- 09 9月, 2020 1 次提交
-
-
由 wenjun 提交于
-
- 17 3月, 2020 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NPaul Yang <kaishen.yy@antfin.com> (Merged from https://github.com/openssl/openssl/pull/11344)
-
- 11 3月, 2020 1 次提交
-
-
由 Matt Caswell 提交于
This reverts commit 68436f0a. The OMC did not vote in favour of backporting this to 1.1.1, so this change should be reverted. Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11282)
-
- 27 2月, 2020 1 次提交
-
-
由 h00416433 提交于
Description:openssl 1.1.1d used bu libhapverify Team:OTHERS Feature or Bugfix:Feature Binary Source:Yes, it is PrivateCode(Yes/No):No Change-Id: I8968f9c0f146b587da17a3e603bd04fb7b4c505b Reviewed-on: http://mgit-tm.rnd.huawei.com/7842784Tested-by: Npublic jenkins <public_jenkins@notesmail.huawei.com> Reviewed-by: Nhouyuezhou 00386575 <hou@huawei.com> Reviewed-by: Nlinyibin 00246405 <linyibin@huawei.com> Reviewed-by: Nweiping 00548480 <ping.wei@huawei.com>
-
- 06 2月, 2020 1 次提交
-
-
由 Kurt Roeckx 提交于
Reviewed-by: NViktor Dukhovni <viktor@openssl.org> GH: #10786 (cherry picked from commit b744f915ca8bb37631909728dd2529289bda8438)
-
- 25 1月, 2020 1 次提交
-
-
由 Kurt Roeckx 提交于
TLS < 1.2 has fixed signature algorithms: MD5+SHA1 for RSA and SHA1 for the others. TLS 1.2 sends a list of supported ciphers, but allows not sending it in which case SHA1 is used. TLS 1.3 makes sending the list mandatory. When we didn't receive a list from the client, we always used the defaults without checking that they are allowed by the configuration. Reviewed-by: NPaul Dale <paul.dale@oracle.com> GH: #10784 (cherry picked from commit b0031e5dc2c8c99a6c04bc7625aa00d3d20a59a5)
-
- 20 11月, 2019 1 次提交
-
-
由 Patrick Steuer 提交于
In addition to 67c81ec3 which introduced this behavior in CCM mode docs but only implemented it for AES-CCM. Signed-off-by: NPatrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10331) (cherry picked from commit f7382fbbd846dd3bdea6b8c03b6af22faf0ab94f) Conflicts: test/recipes/30-test_evp_data/evpciph.txt
-
- 13 11月, 2019 1 次提交
-
-
由 Nicola Tuveri 提交于
https://github.com/openssl/openssl/issues/10224#issuecomment-546593113 highlighted that existing testing infrastructure is not covering common usage patterns of the `req` app. This commit explicitly adds request generations thorugh the CLI using RSA, DSA and ECDSA (P-256) keys. (cherry picked from commit b2a7310af0dd190712bae2e462a7708483dd4628) Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10369)
-
- 17 10月, 2019 1 次提交
-
-
由 Cesar Pereida Garcia 提交于
This commit adds testing and Known Answer Tests (KATs) to OpenSSL for the `BN_gcd` function. (cherry picked from commit b75d6310857bc44ef2851bde68a1979c18bb4807) Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NNicola Tuveri <nic.tuv@gmail.com> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10122)
-
- 10 9月, 2019 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9847)
-
- 06 9月, 2019 1 次提交
-
-
由 Matt Caswell 提交于
We also use this in test_tls13messages to check that the extensions we expect to see in a CertificateRequest are there. Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/9780) (cherry picked from commit dc5bcb88d819de55eb37460c122e02fec91c6d86)
-
- 14 8月, 2019 1 次提交
-
-
由 Matt Caswell 提交于
Actually supply a chain and then test: 1) A successful check of both the ee and chain certs 2) A failure to check the ee cert 3) A failure to check a chain cert Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/9443)
-
- 25 6月, 2019 1 次提交
-
-
由 Pauli 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9255)
-
- 24 6月, 2019 1 次提交
-
-
由 Pauli 提交于
This feature is enabled by default outside of FIPS builds which ban such actions completely. Encryption is always disallowed and will generate an error. Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/9112) (cherry picked from commit 2c840201e57e27fa9f1b26a970270a91813e32fe)
-
- 03 6月, 2019 1 次提交
-
-
由 Shane Lontis 提交于
Fixes #8923 Found using the openssl cms -resign option. This uses an alternate path to do the signing which was not adding the required signed attribute content type. The content type attribute should always exist since it is required is there are any signed attributes. As the signing time attribute is always added in code, the content type attribute is also required. The CMS_si_check_attributes() method adds validity checks for signed and unsigned attributes e.g. The message digest attribute is a signed attribute that must exist if any signed attributes exist, it cannot be an unsigned attribute and there must only be one instance containing a single value. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8944) (cherry picked from commit 19e512a8244a6f527d0194339a8f9fc45468537a)
-
- 28 5月, 2019 1 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9034)
-
- 23 5月, 2019 1 次提交
-
-
由 Matt Caswell 提交于
This imports all of the NIST CAVS test vectors for CCM (SP800-38C) and coverts them for use within evp_test. This commit also adds a script to convert the .rsp CAVS files into the evp_test format. Reviewed-by: NShane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8981) (cherry picked from commit ecb0f148a94c9b0076240ca1d7904ab50a7dc9a4)
-
- 08 5月, 2019 1 次提交
-
-
由 Tobias Nießen 提交于
This change allows to pass the authentication tag after specifying the AAD in CCM mode. This is already true for the other two supported AEAD modes (GCM and OCB) and it seems appropriate to match the behavior. GCM and OCB also support to set the tag at any point before the call to `EVP_*Final`, but this won't work for CCM due to a restriction imposed by section 2.6 of RFC3610: The tag must be set before actually decrypting data. This commit also adds a test case for setting the tag after supplying plaintext length and AAD. Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7243) (cherry picked from commit 67c81ec311d696464bdbf4c6d6f8a887a3ddf9f8)
