#
b6461792 |
| 20-Mar-2024 |
Richard Levitte |
Copyright year updates Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes (cherry picked from commit 0ce7d1f355c1240653e320a3f6f8109c1f05f8c0) Reviewed-by: Hugo Lan
Copyright year updates Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes (cherry picked from commit 0ce7d1f355c1240653e320a3f6f8109c1f05f8c0) Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24034)
show more ...
|
#
387b93e1 |
| 12-Jan-2024 |
Tomas Mraz |
Fix testcases to run on duplicated keys The existing loop pattern did not really run the expected tests on the duplicated keys. Fixes #23129 Reviewed-by: Neil Horman <n
Fix testcases to run on duplicated keys The existing loop pattern did not really run the expected tests on the duplicated keys. Fixes #23129 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23292)
show more ...
|
#
a63fa5f7 |
| 30-Nov-2022 |
Daniel Fiala |
Replace "a RSA" with "an RSA" Fixes openssl#19771 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Pa
Replace "a RSA" with "an RSA" Fixes openssl#19771 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19787)
show more ...
|
#
115eb945 |
| 08-Jun-2022 |
K1 |
Fix a mem leak in evp_pkey_export_to_provider If keymgmt is NULL, tmp_keymgmt is allocated and will not be freed. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Y
Fix a mem leak in evp_pkey_export_to_provider If keymgmt is NULL, tmp_keymgmt is allocated and will not be freed. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/18499)
show more ...
|
#
944fcfc6 |
| 01-Nov-2021 |
PW Hu |
Fix incorrect return check of BN_bn2nativepad Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Me
Fix incorrect return check of BN_bn2nativepad Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16943)
show more ...
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14 |
|
#
3c2bdd7d |
| 08-Apr-2021 |
Matt Caswell |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14801)
|
Revision tags: OpenSSL_1_1_1k |
|
#
2145ba5e |
| 19-Mar-2021 |
Tomas Mraz |
Implement EVP_PKEY_dup() function Fixes #14501 Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14624)
|
#
0fc39c90 |
| 12-Mar-2021 |
Shane Lontis |
Remove TODO in rsa_ameth.c Fixes #14390 The only caller of this function tests EVP_KEYMGMT_is_a() beforehand which will fail if the RSA key types do not match. So the test is no
Remove TODO in rsa_ameth.c Fixes #14390 The only caller of this function tests EVP_KEYMGMT_is_a() beforehand which will fail if the RSA key types do not match. So the test is not necessary. The assert has been removed when it does the test. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14524)
show more ...
|
Revision tags: openssl-3.0.0-alpha13, openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11, openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7 |
|
#
d7e498ac |
| 04-Oct-2020 |
Richard Levitte |
Deprecate RSA harder This deprecates all functions that deal with the types RSA and RSA_METHOD Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/open
Deprecate RSA harder This deprecates all functions that deal with the types RSA and RSA_METHOD Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13096)
show more ...
|
#
b4250010 |
| 15-Oct-2020 |
Dr. Matthias St. Pierre |
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER.
Rename OPENSSL_CTX prefix to OSSL_LIB_CTX Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER. The OPENSSL_CTX type stands out a little by using a different prefix. For consistency reasons, this type is renamed to OSSL_LIB_CTX. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12621)
show more ...
|
Revision tags: OpenSSL_1_1_1h, openssl-3.0.0-alpha6, openssl-3.0.0-alpha5, openssl-3.0.0-alpha4, openssl-3.0.0-alpha3, openssl-3.0.0-alpha2, openssl-3.0.0-alpha1 |
|
#
33388b44 |
| 23-Apr-2020 |
Matt Caswell |
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11616)
|
Revision tags: OpenSSL_1_1_1g |
|
#
96ebe52e |
| 01-Apr-2020 |
Shane Lontis |
Add EVP_PKEY_gettable_params support for accessing EVP_PKEY key data fields Currently only RSA, EC and ECX are supported (DH and DSA need to be added to the keygen PR's seperately becaus
Add EVP_PKEY_gettable_params support for accessing EVP_PKEY key data fields Currently only RSA, EC and ECX are supported (DH and DSA need to be added to the keygen PR's seperately because the fields supported have changed significantly). The API's require the keys to be provider based. Made the keymanagement export and get_params functions share the same code by supplying support functions that work for both a OSSL_PARAM_BLD as well as a OSSL_PARAM[]. This approach means that complex code is not required to build an empty OSSL_PARAM[] with the correct sized fields before then doing a second pass to populate the array. The RSA factor arrays have been changed to use unique key names to simplify the interface needed by the user. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11365)
show more ...
