#
5d632274 |
| 07-Aug-2024 |
icy17 <1061499390@qq.com> |
Add missing security rules about NULL check to various manpages Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas M
Add missing security rules about NULL check to various manpages Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25083)
show more ...
|
#
09ae1c9f |
| 30-Aug-2024 |
Jiasheng Jiang |
Add error return value information for EVP_MD_get_size() Add error return value information for EVP_MD_get_size() and EVP_MD_CTX_get_size() to better guide their usages and avoid the
Add error return value information for EVP_MD_get_size() Add error return value information for EVP_MD_get_size() and EVP_MD_CTX_get_size() to better guide their usages and avoid the integer overflow, such as 4a50882 ("ssl_cipher_get_overhead(): Replace size_t with int and add the checks") and ef9ac2f ("test/bad_dtls_test.c: Add checks for the EVP_MD_CTX_get_size()"). Signed-off-by: Jiasheng Jiang <jiashengjiangcool@outlook.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25282)
show more ...
|
#
c48e5687 |
| 25-Aug-2024 |
slontis |
XOF / EVP_MD_size() changes. Added the function EVP_MD_CTX_get_size_ex() which checks for XOF and does a ctx get rather than just returning EVP_MD_size(). SHAKE did not have a get_ct
XOF / EVP_MD_size() changes. Added the function EVP_MD_CTX_get_size_ex() which checks for XOF and does a ctx get rather than just returning EVP_MD_size(). SHAKE did not have a get_ctx_params() so that had to be added to return the xoflen. Added a helper function EVP_MD_xof() EVP_MD_CTX_size() was just an aliased macro for EVP_MD_size(), so to keep it the same I added an extra function. EVP_MD_size() always returns 0 for SHAKE now, since it caches the value of md_size at the time of an EVP_MD_fetch(). This is probably better than returning the incorrect initial value it was before e.g (16 for SHAKE128) and returning tht always instead of the set xoflen. Note BLAKE2B uses "size" instead of "xoflen" to do a similar thing. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25285)
show more ...
|
#
b74646b6 |
| 11-Jul-2024 |
erbsland-dev |
Document Internal EVP_MD_CTX_ Flags Add documentation for the internal flags `EVP_MD_CTX_FLAG_CLEANED` and `EVP_MD_CTX_FLAG_REUSE`, explicitly stating that these flags are for intern
Document Internal EVP_MD_CTX_ Flags Add documentation for the internal flags `EVP_MD_CTX_FLAG_CLEANED` and `EVP_MD_CTX_FLAG_REUSE`, explicitly stating that these flags are for internal use only and must not be used in user code. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24829)
show more ...
|
#
981d129a |
| 25-Jun-2024 |
Vita Batrla |
docs: document that *_free(NULL) does nothing Explicitly documents that *_free(NULL) does nothing. Fixes two cases where that wasn't true. Fixes #24675. Reviewed-by: Richard
docs: document that *_free(NULL) does nothing Explicitly documents that *_free(NULL) does nothing. Fixes two cases where that wasn't true. Fixes #24675. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Sasa Nedvedicky <sashan@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24735)
show more ...
|
#
b6461792 |
| 20-Mar-2024 |
Richard Levitte |
Copyright year updates Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes (cherry picked from commit 0ce7d1f355c1240653e320a3f6f8109c1f05f8c0) Reviewed-by: Hugo Lan
Copyright year updates Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes (cherry picked from commit 0ce7d1f355c1240653e320a3f6f8109c1f05f8c0) Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24034)
show more ...
|
#
5e5c256b |
| 17-Feb-2024 |
Bernd Ritter |
Correct the defined name of the parameter "micalg" in the documentation The EVP_DigestInit(3) manual page contains wrong name for the define macro for the OSSL_DIGEST_PARAM_MICALG param.
Correct the defined name of the parameter "micalg" in the documentation The EVP_DigestInit(3) manual page contains wrong name for the define macro for the OSSL_DIGEST_PARAM_MICALG param. Fixes #23580 CLA: trivial Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23615)
show more ...
|
#
a8e32a6b |
| 03-Feb-2024 |
Shakti Shah |
Wrong release version for EVP_DigestSqueeze() in documentation The mentioned function is targeted for 3.3.0 and EVP_MD_CTX_dup() was added in 3.1. Fixes #23461 Reviewed
Wrong release version for EVP_DigestSqueeze() in documentation The mentioned function is targeted for 3.3.0 and EVP_MD_CTX_dup() was added in 3.1. Fixes #23461 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23467)
show more ...
|
#
53664908 |
| 21-Jul-2023 |
slontis |
Add EVP_DigestSqueeze() API. Fixes #7894 This allows SHAKE to squeeze multiple times with different output sizes. The existing EVP_DigestFinalXOF() API has been left as a o
Add EVP_DigestSqueeze() API. Fixes #7894 This allows SHAKE to squeeze multiple times with different output sizes. The existing EVP_DigestFinalXOF() API has been left as a one shot operation. A similar interface is used by another toolkit. The low level SHA3_Squeeze() function needed to change slightly so that it can handle multiple squeezes. This involves changing the assembler code so that it passes a boolean to indicate whether the Keccak function should be called on entry. At the provider level, the squeeze is buffered, so that it only requests a multiple of the blocksize when SHA3_Squeeze() is called. On the first call the value is zero, on subsequent calls the value passed is 1. This PR is derived from the excellent work done by @nmathewson in https://github.com/openssl/openssl/pull/7921 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21511)
show more ...
