[openssl/openssl] 186be8: Fix regression from GCM mode refactoring
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 186be8ed26f5561faf91d6da3ed14cd9cb6617dd https://github.openssl.org/openssl/openssl/commit/186be8ed26f5561faf91d6da3ed14cd9cb6617dd Author: Tomas Mraz Date: 2022-07-29 (Fri, 29 Jul 2022) Changed paths: M crypto/modes/gcm128.c Log Message: --- Fix regression from GCM mode refactoring Fixes #18896 Reviewed-by: Todd Short Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18903)
[openssl/openssl] 7e32ca: test_external_oqsprovider: Use working checkout of...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 7e32ca79e33546682a5a75bb41b9d6dcd732787a https://github.openssl.org/openssl/openssl/commit/7e32ca79e33546682a5a75bb41b9d6dcd732787a Author: Tomas Mraz Date: 2022-07-28 (Thu, 28 Jul 2022) Changed paths: M test/recipes/95-test_external_oqsprovider_data/oqsprovider.sh Log Message: --- test_external_oqsprovider: Use working checkout of liboqs Fixes #18898 Reviewed-by: Matt Caswell Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/18899)
[openssl/openssl] 38b051: SSL object refactoring using SSL_CONNECTION object
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 38b051a1fedc79ebf24a96de2e9a326ad3665baf https://github.openssl.org/openssl/openssl/commit/38b051a1fedc79ebf24a96de2e9a326ad3665baf Author: Tomas Mraz Date: 2022-07-28 (Thu, 28 Jul 2022) Changed paths: M ssl/bio_ssl.c M ssl/d1_lib.c M ssl/d1_msg.c M ssl/d1_srtp.c M ssl/ktls.c M ssl/priority_queue.c M ssl/quic/quic_impl.c M ssl/quic/quic_local.h M ssl/record/dtls1_bitmap.c M ssl/record/rec_layer_d1.c M ssl/record/rec_layer_s3.c M ssl/record/record.h M ssl/record/record_local.h M ssl/record/ssl3_buffer.c M ssl/record/ssl3_record.c M ssl/record/ssl3_record_tls13.c M ssl/s3_enc.c M ssl/s3_lib.c M ssl/s3_msg.c M ssl/ssl_cert.c M ssl/ssl_ciph.c M ssl/ssl_conf.c M ssl/ssl_lib.c M ssl/ssl_local.h M ssl/ssl_rsa.c M ssl/ssl_sess.c M ssl/ssl_stat.c M ssl/statem/extensions.c M ssl/statem/extensions_clnt.c M ssl/statem/extensions_cust.c M ssl/statem/extensions_srvr.c M ssl/statem/statem.c M ssl/statem/statem.h M ssl/statem/statem_clnt.c M ssl/statem/statem_dtls.c M ssl/statem/statem_lib.c M ssl/statem/statem_local.h M ssl/statem/statem_srvr.c M ssl/t1_enc.c M ssl/t1_lib.c M ssl/t1_trce.c M ssl/tls13_enc.c M ssl/tls_depr.c M ssl/tls_srp.c M test/dtls_mtu_test.c M test/helpers/handshake.c M test/sslapitest.c M test/tls13encryptiontest.c M test/tls13secretstest.c Log Message: --- SSL object refactoring using SSL_CONNECTION object Make the SSL object polymorphic based on whether this is a traditional SSL connection, QUIC connection, or later to be implemented a QUIC stream. It requires adding if after every SSL_CONNECTION_FROM_SSL() call which itself has to be added to almost every public SSL_ API call. Reviewed-by: Richard Levitte Reviewed-by: Hugo Landau Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18612)
[openssl/openssl] affc07: s390x: Optimize kmac
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: affc070aabc930aeaba50f0dd6b3e0b7a2ddc399 https://github.openssl.org/openssl/openssl/commit/affc070aabc930aeaba50f0dd6b3e0b7a2ddc399 Author: Juergen Christ Date: 2022-07-26 (Tue, 26 Jul 2022) Changed paths: M providers/implementations/digests/sha3_prov.c Log Message: --- s390x: Optimize kmac Use hardware acceleration for kmac on s390x. Since klmd does not support kmac, perform padding of the last block by hand and use kimd. Yields a performance improvement of between 2x and 3x. Signed-off-by: Juergen Christ Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18863)
[openssl/openssl] 5ba7a3: Add loongarch64 target
Branch: refs/heads/OpenSSL_1_1_1-stable Home: https://github.openssl.org/openssl/openssl Commit: 5ba7a33adca93e9e73a908f82c7df3a139d30b83 https://github.openssl.org/openssl/openssl/commit/5ba7a33adca93e9e73a908f82c7df3a139d30b83 Author: Shi Pujin Date: 2022-07-21 (Thu, 21 Jul 2022) Changed paths: M Configurations/10-main.conf Log Message: --- Add loongarch64 target Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18831)
[openssl/openssl] 3f348a: Fix aarch64 signed bit shift issue found by UBSAN
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: 3f348a0f6c3138791740043b2c924a9d85865d85 https://github.openssl.org/openssl/openssl/commit/3f348a0f6c3138791740043b2c924a9d85865d85 Author: Tom Cosgrove Date: 2022-07-19 (Tue, 19 Jul 2022) Changed paths: M crypto/arm_arch.h Log Message: --- Fix aarch64 signed bit shift issue found by UBSAN Fixes #18813 Signed-off-by: Tom Cosgrove Change-Id: Ic543885091ed3ef2ddcbe21de0a4ac0bca1e2494 Reviewed-by: Paul Dale Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18816) (cherry picked from commit 1efd8533e1ccc5c5e69795eb393a6b79b62e48e2)
[openssl/openssl] 1efd85: Fix aarch64 signed bit shift issue found by UBSAN
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 1efd8533e1ccc5c5e69795eb393a6b79b62e48e2 https://github.openssl.org/openssl/openssl/commit/1efd8533e1ccc5c5e69795eb393a6b79b62e48e2 Author: Tom Cosgrove Date: 2022-07-19 (Tue, 19 Jul 2022) Changed paths: M crypto/aes/asm/bsaes-armv8.pl M crypto/arm_arch.h Log Message: --- Fix aarch64 signed bit shift issue found by UBSAN Also fix conditional branch out of range when using sanitisers. Fixes #18813 Signed-off-by: Tom Cosgrove Change-Id: Ic543885091ed3ef2ddcbe21de0a4ac0bca1e2494 Reviewed-by: Paul Dale Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18816)
[openssl/openssl] 8ed6dd: For known safe primes use the minimum key length a...
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: 8ed6ddcaa559b7b04202c15ea3a95ee0b05caeba https://github.openssl.org/openssl/openssl/commit/8ed6ddcaa559b7b04202c15ea3a95ee0b05caeba Author: Tomas Mraz Date: 2022-07-19 (Tue, 19 Jul 2022) Changed paths: M crypto/dh/dh_group_params.c M crypto/ffc/ffc_backend.c M crypto/ffc/ffc_dh.c M crypto/ffc/ffc_key_generate.c M include/internal/ffc.h M test/ffc_internal_test.c Log Message: --- For known safe primes use the minimum key length according to RFC 7919 Longer private key sizes unnecessarily raise the cycles needed to compute the shared secret without any increase of the real security. This fixes a regression from 1.1.1 where these shorter keys were generated for the known safe primes. Reviewed-by: Paul Dale Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/18793) Commit: c9bdbc12ac7343992ba249e11d2bda3338469a97 https://github.openssl.org/openssl/openssl/commit/c9bdbc12ac7343992ba249e11d2bda3338469a97 Author: Tomas Mraz Date: 2022-07-19 (Tue, 19 Jul 2022) Changed paths: M providers/implementations/encode_decode/encode_key2text.c M test/recipes/30-test_evp_pkey_provided/DH.priv.txt M test/recipes/30-test_evp_pkey_provided/DH.pub.txt Log Message: --- dh_to_text: Print the dh->length if set Reviewed-by: Paul Dale Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/18793) Commit: 5eac066bef0c23bb74255423d335e634e4deb8d5 https://github.openssl.org/openssl/openssl/commit/5eac066bef0c23bb74255423d335e634e4deb8d5 Author: Tomas Mraz Date: 2022-07-19 (Tue, 19 Jul 2022) Changed paths: M test/evp_extra_test2.c Log Message: --- Test that we generate a short private key for known DH prime Reviewed-by: Paul Dale Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/18793) Commit: ce4579adf94d5f26e566a1e04c8a52ec5943cdd0 https://github.openssl.org/openssl/openssl/commit/ce4579adf94d5f26e566a1e04c8a52ec5943cdd0 Author: Tomas Mraz Date: 2022-07-19 (Tue, 19 Jul 2022) Changed paths: M crypto/ffc/ffc_params.c M test/ffc_internal_test.c Log Message: --- ossl_ffc_params_copy: Copy the keylength too Reviewed-by: Paul Dale Reviewed-by: Kurt Roeckx (Merged from https://github.com/openssl/openssl/pull/18793) Compare: https://github.openssl.org/openssl/openssl/compare/b89a5b8df909...ce4579adf94d
[openssl/openssl] 3221ee: Fix memleak in PKCS12_pbe_crypt_ex()
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: 3221eee7e0053cf6db54d0409f4f3b26df5fbbbd https://github.openssl.org/openssl/openssl/commit/3221eee7e0053cf6db54d0409f4f3b26df5fbbbd Author: Roberto Hueso Gomez Date: 2022-07-18 (Mon, 18 Jul 2022) Changed paths: M crypto/pkcs12/p12_decr.c Log Message: --- Fix memleak in PKCS12_pbe_crypt_ex() Makes sure that the variable 'out' is free on every error path. Fixes #18689 Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18808) (cherry picked from commit af801ec89205aaf6ebf8522d510d0b1fc29e3233)
[openssl/openssl] af801e: Fix memleak in PKCS12_pbe_crypt_ex()
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: af801ec89205aaf6ebf8522d510d0b1fc29e3233 https://github.openssl.org/openssl/openssl/commit/af801ec89205aaf6ebf8522d510d0b1fc29e3233 Author: Roberto Hueso Gomez Date: 2022-07-18 (Mon, 18 Jul 2022) Changed paths: M crypto/pkcs12/p12_decr.c Log Message: --- Fix memleak in PKCS12_pbe_crypt_ex() Makes sure that the variable 'out' is free on every error path. Fixes #18689 Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18808)
[openssl/openssl] ddb13b: Use as small dh key size as possible to support th...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: ddb13b283be84d771deba1e964610b1670641f03 https://github.openssl.org/openssl/openssl/commit/ddb13b283be84d771deba1e964610b1670641f03 Author: Tomas Mraz Date: 2022-07-18 (Mon, 18 Jul 2022) Changed paths: M CHANGES.md M crypto/dh/dh_gen.c M crypto/dh/dh_group_params.c M crypto/ffc/ffc_backend.c M crypto/ffc/ffc_dh.c M crypto/ffc/ffc_key_generate.c M include/internal/ffc.h M test/ffc_internal_test.c Log Message: --- Use as small dh key size as possible to support the security Longer private key sizes unnecessarily raise the cycles needed to compute the shared secret without any increase of the real security. We use minimum key sizes as defined in RFC7919. For arbitrary parameters we cannot know whether they are safe primes (we could test but that would be too inefficient) we have to keep generating large keys. However we now set a small dh->length when we are generating safe prime parameters because we know it is safe to use small keys with them. That means users need to regenerate the parameters if they want to take the performance advantage of small private key. Reviewed-by: Kurt Roeckx Reviewed-by: Paul Dale Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18480) Commit: ff54094cb9e1e5033f6e3e72717e741cf24f5c29 https://github.openssl.org/openssl/openssl/commit/ff54094cb9e1e5033f6e3e72717e741cf24f5c29 Author: Tomas Mraz Date: 2022-07-18 (Mon, 18 Jul 2022) Changed paths: M providers/implementations/encode_decode/encode_key2text.c M test/recipes/30-test_evp_pkey_provided/DH.priv.txt M test/recipes/30-test_evp_pkey_provided/DH.pub.txt Log Message: --- dh_to_text: Print the dh->length if set Reviewed-by: Kurt Roeckx Reviewed-by: Paul Dale Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18480) Commit: 2b11a8ecc8ed1355b99a6d88b8e7e7a75a67bd0a https://github.openssl.org/openssl/openssl/commit/2b11a8ecc8ed1355b99a6d88b8e7e7a75a67bd0a Author: Tomas Mraz Date: 2022-07-18 (Mon, 18 Jul 2022) Changed paths: M test/recipes/20-test_dhparam.t Log Message: --- dhparam_test: Test that we add private key length on generation and print it Reviewed-by: Kurt Roeckx Reviewed-by: Paul Dale Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18480) Commit: 2885b2ca4eee5586baa50208e41a1ca54532eb3a https://github.openssl.org/openssl/openssl/commit/2885b2ca4eee5586baa50208e41a1ca54532eb3a Author: Tomas Mraz Date: 2022-07-18 (Mon, 18 Jul 2022) Changed paths: M doc/man1/openssl-dhparam.pod.in Log Message: --- dhparam: Correct the documentation of -dsaparam Reviewed-by: Kurt Roeckx Reviewed-by: Paul Dale Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18480) Commit: 2266d1cad008ef03cb0791397b1cca9aaa6a4428 https://github.openssl.org/openssl/openssl/commit/2266d1cad008ef03cb0791397b1cca9aaa6a4428 Author: Tomas Mraz Date: 2022-07-18 (Mon, 18 Jul 2022) Changed paths: M test/evp_extra_test2.c Log Message: --- Test that we generate a short private key for known DH prime Reviewed-by: Kurt Roeckx Reviewed-by: Paul Dale Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18480) Commit: 5f311b10ab3dd6417a3247c62b4ec072751459db https://github.openssl.org/openssl/openssl/commit/5f311b10ab3dd6417a3247c62b4ec072751459db Author: Tomas Mraz Date: 2022-07-18 (Mon, 18 Jul 2022) Changed paths: M crypto/ffc/ffc_params.c M test/ffc_internal_test.c Log Message: --- ossl_ffc_params_copy: Copy the keylength too Reviewed-by: Kurt Roeckx Reviewed-by: Paul Dale Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18480) Compare: https://github.openssl.org/openssl/openssl/compare/358103b4a651...5f311b10ab3d
[openssl/openssl] ad464a: Updated X509v3_get_ext_by_NID.pod and X509_CRL_get...
