Update copyright year

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Release: yes

Add support for signed BIGNUMs in the OSSL_PARAM API

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17162)

Fix typos

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17392)

DOC: OSSL_PARAM_{set,get,construct}_BN() currently only supports nonnegative numbers

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged

DOC: OSSL_PARAM_{set,get,construct}_BN() currently only supports nonnegative numbers

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17074)

show more ...

Correct UTF8 params documentation further

The latest change misdocumented OSSL_PARAM_get_utf8_string(), that
change should have been for OSSL_PARAM_set_utf8_string().

Reviewed-b

Correct UTF8 params documentation further

The latest change misdocumented OSSL_PARAM_get_utf8_string(), that
change should have been for OSSL_PARAM_set_utf8_string().

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16318)

show more ...

Correct documentation errors in regards to UTF8 params

This fixes numerous bugs in documentation in regards to UTF8
params and their sizes. The returned size should always be without the

Correct documentation errors in regards to UTF8 params

This fixes numerous bugs in documentation in regards to UTF8
params and their sizes. The returned size should always be without the
terminating NUL byte. On the other hand on the requestor side
the size of the buffer should include the NUL byte if it expects it
being included in the returned string.

Also make this clear in the EVP_PKEY_get_group_name() documentation
which uses utf8 string params under the hood.

Fixes #16287

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16296)

show more ...

Document the OSSL_PARAM_DEFN macro

This macro was added since 1.1.1 and was undocumented.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>

Document the OSSL_PARAM_DEFN macro

This macro was added since 1.1.1 and was undocumented.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14232)

show more ...

OSSL_PARAM: Correct the assumptions on the UTF8 string length

When the string "ABCDEFGH" is passed, what's considered its data, this?

{ 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H' }

OSSL_PARAM: Correct the assumptions on the UTF8 string length

When the string "ABCDEFGH" is passed, what's considered its data, this?

{ 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H' }

or this?

{ 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', '\0' }

If it's passed as a pass phrase, should the terminating NUL byte be
considered part of the pass phrase, or not?

Our treatment of OSSL_PARAMs with the data type OSSL_PARAM_UTF8_STRING
set the length of the string to include the terminating NUL byte,
which is quite confusing. What should the recipient of such a string
believe?

Instead of perpetuating this confusion, we change the assumption to
set the OSSL_PARAM to the length of the string, not including the
terminating NUL byte, thereby giving it the same value as a strlen()
call would give.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14168)

show more ...

Update copyright year

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13999)

params: OSSL_PARAM_utf8_ptr: don't automatically reference `address`

Since the pointer can be later be modified, the caller should have the
responsibility to supply the address of that.

params: OSSL_PARAM_utf8_ptr: don't automatically reference `address`

Since the pointer can be later be modified, the caller should have the
responsibility to supply the address of that.

Signed-off-by: Daiki Ueno <dueno@redhat.com>

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13951)

show more ...

Make the OSSL_PARAM manual conform with man-pages(7)

Details from man-pages(7) that are used:

Formatting conventions for manual pages describing functions

...

Make the OSSL_PARAM manual conform with man-pages(7)

Details from man-pages(7) that are used:

Formatting conventions for manual pages describing functions

...
Variable names should, like argument names, be specified in italics.
...

Formatting conventions (general)

...
Special macros, which are usually in uppercase, are in bold.
Exception: don't boldface NULL.
...

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13848)

show more ...

DOC: Fix example in OSSL_PARAM_int.pod

This fixes an incorrect NULL check.

Fixes #11162

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@o

DOC: Fix example in OSSL_PARAM_int.pod

This fixes an incorrect NULL check.

Fixes #11162

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13426)

show more ...

OSSL_PARAM: Add string pointer getters

When some function receives an OSSL_PARAM array to pilfer for data,
and there is a string of some sort, and all the code needs is to get
the po

OSSL_PARAM: Add string pointer getters

When some function receives an OSSL_PARAM array to pilfer for data,
and there is a string of some sort, and all the code needs is to get
the pointer to the data, rather than a copy, there is currently no
other way than to use |param->data| directly. This is of course a
valid method, but lacks any safety check (is |param->data_type|
correct, for example?).

OSSL_PARAM_get_utf8_string_ptr() and OSSL_PARAM_get_octet_string_ptr()
helps the programmer with such things, by setting the argument pointer
to |param->data|.
Additionally, the handle the data types OSSL_PARAM_UTF8_PTR and
OSSL_PARAM_OCTET_PTR as well.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12512)

show more ...

Fix typos and repeated words

CLA: trivial

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from ht

Fix typos and repeated words

CLA: trivial

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/12320)

show more ...

evp_rand: documentation

EVP_RAND, the RNGs and provider-rand.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pul

evp_rand: documentation

EVP_RAND, the RNGs and provider-rand.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)

show more ...

params: add OSSL_PARAM helpers for time_t.

POSIX mandates that time_t is a signed integer but it doesn't specify the
lenght. Having wrappers lets uses ignore this.

Reviewed-by:

params: add OSSL_PARAM helpers for time_t.

POSIX mandates that time_t is a signed integer but it doesn't specify the
lenght. Having wrappers lets uses ignore this.

Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/11682)

show more ...

doc: Document OSSL_PARAM_modified and OSSL_PARAM_set_all_unmodified.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12200)

Allow OSSL_PARAM_get_octet_string() to pass a NULL buffer

We may just want to know the number of octets so allow passing a NULL
buffer.

Reviewed-by: Shane Lontis <shane.lontis@o

Allow OSSL_PARAM_get_octet_string() to pass a NULL buffer

We may just want to know the number of octets so allow passing a NULL
buffer.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11635)

show more ...

params: change OSSL_PARAM_set_unmodified() to operate on a params array

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged f

params: change OSSL_PARAM_set_unmodified() to operate on a params array

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11601)

show more ...

Update copyright year

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11616)

params: add functionality to test if an OSSL_PARAM has been set.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11588)

Params: change UTF8 construct calls to avoid explicit strlen(3) calls.

It is better, safer and smaller to let the library routine handle the
strlen(3) call.

Added a note to the

Params: change UTF8 construct calls to avoid explicit strlen(3) calls.

It is better, safer and smaller to let the library routine handle the
strlen(3) call.

Added a note to the documentation suggesting this.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11019)

show more ...

POD: stop abusing comment

OpenSSL uses some POD directives masquerading as 'comment'
('=for comment' etc). This is abusive and confusing. Instead, we use
our own keyword.

POD: stop abusing comment

OpenSSL uses some POD directives masquerading as 'comment'
('=for comment' etc). This is abusive and confusing. Instead, we use
our own keyword.

=for openssl whatever

=begin openssl

whatever

=end openssl

(we have never used the multiline form, but might start one day)

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/10048)

show more ...

OSSL_PARAM functions: change to allow the data field to be NULL

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10025)

OSSL_PARAM_construct_utf8_string computes the string length.

If the passed string length is zero, the function computes the string length
from the passed string.

Reviewed-by: Ri

OSSL_PARAM_construct_utf8_string computes the string length.

If the passed string length is zero, the function computes the string length
from the passed string.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9760)

show more ...