| 48b05bb6 | 19-Mar-2021 |
Pauli |
evp: fix coverity 1451510: argument cannot be negative
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14620) |
| 1002bb9f | 19-Mar-2021 |
Pauli |
evp: fix coverity 1472682: argument cannot be negative
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14620) |
| 89f7ea04 | 19-Mar-2021 |
Pauli |
test: fix coverity 1473234 & 1473239: argument cannot be negative
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14620) |
| 41385f27 | 06-Apr-2021 |
Richard Levitte |
test/recipes/02-test_errstr.t: Do not test negative system error codes
It's been deemed unlikely that these will end up in OpenSSL error
records, so we simply don't test them if they hap
test/recipes/02-test_errstr.t: Do not test negative system error codes
It's been deemed unlikely that these will end up in OpenSSL error
records, so we simply don't test them if they happen to be among the
error codes that perl has support for.
Fixes #14763
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14779)
show more ...
|
| 014498ff | 04-Apr-2021 |
Pauli |
test: fix coverity 1475940: negative return
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14769) |
| 97ef45ea | 04-Apr-2021 |
Pauli |
test: fix coverity 1475941: resource leak
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14769) |
| ccf19c23 | 06-Apr-2021 |
Pauli |
Disallow ASN.1 enumerated types to be treated as strings.
They are actually integers.
Problem reported by: Scott McPeak <scott.g.mcpeak@gmail.com>
Reviewed-by: Tomas Mraz <
Disallow ASN.1 enumerated types to be treated as strings.
They are actually integers.
Problem reported by: Scott McPeak <scott.g.mcpeak@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14774)
show more ...
|
| 44e82b81 | 06-Apr-2021 |
Pauli |
Remove locking in CRYPTO_secure_allocated()
The check for being in secure memory is against the arena. The arena is only
ever modified by sh_init() and sh_done() and in both cases, it i
Remove locking in CRYPTO_secure_allocated()
The check for being in secure memory is against the arena. The arena is only
ever modified by sh_init() and sh_done() and in both cases, it is done without
locking. Thus, it is safe for the CRYPTO_secure_allocated() to not lock.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14775)
show more ...
|
| 0bc27f72 | 06-Apr-2021 |
Pauli |
Make the lock in CRYPTO_secure_allocated() a read lock
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14775) |
| bec92891 | 02-Apr-2021 |
Fangming.Fang |
Fix AES-CBC perf test failure issue
As ossl_cipher_generic dosen't support to set key length, and
"openssl speed aes-(128|192|256)-cbc" tests fail. A small fix by
adding OSSL_CIPHER_
Fix AES-CBC perf test failure issue
As ossl_cipher_generic dosen't support to set key length, and
"openssl speed aes-(128|192|256)-cbc" tests fail. A small fix by
adding OSSL_CIPHER_PARAM_KEYLEN params.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14777)
show more ...
|
| 30573117 | 06-Apr-2021 |
Nan Xiao |
Fix typo in store_meth.c
CLA: trivial
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/o
Fix typo in store_meth.c
CLA: trivial
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14776)
show more ...
|
| 1ac64327 | 30-Mar-2021 |
Nan Xiao |
Remove unnecessary setting SSL_MODE_AUTO_RETRY
Since SSL_MODE_AUTO_RETRY is enabled by default, no need to set
it explicitly.
Reviewed-by: Matt Caswell <matt@openssl.org>
Re
Remove unnecessary setting SSL_MODE_AUTO_RETRY
Since SSL_MODE_AUTO_RETRY is enabled by default, no need to set
it explicitly.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14742)
show more ...
|
| 86522324 | 22-Mar-2021 |
Sahana Prasad |
Adds a new lock to read default_path and uses a strdup() on default_path before using it
Fixes #14483
Signed-off-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Tomas Mraz <tomas@
Adds a new lock to read default_path and uses a strdup() on default_path before using it
Fixes #14483
Signed-off-by: Sahana Prasad <sahana@redhat.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14650)
show more ...
|
| 581c4b1d | 04-Apr-2021 |
Pauli |
Ensure that the negative flag is correct set for ASN1 integer types.
Reported by: Scott McPeak <scott.g.mcpeak@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged fro
Ensure that the negative flag is correct set for ASN1 integer types.
Reported by: Scott McPeak <scott.g.mcpeak@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14768)
show more ...
|
| 08066980 | 04-Apr-2021 |
Pauli |
Check for integer overflow in i2a_ASN1_OBJECT and error out if found.
Problem reported by Scott McPeak <scott.g.mcpeak@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Me
Check for integer overflow in i2a_ASN1_OBJECT and error out if found.
Problem reported by Scott McPeak <scott.g.mcpeak@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14768)
show more ...
|
| 493e7898 | 01-Apr-2021 |
Nan Xiao |
Fix potential double free in sslapitest.c
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/
Fix potential double free in sslapitest.c
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14758)
show more ...
|
| 0cfbc828 | 01-Apr-2021 |
Tomas Mraz |
Deprecate the EVP_PKEY controls for CMS and PKCS#7
Improve the ossl_rsa_check_key() to prevent non-signature
operations with PSS keys.
