- 15 4月, 2020 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11494)
-
- 11 4月, 2020 2 次提交
-
-
由 Richard Levitte 提交于
util/other-internal.syms is like util/other.syms, but for internal symbols. Likewise, util/missingcrypto-internal.txt and util/missingssl-internal.txt are like util/missingcrypto.txt and util/missingssl.txt Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11476)
-
由 Jake Maynard 提交于
Fixes #10263 Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10301)
-
- 08 4月, 2020 1 次提交
-
-
由 Richard Levitte 提交于
libssl code uses EVP_PKEY_get0_EC_KEY() to extract certain basic data from the EC_KEY. We replace that with internal EVP_PKEY functions. This may or may not be refactored later on. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11358)
-
- 07 4月, 2020 1 次提交
-
-
由 Richard Levitte 提交于
This library is meant to be small and quick. It's based on WPACKET, which was extended to support DER writing. The way it's used is a bit unusual, as it's used to write the structures backward into a given buffer. A typical quick call looks like this: /* * Fill in this structure: * * something ::= SEQUENCE { * id OBJECT IDENTIFIER, * x [0] INTEGER OPTIONAL, * y [1] BOOLEAN OPTIONAL, * n INTEGER * } */ unsigned char buf[nnnn], *p = NULL; size_t encoded_len = 0; WPACKET pkt; int ok; ok = WPACKET_init_der(&pkt, buf, sizeof(buf) && DER_w_start_sequence(&pkt, -1) && DER_w_bn(&pkt, -1, bn) && DER_w_boolean(&pkt, 1, bool) && DER_w_precompiled(&pkt, -1, OID, sizeof(OID)) && DER_w_end_sequence(&pkt, -1) && WPACKET_finish(&pkt) && WPACKET_get_total_written(&pkt, &encoded_len) && (p = WPACKET_get_curr(&pkt)) != NULL; Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11450)
-
- 03 4月, 2020 1 次提交
-
-
由 Dr. David von Oheimb 提交于
Also improve the generic HTTP client w.r.t. proxy and no_proxy options. Certificate Management Protocol (CMP, RFC 4210) extension to OpenSSL Also includes CRMF (RFC 4211) and HTTP transfer (RFC 6712). Adds the CMP and CRMF API to libcrypto and the "cmp" app to the CLI. Adds extensive documentation and tests. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NDavid von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/11404)
-
- 27 3月, 2020 1 次提交
-
-
由 Matt Caswell 提交于
This includes the newly added *_ex() variants that take a libctx/property query string. Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11410)
-
- 26 3月, 2020 1 次提交
-
-
由 Richard Levitte 提交于
This function intialises an EVP_PKEY to contain a provider side internal key. We take the opportunity to also document the older EVP_PKEY_set_type() and EVP_PKEY_set_type_str(). Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11375)
-
- 25 3月, 2020 1 次提交
-
-
由 Dr. David von Oheimb 提交于
Certificate Management Protocol (CMP, RFC 4210) extension to OpenSSL Also includes CRMF (RFC 4211) and HTTP transfer (RFC 6712). Adds the CMP and CRMF API to libcrypto and the "cmp" app to the CLI. Adds extensive documentation and tests. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NDavid von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/11300)
-
- 20 3月, 2020 1 次提交
-
-
由 Shane Lontis 提交于
The self tests for the fips module are triggered on startup and they need to know the core's libctx in order to function correctly. As the provider can be autoloaded via configuration it then needs to propagate the callers libctx down to the provider via the config load. Note that OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, ..) is still called, but will only load the default configuration if the OPENSSL_CONF environment variable is set. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11240)
-
- 10 3月, 2020 1 次提交
-
-
由 Richard Levitte 提交于
These lines will be taken away as documentation moves from diverse provider operation interface manuals to implementation specific docs. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11270)
-
- 03 3月, 2020 1 次提交
-
-
由 Dmitry Belyavskiy 提交于
Documented CMS-related API functions. Documented flags added to openssl-cms command Reviewed-by: NShane Lontis <shane.lontis@oracle.com> Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10904)
-
- 28 2月, 2020 1 次提交
-
-
由 Nikolay Morozov 提交于
Subject Sign Tool (1.2.643.100.111) The name of the tool used to signs the subject (UTF8String) This extention is required to obtain the status of a qualified certificate at Russian Federation. RFC-style description is available here: https://tools.ietf.org/html/draft-deremin-rfc4491-bis-04#section-5 Russian Federal Law 63 "Digital Sign" is available here: http://www.consultant.ru/document/cons_doc_LAW_112701/Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/11093)
-
- 18 2月, 2020 1 次提交
-
-
由 Richard Levitte 提交于
Most of all, the base X509_LOOKUP functionality is now documented. Furthermore, the names X509_LOOKUP_METHOD and X509_STORE are added for reference. Some functions were moved from X509_LOOKUP_meth_new.pod Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/10986)
-
- 17 2月, 2020 1 次提交
-
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/10620)
-
- 10 2月, 2020 1 次提交
-
-
由 Dr. David von Oheimb 提交于
The new client has become an independent libcrpyto module in crypto/http/ and * can handle any types of requests and responses (ASN.1-encoded and plain) * does not include potentially busy loops when waiting for responses but * makes use of a new timeout mechanism integrated with socket-based BIO * supports the use of HTTP proxies and TLS, including HTTPS over proxies * supports HTTP redirection via codes 301 and 302 for GET requests * returns more useful diagnostics in various error situations Also adapts - and strongly simplifies - hitherto uses of HTTP in crypto/ocsp/, crypto/x509/x_all.c, apps/lib/apps.c, and apps/{ocsp,s_client,s_server}.c Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NDavid von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/10667)
