#
bcd5d3a2 |
| 01-Jun-2021 |
Pauli |
libcrypto: make XXX_get_number() internal Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15564)
|
#
ed576acd |
| 21-May-2021 |
Tomas Mraz |
Rename all getters to use get/get0 in name For functions that exist in 1.1.1 provide a simple aliases via #define. Fixes #15236 Functions with OSSL_DECODER_, OSSL_ENCODER_,
Rename all getters to use get/get0 in name For functions that exist in 1.1.1 provide a simple aliases via #define. Fixes #15236 Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_, EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_, EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_, EVP_MD_, and EVP_CIPHER_ prefixes are renamed. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15405)
show more ...
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k |
|
#
03888233 |
| 16-Mar-2021 |
Richard Levitte |
EVP: Add EVP_<TYPE>_description() The following operation types are covered: EVP_MD, EVP_CIPHER, EVP_MAC, EVP_RAND, EVP_KEYMGMT, EVP_SIGNATURE, EVP_ASYM_CIPHER, EVP_KEM, EVP_KEY
EVP: Add EVP_<TYPE>_description() The following operation types are covered: EVP_MD, EVP_CIPHER, EVP_MAC, EVP_RAND, EVP_KEYMGMT, EVP_SIGNATURE, EVP_ASYM_CIPHER, EVP_KEM, EVP_KEYEXCH, EVP_KDF. Also EVP_PKEY. For EVP_MD and EVP_CIPHER, OBJ_nid2ln() is used as a fallback for legacy implementations. For EVP_PKEY, the info field of the EVP_PKEY_ASN1_METHOD is used as a fallback for legacy implementations. Fixes #14514 Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14656)
show more ...
|
Revision tags: openssl-3.0.0-alpha13 |
|
#
7c75f2da |
| 26-Feb-2021 |
Pauli |
evp: add param argument to KDF derive call Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14310)
|
#
a5120afd |
| 23-Feb-2021 |
Pauli |
evp: support modified gettable/settable ctx calls for KDFs Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14240)
|
#
d84f5515 |
| 19-Feb-2021 |
Matt Caswell |
Don't hold a lock when calling a callback in ossl_namemap_doall_names We don't want to hold a read lock when calling a user supplied callback. That callback could do anything so the risk
Don't hold a lock when calling a callback in ossl_namemap_doall_names We don't want to hold a read lock when calling a user supplied callback. That callback could do anything so the risk of a deadlock is high. Instead we collect all the names first inside the read lock, and then subsequently call the user callback outside the read lock. Fixes #14225 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14250)
show more ...
|
Revision tags: openssl-3.0.0-alpha12, OpenSSL_1_1_1j |
|
#
a8eb71ad |
| 01-Feb-2021 |
Richard Levitte |
Allow the sshkdf type to be passed as a single character This partially reverts commit 270a5ce1d9ea579a2f1d45887971582b1ef2b6a1. This also slightly modifies the way diverse paramete
Allow the sshkdf type to be passed as a single character This partially reverts commit 270a5ce1d9ea579a2f1d45887971582b1ef2b6a1. This also slightly modifies the way diverse parameters in are specified in providers/fips/self_test_data.inc for better consistency. Fixes #14027 Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14035)
show more ...
|
#
a28d06f3 |
| 18-Feb-2021 |
Matt Caswell |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14235)
|
Revision tags: openssl-3.0.0-alpha11 |
|
#
d744934b |
| 26-Jan-2021 |
Juergen Christ |
Remove superfluous EVP_KDF_CTRL_ defines. These defines were never used and not needed. Signed-off-by: Juergen Christ <jchrist@linux.ibm.com> Reviewed-by: Richard Levitte <
Remove superfluous EVP_KDF_CTRL_ defines. These defines were never used and not needed. Signed-off-by: Juergen Christ <jchrist@linux.ibm.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com> (Merged from https://github.com/openssl/openssl/pull/13781)
show more ...
