| 93c87f74 | 10-Nov-2020 |
Pauli |
rsa_test: add return value check
Fixes #13361
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13362) |
| d8701e25 | 03-Nov-2020 |
Tomas Mraz |
Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
Also check for malloc failure and do not add '/' when
$OPENSSL_CONF_INCLUDE already ends with directory separator.
Do not prepend $OPENSSL_CONF_INCLUDE to absolute include paths
Also check for malloc failure and do not add '/' when
$OPENSSL_CONF_INCLUDE already ends with directory separator.
Fixes #13302
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13306)
show more ...
|
| 368d9e03 | 03-Nov-2020 |
Tomas Mraz |
Add ossl_is_absolute_path function to detect absolute paths
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13306) |
| 69d16b70 | 03-Nov-2020 |
Tomas Mraz |
Avoid duplicate ends_with_dirsep functions
Refactor them into inline ossl_ends_with_dirsep function in
internal/cryptlib.h.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Mer
Avoid duplicate ends_with_dirsep functions
Refactor them into inline ossl_ends_with_dirsep function in
internal/cryptlib.h.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13306)
show more ...
|
| 122e81f0 | 17-Oct-2020 |
Richard Levitte |
test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
The FIPS provider module doesn't have any encoders, the base provider
is needed for that.
Reviewed-by: Paul Dale <paul.d
test/recipes/30-test_evp_libctx.t: use fips-and-base.cnf
The FIPS provider module doesn't have any encoders, the base provider
is needed for that.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13167)
show more ...
|
| f49d4860 | 17-Oct-2020 |
Richard Levitte |
test/evp_libctx_test.c: use OSSL_ENCODER instead of i2d_PublicKey()
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13167) |
| 973a52ce | 17-Oct-2020 |
Richard Levitte |
test/endecode_test.c: Update to specify output structures
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13167) |
| 4227e504 | 17-Oct-2020 |
Richard Levitte |
Adapt libcrypto functionality to specify the desired output structure
This also modifies i2d_PublicKey() and i2d_KeyParams() to support
provided keys.
Reviewed-by: Paul Dale <pa
Adapt libcrypto functionality to specify the desired output structure
This also modifies i2d_PublicKey() and i2d_KeyParams() to support
provided keys.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13167)
show more ...
|
| c319b627 | 17-Oct-2020 |
Richard Levitte |
PROV: Re-implement all the keypair encoders
The base functionality to implement the keypair encoders doesn't
change much, but this results in a more massive amount of
OSSL_DISPATCH a
PROV: Re-implement all the keypair encoders
The base functionality to implement the keypair encoders doesn't
change much, but this results in a more massive amount of
OSSL_DISPATCH and OSSL_ALGORITHM arrays, to support a fine grained
selection of implementation based on what parts of the keypair
structure (combinations of key parameters, public key and private key)
should be output, the output type ("TEXT", "DER" or "PEM") and the
outermost output structure ("pkcs8", "SubjectPublicKeyInfo", key
type specific structures, ...).
We add support for the generic structure name "type-specific", to
allow selecting that without knowing the exact name of that structure.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13167)
show more ...
|
| 0b9f90f5 | 28-Oct-2020 |
Richard Levitte |
ENCODER: Add tracing
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13167) |
| b9a2afdf | 17-Oct-2020 |
Richard Levitte |
ENCODER: Add output structure support for EVP_PKEY encoding
OSSL_ENCODER_CTX_new_by_EVP_PKEY() takes one more argument to express
the desired outermost structure for the output.
ENCODER: Add output structure support for EVP_PKEY encoding
OSSL_ENCODER_CTX_new_by_EVP_PKEY() takes one more argument to express
the desired outermost structure for the output.
This also adds OSSL_ENCODER_CTX_prune_encoders(), which is used to
reduce the stack of encoders found according to criteria formed from
the combination of desired selection, output type and output
structure.
squash! ENCODER: Add output structure support for EVP_PKEY encoding
Replace the paragraph talking about OSSL_ENCODER_CTX_prune_encoders() with:
The encoding processor encoder_process() is enhanced with better
analysis of the stack of encoder implementations. To avoid having to
keep an on the side array of information, it uses recursion.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13167)
show more ...
|
| cd861ab7 | 17-Oct-2020 |
Richard Levitte |
ENCODER: Add support for OSSL_FUNC_encoder_does_selection()
OSSL_FUNC_encoder_does_selection() is a dispatchable encoder implementation
function that should return 1 if the given |select
ENCODER: Add support for OSSL_FUNC_encoder_does_selection()
OSSL_FUNC_encoder_does_selection() is a dispatchable encoder implementation
function that should return 1 if the given |selection| is supported by an
encoder implementation and 0 if not. This can be used by libcrypto
functionality to figure out if an encoder implementation should be
considered or not.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13167)
show more ...
