| aececda7 | 13-Sep-2023 |
Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com> |
unnecessary whitespace before a quoted newline
Found by running the checkpatch.pl Linux script to enforce coding style.
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-b
unnecessary whitespace before a quoted newline
Found by running the checkpatch.pl Linux script to enforce coding style.
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22097)
show more ...
|
| 001b92d6 | 13-Sep-2023 |
Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com> |
Prefer ARRAY_SIZE(...)
In OpenSSL, it's actually OSSL_NELEM() in "internal/nelem.h".
Found by running the checkpatch.pl Linux script to enforce coding style.
Reviewed-by: N
Prefer ARRAY_SIZE(...)
In OpenSSL, it's actually OSSL_NELEM() in "internal/nelem.h".
Found by running the checkpatch.pl Linux script to enforce coding style.
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22097)
show more ...
|
| f83707dc | 13-Sep-2023 |
Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com> |
open brace '{' following struct go on the same line
Found by running the checkpatch.pl Linux script to enforce coding style.
Reviewed-by: Neil Horman <nhorman@openssl.org>
Revie
open brace '{' following struct go on the same line
Found by running the checkpatch.pl Linux script to enforce coding style.
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22097)
show more ...
|
| 962431d5 | 13-Sep-2023 |
Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com> |
that open brace { should be on the previous line
Found by running the checkpatch.pl Linux script to enforce coding style.
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed
that open brace { should be on the previous line
Found by running the checkpatch.pl Linux script to enforce coding style.
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22097)
show more ...
|
| 1cf2f823 | 13-Sep-2023 |
Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com> |
Remove trailing whitespace
Found by running the checkpatch.pl Linux script to enforce coding style.
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: David von Oheimb
Remove trailing whitespace
Found by running the checkpatch.pl Linux script to enforce coding style.
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22097)
show more ...
|
| a4fd9485 | 18-Jul-2024 |
jasper-smit-servicenow |
Update X509V3_get_d2i.pod returned pointer needs to be freed
CLA: trivial
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Review
Update X509V3_get_d2i.pod returned pointer needs to be freed
CLA: trivial
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/24927)
show more ...
|
| b2deefb9 | 18-Jul-2024 |
Tomas Mraz |
i2d_name_canon(): Check overflow in len accumulation
Fixes Coverity 1604638
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed
i2d_name_canon(): Check overflow in len accumulation
Fixes Coverity 1604638
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/24930)
show more ...
|
| 10c36d2f | 19-Jul-2024 |
Georgi Valkov |
gitignore: add .DS_Store
macOS creates .DS_Store files all over the place while browsing
directories. Add it to the list of ignored files.
Signed-off-by: Georgi Valkov <gvalkov@
gitignore: add .DS_Store
macOS creates .DS_Store files all over the place while browsing
directories. Add it to the list of ignored files.
Signed-off-by: Georgi Valkov <gvalkov@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/24942)
show more ...
|
| 787e1dd9 | 11-Jul-2024 |
Richard Levitte |
fix: style nits
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Todd Sho
fix: style nits
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/24854)
show more ...
|
| b96e10b9 | 11-Jul-2024 |
Richard Levitte |
fix: refactor the EVP_PKEY_OP checks
On the one hand, we have public macros that are collections of EVP_PKEY_OP
bits, like EVP_PKEY_OP_TYPE_SIG, obviously meant to be used like this:
fix: refactor the EVP_PKEY_OP checks
On the one hand, we have public macros that are collections of EVP_PKEY_OP
bits, like EVP_PKEY_OP_TYPE_SIG, obviously meant to be used like this:
if ((ctx->operation & EVP_PKEY_OP_TYPE_SIG) == 0) ...
On the other hand, we also have internal test macros, like
EVP_PKEY_CTX_IS_SIGNATURE_OP(), obviously meant to be used like this:
if (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)) ...
Unfortunately, these two sets of macros were completely separate, forcing
developers to keep them both sync, manually.
