summaryrefslogtreecommitdiff
path: root/crypto/crmf
Commit message (Collapse)AuthorAgeFilesLines
* crmf_lib.c: clean up coments on OSSL_CRMF_CERTTEMPLATE*()Dr. David von Oheimb2023-04-181-6/+2
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/20736)
* OSSL_CRMF_CERTTEMPLATE_get0_publicKey(): fix return type and docDr. David von Oheimb2023-04-181-1/+1
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/20736)
* Compensate for CMP-related TODOs removed by PR #15539Dr. David von Oheimb2022-12-074-1/+17
| | | | | | | Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/16006)
* Fix the check of EVP_PKEY_decrypt_initPeiwei Hu2022-12-051-1/+1
| | | | | | Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19819)
* CMP+CRMF: fix formatting nits in crypto/, include/, and test/Dr. David von Oheimb2022-11-244-36/+11
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/19230)
* CRMF: make create_popo_signature() check that pubkey and pkey matchDr. David von Oheimb2022-08-241-0/+6
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18930)
* add missing CRMF API function OSSL_CRMF_CERTTEMPLATE_get0_publicKey()Dr. David von Oheimb2022-08-241-0/+6
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18930)
* crmf_lib.c: Make sure Ed signature for POPO is called without digestDr. David von Oheimb2022-05-051-0/+6
| | | | | | | | | Fixes #18184 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/18230)
* Remove duplicated #include headersJHH202022-05-041-1/+0
| | | | | | | | | CLA: trivial Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/18220)
* Fix the return check of OBJ_obj2txtPW Hu2021-11-221-2/+2
| | | | | | | | Also update OBJ_nid2obj.pod to document the possible return values. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17005)
* OSSL_CRMF_{CERTTEMPLATE,CERTID}_get0_serialNumber(): Make result const for ↵Dr. David von Oheimb2021-06-301-2/+2
| | | | | | | | | | | consistency Also make doc/man3/OSSL_CRMF_MSG_get0_tmpl.pod consistent with crmf.h.in regarding const results Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15790)
* CMP: Add missing getter functions to CRMF API and CMP APIDr. David von Oheimb2021-06-301-4/+32
| | | | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15790)
* Adapt other parts of the source to the changed EVP_Q_digest() and EVP_Q_mac()Richard Levitte2021-06-231-3/+1
| | | | | | | | | Fixes #15839 Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15861)
* Update copyright yearMatt Caswell2021-06-173-3/+3
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15801)
* crmf: remove TODOsPauli2021-06-024-24/+1
| | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15539)
* Rename all getters to use get/get0 in nameTomas Mraz2021-06-011-5/+5
| | | | | | | | | | | | | | For functions that exist in 1.1.1 provide a simple aliases via #define. Fixes #15236 Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_, EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_, EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_, EVP_MD_, and EVP_CIPHER_ prefixes are renamed. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15405)
* crypto: updates to pass size_t to RAND_bytes_ex()Pauli2021-06-011-1/+1
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/15540)
* add zero strenght arguments to BN and RAND RNG callsPauli2021-05-291-1/+1
| | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15513)
* err: rename err_load_xxx_strings_int functionsPauli2021-05-261-1/+1
| | | | | | | | The new names are ossl_err_load_xxx_strings. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15446)
* Add quick one-shot EVP_Q_mac() and deprecation compensation decls for MAC ↵Dr. David von Oheimb2021-05-081-16/+8
| | | | | | | | | | | | | | functions This helps compensating for deprecated functions such as HMAC() and reduces clutter in the crypto lib, apps, and tests. Also fixes memory leaks in generate_cookie_callback() of apps/lib/s_cb.c. and replaces 'B<...>' by 'I<...>' where appropriate in HMAC.pod Partially fixes #14628. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14664)
* Prefer fetch over legacy get_digestby/get_cipherbyTomas Mraz2021-04-281-2/+17
| | | | | | | Fixes #14198 Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15028)
* Update copyright yearMatt Caswell2021-04-221-1/+1
| | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14986)
* Modify OBJ_nid2sn(OBJ_obj2nid(...)) occurences to use OBJ_obj2txt()Richard Levitte2021-04-182-12/+11
| | | | | | | | | | | The intention is to allow for OIDs for which libcrypto has no information, but are still fetchable for OSSL_ALGORITHM implementations that specify an OID amongst their names. Fixes #14278 Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14498)
* Update copyright yearMatt Caswell2021-03-111-1/+1
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14512)
* crmf: updates for the new additional MAC_init argumentsPauli2021-02-281-4/+2
| | | | | Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14310)
* ERR: Rebuild all generated error headers and source filesRichard Levitte2020-11-241-5/+11
| | | | | | | This is the result of 'make errors ERROR_REBUILD=-rebuild' Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13390)
* Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() callRichard Levitte2020-11-132-57/+45
| | | | | | | | | | This includes error reporting for libcrypto sub-libraries in surprising places. This was done using util/err-to-raise Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13318)
* Rename OPENSSL_CTX prefix to OSSL_LIB_CTXDr. Matthias St. Pierre2020-10-152-6/+6
| | | | | | | | | | | | Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER. The OPENSSL_CTX type stands out a little by using a different prefix. For consistency reasons, this type is renamed to OSSL_LIB_CTX. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12621)
* Run the withlibctx.pl scriptMatt Caswell2020-10-011-9/+7
| | | | | | | | Automatically rename all instances of _with_libctx() to _ex() as per our coding style. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12970)
* Fix safestack issues in crmf.hMatt Caswell2020-09-132-3/+0
| | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12781)