-
- 03 5月, 2019 1 次提交
-
-
由 Dr. Matthias St. Pierre 提交于
Since commit 137096a7 it is possible to specify keywords instead of negative magic numbers for the salt length. This commit replaces the remaining occurrences of `rsa_pss_saltlen:-3` in the test recipes by `rsa_pss_saltlen:max`. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8860) (cherry picked from commit 31fc48ddc30c627416edaa62ec1448e66ef92908)
-
- 19 4月, 2019 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8780) (cherry picked from commit a595b10d343845eca32cffb35f1d0a2f15ce40a9)
-
- 11 4月, 2019 1 次提交
-
-
由 Bernd Edlinger 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8621) (cherry picked from commit 491360e7ab2f09fdaadfcd9ff84c425c8f4e5b03)
-
- 27 3月, 2019 2 次提交
-
-
由 Matt Caswell 提交于
See discussion in github issue #8563 Fixes #8563 Reviewed-by: NMatthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/8585)
-
由 Matt Caswell 提交于
Fixes #8567 Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8586) (cherry picked from commit 183f52e29af27285ea4ed7c947b71c83618f8702)
-
- 06 3月, 2019 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8406) (cherry picked from commit a4f0b50eafb256bb802f2724fc7f7580fb0fbabc)
-
- 26 2月, 2019 3 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8347)
-
由 Richard Levitte 提交于
There is too high a risk that perl and OpenSSL are linked with different C RTLs, and thereby get different messages for even the most mundane error numbers. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8343) (cherry picked from commit 565a19eef35926b4b9675f6cc3964fb290a5b380)
-
由 Richard Levitte 提交于
test/shlibloadtest.c needs added code for VMS shared libraries Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8342)
-
- 21 2月, 2019 1 次提交
-
-
由 Billy Brumley 提交于
(cherry picked from commit 8f58ede09572dcc6a7e6c01280dd348240199568) Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NNicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/8262)
-
- 19 2月, 2019 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/8191) (cherry picked from commit 73e62d40eb53f2bad98dea0083c217dbfad1a335)
-
- 11 2月, 2019 2 次提交
-
-
由 Richard Levitte 提交于
Fixes #8091 Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8094)
-
由 Tomas Mraz 提交于
If the old openssl versions not supporting the .include directive load a config file with it, they will bail out with error. This change allows using the .include = <filename> syntax which is interpreted as variable assignment by the old openssl config file parser. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8141) (cherry picked from commit 9d5560331d86c6463e965321f774e4eed582ce0b)
-
- 01 2月, 2019 1 次提交
-
-
由 Michael Tuexen 提交于
When computing the end-point shared secret, don't take the terminating NULL character into account. Please note that this fix breaks interoperability with older versions of OpenSSL, which are not fixed. Fixes #7956 Reviewed-by: NKurt Roeckx <kurt@roeckx.be> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7957) (cherry picked from commit 09d62b336d9e2a11b330d45d4f0f3f37cbb0d674)
-
- 30 1月, 2019 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8111) (cherry picked from commit 522b11e969cbdc82eca369512275f227080a86fa)
-
- 21 1月, 2019 1 次提交
-
-
由 Corey Minyard 提交于
If you use a BIO and set up your own buffer that is not freed, the memory bio will leak the BIO_BUF_MEM object it allocates. The trouble is that the BIO_BUF_MEM is allocated and kept around, but it is not freed if BIO_NOCLOSE is set. The freeing of BIO_BUF_MEM was fairly confusing, simplify things so mem_buf_free only frees the memory buffer and free the BIO_BUF_MEM in mem_free(), where it should be done. Alse add a test for a leak in the memory bio Setting a memory buffer caused a leak. Signed-off-by: NCorey Minyard <minyard@acm.org> Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8051) (cherry picked from commit c6048af23c577bcf85f15122dd03b65f959c9ecb)
-
- 07 1月, 2019 1 次提交
-
-
由 Matt Caswell 提交于
This was complicated by the fact that we were using this extension for our duplicate extension handling tests. In order to add tests for cryptopro bug the duplicate extension handling tests needed to change first. Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7984) (cherry picked from commit 9effc496ad8a9b0ec737c69cc0fddf610a045ea4)
-
- 06 1月, 2019 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7979) (cherry picked from commit 87bbbfb1e4fc2035e8f9ec1d6313a41c410a3218)
-
- 05 1月, 2019 1 次提交
-
-
由 Matt Caswell 提交于
Test that atexit handlers get called properly at process exit, unless we have explicitly asked for them not to be. Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7983)
-
- 31 12月, 2018 1 次提交
-
-
由 Bernd Edlinger 提交于
Reviewed-by: NKurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/7962) (cherry picked from commit 1f483a69bce11c940309edc437eee6e32294d5f2)
-
- 11 12月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NKurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/7748) (cherry picked from commit 6de98b4fb6265f8a4b2e5b599d6714ff937dca6b)
-
- 03 12月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7697) (cherry picked from commit e65a79d2aae76c27d68587ff66cb6b65a3283e50)
-