- 27 2月, 2020 4 次提交
-
-
由 Dr. Matthias St. Pierre 提交于
In the first step, we just add the .md extension and move some files around, without changing any content. These changes will occur in the following commits. Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10545)
-
由 Rich Salz 提交于
Remove unused util/process_docs.pl Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10856)
-
由 Bastian Germann 提交于
CAkeyform may be set to PEM, DER or ENGINE, but the current options are not using the proper optionformat 'E' (OPT_FMT_PDE) for this. Set the valtype for CAkeyform to 'E' and use OPT_FMT_PDE when extracting the option value. This amends 0ab6fc79 ("Fix regression on x509 keyform argument") which did the same thing for keyform and changed the manpage synopsis entries for both keyform and CAkeyform but did not change the option section. Hence, change the option section for both of them. CLA: trivial Co-developed-by: NTorben Hohn <torben.hohn@linutronix.de> Signed-off-by: NTorben Hohn <torben.hohn@linutronix.de> Signed-off-by: NBastian Germann <bage@linutronix.de> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11085)
-
由 Asfak Rahman 提交于
The example never executes code inside of the while loop, as read() returns bigger number than 0. Thus the end result is wrong. CLA: trivial Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11143)
-
- 26 2月, 2020 5 次提交
-
-
由 Tomas Mraz 提交于
Also reuse one of the arm64 builds as a no-deprecated build Also include a single ppc64le-build Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11181)
-
由 Pauli 提交于
If the user specifies a minimum allocation size that is smaller than the free list structure (or zero), calculate the minimum possible size rather than failing. Reviewed-by: NViktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11149)
-
由 Pauli 提交于
Add a note indicating that the minimum size parameter to CRYPTO_secure_malloc_init() should be small. Reviewed-by: NViktor Dukhovni <viktor@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11149)
-
由 Davide Galassi 提交于
Conditional code readability improvement. Remove unused macro Commit #11042 has introduced a new, unused, CRYPTO_EX_INDEX macro. Remove before version release. Reviewed-by: NPaul Yang <kaishen.yy@antfin.com> Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11103)
-
由 H.J. Lu 提交于
Replace .asciz "GNU" with .byte since .asciz isn't supported on Solaris. Fixes https://github.com/openssl/openssl/issues/11132Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11137)
-
- 25 2月, 2020 3 次提交
-
-
由 Dr. Matthias St. Pierre 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11111)
-
由 Dr. Matthias St. Pierre 提交于
Previously, the initialization was done immediately in RAND_DRBG_set(), which is also called in RAND_DRBG_uninstantiate(). This made it difficult for the FIPS DRBG self test to verify that the internal state had been zeroized, because it had the side effect that the drbg->data structure was reinitialized immediately. To solve the problem, RAND_DRBG_set() has been split in two parts static int rand_drbg_set(RAND_DRBG *drbg, int type, unsigned int flags); static int rand_drbg_init_method(RAND_DRBG *drbg); and only the first part is called from RAND_DRBG_uninstantiate(). Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11111)
-
由 Matt Turner 提交于
Its entry in Configuration/10-main.conf was dropped in commit 7ead0c89 ("Configure: fold related configurations more aggressively and clean-up.") probably because all but one of its bn_ops were removed (RC4_CHAR remained). Benchmarks on an Alpha EV7 indicate that RC4_INT is better than RC4_CHAR so rather than restoring the configuation, remove it from config. CLA: trivial Bug: https://bugs.gentoo.org/697840Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11130)
-
- 23 2月, 2020 1 次提交
-
-
由 Richard Levitte 提交于
Property "default" no longer exists, replace "default=yes" with "provider=default" Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11150)
-
- 22 2月, 2020 11 次提交
-
-
由 Richard Levitte 提交于
Previously, evp-keymgmt_util_export_to_provider() took care of all kinds of exports of EVP_PKEYs to provider side keys, be it from its legacy key or from another provider side key. This works most of the times, but there may be cases where the caller wants to be a bit more in control of what sort of export happens when. Also, when it's time to remove all legacy stuff, that job will be much easier if we have a better separation between legacy support and support of provided stuff, as far as we can take it. This changes moves the support of legacy key to provider side key export from evp-keymgmt_util_export_to_provider() to evp_pkey_make_provided(), and makes sure the latter is called from all EVP_PKEY functions that handle legacy stuff. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11074)
