| d65ab22e | 21-Sep-2020 |
Shane Lontis |
Fix CID 1466714 : Null pointer dereference in EVP_PKEY_CTX_ctrl() due to new call to evp_pkey_ctx_store_cached_data()
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https
Fix CID 1466714 : Null pointer dereference in EVP_PKEY_CTX_ctrl() due to new call to evp_pkey_ctx_store_cached_data()
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12930)
show more ...
|
| 78ef5717 | 21-Sep-2020 |
Shane Lontis |
Fix CID 1467068 : Null pointer dereference in self_test.c
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12930) |
| 2e9ab56e | 22-Sep-2020 |
Pauli |
rand: add a test case for configuration based random
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12931) |
| 2ff4e15d | 21-Sep-2020 |
Pauli |
list: add capability to print details about the current DRBGs
This allows a user to confirm that the DRBG their configuration specified is
being used.
Reviewed-by: Matt Caswell
list: add capability to print details about the current DRBGs
This allows a user to confirm that the DRBG their configuration specified is
being used.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12931)
show more ...
|
| 0ed26fb6 | 21-Sep-2020 |
Pauli |
drbg: gettable parameters for cipher/digest/mac type.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12931) |
| c9452d74 | 21-Sep-2020 |
Pauli |
kdf/mac: add name query calls for KDFs and MACs
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12931) |
| d8e52fd0 | 21-Sep-2020 |
Pauli |
evp_rand: fix bug in gettable_ctx/settable_ctx calls
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12931) |
| 44d2482b | 21-Sep-2020 |
Pauli |
Add a "random" configuration section.
This permits the default trio of DRBGs to have their type and parameters set
using configuration.
Reviewed-by: Matt Caswell <matt@openssl.o
Add a "random" configuration section.
This permits the default trio of DRBGs to have their type and parameters set
using configuration.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12931)
show more ...
|
| 11b93a1c | 21-Sep-2020 |
Daniel Bevenius |
DOC: remove OPENSSL_CTX from OSSL_DECODER_CTX_new
This commit changes the man page for OSSL_DECODER_CTX_new by removing
the OPENSSL_CTX parameter which matches the declaration in decoder
DOC: remove OPENSSL_CTX from OSSL_DECODER_CTX_new
This commit changes the man page for OSSL_DECODER_CTX_new by removing
the OPENSSL_CTX parameter which matches the declaration in decoder.h.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12935)
show more ...
|
| 4640cd00 | 16-Sep-2020 |
Pauli |
rand: reference count the EVP_RAND contexts.
This is required before the RAND/DRBG framework can be made user mutable.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged
rand: reference count the EVP_RAND contexts.
This is required before the RAND/DRBG framework can be made user mutable.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12904)
show more ...
|
| 8e3a64fd | 18-Sep-2020 |
Paul Yang |
Add auto-gen SM2 der files into .gitignore
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/ope
Add auto-gen SM2 der files into .gitignore
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12536)
show more ...
|
| e9aa4a16 | 14-Sep-2020 |
Paul Yang |
refactor get params functions
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/125
refactor get params functions
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12536)
show more ...
|
| 1d03db90 | 13-Sep-2020 |
Paul Yang |
support PARAM_SECURITY_BITS for SM2
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pu
support PARAM_SECURITY_BITS for SM2
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12536)
show more ...
|
| b3d267ca | 13-Sep-2020 |
Paul Yang |
Address review comments
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12536) |
| d0b79f86 | 04-Mar-2020 |
Paul Yang |
Add SM2 signature algorithm to default provider
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openss
Add SM2 signature algorithm to default provider
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12536)
show more ...
|
| 7ee511d0 | 26-Jul-2020 |
Paul Yang |
Add SM2 key management
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12536) |
| 6b1428ac | 20-Sep-2020 |
Randall S. Becker |
Added FIPS DEP initialization for the NonStop platform in fips/self_test.c.
CLA: Permission is granted by the author to the OpenSSL team to use these modifications.
Fixes #12918
Added FIPS DEP initialization for the NonStop platform in fips/self_test.c.
CLA: Permission is granted by the author to the OpenSSL team to use these modifications.
Fixes #12918
Signed-off-by: Randall S. Becker <rsbecker@nexbridge.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12928)
show more ...
|
| 434343f8 | 19-Jun-2020 |
olszomal |
Add const to 'ppin' function parameter
CLA: trivial
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matt Caswell <matt@openssl.org>
GH: #12205 |
| 6600baa9 | 19-Sep-2020 |
Richard Levitte |
DOC: POD syntax fixes in doc/man1/openssl-cmp.pod.in
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12924) |
| 36871717 | 10-Jul-2020 |
Norman Ashley |
Support keys with RSA_METHOD_FLAG_NO_CHECK with OCSP sign
OCSP_basic_sign_ctx() in ocsp_srv.c , does not check for RSA_METHOD_FLAG_NO_CHECK.
If a key has RSA_METHOD_FLAG_NO_CHECK set, OC
Support keys with RSA_METHOD_FLAG_NO_CHECK with OCSP sign
OCSP_basic_sign_ctx() in ocsp_srv.c , does not check for RSA_METHOD_FLAG_NO_CHECK.
If a key has RSA_METHOD_FLAG_NO_CHECK set, OCSP sign operations can fail
because the X509_check_private_key() can fail.
The check for the RSA_METHOD_FLAG_NO_CHECK was moved to crypto/rsa/rsa_ameth.c
as a common place to check. Checks in ssl_rsa.c were removed.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12419)
(cherry picked from commit 56e8fe0b4efbf582e40ae91319727c9d176c5e1e)
show more ...
|
| 9c13b49a | 02-Sep-2020 |
Eric Curtin |
Increase PSK_MAX_IDENTITY_LEN from 128 to 256
We are considering using the format "host-nqn controller-nqn" for
psk-id in the NVMe-oF/TCP over TLS spec, it's in the current version,
Increase PSK_MAX_IDENTITY_LEN from 128 to 256
We are considering using the format "host-nqn controller-nqn" for
psk-id in the NVMe-oF/TCP over TLS spec, it's in the current version,
but openssl's limit was 128 upto now, we need a little longer than that.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12771)
show more ...
|
| 639bb581 | 18-Sep-2020 |
Tomas Mraz |
apps/ocsp: Return non zero exit code with invalid certID
Fixes #7151
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/1291
apps/ocsp: Return non zero exit code with invalid certID
Fixes #7151
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12916)
show more ...
|
| e57bbf9e | 31-Aug-2020 |
Rutger Hendriks |
Increase PSK_MAX_PSK_LEN to 512
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12
Increase PSK_MAX_PSK_LEN to 512
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/12777)
show more ...
|
| 627ddf7b | 18-Sep-2020 |
Tomas Mraz |
Correct certificate and key names for explicit ec param test
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/12915) |
| d5b170a2 | 13-Jul-2020 |
ozppupbg <43532395+ozppupbg@users.noreply.github.com> |
Fixed EVP_MAC_final argument count in example
EVP_MAC_final had only three arguments / the buffer/tag size was missing.
Fixes #12424
Note, that I didn't try to compile the examp
Fixed EVP_MAC_final argument count in example
EVP_MAC_final had only three arguments / the buffer/tag size was missing.
Fixes #12424
Note, that I didn't try to compile the example to look for other problems.
Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12429)
show more ...
|
