History log of /openssl/crypto/store/store_lib.c (Results 1 – 25 of 70)
Revision (<<< Hide revision tags) (Show revision tags >>>) Date Author Comments
# 7ed6de99 05-Sep-2024 Tomas Mraz

Copyright year updates


Reviewed-by: Neil Horman <nhorman@openssl.org>
Release: yes


# bd73e1e6 28-Feb-2024 afshinpir

Adding missing NULL pointer check

CLA: trivial
In the provider store API, it is not necessary to provide both open and
attach method at the same time and providing at least one of th

Adding missing NULL pointer check

CLA: trivial
In the provider store API, it is not necessary to provide both open and
attach method at the same time and providing at least one of them is
enough. Adding some null pointer checks to prevent exceptions in case
of not providing both methods at the same time.

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23703)

show more ...


# 99fe4c10 25-Mar-2024 Jiasheng Jiang

Add OPENSSL_free to avoid mem leak

Signed-off-by: Jiasheng Jiang <jiasheng@purdue.edu>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>

Add OPENSSL_free to avoid mem leak

Signed-off-by: Jiasheng Jiang <jiasheng@purdue.edu>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23955)

show more ...


# 18a30b56 22-Mar-2024 Jiasheng Jiang

store/store_lib.c: Add the checks for the EVP_MD_CTX_get_size()

Add the checks for the return value of EVP_MD_CTX_get_size() before explicitly cast them to size_t to avoid the integer overfl

store/store_lib.c: Add the checks for the EVP_MD_CTX_get_size()

Add the checks for the return value of EVP_MD_CTX_get_size() before explicitly cast them to size_t to avoid the integer overflow.

Fixes: fac8673b8a ("STORE: Add the possibility to search for specific information")
Signed-off-by: Jiasheng Jiang <jiasheng@purdue.edu>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23955)

show more ...


# 556009c5 28-Sep-2023 Matt Caswell

Copyright year updates


Reviewed-by: Richard Levitte <levitte@openssl.org>
Release: yes


# 96e67808 23-Jan-2023 Simo Sorce

Allow to pass a passprase callback at store open

Some PKCS11 modules require authentication early on to be able to
preload objects, which we want to do to avoid costly roundtrips when th

Allow to pass a passprase callback at store open

Some PKCS11 modules require authentication early on to be able to
preload objects, which we want to do to avoid costly roundtrips when the
HSM is actually reached over a network (Cloud HSM).

Unfortunately at open time we can't interact with the user becaue the
callbacks are only passed at object load time. later on.

This patch corrects this issue by providing a more feature rich open
call for providers.

Signed-off-by: Simo Sorce <simo@redhat.com>

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20131)

show more ...


# 0a8807b4 28-Aug-2023 Dmitry Belyavskiy

Store: API for deletion

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21901)


# ad31628c 16-Jul-2023 Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com>

Remove repeated words

Found by running the checkpatch.pl Linux script to enforce coding style.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.

Remove repeated words

Found by running the checkpatch.pl Linux script to enforce coding style.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21468)

show more ...


# 17dd9a2c 06-Sep-2023 Richard Levitte

OSSL_STORE: Fix error flag clearing and setting (provider path only)

When the provider's load function returned with an error, the libcrypto
error flag was only set if EOF hadn't been re

OSSL_STORE: Fix error flag clearing and setting (provider path only)

When the provider's load function returned with an error, the libcrypto
error flag was only set if EOF hadn't been reached. This is troublesome,
as an error can very well occur during the last load before EOF is reached!

Also, the error flag was never reset, even though documentation specifies
that it should indicate an error in the last load (i.e. not the one before
that).

Fixes #21968

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21976)

show more ...


# c7340583 23-Aug-2022 FdaSilvaYY

crypto/*: Fix various typos, repeated words, align some spelling to LDP.
partially revamped from #16712
- fall thru -> fall through
- time stamp -> timestamp
- host name -> hostname

crypto/*: Fix various typos, repeated words, align some spelling to LDP.
partially revamped from #16712
- fall thru -> fall through
- time stamp -> timestamp
- host name -> hostname
- ipv6 -> IPv6

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19059)

show more ...


# e077455e 29-Sep-2022 Richard Levitte

Stop raising ERR_R_MALLOC_FAILURE in most places

Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and
at least handle the file name and line number they are called from,

Stop raising ERR_R_MALLOC_FAILURE in most places

Since OPENSSL_malloc() and friends report ERR_R_MALLOC_FAILURE, and
at least handle the file name and line number they are called from,
there's no need to report ERR_R_MALLOC_FAILURE where they are called
directly, or when SSLfatal() and RLAYERfatal() is used, the reason
`ERR_R_MALLOC_FAILURE` is changed to `ERR_R_CRYPTO_LIB`.

There were a number of places where `ERR_R_MALLOC_FAILURE` was reported
even though it was a function from a different sub-system that was
called. Those places are changed to report ERR_R_{lib}_LIB, where
{lib} is the name of that sub-system.
Some of them are tricky to get right, as we have a lot of functions
that belong in the ASN1 sub-system, and all the `sk_` calls or from
the CRYPTO sub-system.

Some extra adaptation was necessary where there were custom OPENSSL_malloc()
wrappers, and some bugs are fixed alongside these changes.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19301)

show more ...


# 66cb4fcd 01-Apr-2022 Pauli

Fix Coverity 1503329 use after free

Another false positive tagged as such

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Me

Fix Coverity 1503329 use after free

Another false positive tagged as such

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/18014)

show more ...


