| #
4032cd9a |
| 17-Apr-2023 |
Yi Li |
configure: introduce no-ecx to remove ECX related feature
This can effectively reduce the binary size for platforms
that don't need ECX feature(~100KB).
Signed-off-by: Yi Li <yi
configure: introduce no-ecx to remove ECX related feature
This can effectively reduce the binary size for platforms
that don't need ECX feature(~100KB).
Signed-off-by: Yi Li <yi1.li@intel.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20781)
show more ...
|
| #
0d7d5e24 |
| 01-Jun-2021 |
Richard Levitte |
providers/common/der/build.info: make a variable for ../include/prov
This is a proof of concept for GENERATE variable expansion.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
providers/common/der/build.info: make a variable for ../include/prov
This is a proof of concept for GENERATE variable expansion.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/15554)
show more ...
|
| #
f7c1b472 |
| 31-May-2021 |
Shane Lontis |
Move provider der_XXX.h.in files to the include directory.
Fixes #15506
The .in and generated .h files are now in the same directory.
Reviewed-by: Tomas Mraz <tomas@openssl
Move provider der_XXX.h.in files to the include directory.
Fixes #15506
The .in and generated .h files are now in the same directory.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15544)
show more ...
|
| #
e378be2a |
| 29-May-2021 |
Richard Levitte |
Add .asn1 dependencies for files generated from providers/common/der/*.in
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/15533)
|
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16 |
|
| #
202cbdd2 |
| 05-May-2021 |
Tomas Mraz |
A few cleanups of the provider build.infos
Remove a TODO that is no longer relevant and
drop some more non-fips sources from the fips checksums.
Reviewed-by: Paul Dale <pauli@op
A few cleanups of the provider build.infos
Remove a TODO that is no longer relevant and
drop some more non-fips sources from the fips checksums.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/15191)
show more ...
|
| #
848af5e8 |
| 06-May-2021 |
Richard Levitte |
Drop libimplementations.a
libimplementations.a was a nice idea, but had a few flaws:
1. The idea to have common code in libimplementations.a and FIPS
sensitive helper funct
Drop libimplementations.a
libimplementations.a was a nice idea, but had a few flaws:
1. The idea to have common code in libimplementations.a and FIPS
sensitive helper functions in libfips.a / libnonfips.a didn't
catch on, and we saw full implementation ending up in them instead
and not appearing in libimplementations.a at all.
2. Because more or less ALL algorithm implementations were included
in libimplementations.a (the idea being that the appropriate
objects from it would be selected automatically by the linker when
building the shared libraries), it's very hard to find only the
implementation source that should go into the FIPS module, with
the result that the FIPS checksum mechanism include source files
that it shouldn't
To mitigate, we drop libimplementations.a, but retain the idea of
collecting implementations in static libraries. With that, we not
have:
libfips.a
Includes all implementations that should become part of the FIPS
provider.
liblegacy.a
Includes all implementations that should become part of the legacy
provider.
libdefault.a
Includes all implementations that should become part of the
default and base providers.
With this, libnonfips.a becomes irrelevant and is dropped.
libcommon.a is retained to include common provider code that can be
used uniformly by all providers.
Fixes #15157
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15171)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13, openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11, openssl-3.0.0-alpha10, OpenSSL_1_1_1i |
|
| #
142841dd |
| 07-Dec-2020 |
Richard Levitte |
providers/common/der/build.info: Improve checks of disabled algos
This protects us from unwanted GENERATE statements in particular.
Reviewed-by: Matt Caswell <matt@openssl.org>
providers/common/der/build.info: Improve checks of disabled algos
This protects us from unwanted GENERATE statements in particular.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/13626)
show more ...
|
|
Revision tags: openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7, OpenSSL_1_1_1h, openssl-3.0.0-alpha6, openssl-3.0.0-alpha5, openssl-3.0.0-alpha4, openssl-3.0.0-alpha3, openssl-3.0.0-alpha2, openssl-3.0.0-alpha1, OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e |
|
| #
d0b79f86 |
| 04-Mar-2020 |
Paul Yang |
Add SM2 signature algorithm to default provider
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openss
Add SM2 signature algorithm to default provider
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12536)
show more ...
|
| #
d12a2fe4 |
| 15-Sep-2020 |
Matt Caswell |
Teach EdDSA signature algorithms about AlgorithmIdentifiers
The other signature algorithms know how to create their own
AlgorithmIdentifiers, but the EdDSA algorithms missed this.
