| 60d13c8f | 15-Jun-2021 |
Pauli |
remove end of line whitespace
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> |
| dfb0b8d6 | 14-Jun-2021 |
Pauli |
cms: free PKEY_CTX
Preventing a memory leak.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://gi
cms: free PKEY_CTX
Preventing a memory leak.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/15731)
show more ...
|
| 8dff167d | 13-Jun-2021 |
Pauli |
cms: fix coverity 1485981: unchecked return value
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github
cms: fix coverity 1485981: unchecked return value
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/15731)
show more ...
|
| a1fb5eb9 | 10-Jun-2021 |
Pauli |
apps: move global libctx and property query into their own file
The header has been split out so the functions should be as well.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Me
apps: move global libctx and property query into their own file
The header has been split out so the functions should be as well.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15687)
show more ...
|
| c696f4bf | 10-Jun-2021 |
Pauli |
speed: make sure to free any allocated EVP_MAC structures
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15687) |
| 09495e43 | 10-Jun-2021 |
Pauli |
pkcs12: use the app's libctx and property query when searching for algorithms
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15687) |
| 4d574312 | 10-Jun-2021 |
Pauli |
speed: use the app's libctx and property query when searching for algorithms
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15687) |
| f147fa3e | 10-Jun-2021 |
Pauli |
list: use the app's libctx and property query when searching for algorithms
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15687) |
| f64851c5 | 10-Jun-2021 |
Pauli |
kdf: use the app's libctx and property query when searching for algorithms
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15687) |
| c8dd887d | 10-Jun-2021 |
Pauli |
fipsinstall: use the app's libctx and property query when searching for algorithms
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15687) |
| 3334e039 | 10-Jun-2021 |
Pauli |
add libctx and property query to fetch functions
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15687) |
| 02288cbb | 10-Jun-2021 |
Pauli |
test: add SPKAC command test
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15687) |
| 81743ed9 | 10-Jun-2021 |
Pauli |
spkac: document -digest option
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15687) |
| e1a77f9c | 10-Jun-2021 |
Pauli |
spkac: allow digests other than MD5 to be used for signing
Fixes #15683
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15687) |
| 42e97dde | 14-Jun-2021 |
Shane Lontis |
Add missing NULL check in OSSL_DECODER_from_bio().
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openss
Add missing NULL check in OSSL_DECODER_from_bio().
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15733)
show more ...
|
| f7720869 | 11-Jun-2021 |
Matt Caswell |
Avoid excessive OSSL_DECODER_do_all_provided calls
OSSL_DECODER_CTX_add_extra was calling OSSL_DECODER_do_all_provided in a
loop which was resulting in a large number of calls. Since
Avoid excessive OSSL_DECODER_do_all_provided calls
OSSL_DECODER_CTX_add_extra was calling OSSL_DECODER_do_all_provided in a
loop which was resulting in a large number of calls. Since
OSSL_DECODER_do_all_provided is quite "heavy" this was causing performance
issues.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15716)
show more ...
|
| 8c7c1c84 | 08-Jun-2021 |
Matt Caswell |
Add a generic SubjectPublicKeyInfo decoder
Previously all the SubjectPublicKeyInfo decoders were specific to a key
type. We would iterate over all them until a match was found for the co
Add a generic SubjectPublicKeyInfo decoder
Previously all the SubjectPublicKeyInfo decoders were specific to a key
type. We would iterate over all them until a match was found for the correct
key type. Each one would fully decode the key before then testing whether
it was a match or not - throwing it away if not. This was very inefficient.
Instead we introduce a generic SubjectPublicKeyInfo decoder which figures
out what type of key is contained within it, before subsequently passing on
the data to a key type specific SubjectPublicKeyInfo decoder.
Fixes #15646
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15662)
show more ...
|
| 1c49be86 | 10-Jun-2021 |
Shane Lontis |
Fix DH/DHX named groups to not overwrite the private key length.
The only reason(s) the DH private key length should be set are:
(1) The user sets it during key generation via EVP_PKEY_C
Fix DH/DHX named groups to not overwrite the private key length.
The only reason(s) the DH private key length should be set are:
(1) The user sets it during key generation via EVP_PKEY_CTX_set_params
using OSSL_PKEY_PARAM_DH_PRIV_LEN.
(2) When loading a PKCS3 (DH) key the optional value
'privateValueLength' is set.
Now that the named groups contain a value for 'q' there is no reason to
automatically overwrite the private key length.
Issue detected by @davidmakepeace
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15695)
show more ...
|
| 243af566 | 11-Jun-2021 |
Tomas Mraz |
When linking to static libssl always link to static libcrypto
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://githu
When linking to static libssl always link to static libcrypto
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15714)
show more ...
|
| eaa39eb6 | 11-Jun-2021 |
Tomas Mraz |
Do not duplicate symbols between libcrypto and libssl in static builds
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from http
Do not duplicate symbols between libcrypto and libssl in static builds
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15714)
show more ...
|
| cdf2986a | 07-Jun-2021 |
Tomas Mraz |
Add -latomic only for architectures where needed
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15640) |
| d049485c | 10-Jun-2021 |
Tomas Mraz |
Avoid duplicating prov_running.o in libdefault and libcrypto
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github
Avoid duplicating prov_running.o in libdefault and libcrypto
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15704)
show more ...
|
| e2217b44 | 11-Jun-2021 |
Richard Levitte |
APPS: Remove an unreachable statement in s_client.c
A Solaris compiler complains:
"apps/s_client.c", line 2994: statement not reached
It takes a bit of scrutiny to see
APPS: Remove an unreachable statement in s_client.c
A Solaris compiler complains:
"apps/s_client.c", line 2994: statement not reached
It takes a bit of scrutiny to see that this is true, on all platforms.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15719)
show more ...
|
| 0051746e | 09-Jan-2020 |
Bernd Edlinger |
Add AES consttime code for no-asm configurations
This adds optional constant time support for AES
when building openssl for no-asm.
Enable with: ./config no-asm -DOPENSSL_AES_CO
Add AES consttime code for no-asm configurations
This adds optional constant time support for AES
when building openssl for no-asm.
Enable with: ./config no-asm -DOPENSSL_AES_CONST_TIME
Disable with: ./config no-asm -DOPENSSL_NO_AES_CONST_TIME
This is by default enabled.
[extended tests]
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10828)
show more ...
|
| 3614d94d | 11-Jun-2021 |
Pauli |
ci: run the on pull request CIs on push to master
This will help catch problems caused by merging.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/op
ci: run the on pull request CIs on push to master
This will help catch problems caused by merging.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15711)
show more ...
|
