#
d2399d8c |
| 30-May-2022 |
slontis |
RSA keygen update: Raise an error if no prime candidate q is found. Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: To
RSA keygen update: Raise an error if no prime candidate q is found. Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18429)
show more ...
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13, openssl-3.0.0-alpha12 |
|
#
a28d06f3 |
| 18-Feb-2021 |
Matt Caswell |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14235)
|
Revision tags: OpenSSL_1_1_1j, openssl-3.0.0-alpha11, openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9 |
|
#
e337b824 |
| 12-Nov-2020 |
Richard Levitte |
ERR: Rebuild all generated error headers and source files This is the result of 'make errors ERROR_REBUILD=-rebuild' Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from htt
ERR: Rebuild all generated error headers and source files This is the result of 'make errors ERROR_REBUILD=-rebuild' Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13392)
show more ...
|
#
14a6c6a4 |
| 12-Nov-2020 |
Richard Levitte |
ERR: Rebuild all generated error headers and source files This is the result of 'make errors ERROR_REBUILD=-rebuild' Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from ht
ERR: Rebuild all generated error headers and source files This is the result of 'make errors ERROR_REBUILD=-rebuild' Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13390)
show more ...
|
Revision tags: openssl-3.0.0-alpha8, openssl-3.0.0-alpha7, OpenSSL_1_1_1h, openssl-3.0.0-alpha6, openssl-3.0.0-alpha5, openssl-3.0.0-alpha4 |
|
#
5d8b3a3e |
| 13-Jun-2020 |
Nicola Tuveri |
Refactor BN_R_NO_INVERSE logic in internal functions Closes #12129 As described in https://github.com/openssl/openssl/issues/12129 the readability of the internal functions prov
Refactor BN_R_NO_INVERSE logic in internal functions Closes #12129 As described in https://github.com/openssl/openssl/issues/12129 the readability of the internal functions providing the two alternative implementations for `BN_mod_inverse()` is a bit lacking. Both these functions are now completely internal, so we have the flexibility needed to slightly improve readability and remove unnecessary NULL checks. The main changes here are: - rename `BN_mod_inverse_no_branch()` as `bn_mod_inverse_no_branch()`: this function is `static` so it is not even visible within the rest of libcrypto. By convention upcase prefixes are reserved for public functions. - remove `if (pnoinv == NULL)` checks in `int_bn_mod_inverse()`: this function is internal to the BN module and we can guarantee that all callers pass non-NULL arguments. - `bn_mod_inverse_no_branch()` takes an extra `int *pnoinv` argument, so that it can signal if no inverse exists for the given inputs: in this way the caller is in charge of raising `BN_R_NO_INVERSE` as it is the case for the non-consttime implementation of `int_bn_mod_inverse()`. - `BN_mod_inverse()` is a public function and must guarantee that the internal functions providing the actual implementation receive valid arguments. If the caller passes a NULL `BN_CTX` we create a temporary one for internal use. - reorder function definitions in `crypto/bn/bn_gcd.c` to avoid forward declaration of `static` functions (in preparation for inlining). - inline `bn_mod_inverse_no_branch()`. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12142)
show more ...
|
Revision tags: openssl-3.0.0-alpha3, openssl-3.0.0-alpha2, openssl-3.0.0-alpha1 |
|
#
33388b44 |
| 23-Apr-2020 |
Matt Caswell |
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11616)
|
Revision tags: OpenSSL_1_1_1g |
|
#
9bf475fc |
| 13-Apr-2020 |
Dr. Matthias St. Pierre |
mkerr: remove legacy guards from generated error headers In pull request #9333, legacy guards were added to the generated error headers, but the mkerr.pl script was not adjusted accordin
mkerr: remove legacy guards from generated error headers In pull request #9333, legacy guards were added to the generated error headers, but the mkerr.pl script was not adjusted accordingly. So the legacy guards were removed by subsequent `make update` calls. Fixing the mkerr.pl script properly was disproportionately complicated by the fact that adding legacy guards only made sense for files which already existed in version 1.1.1. To keep things simple, it was decided to drop the legacy guards from the generated headers entirely. Fixes #10569 Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11541)
show more ...
|
Revision tags: OpenSSL_1_1_1f, OpenSSL_1_1_1e, OpenSSL_1_0_2u |
|
#
936c2b9e |
| 05-Nov-2019 |
Richard Levitte |
Update source files for deprecation at 3.0 Previous macros suggested that from 3.0, we're only allowed to deprecate things at a major version. However, there's no policy stating thi
Update source files for deprecation at 3.0 Previous macros suggested that from 3.0, we're only allowed to deprecate things at a major version. However, there's no policy stating this, but there is for removal, saying that to remove something, it must have been deprecated for 5 years, and that removal can only happen at a major version. Meanwhile, the semantic versioning rule is that deprecation should trigger a MINOR version update, which is reflected in the macro names as of this change. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10364)
show more ...
|
#
d86167ec |
| 27-Sep-2019 |
Dr. Matthias St. Pierre |
Add legacy include guards to public header files For every public header file, the old include guard definition needs to be added in addition to the new one include/openssl/file
Add legacy include guards to public header files For every public header file, the old include guard definition needs to be added in addition to the new one include/openssl/file.h: #ifndef OPENSSL_FILE_H # define OPENSSL_FILE_H # pragma once # include <openssl/macros.h> # if !OPENSSL_API_3 # define HEADER_FILE_H # endif ... This is going to ensure that applications which use the old include guards externally, for example like this #ifndef HEADER_FILE_H # include <openssl/file.h> #endif will not fail to compile. In addition to the legacy guard, the public header files also receive a '# pragma once' directive. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9333)
show more ...
