl_ names for the following symbols: ec_*, ecx_*, ecdh_*, ecdsa_*, sm2_* Reviewed-
Fix external symbols related to ec & sm2 keys Partial fix for #12964 This adds ossl_ names for the following symbols: ec_*, ecx_*, ecdh_*, ecdsa_*, sm2_* Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14231)
show more ...
|
Revision tags: OpenSSL_1_1_1j, openssl-3.0.0-alpha11 |
|
#
9db6af92 |
| 27-Jan-2021 |
Richard Levitte |
EC: Reverse the default asn1_flag in a new EC_GROUP The default was OPENSSL_EC_NAMED_CURVE, but that's not true until a curve name has been set, so we change the initial value to OPE
EC: Reverse the default asn1_flag in a new EC_GROUP The default was OPENSSL_EC_NAMED_CURVE, but that's not true until a curve name has been set, so we change the initial value to OPENSSL_EC_EXPLICIT_CURVE and let EC_GROUP_set_curve_name() change it to OPENSSL_EC_NAMED_CURVE. Submitted by Matt Caswell Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/13973)
show more ...
|
#
4333b89f |
| 28-Jan-2021 |
Richard Levitte |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13999)
|
Revision tags: openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7 |
|
#
5b5eea4b |
| 15-Oct-2020 |
Shane Lontis |
Deprecate EC_KEY + Update ec apps to use EVP_PKEY Co-author: Richard Levitte <levitte@openssl.org> Co-author: Tomas Mraz <tmraz@openssl.org> Reviewed-by: Matt Caswell <matt@open
Deprecate EC_KEY + Update ec apps to use EVP_PKEY Co-author: Richard Levitte <levitte@openssl.org> Co-author: Tomas Mraz <tmraz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13139)
show more ...
|
#
9311d0c4 |
| 04-Nov-2020 |
Richard Levitte |
Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call This includes error reporting for libcrypto sub-libraries in surprising places. This was done using ut
Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call This includes error reporting for libcrypto sub-libraries in surprising places. This was done using util/err-to-raise Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13318)
show more ...
|
#
b4250010 |
| 15-Oct-2020 |
Dr. Matthias St. Pierre |
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER.
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER. The OPENSSL_CTX type stands out a little by using a different prefix. For consistency reasons, this type is renamed to OSSL_LIB_CTX. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12621)
show more ...
|
#
d8652be0 |
| 24-Sep-2020 |
Matt Caswell |
Run the withlibctx.pl script Automatically rename all instances of _with_libctx() to _ex() as per our coding style. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged fro
Run the withlibctx.pl script Automatically rename all instances of _with_libctx() to _ex() as per our coding style. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12970)
show more ...
|
Revision tags: OpenSSL_1_1_1h |
|
#
fe2f8aec |
| 21-Aug-2020 |
Tomas Mraz |
EC_KEY: add EC_KEY_decoded_from_explicit_params() The function returns 1 when the encoding of a decoded EC key used explicit encoding of the curve parameters. Reviewed-by: David
EC_KEY: add EC_KEY_decoded_from_explicit_params() The function returns 1 when the encoding of a decoded EC key used explicit encoding of the curve parameters. Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/12683)
show more ...
|
#
5045abb2 |
| 30-Aug-2020 |
Richard Levitte |
EC: Remove one error record that shadows another In EC_GROUP_new_from_params(), ERR_R_EC_LIB was reported if group_new_from_name() returned NULL. However, this shadows a possible EC
EC: Remove one error record that shadows another In EC_GROUP_new_from_params(), ERR_R_EC_LIB was reported if group_new_from_name() returned NULL. However, this shadows a possible EC_R_INVALID_CURVE, making that harder to detect, which happens to be important to do in test/evp_test.c. This also extends key_unsupported() in test/evp_test.c to check for this error alongside the check for EC_R_UNKNOWN_GROUP. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12587)
show more ...
|
#
c0f39ded |
| 22-Aug-2020 |
Shane Lontis |
Add Explicit EC parameter support to providers. This was added for backward compatability. Added EC_GROUP_new_from_params() that supports explicit curve parameters. This fixes t
Add Explicit EC parameter support to providers. This was added for backward compatability. Added EC_GROUP_new_from_params() that supports explicit curve parameters. This fixes the 15-test_genec.t TODO. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12604)
show more ...
|
Revision tags: openssl-3.0.0-alpha6, openssl-3.0.0-alpha5, openssl-3.0.0-alpha4 |
|
#
2da8d4eb |
| 15-Jun-2020 |
Matt Caswell |
Add more complete support for libctx/propq in the EC code Renames some "new_ex" functions to "new_with_libctx" and ensures that we pass around the libctx AND the propq everywhere.
