#
556009c5 |
| 28-Sep-2023 |
Matt Caswell |
Copyright year updates Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes
|
#
ad31628c |
| 16-Jul-2023 |
Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com> |
Remove repeated words Found by running the checkpatch.pl Linux script to enforce coding style. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.
Remove repeated words Found by running the checkpatch.pl Linux script to enforce coding style. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21468)
show more ...
|
#
e077455e |
| 29-Sep-2022 |
Richard Levitte |
Stop raising ERR_R_MALLOC_FAILURE in most places Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and at least handle the file name and line number they are called from,
Stop raising ERR_R_MALLOC_FAILURE in most places Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and at least handle the file name and line number they are called from, there's no need to report ERR_R_MALLOC_FAILURE where they are called directly, or when SSLfatal() and RLAYERfatal() is used, the reason `ERR_R_MALLOC_FAILURE` is changed to `ERR_R_CRYPTO_LIB`. There were a number of places where `ERR_R_MALLOC_FAILURE` was reported even though it was a function from a different sub-system that was called. Those places are changed to report ERR_R_{lib}_LIB, where {lib} is the name of that sub-system. Some of them are tricky to get right, as we have a lot of functions that belong in the ASN1 sub-system, and all the `sk_` calls or from the CRYPTO sub-system. Some extra adaptation was necessary where there were custom OPENSSL_malloc() wrappers, and some bugs are fixed alongside these changes. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19301)
show more ...
|
#
9dddcd90 |
| 22-Oct-2021 |
x2018 |
add checks for the return values of BN_new(), sk_RSA_PRIME_INFO_new_reserve(), EVP_PKEY_CTX_new_from_pkey() and EVP_CIPHER_CTX_new(). Otherwise may result in memory errors. Reviewed-
add checks for the return values of BN_new(), sk_RSA_PRIME_INFO_new_reserve(), EVP_PKEY_CTX_new_from_pkey() and EVP_CIPHER_CTX_new(). Otherwise may result in memory errors. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16892)
show more ...
|
#
1ffac6ca |
| 01-Jul-2021 |
Pauli |
pvk: use PVK KDF Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15968)
|
#
ed576acd |
| 21-May-2021 |
Tomas Mraz |
Rename all getters to use get/get0 in name For functions that exist in 1.1.1 provide a simple aliases via #define. Fixes #15236 Functions with OSSL_DECODER_, OSSL_ENCODER_,
Rename all getters to use get/get0 in name For functions that exist in 1.1.1 provide a simple aliases via #define. Fixes #15236 Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_, EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_, EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_, EVP_MD_, and EVP_CIPHER_ prefixes are renamed. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15405)
show more ...
|
Revision tags: openssl-3.0.0-alpha17 |
|
#
5e2d22d5 |
| 18-May-2021 |
Jon Spillett |
Pass library context and property query into private key decoders Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mr
Pass library context and property query into private key decoders Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14587)
show more ...
|
Revision tags: openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k |
|
#
169eca60 |
| 15-Mar-2021 |
Jon Spillett |
Enhance the encoder/decoder tests to allow testing with a non-default library context and configurable providers Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dal
Enhance the encoder/decoder tests to allow testing with a non-default library context and configurable providers Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14587)
show more ...
|
#
3f700d4b |
| 15-Apr-2021 |
Pauli |
pem: remove references to EVP_sha1() Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14881)
|
#
711d7ca5 |
| 21-Mar-2021 |
Pauli |
pem: fix coverity 1474426: uninitialised scalar variable. Based on the value, it would with work properly or produce an error. Most likely seems to have been the former. Reviewed-b
pem: fix coverity 1474426: uninitialised scalar variable. Based on the value, it would with work properly or produce an error. Most likely seems to have been the former. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14638)
show more ...
|
#
f4e46b81 |
| 15-Mar-2021 |
Richard Levitte |
PROV: Add type specific MSBLOB and PVK decoding for the MS->key decoders To make this cleaner, decoder_ms2key.c is split into decoder_msblob2key.c and decoder_pvk2key.c. This re
PROV: Add type specific MSBLOB and PVK decoding for the MS->key decoders To make this cleaner, decoder_ms2key.c is split into decoder_msblob2key.c and decoder_pvk2key.c. This required a great deal of refactoring of crypto/pem/pvkfmt.c, to make cleaner internal functions that our decoder implementations can use. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14314)
show more ...
|
Revision tags: openssl-3.0.0-alpha13 |
|
#
8020d79b |
| 11-Mar-2021 |
Matt Caswell |
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14512)
|
#
7bc0fdd3 |
| 02-Mar-2021 |
Matt Caswell |
Make the EVP_PKEY_get0* functions have a const return type OTC have decided that the EVP_PKEY_get0* functions should have a const return type. This is a breaking change to emphasise that
Make the EVP_PKEY_get0* functions have a const return type OTC have decided that the EVP_PKEY_get0* functions should have a const return type. This is a breaking change to emphasise that these values should be considered as immutable. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14319)
show more ...
|
Revision tags: openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11, openssl-3.0.0-alpha10 |
|
#
e77c13f8 |
| 10-Dec-2020 |
Richard Levitte |
MSBLOB & PVK: Make it possible to write EVP_PKEYs with provided internal key So far, the MSBLOB and PVK writers could only handle EVP_PKEYs with legacy internal keys. Specially
MSBLOB & PVK: Make it possible to write EVP_PKEYs with provided internal key So far, the MSBLOB and PVK writers could only handle EVP_PKEYs with legacy internal keys. Specially to be able to compile the loader_attic engine, we use the C macro OPENSSL_NO_PROVIDER_CODE to avoid building the provider specific things when we don't need them. The alternative is to suck half of crypto/evp/ into loader_attic, and that's just not feasible. Fixes #13503 Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13661)
show more ...