|
#
6a0ae393 |
| 24-Oct-2023 |
Tomas Mraz |
Blake2b: Use OSSL_DIGEST_PARAM_SIZE as settable instead of XOFLEN BLAKE2 is not really an extensible output function unlike SHAKE as the digest size must be set during the context initia
Blake2b: Use OSSL_DIGEST_PARAM_SIZE as settable instead of XOFLEN BLAKE2 is not really an extensible output function unlike SHAKE as the digest size must be set during the context initialization. Thus it makes no sense to use OSSL_DIGEST_PARAM_XOFLEN. We also need to adjust EVP_DigestFinal_ex() to query the OSSL_DIGEST_PARAM_SIZE as gettable ctx param for the size. Fixes #22488 Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22491)
show more ...
|
#
da1c088f |
| 07-Sep-2023 |
Matt Caswell |
Copyright year updates Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes
|
#
d4c5d8ff |
| 25-Jan-2023 |
Tomas Mraz |
Add notes about ignoring initialization failures on contexts Fixes #20130 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Me
Add notes about ignoring initialization failures on contexts Fixes #20130 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/20136)
show more ...
|
#
dd1f2842 |
| 02-Dec-2022 |
Peiwei Hu |
Refine the documents of several APIs Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/198
Refine the documents of several APIs Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19816)
show more ...
|
#
318a9dfa |
| 05-Dec-2022 |
Richard Levitte |
Replace some boldened types with a corresponding man page link The types OSSL_DISPATCH, OSSL_ITEM, OSSL_ALGORITHM, OSSL_PARAM, OSSL_CALLBACK, and OSSL_PASSPHRASE_CALLBACK are described i
Replace some boldened types with a corresponding man page link The types OSSL_DISPATCH, OSSL_ITEM, OSSL_ALGORITHM, OSSL_PARAM, OSSL_CALLBACK, and OSSL_PASSPHRASE_CALLBACK are described in their own manual page, so we change every mention of them to links to those pages. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19842)
show more ...
|
#
45ada6b9 |
| 05-Oct-2022 |
Richard Levitte |
Change all references to OpenSSL 3.1 to OpenSSL 3.2 in the master branch 3.1 has been decided to be a FIPS 140-3 release, springing from the branch openssl-3.0, and the master branch to
Change all references to OpenSSL 3.1 to OpenSSL 3.2 in the master branch 3.1 has been decided to be a FIPS 140-3 release, springing from the branch openssl-3.0, and the master branch to continue with the development of OpenSSL 3.2. Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19350)
show more ...
|
#
fecb3aae |
| 03-May-2022 |
Matt Caswell |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> Release: yes
|
#
0324ae3e |
| 07-Jan-2022 |
Pauli |
doc: document digest and cipher dup functions Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17529)
|
#
3dbf8243 |
| 02-Dec-2021 |
Matt Caswell |
Clarify the deprecation warnings in the docs There was recently an instance where a user was confused by the deprecation warnings in the docs. They believed the warning applied to th
Clarify the deprecation warnings in the docs There was recently an instance where a user was confused by the deprecation warnings in the docs. They believed the warning applied to the immediately preceding function declarations, when it fact it applied to the following function declarations. https://mta.openssl.org/pipermail/openssl-users/2021-December/014665.html We clarify the wording to make it clear that the warning applies to the following functions. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17180)
show more ...
|
#
971dbab4 |
| 22-Oct-2021 |
Matt Caswell |
Clarify the documentation for the "byname" functions Make it clear that the cipher/digest objects returned from EVP_get_cipherbyname() and EVP_get_digestbyname() functions have no as
Clarify the documentation for the "byname" functions Make it clear that the cipher/digest objects returned from EVP_get_cipherbyname() and EVP_get_digestbyname() functions have no associated implementation fetched from a provider. Fixes #16864 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16893)
show more ...
|
#
006de767 |
| 22-Jun-2021 |
Richard Levitte |
EVP: Change the output size type of EVP_Q_digest() and EVP_Q_mac() This makes them more consistent with other new interfaces. Fixes #15839 Reviewed-by: David von Oheimb <da
EVP: Change the output size type of EVP_Q_digest() and EVP_Q_mac() This makes them more consistent with other new interfaces. Fixes #15839 Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15861)
show more ...
|
#
8809fdff |
| 07-Jun-2021 |
Pauli |
doc: add references to digest life cycle documentation Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15637)
|
#
6ea964cd |
| 01-Jun-2021 |
Pauli |
doc: make XXX_get_number() internal Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15564)
|
#
31b7f23d |
| 28-May-2021 |
Tomas Mraz |
Add documentation of the old names kept as alias macros Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15405)
|
#
ed576acd |
| 21-May-2021 |
Tomas Mraz |
Rename all getters to use get/get0 in name For functions that exist in 1.1.1 provide a simple aliases via #define. Fixes #15236 Functions with OSSL_DECODER_, OSSL_ENCODER_,
Rename all getters to use get/get0 in name For functions that exist in 1.1.1 provide a simple aliases via #define. Fixes #15236 Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_, EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_, EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_, EVP_MD_, and EVP_CIPHER_ prefixes are renamed. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15405)
show more ...
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14 |
|
#
4d49b685 |
| 29-Mar-2021 |
Dr. David von Oheimb |
Crypto: Add deprecation compatibility declarations for SHA* message digest functions Also add hints to SHA256_Init.pod and CHANGES.md how to replace SHA256() etc. Reviewed-by: Paul
Crypto: Add deprecation compatibility declarations for SHA* message digest functions Also add hints to SHA256_Init.pod and CHANGES.md how to replace SHA256() etc. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14741)
show more ...
|