* Fix safestack issues in x509.hMatt Caswell2020-09-131-1/+0
| | | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12781)
* Use in CMP+CRMF libctx and propq param added to sign/verify/HMAC/decryptDr. David von Oheimb2020-08-213-56/+58
| | | | | Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11808)
* Add OPENSSL_CTX parameter to OSSL_CRMF_pbmp_new() and improve its docDr. David von Oheimb2020-08-211-5/+10
| | | | | Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11808)
* Streamline the CMP request session API, adding the generalized ↵Dr. David von Oheimb2020-07-301-1/+1
| | | | | | | | | OSSL_CMP_exec_certreq() Fixes #12395 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12431)
* Revert "The EVP_MAC functions have been renamed for consistency. The ↵Matt Caswell2020-07-161-3/+3
| | | | | | | | | | | | | | EVP_MAC_CTX_*" The commit claimed to make things more consistent. In fact it makes it less so. Revert back to the previous namig convention. This reverts commit d9c2fd51e2e278bc3f7793a104ff7b4879f6d63a. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12186)
* Fix CMP -days option range checking and test failing with enable-ubsanDr. David von Oheimb2020-06-221-19/+7
| | | | | Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/12175)
* The EVP_MAC functions have been renamed for consistency. The EVP_MAC_CTX_*Pauli2020-06-111-3/+3
| | | | | | | | | | | | | functions are now EVP_MAC functions, usually with ctx in their names. Before 3.0 is released, the names are mutable and this prevents more inconsistencies being introduced. There are no functional or code changes. Just the renaming and a little reformatting. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11997)
* Fix X509_PUBKEY_cmp(), move to crypto/x509/x_pubkey.c, rename, export, and ↵Dr. David von Oheimb2020-05-261-20/+1
| | | | | | | | | document it Fixes #11870 Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11894)
* Move decl of OSSL_CRMF_CERTID_dup from {crmf,cmp}_local.h to ↵Dr. David von Oheimb2020-05-241-1/+0
| | | | | | | | | | include/openssl/crmf.h fixes #11818 Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11911)
* In OpenSSL builds, declare STACK for datatypes ...Rich Salz2020-04-241-0/+3
| | | | | | | | | | | | | | | | | | | | | | ... and only *define* them in the source files that need them. Use DEFINE_OR_DECLARE which is set appropriately for internal builds and not non-deprecated builds. Deprecate stack-of-block Better documentation Move some ASN1 struct typedefs to types.h Update ParseC to handle this. Most of all, ParseC needed to be more consistent. The handlers are "recursive", in so far that they are called again and again until they terminate, which depends entirely on what the "massager" returns. There's a comment at the beginning of ParseC that explains how that works. {Richard Levtte} Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10669)
* Update copyright yearMatt Caswell2020-04-234-4/+4
| | | | | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11616)
* Constify various mostly X509-related parameter types in crypto/ and apps/Dr. David von Oheimb2020-03-232-7/+7
| | | | | | | | | in particular X509_NAME*, X509_STORE{,_CTX}*, and ASN1_INTEGER *, also some result types of new functions, which does not break compatibility Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/10504)
* Fix error in case CMP msg POPO is not provided in OSSL_CRMF_MSGS_verify_popo()Dr. David von Oheimb2020-03-102-5/+8
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/11142)
* Chunk 8 of CMP contribution to OpenSSL: CMP server and cmp_mock_srv.c for ↵Dr. David von Oheimb2020-03-102-30/+50
| | | | | | | | | | | | | testing Certificate Management Protocol (CMP, RFC 4210) extension to OpenSSL Also includes CRMF (RFC 4211) and HTTP transfer (RFC 6712). Adds the CMP and CRMF API to libcrypto and the "cmp" app to the CLI. Adds extensive documentation and tests. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/11142)
* Refactor CRMF_poposigningkey_init() to work with provider keysRichard Levitte2020-03-091-47/+12
| | | | | | | | | | The code in this function was almost entirely a copy of the functionality in ASN1_item_sign(), so it gets refactored to actually call ASN1_item_sign(), and thereby automatically gets support for EVP_PKEYs with only provider side keys. Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> (Merged from https://github.com/openssl/openssl/pull/11126)
* fix various formatting nits in CMP contribution chunks 1-6 found by the new ↵Dr. David von Oheimb2020-02-174-40/+42
| | | | | | | | | | | util/check-format.pl in addition: correct wording in doc, comments, and parameter names: self-signed -> self-issued where appropriate Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/10620)
* chunk 6 of CMP contribution to OpenSSLDr. David von Oheimb2019-12-124-22/+18
| | | | | | Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10297)
* Fix header file include guard namesDr. Matthias St. Pierre2019-09-281-2/+2
| | | | | | | | | | | | | Make the include guards consistent by renaming them systematically according to the naming conventions below For the public header files (in the 'include/openssl' directory), the guard names try to match the path specified in the include directives, with all letters converted to upper case and '/' and '.' replaced by '_'. For the private header files files, an extra 'OSSL_' is added as prefix. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9333)
* Reorganize public header files (part 1)Dr. Matthias St. Pierre2019-09-281-1/+1
| | | | | | | Rename <openssl/ossl_typ.h> to <openssl/types.h>. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9333)
* Reorganize local header filesDr. Matthias St. Pierre2019-09-284-4/+4
| | | | | | | | | | | | | Apart from public and internal header files, there is a third type called local header files, which are located next to source files in the source directory. Currently, they have different suffixes like '*_lcl.h', '*_local.h', or '*_int.h' This commit changes the different suffixes to '*_local.h' uniformly. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9333)
View Lorry Controller Status