-
由 Richard Levitte 提交于
Made macro names that refer to a known base OID, an commented accordingly. Reviewed-by: NShane Lontis <shane.lontis@oracle.com> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10557)
-
由 Richard Levitte 提交于
Clean up a manual we've touched, according to conventions found in Linux' man-pages(7); function arguments in descriptions should be in italics, and types, macros and similar should be in bold, with the exception for NULL. Reviewed-by: NShane Lontis <shane.lontis@oracle.com> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10557)
-
由 Richard Levitte 提交于
Reviewed-by: NShane Lontis <shane.lontis@oracle.com> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10557)
-
由 Richard Levitte 提交于
Tests that go through provider cannot recognise PKEY_CTRL_INVALID from PKEY_CTRL_ERROR any more, because provided implementations' param setting functions return 0 or 1. Reviewed-by: NShane Lontis <shane.lontis@oracle.com> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10557)
-
由 Richard Levitte 提交于
Reviewed-by: NShane Lontis <shane.lontis@oracle.com> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10557)
-
由 Richard Levitte 提交于
Reviewed-by: NShane Lontis <shane.lontis@oracle.com> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10557)
-
由 Richard Levitte 提交于
This includes legacy PSS controls to params conversion, and an attempt to generalise the parameter names when they are suitable for more than one operation. Also added crypto/rsa/rsa_aid.c, containing proper AlgorithmIdentifiers for known RSA+hash function combinations. Reviewed-by: NShane Lontis <shane.lontis@oracle.com> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10557)
-
由 Dr. David von Oheimb 提交于
We were excluding more code than we needed to in the OCSP/HTTP code in the event of no-sock. We should also not assume that a BIO passed to our API is socket based. This fixes the no-sock build Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NDavid von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/11134)
-
由 Matt Caswell 提交于
Replace the properties default, fips and legacy with a single property called "provider". So, for example, instead of writing "default=yes" to get algorithms from the default provider you would instead write "provider=default". We also have a new "fips" property to indicate that an algorithm is compatible with FIPS mode. This applies to all the algorithms in the FIPS provider, as well as any non-cryptographic algorithms (currently only serializers). Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11097)
-
由 Shane Lontis 提交于
Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/11010)
-
- 21 2月, 2020 6 次提交
-
-
由 Pauli 提交于
Add options to change the parameter encoding and point conversions for EC public and private keys. These options are present in the deprecated 'ec' utility. Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/11113)
-
由 Pauli 提交于
Specifically, refer from the deprecated tools to the pkey equivalents. Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/11113)
-
由 Pauli 提交于
Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11049)
-
由 Pauli 提交于
When converting legacy controls to OSSL_PARAMs, return the unsupported -2 value correctly. Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11049)
-
由 Pauli 提交于
The extra argument is a integer pointer and is optional. Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11049)
-
由 Matt Caswell 提交于
These are temporary files generated by the build process that should not be checked in. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11122)
-
- 20 2月, 2020 9 次提交
-
-
由 Pauli 提交于
Use of the low level DH functions has been informally discouraged for a long time. We now formally deprecate them. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11024)
-
由 Pauli 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11024)
-
由 Pauli 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11024)
-
由 Pauli 提交于
Use of the low level RSA functions has been informally discouraged for a long time. We now formally deprecate them. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11063)
-
由 Pauli 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11063)
-
由 Pauli 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11063)
-
由 Pauli 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11063)
-
由 Pauli 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11063)
-
由 Dane (4cad@silvertoque) 提交于
https://github.com/openssl/openssl/issues/10958 CLA: trivial Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11125)
-
- 19 2月, 2020 1 次提交
-
-
由 Simon Cornish 提交于
Allow for encryption overhead in early DTLS size check and send overflow if validated record is too long Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11096)
-