Teach EdDSA signature algorithms about AlgorithmIdentifiers
The other signature algorithms know how to create their own
AlgorithmIdentifiers, but the EdDSA algorithms missed this.
Fixes #11875
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12884)
show more ...
|
| #
e5b2cd58 |
| 04-Aug-2020 |
Shane Lontis |
Change the provider implementation of X942kdf to use wpacket to do der encoding of sharedInfo
Added der_writer functions for writing octet string primitives.
Generate OID's for key wrapp
Change the provider implementation of X942kdf to use wpacket to do der encoding of sharedInfo
Added der_writer functions for writing octet string primitives.
Generate OID's for key wrapping algorithms used by X942 KDF.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12554)
show more ...
|
| #
3f5ea7dc |
| 22-May-2020 |
Richard Levitte |
Fix omissions in providers/common/der/build.info
Dependencies on generated files must be declared explicitly. When
refactoring the DER code in providers/common/der, a few of those
d
Fix omissions in providers/common/der/build.info
Dependencies on generated files must be declared explicitly. When
refactoring the DER code in providers/common/der, a few of those
dependency declaration were omitted, which may lead to build errors in
a parallel build.
Some cleanup and extensive used of build.info variables is done while
at it, to avoid unnecessary repetition.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11906)
show more ...
|
| #
a30027b6 |
| 19-May-2020 |
Richard Levitte |
Refactor the provider side DER constants and writers
This splits up all the providers/common/der/*.c.in so the generated
portion is on its own and all related DER writing routines are in
Refactor the provider side DER constants and writers
This splits up all the providers/common/der/*.c.in so the generated
portion is on its own and all related DER writing routines are in
their own files. This also ensures that the DIGEST consstants aren't
reproduced in several files (resulting in symbol clashes).
Finally, the production of OID macros is moved to the generated header
files, allowing other similar macros, or DER constant arrays, to be
built on top of them.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11868)
show more ...
|
| #
36a2a551 |
| 02-May-2020 |
Richard Levitte |
PROV: Refactor the RSA DER support
We separate out the NIST arc OIDs to a separate file, so it can be
re-used, and also the DIGEST OIDs.
Reviewed-by: Shane Lontis <shane.lontis@
PROV: Refactor the RSA DER support
We separate out the NIST arc OIDs to a separate file, so it can be
re-used, and also the DIGEST OIDs.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11710)
show more ...
|
| #
2d956b32 |
| 31-Mar-2020 |
Richard Levitte |
PROV: Add DERlib support for ECDSA and EC keys
This replaces crypto/ec/ecdsa_aid.c with new code and generated OIDs
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from htt
PROV: Add DERlib support for ECDSA and EC keys
This replaces crypto/ec/ecdsa_aid.c with new code and generated OIDs
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11450)
show more ...
|
| #
8c555803 |
| 31-Mar-2020 |
Richard Levitte |
PROV: Add DERlib support for DSA
This replaces crypto/dsa/dsa_aid.c with new code and generated OIDs
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com
PROV: Add DERlib support for DSA
This replaces crypto/dsa/dsa_aid.c with new code and generated OIDs
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11450)
show more ...
|
| #
6f5837dc |
| 31-Mar-2020 |
Richard Levitte |
PROV: Add DERlib support for RSA
This replaces crypto/rsa/rsa_aid.c with new code and generated OIDs
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com
PROV: Add DERlib support for RSA
This replaces crypto/rsa/rsa_aid.c with new code and generated OIDs
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11450)
show more ...
|
