History log of /openssl/ (Results 126 – 150 of 36044)
Revision (<<< Hide revision tags) (Show revision tags >>>)Date Author Comments
(<<< Hide modified files)
(Show modified files >>>)
d1a0bbe627-Sep-2024 Dr. David von Oheimb

test/recipes/tconversion.pl: add sub test_file_contains

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/

test/recipes/tconversion.pl: add sub test_file_contains

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25559)

show more ...


test/recipes/tconversion.pl
47ebeb1c02-Oct-2024 Pauli

doc: add note about fips jitter option

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl

doc: add note about fips jitter option

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/25498)

show more ...


doc/man7/EVP_RAND-JITTER.pod
4bdbd83002-Oct-2024 Pauli

doc: add note about the configuration option for the jitter source.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https

doc: add note about the configuration option for the jitter source.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/25498)

show more ...


doc/man7/EVP_RAND-JITTER.pod
4c44603d19-Sep-2024 Pauli

TEMPORARY: run daily checks on PR

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull

TEMPORARY: run daily checks on PR

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/25498)

show more ...


.github/workflows/run-checker-daily.yml
348c928d23-Sep-2024 Pauli

fips: fix locking issues

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/25498)


providers/implementations/rands/fips_crng_test.c
b448cc1a19-Sep-2024 Pauli

test: add test for fips-jitter

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/25

test: add test for fips-jitter

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/25498)

show more ...


.github/workflows/run-checker-daily.yml
ed524da119-Sep-2024 Pauli

add news and changes entries for the internal jitter source in FIPS

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https

add news and changes entries for the internal jitter source in FIPS

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/25498)

show more ...


CHANGES.md
NEWS.md
fc5fb3c919-Sep-2024 Pauli

fips: mention the internal jitter source in the FIPS README

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://githu

fips: mention the internal jitter source in the FIPS README

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/25498)

show more ...


README-FIPS.md
3a01d5d619-Sep-2024 Pauli

jitter: support an internal jitter entropy source in the FIPS provider

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from ht

jitter: support an internal jitter entropy source in the FIPS provider

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/25498)

show more ...


crypto/rand/build.info
crypto/rand/rand_lib.c
providers/fips/fipsprov.c
providers/implementations/rands/build.info
61f032cc19-Sep-2024 Pauli

Add configuration option to allow the FIPS provider to use the jitter source internally

Enabling this breaks FIPS compliance unless an entropy assessment and a revalidation
are undertake

Add configuration option to allow the FIPS provider to use the jitter source internally

Enabling this breaks FIPS compliance unless an entropy assessment and a revalidation
are undertaken.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/25498)

show more ...


Configure
INSTALL.md
01ec59de18-Sep-2024 Pauli

jitter: avoid a signed vs unsigned comparison

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/

jitter: avoid a signed vs unsigned comparison

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/25498)

show more ...


providers/implementations/rands/seed_src_jitter.c
6f08353a04-Oct-2024 Dimitri John Ledkov

doc: EVP_KDF document the semantic meaning of output

Explicitely document what semantic meaning do various EVP_KDF
algorithms produce.

PBKDF2 produces cryptographic keys that ar

doc: EVP_KDF document the semantic meaning of output

Explicitely document what semantic meaning do various EVP_KDF
algorithms produce.

PBKDF2 produces cryptographic keys that are subject to cryptographic
security measures, for example as defined in NIST SP 800-132.

All other algorithms produce keying material, not subject to explicit
output length checks in any known standards.

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25610)

show more ...


doc/man7/EVP_KDF-HKDF.pod
doc/man7/EVP_KDF-KB.pod
doc/man7/EVP_KDF-PBKDF2.pod
doc/man7/EVP_KDF-SS.pod
doc/man7/EVP_KDF-SSHKDF.pod
doc/man7/EVP_KDF-TLS13_KDF.pod
doc/man7/EVP_KDF-TLS1_PRF.pod
doc/man7/EVP_KDF-X942-ASN1.pod
doc/man7/EVP_KDF-X963.pod
cdbe47bf04-Oct-2024 Dmitry Belyavskiy

Increase limit for CRL download

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged

Increase limit for CRL download

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25608)

show more ...


crypto/x509/x_all.c
include/openssl/http.h
e647220c04-Oct-2024 Dmitry Belyavskiy

Documenting CRL download usage and restrictions

Fixes #25603

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas

Documenting CRL download usage and restrictions

Fixes #25603

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25608)

show more ...


doc/man1/openssl-s_client.pod.in
doc/man3/X509_load_http.pod
73e720c307-Oct-2024 Pauli

evp_libctx_test: fix provider compat CI regression

The regression was introduced by #25522.

Fixes #25632

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Sha

evp_libctx_test: fix provider compat CI regression

The regression was introduced by #25522.

