openssl - OpenGrok history log for /openssl

Revision (<<< Hide revision tags) (Show revision tags >>>)	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
fecb3aae	03-May-2022	Matt Caswell	Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> Release: yes .github/workflows/ci.yml .github/workflows/cross-compiles.yml .github/workflows/run-checker-ci.yml .github/workflows/run-checker-daily.yml Configure apps/ciphers.c apps/cmp.c apps/cms.c apps/crl.c apps/dgst.c apps/dhparam.c apps/dsa.c apps/dsaparam.c apps/ec.c apps/ecparam.c apps/enc.c apps/gendsa.c apps/genpkey.c apps/genrsa.c apps/include/cmp_mock_srv.h apps/include/http_server.h apps/include/opt.h apps/include/s_apps.h apps/lib/cmp_mock_srv.c apps/lib/http_server.c apps/lib/names.c apps/lib/opt.c apps/lib/s_cb.c apps/lib/s_socket.c apps/lib/vms_term_sock.c apps/list.c apps/ocsp.c apps/passwd.c apps/pkcs12.c apps/pkcs7.c apps/pkey.c apps/pkeyutl.c apps/prime.c apps/progs.pl apps/rand.c apps/rehash.c apps/req.c apps/rsa.c apps/s_client.c apps/s_server.c apps/smime.c apps/speed.c apps/storeutl.c apps/ts.c apps/verify.c apps/x509.c crypto/LPdir_unix.c crypto/aes/aes_core.c crypto/aes/asm/aesv8-armx.pl crypto/aes/asm/bsaes-armv8.pl crypto/arm64cpuid.pl crypto/arm_arch.h crypto/armcap.c crypto/asn1/a_sign.c crypto/asn1/ameth_lib.c crypto/asn1/asn1_gen.c crypto/asn1/d2i_pu.c crypto/asn1/i2d_evp.c crypto/asn1/p5_pbev2.c crypto/asn1/x_algor.c crypto/async/arch/async_null.c crypto/async/arch/async_null.h crypto/async/arch/async_posix.c crypto/async/arch/async_posix.h crypto/async/arch/async_win.c crypto/async/arch/async_win.h crypto/async/async.c crypto/bio/bio_addr.c crypto/bio/bio_err.c crypto/bio/bio_local.h crypto/bio/bio_print.c crypto/bio/bio_sock2.c crypto/bio/bss_acpt.c crypto/bio/bss_bio.c crypto/bio/bss_conn.c crypto/bio/bss_core.c crypto/bio/bss_sock.c crypto/bn/asm/rsaz-2k-avx512.pl crypto/bn/asm/rsaz-3k-avx512.pl crypto/bn/asm/rsaz-4k-avx512.pl crypto/bn/bn_div.c crypto/bn/bn_exp.c crypto/bn/bn_exp2.c crypto/bn/bn_lib.c crypto/bn/bn_local.h crypto/bn/bn_ppc.c crypto/bn/bn_sqrt.c crypto/camellia/camellia.c crypto/chacha/asm/chacha-armv8.pl crypto/chacha/asm/chachap10-ppc.pl crypto/chacha/chacha_ppc.c crypto/cmp/cmp_client.c crypto/cmp/cmp_hdr.c crypto/cmp/cmp_msg.c crypto/cmp/cmp_protect.c crypto/cmp/cmp_vfy.c crypto/cms/cms_cd.c crypto/cms/cms_dh.c crypto/cms/cms_ec.c crypto/cms/cms_env.c crypto/cms/cms_io.c crypto/cms/cms_lib.c crypto/cms/cms_local.h crypto/cms/cms_rsa.c crypto/cms/cms_sd.c crypto/cms/cms_smime.c crypto/conf/conf_api.c crypto/conf/conf_def.c crypto/conf/conf_lib.c crypto/context.c crypto/core_namemap.c crypto/cpuid.c crypto/cryptlib.c crypto/ctype.c crypto/des/cfb_enc.c crypto/dh/dh_ameth.c crypto/dh/dh_backend.c crypto/dh/dh_group_params.c crypto/dh/dh_kdf.c crypto/dh/dh_key.c crypto/dllmain.c crypto/dsa/dsa_ameth.c crypto/dsa/dsa_backend.c crypto/dso/dso_dlfcn.c crypto/dso/dso_win32.c crypto/ec/curve25519.c crypto/ec/curve448/arch_32/f_impl32.c crypto/ec/curve448/curve448.c crypto/ec/ec2_oct.c crypto/ec/ec_backend.c crypto/ec/ec_lib.c crypto/ec/ecp_nistz256.c crypto/ec/ecp_s390x_nistp.c crypto/ec/ecx_meth.c crypto/encode_decode/decoder_lib.c crypto/encode_decode/decoder_meth.c crypto/encode_decode/decoder_pkey.c crypto/encode_decode/encoder_lib.c crypto/encode_decode/encoder_local.h crypto/encode_decode/encoder_meth.c crypto/encode_decode/encoder_pkey.c crypto/engine/eng_dyn.c crypto/engine/eng_init.c crypto/engine/eng_lib.c crypto/engine/tb_asnmth.c crypto/err/err.c crypto/evp/c_allc.c crypto/evp/ctrl_params_translate.c crypto/evp/digest.c crypto/evp/e_aes.c crypto/evp/e_aes_cbc_hmac_sha1.c