- Mar 30, 2019
-
-
Pauli authored
The output format now matches coreutils *dgst tools. [ edited to remove trailing white space ] Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8578)
-
- Mar 29, 2019
-
-
Paul Yang authored
Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8465)
-
Paul Yang authored
This follows #8321 which added the SM2 certificate verification feature. This commit adds the related docs - the newly added 2 APIs and options in apps/verify. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8465)
-
Paul Yang authored
This follows #8321 which added the SM2 certificate verification feature. This commit adds some test cases for #8321. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8465)
-
Dr. Matthias St. Pierre authored
It seems more intuitive to set `OPENSSL_TRACE=all` instead of `OPENSSL_TRACE=any` to obtain trace output for all categories. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8552)
-
Dr. Matthias St. Pierre authored
Previously, if the openssl application was run with OPENSSL_TRACE=any, all trace output would just show 'ANY' as the category name, which was not very useful. To get the correct category name printed in the trace output, the openssl application now registers separate channels for each category. The trace API is unchanged, it is still possible for an application to register a single channel for the 'ANY' category to see all outputt, if it does not need this level of detail. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8552)
-
Dr. Matthias St. Pierre authored
When OSSL_trace_get_category_num() is called with an unknown category name, it returns -1. This case needs to be considered in order to avoid out-of-bound memory access to the `trace_channels` array. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8552)
-
Dr. Matthias St. Pierre authored
Partially reverts d33d7616 Don't fail when tracing is disabled Commit d33d7616 fixed the problem that the initialization of libcrypto failed when tracing was disabled, because the unoperational ossl_trace_init() function returned a failure code. The problem was fixed by changing its return value from failure to success. As part of the fix the return values of other unimplemented trace API functions (like OSSL_trace_set_channel(),OSSL_trace_set_callback()) was changed from failure to success, too. This change was not necessary and is a bit problematic IMHO, because nobody expects an unimplemented function to pretend it succeeded. It's the application's duty to handle the case correctly when the trace API is not enabled (i.e., OPENSSL_NO_TRACE is defined), not the API's job to pretend success just to prevent the application from failing. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8552)
-
Patrick Steuer authored
>=20% faster than present code. Signed-off-by: Patrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8560)
-
Richard Levitte authored
Fixes #4856 Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1928)
-
Richard Levitte authored
The naming of generated assembler wasn't done quite right. There are assembler files that are generated from a perl script, and there are those who are not. Only the former must be renamed to the platform specific asm extension. Furthermore, we need to make sure that 'OSSL_provider_init' isn't case sensitive on VMS, to allow for the least surprise for provider builders. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8529)
-
Pauli authored
with padding bytes. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8611)
-
Pauli authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8611)
-
Pauli authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8611)
-
Pauli authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8611)
-
Pauli authored
The initialisation was also flawed, failing to account for padding and alignment bytes. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8611)
-
Pauli authored
This is probably harmless but best to properly initialise things. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8611)
-
Richard Levitte authored
Related to #8609 Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8612)
-
Richard Levitte authored
When 'openssl dgst' is called with a MD alias (such as sha256) and no further arguments (i.e. input is taken from stdin), the MD name wasn't shown. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8609)
-
Pauli authored
If the structures have empty padding bytes, ensure they are zeroed. These structures are added to seed pools as complete blocks including any padding and alignment bytes. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8610)
-
Soujyu Tanaka authored
Revert win32_pathbyaddr() which is used in DSO_dsobyaddr(). Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8596)
-
Soujyu Tanaka authored
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8596)
-
Soujyu Tanaka authored
Replace it with InitializeCriticalSection() Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8596)
-
Soujyu Tanaka authored
This implementation is referenced to https://www.boost.org/doc/libs/1_69_0/boost/detail/interlocked.hpp Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8596)
-
Pauli authored
Refer to FIPS 140-2 section 4.9.2 Conditional Tests for details. The check is fairly simplistic, being for the entropy sources to not feed the DRBG the same block of seed material twice in a row. Only the first DRBG in a chain is subject to this check, latter DRBGs are assumed to be safely seeded via the earlier DRBGs. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8599)
-
Andy Polyakov authored
Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8540)
-
Andy Polyakov authored
Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8540)
-
Shane Lontis authored
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8569)
-
- Mar 28, 2019
-
-
Pauli authored
Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8606)
-
Paul Monson authored
CLA: trivial Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8590)
-
Shane Lontis authored
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8566)
-
Dmitry Belyavskiy authored
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8308)
-
Matt Caswell authored
Fixes #8589 Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8597)
-
Pauli authored
/usr/include/bits/waitstatus.h includes endian.h under some libc's. This clashes with the new test header file, so rename the latter. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8600)
-
- Mar 27, 2019
-
-
Pauli authored
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8572)
-
Jake Massimo authored
DH_check is used to test the validity of Diffie-Hellman parameter sets (p, q, g). Among the tests performed are primality tests on p and q, for this BN_is_prime_ex is called with the rounds of Miller-Rabin set as default. This will therefore use the average case error estimates derived from the function BN_prime_checks_for_size based on the bit size of the number tested. However, these bounds are only accurate on testing random input. Within this testing scenario, where we are checking the validity of a DH parameter set, we can not assert that these parameters are randomly generated. Thus we must treat them as if they are adversarial in nature and increase the rounds of Miller-Rabin performed. Generally, each round of Miller-Rabin can declare a composite number prime with probability at most (1/4), thus 64 rounds is sufficient in thwarting known generation techniques (even in safe prime settings - see https://eprint.iacr.org/2019/032 for full analysis). The choice of 64 rounds is also consistent with SRP_NUMBER_ITERATIONS_FOR_PRIME 64 as used in srp_Verify_N_and_g in openssl/apps/s_client.c. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8593)
-
Matt Caswell authored
See discussion in github issue #8563 Fixes #8563 Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/8584)
-
Matt Caswell authored
EVP_MAC_ctrl is documented to return 0 or -1 on failure. Numerous places were not getting this check correct. Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/8584)
-
Matt Caswell authored
Fixes #8567 Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8586)
-
Matt Caswell authored
We treat that as automatic success. Other EVP_*Update functions already do this (e.g. EVP_EncryptUpdate, EVP_DecryptUpdate etc). EVP_EncodeUpdate is a bit of an anomoly. That treats 0 byte input length as an error. Fixes #8576 Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8587)
-