Add more complete support for libctx/propq in the EC code Renames some "new_ex" functions to "new_with_libctx" and ensures that we pass around the libctx AND the propq everywhere. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12159)
show more ...
|
Revision tags: openssl-3.0.0-alpha3 |
|
#
23ccae80 |
| 27-May-2020 |
Billy Brumley |
Move EC_METHOD to internal-only Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/
Move EC_METHOD to internal-only Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11928)
show more ...
|
#
9c47a338 |
| 22-May-2020 |
Nicola Tuveri |
Fix coverity issues in EC after #11807 This should fix 2 issues detected by Coverity and introduced with https://github.com/openssl/openssl/pull/11807 - CID 1463577: Memory - c
Fix coverity issues in EC after #11807 This should fix 2 issues detected by Coverity and introduced with https://github.com/openssl/openssl/pull/11807 - CID 1463577: Memory - corruptions (ARRAY_VS_SINGLETON) - CID 1463573: Memory - corruptions (ARRAY_VS_SINGLETON) In practice the tests seem to show that they both aren't real issues, yet I believe this small change should appease the scanner and at the same time improve clarity for the reader. Here is the original report: ``` ** CID 1463577: Memory - corruptions (ARRAY_VS_SINGLETON) ________________________________________________________________________________________________________ *** CID 1463577: Memory - corruptions (ARRAY_VS_SINGLETON) /crypto/ec/ec_lib.c: 1123 in EC_POINT_mul() 1117 1118 if (group->meth->mul != NULL) 1119 ret = group->meth->mul(group, r, g_scalar, point != NULL 1120 && p_scalar != NULL, &point, &p_scalar, ctx); 1121 else 1122 /* use default */ CID 1463577: Memory - corruptions (ARRAY_VS_SINGLETON) Passing "&point" to function "ec_wNAF_mul" which uses it as an array. This might corrupt or misinterpret adjacent memory locations. 1123 ret = ec_wNAF_mul(group, r, g_scalar, point != NULL 1124 && p_scalar != NULL, &point, &p_scalar, ctx); 1125 1126 #ifndef FIPS_MODULE 1127 BN_CTX_free(new_ctx); 1128 #endif ** CID 1463573: Memory - corruptions (ARRAY_VS_SINGLETON) ________________________________________________________________________________________________________ *** CID 1463573: Memory - corruptions (ARRAY_VS_SINGLETON) /crypto/ec/ec_lib.c: 1123 in EC_POINT_mul() 1117 1118 if (group->meth->mul != NULL) 1119 ret = group->meth->mul(group, r, g_scalar, point != NULL 1120 && p_scalar != NULL, &point, &p_scalar, ctx); 1121 else 1122 /* use default */ CID 1463573: Memory - corruptions (ARRAY_VS_SINGLETON) Passing "&p_scalar" to function "ec_wNAF_mul" which uses it as an array. This might corrupt or misinterpret adjacent memory locations. 1123 ret = ec_wNAF_mul(group, r, g_scalar, point != NULL 1124 && p_scalar != NULL, &point, &p_scalar, ctx); 1125 1126 #ifndef FIPS_MODULE 1127 BN_CTX_free(new_ctx); 1128 #endif ``` Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11919)
show more ...
|
#
c2f2db9b |
| 19-May-2020 |
Billy Brumley |
deprecate EC_POINT_make_affine and EC_POINTs_make_affine Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.
deprecate EC_POINT_make_affine and EC_POINTs_make_affine Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11874)
show more ...
|
#
6b4eb933 |
| 17-May-2020 |
Billy Brumley |
deprecate EC precomputation functionality Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/op
deprecate EC precomputation functionality Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/11851)
show more ...
|
Revision tags: openssl-3.0.0-alpha2 |
|
#
4fcd15c1 |
| 13-May-2020 |
Billy Brumley |
deprecate EC_POINTs_mul function Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1
deprecate EC_POINTs_mul function Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11807)
show more ...
|
Revision tags: openssl-3.0.0-alpha1, OpenSSL_1_1_1g |
|
#
f844f9eb |
| 13-Apr-2020 |
Richard Levitte |
Rename FIPS_MODE to FIPS_MODULE This macro is used to determine if certain pieces of code should become part of the FIPS module or not. The old name was confusing. Fixes #11538
Rename FIPS_MODE to FIPS_MODULE This macro is used to determine if certain pieces of code should become part of the FIPS module or not. The old name was confusing. Fixes #11538 Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11539)
show more ...
|
#
33388b44 |
| 23-Apr-2020 |
Matt Caswell |
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11616)
|