|
| 8a98a507 | 17-Oct-2020 |
Richard Levitte |
ENCODER: Add support for specifying the outermost output structure
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13167) |
| 45da4a0f | 17-Oct-2020 |
Richard Levitte |
CORE: Add support for specifying the outermost object structure
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13167) |
| 6debc6ab | 04-Nov-2020 |
Richard Levitte |
Convert all {NAME}err() in providers/ to their corresponding ERR_raise() call
This was done using util/err-to-raise
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from ht
Convert all {NAME}err() in providers/ to their corresponding ERR_raise() call
This was done using util/err-to-raise
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13319)
show more ...
|
| c48ffbcc | 04-Nov-2020 |
Richard Levitte |
SSL: refactor all SSLfatal() calls
Since SSLfatal() doesn't take a function code any more, we drop that
argument everywhere. Also, we convert all combinations of SSLfatal()
and ERR_
SSL: refactor all SSLfatal() calls
Since SSLfatal() doesn't take a function code any more, we drop that
argument everywhere. Also, we convert all combinations of SSLfatal()
and ERR_add_data() to an SSLfatal_data() call.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13316)
show more ...
|
| e92519b5 | 04-Nov-2020 |
Richard Levitte |
SSL: refactor ossl_statem_fatal() and SSLfatal()
ossl_statem_fatal() is refactored to be an extended ERR_set_error(),
and SSLfatal() is refactored to work like ERR_raise(). We also add
SSL: refactor ossl_statem_fatal() and SSLfatal()
ossl_statem_fatal() is refactored to be an extended ERR_set_error(),
and SSLfatal() is refactored to work like ERR_raise(). We also add
SSLfatal_data() to work like ERR_raise_data().
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13316)
show more ...
|
| 6849b73c | 04-Nov-2020 |
Richard Levitte |
Convert all {NAME}err() in ssl/ to their corresponding ERR_raise() call
This was done using util/err-to-raise
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://
Convert all {NAME}err() in ssl/ to their corresponding ERR_raise() call
This was done using util/err-to-raise
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13316)
show more ...
|
| 9787b5b8 | 28-Oct-2020 |
Richard Levitte |
OSSL_STORE: Make sure the called OSSL_DECODER knows what to expect
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13248) |
| 8d8fee64 | 28-Oct-2020 |
Richard Levitte |
PEM: Have pem_read_bio_key() set the OSSL_STORE expected type
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13248) |
| 35426b2f | 28-Oct-2020 |
Richard Levitte |
Restore the legacy implementation of PEM_read_bio_DHparams()
It was an overstep to have it got through OSSL_STORE just to extract a
DH pointer from the resulting EVP_PKEY.
This
Restore the legacy implementation of PEM_read_bio_DHparams()
It was an overstep to have it got through OSSL_STORE just to extract a
DH pointer from the resulting EVP_PKEY.
This partially reverts 1427d33cee59d6fe54efe1b5a322a1d7c8c03c20
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13248)
show more ...
|
| a5cc6616 | 26-Oct-2020 |
Richard Levitte |
TEST: Adapt test/endecoder_test.c
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13248) |
| eb2f1b81 | 26-Oct-2020 |
Richard Levitte |
DH: Move the code to set the DH sub-type
It's been moved so the type is set by d2i_DHparams() and d2i_DHxparams()
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged fro
DH: Move the code to set the DH sub-type
It's been moved so the type is set by d2i_DHparams() and d2i_DHxparams()
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13248)
show more ...
|
| 4f2abe43 | 26-Oct-2020 |
Richard Levitte |
Adapt libcrypto functionality to specify the desired input structure
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13248) |
| 2c090c1d | 26-Oct-2020 |
Richard Levitte |
PROV: Re-implement all the keypair decoders
The base functionality to implement the keypair decoders doesn't
change much, but this results in a more massive amount of
OSSL_DISPATCH a
PROV: Re-implement all the keypair decoders
The base functionality to implement the keypair decoders doesn't
change much, but this results in a more massive amount of
OSSL_DISPATCH and OSSL_ALGORITHM arrays, to support a fine grained
selection of implementation based on what parts of the keypair
structure (combinations of key parameters, public key and private key)
should be expected as input, the input type ("DER", "PEM", ...) and the
outermost input structure ("pkcs8", "SubjectPublicKeyInfo", key
type specific structures, ...).
We add support for the generic structure name "type-specific", to
allow selecting that without knowing the exact name of that structure.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13248)
show more ...
|