-
- 07 2月, 2020 2 次提交
-
-
由 Matt Caswell 提交于
PR #10942 introduced the new function ASN1_item_verify_ctx(), but did not document it with the promise that documentation would follow soon. We temporarily add this function to missingcrypto.txt until it has been done. Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10980)
-
由 Matt Caswell 提交于
When we run "make doc-nits" (which happens during travis runs) it will complain if we add any new symbols that aren't documented. However it was suppressing anything starting with ASN1. There's no reason why we should allow ASN1 symbols to go undocumented any more than any others. Therefore we remove that exception. Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10980)
-
- 24 1月, 2020 1 次提交
-
-
由 Dmitry Belyavskiy 提交于
Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10900)
-
- 23 1月, 2020 2 次提交
-
-
由 Shane Lontis 提交于
make doc-nits was failing due to a merge error on master in missingcrypto.txt. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10932)
-
由 Rich Salz 提交于
Replace "=for openssl foreign manuals" with simpler syntax, it looks like the "=for openssl ifdef" construct. Fix some broken L<> links; add some missing foreign references and fixed some typo's. The WARNINGS in dhparam referred to non-existant commands so reword it. Fixes #10109 Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10256)
-
- 17 1月, 2020 1 次提交
-
-
由 Richard Levitte 提交于
We change the description to be about the key rather than the signature. How the key size is related to the signature is explained in the description of EVP_SignFinal() anyway. Reviewed-by: NNicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/10778)
-
- 16 1月, 2020 1 次提交
-
-
由 Paul Yang 提交于
This addition is based on PR #9472. Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/9838)
-
- 26 12月, 2019 1 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10683)
-
- 22 12月, 2019 1 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10621)
-
- 12 12月, 2019 1 次提交
-
-
由 Rich Salz 提交于
Fixes #9300 Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10523)
-
- 30 11月, 2019 1 次提交
-
-
由 Richard Levitte 提交于
The following public functions is added: - OSSL_SERIALIZER_CTX_new_by_EVP_PKEY() - OSSL_SERIALIZER_CTX_set_cipher() - OSSL_SERIALIZER_CTX_set_passphrase() - OSSL_SERIALIZER_CTX_set_passphrase_cb() - OSSL_SERIALIZER_CTX_set_passphrase_ui() OSSL_SERIALIZER_CTX_new_by_EVP_PKEY() selects a suitable serializer for the given EVP_PKEY, and sets up the OSSL_SERIALIZER_CTX to function together with OSSL_SERIALIZER_to_bio() and OSSL_SERIALIZER_to_fp(). OSSL_SERIALIZER_CTX_set_cipher() indicates what cipher should be used to produce an encrypted serialization of the EVP_PKEY. This is passed directly to the provider using OSSL_SERIALIZER_CTX_set_params(). OSSL_SERIALIZER_CTX_set_passphrase() can be used to set a pass phrase to be used for the encryption. This is passed directly to the provider using OSSL_SERIALIZER_CTX_set_params(). OSSL_SERIALIZER_CTX_set_passphrase_cb() and OSSL_SERIALIZER_CTX_set_passphrase_ui() sets up a callback to be used to prompt for a passphrase. This is stored in the context, and is called via an internal intermediary at the time of serialization. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10394)
-
- 15 11月, 2019 1 次提交
-
-
由 Tomas Mraz 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10432)
-
- 12 11月, 2019 1 次提交
-
-
由 Richard Levitte 提交于
Not only deprecate, but also remove the reason strings and make ERR_load_KDF_strings() do nothing. Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10368)
-
- 16 10月, 2019 1 次提交
-
-
由 Andreas Schnebinger 提交于
CLA:trivial Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/9472)
-
- 02 10月, 2019 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10064)
-
- 06 9月, 2019 1 次提交
-
-
由 Pauli 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9662)
-
- 31 7月, 2019 1 次提交
-
-
由 FdaSilvaYY 提交于
CAdES : rework CAdES signing API. Make it private, as it is unused outside library bounds. Fix varous doc-nits. Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
-
- 02 7月, 2019 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9284)
-
- 28 6月, 2019 3 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9233)
-
由 Matt Caswell 提交于
All the other upref functions are spelled as "up_ref". These new functions should be consistent. Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9233)
-
由 Matt Caswell 提交于
We extend the EVP_MD_fetch documentation to be more generic and to also cover EVP_CIPHER_fetch. We expect this to be further expanded with other "fetch" functions in the future. Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9233)
-
- 24 6月, 2019 1 次提交
-
-
由 Pauli 提交于
Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/9225)
-
- 21 6月, 2019 1 次提交
-
-
由 Pauli 提交于
After avoiding OPENSSL_memcmp for EC curve comparison, there are no remaining uses in the source code. The function is only defined in an internal header and thus should be safe to remove for 3.0.0. Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/9207)
-
- 12 6月, 2019 1 次提交
-
-
由 Matt Caswell 提交于
We create lists of undocumented functions and macros as they are now so that find-doc-nits can check for newly introduced functions/macros that are undocumented. This works in a similar way to the -u and -d options to find-doc-nits. These count undocumented symbols and print a detailed list of undocumented symbols repsectively. This commit adds the -v and -e options to restrict the count/detailed list to newly added undocumented symbols only. There is also a new -s option that does the same as -e except that it produces no output if there are no newly undocumented symbols. We also amend "make doc-nits" to add the -s option which should cause travis to fail if a PR adds undocumented symbols. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9094)
-