- 14 9月, 2017 1 次提交
-
-
由 Paul Yang 提交于
A new method is added to EVP_PKEY_METH as: int (*check) (EVP_PKEY_CTX *ctx); and to EVP_PKEY_ASN1_METHOD as: int (*pkey_check) (EVP_PKEY_CTX *ctx); This is used to check the validity of a specific key. The order of calls is: EVP_PKEY_check -> pmeth.check -> ameth.pkey_check. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4337)
-
- 29 8月, 2017 1 次提交
-
-
由 Kurt Roeckx 提交于
The one creating the DRBG should instantiate it, it's there that we know which parameters we should use to instantiate it. This splits the rand init in two parts to avoid a deadlock because when the global drbg is created it wands to call rand_add on the global rand method. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NPaul Dale <paul.dale@oracle.com> GH: #4268
-
- 22 8月, 2017 1 次提交
-
-
由 Pauli 提交于
return true for characters > 127. I.e. they are allowing extended ASCII characters through which then cause problems. E.g. marking superscript '2' as a number then causes the common (ch - '0') conversion to number to fail miserably. Likewise letters with diacritical marks can also cause problems. If a non-ASCII character set is being used (currently only EBCDIC), it is adjusted for. The implementation uses a single table with a bit for each of the defined classes. These functions accept an int argument and fail for values out of range or for characters outside of the ASCII set. They will work for both signed and unsigned character inputs. Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4102)
-
- 08 8月, 2017 1 次提交
-
-
由 Johannes Bauer 提交于
Add an interface that allows accessing the scrypt KDF as a PKEY_METHOD. This fixes #4021 (at least for the scrypt portion of the issue). Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NStephen Henson <steve@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4026)
-
- 07 8月, 2017 2 次提交
-
-
由 Rich Salz 提交于
Use atfork to count child forks, and reseed DRBG when the counts don't match. Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4101)
-
由 Rich Salz 提交于
Also use "" not <> for all include cryptlib Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4082)
-
- 03 8月, 2017 1 次提交
-
-
由 Matt Caswell 提交于
Move the definition of ossl_assert() out of e_os.h which is intended for OS specific things. Instead it is moved into internal/cryptlib.h. This also changes the definition to remove the (int) cast. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4073)
-
- 20 7月, 2017 1 次提交
-
-
由 Rich Salz 提交于
Replacement fix for #3975 Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3979)
-
- 30 6月, 2017 2 次提交
-
-
由 Rich Salz 提交于
Only for Unix platforms Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3754)
-
由 Richard Levitte 提交于
store_attach_pem_bio() creates a STORE_CTX with the 'file' scheme loader backend in PEM reading mode on an already opened BIO. store_detach_pem_bio() detaches the STORE_CTX from the BIO and destroys it (without destroying the BIO). These two functions can be used in place of STORE_open() and STORE_close(), and are present as internal support for other OpenSSL functions. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2745)
-
- 29 6月, 2017 2 次提交
-
-
由 Richard Levitte 提交于
This is needed for the upcoming "file" scheme STORE loader. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3542)
-
由 Richard Levitte 提交于
This STORE module adds the following functionality: - A function OSSL_STORE_open(), OSSL_STORE_load() and OSSL_STORE_close() that accesses a URI and helps loading the supported objects (PKEYs, CERTs and CRLs for the moment) from it. - An opaque type OSSL_STORE_INFO that holds information on each loaded object. - A few functions to retrieve desired data from a OSSL_STORE_INFO reference. - Functions to register and unregister loaders for different URI schemes. This enables dynamic addition of loaders from applications or from engines. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3542)
-
- 28 6月, 2017 1 次提交
-
-
由 Richard Levitte 提交于
Based on cryptodev-linux Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3744)
-
- 19 6月, 2017 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3699)
-
- 15 6月, 2017 1 次提交
-
-
由 Pauli 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3684)
-
- 31 5月, 2017 3 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3503)
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3503)
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3503)
-
- 26 5月, 2017 1 次提交
-
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3526)
-
- 02 5月, 2017 1 次提交
-
-
由 Benjamin Kaduk 提交于
gcc's -Wextra pulls in -Wold-style-declaration, which triggers when a declaration has a storage-class specifier as a non-initial qualifier. The ISO C formal grammar requires the storage-class to be the first component of the declaration, if present. Seeint as the register storage-class specifier does not really have any effect anymore with modern compilers, remove it entirely while we're here, instead of fixing up the order. Interestingly, the gcc devteam warnings do not pull in -Wextra, though the clang ones do. [extended tests] Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3239)
-
