#
fecb3aae |
| 03-May-2022 |
Matt Caswell |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> Release: yes
|
#
fba140c7 |
| 12-Apr-2022 |
Dmitry Belyavskiy |
str[n]casecmp => OPENSSL_strncasecmp Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18069)
|
#
d5f9166b |
| 04-Feb-2022 |
Richard Levitte |
Move e_os.h to include/internal Including e_os.h with a path from a header file doesn't work well on certain exotic platform. It simply fails to build. Since we don't seem to b
Move e_os.h to include/internal Including e_os.h with a path from a header file doesn't work well on certain exotic platform. It simply fails to build. Since we don't seem to be able to stop ourselves, the better move is to move e_os.h to an include directory that's part of the inclusion path given to the compiler. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17641)
show more ...
|
#
944f822a |
| 05-Dec-2021 |
slontis |
Fix EVP todata and fromdata when used with selection of EVP_PKEY_PUBLIC_KEY. The private key for rsa, dsa, dh and ecx was being included when the selector was just the public key. (ec wa
Fix EVP todata and fromdata when used with selection of EVP_PKEY_PUBLIC_KEY. The private key for rsa, dsa, dh and ecx was being included when the selector was just the public key. (ec was working correctly). This matches the documented behaviour. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17200)
show more ...
|
#
ee22a374 |
| 29-Sep-2021 |
Richard Levitte |
Adapt our OSSL_FUNC_keymgmt_match() implementations to the EVP_PKEY_eq() fix The match function (called OSSL_FUNC_keymgmt_match() in our documentation) in our KEYMGMT implementations wer
Adapt our OSSL_FUNC_keymgmt_match() implementations to the EVP_PKEY_eq() fix The match function (called OSSL_FUNC_keymgmt_match() in our documentation) in our KEYMGMT implementations were interpretting the selector bits a bit too strictly, so they get a bit relaxed to make it reasonable to match diverse key contents. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16765)
show more ...
|
#
ea821581 |
| 01-Jun-2021 |
Tomas Mraz |
ed25519 and ed448: fix incorrect OSSL_PKEY_PARAM_MAX_SIZE Fixes #15552 Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Review
ed25519 and ed448: fix incorrect OSSL_PKEY_PARAM_MAX_SIZE Fixes #15552 Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15566)
show more ...
|
#
965fa9c0 |
| 28-May-2021 |
Pauli |
prov: add zero strenght arguments to BN and RAND RNG calls Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15513)
|
#
6229815a |
| 25-May-2021 |
Rich Salz |
Use <> for #include openssl/xxx Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15
Use <> for #include openssl/xxx Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15468)
show more ...
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15 |
|
#
b4f447c0 |
| 08-Apr-2021 |
Tomas Mraz |
Add selection support to the provider keymgmt_dup function Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14793)
|
Revision tags: openssl-3.0.0-alpha14 |
|
#
4a9fe33c |
| 07-Apr-2021 |
Tomas Mraz |
Implement provider-side keymgmt_dup function To avoid mutating key data add OSSL_FUNC_KEYMGMT_DUP function to the provider API and implement it for all asym-key key managements.
Implement provider-side keymgmt_dup function To avoid mutating key data add OSSL_FUNC_KEYMGMT_DUP function to the provider API and implement it for all asym-key key managements. Use it when copying everything to an empty EVP_PKEY which is the case with EVP_PKEY_dup(). Fixes #14658 Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14793)
show more ...
|
#
3f883c7c |
| 07-Apr-2021 |
Shane Lontis |
Replace OSSL_PARAM_BLD_free_params() with OSSL_PARAM_free(). Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14785)
|
Revision tags: OpenSSL_1_1_1k, openssl-3.0.0-alpha13 |
|
#
054d43ff |
| 09-Mar-2021 |
Shane Lontis |
Add ossl_ ecx symbols Partial fix for #12964 Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14473)
|
#
9a485440 |
| 11-Mar-2021 |
Tomas Mraz |
Make EVP_PKEY_missing_parameters work properly on provided RSA keys This requires changing semantics of the keymgmt_has() function a little in the sense that it now returns 1 if the
Make EVP_PKEY_missing_parameters work properly on provided RSA keys This requires changing semantics of the keymgmt_has() function a little in the sense that it now returns 1 if the selection has no meaning for the key type. It was already doing so for ECX keys for example. The keymgmt_validate function semantics is changed similarly to allow passing validation on the same selection that the key returns 1 for. Fixes #14509 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14511)
show more ...
|
#
2cf8bb46 |
| 09-Mar-2021 |
Matt Caswell |
Ensure that ECX keys pass EVP_PKEY_param_check() RSA keys have no parameters and pass EVP_PKEY_param_check(). Previously, ECX keys had no parammeters and failed EVP_PKEY_param_check(). W
Ensure that ECX keys pass EVP_PKEY_param_check() RSA keys have no parameters and pass EVP_PKEY_param_check(). Previously, ECX keys had no parammeters and failed EVP_PKEY_param_check(). We should be consistent. It makes more sense to always pass, and therefore this commit implements that behaviour. Fixes #14482 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14485)
show more ...