crypto/evp/e_sm4.c crypto/evp/ec_support.c crypto/evp/evp_enc.c crypto/evp/evp_fetch.c crypto/evp/evp_lib.c crypto/evp/evp_local.h crypto/evp/exchange.c crypto/evp/keymgmt_lib.c crypto/evp/m_sigver.c crypto/evp/p5_crpt2.c crypto/evp/p_lib.c crypto/evp/pmeth_gn.c crypto/evp/pmeth_lib.c crypto/ffc/ffc_backend.c crypto/ffc/ffc_dh.c crypto/ffc/ffc_params.c crypto/ffc/ffc_params_generate.c crypto/getenv.c crypto/http/http_client.c crypto/info.c crypto/init.c crypto/initthread.c crypto/lhash/lh_stats.c crypto/lhash/lhash.c crypto/lhash/lhash_local.h crypto/md5/md5_local.h crypto/mem.c crypto/mem_sec.c crypto/modes/asm/aes-gcm-armv8-unroll8_64.pl crypto/modes/asm/aes-gcm-avx512.pl crypto/modes/asm/aes-gcm-ppc.pl crypto/modes/asm/ghashv8-armx.pl crypto/o_dir.c crypto/o_fopen.c crypto/o_init.c crypto/o_str.c crypto/objects/o_names.c crypto/objects/obj_dat.c crypto/objects/obj_xref.c crypto/ocsp/ocsp_vfy.c crypto/param_build.c crypto/param_build_set.c crypto/params.c crypto/params_dup.c crypto/passphrase.c crypto/pem/pem_lib.c crypto/pem/pem_pk8.c crypto/perlasm/ppc-xlate.pl crypto/perlasm/x86_64-xlate.pl crypto/pkcs12/p12_kiss.c crypto/pkcs7/pk7_lib.c crypto/poly1305/asm/poly1305-armv8.pl crypto/ppccap.c crypto/ppccpuid.pl crypto/property/defn_cache.c crypto/property/property.c crypto/property/property_parse.c crypto/property/property_string.c crypto/provider_child.c crypto/provider_conf.c crypto/provider_core.c crypto/rand/rand_deprecated.c crypto/rand/rand_egd.c crypto/rand/rand_lib.c crypto/rsa/rsa_ameth.c crypto/rsa/rsa_backend.c crypto/rsa/rsa_lib.c crypto/rsa/rsa_ossl.c crypto/s390x_arch.h crypto/self_test_core.c crypto/sha/asm/keccak1600-armv8.pl crypto/sha/sha1dgst.c crypto/sha/sha512.c crypto/siphash/siphash.c crypto/sm3/asm/sm3-armv8.pl crypto/sm3/sm3_local.h crypto/sm4/asm/vpsm4-armv8.pl crypto/sm4/sm4.c crypto/sparse_array.c crypto/store/store_lib.c crypto/store/store_meth.c crypto/store/store_result.c crypto/threads_pthread.c crypto/trace.c crypto/ts/ts_rsp_sign.c crypto/ui/ui_openssl.c crypto/ui/ui_util.c crypto/x509/by_dir.c crypto/x509/t_x509.c crypto/x509/v3_akid.c crypto/x509/v3_crld.c crypto/x509/v3_ist.c crypto/x509/v3_sxnet.c crypto/x509/v3_tlsf.c crypto/x509/v3_utf8.c crypto/x509/v3_utl.c crypto/x509/v3err.c crypto/x509/x509_lu.c crypto/x509/x509_trust.c crypto/x509/x509_vfy.c crypto/x509/x_pubkey.c demos/digest/EVP_MD_demo.c demos/mac/gmac.c demos/pkey/EVP_PKEY_EC_keygen.c dev/release.sh doc/internal/man3/OPTIONS.pod doc/internal/man3/OSSL_METHOD_STORE.pod doc/internal/man3/OSSL_SAFE_MATH_SIGNED.pod doc/internal/man3/ossl_cmp_mock_srv_new.pod doc/internal/man3/ossl_lib_ctx_get_data.pod doc/internal/man3/ossl_random_add_conf_module.pod doc/internal/man7/EVP_PKEY.pod doc/man1/openssl-ca.pod.in doc/man1/openssl-cms.pod.in doc/man1/openssl-dgst.pod.in doc/man1/openssl-dhparam.pod.in doc/man1/openssl-dsaparam.pod.in doc/man1/openssl-enc.pod.in doc/man1/openssl-gendsa.pod.in doc/man1/openssl-genpkey.pod.in doc/man1/openssl-genrsa.pod.in doc/man1/openssl-kdf.pod.in doc/man1/openssl-ocsp.pod.in doc/man1/openssl-pkcs7.pod.in doc/man1/openssl-s_client.pod.in doc/man1/openssl-s_server.pod.in doc/man1/openssl-speed.pod.in doc/man1/openssl-verification-options.pod doc/man1/openssl.pod doc/man3/ASN1_aux_cb.pod doc/man3/ASN1_item_sign.pod doc/man3/ASYNC_start_job.pod doc/man3/BIO_ADDR.pod doc/man3/BIO_connect.pod doc/man3/BIO_ctrl.pod doc/man3/BIO_f_base64.pod doc/man3/BIO_meth_new.pod doc/man3/BIO_s_accept.pod doc/man3/BIO_s_core.pod doc/man3/BN_add.pod doc/man3/BN_bn2bin.pod doc/man3/BN_rand.pod doc/man3/CMS_final.pod doc/man3/CONF_modules_load_file.pod