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: ad464ab77ccf71b543afab620acd9385e7bea644 https://github.openssl.org/openssl/openssl/commit/ad464ab77ccf71b543afab620acd9385e7bea644 Author: Allan Date: 2022-07-15 (Fri, 15 Jul 2022) Changed paths: M doc/man3/X509_CRL_get0_by_serial.pod M doc/man3/X509v3_get_ext_by_NID.pod Log Message: --- Updated X509v3_get_ext_by_NID.pod and X509_CRL_get0_by_serial.pod Updated these to the current documentation style. Moved X509v3_delete_ext() under BUGS to NOTES and added information to call free. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18786) (cherry picked from commit 1711f4824be2c6b41d26f221d2aa0e2236363995) Commit: a3845612a690b1b0593e1c42b63dc2e82c28e532 https://github.openssl.org/openssl/openssl/commit/a3845612a690b1b0593e1c42b63dc2e82c28e532 Author: Allan Date: 2022-07-15 (Fri, 15 Jul 2022) Changed paths: M doc/man3/X509V3_get_d2i.pod Log Message: --- Added paragraph to free objects alloced by X509V3_add1_i2d() Fixes #18665 Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18786) (cherry picked from commit 17004adacf74f9f7036b623dab31a6d12c32daf1) Compare: https://github.openssl.org/openssl/openssl/compare/e893c7b04342...a3845612a690
[openssl/openssl] 1711f4: Updated X509v3_get_ext_by_NID.pod and X509_CRL_get...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 1711f4824be2c6b41d26f221d2aa0e2236363995 https://github.openssl.org/openssl/openssl/commit/1711f4824be2c6b41d26f221d2aa0e2236363995 Author: Allan Date: 2022-07-15 (Fri, 15 Jul 2022) Changed paths: M doc/man3/X509_CRL_get0_by_serial.pod M doc/man3/X509v3_get_ext_by_NID.pod Log Message: --- Updated X509v3_get_ext_by_NID.pod and X509_CRL_get0_by_serial.pod Updated these to the current documentation style. Moved X509v3_delete_ext() under BUGS to NOTES and added information to call free. Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18786) Commit: 17004adacf74f9f7036b623dab31a6d12c32daf1 https://github.openssl.org/openssl/openssl/commit/17004adacf74f9f7036b623dab31a6d12c32daf1 Author: Allan Date: 2022-07-15 (Fri, 15 Jul 2022) Changed paths: M doc/man3/X509V3_get_d2i.pod Log Message: --- Added paragraph to free objects alloced by X509V3_add1_i2d() Fixes #18665 Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18786) Compare: https://github.openssl.org/openssl/openssl/compare/086d88a637ec...17004adacf74
[openssl/openssl] 086d88: s390x: Fix Keccak implementation
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 086d88a637ecf537af62260e16d4e0011dbb8d1b https://github.openssl.org/openssl/openssl/commit/086d88a637ecf537af62260e16d4e0011dbb8d1b Author: Juergen Christ Date: 2022-07-14 (Thu, 14 Jul 2022) Changed paths: M providers/implementations/digests/sha3_prov.c Log Message: --- s390x: Fix Keccak implementation s390x does not directly support keccak via CPACF since these instructions hard-code the padding to either SHA-3 or SHAKE for the "compute last message digest" function. This caused test errors on Keccak digests. Fix it by using "compute intermediate message digest" and manually computing the padding for Keccak. Fixes: a8b238f0e4c1 ("Fix SHA, SHAKE, and KECCAK ASM flag passing") Signed-off-by: Juergen Christ Reviewed-by: Patrick Steuer Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18794)
[openssl/openssl] ea8095: ocspapitest: properly check the return of memory-a...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: ea809510f69e5aebc2ab95aa7530e01060e8a960 https://github.openssl.org/openssl/openssl/commit/ea809510f69e5aebc2ab95aa7530e01060e8a960 Author: xkernel Date: 2022-07-14 (Thu, 14 Jul 2022) Changed paths: M test/ocspapitest.c Log Message: --- ocspapitest: properly check the return of memory-allocating functions Reviewed-by: Paul Dale Reviewed-by: Kurt Roeckx Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18774) Commit: 180c8d7ae56378992b90ace9626d6df6ab1d4de8 https://github.openssl.org/openssl/openssl/commit/180c8d7ae56378992b90ace9626d6df6ab1d4de8 Author: xkernel Date: 2022-07-14 (Thu, 14 Jul 2022) Changed paths: M test/ocspapitest.c Log Message: --- ocspapitest: use TEST_true to report the exact failure Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18774) Compare: https://github.openssl.org/openssl/openssl/compare/12186377cb98...180c8d7ae563
[openssl/openssl] 287947: ocspapitest: properly check the return of memory-a...
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: 287947928e54565baa2a46f37af55e18848c3227 https://github.openssl.org/openssl/openssl/commit/287947928e54565baa2a46f37af55e18848c3227 Author: xkernel Date: 2022-07-14 (Thu, 14 Jul 2022) Changed paths: M test/ocspapitest.c Log Message: --- ocspapitest: properly check the return of memory-allocating functions Reviewed-by: Paul Dale Reviewed-by: Kurt Roeckx Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18774) (cherry picked from commit ea809510f69e5aebc2ab95aa7530e01060e8a960) Commit: e893c7b0434255cf915bd52b10a3c9f3c25c5a45 https://github.openssl.org/openssl/openssl/commit/e893c7b0434255cf915bd52b10a3c9f3c25c5a45 Author: xkernel Date: 2022-07-14 (Thu, 14 Jul 2022) Changed paths: M test/ocspapitest.c Log Message: --- ocspapitest: use TEST_true to report the exact failure Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18774) (cherry picked from commit 180c8d7ae56378992b90ace9626d6df6ab1d4de8) Compare: https://github.openssl.org/openssl/openssl/compare/2af7ec599773...e893c7b04342
[openssl/openssl] 2af7ec: Fix EC ASM flag passing
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: 2af7ec5997730d4624d19814be1131ce5dd14304 https://github.openssl.org/openssl/openssl/commit/2af7ec5997730d4624d19814be1131ce5dd14304 Author: Juergen Christ Date: 2022-07-14 (Thu, 14 Jul 2022) Changed paths: M crypto/ec/build.info Log Message: --- Fix EC ASM flag passing Flags for ASM implementations of EC curves were only passed to the FIPS provider and not to the default or legacy provider. This left some potential for optimization. Pass the correct flags also to these providers. Signed-off-by: Juergen Christ Reviewed-by: Patrick Steuer Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18791) (cherry picked from commit 12186377cb987c4527d286e91e735e8261a45669)
[openssl/openssl] 121863: Fix EC ASM flag passing
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 12186377cb987c4527d286e91e735e8261a45669 https://github.openssl.org/openssl/openssl/commit/12186377cb987c4527d286e91e735e8261a45669 Author: Juergen Christ Date: 2022-07-14 (Thu, 14 Jul 2022) Changed paths: M crypto/ec/build.info Log Message: --- Fix EC ASM flag passing Flags for ASM implementations of EC curves were only passed to the FIPS provider and not to the default or legacy provider. This left some potential for optimization. Pass the correct flags also to these providers. Signed-off-by: Juergen Christ Reviewed-by: Patrick Steuer Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18791)
[openssl/openssl] c060c0: speed: Always reset the outlen when calling EVP_PK...
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: c060c040367e4e2dc44b027d4e52163376f40777 https://github.openssl.org/openssl/openssl/commit/c060c040367e4e2dc44b027d4e52163376f40777 Author: Tomas Mraz Date: 2022-07-13 (Wed, 13 Jul 2022) Changed paths: M apps/speed.c Log Message: --- speed: Always reset the outlen when calling EVP_PKEY_derive Fixes #18768 Reviewed-by: Paul Dale Reviewed-by: Shane Lontis Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18777) (cherry picked from commit ab8d56d05b773e499c86be874fd3f11f5950213c)
[openssl/openssl] ab8d56: speed: Always reset the outlen when calling EVP_PK...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: ab8d56d05b773e499c86be874fd3f11f5950213c https://github.openssl.org/openssl/openssl/commit/ab8d56d05b773e499c86be874fd3f11f5950213c Author: Tomas Mraz Date: 2022-07-13 (Wed, 13 Jul 2022) Changed paths: M apps/speed.c Log Message: --- speed: Always reset the outlen when calling EVP_PKEY_derive Fixes #18768 Reviewed-by: Paul Dale Reviewed-by: Shane Lontis Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18777)
[openssl/openssl] c3efe5: Fix memory leak in X509V3_add1_i2d when flag is X5...
Branch: refs/heads/OpenSSL_1_1_1-stable Home: https://github.openssl.org/openssl/openssl Commit: c3efe5c96128d699f0884128ce905906bc28ed34 https://github.openssl.org/openssl/openssl/commit/c3efe5c96128d699f0884128ce905906bc28ed34 Author: Allan Date: 2022-07-11 (Mon, 11 Jul 2022) Changed paths: M crypto/x509v3/v3_lib.c Log Message: --- Fix memory leak in X509V3_add1_i2d when flag is X509V3_ADD_DELETE Fixes #18677 Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18698) (cherry picked from commit 4798e0680b112993815098ca21d7d68ff31ebc6e)
[openssl/openssl] c340df: Fix memory leak in X509V3_add1_i2d when flag is X5...
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: c340dfa1c0bc9d9e60e4fcbe2ac6aa3d762261e4 https://github.openssl.org/openssl/openssl/commit/c340dfa1c0bc9d9e60e4fcbe2ac6aa3d762261e4 Author: Allan Date: 2022-07-11 (Mon, 11 Jul 2022) Changed paths: M crypto/x509/v3_lib.c Log Message: --- Fix memory leak in X509V3_add1_i2d when flag is X509V3_ADD_DELETE Fixes #18677 Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18698) (cherry picked from commit 4798e0680b112993815098ca21d7d68ff31ebc6e)
[openssl/openssl] 4798e0: Fix memory leak in X509V3_add1_i2d when flag is X5...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 4798e0680b112993815098ca21d7d68ff31ebc6e https://github.openssl.org/openssl/openssl/commit/4798e0680b112993815098ca21d7d68ff31ebc6e Author: Allan Date: 2022-07-11 (Mon, 11 Jul 2022) Changed paths: M crypto/x509/v3_lib.c Log Message: --- Fix memory leak in X509V3_add1_i2d when flag is X509V3_ADD_DELETE Fixes #18677 Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18698)
[openssl/openssl] ccc7cc: use #pragma comment(lib) with _MSC_VER only
Branch: refs/heads/OpenSSL_1_1_1-stable Home: https://github.openssl.org/openssl/openssl Commit: ccc7ccb49db89865b135097237e173f82bc74751 https://github.openssl.org/openssl/openssl/commit/ccc7ccb49db89865b135097237e173f82bc74751 Author: Viktor Szakats Date: 2022-07-11 (Mon, 11 Jul 2022) Changed paths: M crypto/rand/rand_win.c Log Message: --- use #pragma comment(lib) with _MSC_VER only Avoid this warning when compiled with llvm/gcc + mingw-w64 and `USE_BCRYPTGENRANDOM` enabled: ``` ../providers/implementations/rands/seeding/rand_win.c:31:11: warning: unknown pragma ignored [-Wunknown-pragmas] ^ 1 warning generated. ``` CLA: trivial Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18709) (cherry picked from commit 695cb63c744bab090144a86949b68324ee3094d6)
[openssl/openssl] 174954: use #pragma comment(lib) with _MSC_VER only
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: 174954c9934b7031340be06b9b2c3a14edb83dd1 https://github.openssl.org/openssl/openssl/commit/174954c9934b7031340be06b9b2c3a14edb83dd1 Author: Viktor Szakats Date: 2022-07-11 (Mon, 11 Jul 2022) Changed paths: M providers/implementations/rands/seeding/rand_win.c Log Message: --- use #pragma comment(lib) with _MSC_VER only Avoid this warning when compiled with llvm/gcc + mingw-w64 and `USE_BCRYPTGENRANDOM` enabled: ``` ../providers/implementations/rands/seeding/rand_win.c:31:11: warning: unknown pragma ignored [-Wunknown-pragmas] ^ 1 warning generated. ``` CLA: trivial Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18709) (cherry picked from commit 695cb63c744bab090144a86949b68324ee3094d6)
[openssl/openssl] 695cb6: use #pragma comment(lib) with _MSC_VER only
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 695cb63c744bab090144a86949b68324ee3094d6 https://github.openssl.org/openssl/openssl/commit/695cb63c744bab090144a86949b68324ee3094d6 Author: Viktor Szakats Date: 2022-07-11 (Mon, 11 Jul 2022) Changed paths: M providers/implementations/rands/seeding/rand_win.c Log Message: --- use #pragma comment(lib) with _MSC_VER only Avoid this warning when compiled with llvm/gcc + mingw-w64 and `USE_BCRYPTGENRANDOM` enabled: ``` ../providers/implementations/rands/seeding/rand_win.c:31:11: warning: unknown pragma ignored [-Wunknown-pragmas] ^ 1 warning generated. ``` CLA: trivial Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18709)
[openssl/openssl] b4ba4c: Add the LibreOffice Draw source for the QUIC overv...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: b4ba4c8ee8f75ac60d1e26eb80110b68527b44d8 https://github.openssl.org/openssl/openssl/commit/b4ba4c8ee8f75ac60d1e26eb80110b68527b44d8 Author: Tomas Mraz Date: 2022-07-11 (Mon, 11 Jul 2022) Changed paths: A doc/designs/quic-design/images/quic-overview.odg Log Message: --- Add the LibreOffice Draw source for the QUIC overview graph Reviewed-by: Richard Levitte Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18745)
[openssl/openssl] 197e6a: NEWS.md: Drop an extra empty line causing mdlint f...