This refactor makes the internal macros use the corresponding public macros,
and adds the missing public macros, for consistency.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/24854)
show more ...
|
| a9887041 | 18-Jul-2024 |
Tomas Mraz |
tls13_meth.c: Check for negative return from EVP_CIPHER_CTX_get_iv_length()
Fixes Coverity 1598052
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tom Cosgrove <tom.cosgr
tls13_meth.c: Check for negative return from EVP_CIPHER_CTX_get_iv_length()
Fixes Coverity 1598052
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/24929)
show more ...
|
| 53b0527d | 19-Jul-2024 |
slontis |
Remove check for RSA encryption allowing X9.31 padding.
X9.31 is a Signature Standard, and should not apply to encryption.
rsa_ossl_public_encrypt() does not allow this padding mode
Remove check for RSA encryption allowing X9.31 padding.
X9.31 is a Signature Standard, and should not apply to encryption.
rsa_ossl_public_encrypt() does not allow this padding mode.
The openssl rsautil command line tool already failed if the
-x931 option was used with -encrypt
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/24938)
show more ...
|
| 98afa01f | 18-Jul-2024 |
Pauli |
fips: correctly initialise FIPS indicator settables
The `memset(3)` just happened to work because 2s complement.
This is more robust.
Also reduced the size of the indicator stru
fips: correctly initialise FIPS indicator settables
The `memset(3)` just happened to work because 2s complement.
This is more robust.
Also reduced the size of the indicator structure.
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24923)
show more ...
|
| 8a79f5bc | 18-Jul-2024 |
Tomas Mraz |
prov-compat-label.yml: Do not test fips provider from master
The master branch will be modified by the PR so the result will
be misleading.
Reviewed-by: Paul Dale <ppzgs1@gmail.
prov-compat-label.yml: Do not test fips provider from master
The master branch will be modified by the PR so the result will
be misleading.
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/24933)
show more ...
|
| d357e547 | 18-Jul-2024 |
Tomas Mraz |
Fix the provider compatibility CI
Added missing fips version checks in rand_test.c and evprand.txt
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Shane Lontis <shane.lon
Fix the provider compatibility CI
Added missing fips version checks in rand_test.c and evprand.txt
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/24933)
show more ...
|
| 50066236 | 16-Jul-2024 |
Neil Horman |
Fix coverity-1604661
Coverity called out an error in asn1parse_main, indicating that the
for(;;) loop which repeatedly reads from a bio and updates the length
value num, may overflow
Fix coverity-1604661
Coverity called out an error in asn1parse_main, indicating that the
for(;;) loop which repeatedly reads from a bio and updates the length
value num, may overflow said value prior to exiting the loop.
We could probably call this a false positive, but on very large PEM
file, I suppose it could happen, so just add a check to ensure that num
doesn't go from a large positive to a large negative value inside the
loop
Fixes openssl/private#571
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24910)
show more ...
|
| 0b67643a | 12-Jul-2024 |
Neil Horman |
Fix coverity-1610057
Coverity caught a error in a recent change, in which atoi was used to
assign a value to two size_t variables, and then checked them for being
>= 0, which will al
Fix coverity-1610057
Coverity caught a error in a recent change, in which atoi was used to
assign a value to two size_t variables, and then checked them for being
>= 0, which will always be true.
given that atoi returns an undefined value (usually zero) in the event
of a failure, theres no good way to check the return value of atoi for
validitiy.