doc/man3/DH_get0_pqg.pod doc/man3/ERR_get_error.pod doc/man3/EVP_DigestInit.pod doc/man3/EVP_EncryptInit.pod doc/man3/EVP_KEYMGMT.pod doc/man3/EVP_PKEY2PKCS8.pod doc/man3/EVP_PKEY_derive.pod doc/man3/EVP_PKEY_gettable_params.pod doc/man3/EVP_PKEY_new.pod doc/man3/EVP_PKEY_todata.pod doc/man3/EVP_blake2b512.pod doc/man3/EVP_md2.pod doc/man3/EVP_md4.pod doc/man3/EVP_md5.pod doc/man3/EVP_mdc2.pod doc/man3/EVP_ripemd160.pod doc/man3/EVP_sha1.pod doc/man3/EVP_sha224.pod doc/man3/EVP_sha3_224.pod doc/man3/EVP_sm3.pod doc/man3/EVP_whirlpool.pod doc/man3/OCSP_resp_find_status.pod doc/man3/OCSP_sendreq_new.pod doc/man3/OPENSSL_LH_stats.pod doc/man3/OPENSSL_hexchar2int.pod doc/man3/OSSL_CMP_CTX_new.pod doc/man3/OSSL_CMP_MSG_get0_header.pod doc/man3/OSSL_CMP_log_open.pod doc/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.pod doc/man3/OSSL_DECODER.pod doc/man3/OSSL_DECODER_CTX_new_for_pkey.pod doc/man3/OSSL_ENCODER.pod doc/man3/OSSL_ENCODER_CTX.pod doc/man3/OSSL_ENCODER_CTX_new_for_pkey.pod doc/man3/OSSL_ESS_check_signing_certs.pod doc/man3/OSSL_HTTP_REQ_CTX.pod doc/man3/OSSL_HTTP_parse_url.pod doc/man3/OSSL_PARAM.pod doc/man3/OSSL_PARAM_BLD.pod doc/man3/OSSL_PARAM_int.pod doc/man3/OSSL_STORE_LOADER.pod doc/man3/OSSL_trace_set_channel.pod doc/man3/OpenSSL_version.pod doc/man3/PEM_read_bio_PrivateKey.pod doc/man3/PKCS12_decrypt_skey.pod doc/man3/PKCS12_gen_mac.pod doc/man3/RAND_bytes.pod doc/man3/RSA_get0_key.pod doc/man3/SSL_CONF_cmd.pod doc/man3/SSL_CTX_get0_param.pod doc/man3/SSL_CTX_set1_curves.pod doc/man3/SSL_CTX_set1_verify_cert_store.pod doc/man3/SSL_CTX_set_cert_verify_callback.pod doc/man3/SSL_CTX_set_client_hello_cb.pod doc/man3/SSL_CTX_set_ssl_version.pod doc/man3/SSL_CTX_set_timeout.pod doc/man3/SSL_CTX_set_tmp_dh_callback.pod doc/man3/SSL_CTX_set_verify.pod doc/man3/SSL_set_session.pod doc/man3/SSL_want.pod doc/man3/X509V3_get_d2i.pod doc/man3/X509V3_set_ctx.pod doc/man3/X509_ALGOR_dup.pod doc/man3/X509_STORE_CTX_new.pod doc/man3/X509_VERIFY_PARAM_set_flags.pod doc/man3/X509_add_cert.pod doc/man3/X509_check_host.pod doc/man3/X509_cmp.pod doc/man3/X509_digest.pod doc/man3/X509_dup.pod doc/man3/X509_verify_cert.pod doc/man3/X509v3_get_ext_by_NID.pod doc/man5/config.pod doc/man5/x509v3_config.pod doc/man7/EVP_KDF-SSHKDF.pod doc/man7/EVP_KEYEXCH-DH.pod doc/man7/EVP_KEYEXCH-ECDH.pod doc/man7/EVP_MD-BLAKE2.pod doc/man7/EVP_PKEY-EC.pod doc/man7/bio.pod doc/man7/crypto.pod doc/man7/fips_module.pod doc/man7/life_cycle-pkey.pod doc/man7/migration_guide.pod doc/man7/openssl-glossary.pod doc/man7/provider-kdf.pod doc/man7/provider-keyexch.pod doc/man7/provider-object.pod doc/man7/provider-signature.pod doc/man7/provider.pod engines/e_dasync.c engines/e_devcrypto.c engines/e_loader_attic.c fuzz/asn1.c fuzz/client.c fuzz/fuzz_rand.c include/crypto/aes_platform.h include/crypto/ctype.h include/crypto/dh.h include/crypto/dsa.h include/crypto/evp.h include/crypto/md32_common.h include/crypto/modes.h include/crypto/ppc_arch.h include/crypto/rsa.h include/internal/bio.h include/internal/common.h include/internal/core.h include/internal/cryptlib.h include/internal/der.h include/internal/e_os.h include/internal/ktls.h include/internal/param_build_set.h include/internal/safe_math.h include/internal/sockets.h include/internal/tsan_assist.h include/openssl/async.h include/openssl/bio.h.in include/openssl/bioerr.h include/openssl/bn.h include/openssl/cms.h.in include/openssl/core_dispatch.h include/openssl/crypto.h.in include/openssl/ec.h include/openssl/engine.h include/openssl/evp.h include/openssl/self_test.h include/openssl/ssl.h.in include/openssl/x509.h.in