- 06 3月, 2019 1 次提交
-
-
由 Richard Levitte 提交于
The idea is that the application shall be able to register output channels or callbacks to print tracing output as it sees fit. OpenSSL internals, on the other hand, want to print thoses texts using normal printing routines, such as BIO_printf() or BIO_dump() through well defined BIOs. When the application registers callbacks, the tracing functionality sets up an internal BIO that simply forwards received text to the appropriate application provided callback. Co-authored-by: NDr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8198)
-
- 27 2月, 2019 1 次提交
-
-
由 Richard Levitte 提交于
These are a couple of utility functions, to make import and export of BIGNUMs to byte strings in platform native for (little-endian or big-endian) easier. Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8346)
-
- 18 2月, 2019 1 次提交
-
-
由 Pauli 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8224)
-
- 16 2月, 2019 2 次提交
-
-
由 Richard Levitte 提交于
The context builds on CRYPTO_EX_DATA, allowing it to be dynamically extended with new data from the different parts of libcrypto. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8225)
-
由 Richard Levitte 提交于
This allows allocation of items at indexes that were created after the CRYPTO_EX_DATA variable was initialized, using the exact same method that was used then. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8225)
-
- 15 2月, 2019 1 次提交
-
-
由 David Asraf 提交于
New function to return internal pointer for field. Reviewed-by: NNicola Tuveri <nic.tuv@gmail.com> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8195)
-
- 13 2月, 2019 1 次提交
-
-
由 David Makepeace 提交于
Changed PKEY/KDF API to call the new API. Added wrappers for PKCS5_PBKDF2_HMAC() and EVP_PBE_scrypt() to call the new EVP KDF APIs. Documentation updated. Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6674)
-
- 28 1月, 2019 1 次提交
-
-
由 Antonio Iacono 提交于
A CAdES Basic Electronic Signature (CAdES-BES) contains, among other specifications, a collection of Signing Certificate reference attributes, stored in the signedData ether as ESS signing-certificate or as ESS signing-certificate-v2. These are described in detail in Section 5.7.2 of RFC 5126 - CMS Advanced Electronic Signatures (CAdES). This patch adds support for adding ESS signing-certificate[-v2] attributes to CMS signedData. Although it implements only a small part of the RFC, it is sufficient many cases to enable the `openssl cms` app to create signatures which comply with legal requirements of some European States (e.g Italy). Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/7893)
-
- 27 1月, 2019 1 次提交
-
-
由 Ping Yu 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Yang <yang.yang@baishancloud.com> Signed-off-by: NPing Yu <ping.yu@intel.com> Signed-off-by: NSteven Linsell <stevenx.linsell@intel.com> (Merged from https://github.com/openssl/openssl/pull/7573)
-
- 08 1月, 2019 1 次提交
-
-
由 Viktor Dukhovni 提交于
1. In addition to overriding the default application name, one can now also override the configuration file name and flags passed to CONF_modules_load_file(). 2. By default we still keep going when configuration file processing fails. But, applications that want to be strict about initialization errors can now make explicit flag choices via non-null OPENSSL_INIT_SETTINGS that omit the CONF_MFLAGS_IGNORE_RETURN_CODES flag (which had so far been both undocumented and unused). 3. In OPENSSL_init_ssl() do not request OPENSSL_INIT_LOAD_CONFIG if the options already include OPENSSL_INIT_NO_LOAD_CONFIG. 4. Don't set up atexit() handlers when called with INIT_BASE_ONLY. Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7986)
-
- 12 12月, 2018 1 次提交
-
-
由 Todd Short 提交于
Based originally on github.com/dfoxfranke/libaes_siv This creates an SIV128 mode that uses EVP interfaces for the CBC, CTR and CMAC code to reduce complexity at the cost of perfomance. The expected use is for short inputs, not TLS-sized records. Add multiple AAD input capacity in the EVP tests. Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/3540)
-
- 07 12月, 2018 2 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7740)
-
由 Richard Levitte 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7740)
-
- 06 12月, 2018 2 次提交
-
-
由 Richard Levitte 提交于
We're strictly use version numbers of the form MAJOR.MINOR.PATCH. Letter releases are things of days past. The most central change is that we now express the version number with three macros, one for each part of the version number: OPENSSL_VERSION_MAJOR OPENSSL_VERSION_MINOR OPENSSL_VERSION_PATCH We also provide two additional macros to express pre-release and build metadata information (also specified in semantic versioning): OPENSSL_VERSION_PRE_RELEASE OPENSSL_VERSION_BUILD_METADATA To get the library's idea of all those values, we introduce the following functions: unsigned int OPENSSL_version_major(void); unsigned int OPENSSL_version_minor(void); unsigned int OPENSSL_version_patch(void); const char *OPENSSL_version_pre_release(void); const char *OPENSSL_version_build_metadata(void); Additionally, for shared library versioning (which is out of scope in semantic versioning, but that we still need): OPENSSL_SHLIB_VERSION We also provide a macro that contains the release date. This is not part of the version number, but is extra information that we want to be able to display: OPENSSL_RELEASE_DATE Finally, also provide the following convenience functions: const char *OPENSSL_version_text(void); const char *OPENSSL_version_text_full(void); The following macros and functions are deprecated, and while currently existing for backward compatibility, they are expected to disappear: OPENSSL_VERSION_NUMBER OPENSSL_VERSION_TEXT OPENSSL_VERSION OpenSSL_version_num() OpenSSL_version() Also, this function is introduced to replace OpenSSL_version() for all indexes except for OPENSSL_VERSION: OPENSSL_info() For configuration, the option 'newversion-only' is added to disable all the macros and functions that are mentioned as deprecated above. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7724)
-
由 Richard Levitte 提交于
This is in preparation for a switch to MAJOR.MINOR.PATCH versioning and calling the next major version 3.0.0. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7724)