|
#
ae4186b0 |
| 27-Sep-2019 |
Dr. Matthias St. Pierre |
Fix header file include guard names Make the include guards consistent by renaming them systematically according to the naming conventions below For the public header files (in
Fix header file include guard names Make the include guards consistent by renaming them systematically according to the naming conventions below For the public header files (in the 'include/openssl' directory), the guard names try to match the path specified in the include directives, with all letters converted to upper case and '/' and '.' replaced by '_'. For the private header files files, an extra 'OSSL_' is added as prefix. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9333)
show more ...
|
Revision tags: OpenSSL_1_0_2t, OpenSSL_1_1_0l, OpenSSL_1_1_1d |
|
#
cbfa5b03 |
| 11-Jul-2019 |
Rich Salz |
Regenerate mkerr files Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9058)
|
#
2934be91 |
| 04-Jul-2019 |
Matt Caswell |
Make sure all BIGNUM operations work within the FIPS provider The FIPS provider does not have a default OPENSSL_CTX so, where necessary, we need to ensure we can always access an explici
Make sure all BIGNUM operations work within the FIPS provider The FIPS provider does not have a default OPENSSL_CTX so, where necessary, we need to ensure we can always access an explicit OPENSSL_CTX. We remove functions from the FIPS provider that use the default OPENSSL_CTX, and fixup some places which were using those removed functions. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9310)
show more ...
|
#
636b087e |
| 29-May-2019 |
Matt Caswell |
Make BIGNUM code available from within the FIPS module Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://git
Make BIGNUM code available from within the FIPS module Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9130)
show more ...
|
#
7bc081dd |
| 29-May-2019 |
Matt Caswell |
Create BN_CTX_new_ex() and BN_CTX_secure_new_ex() These variants of BN_CTX_new() and BN_CTX_secure_new() enable passing an OPENSSL_CTX so that we can access this where needed throughout
Create BN_CTX_new_ex() and BN_CTX_secure_new_ex() These variants of BN_CTX_new() and BN_CTX_secure_new() enable passing an OPENSSL_CTX so that we can access this where needed throughout the BIGNUM sub library. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9130)
show more ...
|
Revision tags: OpenSSL_1_1_1c, OpenSSL_1_1_0k, OpenSSL_1_0_2s |
|
#
2a6a5607 |
| 05-Mar-2019 |
Rich Salz |
Add regenerated header files Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/83
Add regenerated header files Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8397)
show more ...
|
Revision tags: OpenSSL_1_0_2r, OpenSSL_1_1_1b |
|
#
48f4ad77 |
| 06-Dec-2018 |
Richard Levitte |
Following the license change, modify the boilerplates in include/ and crypto/include/ Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/77
Following the license change, modify the boilerplates in include/ and crypto/include/ Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7770)
show more ...
|
Revision tags: OpenSSL_1_0_2q, OpenSSL_1_1_0j, OpenSSL_1_1_1a, OpenSSL_1_1_1, OpenSSL_1_1_1-pre9, OpenSSL_1_0_2p, OpenSSL_1_1_0i, OpenSSL_1_1_1-pre8, OpenSSL_1_1_1-pre7, OpenSSL_1_1_1-pre6 |
|
#
f06080cb |
| 26-Apr-2018 |
FdaSilvaYY |
Add missing error code when alloc-return-null Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/opens
Add missing error code when alloc-return-null Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6085)
show more ...
|
Revision tags: OpenSSL_1_1_1-pre5 |
|
#
cdb10bae |
| 03-Apr-2018 |
Rich Salz |
Set error code on alloc failures Almost all *alloc failures now set an error code. Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.co
Set error code on alloc failures Almost all *alloc failures now set an error code. Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/5842)
show more ...
|
Revision tags: OpenSSL_1_1_1-pre4, OpenSSL_1_0_2o, OpenSSL_1_1_0h, OpenSSL_1_1_1-pre3, OpenSSL_1_1_1-pre2, OpenSSL_1_1_1-pre1 |
|
#
a699b8e4 |
| 08-Feb-2018 |
FdaSilvaYY |
Small simplification in mkerr.pl As suggested in https://github.com/openssl/openssl/pull/5275 Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@op
Small simplification in mkerr.pl As suggested in https://github.com/openssl/openssl/pull/5275 Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5288)
show more ...
|
Revision tags: OpenSSL_1_0_2n, OpenSSL_1_0_2m, OpenSSL_1_1_0g |
|
#
ddc6a5c8 |
| 02-Aug-2017 |
Rich Salz |
Add RAND_priv_bytes() for private keys Add a new global DRBG for private keys used by RAND_priv_bytes. Add BN_priv_rand() and BN_priv_rand_range() which use RAND_priv_bytes(). C
Add RAND_priv_bytes() for private keys Add a new global DRBG for private keys used by RAND_priv_bytes. Add BN_priv_rand() and BN_priv_rand_range() which use RAND_priv_bytes(). Change callers to use the appropriate BN_priv... function. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4076)
show more ...
|
#
52df25cf |
| 07-Jun-2017 |
Rich Salz |
make error tables const and separate header file Run perltidy on util/mkerr Change some mkerr flags, write some doc comments Make generated tables "const" when genearting lib-interna
make error tables const and separate header file Run perltidy on util/mkerr Change some mkerr flags, write some doc comments Make generated tables "const" when genearting lib-internal ones. Add "state" file for mkerr Renerate error tables and headers Rationalize declaration of ERR_load_XXX_strings Fix out-of-tree build Add -static; sort flags/vars for options. Also tweak code output Moved engines/afalg to engines (from master) Use -static flag Standard engine #include's of errors Don't linewrap err string tables unless necessary Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3392)
show more ...
|