include/openssl/x509v3err.h providers/common/capabilities.c providers/common/include/prov/provider_util.h providers/common/provider_util.c providers/fips/fipsprov.c providers/fips/self_test.c providers/fips/self_test_data.inc providers/implementations/ciphers/cipher_aes_gcm_hw.c providers/implementations/ciphers/cipher_aes_gcm_hw_aesni.inc providers/implementations/ciphers/cipher_aes_gcm_hw_armv8.inc providers/implementations/ciphers/cipher_aes_gcm_hw_ppc.inc providers/implementations/ciphers/cipher_aes_gcm_hw_vaes_avx512.inc providers/implementations/ciphers/cipher_cts.c providers/implementations/ciphers/cipher_rc4_hmac_md5.c providers/implementations/ciphers/cipher_sm4.h providers/implementations/ciphers/cipher_sm4_gcm_hw.c providers/implementations/ciphers/cipher_sm4_hw.c providers/implementations/ciphers/cipher_tdes.c providers/implementations/ciphers/cipher_tdes_default.c providers/implementations/digests/sha3_prov.c providers/implementations/encode_decode/decode_der2key.c providers/implementations/encode_decode/decode_epki2pki.c providers/implementations/encode_decode/decode_msblob2key.c providers/implementations/encode_decode/decode_pem2der.c providers/implementations/encode_decode/decode_pvk2key.c providers/implementations/encode_decode/encode_key2any.c providers/implementations/encode_decode/encode_key2blob.c providers/implementations/encode_decode/encode_key2ms.c providers/implementations/encode_decode/encode_key2text.c providers/implementations/encode_decode/endecoder_common.c providers/implementations/exchange/dh_exch.c providers/implementations/exchange/ecdh_exch.c providers/implementations/include/prov/ciphercommon.h providers/implementations/include/prov/ciphercommon_aead.h providers/implementations/include/prov/ciphercommon_ccm.h providers/implementations/include/prov/ciphercommon_gcm.h providers/implementations/kdfs/hkdf.c providers/implementations/kdfs/kbkdf.c providers/implementations/kdfs/krb5kdf.c providers/implementations/kdfs/pbkdf1.c providers/implementations/kdfs/pbkdf2.c providers/implementations/kdfs/pkcs12kdf.c providers/implementations/kdfs/pvkkdf.c providers/implementations/kdfs/scrypt.c providers/implementations/kdfs/sshkdf.c providers/implementations/kdfs/sskdf.c providers/implementations/kdfs/tls1_prf.c providers/implementations/kdfs/x942kdf.c providers/implementations/kem/rsa_kem.c providers/implementations/keymgmt/dh_kmgmt.c providers/implementations/keymgmt/dsa_kmgmt.c providers/implementations/keymgmt/ec_kmgmt.c providers/implementations/keymgmt/ecx_kmgmt.c providers/implementations/keymgmt/kdf_legacy_kmgmt.c providers/implementations/keymgmt/mac_legacy_kmgmt.c providers/implementations/keymgmt/rsa_kmgmt.c providers/implementations/macs/cmac_prov.c providers/implementations/macs/gmac_prov.c providers/implementations/macs/hmac_prov.c providers/implementations/macs/poly1305_prov.c providers/implementations/macs/siphash_prov.c providers/implementations/rands/crngt.c providers/implementations/rands/drbg.c providers/implementations/rands/drbg_ctr.c providers/implementations/rands/seeding/rand_unix.c providers/implementations/rands/seeding/rand_vms.c providers/implementations/signature/rsa_sig.c providers/implementations/signature/sm2_sig.c providers/implementations/storemgmt/file_store.c providers/legacyprov.c ssl/d1_lib.c ssl/ktls.c ssl/record/rec_layer_s3.c ssl/record/ssl3_record.c ssl/s3_lib.c ssl/ssl_cert.c ssl/ssl_conf.c ssl/ssl_err.c ssl/ssl_init.c ssl/ssl_lib.c ssl/ssl_local.h ssl/ssl_rsa.c ssl/ssl_sess.c ssl/ssl_txt.c ssl/statem/extensions.c ssl/statem/extensions_clnt.c ssl/statem/extensions_srvr.c ssl/statem/statem.c ssl/statem/statem_clnt.c