- 22 10月, 2021 1 次提交
-
-
由 Matt Caswell 提交于
Make sure that the outsize for the buffer is large enough for the output from the MAC. Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16789)
-
- 24 6月, 2021 1 次提交
-
-
由 Richard Levitte 提交于
This makes them more consistent with other new interfaces. Fixes #15839 Reviewed-by: NDavid von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: NPaul Dale <pauli@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15861)
-
- 02 6月, 2021 1 次提交
-
-
由 Pauli 提交于
Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15564)
-
- 01 6月, 2021 1 次提交
-
-
由 Tomas Mraz 提交于
For functions that exist in 1.1.1 provide a simple aliases via #define. Fixes #15236 Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_, EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_, EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_, EVP_MD_, and EVP_CIPHER_ prefixes are renamed. Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15405)
-
- 25 5月, 2021 1 次提交
-
-
由 Pauli 提交于
Fixes #12342 Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15427)
-
- 24 5月, 2021 1 次提交
-
-
由 Shane Lontis 提交于
pointers to provider size algorithm contexts. Fixes #14284 The gettable_ctx_params methods were confusingly passing a 'provctx' and a provider context which are completely different objects. Some objects such as EVP_KDF used 'data' while others such as EVP_MD used 'provctx'. For libcrypto this 'ctx' is an opaque ptr returned when a providers algorithm implementation creates an internal context using a new_ctx() method. Hence the new name 'algctx'. Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15275)
-
- 08 5月, 2021 1 次提交
-
-
由 Dr. David von Oheimb 提交于
This helps compensating for deprecated functions such as HMAC() and reduces clutter in the crypto lib, apps, and tests. Also fixes memory leaks in generate_cookie_callback() of apps/lib/s_cb.c. and replaces 'B<...>' by 'I<...>' where appropriate in HMAC.pod Partially fixes #14628. Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14664)
-
- 05 5月, 2021 1 次提交
-
-
由 Pauli 提交于
Fixes #14140 Fixes #13232 Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15061)
-
- 26 4月, 2021 1 次提交
-
-
由 Tomas Mraz 提交于
Fixes #14701 Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14898)
-
- 18 4月, 2021 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14193)
-
- 02 4月, 2021 1 次提交
-
-
由 Richard Levitte 提交于
The following operation types are covered: EVP_MD, EVP_CIPHER, EVP_MAC, EVP_RAND, EVP_KEYMGMT, EVP_SIGNATURE, EVP_ASYM_CIPHER, EVP_KEM, EVP_KEYEXCH, EVP_KDF. Also EVP_PKEY. For EVP_MD and EVP_CIPHER, OBJ_nid2ln() is used as a fallback for legacy implementations. For EVP_PKEY, the info field of the EVP_PKEY_ASN1_METHOD is used as a fallback for legacy implementations. Fixes #14514 Reviewed-by: NTomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14656)
-
- 11 3月, 2021 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14512)
-
- 28 2月, 2021 1 次提交
-
-
由 Pauli 提交于
Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14310)
-
- 25 2月, 2021 1 次提交
-
-
由 Matt Caswell 提交于
We don't want to hold a read lock when calling a user supplied callback. That callback could do anything so the risk of a deadlock is high. Instead we collect all the names first inside the read lock, and then subsequently call the user callback outside the read lock. Fixes #14225 Reviewed-by: NTomas Mraz <tomas@openssl.org> Reviewed-by: NPaul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14250)
-
- 13 11月, 2020 1 次提交
-
-
由 Richard Levitte 提交于
This includes error reporting for libcrypto sub-libraries in surprising places. This was done using util/err-to-raise Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13318)
-
- 22 10月, 2020 1 次提交
-
-
由 Shane Lontis 提交于
Fixes #11320 Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13116)
-
- 23 9月, 2020 1 次提交
-
-
由 Pauli 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12931)
-
- 03 9月, 2020 1 次提交
-
-
由 Matt Caswell 提交于
We leave it up to the EVP_MAC implemenations what to do with an update where the data length is 0. In the TLS HMAC implemenation this is still signficant. Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12732)
-
- 07 8月, 2020 1 次提交
-
-
由 Pauli 提交于
