#
7ed6de99 |
| 05-Sep-2024 |
Tomas Mraz |
Copyright year updates Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes
|
#
55c14583 |
| 24-Jun-2024 |
Tomas Mraz |
evp_pkey_ctx_setget_params_to_ctrl(): Always properly set ctx.action_type Fixes #24698 Some applicable translations are bidirectional so they have NONE action_type. However we n
evp_pkey_ctx_setget_params_to_ctrl(): Always properly set ctx.action_type Fixes #24698 Some applicable translations are bidirectional so they have NONE action_type. However we need to set the real action_type in the ctx. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from https://github.com/openssl/openssl/pull/24709)
show more ...
|
#
da1c088f |
| 07-Sep-2023 |
Matt Caswell |
Copyright year updates Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes
|
#
cf712830 |
| 23-Aug-2023 |
Ingo Franzki |
ctrl_params_translate: Allow get_rsa_payload_x() also for RSA-PSS The get_rsa_payload_x() functions should also allow to get the payload for RSA-PSS keys. Signed-off-by: Ingo Fr
ctrl_params_translate: Allow get_rsa_payload_x() also for RSA-PSS The get_rsa_payload_x() functions should also allow to get the payload for RSA-PSS keys. Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21818)
show more ...
|
#
e2c2cca4 |
| 23-Aug-2023 |
Ingo Franzki |
ctrl_params_translate: Allow RSA controls also for RSA-PSS Controls 'rsa_keygen_pubexp' and 'rsa_keygen_primes' should also be allowed for RSA-PSS keys. Signed-off-by: Ingo Fran
ctrl_params_translate: Allow RSA controls also for RSA-PSS Controls 'rsa_keygen_pubexp' and 'rsa_keygen_primes' should also be allowed for RSA-PSS keys. Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21818)
show more ...
|
#
a024ab98 |
| 16-Jul-2023 |
Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com> |
Fix typos found by codespell Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from ht
Fix typos found by codespell Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21467)
show more ...
|
#
64b1d2fb |
| 13-Jul-2023 |
ljuzwiuk |
Fix RSA OAEP set/get label for legacy engine Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Paul Dale <pauli@openssl.org> (M
Fix RSA OAEP set/get label for legacy engine Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21401)
show more ...
|
#
43d5dac9 |
| 10-May-2023 |
Yuan, Shuai |
Fixed EVP_PKEY_CTX_set_ec_paramgen_curve_nid() for SM2 in ENGINEs The CTRL translation is missing for SM2 key types. Fixes #20899 Signed-off-by: Yuan, Shuai <shuai.yuan@intel.co
Fixed EVP_PKEY_CTX_set_ec_paramgen_curve_nid() for SM2 in ENGINEs The CTRL translation is missing for SM2 key types. Fixes #20899 Signed-off-by: Yuan, Shuai <shuai.yuan@intel.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20900)
show more ...
|
#
be6497aa |
| 10-May-2023 |
Yuan, Shuai |
Fixed TLS1.3 handshake issue for legacy engine API. Signed-off-by: Yuan, Shuai <shuai.yuan@intel.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas
Fixed TLS1.3 handshake issue for legacy engine API. Signed-off-by: Yuan, Shuai <shuai.yuan@intel.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20922)
show more ...
|
#
1009940c |
| 21-Apr-2023 |
Richard Levitte |
param->ctrl translation: Fix evp_pkey_ctx_setget_params_to_ctrl() Ensure that ctx.ctrl_cmd defaults to translation->cmd_num Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-
param->ctrl translation: Fix evp_pkey_ctx_setget_params_to_ctrl() Ensure that ctx.ctrl_cmd defaults to translation->cmd_num Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/20780)
show more ...
|
#
ac52fe5f |
| 20-Apr-2023 |
Richard Levitte |
param->ctrl translation: Fix fix_ec_paramgen_curve_nid() This function didn't prepare space to get the param string, which causes the default_fixup_args() call to fail. Fixes #2
param->ctrl translation: Fix fix_ec_paramgen_curve_nid() This function didn't prepare space to get the param string, which causes the default_fixup_args() call to fail. Fixes #20161 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/20780)
show more ...
|
#
bbe9d2de |
| 28-Mar-2023 |
Pauli |
Coverity 1524597: null pointer dereference Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl
Coverity 1524597: null pointer dereference Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20629)
show more ...
|
#
9adbce74 |
| 08-Mar-2023 |
Jorge Ramirez-Ortiz |
translation: EC legacy keys, handle OSSL_PKEY_PARAM_EC_PUB_X,Y requests Required by tpm2-tss to load legacy EC keys using the OpenSSL engine. Fixes: https://github.com/tpm2-software
translation: EC legacy keys, handle OSSL_PKEY_PARAM_EC_PUB_X,Y requests Required by tpm2-tss to load legacy EC keys using the OpenSSL engine. Fixes: https://github.com/tpm2-software/tpm2-tss/issues/2581 Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20535)
show more ...