ssl/statem/statem_dtls.c ssl/statem/statem_lib.c ssl/statem/statem_local.h ssl/statem/statem_srvr.c ssl/t1_enc.c ssl/t1_lib.c ssl/tls13_enc.c test/asynctest.c test/bio_enc_test.c test/bntest.c test/cmp_client_test.c test/cmp_vfy_test.c test/cmsapitest.c test/context_internal_test.c test/crltest.c test/ct_test.c test/dhtest.c test/dtls_mtu_test.c test/endecode_test.c test/enginetest.c test/evp_extra_test.c test/evp_extra_test2.c test/evp_fetch_prov_test.c test/evp_libctx_test.c test/evp_pkey_dparams_test.c test/evp_pkey_provided_test.c test/evp_test.c test/helpers/handshake.c test/helpers/handshake_srp.c test/helpers/predefined_dhparams.c test/helpers/predefined_dhparams.h test/helpers/ssl_test_ctx.c test/helpers/ssltestlib.c test/mdc2test.c test/p_test.c test/param_build_test.c test/params_api_test.c test/params_conversion_test.c test/params_test.c test/provfetchtest.c test/provider_test.c test/rdcpu_sanitytest.c test/recipes/02-test_localetest.t test/recipes/03-test_fipsinstall.t test/recipes/04-test_bio_tfo.t test/recipes/10-test_bn_data/bnmod.txt test/recipes/15-test_ecparam.t test/recipes/15-test_gendhparam.t test/recipes/15-test_genrsa.t test/recipes/15-test_rsapss.t test/recipes/20-test_dgst.t test/recipes/25-test_pkcs7.t test/recipes/25-test_req.t test/recipes/30-test_evp_data/evpciph_aes_ccm_cavs.txt test/recipes/30-test_evp_data/evpciph_des3_common.txt test/recipes/30-test_evp_data/evpmac_poly1305.txt test/recipes/30-test_evp_data/evppkey_ffdhe.txt test/recipes/70-test_sslrecords.t test/recipes/70-test_tls13hrr.t test/recipes/70-test_verify_extra.t test/recipes/80-test_cms.t test/recipes/80-test_cmsapi.t test/recipes/80-test_ocsp.t test/recipes/80-test_pkcs12.t test/recipes/80-test_ssl_old.t test/recipes/90-test_sslapi.t test/recipes/90-test_threads.t test/recipes/95-test_external_tlsfuzzer.t test/run_tests.pl test/safe_math_test.c test/sanitytest.c test/secmemtest.c test/siphash_internal_test.c test/ssl-tests/28-seclevel.cnf.in test/ssl_old_test.c test/sslapitest.c test/threadstest.c test/tls-provider.c test/upcallstest.c test/v3nametest.c test/verify_extra_test.c tools/c_rehash.in util/add-depends.pl util/perl/OpenSSL/config.pm util/perl/OpenSSL/copyright.pm
73e044bd	26-Apr-2022	Matt Caswell	Update CHANGES and NEWS for new release Reviewed-by: Tomas Mraz <tomas@openssl.org> Release: yes CHANGES.md NEWS.md
60e93805	02-May-2022	Pauli	Update Paul's pgp key signature Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18 Update Paul's pgp key signature Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18219) show more ... doc/fingerprints.txt
7c332707	26-Apr-2022	Tomas Mraz	c_rehash: Do not use shell to invoke openssl Except on VMS where it is safe. This fixes CVE-2022-1292. Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> R c_rehash: Do not use shell to invoke openssl Except on VMS where it is safe. This fixes CVE-2022-1292. Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Matt Caswell <matt@openssl.org> show more ... tools/c_rehash.in
33219939	15-Apr-2022	Matt Caswell	Fix the RC4-MD5 cipher A copy&paste error meant that the RC4-MD5 cipher (used in TLS) used the TLS AAD data as the MAC key. CVE-2022-1434 Fixes #18112 Reviewed Fix the RC4-MD5 cipher A copy&paste error meant that the RC4-MD5 cipher (used in TLS) used the TLS AAD data as the MAC key. CVE-2022-1434 Fixes #18112 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> show more ... providers/implementations/ciphers/cipher_rc4_hmac_md5.c test/recipes/30-test_evp_data/evpciph_aes_stitched.txt test/recipes/30-test_evp_data/evpciph_rc4_stitched.txt