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: 197e6a3411682d56e460a329d8d547e9aa585d49 https://github.openssl.org/openssl/openssl/commit/197e6a3411682d56e460a329d8d547e9aa585d49 Author: Tomas Mraz Date: 2022-07-08 (Fri, 08 Jul 2022) Changed paths: M NEWS.md Log Message: --- NEWS.md: Drop an extra empty line causing mdlint failure Reviewed-by: Richard Levitte Reviewed-by: Paul Dale Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18740)
[openssl/openssl] c26758: Increase test coverage by enabling more build options
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: c267588fd400593c090ebb24643c2be5158bfbcc https://github.openssl.org/openssl/openssl/commit/c267588fd400593c090ebb24643c2be5158bfbcc Author: Tomas Mraz Date: 2022-07-01 (Fri, 01 Jul 2022) Changed paths: M .github/workflows/coveralls.yml Log Message: --- Increase test coverage by enabling more build options Reviewed-by: Hugo Landau Reviewed-by: Dmitry Belyavskiy Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18606)
[openssl/openssl] 3361f6: Avoid crashing if CONF_modules_unload() is called ...
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: 3361f685fcee8b47920a136041f545c41a4afb3f https://github.openssl.org/openssl/openssl/commit/3361f685fcee8b47920a136041f545c41a4afb3f Author: Tomas Mraz Date: 2022-07-01 (Fri, 01 Jul 2022) Changed paths: M crypto/conf/conf_mod.c Log Message: --- Avoid crashing if CONF_modules_unload() is called after OPENSSL_cleanup() Although this is basically an incorrect API call it was not crashing before and it might happen inadvertently if CONF_modules_unload() is called from a destructor for example. Fixes #18669 Reviewed-by: Paul Dale Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18673) (cherry picked from commit d840f07bcdfc3910de5aa327a245866a67f94799)
[openssl/openssl] d840f0: Avoid crashing if CONF_modules_unload() is called ...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: d840f07bcdfc3910de5aa327a245866a67f94799 https://github.openssl.org/openssl/openssl/commit/d840f07bcdfc3910de5aa327a245866a67f94799 Author: Tomas Mraz Date: 2022-07-01 (Fri, 01 Jul 2022) Changed paths: M crypto/conf/conf_mod.c Log Message: --- Avoid crashing if CONF_modules_unload() is called after OPENSSL_cleanup() Although this is basically an incorrect API call it was not crashing before and it might happen inadvertently if CONF_modules_unload() is called from a destructor for example. Fixes #18669 Reviewed-by: Paul Dale Reviewed-by: Hugo Landau (Merged from https://github.com/openssl/openssl/pull/18673)
[openssl/openssl] a7faa8: APPS: dsaparam, gendsa: Support setting properties
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: a7faa8ee677a25331fbe2def6b78cc39323cad4a https://github.openssl.org/openssl/openssl/commit/a7faa8ee677a25331fbe2def6b78cc39323cad4a Author: Clemens Lang Date: 2022-07-01 (Fri, 01 Jul 2022) Changed paths: M apps/dsaparam.c M apps/gendsa.c M test/recipes/20-test_cli_fips.t Log Message: --- APPS: dsaparam, gendsa: Support setting properties The -provider and -propquery options did not work on dsaparam and gendsa. Fix this and add tests that check that operations that are not supported by the FIPS provider work when run with | -provider default -propquery '?fips!=yes' See also https://bugzilla.redhat.com/show_bug.cgi?id=2094956, where this was initially reported. Signed-off-by: Clemens Lang Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18576) (cherry picked from commit 30b2c3592e8511b60d44f93eb657a1ecb3662c08)
[openssl/openssl] 30b2c3: APPS: dsaparam, gendsa: Support setting properties
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 30b2c3592e8511b60d44f93eb657a1ecb3662c08 https://github.openssl.org/openssl/openssl/commit/30b2c3592e8511b60d44f93eb657a1ecb3662c08 Author: Clemens Lang Date: 2022-07-01 (Fri, 01 Jul 2022) Changed paths: M apps/dsaparam.c M apps/gendsa.c M test/recipes/20-test_cli_fips.t Log Message: --- APPS: dsaparam, gendsa: Support setting properties The -provider and -propquery options did not work on dsaparam and gendsa. Fix this and add tests that check that operations that are not supported by the FIPS provider work when run with | -provider default -propquery '?fips!=yes' See also https://bugzilla.redhat.com/show_bug.cgi?id=2094956, where this was initially reported. Signed-off-by: Clemens Lang Reviewed-by: Hugo Landau Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18576)
[openssl/openssl] 882573: SSL_get_current_cipher() and SSL_get_pending_ciphe...
Branch: refs/heads/OpenSSL_1_1_1-stable Home: https://github.openssl.org/openssl/openssl Commit: 882573246695088d65956355ca6c954642dcac31 https://github.openssl.org/openssl/openssl/commit/882573246695088d65956355ca6c954642dcac31 Author: olszomal Date: 2022-06-28 (Tue, 28 Jun 2022) Changed paths: M doc/man3/SSL_get_current_cipher.pod Log Message: --- SSL_get_current_cipher() and SSL_get_pending_cipher() return 'const SSL_CIPHER *' Fix the documentation. CLA: trivial Reviewed-by: Matt Caswell Reviewed-by: Todd Short Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18599) (cherry picked from commit d842b6eff0940b6ce337536cb718a8d561290f50)
[openssl/openssl] 89c36a: SSL_get_current_cipher() and SSL_get_pending_ciphe...
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: 89c36afabcfd4af22194155f6775c505702b48ff https://github.openssl.org/openssl/openssl/commit/89c36afabcfd4af22194155f6775c505702b48ff Author: olszomal Date: 2022-06-28 (Tue, 28 Jun 2022) Changed paths: M doc/man3/SSL_get_current_cipher.pod Log Message: --- SSL_get_current_cipher() and SSL_get_pending_cipher() return 'const SSL_CIPHER *' Fix the documentation. CLA: trivial Reviewed-by: Matt Caswell Reviewed-by: Todd Short Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18599) (cherry picked from commit d842b6eff0940b6ce337536cb718a8d561290f50)
[openssl/openssl] d842b6: SSL_get_current_cipher() and SSL_get_pending_ciphe...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: d842b6eff0940b6ce337536cb718a8d561290f50 https://github.openssl.org/openssl/openssl/commit/d842b6eff0940b6ce337536cb718a8d561290f50 Author: olszomal Date: 2022-06-28 (Tue, 28 Jun 2022) Changed paths: M doc/man3/SSL_get_current_cipher.pod Log Message: --- SSL_get_current_cipher() and SSL_get_pending_cipher() return 'const SSL_CIPHER *' Fix the documentation. CLA: trivial Reviewed-by: Matt Caswell Reviewed-by: Todd Short Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18599)
[openssl/openssl] af4002: store_result: Add fallback for fetching the keymgm...
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: af40029ea9bbc7289b05a8af84911b10cc442576 https://github.openssl.org/openssl/openssl/commit/af40029ea9bbc7289b05a8af84911b10cc442576 Author: Tomas Mraz Date: 2022-06-28 (Tue, 28 Jun 2022) Changed paths: M crypto/evp/evp_local.h M crypto/store/store_result.c M include/crypto/evp.h Log Message: --- store_result: Add fallback for fetching the keymgmt from the provider of the store Fixes #17531 Reviewed-by: Paul Dale Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/17554) (cherry picked from commit 4cfcc7e1213d39c78852a614894ebcd2e2be095c) Commit: f64af4356771a64fb276d241e4ccb589e15e6948 https://github.openssl.org/openssl/openssl/commit/f64af4356771a64fb276d241e4ccb589e15e6948 Author: Tomas Mraz Date: 2022-06-28 (Tue, 28 Jun 2022) Changed paths: M doc/man7/provider-cipher.pod M doc/man7/provider-digest.pod M doc/man7/provider-kdf.pod M doc/man7/provider-mac.pod M doc/man7/provider-storemgmt.pod Log Message: --- Correct doubled OSSL_OSSL when documenting OSSL_FUNC_.._fn Reviewed-by: Paul Dale Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/17554) (cherry picked from commit 13b47155ba425ffd0683e1bff30f746c96a19049) Commit: 599a26dd7c86eba733da0210e641d94aae79dda2 https://github.openssl.org/openssl/openssl/commit/599a26dd7c86eba733da0210e641d94aae79dda2 Author: Tomas Mraz Date: 2022-06-28 (Tue, 28 Jun 2022) Changed paths: M doc/man7/provider-storemgmt.pod Log Message: --- Add missing documentation of OSSL_FUNC_store_export_object() Reviewed-by: Paul Dale Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/17554) (cherry picked from commit 13941d438458068d4150c5899f6bbc0add393cc4) Commit: 40f03d6addcb7b9e0a52fde7d9e81d1dd566260c https://github.openssl.org/openssl/openssl/commit/40f03d6addcb7b9e0a52fde7d9e81d1dd566260c Author: Tomas Mraz Date: 2022-06-28 (Tue, 28 Jun 2022) Changed paths: M test/fake_rsaprov.c M test/provider_pkey_test.c Log Message: --- Add test for try_key_ref() fallback handling Reviewed-by: Paul Dale Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/17554) (cherry picked from commit dca637f50cf71372c46a9cf6022ad4eb9970ab7f) Compare: https://github.openssl.org/openssl/openssl/compare/eeb0185e74ca...40f03d6addcb
[openssl/openssl] 4cfcc7: store_result: Add fallback for fetching the keymgm...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 4cfcc7e1213d39c78852a614894ebcd2e2be095c https://github.openssl.org/openssl/openssl/commit/4cfcc7e1213d39c78852a614894ebcd2e2be095c Author: Tomas Mraz Date: 2022-06-28 (Tue, 28 Jun 2022) Changed paths: M crypto/evp/evp_local.h M crypto/store/store_result.c M include/crypto/evp.h Log Message: --- store_result: Add fallback for fetching the keymgmt from the provider of the store Fixes #17531 Reviewed-by: Paul Dale Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/17554) Commit: 13b47155ba425ffd0683e1bff30f746c96a19049 https://github.openssl.org/openssl/openssl/commit/13b47155ba425ffd0683e1bff30f746c96a19049 Author: Tomas Mraz Date: 2022-06-28 (Tue, 28 Jun 2022) Changed paths: M doc/man7/provider-cipher.pod M doc/man7/provider-digest.pod M doc/man7/provider-kdf.pod M doc/man7/provider-mac.pod M doc/man7/provider-storemgmt.pod Log Message: --- Correct doubled OSSL_OSSL when documenting OSSL_FUNC_.._fn Reviewed-by: Paul Dale Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/17554) Commit: 13941d438458068d4150c5899f6bbc0add393cc4 https://github.openssl.org/openssl/openssl/commit/13941d438458068d4150c5899f6bbc0add393cc4 Author: Tomas Mraz Date: 2022-06-28 (Tue, 28 Jun 2022) Changed paths: M doc/man7/provider-storemgmt.pod Log Message: --- Add missing documentation of OSSL_FUNC_store_export_object() Reviewed-by: Paul Dale Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/17554) Commit: dca637f50cf71372c46a9cf6022ad4eb9970ab7f https://github.openssl.org/openssl/openssl/commit/dca637f50cf71372c46a9cf6022ad4eb9970ab7f Author: Tomas Mraz Date: 2022-06-28 (Tue, 28 Jun 2022) Changed paths: M test/fake_rsaprov.c M test/provider_pkey_test.c Log Message: --- Add test for try_key_ref() fallback handling Reviewed-by: Paul Dale Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/17554) Compare: https://github.openssl.org/openssl/openssl/compare/e2f6960fc5fe...dca637f50cf7
[openssl/openssl] 61f510: crypto/provider_core.c: Avoid calling unlock two t...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 61f510600e2c7cdee6e61f8b7075fb0e939eb179 https://github.openssl.org/openssl/openssl/commit/61f510600e2c7cdee6e61f8b7075fb0e939eb179 Author: Peiwei Hu Date: 2022-06-28 (Tue, 28 Jun 2022) Changed paths: M crypto/provider_core.c Log Message: --- crypto/provider_core.c: Avoid calling unlock two times Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18641)
[openssl/openssl] eeb018: crypto/provider_core.c: Avoid calling unlock two t...
