|
Revision tags: openssl-3.0.0-alpha6, openssl-3.0.0-alpha5, openssl-3.0.0-alpha4, openssl-3.0.0-alpha3 |
|
| #
c74aaa39 |
| 25-May-2020 |
Dr. David von Oheimb |
Rename EVP_PKEY_cmp() to EVP_PKEY_eq() and EVP_PKEY_cmp_parameters() to EVP_PKEY_parameters_eq()
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl
Rename EVP_PKEY_cmp() to EVP_PKEY_eq() and EVP_PKEY_cmp_parameters() to EVP_PKEY_parameters_eq()
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11953)
show more ...
|
| #
93f99b68 |
| 21-May-2020 |
Dr. David von Oheimb |
Fix X509_PUBKEY_cmp(), move to crypto/x509/x_pubkey.c, rename, export, and document it
Fixes #11870
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github
Fix X509_PUBKEY_cmp(), move to crypto/x509/x_pubkey.c, rename, export, and document it
Fixes #11870
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11894)
show more ...
|
| #
7674e923 |
| 24-May-2020 |
Dr. David von Oheimb |
Constify X509_PUBKEY_get(), X509_PUBKEY_get0(), and X509_PUBKEY_get0_param()
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11894)
|
| #
e9e7b5df |
| 17-May-2020 |
Bernd Edlinger |
Fix some places where X509_up_ref is used
without error handling.
This takes up the ball from #11278
without trying to solve everything at once.
[extended tests]
Re
Fix some places where X509_up_ref is used
without error handling.
This takes up the ball from #11278
without trying to solve everything at once.
[extended tests]
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
(Merged from https://github.com/openssl/openssl/pull/11850)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha2, openssl-3.0.0-alpha1 |
|
| #
33388b44 |
| 23-Apr-2020 |
Matt Caswell |
Update copyright year
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11616)
|
|
Revision tags: OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e |
|
| #
3c6ed955 |
| 20-Feb-2020 |
Richard Levitte |
Rethink the EVP_PKEY cache of provider side keys
The role of this cache was two-fold:
1. It was a cache of key copies exported to providers with which an
operation was init
Rethink the EVP_PKEY cache of provider side keys
The role of this cache was two-fold:
1. It was a cache of key copies exported to providers with which an
operation was initiated.
2. If the EVP_PKEY didn't have a legacy key, item 0 of the cache was
the corresponding provider side origin, while the rest was the
actual cache.
This dual role for item 0 made the code a bit confusing, so we now
make a separate keymgmt / keydata pair outside of that cache, which is
the provider side "origin" key.
A hard rule is that an EVP_PKEY cannot hold a legacy "origin" and a
provider side "origin" at the same time.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11148)
show more ...
|
| #
cdb16632 |
| 12-Feb-2020 |
Richard Levitte |
Adapt i2d_PUBKEY for provider only keys
It uses EVP_PKEY serializers to get the desired results.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.
Adapt i2d_PUBKEY for provider only keys
It uses EVP_PKEY serializers to get the desired results.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11078)
show more ...
|
| #
4b1aa164 |
| 11-Feb-2020 |
Richard Levitte |
Add OSSL_SERIALIZER_PUBKEY_TO_DER_PQ and friends
It's already used internally, there's no reason the DER serializer
propqueries shouldn't be present alongside the PEM and TEXT ones.
Add OSSL_SERIALIZER_PUBKEY_TO_DER_PQ and friends
It's already used internally, there's no reason the DER serializer
propqueries shouldn't be present alongside the PEM and TEXT ones.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11055)
show more ...
|
| #
f41ac0ee |
| 29-Jan-2020 |
Pauli |
Deprecate the low level DSA functions.
Use of the low level DSA functions has been informally discouraged for a
long time. We now formally deprecate them.
Reviewed-by: Matt Casw
Deprecate the low level DSA functions.
Use of the low level DSA functions has been informally discouraged for a
long time. We now formally deprecate them.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10977)
show more ...
|
| #
a076951b |
| 07-Feb-2020 |
Richard Levitte |
X509_PUBKEY_set(): Fix memory leak
With the provided method of creating the new X509_PUBKEY, an extra
EVP_PKEY is created and needs to be properly cleaned away.