|
Revision tags: OpenSSL_1_1_1f |
|
#
acb90ba8 |
| 21-Mar-2020 |
Richard Levitte |
EVP: Downgrade keys rather than upgrade Upgrading EVP_PKEYs from containing legacy keys to containing provider side keys proved to be risky, with a number of unpleasant corner cases,
EVP: Downgrade keys rather than upgrade Upgrading EVP_PKEYs from containing legacy keys to containing provider side keys proved to be risky, with a number of unpleasant corner cases, and with functions like EVP_PKEY_get0_DSA() failing unexpectedly. We therefore change course, and instead of upgrading legacy internal keys to provider side internal keys, we downgrade provider side internal keys to legacy ones. To be able to do this, we add |import_from| and make it a callback function designed for evp_keymgmt_export(). This means that evp_pkey_upgrade_to_provider() is replaced with evp_pkey_downgrade(). EVP_PKEY_copy_parameters() is the most deeply affected function of this change. Fixes #11366 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11375)
show more ...
|
Revision tags: OpenSSL_1_1_1e |
|
#
badf51c8 |
| 20-Feb-2020 |
Richard Levitte |
EVP: Add evp_pkey_upgrade_to_provider(), for EVP_PKEY upgrades This function "upgrades" a key from a legacy key container to a provider side key container. Reviewed-by: Shane Lo
EVP: Add evp_pkey_upgrade_to_provider(), for EVP_PKEY upgrades This function "upgrades" a key from a legacy key container to a provider side key container. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11148)
show more ...
|
#
3f7ce7f1 |
| 12-Feb-2020 |
Richard Levitte |
Refactor evp_pkey_make_provided() to do legacy to provider export Previously, evp-keymgmt_util_export_to_provider() took care of all kinds of exports of EVP_PKEYs to provider side keys,
Refactor evp_pkey_make_provided() to do legacy to provider export Previously, evp-keymgmt_util_export_to_provider() took care of all kinds of exports of EVP_PKEYs to provider side keys, be it from its legacy key or from another provider side key. This works most of the times, but there may be cases where the caller wants to be a bit more in control of what sort of export happens when. Also, when it's time to remove all legacy stuff, that job will be much easier if we have a better separation between legacy support and support of provided stuff, as far as we can take it. This changes moves the support of legacy key to provider side key export from evp-keymgmt_util_export_to_provider() to evp_pkey_make_provided(), and makes sure the latter is called from all EVP_PKEY functions that handle legacy stuff. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11074)
show more ...
|
#
72ec9648 |
| 03-Feb-2020 |
Richard Levitte |
Adapt test/keymgmt_internal_test.c to the redesigned interface Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale
Adapt test/keymgmt_internal_test.c to the redesigned interface Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11006)
show more ...
|
#
68552cde |
| 03-Feb-2020 |
Richard Levitte |
Reorganize the internal evp_keymgmt functions Some of the evp_keymgmt_ functions are just wrappers around the EVP_KEYMGMT function pointers. We move those from keymgmt_lib.c to keym
Reorganize the internal evp_keymgmt functions Some of the evp_keymgmt_ functions are just wrappers around the EVP_KEYMGMT function pointers. We move those from keymgmt_lib.c to keymgmt_meth.c. Other evp_keymgmt_ functions are utility functions to help the rest of the EVP functions. Since their names are easily confused with the functions that were moved to keymgmt_meth.c, we rename them so they all start with evp_keymgmt_util_. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11006)
show more ...
|
Revision tags: OpenSSL_1_0_2u |
|
#
1640d48c |
| 08-Nov-2019 |
Richard Levitte |
CORE & PROV: make export of key data leaner through callback Exporting data from a provider owned domainparams or key is quite an ordeal, with having to figure out what parameter keys an
CORE & PROV: make export of key data leaner through callback Exporting data from a provider owned domainparams or key is quite an ordeal, with having to figure out what parameter keys an implementation supports, call the export function a first time to find out how large each parameter buffer must be, allocate the necessary space for it, and call the export function again. So how about letting the export function build up the key data params and call back with that? This change implements exactly such a mechanism. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10414)
show more ...
|
#
5a02d13d |
| 16-Oct-2019 |
Richard Levitte |
test/keymgmt_internal_test.c: New test of keymgmt internals This tests diverse internal KEYMGMT features. The current existing test checks that evp_keymgmt_export_to_provider() passes t
test/keymgmt_internal_test.c: New test of keymgmt internals This tests diverse internal KEYMGMT features. The current existing test checks that evp_keymgmt_export_to_provider() passes the key data correctly through two instances of the default provider, and that the resulting numbers at the end match the initial numbers. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10190)
show more ...
|