6ee1f4f4	13-Apr-2022	Matt Caswell	Test ocsp with invalid responses and the "-no_cert_checks" option The "-no_cert_checks" option causes the flag OCSP_NOCHECKS to be set. The bug fixed in the previous commit will cause th Test ocsp with invalid responses and the "-no_cert_checks" option The "-no_cert_checks" option causes the flag OCSP_NOCHECKS to be set. The bug fixed in the previous commit will cause the ocsp app to respond with a success result in the case when the OCSP response signing certificate fails to verify and -no_cert_checks is used - so we test that it fails in this case. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> show more ... test/recipes/80-test_ocsp.t
21f89f54	13-Apr-2022	Matt Caswell	Fix OCSP_basic_verify signer certificate validation The function `OCSP_basic_verify` validates the signer certificate on an OCSP response. The internal function, ocsp_verify_signer, is r Fix OCSP_basic_verify signer certificate validation The function `OCSP_basic_verify` validates the signer certificate on an OCSP response. The internal function, ocsp_verify_signer, is responsible for this and is expected to return a 0 value in the event of a failure to verify. Unfortunately, due to a bug, it actually returns with a postive success response in this case. In the normal course of events OCSP_basic_verify will then continue and will fail anyway in the ocsp_check_issuer function because the supplied "chain" value will be empty in the case that ocsp_verify_signer failed to verify the chain. This will cause OCSP_basic_verify to return with a negative result (fatal error). Normally in the event of a failure to verify it should return with 0. However, in the case of the OCSP_NOCHECKS flag being used, OCSP_basic_verify will return with a positvie result. This could lead to callers trusting an OCSP Basic response when it should not be. CVE-2022-1343 Fixes #18053 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> show more ... crypto/ocsp/ocsp_vfy.c
b1b2146d	07-Feb-2022	Daniel Hu	Acceleration of chacha20 on aarch64 by SVE This patch accelerates chacha20 on aarch64 when Scalable Vector Extension (SVE) is supported by CPU. Tested on modern micro-architecture with Acceleration of chacha20 on aarch64 by SVE This patch accelerates chacha20 on aarch64 when Scalable Vector Extension (SVE) is supported by CPU. Tested on modern micro-architecture with 256-bit SVE, it has the potential to improve performance up to 20% The solution takes a hybrid approach. SVE will handle multi-blocks that fit the SVE vector length, with Neon/Scalar to process any tail data Test result: With SVE type 1024 bytes 8192 bytes 16384 bytes ChaCha20 1596208.13k 1650010.79k 1653151.06k Without SVE (by Neon/Scalar) type 1024 bytes 8192 bytes 16384 bytes chacha20 1355487.91k 1372678.83k 1372662.44k The assembly code has been reviewed internally by ARM engineer Fangming.Fang@arm.com Signed-off-by: Daniel Hu <Daniel.Hu@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17916) show more ... crypto/arm64cpuid.pl crypto/arm_arch.h crypto/armcap.c crypto/chacha/asm/chacha-armv8-sve.pl crypto/chacha/asm/chacha-armv8.pl crypto/chacha/build.info