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: eeb0185e74ca61fb9d531fdc8492ee4df89ebe91 https://github.openssl.org/openssl/openssl/commit/eeb0185e74ca61fb9d531fdc8492ee4df89ebe91 Author: Peiwei Hu Date: 2022-06-28 (Tue, 28 Jun 2022) Changed paths: M crypto/provider_core.c Log Message: --- crypto/provider_core.c: Avoid calling unlock two times Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18641) (cherry picked from commit 61f510600e2c7cdee6e61f8b7075fb0e939eb179)
[openssl/openssl] 5f7d4e: Objects: Add OIDs needed for CAdES-Processing
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 5f7d4e9111dcd2a91429ecab807c4f282164ea46 https://github.openssl.org/openssl/openssl/commit/5f7d4e9111dcd2a91429ecab807c4f282164ea46 Author: Lutz Jaenicke Date: 2022-06-28 (Tue, 28 Jun 2022) Changed paths: M crypto/objects/obj_dat.h M crypto/objects/obj_mac.num M crypto/objects/objects.txt M fuzz/oids.txt M include/openssl/obj_mac.h Log Message: --- Objects: Add OIDs needed for CAdES-Processing Add objects from ETSI-specification(s) used in CAdES processing. Main document referenced is ETSI EN 319 122-1 V1.2.1. Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18655)
[openssl/openssl] daa014: fuzz/asn1.c: Add check for ASN1_item_i2d
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: daa014b2061b94832415b1177ff2db6a17fc7274 https://github.openssl.org/openssl/openssl/commit/daa014b2061b94832415b1177ff2db6a17fc7274 Author: Jiasheng Jiang Date: 2022-06-28 (Tue, 28 Jun 2022) Changed paths: M fuzz/asn1.c Log Message: --- fuzz/asn1.c: Add check for ASN1_item_i2d As the potential failure of the ASN1_item_i2d, it should be better to check the return value. Signed-off-by: Jiasheng Jiang Reviewed-by: Shane Lontis Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18647) (cherry picked from commit 1cb35ce06a968dc82e7cd9502ecce8e89eca9580)
[openssl/openssl] 1cb35c: fuzz/asn1.c: Add check for ASN1_item_i2d
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 1cb35ce06a968dc82e7cd9502ecce8e89eca9580 https://github.openssl.org/openssl/openssl/commit/1cb35ce06a968dc82e7cd9502ecce8e89eca9580 Author: Jiasheng Jiang Date: 2022-06-28 (Tue, 28 Jun 2022) Changed paths: M fuzz/asn1.c Log Message: --- fuzz/asn1.c: Add check for ASN1_item_i2d As the potential failure of the ASN1_item_i2d, it should be better to check the return value. Signed-off-by: Jiasheng Jiang Reviewed-by: Shane Lontis Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18647)
[openssl/openssl] 413e0d: Added documentation for PEM_X509_INFO_read() and P...
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: 413e0db984180b04ed6b45dd913ac8f536bc https://github.openssl.org/openssl/openssl/commit/413e0db984180b04ed6b45dd913ac8f536bc Author: Allan Date: 2022-06-24 (Fri, 24 Jun 2022) Changed paths: M doc/man3/PEM_X509_INFO_read_bio_ex.pod M util/missingcrypto.txt Log Message: --- Added documentation for PEM_X509_INFO_read() and PEM_X509_INFO_read_bio() Fixes #18342 Fixes to I Updated copyright year Reviewed-by: Shane Lontis Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18623) (cherry picked from commit 9454423bf1eac4c75e70ff4fd67456e4cfb05a92)
[openssl/openssl] 945442: Added documentation for PEM_X509_INFO_read() and P...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 9454423bf1eac4c75e70ff4fd67456e4cfb05a92 https://github.openssl.org/openssl/openssl/commit/9454423bf1eac4c75e70ff4fd67456e4cfb05a92 Author: Allan Date: 2022-06-24 (Fri, 24 Jun 2022) Changed paths: M doc/man3/PEM_X509_INFO_read_bio_ex.pod M util/missingcrypto.txt Log Message: --- Added documentation for PEM_X509_INFO_read() and PEM_X509_INFO_read_bio() Fixes #18342 Fixes to I Updated copyright year Reviewed-by: Shane Lontis Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18623)
[openssl/openssl] b8fd15: Avoid including decoder/encoder/store headers into...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: b8fd15a8dc50020360862290ace7f34b6ef0e92d https://github.openssl.org/openssl/openssl/commit/b8fd15a8dc50020360862290ace7f34b6ef0e92d Author: Tomas Mraz Date: 2022-06-24 (Fri, 24 Jun 2022) Changed paths: M crypto/provider_core.c Log Message: --- Avoid including decoder/encoder/store headers into fips module Fixes #18618 Reviewed-by: Matt Caswell Reviewed-by: Richard Levitte Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18630) (cherry picked from commit b07db93f6b38aaea8b131f7dcfba7ad7386196d2)
[openssl/openssl] b07db9: Avoid including decoder/encoder/store headers into...
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: b07db93f6b38aaea8b131f7dcfba7ad7386196d2 https://github.openssl.org/openssl/openssl/commit/b07db93f6b38aaea8b131f7dcfba7ad7386196d2 Author: Tomas Mraz Date: 2022-06-24 (Fri, 24 Jun 2022) Changed paths: M crypto/provider_core.c Log Message: --- Avoid including decoder/encoder/store headers into fips module Fixes #18618 Reviewed-by: Matt Caswell Reviewed-by: Richard Levitte Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18630) Commit: 20f50e0f42cd5fec0b719865e0e45064221e10c2 https://github.openssl.org/openssl/openssl/commit/20f50e0f42cd5fec0b719865e0e45064221e10c2 Author: Tomas Mraz Date: 2022-06-24 (Fri, 24 Jun 2022) Changed paths: M providers/fips-sources.checksums M providers/fips.checksum M providers/fips.module.sources Log Message: --- Update fips source checksums to drop the unwanted headers Reviewed-by: Matt Caswell Reviewed-by: Richard Levitte Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18630) Compare: https://github.openssl.org/openssl/openssl/compare/665ab12ed3f0...20f50e0f42cd
[openssl/openssl] 16f1c6: The flag "decoded-from-explicit" must be imp/expor...
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: 16f1c6e1abfc9d80c9e2fd78d72d51d4b8e739a0 https://github.openssl.org/openssl/openssl/commit/16f1c6e1abfc9d80c9e2fd78d72d51d4b8e739a0 Author: Tomas Mraz Date: 2022-06-23 (Thu, 23 Jun 2022) Changed paths: M crypto/ec/ec_backend.c M crypto/ec/ec_lib.c M providers/implementations/keymgmt/ec_kmgmt.c Log Message: --- The flag "decoded-from-explicit" must be imp/exportable Otherwise the information that the EC group was imported from explicit parameters is lost when the key is moved across providers. Fixes #18600 Reviewed-by: Matt Caswell Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/18629) Commit: 3d0da0c2a049bce6d39a6bd5a68aaf7aab639509 https://github.openssl.org/openssl/openssl/commit/3d0da0c2a049bce6d39a6bd5a68aaf7aab639509 Author: Tomas Mraz Date: 2022-06-23 (Thu, 23 Jun 2022) Changed paths: M test/recipes/25-test_verify.t Log Message: --- Test whether decoded-from-explicit survives import/export Reviewed-by: Matt Caswell Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/18629) Compare: https://github.openssl.org/openssl/openssl/compare/bfa5f0f574db...3d0da0c2a049
[openssl/openssl] 95a6fb: The flag "decoded-from-explicit" must be imp/expor...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 95a6fbdf0d112582b9ad56f8d42ec92b1ec4787d https://github.openssl.org/openssl/openssl/commit/95a6fbdf0d112582b9ad56f8d42ec92b1ec4787d Author: Tomas Mraz Date: 2022-06-23 (Thu, 23 Jun 2022) Changed paths: M crypto/ec/ec_backend.c M crypto/ec/ec_lib.c M providers/implementations/keymgmt/ec_kmgmt.c Log Message: --- The flag "decoded-from-explicit" must be imp/exportable Otherwise the information that the EC group was imported from explicit parameters is lost when the key is moved across providers. Fixes #18600 Reviewed-by: Matt Caswell Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/18609) Commit: f7346cab45a7d2090009e96b304e4196038697f4 https://github.openssl.org/openssl/openssl/commit/f7346cab45a7d2090009e96b304e4196038697f4 Author: Tomas Mraz Date: 2022-06-23 (Thu, 23 Jun 2022) Changed paths: M test/recipes/25-test_verify.t Log Message: --- Test whether decoded-from-explicit survives import/export Reviewed-by: Matt Caswell Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/18609) Compare: https://github.openssl.org/openssl/openssl/compare/5ad3e76c2357...f7346cab45a7
[openssl/openssl] bfa5f0: put_str: Use memcpy instead of strncpy
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: bfa5f0f574dbdb82be70586f70975d28512f3554 https://github.openssl.org/openssl/openssl/commit/bfa5f0f574dbdb82be70586f70975d28512f3554 Author: Tomas Mraz Date: 2022-06-23 (Thu, 23 Jun 2022) Changed paths: M crypto/property/property_parse.c Log Message: --- put_str: Use memcpy instead of strncpy This fixes a warning from latest gcc. There is no point in using strncpy here as we intentionally copy only the string contents without the terminating NUL. The len is set from strlen(). Reviewed-by: Matt Caswell Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/18628)
[openssl/openssl] 5ad3e7: put_str: Use memcpy instead of strncpy
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 5ad3e76c23576b2e216463bfe43d005a3e09defc https://github.openssl.org/openssl/openssl/commit/5ad3e76c23576b2e216463bfe43d005a3e09defc Author: Tomas Mraz Date: 2022-06-23 (Thu, 23 Jun 2022) Changed paths: M crypto/property/property_parse.c Log Message: --- put_str: Use memcpy instead of strncpy This fixes a warning from latest gcc. There is no point in using strncpy here as we intentionally copy only the string contents without the terminating NUL. The len is set from strlen(). Reviewed-by: Matt Caswell Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/18627)
[openssl/openssl] 5bbfbe: Fix the checks of X509_REVOKED_add1_ext_i2d
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: 5bbfbeaae63206b710873f4eb24774f31a53a2e5 https://github.openssl.org/openssl/openssl/commit/5bbfbeaae63206b710873f4eb24774f31a53a2e5 Author: Peiwei Hu Date: 2022-06-23 (Thu, 23 Jun 2022) Changed paths: M apps/ca.c Log Message: --- Fix the checks of X509_REVOKED_add1_ext_i2d Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18400) (cherry picked from commit c540a82767954a616934ba6caa6ddc736502c574) Commit: 3ae326d4d8eaaa1d85c7f051cb2a5605f63ae0b2 https://github.openssl.org/openssl/openssl/commit/3ae326d4d8eaaa1d85c7f051cb2a5605f63ae0b2 Author: Peiwei Hu Date: 2022-06-23 (Thu, 23 Jun 2022) Changed paths: M apps/lib/apps.c M apps/ts.c M crypto/x509/x509_d2.c Log Message: --- Fix the checks of X509_LOOKUP_* functions Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18400) (cherry picked from commit e22ea36fa8296b402348da8f5ab5e258be8402cf) Compare: https://github.openssl.org/openssl/openssl/compare/2a171e13da1a...3ae326d4d8ea
[openssl/openssl] c540a8: Fix the checks of X509_REVOKED_add1_ext_i2d
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: c540a82767954a616934ba6caa6ddc736502c574 https://github.openssl.org/openssl/openssl/commit/c540a82767954a616934ba6caa6ddc736502c574 Author: Peiwei Hu Date: 2022-06-23 (Thu, 23 Jun 2022) Changed paths: M apps/ca.c Log Message: --- Fix the checks of X509_REVOKED_add1_ext_i2d Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18400) Commit: e22ea36fa8296b402348da8f5ab5e258be8402cf https://github.openssl.org/openssl/openssl/commit/e22ea36fa8296b402348da8f5ab5e258be8402cf Author: Peiwei Hu Date: 2022-06-23 (Thu, 23 Jun 2022) Changed paths: M apps/lib/apps.c M apps/ts.c M crypto/x509/x509_d2.c Log Message: --- Fix the checks of X509_LOOKUP_* functions Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18400) Compare: https://github.openssl.org/openssl/openssl/compare/816d6e578ccc...e22ea36fa829
[openssl/openssl] 2a171e: crypto/http/http_client.c: Add the check for OPENS...