|
#
f9562909 |
| 01-Mar-2021 |
Pauli |
provider: add params argument to key manager's gen_init call Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14383)
|
#
fb67126e |
| 26-Feb-2021 |
Tomas Mraz |
EVP_PKEY_CTX_get/settable_params: pass provider operation context This allows making the signature operations return different settable params when the context is initialized with EV
EVP_PKEY_CTX_get/settable_params: pass provider operation context This allows making the signature operations return different settable params when the context is initialized with EVP_DigestSign/VerifyInit. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14338)
show more ...
|
Revision tags: openssl-3.0.0-alpha12 |
|
#
32ab57cb |
| 18-Feb-2021 |
Shane Lontis |
Fix external symbols related to ec & sm2 keys Partial fix for #12964 This adds ossl_ names for the following symbols: ec_*, ecx_*, ecdh_*, ecdsa_*, sm2_* Reviewed-
Fix external symbols related to ec & sm2 keys Partial fix for #12964 This adds ossl_ names for the following symbols: ec_*, ecx_*, ecdh_*, ecdsa_*, sm2_* Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14231)
show more ...
|
#
a28d06f3 |
| 18-Feb-2021 |
Matt Caswell |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14235)
|
Revision tags: OpenSSL_1_1_1j |
|
#
899e2564 |
| 09-Feb-2021 |
Matt Caswell |
Implement EVP_PKEY_param_check_quick() and use it in libssl The low level DH API has two functions for checking parameters: DH_check_ex() and DH_check_params_ex(). The former does a "ful
Implement EVP_PKEY_param_check_quick() and use it in libssl The low level DH API has two functions for checking parameters: DH_check_ex() and DH_check_params_ex(). The former does a "full" check, while the latter does a "quick" check. Most importantly it skips the check for a safe prime. We're ok without using safe primes here because we're doing ephemeral DH. Now that libssl is fully using the EVP API, we need a way to specify that we want a quick check instead of a full check. Therefore we introduce EVP_PKEY_param_check_quick() and use it. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14146)
show more ...
|
Revision tags: openssl-3.0.0-alpha11, openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9 |
|
#
f0591559 |
| 20-Nov-2020 |
Shane Lontis |
Add validate method to ECX keymanager Fixes #11619 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13459)
|
Revision tags: openssl-3.0.0-alpha8 |
|
#
3d914185 |
| 20-Oct-2020 |
Nicola Tuveri |
Constify OSSL_FUNC_keymgmt_has() The keydata argument of OSSL_FUNC_keymgmt_has() should be read-only. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <
Constify OSSL_FUNC_keymgmt_has() The keydata argument of OSSL_FUNC_keymgmt_has() should be read-only. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13200)
show more ...
|
Revision tags: openssl-3.0.0-alpha7 |
|
#
5ac8fb58 |
| 09-Oct-2020 |
Matt Caswell |
Rename EVP_PKEY_set1_tls_encodedpoint to EVP_PKEY_set1_encoded_public_key We do the same thing for the "get1" version. In reality this has broader use than just TLS (it can also be used
Rename EVP_PKEY_set1_tls_encodedpoint to EVP_PKEY_set1_encoded_public_key We do the same thing for the "get1" version. In reality this has broader use than just TLS (it can also be used in CMS), and "encodedpoint" only makes sense when you are talking about EC based algorithms. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13105)
show more ...
|
#
a829b735 |
| 15-Oct-2020 |
Dr. Matthias St. Pierre |
Rename some occurrences of 'library_context' and 'lib_ctx' to 'libctx' This change makes the naming more consistent, because three different terms were used for the same thing. (The term
Rename some occurrences of 'library_context' and 'lib_ctx' to 'libctx' This change makes the naming more consistent, because three different terms were used for the same thing. (The term libctx was used by far most often.) Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12621)
show more ...
|
#
b4250010 |
| 15-Oct-2020 |
Dr. Matthias St. Pierre |
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER.
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER. The OPENSSL_CTX type stands out a little by using a different prefix. For consistency reasons, this type is renamed to OSSL_LIB_CTX. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12621)
show more ...
|
#
1be63951 |
| 28-Sep-2020 |
Pauli |
prov: prefix all OSSL_DISPATCH tables names with ossl_ This stops them leaking into other namespaces in a static build. They remain internal. Reviewed-by: Richard Levitte <levit
prov: prefix all OSSL_DISPATCH tables names with ossl_ This stops them leaking into other namespaces in a static build. They remain internal. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13013)
show more ...
|