- 10 3月, 2022 6 次提交
-
-
由 Dr. Matthias St. Pierre 提交于
which replaces the link to the OpenSSL 3.0 Wiki. Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPatrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17840)
-
由 Matt Caswell 提交于
We've had a report of a linker failure on some platforms (this one was linux ARM) that apparently did not have pthread_atfork. It's strange that this has not been reported before but the simplest solution is just to remove this from the library since it isn't really used anyway. Currently it is called to set up the fork handlers OPENSSL_fork_prepare, OPENSSL_fork_parent and OPENSSL_fork_child. However all of those functions are no-ops. This is a remnant from earlier code that got removed. We can safely remove it now. Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17842)
-
由 Marcel Raad 提交于
Fixes https://github.com/openssl/openssl/issues/14083 again after being broken by https://github.com/openssl/openssl/pull/15640. CLA: trivial Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17833)
-
由 Michael Baentsch 提交于
Including running the oqsprovider external test in the CI external test build. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17832)
-
由 Tom Cosgrove 提交于
Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14592)
-
由 Ben Avison 提交于
Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14592)
-
- 09 3月, 2022 1 次提交
-
-
由 Hugo Landau 提交于
Fixes an issue where, when the test suite was being run with the older Test::Harness package, the test suite would not complete correctly due to evaluation of $harness->runtests()->has_errors, which is only available for the newer TAP::Parser::Aggregator code path. Fixes #17818. Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17823)
-
- 07 3月, 2022 4 次提交
-
-
由 Hugo Landau 提交于
Two demos are provided: one using RSA-PSS directly in which a digest must be provided, and one using RSA-PSS with the EVP_DigestSign APIs which performs the hashing for you. Fixes #14113. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17800)
-
由 Hugo Landau 提交于
Fixes #14122. Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17796)
-
由 Daniel Hu 提交于
This patch will allow the SM4-GCM function to leverage the SM4 high-performance CTR crypto interface already implemented for ARM, which is faster than current single block cipher routine used for GCM It does not address the acceleration of GHASH function of GCM, which can be a future task, still we can see immediate uplift of performance (up to 4X) Before this patch: type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes SM4-GCM 186432.92k 394234.05k 587916.46k 639365.12k 648486.91k 652924.25k After the patch: SM4-GCM 193924.87k 860940.35k 1696083.71k 2302548.31k 2580411.73k 2607398.91k Signed-off-by: NDaniel Hu <Daniel.Hu@arm.com> Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17814)
-
由 Daniel 提交于
Fixes #14104 Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17802)
-
- 04 3月, 2022 5 次提交
-
-
由 Hugo Landau 提交于
This demo optionally accepts a single command line argument, allowing the output length to be specified. Fixes #14106. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17803)
-
由 xkernel 提交于
Also check return value of functions that call BIO_new() internally such as dup_bio_out(). Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17421)
-
由 Richard Levitte 提交于
Before PR #15310, which reworked how build files (Makefile, ...) were generated, everything was done when configuring, so configdata.pm could depend on build file templates and we'd get away with it. However, since building configdata.pm is now independent of the build file templates, that dependency is unnecessary, and would lead to surprises of the build file template is updated, with an unexpected full reconfiguration as a result, when all that's needed is to run configdata.pm with no flags to get the build file re-generated. This change is therefore a completion of what was forgotten in #15310. Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17756)
-
由 XiaokangQian 提交于
The EOR3 instruction is implemented with .inst, and the code here is enabled using run-time detection of the CPU capabilities, so no need to explicitly ask for the sha3 extension. Fixes #17773 Reviewed-by: NKurt Roeckx <kurt@roeckx.be> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17795)
-
由 Hugo Landau 提交于
This offers both a known answer test with fixed keys and also demonstrates a more realistic usage with random keys. Fixes #14118. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17799)
-
- 03 3月, 2022 9 次提交
-
-
由 Hugo Landau 提交于
Reviewed-by: NTodd Short <todd.short@me.com> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17790)
-
由 Hugo Landau 提交于
Fix a bug in `openssl s_server -WWW` where it would attempt to invoke `SSL_sendfile` if `-ktls -sendfile` was passed on the command line, even if KTLS has not actually been enabled, for example because it is not supported by the host. Since `SSL_sendfile` is only supported when KTLS is actually being used, this resulted in a failure to serve requests. Fixes #17503. Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17788)
-
由 Matt Caswell 提交于
Set the environment variable MALLOC_PERTURB_ during tests to perturb the output from OPENSSL_malloc() calls (see the mallopt man page for details about this environment variable). This could be a low cost way of spotting uninit reads in "make test" runs in some situations. In tests I have found it to be a little unreliable (sometimes it seemed to not perturb the output for inexplicable reasons) - but since this is easy to implement I think it is worthwhile. Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17768)
-
由 John Baldwin 提交于