# fecb3aae 03-May-2022 Matt Caswell

Update copyright year

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Release: yes


# fba140c7 12-Apr-2022 Dmitry Belyavskiy

str[n]casecmp => OPENSSL_strncasecmp

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18069)


# d5f9166b 04-Feb-2022 Richard Levitte

Move e_os.h to include/internal

Including e_os.h with a path from a header file doesn't work well on
certain exotic platform. It simply fails to build.

Since we don't seem to b

Move e_os.h to include/internal

Including e_os.h with a path from a header file doesn't work well on
certain exotic platform. It simply fails to build.

Since we don't seem to be able to stop ourselves, the better move is
to move e_os.h to an include directory that's part of the inclusion
path given to the compiler.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17641)

show more ...


# 7c64ca71 27-Aug-2021 Dr. David von Oheimb

OSSL_STORE_open_ex(): Prevent spurious error: unregistered scheme=file

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16452)


# 2ff286c2 21-Jun-2021 Dr. David von Oheimb

Add and use HAS_PREFIX() and CHECK_AND_SKIP_PREFIX() for checking if string has literal prefix

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/

Add and use HAS_PREFIX() and CHECK_AND_SKIP_PREFIX() for checking if string has literal prefix

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15847)

show more ...


# 1287dabd 26-Oct-2021 x2018

fix some code with obvious wrong coding style

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org

fix some code with obvious wrong coding style

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16918)

show more ...


# 6870c1e7 23-Jun-2021 Randall S. Becker

Defined out MUTEX attributes not available on NonStop SPT Threads.

Standard Posix Threads (SPT) Threads are an older separate branch of
pthreads that do not support some of the capabilit

Defined out MUTEX attributes not available on NonStop SPT Threads.

Standard Posix Threads (SPT) Threads are an older separate branch of
pthreads that do not support some of the capabilities in the current
Posix User Threads (PUT).

The change also includes a rename of the close field of OSSL_STORE_LOADER
which was causing preprocessor conflicts.

Fixes #15885

Signed-off-by: Randall S. Becker <rsbecker@nexbridge.com>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15886)

show more ...


# 19c0b46b 28-Jun-2021 Richard Levitte

OSSL_STORE: Fix crash when tracing STORE

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openss

OSSL_STORE: Fix crash when tracing STORE

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15931)

show more ...


# ecd699b6 18-Jun-2021 Richard Levitte

STORE: Fix OSSL_STORE_open_ex() error reporting

OSSL_STORE_open_ex() could result in reports like this:

80722AA3927F0000:error:80000002:system library:file_open_ex:No such file

STORE: Fix OSSL_STORE_open_ex() error reporting

OSSL_STORE_open_ex() could result in reports like this:

80722AA3927F0000:error:80000002:system library:file_open_ex:No such file or directory:engines/e_loader_attic.c:1016:calling stat(file:test/blahdibleh.der)
80722AA3927F0000:error:41800069:lib(131)::path must be absolute:engines/e_loader_attic.c:1010:test/blahdibleh.der
80722AA3927F0000:error:1600007B:STORE routines:OSSL_STORE_open_ex:no loaders found:crypto/store/store_lib.c:148:No store loaders were found. For standard store loaders you need at least one of the default or base providers available. Did you forget to load them?

The last one turns out to be a bit too generically reported. It
should only be reported when no loader were loaded at all, not when
loader_ctx happens to be NULL (which may happen for other reasons).

We also move the helpful message to the OSSL_STORE_LOADER fetcher.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15820)

show more ...


# 6309b799 10-Jun-2021 Richard Levitte

STORE: Make OSSL_STORE_LOADER_fetch() consistent with all other fetch functions

The argument order was different on this one.

Fixes #15688

Reviewed-by: Matt Caswell <matt@o

STORE: Make OSSL_STORE_LOADER_fetch() consistent with all other fetch functions

The argument order was different on this one.

Fixes #15688

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15689)

show more ...


# ed576acd 21-May-2021 Tomas Mraz

Rename all getters to use get/get0 in name

For functions that exist in 1.1.1 provide a simple aliases via #define.

Fixes #15236

Functions with OSSL_DECODER_, OSSL_ENCODER_,

Rename all getters to use get/get0 in name

For functions that exist in 1.1.1 provide a simple aliases via #define.

Fixes #15236

Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_,
EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_,
EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_,
EVP_MD_, and EVP_CIPHER_ prefixes are renamed.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15405)

show more ...


Revision tags: openssl-3.0.0-alpha17
# 40692ed7 15-May-2021 Matt Caswell

Better error messages if there are no encoders/decoders/store loaders

If you don't have the base or default providers loaded and therefore there
are no encoders/decoders or store loaders

Better error messages if there are no encoders/decoders/store loaders

If you don't have the base or default providers loaded and therefore there
are no encoders/decoders or store loaders then the error messages can be
cryptic. We provide better hints about how to fix the problem.

Fixes #13798

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15306)

show more ...


Revision tags: openssl-3.0.0-alpha16
# d382e796 30-Apr-2021 Tomas Mraz

Make the -inform option to be respected if possible

Add OSSL_STORE_PARAM_INPUT_TYPE and make it possible to be
set when OSSL_STORE_open_ex() or OSSL_STORE_attach() is called.

Th

Make the -inform option to be respected if possible

Add OSSL_STORE_PARAM_INPUT_TYPE and make it possible to be
set when OSSL_STORE_open_ex() or OSSL_STORE_attach() is called.

The input type format is enforced only in case the file
type file store is used.

By default we use FORMAT_UNDEF meaning the input type
is not enforced.

Fixes #14569

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15100)

show more ...


123