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: 2a171e13da1accd296fd1790c6e99c136b985704 https://github.openssl.org/openssl/openssl/commit/2a171e13da1accd296fd1790c6e99c136b985704 Author: Jiasheng Jiang Date: 2022-06-23 (Thu, 23 Jun 2022) Changed paths: M crypto/http/http_client.c Log Message: --- crypto/http/http_client.c: Add the check for OPENSSL_strdup As the potential failure of the OPENSSL_strdup(), it should be better to check the return value and return error if fails. Signed-off-by: Jiasheng Jiang Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18624) (cherry picked from commit 816d6e578ccc4d8ae41de77e3069762d03079d18)
[openssl/openssl] 816d6e: crypto/http/http_client.c: Add the check for OPENS...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 816d6e578ccc4d8ae41de77e3069762d03079d18 https://github.openssl.org/openssl/openssl/commit/816d6e578ccc4d8ae41de77e3069762d03079d18 Author: Jiasheng Jiang Date: 2022-06-23 (Thu, 23 Jun 2022) Changed paths: M crypto/http/http_client.c Log Message: --- crypto/http/http_client.c: Add the check for OPENSSL_strdup As the potential failure of the OPENSSL_strdup(), it should be better to check the return value and return error if fails. Signed-off-by: Jiasheng Jiang Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18624)
[openssl/openssl] 7ae2bc: Add SM3 implementation in RISC-V Zksh asm
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 7ae2bc9df6e0916a8f16183f07dfa1815dd4b66d https://github.openssl.org/openssl/openssl/commit/7ae2bc9df6e0916a8f16183f07dfa1815dd4b66d Author: Hongren (Zenithal) Zheng Date: 2022-06-22 (Wed, 22 Jun 2022) Changed paths: M crypto/sm3/sm3_local.h Log Message: --- Add SM3 implementation in RISC-V Zksh asm This works for both RV32 and RV64 Signed-off-by: Hongren (Zenithal) Zheng Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18287) Commit: eea820f3e239a4c11d618741fd5d00a6bc877347 https://github.openssl.org/openssl/openssl/commit/eea820f3e239a4c11d618741fd5d00a6bc877347 Author: Hongren (Zenithal) Zheng Date: 2022-06-22 (Wed, 22 Jun 2022) Changed paths: M crypto/sm3/sm3_local.h M include/crypto/md32_common.h Log Message: --- Add ROTATE inline asm support for SM3 And move ROTATE inline asm to header. Now this benefits SM3, SHA (when with Zbb only and no Zknh) and other hash functions Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18287) Compare: https://github.openssl.org/openssl/openssl/compare/5317b6ee1fc3...eea820f3e239
[openssl/openssl] 8547cd: crypto/asn1/a_time.c: Add check for OPENSSL_malloc
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 8547cd6790881cbba0f20aa4ce048243065a24bf https://github.openssl.org/openssl/openssl/commit/8547cd6790881cbba0f20aa4ce048243065a24bf Author: Jiasheng Jiang Date: 2022-06-17 (Fri, 17 Jun 2022) Changed paths: M crypto/asn1/a_time.c Log Message: --- crypto/asn1/a_time.c: Add check for OPENSSL_malloc As the potential failure of the OPENSSL_malloc(), timestamp_tm could be NULL and be used in ASN1_TIME_to_tm() without check. Therefore, it should be better to check the return value of OPENSSL_malloc() and return error if fails. Signed-off-by: Jiasheng Jiang Reviewed-by: Todd Short Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18575)
[openssl/openssl] 20af01: Fix documentation of BIO_FLAGS_BASE64_NO_NL
Branch: refs/heads/OpenSSL_1_1_1-stable Home: https://github.openssl.org/openssl/openssl Commit: 20af01d46ca4086f6b1339b67c15c81d8b4a040d https://github.openssl.org/openssl/openssl/commit/20af01d46ca4086f6b1339b67c15c81d8b4a040d Author: Fraser Tweedale Date: 2022-06-16 (Thu, 16 Jun 2022) Changed paths: M doc/man3/BIO_f_base64.pod Log Message: --- Fix documentation of BIO_FLAGS_BASE64_NO_NL Commit 8bfb7506d210841f2ee4eda8afe96441a0e33fa5 updated `BIO_f_base64(3)` to improve the documentation of the `BIO_FLAGS_BASE64_NO_NL` flag. In particular, the updated text states that when this flag is used, all newlines in the input are ignored. This is incorrect, as the following program proves: ```c unsigned char *in_buf = "IlRoZSBxdWljayBicm93biBmb3gganVt\ncHMgb3ZlciBhIGxhenkgZG9nLiI=\n"; int main(int argc, char **argv) { BIO *b64 = BIO_new(BIO_f_base64()); if (b64 == NULL) return 1; BIO_set_flags(b64, BIO_get_flags(b64) | BIO_FLAGS_BASE64_NO_NL); int in_len = strlen(in_buf); BIO *in = BIO_new_mem_buf(in_buf, in_len); if (in == NULL) return 2; in = BIO_push(b64, in); unsigned char *out_buf = calloc(in_len, sizeof(unsigned char)); if (out_buf == NULL) return 3; size_t out_len; int r = BIO_read_ex(in, out_buf, in_len, &out_len); printf("rv = %d\n", r); printf("decoded = %s\n", out_buf); return 0; } ``` Update the text of `BIO_f_base64(3)` to clarify that when the flag is set, the data must be all on one line (with or without a trailing newline character). Signed-off-by: Fraser Tweedale Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18568) (cherry picked from commit 0edcbacca99ab2b716da395f204610fc2775ea83)
[openssl/openssl] 8b738f: Fix documentation of BIO_FLAGS_BASE64_NO_NL
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: 8b738f38514d864496357f69b66ac90a458c4cda https://github.openssl.org/openssl/openssl/commit/8b738f38514d864496357f69b66ac90a458c4cda Author: Fraser Tweedale Date: 2022-06-16 (Thu, 16 Jun 2022) Changed paths: M doc/man3/BIO_f_base64.pod Log Message: --- Fix documentation of BIO_FLAGS_BASE64_NO_NL Commit 8bfb7506d210841f2ee4eda8afe96441a0e33fa5 updated `BIO_f_base64(3)` to improve the documentation of the `BIO_FLAGS_BASE64_NO_NL` flag. In particular, the updated text states that when this flag is used, all newlines in the input are ignored. This is incorrect, as the following program proves: ```c unsigned char *in_buf = "IlRoZSBxdWljayBicm93biBmb3gganVt\ncHMgb3ZlciBhIGxhenkgZG9nLiI=\n"; int main(int argc, char **argv) { BIO *b64 = BIO_new(BIO_f_base64()); if (b64 == NULL) return 1; BIO_set_flags(b64, BIO_get_flags(b64) | BIO_FLAGS_BASE64_NO_NL); int in_len = strlen(in_buf); BIO *in = BIO_new_mem_buf(in_buf, in_len); if (in == NULL) return 2; in = BIO_push(b64, in); unsigned char *out_buf = calloc(in_len, sizeof(unsigned char)); if (out_buf == NULL) return 3; size_t out_len; int r = BIO_read_ex(in, out_buf, in_len, &out_len); printf("rv = %d\n", r); printf("decoded = %s\n", out_buf); return 0; } ``` Update the text of `BIO_f_base64(3)` to clarify that when the flag is set, the data must be all on one line (with or without a trailing newline character). Signed-off-by: Fraser Tweedale Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18568) (cherry picked from commit 0edcbacca99ab2b716da395f204610fc2775ea83)
[openssl/openssl] 0edcba: Fix documentation of BIO_FLAGS_BASE64_NO_NL
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 0edcbacca99ab2b716da395f204610fc2775ea83 https://github.openssl.org/openssl/openssl/commit/0edcbacca99ab2b716da395f204610fc2775ea83 Author: Fraser Tweedale Date: 2022-06-16 (Thu, 16 Jun 2022) Changed paths: M doc/man3/BIO_f_base64.pod Log Message: --- Fix documentation of BIO_FLAGS_BASE64_NO_NL Commit 8bfb7506d210841f2ee4eda8afe96441a0e33fa5 updated `BIO_f_base64(3)` to improve the documentation of the `BIO_FLAGS_BASE64_NO_NL` flag. In particular, the updated text states that when this flag is used, all newlines in the input are ignored. This is incorrect, as the following program proves: ```c unsigned char *in_buf = "IlRoZSBxdWljayBicm93biBmb3gganVt\ncHMgb3ZlciBhIGxhenkgZG9nLiI=\n"; int main(int argc, char **argv) { BIO *b64 = BIO_new(BIO_f_base64()); if (b64 == NULL) return 1; BIO_set_flags(b64, BIO_get_flags(b64) | BIO_FLAGS_BASE64_NO_NL); int in_len = strlen(in_buf); BIO *in = BIO_new_mem_buf(in_buf, in_len); if (in == NULL) return 2; in = BIO_push(b64, in); unsigned char *out_buf = calloc(in_len, sizeof(unsigned char)); if (out_buf == NULL) return 3; size_t out_len; int r = BIO_read_ex(in, out_buf, in_len, &out_len); printf("rv = %d\n", r); printf("decoded = %s\n", out_buf); return 0; } ``` Update the text of `BIO_f_base64(3)` to clarify that when the flag is set, the data must be all on one line (with or without a trailing newline character). Signed-off-by: Fraser Tweedale Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18568)
[openssl/openssl] 55b7fa: Have set_dateopt() return 1 on success to make -da...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 55b7fa2609e1fe354517a745b78182323bce24ed https://github.openssl.org/openssl/openssl/commit/55b7fa2609e1fe354517a745b78182323bce24ed Author: Hartmut Holzgraefe Date: 2022-06-16 (Thu, 16 Jun 2022) Changed paths: M apps/lib/apps.c M test/recipes/25-test_x509.t Log Message: --- Have set_dateopt() return 1 on success to make -dateopt work Fixes #18553 Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18554) (cherry picked from commit 67e1b558e67a3bee1f20f8a9e067211b440404f8)
[openssl/openssl] 67e1b5: Have set_dateopt() return 1 on success to make -da...
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: 67e1b558e67a3bee1f20f8a9e067211b440404f8 https://github.openssl.org/openssl/openssl/commit/67e1b558e67a3bee1f20f8a9e067211b440404f8 Author: Hartmut Holzgraefe Date: 2022-06-16 (Thu, 16 Jun 2022) Changed paths: M apps/lib/apps.c M test/recipes/25-test_x509.t Log Message: --- Have set_dateopt() return 1 on success to make -dateopt work Fixes #18553 Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18554)
[openssl/openssl] 87e1ca: Fix for OSSL_PARAM sample code referencing OSSL_PA...
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: 87e1caaa24bfaf14912b6ad7965429bdf7c991b3 https://github.openssl.org/openssl/openssl/commit/87e1caaa24bfaf14912b6ad7965429bdf7c991b3 Author: Michael Baentsch <57787676+baent...@users.noreply.github.com> Date: 2022-06-16 (Thu, 16 Jun 2022) Changed paths: M doc/man3/OSSL_PARAM.pod M doc/man3/OSSL_PROVIDER.pod M doc/man7/provider-base.pod M include/openssl/core_names.h Log Message: --- Fix for OSSL_PARAM sample code referencing OSSL_PARAM_UTF8_PTR Reviewed-by: Paul Dale Reviewed-by: Shane Lontis Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18490) (cherry picked from commit 809526a06c1305d67a8f231ca15cd27ec800efce)
[openssl/openssl] 809526: Fix for OSSL_PARAM sample code referencing OSSL_PA...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 809526a06c1305d67a8f231ca15cd27ec800efce https://github.openssl.org/openssl/openssl/commit/809526a06c1305d67a8f231ca15cd27ec800efce Author: Michael Baentsch <57787676+baent...@users.noreply.github.com> Date: 2022-06-16 (Thu, 16 Jun 2022) Changed paths: M doc/man3/OSSL_PARAM.pod M doc/man3/OSSL_PROVIDER.pod M doc/man7/provider-base.pod M include/openssl/core_names.h Log Message: --- Fix for OSSL_PARAM sample code referencing OSSL_PARAM_UTF8_PTR Reviewed-by: Paul Dale Reviewed-by: Shane Lontis Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18490)
[openssl/openssl] 0ed27f: Always end BN_mod_exp_mont_consttime with normal M...
Branch: refs/heads/OpenSSL_1_1_1-stable Home: https://github.openssl.org/openssl/openssl Commit: 0ed27fb7a8d85685cb671bf0a1e41bcdfc2624dc https://github.openssl.org/openssl/openssl/commit/0ed27fb7a8d85685cb671bf0a1e41bcdfc2624dc Author: Tomas Mraz Date: 2022-06-16 (Thu, 16 Jun 2022) Changed paths: M crypto/bn/asm/x86_64-mont5.pl M crypto/bn/bn_exp.c M test/recipes/10-test_bn_data/bnmod.txt Log Message: --- Always end BN_mod_exp_mont_consttime with normal Montgomery reduction. This partially fixes a bug where, on x86_64, BN_mod_exp_mont_consttime would sometimes return m, the modulus, when it should have returned zero. Thanks to Guido Vranken for reporting it. It is only a partial fix because the same bug also exists in the "rsaz" codepath. The bug only affects zero outputs (with non-zero inputs), so we believe it has no security impact on our cryptographic functions. The fx is to delete lowercase bn_from_montgomery altogether, and have the mont5 path use the same BN_from_montgomery ending as the non-mont5 path. This only impacts the final step of the whole exponentiation and has no measurable perf impact. See the original BoringSSL commit https://boringssl.googlesource.com/boringssl/+/13c9d5c69d04485a7a8840c12185c832026c8315 for further analysis. Original-author: David Benjamin Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18511) Commit: 8438d3a7b7309cbea521d3628fddeda7bd6d6e20 https://github.openssl.org/openssl/openssl/commit/8438d3a7b7309cbea521d3628fddeda7bd6d6e20 Author: Tomas Mraz Date: 2022-06-16 (Thu, 16 Jun 2022) Changed paths: M crypto/bn/rsaz_exp.c M crypto/bn/rsaz_exp.h M test/recipes/10-test_bn_data/bnmod.txt Log Message: --- Add an extra reduction step to RSAZ mod_exp implementations Inspired by BoringSSL fix by David Benjamin. Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18511) Compare: https://github.openssl.org/openssl/openssl/compare/8f078819556d...8438d3a7b730
[openssl/openssl] 10d8a1: Add an extra reduction step to RSAZ mod_exp implem...
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: 10d8a109be0fe50315e4eeb0676f6571914cd47a https://github.openssl.org/openssl/openssl/commit/10d8a109be0fe50315e4eeb0676f6571914cd47a Author: Tomas Mraz Date: 2022-06-16 (Thu, 16 Jun 2022) Changed paths: M crypto/bn/rsaz_exp.c M crypto/bn/rsaz_exp.h M crypto/bn/rsaz_exp_x2.c M test/recipes/10-test_bn_data/bnmod.txt Log Message: --- Add an extra reduction step to RSAZ mod_exp implementations Inspired by BoringSSL fix by David Benjamin. Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18510) (cherry picked from commit 6d702cebfce3ffd9d8c0cb2af80a987d3288e7a3)
[openssl/openssl] cf6593: Always end BN_mod_exp_mont_consttime with normal M...
