- 26 5月, 2021 20 次提交
-
-
由 Tianjia Zhang 提交于
The SM2 key has a separate keymgmt, which is independent of the EC. The key generated by the subcommand ecparam is wrong. Using 'openssl ec -in sm2.key -noout -text' will also encounter some errors. When using the ecparam subcommand to generate the SM2 key, use the correct keymgmt to solve this problem. Signed-off-by: NTianjia Zhang <tianjia.zhang@linux.alibaba.com> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15454)
-
由 Richard Levitte 提交于
The way the links were parsed out of the contents caused a regexp recursion. The easiest way to deal with it is to find all markup using $markup_re, and then parsing out the L markups and add them to the links array. Fixes #15449 Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15450)
-
由 Richard Levitte 提交于
We add the concept of preparation recipes, which are performed unconditionally. They are all expected to match the pattern test/recipes/00-prep_*.t. We add one such preparation recipe, test/recipes/00-prep_fipsmodule_cnf.t, which helps us generate a test specific fipsmodule.cnf, to be used by all other tests. Fixes #15166 Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15436)
-
由 Richard Levitte 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15436)
-
由 Richard Levitte 提交于
For some types of targets, we pretty much know what kinds of files all the dependencies are. For some, however, we can't assume anything, and are faced with dependencies in platform agnostic form. We need to find those in diverse places in %unified_info, and deduce from there how they should be converted to a platform specific form. Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15436)
-
由 Richard Levitte 提交于
First of all, we have concluded that we can calculate the integrity checksum with a simple perl script. Second, having the production of providers/fipsmodule.cnf as a dependency for run_tests wasn't quite right. What we really want is to generate it as soon as a new providers/fips.so is produced. That required a small bit of fiddling with how diverse dependencies are made. Fixes #15166 Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15436)
-
由 Matt Caswell 提交于
Add a new executable that isn't caught by existing .gitignore rules Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15453)
-
由 Tomas Mraz 提交于
When nothing was decoded and there is no error on the stack report something. Fixes #15442 Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15441)
-
由 Tomas Mraz 提交于
Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15441)
-
由 Tomas Mraz 提交于
There could be an infinite loop if no read happened. Fixes #15426 Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15441)
-
由 Pauli 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NKurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/15428)
-
由 Pauli 提交于
Also cap the strengths for values under these two because the formula overestimates around them. The formula NIST gives doesn't match the table also presented in IG 7.5 Partial fix for #15421 Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NKurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/15428)
-
由 Shane Lontis 提交于
A pairwise test runs only in FIPS mode. An assumption about the size of the 'to' buffer passed to RSA_private_decrypt() was incorrect. It needs to be up to RSA_size() bytes long - so a fixed buffer of 256 bytes was not large enough. An exiting malloc has increased in size to allocate buffer space for both the encrypt and decrypt buffer. The existing test used 2080 bits which was not quite large enough to trigger the issue. A test using 3072 bits has been added. Reported by Mark Powers from Acumen. Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15447)
-
由 Tom Cosgrove 提交于
Pull in Todd Short's fix cfd7225fbb from 1.1.1, which moves the disabling of pic, threads and statics to before they are checked. Signed-off-by: NTom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15214)
-
由 Pauli 提交于
The new names are ossl_err_load_xxx_strings. Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15446)
-
由 Petr Gotthard 提交于
The test_pkcs5_pbe() function is required twice: once `if !defined OPENSSL_NO_RC4 && !defined OPENSSL_NO_MD5` and once `if !defined OPENSSL_NO_DES && !defined OPENSSL_NO_SHA1` Hence there should be `||` between those. Currently the build fails if the first condition is false, while the second is true. Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15432)
-
由 Jon Spillett 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/15276)
-
由 Jon Spillett 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/15276)
-
由 Benjamin Kaduk 提交于
Add a pass-through switch case for TLS13_AD_MISSING_EXTENSION in ssl3_alert_code() and tls1_alert_code(), so that the call to SSLfatal() in final_psk() will always actually generate an alert, even for non-TLS1.3 protocol versions. Fixes #15375 Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15412)
-
由 Dr. David von Oheimb 提交于
This file made it into the master branch by mistake. Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15438)
-
- 25 5月, 2021 16 次提交
-
-
由 Tomas Mraz 提交于
Fixes #15424 Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15437)
-
由 Dr. David von Oheimb 提交于
This also introduces app_keygen() and app_paramgen() and cleans up err reporting. Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12095)
-
由 Jan Lana 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15439)
-
由 Tomas Mraz 提交于
Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/15433)
-
由 Tomas Mraz 提交于
Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/15433)
-
由 Tomas Mraz 提交于
Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/15433)
-
由 Tomas Mraz 提交于
Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/15433)
-
由 Pauli 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15365)
-
由 Pauli 提交于
Fixes #15133 Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15365)
-
由 Richard Levitte 提交于
'openssl req' was still using old APIs that could only deal with EVP_PKEY_ASN1_METHOD based EVP_PKEYs. Now modified to use more generic functions that can handle all forms of EVP_PKEY, this app should be ready for the future. Fixes #15388 Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15400)
-
由 Pauli 提交于
Fixes #12342 Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15427)
-
由 Pauli 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15427)
-
由 Pauli 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15427)
-
由 Shane Lontis 提交于
Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15149)
-
由 Rich Salz 提交于
Add missing file/line args and call it engine_table_select Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15419)
-
由 Richard Levitte 提交于
This time noticed in OSSL_trace_set_channel.pod, and it turned out to be easy to mention the public functions affected instead. Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15422)
-
- 24 5月, 2021 4 次提交
-
-
由 Juergen Christ 提交于
Compiling under -Werror fails in gf_serialize: crypto/ec/curve448/f_generic.c:21:27: error: argument 1 of type 'uint8_t[56]' {aka 'unsigned char[56]'} with mismatched bound [-Werror=array-parameter=] 21 | void gf_serialize(uint8_t serial[SER_BYTES], const gf x, int with_hibit) | ~~~~~~~~^~~~~~~~~~~~~~~~~ In file included from crypto/ec/curve448/f_generic.c:12: crypto/ec/curve448/field.h:65:28: note: previously declared as 'uint8_t *' {aka 'unsigned char *'} void gf_serialize(uint8_t *serial, const gf x, int with_highbit); ~~~~~~~~~^~~~~~ Changed parameter to pointer to fix this warning. Signed-off-by: NJuergen Christ <jchrist@linux.ibm.com> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15376)
-
由 Richard Levitte 提交于
We have reports that some are using example.com in their /etc/hosts for testing purposes, so we can't necessarily assume that those will fail. We fix it by using "random" hosts in that domain. Fixes #15395 Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15398)
-
由 Florian Mickler 提交于
If index.txt exists but has some problems (like for example consisting of a single \n character or number of fields wrong in one of the lines) then openssl will just exit. This fixes it by printing an error when load_index returns null. Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15360)
-
由 Florian Mickler 提交于
If index.txt exists but has some problems (like for example consisting of a single \n character in it, or some field-number error in one of the lines) openssl will just exit without any error message. Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15360)
-