Move the description of the core types into their own pages

This expands on some of the core type descriptions, and also makes it
easier to find the documentation for each type, at least

Move the description of the core types into their own pages

This expands on some of the core type descriptions, and also makes it
easier to find the documentation for each type, at least on Unix, with
a simple call like "man OSSL_ALGORITHM".

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19842)

show more ...

Better sorting of util/other.syms

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1984

Better sorting of util/other.syms

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19842)

show more ...

Fix treatment of BUILD_METADATA

According to documentation [^1], the BUILD_METADATA from VERSION.dat should
be prefixed with a plus sign when used. It is given this treatment in
Con

Fix treatment of BUILD_METADATA

According to documentation [^1], the BUILD_METADATA from VERSION.dat should
be prefixed with a plus sign when used. It is given this treatment in
Configure, but not in all other scripts that use VERSION.dat directly.
This change fixes that.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/19815)

show more ...

Compensate for CMP-related TODOs removed by PR #15539

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: David von Oheimb

Compensate for CMP-related TODOs removed by PR #15539

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/16006)

show more ...

Replace "a RSA" with "an RSA"

Fixes openssl#19771

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Pa

Replace "a RSA" with "an RSA"

Fixes openssl#19771

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19787)

show more ...

Implement OSSL_PROVIDER_get0_default_search_path, add docs and tests.

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://git

Implement OSSL_PROVIDER_get0_default_search_path, add docs and tests.

Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19752)

show more ...

timing_load_creds: Add timersub macro for platforms where it is missing

Fixes #19812

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>

timing_load_creds: Add timersub macro for platforms where it is missing

Fixes #19812

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19817)

show more ...

Fix the code used to detect aarch64 capabilities when we don't have getauxval()

In addition to a missing prototype there was also a missing closing brace '}'.

Fixes #19825.

Fix the code used to detect aarch64 capabilities when we don't have getauxval()

In addition to a missing prototype there was also a missing closing brace '}'.

Fixes #19825.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19833)

show more ...

Fix the check of BIO_set_write_buffer_size and BIO_set_read_buffer_size

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https:

Fix the check of BIO_set_write_buffer_size and BIO_set_read_buffer_size

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19819)

show more ...

Fix the check of EVP_PKEY_decrypt_init

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull

Fix the check of EVP_PKEY_decrypt_init

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19819)

show more ...

Fix the checks in rsautl_main

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19819)

Drop a spurious printf in evp_test.c

A spurious printf was added to evp_test.c - probably for debugging
purposes. This actually causes runtime errors in some cases because the
name b

Drop a spurious printf in evp_test.c

A spurious printf was added to evp_test.c - probably for debugging
purposes. This actually causes runtime errors in some cases because the
name being printed can be NULL.

Fixes #19814

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19820)

show more ...

Sync CHANGES.md and NEWS.md with 3.1 release

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/opens

Sync CHANGES.md and NEWS.md with 3.1 release

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19808)

show more ...

hpke: fix tests with disabled chacha20 or poly1305

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/op

hpke: fix tests with disabled chacha20 or poly1305

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/19784)

show more ...

Refactoring some operations to avoid repeated calls

Fetch the EVP_CIPHER for aead in OSSL_HPKE_CTX_new()
to avoid re-fetching on each aead operation.

Save kem/kdf/aead_info in O

Refactoring some operations to avoid repeated calls

Fetch the EVP_CIPHER for aead in OSSL_HPKE_CTX_new()
to avoid re-fetching on each aead operation.

Save kem/kdf/aead_info in OSSL_HPKE_CTX.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/19784)

show more ...

hpke_aead_enc/dec(): Refactor to pass in OSSL_HPKE_CTX *

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.

hpke_aead_enc/dec(): Refactor to pass in OSSL_HPKE_CTX *

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/19784)

show more ...

ossl_kdf_ctx_create(): Check for NULL KDF being fetched

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.c

ossl_kdf_ctx_create(): Check for NULL KDF being fetched

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/19784)

show more ...

Fix build on NonStop

Fixes #19810

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Richard Levitte <levitte@openssl.

Fix build on NonStop

Fixes #19810

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19811)

show more ...

QUIC Connection State Machine Design Document

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl

QUIC Connection State Machine Design Document

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19452)

show more ...

doc: fix EVP_SignInit.pod

Fixes GH #19786

Also simplify the CSPRNG must be seeded argument.

Since version 1.1.1, the CSPRNG is seeded automatically on first use,
so it'

doc: fix EVP_SignInit.pod

Fixes GH #19786

Also simplify the CSPRNG must be seeded argument.

Since version 1.1.1, the CSPRNG is seeded automatically on first use,
so it's not the responsibility of the programmer anymore. Still, he
needs to be aware that the seeding might fail.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19789)

show more ...

Clarify the EVP_PKEY_decrypt manual page

Fixes #19790

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github

Clarify the EVP_PKEY_decrypt manual page

Fixes #19790

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19792)

show more ...

Don't set cancel state/type

pthread_cancel() is never called by OpenSSL. Therefore this is no point in
setting the cancel state/type. The functions to set the cancel state/type
are n

Don't set cancel state/type

pthread_cancel() is never called by OpenSSL. Therefore this is no point in
setting the cancel state/type. The functions to set the cancel state/type
are not supported on Android and result in compilation failures. Therefore
we remove these calls completely.

Fixes #19559

Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/19779)

show more ...

cmp_client_test.c: add tests for OSSL_CMP_CTX_get_status

This is a follow-up of #19205, adding test cases as requested.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by:

cmp_client_test.c: add tests for OSSL_CMP_CTX_get_status

This is a follow-up of #19205, adding test cases as requested.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/19760)

show more ...

[test/recipes] Add RFC6979 deterministic DSA KATs in evptest format

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <h

[test/recipes] Add RFC6979 deterministic DSA KATs in evptest format

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18809)

show more ...

[test/recipes] RFC6979 deterministic ECDSA KATs in evptest format

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hla

[test/recipes] RFC6979 deterministic ECDSA KATs in evptest format

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18809)

show more ...