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: cf65931ade0c11253fbc34cc0c4eaff354983f19 https://github.openssl.org/openssl/openssl/commit/cf65931ade0c11253fbc34cc0c4eaff354983f19 Author: Tomas Mraz Date: 2022-06-16 (Thu, 16 Jun 2022) Changed paths: M crypto/bn/asm/x86_64-mont5.pl M crypto/bn/bn_exp.c M test/recipes/10-test_bn_data/bnmod.txt Log Message: --- Always end BN_mod_exp_mont_consttime with normal Montgomery reduction. This partially fixes a bug where, on x86_64, BN_mod_exp_mont_consttime would sometimes return m, the modulus, when it should have returned zero. Thanks to Guido Vranken for reporting it. It is only a partial fix because the same bug also exists in the "rsaz" codepath. The bug only affects zero outputs (with non-zero inputs), so we believe it has no security impact on our cryptographic functions. The fx is to delete lowercase bn_from_montgomery altogether, and have the mont5 path use the same BN_from_montgomery ending as the non-mont5 path. This only impacts the final step of the whole exponentiation and has no measurable perf impact. See the original BoringSSL commit https://boringssl.googlesource.com/boringssl/+/13c9d5c69d04485a7a8840c12185c832026c8315 for further analysis. Original-author: David Benjamin Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18510) (cherry picked from commit 0ae365e1f80648f4c52aa3ac9bbc279b6192b23e)
[openssl/openssl] 0ae365: Always end BN_mod_exp_mont_consttime with normal M...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 0ae365e1f80648f4c52aa3ac9bbc279b6192b23e https://github.openssl.org/openssl/openssl/commit/0ae365e1f80648f4c52aa3ac9bbc279b6192b23e Author: Tomas Mraz Date: 2022-06-16 (Thu, 16 Jun 2022) Changed paths: M crypto/bn/asm/x86_64-mont5.pl M crypto/bn/bn_exp.c M test/recipes/10-test_bn_data/bnmod.txt Log Message: --- Always end BN_mod_exp_mont_consttime with normal Montgomery reduction. This partially fixes a bug where, on x86_64, BN_mod_exp_mont_consttime would sometimes return m, the modulus, when it should have returned zero. Thanks to Guido Vranken for reporting it. It is only a partial fix because the same bug also exists in the "rsaz" codepath. The bug only affects zero outputs (with non-zero inputs), so we believe it has no security impact on our cryptographic functions. The fx is to delete lowercase bn_from_montgomery altogether, and have the mont5 path use the same BN_from_montgomery ending as the non-mont5 path. This only impacts the final step of the whole exponentiation and has no measurable perf impact. See the original BoringSSL commit https://boringssl.googlesource.com/boringssl/+/13c9d5c69d04485a7a8840c12185c832026c8315 for further analysis. Original-author: David Benjamin Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18510) Commit: 6d702cebfce3ffd9d8c0cb2af80a987d3288e7a3 https://github.openssl.org/openssl/openssl/commit/6d702cebfce3ffd9d8c0cb2af80a987d3288e7a3 Author: Tomas Mraz Date: 2022-06-16 (Thu, 16 Jun 2022) Changed paths: M crypto/bn/rsaz_exp.c M crypto/bn/rsaz_exp.h M crypto/bn/rsaz_exp_x2.c M test/recipes/10-test_bn_data/bnmod.txt Log Message: --- Add an extra reduction step to RSAZ mod_exp implementations Inspired by BoringSSL fix by David Benjamin. Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18510) Compare: https://github.openssl.org/openssl/openssl/compare/b2feb9f0e394...6d702cebfce3
[openssl/openssl] d63963: ossl_dh_check_priv_key: Do not fail on private key...
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: d63963af19977fadbc0fa7f4dfeef7e57c07afd1 https://github.openssl.org/openssl/openssl/commit/d63963af19977fadbc0fa7f4dfeef7e57c07afd1 Author: Tomas Mraz Date: 2022-06-15 (Wed, 15 Jun 2022) Changed paths: M crypto/dh/dh_check.c Log Message: --- ossl_dh_check_priv_key: Do not fail on private keys without q Fixes #18098 Reviewed-by: Shane Lontis Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18099) (cherry picked from commit 0615cedecda7ed18300db48b0bb56cec6d3527bd) Commit: 6cd7fe2a7f692ffbd4f9acfc67caa80b315f881d https://github.openssl.org/openssl/openssl/commit/6cd7fe2a7f692ffbd4f9acfc67caa80b315f881d Author: Tomas Mraz Date: 2022-06-15 (Wed, 15 Jun 2022) Changed paths: M test/recipes/91-test_pkey_check.t A test/recipes/91-test_pkey_check_data/dhpkey.pem Log Message: --- test_pkey_check: Positive testcase for private key with unknown parameters Reviewed-by: Shane Lontis Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18099) (cherry picked from commit 08e0aad293f1c283dccf7e9065ec28af5e143304) Compare: https://github.openssl.org/openssl/openssl/compare/30b2e2a37d33...6cd7fe2a7f69
[openssl/openssl] 0615ce: ossl_dh_check_priv_key: Do not fail on private key...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 0615cedecda7ed18300db48b0bb56cec6d3527bd https://github.openssl.org/openssl/openssl/commit/0615cedecda7ed18300db48b0bb56cec6d3527bd Author: Tomas Mraz Date: 2022-06-15 (Wed, 15 Jun 2022) Changed paths: M crypto/dh/dh_check.c Log Message: --- ossl_dh_check_priv_key: Do not fail on private keys without q Fixes #18098 Reviewed-by: Shane Lontis Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18099) Commit: 08e0aad293f1c283dccf7e9065ec28af5e143304 https://github.openssl.org/openssl/openssl/commit/08e0aad293f1c283dccf7e9065ec28af5e143304 Author: Tomas Mraz Date: 2022-06-15 (Wed, 15 Jun 2022) Changed paths: M test/recipes/91-test_pkey_check.t A test/recipes/91-test_pkey_check_data/dhpkey.pem Log Message: --- test_pkey_check: Positive testcase for private key with unknown parameters Reviewed-by: Shane Lontis Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18099) Compare: https://github.openssl.org/openssl/openssl/compare/14f95126c098...08e0aad293f1
[openssl/openssl] e8f714: Revert "bn: Add fixed length (n=6), unrolled PPC M...
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: e8f714b05f8bafa88e43d7a2fbb3686a820a0a62 https://github.openssl.org/openssl/openssl/commit/e8f714b05f8bafa88e43d7a2fbb3686a820a0a62 Author: Tomas Mraz Date: 2022-06-15 (Wed, 15 Jun 2022) Changed paths: M crypto/bn/asm/ppc64-mont-fixed.pl M crypto/bn/bn_ppc.c M crypto/bn/build.info Log Message: --- Revert "bn: Add fixed length (n=6), unrolled PPC Montgomery Multiplication" This reverts commit 0d40ca47bd86e74a95c3a2f5fb6c67cdbee93c79. It was found that the computation produces incorrect results in some cases. Reviewed-by: Dmitry Belyavskiy Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18512) (cherry picked from commit 712d9cc90e355b2c98a959d4e9398610d2269c9e) Commit: 30b2e2a37d3368a688ccee7d76f88533da772874 https://github.openssl.org/openssl/openssl/commit/30b2e2a37d3368a688ccee7d76f88533da772874 Author: Tomas Mraz Date: 2022-06-15 (Wed, 15 Jun 2022) Changed paths: M test/recipes/30-test_evp_data/evppkey_ecdsa.txt Log Message: --- Testcase for regression by PPC64 fixed length montgomery multiplication Reviewed-by: Dmitry Belyavskiy Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18512) (cherry picked from commit 14f95126c098358c434d59835834f9f0be7ea498) Compare: https://github.openssl.org/openssl/openssl/compare/db5bb6b14c62...30b2e2a37d33
[openssl/openssl] 712d9c: Revert "bn: Add fixed length (n=6), unrolled PPC M...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 712d9cc90e355b2c98a959d4e9398610d2269c9e https://github.openssl.org/openssl/openssl/commit/712d9cc90e355b2c98a959d4e9398610d2269c9e Author: Tomas Mraz Date: 2022-06-15 (Wed, 15 Jun 2022) Changed paths: M crypto/bn/asm/ppc64-mont-fixed.pl M crypto/bn/bn_ppc.c M crypto/bn/build.info Log Message: --- Revert "bn: Add fixed length (n=6), unrolled PPC Montgomery Multiplication" This reverts commit 0d40ca47bd86e74a95c3a2f5fb6c67cdbee93c79. It was found that the computation produces incorrect results in some cases. Reviewed-by: Dmitry Belyavskiy Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18512) Commit: 14f95126c098358c434d59835834f9f0be7ea498 https://github.openssl.org/openssl/openssl/commit/14f95126c098358c434d59835834f9f0be7ea498 Author: Tomas Mraz Date: 2022-06-15 (Wed, 15 Jun 2022) Changed paths: M test/recipes/30-test_evp_data/evppkey_ecdsa.txt Log Message: --- Testcase for regression by PPC64 fixed length montgomery multiplication Reviewed-by: Dmitry Belyavskiy Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18512) Compare: https://github.openssl.org/openssl/openssl/compare/e9a806b2c265...14f95126c098
[openssl/openssl] db5bb6: Avoid reusing the init_lock for a different purpose
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: db5bb6b14c62d321583fd44794886cd3701661f4 https://github.openssl.org/openssl/openssl/commit/db5bb6b14c62d321583fd44794886cd3701661f4 Author: Tomas Mraz Date: 2022-06-15 (Wed, 15 Jun 2022) Changed paths: M crypto/init.c Log Message: --- Avoid reusing the init_lock for a different purpose Otherwise we might cause a recursive locking. Fixes #18535 Reviewed-by: Matt Caswell Reviewed-by: Richard Levitte Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18545) (cherry picked from commit e9a806b2c265da3a4ca472acb4a4286d9c1b5c9d)
[openssl/openssl] e9a806: Avoid reusing the init_lock for a different purpose
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: e9a806b2c265da3a4ca472acb4a4286d9c1b5c9d https://github.openssl.org/openssl/openssl/commit/e9a806b2c265da3a4ca472acb4a4286d9c1b5c9d Author: Tomas Mraz Date: 2022-06-15 (Wed, 15 Jun 2022) Changed paths: M crypto/init.c Log Message: --- Avoid reusing the init_lock for a different purpose Otherwise we might cause a recursive locking. Fixes #18535 Reviewed-by: Matt Caswell Reviewed-by: Richard Levitte Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18545)
[openssl/openssl] a644cb: [crypto/bn] BN_consttime_swap: remove superfluous ...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: a644cb7c1c19c78e2ca393c8ca36989e7ca61715 https://github.openssl.org/openssl/openssl/commit/a644cb7c1c19c78e2ca393c8ca36989e7ca61715 Author: Billy Brumley Date: 2022-06-13 (Mon, 13 Jun 2022) Changed paths: M crypto/bn/bn_lib.c M test/bntest.c Log Message: --- [crypto/bn] BN_consttime_swap: remove superfluous early exit Reviewed-by: Matt Caswell Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18518)
[openssl/openssl] f553cd: parse_unquoted: Check returned value from ossl_pro...