Instead use OPENSSL_strtoul and confirm both that the translation
passed, and that the endptr value is at the NULL terminator (indicating
that the entire string was consumed)
Fixes openssl/private#552
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24861)
show more ...
|
| 863e44c1 | 12-Jul-2024 |
Neil Horman |
Add a stroul test
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24861) |
| 04f7729c | 12-Jul-2024 |
Neil Horman |
Add an OPENSSL_strtoul wrapper
utility function to give us sane checking on strtoul conversions
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@o
Add an OPENSSL_strtoul wrapper
utility function to give us sane checking on strtoul conversions
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24861)
show more ...
|
| 202ef97e | 24-Oct-2023 |
Tomas Mraz |
Allow short reads in asn1_d2i_read_bio()
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull
Allow short reads in asn1_d2i_read_bio()
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/22486)
show more ...
|
| 0d4663ca | 14-Jul-2024 |
erbsland-dev |
Improve clarity and readability of password input documentation
Fixed #7310: Enhanced existing documentation for password input methods
- Refined descriptions for password input methods:
Improve clarity and readability of password input documentation
Fixed #7310: Enhanced existing documentation for password input methods
- Refined descriptions for password input methods: `file:`, `fd:`, and `stdin`
- Enhanced readability and consistency in the instructions
- Clarified handling of multiple lines in read files.
- Clarified that `fd:` is not supported on Windows.
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24878)
show more ...
|
| 1b2ab42e | 16-Jul-2024 |
Randall S. Becker |
Change strnlen() to OPENSSL_strnlen() in fuzz/provider.
strnlen() is not portable. It is preferable to use the wrapper.
Fixes: #24908
Signed-off-by: Randall S. Becker <rand
Change strnlen() to OPENSSL_strnlen() in fuzz/provider.
strnlen() is not portable. It is preferable to use the wrapper.
Fixes: #24908
Signed-off-by: Randall S. Becker <randall.becker@nexbridge.ca>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/24912)
show more ...
|
| d7af3f7a | 15-Jul-2024 |
Gerd Hoffmann |
fix vs2019 warning
windows vs2019 throws warnings when compiling openssl for edk2:
ERROR - Compiler #2220 from [2024-07-15 13:43:34] [build-stdout] d:\a\edk2\edk2\CryptoPkg\Library\
fix vs2019 warning
windows vs2019 throws warnings when compiling openssl for edk2:
ERROR - Compiler #2220 from [2024-07-15 13:43:34] [build-stdout] d:\a\edk2\edk2\CryptoPkg\Library\OpensslLib\openssl\ssl\statem\statem_clnt.c(1895) : the following warning is treated as an error
WARNING - Compiler #4701 from [2024-07-15 13:43:34] [build-stdout] d:\a\edk2\edk2\CryptoPkg\Library\OpensslLib\openssl\ssl\statem\statem_clnt.c(1895) : potentially uninitialized local variable 'peer_rpk' used
WARNING - Compiler #4703 from [2024-07-15 13:43:34] [build-stdout] d:\a\edk2\edk2\CryptoPkg\Library\OpensslLib\openssl\ssl\statem\statem_clnt.c(1895) : potentially uninitialized local pointer variable 'peer_rpk' used
Explicitly initialize the peer_rpk variable to make the compiler happy.
Yes, it's a false positive, but you have to check the tls_process_rpk()
body in another source file to see that, which apparently is beyond the
compiler's capabilities.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24895)
show more ...
|
| 7e7c41df | 18-Jul-2024 |
Tomas Mraz |
Fix test_cms recipe
The number of tests was not bumped in 29bbe7d008
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merge
Fix test_cms recipe
The number of tests was not bumped in 29bbe7d008
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24926)
show more ...
|
| 7821b7b9 | 16-Jul-2024 |
Richard Levitte |
fix: util/check-format-commit.sh to handle one-line diff hunks
For multi-line hunks, 'git diff -U0' outputs a pair of START,COUNT
indicators to show where the hunk starts and ends. Howe
fix: util/check-format-commit.sh to handle one-line diff hunks
For multi-line hunks, 'git diff -U0' outputs a pair of START,COUNT
indicators to show where the hunk starts and ends. However, if the hunk is
just one line, only START is output, with the COUNT of 1 being implied.
Typically, this happens for copyright change hunks, like this:
--- a/crypto/evp/evp_err.c
+++ b/crypto/evp/evp_err.c
@@ -3 +3 @@
- * Copyright 1995-2023 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
This is normal unified diff output, and our script must adapt.
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24900)
show more ...
|
