My key activities this month were: - triage of newly reported issues and responding to questions - participation on the OTC meetings - reviews of various PRs: - I've reviewed about 80 PRs this month, merged many of them submitted by 3rd party contributors - Major PRs reviewed: - 3.0 alpha 11 release review - Update CMP doc on cert and key sources and extend use of PKCS#10 input #13841 - Deprecate EVP_KEY_new_CMAC_key #13829 - [crypto/dh] side channel hardening for computing DH shared keys #13783 - x509_vfy.c: Fix a regression in find_issuer(); extend and re-organize some tests #13762 - X509_cmp(): Fix comparison in case x509v3_cache_extensions() failed to due to invalid cert #13755 - Major improvemens of pkey app and bugfix on IS_HTTP(S) macros #13712 - X509 app: major cleanup of user guidance, documentation, and code structure #13711 - Fix a crash with multi-threaded applications using the FIPS module #13660 - apps/{req,x509,ca}.c Make sure certs have SKID and AKID by default #13658 - Use centralized fetching errors #13467 - Remove pkey_downgrade from PKCS7 code #13435 - Test CLI key validation and SM2 key validation #13359 - EVP: fix keygen for EVP_PKEY_RSA_PSS #13099 - submitted 11 PRs: - In particular: - chacha20: Properly reinitialize the cipher context with NULL key #13850 - Deprecation of the remaining functions related to X9.31 RSA key generation #13921 - Rename EVP_CIPHER_CTX_get_iv and EVP_CIPHER_CTX_get_iv_state for clarity #13870 - Fixes in DH derivation related to DH support in CMS #13869 - Implement missing algorithm id generation for the RSA-PSS signatures #13988 - took over the PR for deprecation of EC_KEY and related functions (#13139) from Shane, finalized it
-- Tomáš Mráz No matter how far down the wrong road you've gone, turn back. Turkish proverb [You'll know whether the road is wrong if you carefully listen to your conscience.]