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: f553cd4b40a2c797ea3c1559335115d9d080435a https://github.openssl.org/openssl/openssl/commit/f553cd4b40a2c797ea3c1559335115d9d080435a Author: Tomas Mraz Date: 2022-06-10 (Fri, 10 Jun 2022) Changed paths: M crypto/property/property_parse.c Log Message: --- parse_unquoted: Check returned value from ossl_property_value() Reviewed-by: Shane Lontis Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/18494) (cherry picked from commit f91568eb50e847d0db2441fd9b9c5ffc8c4fe934) Commit: 0faf842e5e3406356deffa9a2d40716852bce8bb https://github.openssl.org/openssl/openssl/commit/0faf842e5e3406356deffa9a2d40716852bce8bb Author: Tomas Mraz Date: 2022-06-10 (Fri, 10 Jun 2022) Changed paths: M ssl/t1_lib.c Log Message: --- add_provider_groups: Clean up algorithm pointer on failure Reviewed-by: Shane Lontis Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/18494) (cherry picked from commit a7863f994955c45fb7ce29e30b81a6206994c3dd) Commit: e10ebdd81e6f5b6eb00fb25476bbd8cc19c9c83c https://github.openssl.org/openssl/openssl/commit/e10ebdd81e6f5b6eb00fb25476bbd8cc19c9c83c Author: Tomas Mraz Date: 2022-06-10 (Fri, 10 Jun 2022) Changed paths: M crypto/evp/p_lib.c Log Message: --- Check return of BIO_new() and always free pkey from evp_pkey_copy_downgraded() Reviewed-by: Shane Lontis Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/18494) (cherry picked from commit d8732803c493cba7a863c5c16da62ee9d611c5ca) Commit: cf3bf39f142369f2a8000f33f18b7d9b599fcddb https://github.openssl.org/openssl/openssl/commit/cf3bf39f142369f2a8000f33f18b7d9b599fcddb Author: Tomas Mraz Date: 2022-06-10 (Fri, 10 Jun 2022) Changed paths: M providers/implementations/asymciphers/sm2_enc.c Log Message: --- sm2_dupctx: Avoid potential use after free of the md Reviewed-by: Shane Lontis Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/18494) (cherry picked from commit 926c698c6f0a197e0322d4617db0ecd0d40f6e06) Compare: https://github.openssl.org/openssl/openssl/compare/4650cf23c84f...cf3bf39f1423
[openssl/openssl] f91568: parse_unquoted: Check returned value from ossl_pro...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: f91568eb50e847d0db2441fd9b9c5ffc8c4fe934 https://github.openssl.org/openssl/openssl/commit/f91568eb50e847d0db2441fd9b9c5ffc8c4fe934 Author: Tomas Mraz Date: 2022-06-10 (Fri, 10 Jun 2022) Changed paths: M crypto/property/property_parse.c Log Message: --- parse_unquoted: Check returned value from ossl_property_value() Reviewed-by: Shane Lontis Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/18494) Commit: a7863f994955c45fb7ce29e30b81a6206994c3dd https://github.openssl.org/openssl/openssl/commit/a7863f994955c45fb7ce29e30b81a6206994c3dd Author: Tomas Mraz Date: 2022-06-10 (Fri, 10 Jun 2022) Changed paths: M ssl/t1_lib.c Log Message: --- add_provider_groups: Clean up algorithm pointer on failure Reviewed-by: Shane Lontis Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/18494) Commit: d8732803c493cba7a863c5c16da62ee9d611c5ca https://github.openssl.org/openssl/openssl/commit/d8732803c493cba7a863c5c16da62ee9d611c5ca Author: Tomas Mraz Date: 2022-06-10 (Fri, 10 Jun 2022) Changed paths: M crypto/evp/p_lib.c Log Message: --- Check return of BIO_new() and always free pkey from evp_pkey_copy_downgraded() Reviewed-by: Shane Lontis Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/18494) Commit: 926c698c6f0a197e0322d4617db0ecd0d40f6e06 https://github.openssl.org/openssl/openssl/commit/926c698c6f0a197e0322d4617db0ecd0d40f6e06 Author: Tomas Mraz Date: 2022-06-10 (Fri, 10 Jun 2022) Changed paths: M providers/implementations/asymciphers/sm2_enc.c Log Message: --- sm2_dupctx: Avoid potential use after free of the md Reviewed-by: Shane Lontis Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/18494) Compare: https://github.openssl.org/openssl/openssl/compare/cec1699f1f54...926c698c6f0a
[openssl/openssl] 608cad: Add AES implementation in riscv64 zkn asm
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 608cadfbdbdba076a07e172f834a0afb6aafa59b https://github.openssl.org/openssl/openssl/commit/608cadfbdbdba076a07e172f834a0afb6aafa59b Author: Hongren (Zenithal) Zheng Date: 2022-06-10 (Fri, 10 Jun 2022) Changed paths: A crypto/aes/asm/aes-riscv64-zkn.pl Log Message: --- Add AES implementation in riscv64 zkn asm Signed-off-by: Hongren (Zenithal) Zheng Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18197) Commit: 9912c38ed69c97ca737c66c68ae454c5cd265133 https://github.openssl.org/openssl/openssl/commit/9912c38ed69c97ca737c66c68ae454c5cd265133 Author: Hongren (Zenithal) Zheng Date: 2022-06-10 (Fri, 10 Jun 2022) Changed paths: M crypto/aes/build.info Log Message: --- add build support for riscv64 aes zkn Signed-off-by: Hongren (Zenithal) Zheng Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18197) Commit: d5dd608364074fadbf4776142ccd8c7b268845cc https://github.openssl.org/openssl/openssl/commit/d5dd608364074fadbf4776142ccd8c7b268845cc Author: Hongren (Zenithal) Zheng Date: 2022-06-10 (Fri, 10 Jun 2022) Changed paths: M include/crypto/riscv_arch.def Log Message: --- Add riscv scalar crypto extension capability Signed-off-by: Hongren (Zenithal) Zheng Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18197) Commit: 77d29ff041edcdc6a3d33251d6270a4cfe0be9b3 https://github.openssl.org/openssl/openssl/commit/77d29ff041edcdc6a3d33251d6270a4cfe0be9b3 Author: Hongren (Zenithal) Zheng Date: 2022-06-10 (Fri, 10 Jun 2022) Changed paths: M include/crypto/aes_platform.h Log Message: --- aes_platform: add riscv64 zkn asm support Signed-off-by: Hongren (Zenithal) Zheng Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18197) Commit: ee8deb65d2b22b94721125a5649d05591e7b https://github.openssl.org/openssl/openssl/commit/ee8deb65d2b22b94721125a5649d05591e7b Author: Hongren (Zenithal) Zheng Date: 2022-06-10 (Fri, 10 Jun 2022) Changed paths: M providers/implementations/ciphers/cipher_aes_ccm_hw.c A providers/implementations/ciphers/cipher_aes_ccm_hw_rv64i_zknd_zkne.inc M providers/implementations/ciphers/cipher_aes_gcm_hw.c A providers/implementations/ciphers/cipher_aes_gcm_hw_rv64i_zknd_zkne.inc M providers/implementations/ciphers/cipher_aes_hw.c A providers/implementations/ciphers/cipher_aes_hw_rv64i_zknd_zkne.inc M providers/implementations/ciphers/cipher_aes_ocb_hw.c M providers/implementations/ciphers/cipher_aes_xts_hw.c Log Message: --- providers: cipher: aes: add riscv64 zkn support Signed-off-by: Hongren (Zenithal) Zheng Tested-by: Jiatai He Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18197) Compare: https://github.openssl.org/openssl/openssl/compare/5f4b3db624a8...ee8deb65
[openssl/openssl] 4c149c: High level overview of QUIC Implementation
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 4c149cf9f6a2ba665d74dbd4cf44f080816c900b https://github.openssl.org/openssl/openssl/commit/4c149cf9f6a2ba665d74dbd4cf44f080816c900b Author: Tomas Mraz Date: 2022-06-08 (Wed, 08 Jun 2022) Changed paths: A doc/designs/quic-design/images/quic-overview.svg A doc/designs/quic-design/quic-overview.md Log Message: --- High level overview of QUIC Implementation Reviewed-by: Dmitry Belyavskiy Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18406)
[openssl/openssl] ab7d05: Update further expiring certificates that affect t...
Branch: refs/heads/OpenSSL_1_1_1-stable Home: https://github.openssl.org/openssl/openssl Commit: ab7d05617a444cfcf4f930f81caa4cf66495ab9b https://github.openssl.org/openssl/openssl/commit/ab7d05617a444cfcf4f930f81caa4cf66495ab9b Author: Tomas Mraz Date: 2022-06-06 (Mon, 06 Jun 2022) Changed paths: M test/smime-certs/mksmime-certs.sh M test/smime-certs/smdh.pem M test/smime-certs/smdsa1.pem M test/smime-certs/smdsa2.pem M test/smime-certs/smdsa3.pem M test/smime-certs/smec1.pem M test/smime-certs/smec2.pem M test/smime-certs/smroot.pem M test/smime-certs/smrsa1.pem M test/smime-certs/smrsa2.pem M test/smime-certs/smrsa3.pem Log Message: --- Update further expiring certificates that affect tests Namely the smime certificates used in test_cms will expire soon and affect tests. Fixes #15179 Reviewed-by: Dmitry Belyavskiy Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18481)
[openssl/openssl] 9f3626: Check return value of ossl_parse_property()
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: 9f3626f2473bdce53e85eba96e502e950e29e16f https://github.openssl.org/openssl/openssl/commit/9f3626f2473bdce53e85eba96e502e950e29e16f Author: Tomas Mraz Date: 2022-06-06 (Mon, 06 Jun 2022) Changed paths: M crypto/encode_decode/decoder_meth.c M crypto/encode_decode/encoder_meth.c M providers/implementations/encode_decode/decode_der2key.c Log Message: --- Check return value of ossl_parse_property() Also check if we have d2i_public_key() function pointer. Fixes https://github.com/openssl/openssl/pull/18355#issuecomment-1144893289 Reviewed-by: Todd Short Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18462) (cherry picked from commit 4fa5ed5ce5c345eaeaec8b86eda265add467f941)
[openssl/openssl] 4fa5ed: Check return value of ossl_parse_property()
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 4fa5ed5ce5c345eaeaec8b86eda265add467f941 https://github.openssl.org/openssl/openssl/commit/4fa5ed5ce5c345eaeaec8b86eda265add467f941 Author: Tomas Mraz Date: 2022-06-06 (Mon, 06 Jun 2022) Changed paths: M crypto/encode_decode/decoder_meth.c M crypto/encode_decode/encoder_meth.c M providers/implementations/encode_decode/decode_der2key.c Log Message: --- Check return value of ossl_parse_property() Also check if we have d2i_public_key() function pointer. Fixes https://github.com/openssl/openssl/pull/18355#issuecomment-1144893289 Reviewed-by: Todd Short Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18462)
[openssl/openssl] 0f4738: Update further expiring certificates that affect t...
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: 0f4738ab5ef8085b27e89dba91677f892b5b3689 https://github.openssl.org/openssl/openssl/commit/0f4738ab5ef8085b27e89dba91677f892b5b3689 Author: Tomas Mraz Date: 2022-06-05 (Sun, 05 Jun 2022) Changed paths: M test/certs/sm2-ca-cert.pem M test/certs/sm2-root.crt M test/certs/sm2.pem M test/smime-certs/mksmime-certs.sh M test/smime-certs/smdh.pem M test/smime-certs/smdsa1.pem M test/smime-certs/smdsa2.pem M test/smime-certs/smdsa3.pem M test/smime-certs/smec1.pem M test/smime-certs/smec2.pem M test/smime-certs/smroot.pem M test/smime-certs/smrsa1.pem M test/smime-certs/smrsa2.pem M test/smime-certs/smrsa3.pem Log Message: --- Update further expiring certificates that affect tests Namely the smime certificates used in test_cms and the SM2 certificates will expire soon and affect tests. Fixes #15179 Reviewed-by: Dmitry Belyavskiy Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18467) (cherry picked from commit 5d219937d067a761fb871483369a6020c60a3cb8)
[openssl/openssl] 5d2199: Update further expiring certificates that affect t...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 5d219937d067a761fb871483369a6020c60a3cb8 https://github.openssl.org/openssl/openssl/commit/5d219937d067a761fb871483369a6020c60a3cb8 Author: Tomas Mraz Date: 2022-06-05 (Sun, 05 Jun 2022) Changed paths: M test/certs/sm2-ca-cert.pem M test/certs/sm2-root.crt M test/certs/sm2.pem M test/smime-certs/mksmime-certs.sh M test/smime-certs/smdh.pem M test/smime-certs/smdsa1.pem M test/smime-certs/smdsa2.pem M test/smime-certs/smdsa3.pem M test/smime-certs/smec1.pem M test/smime-certs/smec2.pem M test/smime-certs/smroot.pem M test/smime-certs/smrsa1.pem M test/smime-certs/smrsa2.pem M test/smime-certs/smrsa3.pem Log Message: --- Update further expiring certificates that affect tests Namely the smime certificates used in test_cms and the SM2 certificates will expire soon and affect tests. Fixes #15179 Reviewed-by: Dmitry Belyavskiy Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18467)
[openssl/openssl] 3bd976: Fix strict client chain check with TLS-1.3
Branch: refs/heads/OpenSSL_1_1_1-stable Home: https://github.openssl.org/openssl/openssl Commit: 3bd976551e549c030bdbd150c7aa8a1980cb00fe https://github.openssl.org/openssl/openssl/commit/3bd976551e549c030bdbd150c7aa8a1980cb00fe Author: Tomas Mraz Date: 2022-06-03 (Fri, 03 Jun 2022) Changed paths: M ssl/t1_lib.c Log Message: --- Fix strict client chain check with TLS-1.3 When TLS-1.3 is used and the server does not send any CA names the ca_dn will be NULL. sk_X509_NAME_num() returns -1 on null argument. Reviewed-by: Todd Short Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/17986) (cherry picked from commit 89dd85430770d39cbfb15eb586c921958ca7687f)
[openssl/openssl] b6f107: Fix strict client chain check with TLS-1.3
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: b6f107088cc6f054fac5d0b563dec6fdfaa5a161 https://github.openssl.org/openssl/openssl/commit/b6f107088cc6f054fac5d0b563dec6fdfaa5a161 Author: Tomas Mraz Date: 2022-06-03 (Fri, 03 Jun 2022) Changed paths: M ssl/t1_lib.c Log Message: --- Fix strict client chain check with TLS-1.3 When TLS-1.3 is used and the server does not send any CA names the ca_dn will be NULL. sk_X509_NAME_num() returns -1 on null argument. Reviewed-by: Todd Short Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/17986) (cherry picked from commit 89dd85430770d39cbfb15eb586c921958ca7687f)
[openssl/openssl] 89dd85: Fix strict client chain check with TLS-1.3
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 89dd85430770d39cbfb15eb586c921958ca7687f https://github.openssl.org/openssl/openssl/commit/89dd85430770d39cbfb15eb586c921958ca7687f Author: Tomas Mraz Date: 2022-06-03 (Fri, 03 Jun 2022) Changed paths: M ssl/t1_lib.c Log Message: --- Fix strict client chain check with TLS-1.3 When TLS-1.3 is used and the server does not send any CA names the ca_dn will be NULL. sk_X509_NAME_num() returns -1 on null argument. Reviewed-by: Todd Short Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/17986)
[openssl/openssl] 336d92: Enable setting SSL_CERT_FLAG_TLS_STRICT with ssl c...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 336d92eb206946293a50db667fdc44ab7d69f8ad https://github.openssl.org/openssl/openssl/commit/336d92eb206946293a50db667fdc44ab7d69f8ad Author: Tomas Mraz Date: 2022-06-03 (Fri, 03 Jun 2022) Changed paths: M doc/man3/SSL_CONF_cmd.pod M ssl/ssl_conf.c A test/certs/client-pss-restrict-cert.pem A test/certs/client-pss-restrict-key.pem M test/certs/setup.sh M test/ssl-tests/04-client_auth.cnf M test/ssl-tests/04-client_auth.cnf.in Log Message: --- Enable setting SSL_CERT_FLAG_TLS_STRICT with ssl config Reviewed-by: Todd Short Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/17989)
[openssl/openssl] 30b013: Configure: Add disablable for QUIC, disabled by de...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 30b013291a502dce406708474a60fe58d5803e66 https://github.openssl.org/openssl/openssl/commit/30b013291a502dce406708474a60fe58d5803e66 Author: Tomas Mraz Date: 2022-06-03 (Fri, 03 Jun 2022) Changed paths: M Configure M INSTALL.md Log Message: --- Configure: Add disablable for QUIC, disabled by default Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18307) Commit: 770ea54b58769bae07e22a92e0c12ece9bdbc8e2 https://github.openssl.org/openssl/openssl/commit/770ea54b58769bae07e22a92e0c12ece9bdbc8e2 Author: Tomas Mraz Date: 2022-06-03 (Fri, 03 Jun 2022) Changed paths: M Configurations/unix-Makefile.tmpl M doc/build.info A doc/man3/OSSL_QUIC_client_method.pod A include/openssl/quic.h M include/openssl/ssl.h.in M util/libssl.num Log Message: --- Add OSSL_QUIC methods to headers and manual pages Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18307) Commit: 99e1cc7bcae2e3707913881d7108c92b7a9bf7a1 https://github.openssl.org/openssl/openssl/commit/99e1cc7bcae2e3707913881d7108c92b7a9bf7a1 Author: Tomas Mraz Date: 2022-06-03 (Fri, 03 Jun 2022) Changed paths: M ssl/build.info A ssl/quic/build.info A ssl/quic/quic_impl.c A ssl/quic/quic_local.h A ssl/quic/quic_method.c Log Message: --- Add empty implementations of quic method functions Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18307) Commit: e44795bd5db081260ef05c7be6fd17c080ed9437 https://github.openssl.org/openssl/openssl/commit/e44795bd5db081260ef05c7be6fd17c080ed9437 Author: Tomas Mraz Date: 2022-06-03 (Fri, 03 Jun 2022) Changed paths: M ssl/quic/quic_impl.c M ssl/quic/quic_local.h M test/build.info A test/quicapitest.c A test/recipes/75-test_quicapi.t Log Message: --- First working empty protocol test Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18307) Commit: 08e4901298df12931b45c7115254a0e159727683 https://github.openssl.org/openssl/openssl/commit/08e4901298df12931b45c7115254a0e159727683 Author: Tomas Mraz Date: 2022-06-03 (Fri, 03 Jun 2022) Changed paths: M ssl/quic/quic_impl.c M ssl/quic/quic_local.h M test/helpers/ssl_test_ctx.c M test/helpers/ssl_test_ctx.h M test/recipes/80-test_ssl_new.t A test/ssl-tests/31-quic.cnf A test/ssl-tests/31-quic.cnf.in M test/ssl_test.c Log Message: --- Add a test_ssl_new testcase This requires some code being pulled into the empty protocol implementation so the state machinery works. Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18307) Commit: b7873f92b0f79bdf576795c86d6520656568d672 https://github.openssl.org/openssl/openssl/commit/b7873f92b0f79bdf576795c86d6520656568d672 Author: Tomas Mraz Date: 2022-06-03 (Fri, 03 Jun 2022) Changed paths: M .github/workflows/ci.yml Log Message: --- CI: Add enable-quic to some of the builds Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/18307) Compare: https://github.openssl.org/openssl/openssl/compare/30adf6d20900...b7873f92b0f7
[openssl/openssl] 30adf6: Revert unnecessary PKCS7_verify() performance opti...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 30adf6d209002fab688aa76e313ac077e4b2f88c https://github.openssl.org/openssl/openssl/commit/30adf6d209002fab688aa76e313ac077e4b2f88c Author: Nikolas Date: 2022-06-02 (Thu, 02 Jun 2022) Changed paths: M crypto/pkcs7/pk7_smime.c Log Message: --- Revert unnecessary PKCS7_verify() performance optimization It appears that creating temporary read-only mem BIO won't increase performance significally anymore. But it increases PKCS7_verify() complexity, so should be removed. Reviewed-by: Paul Dale Reviewed-by: Dmitry Belyavskiy Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16590)
[openssl/openssl] 142e28: CTLOG_new_ex: Fix copy&paste error when setting propq
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: 142e280924f8bcd4e86ddc539ac0687f2239373e https://github.openssl.org/openssl/openssl/commit/142e280924f8bcd4e86ddc539ac0687f2239373e Author: Tomas Mraz Date: 2022-06-02 (Thu, 02 Jun 2022) Changed paths: M crypto/ct/ct_log.c Log Message: --- CTLOG_new_ex: Fix copy&paste error when setting propq Fixes #18431 Reviewed-by: Shane Lontis Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/18432) (cherry picked from commit 163bf682fd93971d07e66e3da339c229b86dc849)
[openssl/openssl] 163bf6: CTLOG_new_ex: Fix copy&paste error when setting propq
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 163bf682fd93971d07e66e3da339c229b86dc849 https://github.openssl.org/openssl/openssl/commit/163bf682fd93971d07e66e3da339c229b86dc849 Author: Tomas Mraz Date: 2022-06-02 (Thu, 02 Jun 2022) Changed paths: M crypto/ct/ct_log.c Log Message: --- CTLOG_new_ex: Fix copy&paste error when setting propq Fixes #18431 Reviewed-by: Shane Lontis Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/18432)
[openssl/openssl] b375e1: Fix possible null pointer dereference of evp_pkey_...