- 26 4月, 2017 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Many signature types define the digest and public key type by a single OID such as ecdsa_with_sha256. Some types (RSA-PSS for example) use a single OID to indicate the signature scheme and additional parameters are encoded in the AlgorithmIdentifier. Add an X509_SIG_INFO structure to contain details about the signature type: specifically the digest algorithm, public key algorithm, security bits and various flags. This supports both existing algorithms and more complex types. Add accessors for the structure and a special case that retrieves signature information from a certificate. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3301)
-
- 21 4月, 2017 1 次提交
-
-
由 letrhee-nsr 提交于
Modified code from http://seed.kisa.or.kr to human readable code. Previous 8-bit code is available with -DOPENSSL_SMALL_FOOTPRINT. New code is >2x faster. Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3242)
-
- 20 4月, 2017 1 次提交
-
-
由 Richard Levitte 提交于
Because many of our test programs use internal headers, we need to make sure they know how, exactly, to mangle the symbols. So far, we've done so by specifying it in the affected test programs, but as things change, that will develop into a goose chase. Better then to declare once and for all how symbols belonging in our libraries are meant to be treated, internally as well as publically. Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3259)
-
- 28 2月, 2017 1 次提交
-
-
由 Matt Caswell 提交于
There are a number of symbols in bn which are internal only and never used by anything. They should be removed. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2766)
-
- 21 2月, 2017 1 次提交
-
-
由 Pauli 提交于
This implementation is written in endian agnostic C code. No attempt at providing machine specific assembly code has been made. This implementation expands the evptests by including the test cases from RFC 5794 and ARIA official site rather than providing an individual test case. Support for ARIA has been integrated into the command line applications, but not TLS. Implemented modes are CBC, CFB1, CFB8, CFB128, CTR, ECB and OFB128. Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2337)
-
- 02 2月, 2017 1 次提交
-
-
由 Todd Short 提交于
The core SipHash supports either 8 or 16-byte output and a configurable number of rounds. The default behavior, as added to EVP, is to use 16-byte output and 2,4 rounds, which matches the behavior of most implementations. There is an EVP_PKEY_CTRL that can control the output size. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2216)
-
- 25 1月, 2017 1 次提交
-
-
由 Todd Short 提交于
Remove duplicate defines from EVP source files. Most of them were in evp.h, which is always included. Add new ones evp_int.h EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK is now always defined in evp.h, so remove conditionals on it Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2201)
-
- 24 1月, 2017 1 次提交
-
-
由 Todd Short 提交于
Add Poly1305 as a "signed" digest. Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2128)
-
- 13 1月, 2017 1 次提交
-
-
由 Rich Salz 提交于
Still needs to be documented, somehow/somewhere. The env var OPENSSL_MALLOC_FAILURES controls how often malloc/realloc should fail. It's a set of fields separated by semicolons. Each field is a count and optional percentage (separated by @) which defaults to 100. If count is zero then it lasts "forever." For example: 100;@25 means the first 100 allocations pass, then the rest have a 25% chance of failing until the program exits or crashes. If env var OPENSSL_MALLOC_FD parses as a positive integer, a record of all malloc "shouldfail" tests is written to that file descriptor. If a malloc will fail, and OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE is not set (platform specific), then a backtrace will be written to the descriptor when a malloc fails. This can be useful because a malloc may fail but not be checked, and problems will only occur later. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1252)
-
- 08 1月, 2017 2 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2177)
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2177)
-
- 18 11月, 2016 1 次提交
-
-
由 Kurt Roeckx 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> GH: #1500
-
- 18 9月, 2016 1 次提交
-
-
由 FdaSilvaYY 提交于
APP_INFO is currently a field of MEM struct. Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1583)
-
- 19 8月, 2016 1 次提交
-
-
由 Dr. Stephen Henson 提交于
The certificate and CRL time setting functions used similar code, combine into a single utility function. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 17 8月, 2016 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 13 8月, 2016 2 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 Dr. Stephen Henson 提交于
Since "ptr" is used to handle arbitrary other types it should be void *. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 06 8月, 2016 1 次提交
-
-
由 klemens 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1413)
-
- 26 7月, 2016 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Remove current_method: it was intended as a means of retrying lookups bit it was never used. Now that X509_verify_cert() is a "one shot" operation it can never work as intended. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 25 7月, 2016 1 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-