- 25 1月, 2020 2 次提交
-
-
由 Pauli 提交于
Use of the low level DES functions has been informally discouraged for a long time. We now formally deprecate them. Applications should instead use the EVP APIs, e.g. EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, and the equivalently named decrypt functions. Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10858)
-
由 Pauli 提交于
Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10858)
-
- 24 1月, 2020 10 次提交
-
-
由 Matt Caswell 提交于
Now that libssl knows about libctx we should use it wherever we generate a random number. Reviewed-by: NShane Lontis <shane.lontis@oracle.com> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10927)
-
由 Dmitry Belyavskiy 提交于
Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10900)
-
由 Dmitry Belyavskiy 提交于
This commit introduces functions PKCS8_pkey_add1_attr_by_OBJ and PKCS8_pkey_add1_attr Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10900)
-
由 Shane Lontis 提交于
This is required in order to share code for FIPS related parameter generation and validation routinues. Note the 'counter' field is now stored as a integer (as that is the form required for generation/validation functions). Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10860)
-
由 Rich Salz 提交于
Move the x509_V_ERR_xxx definitions from openssl-verify to X509_STORE_CTX_get_error.pod. Add some missing ones. Consistently start with a lowercase letter, unless it's an acronym. Fix some markup mistakes in X509_verify_cert. Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/10132)
-
由 Richard Levitte 提交于
@{$config{LDFLAGS}} isn't necessarily split up in pieces, so we need to check for '-static' with a regexp rather than with an exact string match. Fixes #10867 Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10878)
-
由 Richard Levitte 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10824)
-
由 Richard Levitte 提交于
It is the provider version of EVP_PKEY_get_default_digest_nid(). We make sure to use it in the non-legacy section of do_sigver_init() (internal implementation for EVP_DigestSignInit() and EVP_DigestVerifyInit()) Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10824)
-
由 Richard Levitte 提交于
We've started to see "magic" numbers being used for certain sizes, such as algorithm names and property query strings. This change takes care of the few items where buffers for algorithm names and property query strings are used. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10928)
-
由 Richard Levitte 提交于
The common routine ossl_prov_print_labeled_bignum() didn't print the BIGNUM quite the way it should. It treated the limbs in a big endian fashion, when they are really organised in a little endian fashion. Furthermore, we make it inherit the behaviour from the print of legacy keys, where a number starting with the high bit set gets an extra zero printed first. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10891)
-
- 23 1月, 2020 9 次提交
-
-
由 Shane Lontis 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10826)
-
由 Shane Lontis 提交于
Added comments and cleared an intermediate result. KAT tests already exist in evppkey.txt (Search for "KAS_ECC_CDH_PrimitiveTest") Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10838)
-
由 Shane Lontis 提交于
make doc-nits was failing due to a merge error on master in missingcrypto.txt. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10932)
-
由 kinichiro 提交于
CLA: trivial Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10816)
-
由 Dmitry Belyavskiy 提交于
Fixes #10915. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10916)
-
由 David Benjamin 提交于
If one of the perlasm xlate drivers crashes, OpenSSL's build will currently swallow the error and silently truncate the output to however far the driver got. This will hopefully fail to build, but better to check such things. Handle this by checking for errors when closing STDOUT (which is a pipe to the xlate driver). Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10883)
-
由 Dmitry Belyavskiy 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10901)
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10256)
-
由 Rich Salz 提交于
Replace "=for openssl foreign manuals" with simpler syntax, it looks like the "=for openssl ifdef" construct. Fix some broken L<> links; add some missing foreign references and fixed some typo's. The WARNINGS in dhparam referred to non-existant commands so reword it. Fixes #10109 Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10256)
-
- 22 1月, 2020 2 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10866)
-
由 Matt Caswell 提交于
We add the ability to specify an OPENSSL_CTX (which may be NULL for the default context) and a property query string for use during algorithm fetch operations. For example, in this way one SSL_CTX could be used the default provider, and another one could be used with the FIPS provider. At this stage we don't use these values. That will come later. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10866)
-
- 21 1月, 2020 3 次提交
-
-
由 Richard Levitte 提交于
This propagates ERR_set_mark(), and ERR_clear_last_mark() and ERR_pop_to_mark() for provider use. Reviewed-by: NNicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/10803)
-
由 Richard Levitte 提交于
Since we're falling back to legacy, this isn't an error any more. Among others the failed EVP_KEYMGMT_fetch() error shadows other errors produced by the legacy code, which disrupts our test/evp_test runs. We use the error stack mark to restore the error stack just right, i.e. ERR_set_mark(), ERR_clear_last_mark() and ERR_pop_to_mark() Reviewed-by: NNicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/10803)
-
由 H.J. Lu 提交于
Move .cfi_startproc to the right place for RC4. Add missing .cfi_startproc and .cfi_endproc to RC4_options. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/10872)
-
- 20 1月, 2020 4 次提交
-
-
由 Matt Caswell 提交于
Libssl uses the null cipher in certain situations. It should be converted to a provided cipher. Reviewed-by: NShane Lontis <shane.lontis@oracle.com> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10865)
-
由 Matt Caswell 提交于
These were initially added as internal functions only. However they will also need to be used by libssl as well. Therefore it make sense to move them into the public API. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10864)
-
由 Matt Caswell 提交于
drbg_delete_thread_state cleans up after both the public and the private DRBG. It can be registered automtically by getting either of those DRBGs, but it should not be registered twice. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10862)
-
由 Matt Caswell 提交于
init_thread_stop maintains a linked lists of handlers that it should call when a thread finishes. The linked list handling wasn't quite right resulting in corrupted data. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10863)
-
- 19 1月, 2020 10 次提交
-
-
由 Matt Caswell 提交于
Some uses were going against documented recommendations. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10798)
-
由 Richard Levitte 提交于
Some uses were going against documented recommendations. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10798)
-
由 Richard Levitte 提交于
Some uses were going against documented recommendations. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10798)
-
由 Pauli 提交于
One of the MDC2 test applications can be done using evp_test. This makes it so. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10831)
-
由 Pauli 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10819)
-
由 Pauli 提交于
Use of the low level IDEA functions has been informally discouraged for a long time. We now formally deprecate them. Applications should instead use the EVP APIs, e.g. EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, and the equivalently named decrypt functions. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10819)
-
由 Pauli 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10819)
-
由 Pauli 提交于
To aviod leaking size information when passing private value using the OSSL_PARAM builder, a padded BN call is required. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10840)
-
由 Pauli 提交于
Undo the changes to md5.h and sha.h so that the low level symbols are exported from libcrypto again. This allows libssl to build and link. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10791)
-
由 Pauli 提交于
Use of the low level MD5 functions has been informally discouraged for a long time. We now formally deprecate them. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10791)
-