The various MACs were all over the place with respects to what they did with the output length in the final call. Now they all unconditionally set the output length and the EVP layer handles the possibility of a NULL pointer. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12582)
-
- 18 7月, 2020 1 次提交
-
-
由 Pauli 提交于
The backend code varies for the different MACs and sometimes sets the output length, sometimes checks the return pointer and sometimes neither. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12458)
-
- 16 7月, 2020 1 次提交
-
-
由 Matt Caswell 提交于
The commit claimed to make things more consistent. In fact it makes it less so. Revert back to the previous namig convention. This reverts commit d9c2fd51. Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> Reviewed-by: NNicola Tuveri <nic.tuv@gmail.com> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12186)
-
- 11 6月, 2020 1 次提交
-
-
由 Pauli 提交于
functions are now EVP_MAC functions, usually with ctx in their names. Before 3.0 is released, the names are mutable and this prevents more inconsistencies being introduced. There are no functional or code changes. Just the renaming and a little reformatting. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11997)
-
- 23 4月, 2020 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11616)
-
- 17 1月, 2020 1 次提交
-
-
由 Richard Levitte 提交于
These functions would only handle provided methods, but there are cases where the caller just passes along a received method without knowing the underlying method tech, so might pass along a legacy method. We therefore need to have them handle this case as well so they don't cause any unnecessary surprises. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10845)
-
- 17 10月, 2019 3 次提交
-
-
由 Richard Levitte 提交于
The returned number can be used for comparison purposes. Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/9979)
-
由 Richard Levitte 提交于
The following new functions all do the same thing; they traverse the set of names assigned to implementations of each algorithm type: EVP_MD_names_do_all(), EVP_CIPHER_names_do_all(), EVP_MAC_names_do_all(), EVP_KEYMGMT_names_do_all(), EVP_KEYEXCH_names_do_all(), EVP_KDF_names_do_all(), EVP_SIGNATURE_names_do_all() We add a warning to the documentation of EVP_CIPHER_name() and EVP_MD_name(), as they aren't suitable to use with multiple-name implementation. We also remove EVP_MAC_name() and evp_KDF_name(), as they serve no useful purpose. Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/9979)
-
由 Richard Levitte 提交于
This adds the missing functions that should be common for all fetchable EVP sub-APIs: EVP_KEYMGMT_is_a(), EVP_KEYMGMT_do_all_provided(), EVP_KEYEXCH_is_a(), EVP_KEYEXCH_do_all_provided(), EVP_KDF_is_a(), EVP_MD_is_a(), EVP_SIGNATURE_do_all_provided(), EVP_SIGNATURE_is_a(). This also renames EVP_MD_do_all_ex(), EVP_CIPHER_do_all_ex(), EVP_KDF_do_all_ex(), EVP_MAC_do_all_ex() to change '_ex' to '_provided'. Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/9979)
-
- 29 9月, 2019 3 次提交
-
-
由 Dr. Matthias St. Pierre 提交于
Rename <openssl/ossl_typ.h> to <openssl/types.h>. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9333)
-
由 Dr. Matthias St. Pierre 提交于
Apart from public and internal header files, there is a third type called local header files, which are located next to source files in the source directory. Currently, they have different suffixes like '*_lcl.h', '*_local.h', or '*_int.h' This commit changes the different suffixes to '*_local.h' uniformly. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9333)
-
由 Dr. Matthias St. Pierre 提交于
Currently, there are two different directories which contain internal header files of libcrypto which are meant to be shared internally: While header files in 'include/internal' are intended to be shared between libcrypto and libssl, the files in 'crypto/include/internal' are intended to be shared inside libcrypto only. To make things complicated, the include search path is set up in such a way that the directive #include "internal/file.h" could refer to a file in either of these two directoroes. This makes it necessary in some cases to add a '_int.h' suffix to some files to resolve this ambiguity: #include "internal/file.h" # located in 'include/internal' #include "internal/file_int.h" # located in 'crypto/include/internal' This commit moves the private crypto headers from 'crypto/include/internal' to 'include/crypto' As a result, the include directives become unambiguous #include "internal/file.h" # located in 'include/internal' #include "crypto/file.h" # located in 'include/crypto' hence the superfluous '_int.h' suffixes can be stripped. The files 'store_int.h' and 'store.h' need to be treated specially; they are joined into a single file. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9333)
