summaryrefslogtreecommitdiffstats
path: root/util
AgeCommit message (Collapse)Author
2023-09-20Add documentation for the function SSL_CONF_CTX_finish.Sumitra Sharma
Add documentation for the function SSL_CONF_CTX_finish() in man3. Fixes #22084 Signed-off-by: Sumitra Sharma <sumitraartsy@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22128) (cherry picked from commit 955c133ccccd2b6e3f5a1b1342045111fe8b3e86)
2023-07-09fips: make installations FIPS compliant by defaultPauli
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/21363) (cherry picked from commit dc6f3b9b8d6e54ea7d8669a158fd73b451862c7d)
2023-07-02fips: use correct field names when generating fipsmodule.cnfPauli
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21327) (cherry picked from commit 89111cbc3238dcdf47e921af38d6b12c4b32d326)
2023-05-30Update copyright yearTomas Mraz
Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes
2023-05-22Update VMS configurationsRichard Levitte
A native x86_64 C compiler has appeared. We preserve the previous config target with a new name to indicate that it's for cross compilation, at least for the time being. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20983) (cherry picked from commit d6175dcca746f0996db18ab2b6b37a4152097afe)
2023-04-21fips: setup the FIPS provider in pendantic mode for testingPauli
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20762) (cherry picked from commit c04e78f0c69201226430fed14c291c281da47f2d)
2023-03-25CMP add: fix -reqin option, which requires adding ↵Dr. David von Oheimb
OSSL_CMP_MSG_update_recipNonce() Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/20204) (cherry picked from commit b75d56dee09ac6f1fdb75169da891668cf181066)
2023-03-14check-format.pl: fix statistics on whitespace and nesting issuesDr. David von Oheimb
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/20254) (cherry picked from commit 2bdc60cbe9e6baa37d6fa68e80c024d23c050528)
2023-03-14check-format.pl: fix detection of '#ifdef __cplusplus'Dr. David von Oheimb
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/20254) (cherry picked from commit d327f7c4ad2fe19bb6e69818dc540f8ae7c37a39)
2023-03-14check-format.pl: fix detection of function body startDr. David von Oheimb
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/20254) (cherry picked from commit a49ade26324423fdf6eed4083a71f44e8a17754f)
2023-03-14check-format.pl: improve whitespace reporting on <op>=Dr. David von Oheimb
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18812) (cherry picked from commit 295ecb1600c52cbed3aad859b0bfd16966abe0e6)
2023-03-14check-format.pl: further fixes for whitespace reporting within 'for (...)'Dr. David von Oheimb
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18812) (cherry picked from commit f968648ef7e39230ee5def1baf212e7fd98fe67f)
2023-03-14check-format.pl: report #if and #elif with constant condition; improve ↵Dr. David von Oheimb
checks on '/*' Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18812) (cherry picked from commit bdb41f92420981928578167cc6db3bcbac206cea)
2023-03-14check-format.pl: extend checking into macro bodies; small further improvementsDr. David von Oheimb
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18812) (cherry picked from commit 1fb20f1d210d57520f4c91c707fc9a1eded0daa4)
2023-03-14check-format.pl: improve preprocessor directive handling; re-order state ↵Dr. David von Oheimb
variables Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18812) (cherry picked from commit 87c8a476645a476a1fe5a99bf222792e93bb92f3)
2023-03-14Update copyright yearMatt Caswell
Reviewed-by: Tomas Mraz <tomas@openssl.org> Release: yes (Merged from https://github.com/openssl/openssl/pull/20508)
2023-02-06Fix typo in Ordinals.pm from PR #14074Viktor Dukhovni
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20201) (cherry picked from commit 77c8d6d703efd1d935b5c2603fd31f4b15b1214d)
2023-01-10Documentation for EVP_PKEY_CTX_get0_pkey() and EVP_PKEY_CTX_get0_peerkey().Nikhil Bisht
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19962) (cherry picked from commit 3be76745e55eab9ea976f7a23e6c8ecd3bb8136c)
2023-01-05BIO_s_dgram: add documentation and hazard warningsHugo Landau
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19913)
2022-12-21make updateTomas Mraz
Reviewed-by: Hugo Landau <hlandau@openssl.org> Release: yes
2022-12-21Update copyright yearTomas Mraz
Reviewed-by: Hugo Landau <hlandau@openssl.org> Release: yes (Merged from https://github.com/openssl/openssl/pull/19944)
