- 15 6月, 2023 1 次提交
-
-
由 Michael Baentsch 提交于
Reviewed-by: NNicola Tuveri <nic.tuv@gmail.com> Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21194)
-
- 14 6月, 2023 10 次提交
-
-
由 Matt Caswell 提交于
When determining the next tick deadline we cannot actually issue an ack if the CC will not let us, or the enc_level is not yet provisioned. This avoids a bug where we can end up in a busy loop because the next event deadline is reported as "now" because we want to send an ack, but we can't actually send anything yet. Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NHugo Landau <hlandau@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21181)
-
由 Tomas Mraz 提交于
Also use OSSL_NELEM instead of hardcoding array size. Reviewed-by: NTom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21183)
-
由 Pauli 提交于
The FIPS provider accesses it's current state under lock. This is overkill, little or no synchronisation is actually required in practice (because it's essentially a read only setting). Switch to using TSAN operations in preference. Fixes #21179 Reviewed-by: NShane Lontis <shane.lontis@oracle.com> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21187)
-
由 Matt Caswell 提交于
Reviewed-by: NViktor Dukhovni <viktor@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21133)
-
由 Matt Caswell 提交于
We split the page into two: one covering basic TLS introductory material that applies to both clients and servers, and one with the specific material on writing a blocking TLS client. Reviewed-by: NViktor Dukhovni <viktor@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21133)
-
由 Matt Caswell 提交于
For tutorial type pages it doesn't make any sense to have a DESCRIPTION section. Reviewed-by: NViktor Dukhovni <viktor@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21133)
-
由 Matt Caswell 提交于
Provide guidance on the steps needed to write a very simple blocking TLS client. Reviewed-by: NViktor Dukhovni <viktor@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21133)
-
由 Matt Caswell 提交于
This blocking client is intended to be used to explain how to implement a simple client in the documentation. Reviewed-by: NViktor Dukhovni <viktor@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21133)
-
由 Yi Li 提交于
This can effectively reduce the binary size for platforms that don't need ECX feature(~100KB). Signed-off-by: NYi Li <yi1.li@intel.com> Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20781)
-
由 Mike Kasick 提交于
In a non-"no-deprecated" libcrypto build with a default configuration, RAND_get_rand_method() == RAND_OpenSSL() and so needs to fall through to the RAND_seed call (used in "no-deprecated" builds) to perform a reseed. CLA: trivial Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21167)
-
- 13 6月, 2023 1 次提交
-
-
由 Jiasheng Jiang 提交于
To match the BN_CTX_start, it should be better to add BN_CTX_end in the end of the function. Signed-off-by: NJiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: NTom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19266)
-
- 12 6月, 2023 7 次提交
-
-
由 Wim Decroix 提交于
CLA: trivial Fixes #21156 Reviewed-by: NTodd Short <todd.short@me.com> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21155)
-
由 fisher.yu 提交于
1. Update cmac test cases, fullfilling test data by short string instead of using long string directly. 2. Modify the wording of comments in cmac.c Reviewed-by: NHugo Landau <hlandau@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21177)
-
由 Matthias St. Pierre 提交于
The libcrypto library uses shared library pinning to prevent its cleanup handlers from crashing at program termination because of a premature unloading of the shared library. However, shared library pinning is enabled also for static builds, which may lead to surpising behaviour if libcrypto is linked statically to a shared third-party library, because in this case the third-party library gets pinned. This surprising behaviour is caused by the fact that the `no-shared` configure option does not imply `no-pinshared`. Since this quirk can't be changed without potentially breaking existing code, we just document it here and provide a workaround. Fixes #20977 Reviewed-by: NTodd Short <todd.short@me.com> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20985)
-
由 Theo Buehler 提交于
A few ERR_raise() calls in v3_purp.c use the wrong library. For example, in OpenSSL 3.1.1 we get 00000000:error:0580009E:x509 certificate routines:ossl_x509v3_cache_extensions:reason(158):crypto/x509/v3_purp.c:635: instead of 00000000:error:1100009E:X509 V3 routines:ossl_x509v3_cache_extensions:invalid certificate:crypto/x509/v3_purp.c:635: Reviewed-by: NTodd Short <todd.short@me.com> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21168)
-
由 Michael Baentsch 提交于
Reviewed-by: NTodd Short <todd.short@me.com> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21006)
-
由 Michael Baentsch 提交于
Fixes #19531 Reviewed-by: NTodd Short <todd.short@me.com> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21006)
-
由 James Knight 提交于
Toolchains that target a non-MMU architecture may not have the `madvise` function available, even if the `sys/mman.h` header provides a define for `MADV_DONTDUMP` (e.g. when targeting ARMv7-M with uClibc). The following tweaks the implementation to use `HAVE_MADVISE`/`NO_MADVISE` defines to help indicate when to attempt to use `madvise`. This change operates in the same manner as the original implementation (i.e. relies on `MADV_DONTDUMP` to indicate if `madvise` can be used); however, this change now allows a builder to override the internal detection by explicitly providing the `HAVE_MADVISE` define at compile time. This should give flexibility for environments which do not have `madvise` when there is no easy logic to set `NO_MADVISE`. Signed-off-by: NJames Knight <james.d.knight@live.com> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTodd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/20851)
-
- 11 6月, 2023 15 次提交
-
-
由 Heiko Stuebner 提交于
To allow re-use of the already reviewed openSSL crypto code for RISC-V in other projects - like the Linux kernel, add a second license (2-clause BSD) to the 32+64bit aes implementations using the Zkn extension. Signed-off-by: NHeiko Stuebner <heiko.stuebner@vrull.eu> Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTodd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/21018)
-
由 Heiko Stuebner 提交于
To allow re-use of the already reviewed openSSL crypto code for RISC-V in other projects - like the Linux kernel, add a second license (2-clause BSD) to the recently added GCM ghash functions. Signed-off-by: NHeiko Stuebner <heiko.stuebner@vrull.eu> Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTodd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/20649)
-
由 Tomas Mraz 提交于
wvalue is always initialized at the beginning of each cycle and used only within the cycle Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTodd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/21145)
-
由 Tomas Mraz 提交于
It is used only within the loop and always initialized
-
由 Tomas Mraz 提交于
-
由 Tomas Mraz 提交于
Also some move redirection_url inside loop where it is only used.