|
#
a158f8cf |
| 09-Dec-2020 |
Richard Levitte |
PEM: Unlock MSBLOB and PVK functions from 'no-dsa' and 'no-rc4' All these functions are usable with RSA keys, there's no reason why they should be unaccessible when DSA or RC4 are disabl
PEM: Unlock MSBLOB and PVK functions from 'no-dsa' and 'no-rc4' All these functions are usable with RSA keys, there's no reason why they should be unaccessible when DSA or RC4 are disabled. When DSA is disabled, it's not possible to use these functions for DSA EVP_PKEYs. That's fine, and supported. When RC4 is disabled, it's not possible to use these functions to write encrypted PVK output. That doesn't even depend on the definition of OPENSSL_NO_RC4, but if the RC4 algorithm is accessible via EVP, something that isn't known when building libcrypto. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13648)
show more ...
|
Revision tags: OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8 |
|
#
9311d0c4 |
| 04-Nov-2020 |
Richard Levitte |
Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call This includes error reporting for libcrypto sub-libraries in surprising places. This was done using ut
Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() call This includes error reporting for libcrypto sub-libraries in surprising places. This was done using util/err-to-raise Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13318)
show more ...
|
#
0934cf48 |
| 20-Oct-2020 |
Richard Levitte |
Unexport internal MSBLOB and PVK functions The following internal functions are affected: ossl_do_blob_header ossl_do_PVK_header ossl_b2i ossl_b2i_bio
Unexport internal MSBLOB and PVK functions The following internal functions are affected: ossl_do_blob_header ossl_do_PVK_header ossl_b2i ossl_b2i_bio This is reflected by moving include/internal/pem.h to include/crypto/pem.h engines/e_loader_attic gets the source code added to it to have continued access to those functions. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13195)
show more ...
|
Revision tags: openssl-3.0.0-alpha7, OpenSSL_1_1_1h, openssl-3.0.0-alpha6 |
|
#
dca51418 |
| 03-Aug-2020 |
Richard Levitte |
PEM: Fix i2b_PvK to use EVP_Encrypt calls consistently Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12574)
|
#
413835f5 |
| 03-Aug-2020 |
Richard Levitte |
PEM: Make general MSBLOB reader functions exposed internally Fly-by fix is to move crypto/include/internal/pem_int.h to include/internal/pem.h. Reviewed-by: Shane Lontis <shane.
PEM: Make general MSBLOB reader functions exposed internally Fly-by fix is to move crypto/include/internal/pem_int.h to include/internal/pem.h. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12574)
show more ...
|
Revision tags: openssl-3.0.0-alpha5, openssl-3.0.0-alpha4, openssl-3.0.0-alpha3 |
|
#
cbeb0bfa |
| 19-May-2020 |
Tomas Mraz |
Cast the unsigned char to unsigned int before shifting left This is needed to avoid automatic promotion to signed int. Fixes #11853 [extended tests] Reviewed-by: R
Cast the unsigned char to unsigned int before shifting left This is needed to avoid automatic promotion to signed int. Fixes #11853 [extended tests] Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11857)
show more ...
|
Revision tags: openssl-3.0.0-alpha2, openssl-3.0.0-alpha1, OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e, OpenSSL_1_0_2u, OpenSSL_1_0_2t, OpenSSL_1_1_0l, OpenSSL_1_1_1d, OpenSSL_1_1_1c, OpenSSL_1_1_0k, OpenSSL_1_0_2s, OpenSSL_1_0_2r, OpenSSL_1_1_1b, OpenSSL_1_0_2q, OpenSSL_1_1_0j, OpenSSL_1_1_1a |
|
#
f55838f3 |
| 12-Oct-2018 |
Richard Levitte |
OSSL_STORE: Make the 'file' scheme loader handle MSBLOB and PVK files This involves exposing two pvkfmt.c functions, but only internally. Reviewed-by: David von Oheimb <david.von.oh
OSSL_STORE: Make the 'file' scheme loader handle MSBLOB and PVK files This involves exposing two pvkfmt.c functions, but only internally. Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/11756)
show more ...
|
#
80b94a5a |
| 22-Mar-2020 |
Christian Hohnstaedt |
i2b_PVK_bio: don't set PEM_R_BIO_WRITE_FAILURE in case of success but in case of an error CLA: trivial Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: B
i2b_PVK_bio: don't set PEM_R_BIO_WRITE_FAILURE in case of success but in case of an error CLA: trivial Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11380)
show more ...
|
#
33388b44 |
| 23-Apr-2020 |
Matt Caswell |
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11616)
|
#
f41ac0ee |
| 29-Jan-2020 |
Pauli |
Deprecate the low level DSA functions. Use of the low level DSA functions has been informally discouraged for a long time. We now formally deprecate them. Reviewed-by: Matt Casw
Deprecate the low level DSA functions. Use of the low level DSA functions has been informally discouraged for a long time. We now formally deprecate them. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10977)
show more ...
|
#
de0799b0 |
| 15-Nov-2019 |
Richard Levitte |
PEM: constify PEM_write_ routines There's no reason why the object to be written, or the key string given by the caller should be non-const. This makes the IMPLEMENT_PEM_..._con
PEM: constify PEM_write_ routines There's no reason why the object to be written, or the key string given by the caller should be non-const. This makes the IMPLEMENT_PEM_..._const and DECLARE_PEM_..._const macros superfluous, so we keep them around but mark them deprecated. In all places where IMPLEMENT_PEM_..._const and DECLARE_PEM_..._const are used, they are replaced with the corresponding macros without '_const'. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10452)
show more ...
|