- 25 5月, 2021 1 次提交
-
-
由 Dr. David von Oheimb 提交于
This also introduces app_keygen() and app_paramgen() and cleans up err reporting. Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12095)
-
- 18 5月, 2021 1 次提交
-
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15245)
-
- 15 5月, 2021 1 次提交
-
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15053)
-
- 06 5月, 2021 1 次提交
-
-
由 Tomas Mraz 提交于
Add OSSL_STORE_PARAM_INPUT_TYPE and make it possible to be set when OSSL_STORE_open_ex() or OSSL_STORE_attach() is called. The input type format is enforced only in case the file type file store is used. By default we use FORMAT_UNDEF meaning the input type is not enforced. Fixes #14569 Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15100)
-
- 01 5月, 2021 1 次提交
-
-
由 Petr Gotthard 提交于
Switch lib/apps.c do_sign_init() to use EVP_DigestSignInit_ex, so it works with external providers. Since EVP_DigestSignInit_ex requires a digest name instead of an EVP_MD pointer, the apps using do_sign_init() had to be modified to pass char* instead of EVP_MD*. Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/15014)
-
- 30 4月, 2021 1 次提交
-
-
由 Shane Lontis 提交于
Fixes #15031 The maybe_stdin needed to be passed to load_key_certs_crls(). Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15058)
-
- 23 4月, 2021 1 次提交
-
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14971)
-
- 14 4月, 2021 1 次提交
-
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14840)
-
- 09 4月, 2021 1 次提交
-
-
由 Armin Fuerst 提交于
Windows builds show the following warning: (..\apps\ca.c(2643): warning C4267: 'function': conversion from 'size_t' to 'int', possible loss of data) Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14453)
-
- 15 3月, 2021 1 次提交
-
-
由 Tomas Mraz 提交于
Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14449)
-
- 13 3月, 2021 1 次提交
-
-
由 Dr. David von Oheimb 提交于
This requires moving generally useful functions from apps/cmp.c to apps/lib/apps.c Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14504)
-
- 28 2月, 2021 1 次提交
-
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14340)
-
- 12 2月, 2021 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NShane Lontis <shane.lontis@oracle.com> Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14135)
-
- 05 2月, 2021 1 次提交
-
-
由 Petr Gotthard 提交于
Fixes #13656. Right now all openssl commands use a NULL propq. This patch adds a possibility to specify a custom propq. The implementation follows the example of set_nameopt/get_nameopt. Various tools had to be modified to call app_get0_propq after it has been populated. Otherwise the -propquery has no effect. The tests then verify the -propquery affects the tool behaviour by requesting a non-existing property. Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13707)
-
- 28 1月, 2021 1 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13999)
-
- 13 1月, 2021 2 次提交
-
-
由 Dr. David von Oheimb 提交于
Also document the function CONF_get1_default_config_file() Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13658)
-
由 Dr. David von Oheimb 提交于
Fixes #13603 Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13658)
-
- 15 12月, 2020 1 次提交
-
-
由 Dmitry Belyavskiy 提交于
Fixes #13594 Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13669)
-
- 03 12月, 2020 2 次提交
-
-
由 Richard Levitte 提交于
These two functions react when the FORMAT_ENGINE format is given, and use the passed ENGINE |e| and the passed key argument to form a URI suitable for the engine: loader. Co-authored-by: NDavid von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: NDavid von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/13570)
-
由 Richard Levitte 提交于
The idea is to be able to have our apps load engine keys using a URI: org.openssl.engine:{engineid}:{keyid} This is legacy, but added for the time being to support keys given to the application like this: -engine {engineid} -key {keyid} -keyform ENGINE This latter form is recognised internally, and rewritten into the URI form. Reviewed-by: NDavid von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/13570)
-
- 26 11月, 2020 1 次提交
-
-
由 Matt Caswell 提交于
genpkey was supressing deprecation warnings in order to support ENGINE functionality. We move all of that into a separate file so that we don't need to suppress the warnings anymore. Fixes #13118 Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13454)
-
- 10 11月, 2020 1 次提交
-
-
由 Matt Caswell 提交于
DSA parameters files were failing to load correctly. We also fix a number of follow on issues which resulted in multiple similar errors messages being displayed for the same problem, as well as a seg-fault. Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13317)
-
- 26 10月, 2020 1 次提交
-
-
由 Richard Levitte 提交于
Also, restore a behaviour change, where load_cert() would look at stdin when the input file name is NULL, and make sure to call load_cert_pass() with a corresponding argument where load_cert() was used in OpenSSL 1.1.1. Fixes #13235 Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13236)
