| bd5c91c8 | 16-Mar-2022 |
Tomas Mraz |
eng_dyn: Avoid spurious errors when checking for 1.1.x engine
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://githu
eng_dyn: Avoid spurious errors when checking for 1.1.x engine
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17901)
show more ...
|
| a07a70c7 | 16-Mar-2022 |
Hugo Landau |
Fix documentation for provider-signature
Fixes #17909.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale
Fix documentation for provider-signature
Fixes #17909.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17914)
show more ...
|
| a12a71fa | 16-Mar-2022 |
Hugo Landau |
Fix declaration inconsistency (Camellia)
Fixes #17911.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale
Fix declaration inconsistency (Camellia)
Fixes #17911.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17912)
show more ...
|
| 7f039951 | 16-Mar-2022 |
Hugo Landau |
List missing operations in provider(7)
Fixes #17910.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <
List missing operations in provider(7)
Fixes #17910.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17915)
show more ...
|
| 930a7bd9 | 16-Mar-2022 |
Tobias Nießen |
Fix typos in CCM test vector titles
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17889) |
| edba1976 | 09-Mar-2022 |
tangyiqun |
check return value of functions that call BIO_new()
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
check return value of functions that call BIO_new()
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17850)
show more ...
|
| a40398a1 | 14-Mar-2022 |
Matt Caswell |
Update CHANGES/NEWS for new release
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org> |
| 3469282e | 28-Feb-2022 |
Tomas Mraz |
Add a negative testcase for BN_mod_sqrt
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org> |
| 03eccd26 | 28-Feb-2022 |
Tomas Mraz |
Add documentation of BN_mod_sqrt()
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org> |
| 9eafb536 | 28-Feb-2022 |
Tomas Mraz |
Fix possible infinite loop in BN_mod_sqrt()
The calculation in some cases does not finish for non-prime p.
This fixes CVE-2022-0778.
Based on patch by David Benjamin <david
Fix possible infinite loop in BN_mod_sqrt()
The calculation in some cases does not finish for non-prime p.
This fixes CVE-2022-0778.
Based on patch by David Benjamin <davidben@google.com>.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
show more ...
|
| 1832bb0f | 11-Mar-2022 |
Hugo Landau |
Fix signed integer overflow in evp_enc
Fixes #17869.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@o
Fix signed integer overflow in evp_enc
Fixes #17869.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17870)
show more ...
|
| ef9909f3 | 12-Mar-2022 |
Oliver Roberts |
Fixed typo in inner_evp_generic_fetch() error handling
Fixes #17876
CLA: trivial
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St
Fixed typo in inner_evp_generic_fetch() error handling
Fixes #17876
CLA: trivial
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17877)
show more ...
|
| b9a2f24e | 10-Mar-2022 |
Hugo Landau |
Fix IV length caching in EVP encryption code
The IV length cache value was being invalidated excessively, causing IV
length caching to be ineffective.
Related to #17064.
Fix IV length caching in EVP encryption code
The IV length cache value was being invalidated excessively, causing IV
length caching to be ineffective.
Related to #17064.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17862)
show more ...
|
| 224ea84b | 10-Mar-2022 |
Andrey Matyukov |
aes-gcm-avx512.pl: Fixed mingw64 build
Decoration prefix for some assembler labels in aes-gcm-avx512.pl was
fixed for mingw64 build.
Reviewed-by: Matt Caswell <matt@openssl.org>
aes-gcm-avx512.pl: Fixed mingw64 build
Decoration prefix for some assembler labels in aes-gcm-avx512.pl was
fixed for mingw64 build.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17868)
show more ...
|
| 86485398 | 02-Mar-2022 |
Hugo Landau |
Add EVP demo for SIPHASH
Fixes #14121.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Add EVP demo for SIPHASH
Fixes #14121.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17793)
show more ...
|
| e04c2c02 | 11-Mar-2022 |
Hugo Landau |
Fix bug in scrypt KDF provider dup method
The scrypt KDF provider's dup method calls kdf_scrypt_new passing a
libctx, but a provider context is expected. Since the provider context
i
Fix bug in scrypt KDF provider dup method
The scrypt KDF provider's dup method calls kdf_scrypt_new passing a
libctx, but a provider context is expected. Since the provider context
is passed as void *, this was not caught.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17873)
show more ...
|
| 4413fe35 | 10-Mar-2022 |
Tomas Mraz |
evp_test: Add testcases for DH KEX with X9.42 KDF
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.c
evp_test: Add testcases for DH KEX with X9.42 KDF
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/17859)
show more ...
|
| 76396ebb | 10-Mar-2022 |
Tomas Mraz |
Fix documentation of parameters for DH and ECDH KEX
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github
Fix documentation of parameters for DH and ECDH KEX
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/17859)
show more ...
|
| 01b18775 | 10-Mar-2022 |
Tomas Mraz |
DH: Make padding always on when X9.42 KDF is used
Fixes #17834
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged
DH: Make padding always on when X9.42 KDF is used
Fixes #17834
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/17859)
show more ...
|
| 2a921951 | 04-Mar-2022 |
Hugo Landau |
Add manpages for SSL_get_certificate, SSL_get_private_key
This is as I understand these functions from reading the code.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by
Add manpages for SSL_get_certificate, SSL_get_private_key
This is as I understand these functions from reading the code.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17815)
show more ...
|
| 2823e2e1 | 07-Mar-2022 |
Jiasheng Jiang |
crypto/pem/pem_lib.c: Add check for BIO_read
As the potential failure of the BIO_read(),
it should be better to add the check and return
error if fails.
Also, in order to decreas
crypto/pem/pem_lib.c: Add check for BIO_read
As the potential failure of the BIO_read(),
it should be better to add the check and return
error if fails.
Also, in order to decrease the same code, using
'out_free' will be better.
Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17754)
show more ...
|
| ad083f9b | 07-Mar-2022 |
Hugo Landau |
Add EVP demo for RSA key generation
Fixes #14111.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@open
Add EVP demo for RSA key generation
Fixes #14111.
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17824)
show more ...
|
| dfb39f73 | 07-Mar-2022 |
Tomas Mraz |
Replace handling of negative verification result with SSL_set_retry_verify()
Provide a different mechanism to indicate that the application wants
to retry the verification. The negative
Replace handling of negative verification result with SSL_set_retry_verify()
Provide a different mechanism to indicate that the application wants
to retry the verification. The negative result of the callback function
now indicates an error again.
Instead the SSL_set_retry_verify() can be called from the callback
to indicate that the handshake should be suspended.
Fixes #17568
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17825)
show more ...
|
| 7e1f3ffc | 23-Feb-2022 |
Danny Tsen |
Fixed conditional statement testing 64 and 256 bytes
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/op
Fixed conditional statement testing 64 and 256 bytes
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17760)
show more ...
|
| c0b7dac6 | 10-Mar-2022 |
Hugo Landau |
EVP_MD performance fix (refcount cache contention)
Partial fix for #17064. Avoid excessive writes to the cache line
containing the refcount for an EVP_MD object to avoid extreme
cach
EVP_MD performance fix (refcount cache contention)
Partial fix for #17064. Avoid excessive writes to the cache line
containing the refcount for an EVP_MD object to avoid extreme
cache contention when using a single EVP_MD at high frequency on
multiple threads. This changes performance in 3.0 from being double
that of 1.1 to only slightly higher than that of 1.1.
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17857)
show more ...
|