Do not invoke the EVP_PKEY controls for CM
Deprecate the EVP_PKEY controls for CMS and PKCS#7
Improve the ossl_rsa_check_key() to prevent non-signature
operations with PSS keys.
Do not invoke the EVP_PKEY controls for CMS and PKCS#7 anymore
as they are not needed anymore and deprecate them.
Fixes #14276
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/14760)
show more ...
|
| 5ad3e6c5 | 15-Apr-2020 |
Richard Levitte |
Include BN assembler alongside CPUID code
It turns out that some CPUID code requires the presence of some BN
assembler code, so we make sure it's included in the same manner as
the C
Include BN assembler alongside CPUID code
It turns out that some CPUID code requires the presence of some BN
assembler code, so we make sure it's included in the same manner as
the CPUID code itself.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14755)
show more ...
|
| ef83daf4 | 11-Mar-2020 |
Richard Levitte |
Refactor CPUID code
We were using CPUID coded in several modules, but it was unclear how
it actually got there, and could fail randomly.
To remedy that, this change separates th
Refactor CPUID code
We were using CPUID coded in several modules, but it was unclear how
it actually got there, and could fail randomly.
To remedy that, this change separates the CPUID C code from the rest
of cryptlib.c, and ensures the right modules get both that and the
assembler sources explicitly.
Fixes #11281
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14755)
show more ...
|
| baf02793 | 16-Mar-2021 |
Richard Levitte |
APPS: Replace the use of OBJ_nid2ln() with name or description calls
With new provided algorithms added, we'd rather rely on the names and
descriptions that we get from the providers.
APPS: Replace the use of OBJ_nid2ln() with name or description calls
With new provided algorithms added, we'd rather rely on the names and
descriptions that we get from the providers.
Specifically with the 'openssl list' command, we now display the
description of all algorithms. For '-public-key-algorithms', we
additionally print key type information a bit more like we do for
legacy methods.
We also add descriptions to all our keymgmt functions, because the
built in EVP_PKEY_ASN1_METHODs had them.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14656)
show more ...
|
| 03888233 | 16-Mar-2021 |
Richard Levitte |
EVP: Add EVP_<TYPE>_description()
The following operation types are covered:
EVP_MD, EVP_CIPHER, EVP_MAC, EVP_RAND, EVP_KEYMGMT, EVP_SIGNATURE,
EVP_ASYM_CIPHER, EVP_KEM, EVP_KEY
EVP: Add EVP_<TYPE>_description()
The following operation types are covered:
EVP_MD, EVP_CIPHER, EVP_MAC, EVP_RAND, EVP_KEYMGMT, EVP_SIGNATURE,
EVP_ASYM_CIPHER, EVP_KEM, EVP_KEYEXCH, EVP_KDF. Also EVP_PKEY.
For EVP_MD and EVP_CIPHER, OBJ_nid2ln() is used as a fallback for
legacy implementations.
For EVP_PKEY, the info field of the EVP_PKEY_ASN1_METHOD is used as a
fallback for legacy implementations.
Fixes #14514
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14656)
show more ...
|
| b638dad9 | 16-Mar-2021 |
Richard Levitte |
Add OSSL_STORE_LOADER_description()
Fixes #14514
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14656) |
| 1010884e | 16-Mar-2021 |
Richard Levitte |
Add OSSL_DECODER_description() and OSSL_ENCODER_description()
Fixes #14514
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14656) |
| 309a78aa | 16-Mar-2021 |
Richard Levitte |
CORE: Add an algorithm_description field to OSSL_ALGORITHM
This corresponds to the |info| field in EVP_PKEY_ASN1_METHOD, as well
as the generic use of OBJ_nid2ln() as a one line descript
CORE: Add an algorithm_description field to OSSL_ALGORITHM
This corresponds to the |info| field in EVP_PKEY_ASN1_METHOD, as well
as the generic use of OBJ_nid2ln() as a one line description.
We also add the base functionality to make use of this field.
Fixes #14514
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14656)
show more ...
|
| 650c6687 | 26-Mar-2021 |
Randall S. Becker |
Corrected missing definitions from NonStop SPT build.
This change includes swapping the PUT and SPT configuration,
includes of sys/stat.h and sys/types.h in the correct scope
to be p
Corrected missing definitions from NonStop SPT build.
This change includes swapping the PUT and SPT configuration,
includes of sys/stat.h and sys/types.h in the correct scope
to be picked up by SPT definitions.
Fixes: #14698
Fixes: #14734
CLA: The author has the permission to grant the OpenSSL Team the right to use this change.
Signed-off-by: Randall S. Becker <rsbecker@nexbridge.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14736)
show more ...
|