-
- 22 10月, 2020 1 次提交
-
-
由 Richard Levitte 提交于
'openssl dsaparam' is affected as an obvious usage example. Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13191)
-
- 15 10月, 2020 1 次提交
-
-
由 Dr. Matthias St. Pierre 提交于
Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER. The OPENSSL_CTX type stands out a little by using a different prefix. For consistency reasons, this type is renamed to OSSL_LIB_CTX. Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12621)
-
- 04 10月, 2020 1 次提交
-
-
由 Richard Levitte 提交于
Some of our apps turn off deprecation warnings solely for the sake of ENGINE, and thereby shadowing other deprecations that we should take better care of. To solve this, all apps ENGINE functionality is move to one file, where deprecation warning suppression is activate, and the same suppression can then easily be removed in at least some of the apps. Any remaining suppression that we still need to deal with should happen as separate efforts. Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13044)
-
- 11 9月, 2020 1 次提交
-
-
由 Chris Novakovic 提交于
When generating a CRL using the "ca" utility, allow values for the lastUpdate and nextUpdate fields to be specified using the command line options -crl_lastupdate and -crl_nextupdate respectively. Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/12784)
-
- 20 8月, 2020 3 次提交
-
-
由 Dr. David von Oheimb 提交于
allows loading password-protected PKCS#12 files in x509, ca, s_client, s_server Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12647)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12647)
-
由 Richard Levitte 提交于
While public keys and private keys use the same type (EVP_PKEY), just with different contents, callers still need to distinguish between the two to be able to know what functions to call with them (for example, to be able to choose between EVP_PKEY_print_private() and EVP_PKEY_print_public()). The OSSL_STORE backend knows what it loaded, so it has the capacity to inform. Note that the same as usual still applies, that a private key EVP_PKEY contains the public parts, but not necessarily the other way around. Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12673)
-
- 12 8月, 2020 1 次提交
-
-
由 Shane Lontis 提交于
Fixes #11863 Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12162)
-
- 04 8月, 2020 1 次提交
-
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12296)
-
- 24 7月, 2020 1 次提交
-
-
由 Shane Lontis 提交于
- In order to not add many X509_XXXX_with_libctx() functions the libctx and propq may be stored in the X509 object via a call to X509_new_with_libctx(). - Loading via PEM_read_bio_X509() or d2i_X509() should pass in a created cert using X509_new_with_libctx(). - Renamed some XXXX_ex() to XXX_with_libctx() for X509 API's. - Removed the extra parameters in check_purpose.. - X509_digest() has been modified so that it expects a const EVP_MD object() and then internally it does the fetch when it needs to (via ASN1_item_digest_with_libctx()). - Added API's that set the libctx when they load such as X509_STORE_new_with_libctx() so that the cert chains can be verified. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12153)
-
- 23 7月, 2020 1 次提交
-
-
由 Shane Lontis 提交于
Added RSA oaep test that uses the pkeyutl application. Added an openssl application option to support loading a (fips) provider via the '-config' option. Added openssl application related environment variable 'OPENSSL_TEST_LIBCTX' (for testing purposes only), that creates a non default library context. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11948)
-
- 02 6月, 2020 1 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11983)
-
- 16 5月, 2020 3 次提交
-
-
由 David von Oheimb 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NDavid von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/4277)
-
由 Dr. David von Oheimb 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NDavid von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/4277)
-
由 Dr. David von Oheimb 提交于
This also adds the more flexible and general load_key_cert_crl() as well as helper functions get_passwd(), cleanse(), and clear_free() to be used also in apps/cmp.c etc. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NDavid von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/11755)
-
- 25 4月, 2020 1 次提交
-
-
由 David von Oheimb 提交于
Make use of new load_csr() in 'ca', 'req', and 'x509' app Add '-inform' and '-certform' option to 'ca' app Add 'desc' parameter to load_crl() function defined in apps/lib/apps.c Allow 'desc' parameter to be NULL (gives option to suppress error output) Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> Reviewed-by: NDavid von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/4940)
-
- 23 4月, 2020 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11616)
-