|
Revision tags: openssl-3.0.0-alpha10 |
|
#
270a5ce1 |
| 14-Dec-2020 |
Juergen Christ |
Fix parameter types in sshkdf Handling of parameter OSSL_KDF_PARAM_SSHKDF_TYPE mixed integer and string parameters. This caused endianness problems on big-endian machines. As a res
Fix parameter types in sshkdf Handling of parameter OSSL_KDF_PARAM_SSHKDF_TYPE mixed integer and string parameters. This caused endianness problems on big-endian machines. As a result, it is not possible to pass FIPS tests since the parameter was stored with an integer value but read via a cast to char pointer. While this works on little endian machines, big endian s390 read the most significant bits instead of the least significant (as done by, e.g., x86). Change the parameter to char array and fix the usages. Signed-off-by: Juergen Christ <jchrist@linux.ibm.com> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Patrick Steuer <patrick.steuer@de.ibm.com> (Merged from https://github.com/openssl/openssl/pull/13781)
show more ...
|
Revision tags: OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7 |
|
#
1ba21239 |
| 13-Oct-2020 |
Shane Lontis |
Rename EVP_KDF_size() to EVP_KDF_CTX_get_kdf_size(). Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13116)
|
#
b4250010 |
| 15-Oct-2020 |
Dr. Matthias St. Pierre |
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER.
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER. The OPENSSL_CTX type stands out a little by using a different prefix. For consistency reasons, this type is renamed to OSSL_LIB_CTX. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12621)
show more ...
|
Revision tags: OpenSSL_1_1_1h |
|
#
c9452d74 |
| 21-Sep-2020 |
Pauli |
kdf/mac: add name query calls for KDFs and MACs Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12931)
|
Revision tags: openssl-3.0.0-alpha6 |
|
#
194de849 |
| 31-Jul-2020 |
Matt Caswell |
Extend the EVP_PKEY KDF to KDF provider bridge to also support Scrypt Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12573)
|
#
05d2f72e |
| 20-Jul-2020 |
Matt Caswell |
Extend the EVP_PKEY KDF to KDF provider bridge to also support HKDF Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12573)
|
Revision tags: openssl-3.0.0-alpha5 |
|
#
ac2d58c7 |
| 03-Jul-2020 |
Matt Caswell |
Implement a EVP_PKEY KDF to KDF provider bridge Some KDF implementations were available before the current EVP_KDF API. They were used via EVP_PKEY_derive. There exists a bridge between
Implement a EVP_PKEY KDF to KDF provider bridge Some KDF implementations were available before the current EVP_KDF API. They were used via EVP_PKEY_derive. There exists a bridge between the old API and the EVP_KDF API however this bridge itself uses a legacy EVP_PKEY_METHOD. This commit implements a provider side bridge without having to use any legacy code. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12573)
show more ...
|
Revision tags: openssl-3.0.0-alpha4 |
|
#
660c5344 |
| 18-Jun-2020 |
Matt Caswell |
Revert "kdf: make function naming consistent." The commit claimed to make things more consistent. In fact it makes it less so. Revert back to the previous namig convention. This
Revert "kdf: make function naming consistent." The commit claimed to make things more consistent. In fact it makes it less so. Revert back to the previous namig convention. This reverts commit 765d04c9460a304c8119f57941341a149498b9db. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12186)
show more ...
|
#
fbd2ece1 |
| 25-Jun-2020 |
Matt Caswell |
Update copyright year Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/12273)
|
#
765d04c9 |
| 08-Jun-2020 |
Pauli |
kdf: make function naming consistent. The EVP_KDF_CTX_* functions have been relocated to the EVP_KDF_* namespace for consistency. Reviewed-by: Richard Levitte <levitte@openssl.o
kdf: make function naming consistent. The EVP_KDF_CTX_* functions have been relocated to the EVP_KDF_* namespace for consistency. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11996)
show more ...