(note: we could
X509_PUBKEY_set(): Fix memory leak
With the provided method of creating the new X509_PUBKEY, an extra
EVP_PKEY is created and needs to be properly cleaned away.
(note: we could choose to keep it just as well, but there are
consequences, explained in a comment in the code)
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/11038)
show more ...
|
| #
e56ba0e1 |
| 12-Jan-2020 |
Richard Levitte |
Adapt X509_PUBKEY_set() for use with provided implementations
We do this by letting a serializer serialize the provider side key to
a DER blob formatted according to the SubjectPublicKey
Adapt X509_PUBKEY_set() for use with provided implementations
We do this by letting a serializer serialize the provider side key to
a DER blob formatted according to the SubjectPublicKeyInfo structure
(see RFC 5280), and deserialize it in libcrypto using the usual d2i
function.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10851)
show more ...
|
|
Revision tags: OpenSSL_1_0_2u |
|
| #
12a765a5 |
| 16-Sep-2019 |
Rich Salz |
Explicitly test against NULL; do not use !p or similar
Also added blanks lines after declarations in a couple of places.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Review
Explicitly test against NULL; do not use !p or similar
Also added blanks lines after declarations in a couple of places.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9916)
show more ...
|
| #
25f2138b |
| 27-Sep-2019 |
Dr. Matthias St. Pierre |
Reorganize private crypto header files
Currently, there are two different directories which contain internal
header files of libcrypto which are meant to be shared internally:
W
Reorganize private crypto header files
Currently, there are two different directories which contain internal
header files of libcrypto which are meant to be shared internally:
While header files in 'include/internal' are intended to be shared
between libcrypto and libssl, the files in 'crypto/include/internal'
are intended to be shared inside libcrypto only.
To make things complicated, the include search path is set up in such
a way that the directive #include "internal/file.h" could refer to
a file in either of these two directoroes. This makes it necessary
in some cases to add a '_int.h' suffix to some files to resolve this
ambiguity:
#include "internal/file.h" # located in 'include/internal'
#include "internal/file_int.h" # located in 'crypto/include/internal'
This commit moves the private crypto headers from
'crypto/include/internal' to 'include/crypto'
As a result, the include directives become unambiguous
#include "internal/file.h" # located in 'include/internal'
#include "crypto/file.h" # located in 'include/crypto'
hence the superfluous '_int.h' suffixes can be stripped.
The files 'store_int.h' and 'store.h' need to be treated specially;
they are joined into a single file.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9333)
show more ...
|
|
Revision tags: OpenSSL_1_0_2t, OpenSSL_1_1_0l, OpenSSL_1_1_1d |
|
| #
a8f1aabd |
| 12-Jul-2019 |
Dr. Matthias St. Pierre |
x509: publish X509_PUBKEY_dup
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9353)
|
|
Revision tags: OpenSSL_1_1_1c, OpenSSL_1_1_0k, OpenSSL_1_0_2s, OpenSSL_1_0_2r, OpenSSL_1_1_1b |
|
| #
9fdcc21f |
| 15-Jan-2019 |
David von Oheimb |
constify *_dup() and *i2d_*() and related functions as far as possible, introducing DECLARE_ASN1_DUP_FUNCTION
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell
constify *_dup() and *i2d_*() and related functions as far as possible, introducing DECLARE_ASN1_DUP_FUNCTION
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8029)
show more ...
|
| #
5dc40a83 |
| 30-Jan-2019 |
Bernd Edlinger |
Fix a crash in reuse of i2d_X509_PUBKEY
If the second PUBKEY is malformed there is use after free.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/o
Fix a crash in reuse of i2d_X509_PUBKEY
If the second PUBKEY is malformed there is use after free.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8122)
show more ...
|
| #
3e4b43b9 |
| 06-Dec-2018 |
Richard Levitte |
Following the license change, modify the boilerplates in crypto/x509/
[skip ci]
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull
Following the license change, modify the boilerplates in crypto/x509/
[skip ci]
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7824)
show more ...