FreeBSD does not provide a global timezone variable containing the offset to UTC. Instead, FreeBSD's libc includes a legacy timezone function dating back to Version 7 AT&T UNIX. As a result, asn1_string_to_time_t currently fails to compile on FreeBSD as it subtracts a function from a time_t value: ../crypto/asn1/a_time.c:625:37: error: invalid operands to binary expression ('time_t' (aka 'long') and 'char *(int, int)') timestamp_utc = timestamp_local - timezone; ~~~~~~~~~~~~~~~ ^ ~~~~~~~~ 1 error generated. However, FreeBSD's libc does include a non-standard (but widely available) timegm function which converts a struct tm directly to a UTC time_t value. Use this on FreeBSD instead of mktime. Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17765)
-
由 Michael Baentsch 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17733)
-
由 Michael Baentsch 提交于
We need to handle signatures with and without digest algs and we generalize the ossl_cms_ecdsa_dsa_sign() function to other algorithms that are handled in the same way. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17733)
-
由 zhangzhilei 提交于
This patch use table-lookup borrow from aes in crypto/aes/aes_core.c. Test on my PC(AMD Ryzen Threadripper 3990X 64-Core Processor), before and after optimization: debug mode: Before: type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes SM4-CBC 40101.14k 41453.80k 42073.86k 42174.81k 42216.11k 42227.03k SM4-ECB 41222.60k 42074.88k 42673.66k 42868.05k 42896.04k 42844.16k SM4-CTR 35867.22k 36874.47k 37004.97k 37083.82k 37052.42k 37076.99k After: type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes SM4-CBC 47273.51k 48957.40k 49665.19k 49810.77k 49859.24k 49834.67k SM4-ECB 48100.01k 49323.34k 50224.04k 50273.28k 50533.72k 50730.12k SM4-CTR 41352.64k 42621.29k 42971.22k 43061.59k 43089.92k 43100.84k non-debug mode: Before: type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes SM4-CBC 141596.59k 145102.93k 146794.50k 146540.89k 146650.45k 146877.10k SM4-ECB 144774.71k 155106.28k 158166.36k 158279.00k 158520.66k 159280.97k SM4-CTR 138021.10k 141577.60k 142493.53k 142736.38k 142852.10k 143125.16k After: type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes 16384 bytes SM4-CBC 142016.95k 150068.48k 152238.25k 152773.97k 153094.83k 152027.14k SM4-ECB 148842.94k 159919.87k 163628.37k 164515.84k 164697.43k 164790.27k SM4-CTR 141774.23k 146206.89k 147470.25k 147816.28k 146770.60k 148346.20k Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17766)
-
由 Hugo Landau 提交于
This fixes a bug whereby BN_mod_exp2_mont can dereference a NULL pointer if BIGNUM argument m represents zero. Regression test added. Fixes #17648. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17783)
-
由 Hugo Landau 提交于
`openssl req -x509` has code allowing it to generate certificates from CSRs as a replacement for `openssl x509`, but a bug prevents it from working properly. -CA and -CAkey can now be passed to generate a CA-signed certificate as documented in openssl-req(1). Regression testing has been added to `openssl req`. Fixes #17736. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17782)
-
- 02 3月, 2022 1 次提交
-
-
由 Daniel 提交于
Fixes #12491. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17744)
-
- 01 3月, 2022 4 次提交
-
-
由 Nicola Tuveri 提交于
Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17763)
-
由 Nicola Tuveri 提交于
Fixes #17743 Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17763)
-
由 Nicola Tuveri 提交于
`SSL_kECDHE` and `SSL_kEECDH`, and `SSL_kDHE` and `SSL_kEDH` are already marked as aliases of each other in the headers. This commit, for each pair, replaces the leftover uses of the latter synonym with the first one, which is considered more common. Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17763)
-
由 Tom Cosgrove 提交于
Reverting to using swapcontext() when compiling with clang on BTI-enabled builds fixes the BTI setjmp() failure seen when running asynctest. The issue with setjmp/longjmp is a known clang bug: see https://github.com/llvm/llvm-project/issues/48888 Change-Id: I6eeaaa2e15f402789f1b3e742038f84bef846e29 Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17698)
-
- 28 2月, 2022 6 次提交
-
-
由 Jiasheng Jiang 提交于
Since the potential failure of memory allocation, it should be better to check the return value of the OPENSSL_strndup(), like x509v3_add_len_value(). And following the comment of 'if (astrlen < 0)', return -1 if fails. Signed-off-by: NJiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17737)
-
由 Jiasheng Jiang 提交于
As the potential failure of the OPENSSL_zalloc(), the OSSL_LIB_CTX_new() could return NULL. Therefore, it should be better to check it and return error if fails in order to guarantee the success of the initialization. Signed-off-by: NJiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17738)
-
由 Matt Caswell 提交于
This option is no longer set by default from OpenSSL 3.0. Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/17748)
-
由 xkernel 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17741)
-
由 Pauli 提交于
Fixes #17753 Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/17764)
-
由 Pauli 提交于
Previously, a NULL property query was never cached and this lead to a performance degregation. Now, such a query is converted to an empty string and cached. Fixes #17752 Fixes https://github.openssl.org/openssl/openssl/issues/26Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17769)
-
- 25 2月, 2022 1 次提交
-
-
由 Richard Levitte 提交于
This is crucial when the build tree isn't the source tree, as they only take effect in directories where included header files reside. The issue only comes up when linking with the static libraries, since the shared libraries have upper case aliases of all symbols. Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/17755)
-
- 24 2月, 2022 3 次提交
-
-
由 Jiasheng Jiang 提交于
As the glue2bio() could return NULL pointer if fails, it should be better to check the return value in order to avoid the use of NULL pointer. Signed-off-by: NJiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17718)
-
由 Jiasheng Jiang 提交于
Since the memory allocation may fail, the BIO_new_mem_buf() may return NULL pointer. Therefore, it should be better to check it and return error if fails. Signed-off-by: NJiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17730)
-
由 Carlo Teubner 提交于
CLA: trivial Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17731)
-