|
#
650f0474 |
| 30-Jan-2023 |
ndossche |
Fix error check on default_check() helper function default_check() can return a zero value to indicate an internal error in one condition for the PRE_CTRL_STR_TO_PARAMS state. This state
Fix error check on default_check() helper function default_check() can return a zero value to indicate an internal error in one condition for the PRE_CTRL_STR_TO_PARAMS state. This state can be reached from the default_fixup_args() function which does not check for a zero value. All other callers of default_check() in that file do check for a zero return value. Fix it by changing the check to <= 0. CLA: trivial Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20175)
show more ...
|
#
5ab3ec1b |
| 27-Oct-2022 |
Hubert Kario |
rsa: Add option to disable implicit rejection Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
rsa: Add option to disable implicit rejection Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13817)
show more ...
|
#
c0487795 |
| 05-Oct-2022 |
Juergen Christ |
Add translation for ECX group parameter Legacy EVP_PKEY_CTX objects did not support the "group" parameter for X25519 and X448. The translation of this parameter resulted in an error. T
Add translation for ECX group parameter Legacy EVP_PKEY_CTX objects did not support the "group" parameter for X25519 and X448. The translation of this parameter resulted in an error. This caused errors for legacy keys and engines. Fix this situation by adding a translation that simply checks that the correct parameter is to be set, but does not actually set anything. This is correct since the group name is anyway optional for these two curves. Fixes #19313 Signed-off-by: Juergen Christ <jchrist@linux.ibm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19348)
show more ...
|
#
1567a821 |
| 23-Aug-2022 |
FdaSilvaYY |
crypto: Fix various typos, repeated words, align some spelling to LDP. partially revamped from #16712 - fall thru -> fall through - time stamp -> timestamp - file name -> filename
crypto: Fix various typos, repeated words, align some spelling to LDP. partially revamped from #16712 - fall thru -> fall through - time stamp -> timestamp - file name -> filename - host name -> hostname Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19059)
show more ...
|
#
e077455e |
| 29-Sep-2022 |
Richard Levitte |
Stop raising ERR_R_MALLOC_FAILURE in most places Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and at least handle the file name and line number they are called from,
Stop raising ERR_R_MALLOC_FAILURE in most places Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and at least handle the file name and line number they are called from, there's no need to report ERR_R_MALLOC_FAILURE where they are called directly, or when SSLfatal() and RLAYERfatal() is used, the reason `ERR_R_MALLOC_FAILURE` is changed to `ERR_R_CRYPTO_LIB`. There were a number of places where `ERR_R_MALLOC_FAILURE` was reported even though it was a function from a different sub-system that was called. Those places are changed to report ERR_R_{lib}_LIB, where {lib} is the name of that sub-system. Some of them are tricky to get right, as we have a lot of functions that belong in the ASN1 sub-system, and all the `sk_` calls or from the CRYPTO sub-system. Some extra adaptation was necessary where there were custom OPENSSL_malloc() wrappers, and some bugs are fixed alongside these changes. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19301)
show more ...
|
#
fecb3aae |
| 03-May-2022 |
Matt Caswell |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> Release: yes
|
#
359dad51 |
| 28-Apr-2022 |
Tomas Mraz |
fix_dh_paramgen_type: Avoid crash with invalid paramgen type Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github
fix_dh_paramgen_type: Avoid crash with invalid paramgen type Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18202)
show more ...
|
#
fba140c7 |
| 12-Apr-2022 |
Dmitry Belyavskiy |
str[n]casecmp => OPENSSL_strncasecmp Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18069)
|
#
d5f9166b |
| 04-Feb-2022 |
Richard Levitte |
Move e_os.h to include/internal Including e_os.h with a path from a header file doesn't work well on certain exotic platform. It simply fails to build. Since we don't seem to b
Move e_os.h to include/internal Including e_os.h with a path from a header file doesn't work well on certain exotic platform. It simply fails to build. Since we don't seem to be able to stop ourselves, the better move is to move e_os.h to an include directory that's part of the inclusion path given to the compiler. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17641)
show more ...
|
#
f58bb2dd |
| 13-Jan-2022 |
Tomas Mraz |
Properly return error on EVP_PKEY_CTX_set_dh_nid and EVP_PKEY_CTX_set_dhx_rfc5114 Fixes #17485 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/opens
Properly return error on EVP_PKEY_CTX_set_dh_nid and EVP_PKEY_CTX_set_dhx_rfc5114 Fixes #17485 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17498)
show more ...
|
#
e304aa87 |
| 02-Jan-2022 |
Dimitris Apostolou |
Fix typos Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17392)
|
#
6f87463b |
| 25-Nov-2021 |
Tom Cosgrove |
Fix EVP_PKEY_CTX_get_rsa_pss_saltlen() not returning a value When an integer value was specified, it was not being passed back via the orig_p2 weirdness. Regression test include
Fix EVP_PKEY_CTX_get_rsa_pss_saltlen() not returning a value When an integer value was specified, it was not being passed back via the orig_p2 weirdness. Regression test included. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17136)
show more ...
|