2022-12-08Move the description of the core types into their own pagesRichard Levitte
This expands on some of the core type descriptions, and also makes it easier to find the documentation for each type, at least on Unix, with a simple call like "man OSSL_ALGORITHM". Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19842) (cherry picked from commit 801e54d65ca5d87f3b003477f26597541b95b55b)
2022-12-08Better sorting of util/other.symsRichard Levitte
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19842) (cherry picked from commit 9dabb55da3463f651582db8ac9030afb5a718bd8)
2022-12-08Fix treatment of BUILD_METADATARichard Levitte
According to documentation [^1], the BUILD_METADATA from VERSION.dat should be prefixed with a plus sign when used. It is given this treatment in Configure, but not in all other scripts that use VERSION.dat directly. This change fixes that. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/19815) (cherry picked from commit 83a5bd80708adc6726deac390e405a7b50dec540)
2022-12-01Update copyright yearTomas Mraz
Reviewed-by: Matt Caswell <matt@openssl.org> Release: yes (Merged from https://github.com/openssl/openssl/pull/19803)
2022-11-25add missing OSSL_CMP_CTX_reset_geninfo_ITAVs() functionDr. David von Oheimb
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/19216) (cherry picked from commit a2ede0396addd13f7fe9a629b450a14892152a83)
2022-11-23Fix various typos, repeated words, align some spelling to LDP.FdaSilvaYY
Partially revamped from #16712 - fall thru -> fall through - time stamp -> timestamp - host name -> hostname - ipv6 -> IPv6 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19059) (cherry picked from commit d7f3a2cc8691c062ef5bdeef28b66f80c8f7d5c3)
2022-11-23Add BSD-armv4 target based on linux-armv4Piotr Kubaj
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18910) (cherry picked from commit a9389c0b75e69ebaf74fdc8fee0c983809e45931)
2022-11-21Improve FIPS RSA keygen performance.slontis
FIPS 186-4 has 5 different algorithms for key generation, and all of them rely on testing GCD(a,n) == 1 many times. Cachegrind was showing that during a RSA keygen operation, the function BN_gcd() was taking a considerable percentage of the total cycles. The default provider uses multiprime keygen, which seemed to be much faster. This is because it uses BN_mod_inverse() instead. For a 4096 bit key, the entropy of a key that was taking a long time to generate was recorded and fed back into subsequent runs. Roughly 40% of the cycle time was BN_gcd() with most of the remainder in the prime testing. Changing to use the inverse resulted in the cycle count being 96% in the prime testing. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19578) (cherry picked from commit dd1d7bcb69994d81662e709b0ad838880b943870)
2022-11-21Add deprecation macro for 3.1 and deprecate OPENSSL_LH_statsHugo Landau
Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17937) (cherry picked from commit 5317b6ee1fc3db20de5976fbb46cc49a45c0768a)
2022-11-18Add doc for EVP_ASYM_CIPHER-RSA and clean up OSSL_PROVIDER-FIPS.pod.slontis
Removed fields from missingcrypto.txt that are no longer missing. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19692) (cherry picked from commit ad60cd522b4f717a69c690f68f1591371a048591)
2022-11-18ParseC.pm: gracefully handle DOS-style end-of-line in source filesDr. David von Oheimb
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/19686) (cherry picked from commit c507db9678f50482df5f6c58e42572fe6fe3007c)
2022-11-09Add context dup functions for digests and ciphersPauli
Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17529) (cherry picked from commit 4e62f1a3af36512a1f5e1273d2dc54e3ce7f5fca) Reviewed-by: Hugo Landau <hlandau@openssl.org>
2022-11-09Fix typosDimitris Apostolou
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17392) (cherry picked from commit e304aa87b35fac5ea97c405dd3c21549faa45e78)
2022-11-09Add support for BSD-ppc, BSD-ppc64 and BSD-ppc64le configurationspkubaj
OpenSSL assumes AT_HWCAP = 16 (as on Linux), but on FreeBSD AT_HWCAP = 25 Switch to using AT_HWCAP, and setting it to 16 if it is not defined. CLA: trivial Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17090) (cherry picked from commit f5485b97b6c9977c0d39c7669b9f97a879312447)
2022-11-02rand: add set0 calls for the private and public DRBGsPauli
The FIPS 140-3 DSA and ECDSA tests need to be known answer tests which means the entropy needs to be cooked. This permits this. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/19486)