04904a0f	27-Oct-2021	Jonathan Swinney	md5: add assembly implementation for aarch64 This change improves md5 performance significantly by using a hand-optimized assembly implementation of the inner loop of md5 calculation. Th md5: add assembly implementation for aarch64 This change improves md5 performance significantly by using a hand-optimized assembly implementation of the inner loop of md5 calculation. The instructions are carefully ordered to separate data dependencies as much as possible. Test with: $ openssl speed md5 AWS Graviton 2 type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes md5 46990.60k 132778.65k 270376.96k 364718.08k 405962.75k 409201.32k md5-modified 51725.23k 152236.22k 323469.14k 453869.57k 514102.61k 519056.04k +10% +15% +20% +24% +27% +27% Apple M1 type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes md5 74634.39k 195561.25k 375434.45k 491004.23k 532361.40k 536636.48k md5-modified 84637.11k 229017.09k 444609.62k 588069.50k 655114.24k 660850.56k +13% +17% +18% +20% +23% +23% Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16928) show more ... crypto/md5/asm/md5-aarch64.pl crypto/md5/build.info crypto/md5/md5_local.h
93983e55	29-Apr-2022	Dmitry Belyavskiy	Improving locale test Fixes #18205 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pul Improving locale test Fixes #18205 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18211) show more ... test/localetest.c
359dad51	28-Apr-2022	Tomas Mraz	fix_dh_paramgen_type: Avoid crash with invalid paramgen type Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github fix_dh_paramgen_type: Avoid crash with invalid paramgen type Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18202) show more ... crypto/evp/ctrl_params_translate.c
fe5c5cb8	13-Apr-2022	Tomas Mraz	evp_md_init_internal: Avoid reallocating algctx if digest unchanged Fixes #16947 Also refactor out algctx freeing into a separate function. Reviewed-by: Dmitry Belyavskiy < evp_md_init_internal: Avoid reallocating algctx if digest unchanged Fixes #16947 Also refactor out algctx freeing into a separate function. Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Ben Kaduk <kaduk@mit.edu> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18105) show more ... crypto/evp/digest.c crypto/evp/m_sigver.c include/crypto/evp.h
e3477d3e	28-Apr-2022	Dr. David von Oheimb	http_client.c: check expected content type only if HTTP status code is 200 (OK) Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Da http_client.c: check expected content type only if HTTP status code is 200 (OK) Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18204) show more ... crypto/http/http_client.c
2d96bfd9	22-Apr-2022	Dmitry Belyavskiy	Testing the EVP_PKEY_CTX_new_from_name without preliminary init Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.c Testing the EVP_PKEY_CTX_new_from_name without preliminary init Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18199) show more ... test/build.info test/evp_pkey_ctx_new_from_name.c test/recipes/02-test_localetest.t
e560655f	22-Apr-2022	Dmitry Belyavskiy	Ensure we initialized the locale before evp_pkey_name2type Fixes #18158 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from Ensure we initialized the locale before evp_pkey_name2type Fixes #18158 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18199) show more ... crypto/evp/pmeth_lib.c
49d874e0	26-Apr-2022	Richard Levitte	Fix memleak in test/provider_test.c This memory leak is triggered when configuring with 'no-legacy' Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <b Fix memleak in test/provider_test.c This memory leak is triggered when configuring with 'no-legacy' Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/18179) show more ... test/provider_test.c
4d63eaf9	11-Apr-2022	yavtuk	Prefer .inst rather than .long for probe instructions in arm64cpuid.pl Fixes an issue disassembling the functions because the symtab contains an attribute indicating the presence of data Prefer .inst rather than .long for probe instructions in arm64cpuid.pl Fixes an issue disassembling the functions because the symtab contains an attribute indicating the presence of data within them. CLA: trivial Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18086) show more ... crypto/arm64cpuid.pl