-
由 Tomas Mraz 提交于
It is used only within the loop and initialized at the beginning
-
由 Tomas Mraz 提交于
-
由 Tomas Mraz 提交于
wvalue is always initialized at the beginning of each cycle and used only within the cycle
-
由 Tomas Mraz 提交于
ctx is used only within the loop and always assigned at start
-
由 Tomas Mraz 提交于
Also moving the call to setup_tests() where it fits better.
-
由 Tomas Mraz 提交于
-
由 Tomas Mraz 提交于
-
由 Tomas Mraz 提交于
Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: NAnton Arapov <anton@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21131)
-
由 Tomas Mraz 提交于
Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: NAnton Arapov <anton@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21131)
-
- 10 6月, 2023 1 次提交
-
-
由 Tomas Mraz 提交于
Also add missing prototype for rc4_md5_enc. Fixes #21150 Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21153)
-
- 09 6月, 2023 5 次提交
-
-
由 Michael Baentsch 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21151)
-
由 Matthias St. Pierre 提交于
Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7320)
-
由 Dr. Matthias St. Pierre 提交于
The asn1parse command now supports three different input formats: openssl asn1parse -inform PEM|DER|B64 PEM: base64 encoded data enclosed by PEM markers (RFC7462) DER: der encoded binary data B64: raw base64 encoded data The PEM input format is the default format. It is equivalent to the former `-strictpem` option which is now marked obsolete and kept for backward compatibility only. The B64 is equivalent to the former default input format of the asn1parse command (without `-strictpem`) Fixes #7317 Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7320)
-
由 Dr. Matthias St. Pierre 提交于
- split OPT_FMT_PEMDER flag into OPT_FMT_PEM and OPT_FMT_DER - add OPT_FMT_B64 option (`-inform b64`) Reviewed-by: NDmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7320)
-
由 fisher.yu 提交于
Reduce the number of EVP_Cipher function calls in CMAC_Update, to improve performance of CMAC. Below are command and result of performance improvement. COMMAND: openssl speed -cmac ALGORITHM IMPROVEMENT(%): A72 stands for Cortex A72 N1 stands for Neoverse N1 N2 stands for Neoverse N2 A72 N1 N2 x86 aes-128-cbc@256 65.4 54.6 37.9 86.6 aes-128-cbc@1024 156.0 105.6 65.8 197.1 aes-128-cbc@8192 237.7 139.2 80.5 285.8 aes-128-cbc@16384 249.1 143.5 82.2 294.1 aes-192-cbc@256 65.6 46.5 30.9 77.8 aes-192-cbc@1024 154.2 87.5 50.8 167.4 aes-192-cbc@8192 226.5 117.0 60.5 231.7 aes-192-cbc@16384 236.3 120.1 61.7 238.4 aes-256-cbc@256 66.0 40.3 22.2 69.5 aes-256-cbc@1024 136.8 74.6 35.7 142.2 aes-256-cbc@8192 189.7 93.5 41.5 191.7 aes-256-cbc@16384 196.6 95.8 42.2 195.9 des-ede3-cbc@64 6.9 4.4 2.9 7.2 des-ede3-cbc@256 9.3 6.1 4.3 13.1 des-ede3-cbc@1024 10.0 6.4 4.8 14.9 des-ede3-cbc@8192 10.3 6.5 5.1 15.5 des-ede3-cbc@16384 10.3 6.4 5.1 15.5 sm4-cbc@256 9.5 3.0 - 18.0 sm4-cbc@1024 12.3 3.6 - 24.6 sm4-cbc@8192 13.2 3.8 - 27.0 sm4-cbc@16384 13.5 3.8 - 27.2 Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21102)
-