2022-10-19Fix many inconsistencies in doc of CMS_verify() and PKC7_verify() etc.Dr. David von Oheimb
Also change B< to I< in {CMS,PKCS7}_verify.pod, PKCS7_sign{,_add_signer}.pod Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/19108)
2022-09-29OpenSSL::config: Fix trivial bugsRichard Levitte
Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19285) (cherry picked from commit 2ba5bffa26c0c4677f48e730628c0b54c31c734c)
2022-09-29OpenSSL::config: Fix VMS guessesRichard Levitte
The MACHINE value from POSIX::uname() isn't trustworthy at all. MACHINE names like this has been seen: _HP__VMM___(1.67GHz/9.0MB) Perl's `$Config{archname}` is much more trustworthy, especially since VMS isn't a multiarch operating system, at least yet. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19285) (cherry picked from commit e63f5fdcb2658961f29fe7bed7968c0dcf7328a7)
2022-09-29OpenSSL::config: determine the MSVC target architecture by asking clRichard Levitte
Since cl knows what architecture it builds fore, all depending on what the user set up, it makes sense to ask it, and use that result primarly, and only use the POSIX::uname() MACHINE value as a fallback. Also, this does indeed determine if cl is present or not. We drop the explicit names in .github/workflows/windows.yml as proof of concept. Fixes #19281 Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19285) (cherry picked from commit 0747f94b5f7b7f07f21384507ba1adaea6f99e88)
2022-09-26Add documentation for the OPENSSL_gmtime functionsTodd Short
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19257) (cherry picked from commit 28a5aa0cbdddfdf4d82a437d72407d4f52d4e54a)
2022-09-16Add documentation and test for EVP_PBE_alg_addDaniel Fiala
Fixes openssl#18687 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19157) (cherry picked from commit 181167b6d0e5cd896847f7538adf28878b81b0b2)
2022-09-15util/wrap.pl.in: Use parentheses so `kill` gets all its argumentsRichard Levitte
In perl, this may be ambiguous: fn (expr1), expr2 Is the comma (which may be `=>` just as well in this case) a separator between arguments to `fn`, or is it the comma operator, separating the expressions `fn(expr1)` and `expr2`? It appears that in this particular case, perl takes the existing parentheses to mean the latter. When the former was intended, extra parentheses are required. Fixes #19209 Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19211) (cherry picked from commit ef6d6e452dc57ef4a55d7a6ec0693be650009bb5)
2022-08-24util/wrap.pl.in: If the subprocess died with a signal, let's re-signal itRichard Levitte
A simple 'kill' of the same signal on our own process should do it. This will allow the shell that this is running under to catch it properly, and output something if it usually does that. Fixes #19041 Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19042) (cherry picked from commit bf16ee4f95c31a66e76056c691f25a0d2b4a39c4)
2022-08-18Add some documentation for X509_gmtime_adj()Matt Caswell
Other very similar functions were documented, but this one was missing. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18974) (cherry picked from commit 425e972dfaf867affb5b3d438d9ca67bb6aeed65)
2022-07-20check-format.pl: fix detection of missing/extra blank lines in local declsDr. David von Oheimb
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (cherry picked from commit 23757b61d49ac3e46440dc34e56b83201106e440)
2022-07-20check-format.pl: fix false positive on 'for(;; stmt)'Dr. David von Oheimb
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (cherry picked from commit 4e9fa07121abf3ebaaf7e0367bd9be3a8b273ebf)
2022-07-20check-format.pl: improve wording: 'no' -> 'missing'; further minor improvementsDr. David von Oheimb
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Hugo Landau <hlandau@openssl.org> (cherry picked from commit 63263147a3ad55cb26d7cfcdfca474ce324a15ac)
2022-07-20check-format.pl: Fix report on space before ';' and allow it after ')'Dr. David von Oheimb
Reviewed-by: Paul Dale <pauli@openssl.org> (cherry picked from commit c30bc4e2093f47a37736944da548653bc08d774d)
2022-07-20check-format.pl: Fix report on missing space before +/-: allow, e.g., '1e-6'Dr. David von Oheimb
Reviewed-by: Paul Dale <pauli@openssl.org> (cherry picked from commit d45c0e1a5e89f01d83f6059c788524e901a11604)
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-22 04:52:53 +0000