- Mar 15, 2019
-
-
Dr. Matthias St. Pierre authored
Reviewed-by:
Paul Dale <paul.dale@oracle.com> Reviewed-by:
Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8463)
-
Dr. Matthias St. Pierre authored
Fixes #8487 Amends #7230 Reviewed-by:
Tim Hudson <tjh@openssl.org> Reviewed-by:
-
- Mar 14, 2019
-
-
Richard Levitte authored
Configure with -DOPENSSL_DEV_NO_ATOMICS and you get refcount without atomics. This is intended for internal development only, to check the refcounting is properly coded. It should never become a configuration option, hence the name of the macro. Reviewed-by:
Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/8479)
-
Richard Levitte authored
Fixes #8476 Reviewed-by:
Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8477)
-
Matt Caswell authored
With the recent addition of the -rawin option it should be possible for pkeyutl to sign and verify with Ed448 and Ed2559. The main remaining stumbling block is that those algorirthms only support "oneshot" operation. This commit enables pkeyutl to handle that. Reviewed-by:
Nicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/8431)
-
Dr. Matthias St. Pierre authored
Fixes #8472 Reviewed-by:
-
Richard Levitte authored
When tracing is disabled, don't generate errors, especially during init. Instead, just pretend the everything is fine. Reviewed-by:
-
- Mar 13, 2019
-
-
Nicola Tuveri authored
Fixes #8462 Reviewed-by:
-
Richard Levitte authored
TEST_ulong_eq was used previously because TEST_double_eq didn't exist at the time. Reviewed-by:
-
Richard Levitte authored
Again, compilers that don't like them being undeclared... Reviewed-by:
-
Richard Levitte authored
With enough warning flags, compilers complain when a non-static function hasn't been properly declared... Reviewed-by:
-
David von Oheimb authored
When the argument for '-pass' was badly formed, that argument got displayed in full. This turns out to not be such a good idea if the user simply forgot to start the argument with 'pass:', or spellt the prefix incorrectly. We therefore change the display to say that a colon is missing or only showing the incorrect prefix. Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
test/params_test.c is a program that tries to mimic how a provider and an application would or could handle OSSL_PARAM arrays. For the moment, this program tests a very raw way of handling OSSL_PARAM arrays. It is, however, written in a way that will hopefully make it possible to extend with other methods as APIs arise, and to set up test cases where a "provider" handles the array one way while the "application" handles it another way. Reviewed-by:
-
Matt Caswell authored
Don't try to load external provider modules in tests if we don't have DSO capability Reviewed-by:
-
Matt Caswell authored
no-cmac, no-poly1305 and no-siphash all caused the new test_mac to fail. Reviewed-by:
-
Matt Caswell authored
Also make various changes to bring the file into line with current coding style. Fixes #8456 Reviewed-by:
Paul Yang <yang.yang@baishancloud.com> (Merged from https://github.com/openssl/openssl/pull/8457)
-
杨洋 authored
Reviewed-by:
-
- Mar 12, 2019
-
-
Richard Levitte authored
This queries the provider for its available functionality (unless a matching method structured is already cached, in which case that's used instead), and creates method structure with the help of a passed constructor. The result is cached if the provider allows it (or if caching is forced). Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
In unrelated code Reviewed-by:
-
Pauli authored
Reviewed-by:
-
Pauli authored
Provide a number of functions to allow parameters to be set and retrieved in a type safe manner. Functions are provided for many integral types plus double, BIGNUM, UTF8 strings and OCTET strings. All of the integer functions will widen the parameter data as required. This permits a degree of malleability in the parameter definition. For example a type can be changed from a thirty two bit integer to a sixty four bit one without changing application code. Only four and eight byte integral sizes are supported here. A pair of real functions are available for doubles. A pair of functions is available for BIGNUMs. These accept any sized unsigned integer input and convert to/from a BIGNUM. For each OCTET and UTF8 strings, four functions are defined. This provide get and set functionality for string and for pointers to strings. The latter avoiding copies but have other inherent risks. Finally, some utility macros and functions are defined to allow OSSL_PARAM definition arrays to be specified in a simple manner. There are two macro and one function for most types. The exception being BIGNUM, for which there is one macro and one function. Reviewed-by:
-
Richard Levitte authored
The OSSL_PARAM attribute names |buffer| and |buffer_size| may lead to confusion, as they may make some think that the memory pointed at is an intermediate memory are. This is not generally the case, so we rename |buffer| and |buffer_size| to |data| and |data_size| Reviewed-by:
-
David von Oheimb authored
in INSTALL, Configure, crypto/build.info, include/openssl/crmferr.h, crypto/err/, include/openssl/err.h, and (to be updated:) util/libcrypto.num Reviewed-by:
Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by:
-
David von Oheimb authored
Also includes CRMF (RFC 4211) and HTTP transfer (RFC 6712) CMP and CRMF API is added to libcrypto, and the "cmp" app to the openssl CLI. Adds extensive man pages and tests. Integration into build scripts. Incremental pull request based on OpenSSL commit 1362190b of 2018-09-26 1st chunk: CRMF API (include/openssl/crmf.h) and its documentation (reviewed) Reviewed-by:
-
Shane Lontis authored
Reviewed-by:
-
Shane Lontis authored
Reviewed-by:
-
- Mar 11, 2019
-
-
Patrick Steuer authored
featuring 6x"horizontal" code path which is up to 25% faster than present 4x"vertical" for larger blocks. Signed-off-by:
Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Two tests are added, one that tests the internal API, the other tests the public API. Those two tests both test the same provider, which acts both as a built-in provider and as a loadable provider module. Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Adding a provider means creating an internal provier object and adding it to the store. This allows the addition of built in providers, be it in the OpenSSL libraries or in any application. "Loading" a provider is defined broadly. A built in provider is already "loaded" in essence and only needs activating, while a provider in a dynamically loadable module requires actually loading the module itself. In this API, "loading" a provider does both. Reviewed-by:
-
Richard Levitte authored
The OSSL_PROVIDER is the core object involved in loading a provider module, initialize a provider and do the initial communication of provider wide and core wide dispatch tables. Reviewed-by:
-
Richard Levitte authored
These will be used to point out general OpenSSL modules directory. ENGINE modules are kept apart for backward compatibility. Reviewed-by:
-
Shane Lontis authored
Reviewed-by:
-
Rich Salz authored
Reviewed-by:
-
Rich Salz authored
This does no harm, and ensures that the inclusion isn't mistakenly removed in the generated *err.h where it's actually needed. Reviewed-by:
-