|
|
Revision tags: OpenSSL_1_0_2q, OpenSSL_1_1_0j, OpenSSL_1_1_1a, OpenSSL_1_1_1, OpenSSL_1_1_1-pre9, OpenSSL_1_0_2p, OpenSSL_1_1_0i, OpenSSL_1_1_1-pre8, OpenSSL_1_1_1-pre7, OpenSSL_1_1_1-pre6 |
|
| #
6ec5fce2 |
| 01-May-2018 |
Matt Caswell |
Update copyright year
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6145)
|
|
Revision tags: OpenSSL_1_1_1-pre5, OpenSSL_1_1_1-pre4 |
|
| #
7fcdbd83 |
| 28-Mar-2018 |
FdaSilvaYY |
X509: add more error codes on malloc or sk_TYP_push failure
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from ht
X509: add more error codes on malloc or sk_TYP_push failure
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/5837)
show more ...
|
|
Revision tags: OpenSSL_1_0_2o, OpenSSL_1_1_0h, OpenSSL_1_1_1-pre3, OpenSSL_1_1_1-pre2, OpenSSL_1_1_1-pre1, OpenSSL_1_0_2n, OpenSSL_1_0_2m, OpenSSL_1_1_0g |
|
| #
157997f0 |
| 27-Oct-2017 |
Pavel Kopyl |
Fix error handling in i2d* functions.
CLA: trivial
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://git
Fix error handling in i2d* functions.
CLA: trivial
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/4600)
show more ...
|
| #
26a7d938 |
| 17-Oct-2017 |
KaoruToda |
Remove parentheses of return.
Since return is inconsistent, I removed unnecessary parentheses and
unified them.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt
Remove parentheses of return.
Since return is inconsistent, I removed unnecessary parentheses and
unified them.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4541)
show more ...
|
|
Revision tags: OpenSSL_1_0_2l, OpenSSL_1_1_0f, OpenSSL-fips-2_0_16, OpenSSL_1_1_0e, OpenSSL_1_0_2k, OpenSSL_1_1_0d, OpenSSL-fips-2_0_15, OpenSSL-fips-2_0_14, OpenSSL_1_1_0c, OpenSSL_1_0_2j, OpenSSL_1_1_0b, OpenSSL_1_0_1u, OpenSSL_1_0_2i, OpenSSL_1_1_0a, OpenSSL_1_1_0, OpenSSL_1_1_0-pre6, OpenSSL-fips-2_0_13 |
|
| #
b1322259 |
| 17-May-2016 |
Rich Salz |
Copyright consolidation 09/10
Reviewed-by: Richard Levitte <levitte@openssl.org>
|
|
Revision tags: OpenSSL_1_0_1t, OpenSSL_1_0_2h, OpenSSL_1_1_0-pre5 |
|
| #
fa0a9d71 |
| 30-Mar-2016 |
Dr. Stephen Henson |
Fix X509_PUBKEY cached key handling.
Don't decode a public key in X509_PUBKEY_get0(): that is handled when
the key is parsed using x509_pubkey_decode() instead.
Reviewed-by: Emi
Fix X509_PUBKEY cached key handling.
Don't decode a public key in X509_PUBKEY_get0(): that is handled when
the key is parsed using x509_pubkey_decode() instead.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
show more ...
|
| #
d2ec189f |
| 23-Mar-2016 |
Dr. Stephen Henson |
Remove X509_PUBKEY lock.
Cache the decoded public key when an X509_PUBKEY structure is initially
parsed so no locking is required. Ignore any decode errors.
When an application
Remove X509_PUBKEY lock.
Cache the decoded public key when an X509_PUBKEY structure is initially
parsed so no locking is required. Ignore any decode errors.
When an application calls X509_PUBKEY_get0() subsequently it will either
get the cached key or the decode operation will be repeated which will
return an appropriate error.
Reviewed-by: Rich Salz <rsalz@openssl.org>
show more ...
|
| #
29fa0a1a |
| 22-Mar-2016 |
Dr. Stephen Henson |
Make X509_PUBKEY opaque
Reviewed-by: Matt Caswell <matt@openssl.org>
|