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: b375e158cb910b253d4bb68c2fd5c30a2da60670 https://github.openssl.org/openssl/openssl/commit/b375e158cb910b253d4bb68c2fd5c30a2da60670 Author: Zhou Qingyang Date: 2022-06-02 (Thu, 02 Jun 2022) Changed paths: M crypto/dh/dh_ameth.c M crypto/ec/ecx_meth.c M crypto/evp/p_dec.c M crypto/evp/p_enc.c Log Message: --- Fix possible null pointer dereference of evp_pkey_get_legacy() evp_pkey_get_legacy() will return NULL on failure, however several uses of it or its wrappers does not check the return value of evp_pkey_get_legacy(), which could lead to NULL pointer dereference. Fix those possible bugs by adding NULL checking. Reviewed-by: Shane Lontis Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/17967) (cherry picked from commit b9a86d5dd8b5bd33be42390bcbb5121fe0ae71a1)
[openssl/openssl] b9a86d: Fix possible null pointer dereference of evp_pkey_...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: b9a86d5dd8b5bd33be42390bcbb5121fe0ae71a1 https://github.openssl.org/openssl/openssl/commit/b9a86d5dd8b5bd33be42390bcbb5121fe0ae71a1 Author: Zhou Qingyang Date: 2022-06-02 (Thu, 02 Jun 2022) Changed paths: M crypto/dh/dh_ameth.c M crypto/ec/ecx_meth.c M crypto/evp/p_dec.c M crypto/evp/p_enc.c Log Message: --- Fix possible null pointer dereference of evp_pkey_get_legacy() evp_pkey_get_legacy() will return NULL on failure, however several uses of it or its wrappers does not check the return value of evp_pkey_get_legacy(), which could lead to NULL pointer dereference. Fix those possible bugs by adding NULL checking. Reviewed-by: Shane Lontis Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/17967)
[openssl/openssl] 3c7d97: threadstest: Add missing framework for multithread...
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: 3c7d97b6bb17f33a8c74af347846484d1f46c042 https://github.openssl.org/openssl/openssl/commit/3c7d97b6bb17f33a8c74af347846484d1f46c042 Author: Tomas Mraz Date: 2022-06-02 (Thu, 02 Jun 2022) Changed paths: M test/threadstest.c Log Message: --- threadstest: Add missing framework for multithread tests Reviewed-by: Paul Dale Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/18451)
[openssl/openssl] 56876a: Fix the erroneous checks of EVP_PKEY_CTX_set_group...
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 56876ae952b96b4a83266f6b2ec1393f599015d6 https://github.openssl.org/openssl/openssl/commit/56876ae952b96b4a83266f6b2ec1393f599015d6 Author: Peiwei Hu Date: 2022-06-02 (Thu, 02 Jun 2022) Changed paths: M crypto/cms/cms_ec.c M ssl/s3_lib.c M test/evp_extra_test.c Log Message: --- Fix the erroneous checks of EVP_PKEY_CTX_set_group_name Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18399) Commit: 7263a7fc3d0c0c17616c2e5309e0fd52ed654ecc https://github.openssl.org/openssl/openssl/commit/7263a7fc3d0c0c17616c2e5309e0fd52ed654ecc Author: Peiwei Hu Date: 2022-06-02 (Thu, 02 Jun 2022) Changed paths: M crypto/rsa/rsa_ameth.c M test/evp_extra_test.c Log Message: --- Fix the checks of EVP_PKEY_CTX_get/set_rsa_pss_saltlen Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18399) Commit: 00d5193b688019a85d1bd0196f2837a4476394bb https://github.openssl.org/openssl/openssl/commit/00d5193b688019a85d1bd0196f2837a4476394bb Author: Peiwei Hu Date: 2022-06-02 (Thu, 02 Jun 2022) Changed paths: M crypto/rsa/rsa_lib.c Log Message: --- Fix the check of evp_pkey_ctx_set_params_strict Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18399) Commit: 2cba2e160d5b028e4a777e8038744a8bc4280629 https://github.openssl.org/openssl/openssl/commit/2cba2e160d5b028e4a777e8038744a8bc4280629 Author: Peiwei Hu Date: 2022-06-02 (Thu, 02 Jun 2022) Changed paths: M apps/dhparam.c M apps/dsaparam.c M crypto/cms/cms_dh.c M crypto/cms/cms_ec.c M test/acvp_test.c M test/evp_extra_test.c Log Message: --- Fix the checks of EVP_PKEY_CTX_set/get_* functions Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18399) Compare: https://github.openssl.org/openssl/openssl/compare/1c5a4e3b5e05...2cba2e160d5b
[openssl/openssl] ad8d42: Fix the erroneous checks of EVP_PKEY_CTX_set_group...
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: ad8d425a5ffa66b062a362e53267a7ceb94c51a4 https://github.openssl.org/openssl/openssl/commit/ad8d425a5ffa66b062a362e53267a7ceb94c51a4 Author: Peiwei Hu Date: 2022-06-02 (Thu, 02 Jun 2022) Changed paths: M crypto/cms/cms_ec.c M ssl/s3_lib.c M test/evp_extra_test.c Log Message: --- Fix the erroneous checks of EVP_PKEY_CTX_set_group_name Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18399) (cherry picked from commit 56876ae952b96b4a83266f6b2ec1393f599015d6) Commit: 199b41021169f2f8fe6aaf63f6d853825af7de52 https://github.openssl.org/openssl/openssl/commit/199b41021169f2f8fe6aaf63f6d853825af7de52 Author: Peiwei Hu Date: 2022-06-02 (Thu, 02 Jun 2022) Changed paths: M crypto/rsa/rsa_ameth.c M test/evp_extra_test.c Log Message: --- Fix the checks of EVP_PKEY_CTX_get/set_rsa_pss_saltlen Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18399) (cherry picked from commit 7263a7fc3d0c0c17616c2e5309e0fd52ed654ecc) Commit: 69e29db8873bcfd0f1befaad9fc3740e92f0de87 https://github.openssl.org/openssl/openssl/commit/69e29db8873bcfd0f1befaad9fc3740e92f0de87 Author: Peiwei Hu Date: 2022-06-02 (Thu, 02 Jun 2022) Changed paths: M crypto/rsa/rsa_lib.c Log Message: --- Fix the check of evp_pkey_ctx_set_params_strict Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18399) (cherry picked from commit 00d5193b688019a85d1bd0196f2837a4476394bb) Commit: 4bd3fc8d74ce663692d7169ab8ee744e43e61a66 https://github.openssl.org/openssl/openssl/commit/4bd3fc8d74ce663692d7169ab8ee744e43e61a66 Author: Peiwei Hu Date: 2022-06-02 (Thu, 02 Jun 2022) Changed paths: M apps/dhparam.c M apps/dsaparam.c M crypto/cms/cms_dh.c M crypto/cms/cms_ec.c M test/acvp_test.c M test/evp_extra_test.c Log Message: --- Fix the checks of EVP_PKEY_CTX_set/get_* functions Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18399) (cherry picked from commit 2cba2e160d5b028e4a777e8038744a8bc4280629) Compare: https://github.openssl.org/openssl/openssl/compare/bce02f9c45d1...4bd3fc8d74ce
[openssl/openssl] bce02f: doc: Fix keymgmt functions parameters
Branch: refs/heads/openssl-3.0 Home: https://github.openssl.org/openssl/openssl Commit: bce02f9c45d10d53f61e3423cbd5c78965340340 https://github.openssl.org/openssl/openssl/commit/bce02f9c45d10d53f61e3423cbd5c78965340340 Author: Ladislav Marko Date: 2022-06-01 (Wed, 01 Jun 2022) Changed paths: M doc/man7/provider-keymgmt.pod Log Message: --- doc: Fix keymgmt functions parameters CLA: trivial Make OSSL_FUNC_keymgmt_import and OSSL_FUNC_keymgmt_export documentation correspond to core_dispatch.h signatures Reviewed-by: Matt Caswell Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18423) (cherry picked from commit 70ed3046c5f156cab45a2bb2c8e36ab5d29a45ca)
[openssl/openssl] 70ed30: doc: Fix keymgmt functions parameters
Branch: refs/heads/master Home: https://github.openssl.org/openssl/openssl Commit: 70ed3046c5f156cab45a2bb2c8e36ab5d29a45ca https://github.openssl.org/openssl/openssl/commit/70ed3046c5f156cab45a2bb2c8e36ab5d29a45ca Author: Ladislav Marko Date: 2022-06-01 (Wed, 01 Jun 2022) Changed paths: M doc/man7/provider-keymgmt.pod Log Message: --- doc: Fix keymgmt functions parameters CLA: trivial Make OSSL_FUNC_keymgmt_import and OSSL_FUNC_keymgmt_export documentation correspond to core_dispatch.h signatures Reviewed-by: Matt Caswell Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/18423)
[openssl/openssl] 73db5d: Update expired SCT certificates
Branch: refs/heads/OpenSSL_1_1_1-stable Home: https://github.openssl.org/openssl/openssl Commit: 73db5d82489b3ec09ccc772dfcee14fef0e8e908 https://github.openssl.org/openssl/openssl/commit/73db5d82489b3ec09ccc772dfcee14fef0e8e908 Author: Tomas Mraz Date: 2022-06-01 (Wed, 01 Jun 2022) Changed paths: M test/certs/embeddedSCTs1-key.pem M test/certs/embeddedSCTs1.pem M test/certs/embeddedSCTs1.sct A test/certs/embeddedSCTs1_issuer-key.pem M test/certs/embeddedSCTs1_issuer.pem Log Message: --- Update expired SCT certificates Reviewed-by: Matt Caswell Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/18446) Commit: b7ce611887cfac633aacc052b2e71a7f195418b8 https://github.openssl.org/openssl/openssl/commit/b7ce611887cfac633aacc052b2e71a7f195418b8 Author: Tomas Mraz Date: 2022-06-01 (Wed, 01 Jun 2022) Changed paths: M test/ct_test.c Log Message: --- ct_test.c: Update the epoch time Reviewed-by: Matt Caswell Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/18446) Compare: https://github.openssl.org/openssl/openssl/compare/8754fa5f60ac...b7ce611887cf