Fixes #25632

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25633)

show more ...


test/evp_libctx_test.c
0a2a8d9703-Oct-2024 Niels Dossche <7771979+nielsdos@users.noreply.github.com>

Fix potential memory leak in save_statusInfo()

If sk_ASN1_UTF8STRING_push() fails then the duplicated string will leak
memory. Add a ASN1_UTF8STRING_free() to fix this.

CLA: tri

Fix potential memory leak in save_statusInfo()

If sk_ASN1_UTF8STRING_push() fails then the duplicated string will leak
memory. Add a ASN1_UTF8STRING_free() to fix this.

CLA: trivial

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25604)

show more ...


crypto/cmp/cmp_client.c
d8b7a6ea02-Oct-2024 Niels Dossche <7771979+nielsdos@users.noreply.github.com>

Fix potential memory leak in PKCS7_signatureVerify()

Fixes #25594

The code jumps to an error block when EVP_VerifyUpdate fails.
This error block does not free abuf.
In the s

Fix potential memory leak in PKCS7_signatureVerify()

Fixes #25594

The code jumps to an error block when EVP_VerifyUpdate fails.
This error block does not free abuf.
In the success path the abuf memory is freed.
Move the free operation to the error block.

CLA: trivial

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25596)

show more ...


crypto/pkcs7/pk7_doit.c
80a3143530-Sep-2024 Olivier Chéron

Test PBMAC1 with absent PBKDF2 PRF

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull

Test PBMAC1 with absent PBKDF2 PRF

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25568)

show more ...


test/recipes/80-test_pkcs12.t
test/recipes/80-test_pkcs12_data/pbmac1_sha1_hmac_and_prf.p12
f3652dff29-Sep-2024 Olivier Chéron

Handle PBMAC1 with absent PBKDF2 PRF

PRF in PBKDF2-params is optional and defaults to hmacWithSHA1.

CLA: trivial

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Revi

Handle PBMAC1 with absent PBKDF2 PRF

PRF in PBKDF2-params is optional and defaults to hmacWithSHA1.

CLA: trivial

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25568)

show more ...


apps/pkcs12.c
crypto/pkcs12/p12_mutl.c
0d6544cd17-Aug-2024 Beat Bolli

check-format-commit: call fewer unneeded processes

`wc` does not output a file name if the input is stdin.

`awk` reads its file argument; there's no need for `cat`.

`sort -

check-format-commit: call fewer unneeded processes

`wc` does not output a file name if the input is stdin.

`awk` reads its file argument; there's no need for `cat`.

`sort -u` outputs unique lines. It should be supported on all platforms,
as it's specified by POSIX.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25562)

show more ...


util/check-format-commit.sh
1c1223ff27-Sep-2024 Neil Horman

Add some documentation to describe the encap/decap requirements

Document the fact that we now require unwrappedlen/wrappedlen to be set
to the size of the unwrapped/wrapped buffers

Add some documentation to describe the encap/decap requirements

Document the fact that we now require unwrappedlen/wrappedlen to be set
to the size of the unwrapped/wrapped buffers

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25522)

show more ...


doc/man3/EVP_PKEY_decapsulate.pod
doc/man3/EVP_PKEY_encapsulate.pod
providers/implementations/kem/rsa_kem.c
796b2caa24-Sep-2024 Neil Horman

Adjust tests to fetch the output len for EVP_PKEY_[en|de]cap

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas

Adjust tests to fetch the output len for EVP_PKEY_[en|de]cap

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25522)

show more ...


test/evp_libctx_test.c
0f95168523-Sep-2024 Neil Horman

Update rsasve_recover to properly store outlen on success

Outlen was never validated in this function prior to use, nor is it set
to the decrypted value on sucess. Add both of those ope

Update rsasve_recover to properly store outlen on success

Outlen was never validated in this function prior to use, nor is it set
to the decrypted value on sucess. Add both of those operations

Fixes #25509

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25522)

show more ...


providers/implementations/kem/rsa_kem.c
5bc13d5d20-Sep-2024 Tomas Mraz

cmp_vfy_test.c: Avoid NULL pointer dereference

Fixes Coverity 1619463

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged fro

cmp_vfy_test.c: Avoid NULL pointer dereference

Fixes Coverity 1619463

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25503)

show more ...


test/cmp_vfy_test.c
4450171510-May-2024 Klaus Holst Jacobsen

Added check for __QNX__ define when using in_pktinfo.ipi_spec_dst

CLA: trivial

Reviewed-by: Hugo Landau <hlandau@devever.net>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Me

Added check for __QNX__ define when using in_pktinfo.ipi_spec_dst

CLA: trivial

Reviewed-by: Hugo Landau <hlandau@devever.net>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24361)

show more ...


crypto/bio/bss_dgram.c

12345678910>>...1442