bbe909d0	21-Apr-2022	Tomas Mraz	poly1305: Properly copy the whole context on dup Also reset the updated flag when Poly1305_Init is called. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <p poly1305: Properly copy the whole context on dup Also reset the updated flag when Poly1305_Init is called. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18143) show more ... providers/implementations/macs/poly1305_prov.c
ae2efd63	25-Apr-2022	Jan Engelhardt	doc: replace "symmetric cipher" phrase in EVP_MD manpages CLA: trivial Reviewed-by: Ben Kaduk <kaduk@mit.edu> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https: doc: replace "symmetric cipher" phrase in EVP_MD manpages CLA: trivial Reviewed-by: Ben Kaduk <kaduk@mit.edu> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18169) show more ... doc/man3/EVP_blake2b512.pod doc/man3/EVP_md2.pod doc/man3/EVP_md4.pod doc/man3/EVP_md5.pod doc/man3/EVP_mdc2.pod doc/man3/EVP_ripemd160.pod doc/man3/EVP_sha1.pod doc/man3/EVP_sha224.pod doc/man3/EVP_sha3_224.pod doc/man3/EVP_sm3.pod doc/man3/EVP_whirlpool.pod
2dc3a4a4	21-Apr-2022	Jon Spillett	Prefer GNU library initialization mechanism over platform one If GNU toolchain is used, use the __attribute__((constructor)) Reviewed-by: Matt Caswell <matt@openssl.org> Reviewe Prefer GNU library initialization mechanism over platform one If GNU toolchain is used, use the __attribute__((constructor)) Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18147) show more ... providers/fips/self_test.c
4b694f29	21-Apr-2022	Tomas Mraz	Test that SipHash_Final() fails on uninited context Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/op Test that SipHash_Final() fails on uninited context Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18142) show more ... test/siphash_internal_test.c
905fec4f	21-Apr-2022	Tomas Mraz	siphash: Properly set mac size in sipcopy Also fully duplicate the context on dup Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Me siphash: Properly set mac size in sipcopy Also fully duplicate the context on dup Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18142) show more ... providers/implementations/macs/siphash_prov.c
650b142c	21-Apr-2022	Tomas Mraz	siphash: Fail finalization on uninitialized siphash context Fixes #18140 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from siphash: Fail finalization on uninitialized siphash context Fixes #18140 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18142) show more ... crypto/siphash/siphash.c
1d64b068	23-Apr-2022	Mathias Berchtold	Move ossl_deinit_casecmp to the end of OPENSSL_cleanup() Calls like evp_cleanup_int() depend on OPENSSL_strcasecmp(). Fixes https://github.com/openssl/openssl/issues/18160 Move ossl_deinit_casecmp to the end of OPENSSL_cleanup() Calls like evp_cleanup_int() depend on OPENSSL_strcasecmp(). Fixes https://github.com/openssl/openssl/issues/18160 Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18161) show more ... crypto/init.c
7510aee2	24-Apr-2022	EasySec	pem_password_cb(3): References to other man pages Refer to OSSL_ENCODER_to_bio and OSSL_DECODER_from_bio man pages. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-b pem_password_cb(3): References to other man pages Refer to OSSL_ENCODER_to_bio and OSSL_DECODER_from_bio man pages. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18164) show more ... doc/man3/PEM_read_bio_PrivateKey.pod
1...<<191 192 193 194 195 196197198 199 200 >>...1443