As well as normal reviews, responding to user queries, wiki user requests, OMC business, handling security reports, etc., key activities this month:
- Continued work on and eventually merged a PR to add an HMAC implementation that was TLS aware - Managed the response to the Raccoon Attack and the associated 1.0.2w release - Fixed an EVP_MD_CTX related memory leak - Overhauled and fixed long standing issues with stafestack - Published a blog post on the OpenSSL Administrator and Manager position - Fixed the dgst app to not assume that it can send -1 for the length of a raw key - Implemented a fix for lhash along the same lines as the safestack fix - Drafted and attempted to get passed (only partially successfully) new coding style guidance about function arguments - Added support to the provider side EdDSA signature algorithm for AlgorithmIdentifiers. - Managed the release of 1.1.1h - Investigated and created a reproducer for an issue where EC based EVP_PKEYs fail to work in master where a private key is set but there is no public key, but the same code worked in 1.1.1 - Implemented provider side support for SM2 Asymmetric Encryption - Ongoing activity in the recruitment for the Administrator & Manager position - Renamed all *_with_libctx functions to *_ex() - Reviewed old issues for relevance to the beta1 milestone - Reviewed all the outstanding TODO(3.0) tags for relevance to the beta1 milestone - Attended 2 OTC vf2f meetings - Attended committer vf2f meeting - Ongoing attendance at regular developer meetings - Ongoing attendance at regular FIPS sponsor meetings Matt