-
- 15 11月, 2018 2 次提交
-
-
由 Antoine Salon 提交于
Signed-off-by: NAntoine Salon <asalon@vmware.com> Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7522)
-
由 Antoine Salon 提交于
Signed-off-by: NAntoine Salon <asalon@vmware.com> Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7522)
-
- 10 11月, 2018 1 次提交
-
-
由 David Woodhouse 提交于
Rather than relying only on mandatory default digests, add a way for the EVP_PKEY to individually report whether each digest algorithm is supported. Reviewed-by: NNicola Tuveri <nic.tuv@gmail.com> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7408)
-
- 29 10月, 2018 2 次提交
-
-
由 Richard Levitte 提交于
These functions are generalizations of EVP_PKEY_CTX_str2ctrl() and EVP_PKEY_CTX_hex2ctrl(). They will parse the value, and then pass the parsed result and length to a callback that knows exactly how to pass them on to a main _ctrl function, along with a context structure pointer. Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7393)
-
由 Richard Levitte 提交于
We currently implement EVP MAC methods as EVP_PKEY methods. This change creates a separate EVP API for MACs, to replace the current EVP_PKEY ones. A note about this EVP API and how it interfaces with underlying MAC implementations: Other EVP APIs pass the EVP API context down to implementations, and it can be observed that the implementations use the pointer to their own private data almost exclusively. The EVP_MAC API deviates from that pattern by passing the pointer to the implementation's private data directly, and thereby deny the implementations access to the EVP_MAC context structure. This change is made to provide a clearer separation between the EVP library itself and the implementations of its supported algorithm classes. Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7393)
-
- 17 10月, 2018 1 次提交
-
-
由 Antoine Salon 提交于
Signed-off-by: NAntoine Salon <asalon@vmware.com> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NNicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/7345)
-
- 04 10月, 2018 1 次提交
-
-
由 Richard Levitte 提交于
Having it as a 'platform' was conceptually wrong from from the beginning, and makes decoding more complicated than necessary. Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7191)
-
- 01 10月, 2018 1 次提交
-
-
由 Richard Levitte 提交于
BIO_s_log() is declared for everyone, so should return NULL when not actually implemented. Also, it had explicit platform limitations in util/mkdef.pl that didn't correspond to what was actually in code. While at it, a few other hard coded things that have lost their relevance were removed. include/openssl/ocsp.h had a few duplicate declarations. Reviewed-by: NPaul Yang <yang.yang@baishancloud.com> (Merged from https://github.com/openssl/openssl/pull/7331)
-
- 07 9月, 2018 2 次提交
-
-
由 Paul Yang 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7113)
-
由 Paul Yang 提交于
Thus users can use this function to set customized EVP_PKEY_CTX to EVP_MD_CTX structure. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7113)
-
- 03 9月, 2018 1 次提交
-
-
由 Paul Kehrer 提交于
fixes #7081 Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/7082)
-
- 17 8月, 2018 1 次提交
-
-
由 Andy Polyakov 提交于
CRYPTO_atomic_read was added with intention to read statistics counters, but readings are effectively indistinguishable from regular load (even in non-lock-free case). This is because you can get out-dated value in both cases. CRYPTO_atomic_write was added for symmetry and was never used. Reviewed-by: NKurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/6883)
-
- 31 7月, 2018 2 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6815)
-
由 Matt Caswell 提交于
Some EC functions exist in *_GFp and *_GF2m forms, in spite of the implementations between the two curve types being identical. This commit provides equivalent generic functions with the *_GFp and *_GF2m forms just calling the generic functions. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6815)
-
- 27 6月, 2018 1 次提交
-
-
由 Pauli 提交于
This allows operation inside a chroot environment without having the random device present. A new call, RAND_keep_random_devices_open(), has been introduced that can be used to control file descriptor use by the random seed sources. Some seed sources maintain open file descriptors by default, which allows such sources to operate in a chroot(2) jail without the associated device nodes being available. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/6432)
-
- 21 6月, 2018 1 次提交
-
-
由 Nicola Tuveri 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6467)
-
- 19 6月, 2018 1 次提交
-
-
由 Jack Lloyd 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6443)
-
- 08 6月, 2018 2 次提交
-
-
由 Matt Caswell 提交于
EVP_PKEY_asn1_set_get_priv_key() and EVP_PKEY_asn1_set_get_pub_key() Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6394)
-
由 Matt Caswell 提交于
Only applies to algorithms that support it. Both raw private and public keys can be obtained for X25519, Ed25519, X448, Ed448. Raw private keys only can be obtained for HMAC, Poly1305 and SipHash Fixes #6259 Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6394)
-
- 04 6月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
These were never made public so can just be deleted. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6386)
-
- 30 5月, 2018 1 次提交
-
-
由 Mingtao Yang 提交于
OpenSSL 1.1.0 made the X509_LOOKUP_METHOD structure opaque, so applications that were previously able to define a custom lookup method are not able to be ported. This commit adds getters and setters for each of the current fields of X509_LOOKUP_METHOD, along with getters and setters on several associated opaque types (such as X509_LOOKUP and X509_OBJECT). Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6152)
-
- 29 5月, 2018 4 次提交
-
-
由 Dr. Matthias St. Pierre 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6290)
-
由 Dr. Matthias St. Pierre 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6290)
-
由 Dr. Matthias St. Pierre 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6290)
-
由 Dr. Matthias St. Pierre 提交于
amends 6db7fadfReviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6290)
-