|
Revision tags: openssl-3.0.0-alpha3, openssl-3.0.0-alpha2, openssl-3.0.0-alpha1, OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e, OpenSSL_1_0_2u |
|
#
936c2b9e |
| 05-Nov-2019 |
Richard Levitte |
Update source files for deprecation at 3.0 Previous macros suggested that from 3.0, we're only allowed to deprecate things at a major version. However, there's no policy stating thi
Update source files for deprecation at 3.0 Previous macros suggested that from 3.0, we're only allowed to deprecate things at a major version. However, there's no policy stating this, but there is for removal, saying that to remove something, it must have been deprecated for 5 years, and that removal can only happen at a major version. Meanwhile, the semantic versioning rule is that deprecation should trigger a MINOR version update, which is reflected in the macro names as of this change. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10364)
show more ...
|
#
506cb0f6 |
| 23-Sep-2019 |
Richard Levitte |
EVP: add functions that return the name number The returned number can be used for comparison purposes. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://gi
EVP: add functions that return the name number The returned number can be used for comparison purposes. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/9979)
show more ...
|
#
f651c727 |
| 23-Sep-2019 |
Richard Levitte |
EVP: add name traversal functions to all fetchable types The following new functions all do the same thing; they traverse the set of names assigned to implementations of each algorithm t
EVP: add name traversal functions to all fetchable types The following new functions all do the same thing; they traverse the set of names assigned to implementations of each algorithm type: EVP_MD_names_do_all(), EVP_CIPHER_names_do_all(), EVP_MAC_names_do_all(), EVP_KEYMGMT_names_do_all(), EVP_KEYEXCH_names_do_all(), EVP_KDF_names_do_all(), EVP_SIGNATURE_names_do_all() We add a warning to the documentation of EVP_CIPHER_name() and EVP_MD_name(), as they aren't suitable to use with multiple-name implementation. We also remove EVP_MAC_name() and evp_KDF_name(), as they serve no useful purpose. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/9979)
show more ...
|
#
251e610c |
| 23-Sep-2019 |
Richard Levitte |
EVP: add missing common functionality This adds the missing functions that should be common for all fetchable EVP sub-APIs: EVP_KEYMGMT_is_a(), EVP_KEYMGMT_do_all_provided(), EV
EVP: add missing common functionality This adds the missing functions that should be common for all fetchable EVP sub-APIs: EVP_KEYMGMT_is_a(), EVP_KEYMGMT_do_all_provided(), EVP_KEYEXCH_is_a(), EVP_KEYEXCH_do_all_provided(), EVP_KDF_is_a(), EVP_MD_is_a(), EVP_SIGNATURE_do_all_provided(), EVP_SIGNATURE_is_a(). This also renames EVP_MD_do_all_ex(), EVP_CIPHER_do_all_ex(), EVP_KDF_do_all_ex(), EVP_MAC_do_all_ex() to change '_ex' to '_provided'. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/9979)
show more ...
|
#
41f7ecf3 |
| 27-Sep-2019 |
Pauli |
Consistent naming for context gettable param queries . All instances of EVP_*_CTX_gettable_params functions have been renamed to EVP_*_gettable_ctx_params. Except for the EVP_MD ones wh
Consistent naming for context gettable param queries . All instances of EVP_*_CTX_gettable_params functions have been renamed to EVP_*_gettable_ctx_params. Except for the EVP_MD ones which were changed already. These functions do not take EVP_*_CTX arguments so their prior naming was misleading. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10052)
show more ...
|
#
d86167ec |
| 27-Sep-2019 |
Dr. Matthias St. Pierre |
Add legacy include guards to public header files For every public header file, the old include guard definition needs to be added in addition to the new one include/openssl/file
Add legacy include guards to public header files For every public header file, the old include guard definition needs to be added in addition to the new one include/openssl/file.h: #ifndef OPENSSL_FILE_H # define OPENSSL_FILE_H # pragma once # include <openssl/macros.h> # if !OPENSSL_API_3 # define HEADER_FILE_H # endif ... This is going to ensure that applications which use the old include guards externally, for example like this #ifndef HEADER_FILE_H # include <openssl/file.h> #endif will not fail to compile. In addition to the legacy guard, the public header files also receive a '# pragma once' directive. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9333)
show more ...
|