Age | Commit message (Collapse) | Author |
|
Thanks to Hanno Böck for reporting this bug.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 39a43280316f1b9c45be5ac5b04f4f5c3f923686)
Conflicts:
crypto/pkcs12/p12_utl.c
|
|
RAND_pseudo_bytes() allows random data to be returned even in low entropy
conditions. Sometimes this is ok. Many times it is not. For the avoidance
of any doubt, replace existing usage of RAND_pseudo_bytes() with
RAND_bytes().
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
|
PR#4449
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 049f5bbce3eebdf4ec2030042eb2ae64bb67aedb)
Conflicts:
doc/crypto/PKCS12_newpass.pod
|
|
PR#4466
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit d800d0f45b7618c30692c01d4dbf96042468b932)
Conflicts:
crypto/pkcs12/p12_npas.c
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit c2319cf9fce87a2e82efb6e58ced11a85190dc3d)
|
|
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(cherry picked from commit 3f6c7691870d1cd2ad0e0c83638cef3f35a0b548)
|
|
Reviewed-by: Matt Caswell <matt@openssl.org>
|
|
The NULL cipher case can't actually happen because we have no
EVP_PBE_CTL combinations where cipher_nid is -1 and keygen is
PKCS12_PBE_keyivgen. But make the code more obviously correct.
Reviewed-by: Matt Caswell <matt@openssl.org>
(cherry picked from commit 394f7b6fcc38132b8ccff0a3253b9dd15640cfc0)
|
|
PR#3923
Reviewed-by: Tim Hudson <tjh@openssl.org>
(cherry picked from commit ffbf304d4832bd51bb0618f8ca5b7c26647ee664)
|
|
Pointed out by Victor Vasiliev (vasilvv@mit.edu) via Adam Langley
(Google).
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 1e4a355dcabe2f75df5bb8b41b394d37037169d2)
|
|
We had updates of certain header files in both Makefile.org and the
Makefile in the directory the header file lived in. This is error
prone and also sometimes generates slightly different results (usually
just a comment that differs) depending on which way the update was
done.
This removes the file update targets from the top level Makefile, adds
an update: target in all Makefiles and has it depend on the depend: or
local_depend: targets, whichever is appropriate, so we don't get a
double run through the whole file tree.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 0f539dc1a2f45580435c39dada44dd276e79cb88)
Conflicts:
Makefile.org
apps/Makefile
test/Makefile
|
|
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
PR#3278
(cherry picked from commit de56fe797081fc09ebd1add06d6e2df42a324fd5)
|
|
Use triple DES for certificate encryption if no-rc2 is
specified.
PR#3357
|
|
Add option to set an alternative to the default hmacWithSHA1 PRF
for PKCS#8 private key encryptions. This is used automatically
by PKCS8_encrypt if the nid specified is a PRF.
Add option to pkcs8 utility.
Update docs.
|
|
|
|
|
|
(cherry picked from commit cdb6c48445ded3daafab32e5f266943d07bb512b)
|
|
|
|
Submitted by: Remi Gacogne <rgacogne-bugs@coredump.fr>
Fix double free in PKCS12_parse if we run out of memory.
|
|
of assuming they will always suceed.
|
|
Submitted by: Alexei Khlebnikov <alexei.khlebnikov@opera.com>
Reviewed by: steve
OOM checking. Leak in OOM fix. Fall-through comment. Duplicate code
elimination.
|
|
Check return value if d2i_PBEPARAM().
|
|
|
|
|
|
about settings for local key id...
|
|
|
|
test for them!
|
|
knock-on work than expected - they've been extracted into a patch
series that can be completed elsewhere, or in a different branch,
before merging back to HEAD.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
supported encryption algorithm instead of a PBE NID then use that
algorithm with PBES2.
|
|
|
|
PR: 1170
Submitted by: Yair Elharrar
Reviewed and edited by: Nils Larsch
|
|
|
|
[most importantly] put back dependencies accidentaly eliminated in
check-in #13342.
|
|
|
|
attribute in EVP_PKEY structure.
|
|
(Also improve util/ck_errf.pl script, and occasionally
fix source code formatting.)
|
|
|
|
|
|
|
|
failure and freeing up memory if a failure occurs.
PR:620
|
|
|
|
if $(EXHEADER) is empty.
Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>
|