-
- 24 8月, 2019 1 次提交
-
-
由 Richard Levitte 提交于
The EVP_PKEY MAC implementations had a diversity of controls that were really the same thing. We did reproduce that for the provider based MACs, but are changing our minds on this. Instead of that, we now use one parameter name for passing the name of the underlying ciphers or digests to a MAC implementation, "cipher" and "digest", and one parameter name for passing the output size of the MAC, "size". Then we leave it to the EVP_PKEY->EVP_MAC bridge to translate "md" to "digest", and "digestsize" to "size". Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9667)
-
- 16 8月, 2019 2 次提交
-
-
由 Richard Levitte 提交于
Recently, we added dispatched functions to get parameter descriptions, and those for operation context parameters ended up being called something_gettable_ctx_params and something_settable_ctx_params. The corresponding dispatched functions to actually perform parameter transfers were previously called something_ctx_get_params and something_ctx_set_params, which doesn't quite match, so we rename them to something_get_ctx_params and something_set_ctx_params. An argument in favor of this name change is English, where you'd rather say something like "set the context parameters". This only change the libcrypto <-> provider interface. Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/9612)
-
由 Richard Levitte 提交于
Quite a few adaptations are needed, most prominently the added code to allow provider based MACs. As part of this, all the old information functions are gone, except for EVP_MAC_name(). Some of them will reappear later, for example EVP_MAC_do_all() in some form. MACs by EVP_PKEY was particularly difficult to deal with, as they need to allocate and deallocate EVP_MAC_CTXs "under the hood", and thereby implicitly fetch the corresponding EVP_MAC. This means that EVP_MACs can't be constant in a EVP_MAC_CTX, as their reference count may need to be incremented and decremented as part of the allocation or deallocation of the EVP_MAC_CTX. It may be that other provider based EVP operation types may need to be handled in a similar manner. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8877)
-
- 06 6月, 2019 2 次提交
-
-
由 Kurt Roeckx 提交于
Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> GH: #7651
-
由 Kurt Roeckx 提交于
Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> GH: #7651
-
- 27 3月, 2019 1 次提交
-
-
由 Matt Caswell 提交于
We treat that as automatic success. Other EVP_*Update functions already do this (e.g. EVP_EncryptUpdate, EVP_DecryptUpdate etc). EVP_EncodeUpdate is a bit of an anomoly. That treats 0 byte input length as an error. Fixes #8576 Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8587)
-
- 07 3月, 2019 1 次提交
-
-
由 David von Oheimb 提交于
constify *_dup() and *i2d_*() and related functions as far as possible, introducing DECLARE_ASN1_DUP_FUNCTION Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8029)
-
- 06 12月, 2018 1 次提交
-
-
由 Richard Levitte 提交于
[skip ci] Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7794)
-
- 29 10月, 2018 1 次提交
-
-
由 Richard Levitte 提交于
We currently implement EVP MAC methods as EVP_PKEY methods. This change creates a separate EVP API for MACs, to replace the current EVP_PKEY ones. A note about this EVP API and how it interfaces with underlying MAC implementations: Other EVP APIs pass the EVP API context down to implementations, and it can be observed that the implementations use the pointer to their own private data almost exclusively. The EVP_MAC API deviates from that pattern by passing the pointer to the implementation's private data directly, and thereby deny the implementations access to the EVP_MAC context structure. This change is made to provide a clearer separation between the EVP library itself and the implementations of its supported algorithm classes. Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7393)
-