from:"Pauli"

[openssl/tools] f8f26f: HOWTO-make-a-release.md: Add section on adding new...

2024-06-06 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/tools
  Commit: f8f26f9e86a9f1bf9468663c93ecae577825704e
  
https://github.com/openssl/tools/commit/f8f26f9e86a9f1bf9468663c93ecae577825704e
  Author: Pauli 
  Date:   2024-06-06 (Thu, 06 Jun 2024)

  Changed paths:
M HOWTO-make-a-release.md

  Log Message:
  ---
  HOWTO-make-a-release.md: Add section on adding new releases to the provider 
compat CI

Reviewed-by: Richard Levitte 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/tools/pull/125)



To unsubscribe from these emails, change your notification settings at 
https://github.com/openssl/tools/settings/notifications

[openssl/openssl] 7725e7: x509: fix double locking problem

2022-12-08 Thread Pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: 7725e7bfe6f2ce8146b6552b44e0d226be7638e7
  
https://github.com/openssl/openssl/commit/7725e7bfe6f2ce8146b6552b44e0d226be7638e7
  Author: Pauli 
  Date:   2022-12-08 (Thu, 08 Dec 2022)

  Changed paths:
M crypto/x509/pcy_map.c

  Log Message:
  ---
  x509: fix double locking problem

This reverts commit 9aa4be691f5c73eb3c68606d824c104550c053f7 and removed the
redundant flag setting.

Fixes #19643

Fixes LOW CVE-2022-3996

Reviewed-by: Dmitry Belyavskiy 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19652)

(cherry picked from commit 4d0340a6d2f327700a059f0b8f954d6160f8eef5)


  Commit: 6fbbb53477a13508f7b2be5ab63e5a6c70ed4778
  
https://github.com/openssl/openssl/commit/6fbbb53477a13508f7b2be5ab63e5a6c70ed4778
  Author: Pauli 
  Date:   2022-12-08 (Thu, 08 Dec 2022)

  Changed paths:
A test/certs/pkitsta.pem
M test/recipes/80-test_cms.t
A test/smime-eml/SignedInvalidMappingFromanyPolicyTest7.eml

  Log Message:
  ---
  test: add test case for deadlock reported in #19643

Reviewed-by: Dmitry Belyavskiy 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19652)

(cherry picked from commit 61203c2c59df5d0022e316a4fe614e5d18907715)


Compare: https://github.com/openssl/openssl/compare/9a5c884999a5...6fbbb53477a1

[openssl/openssl] 1adc6d: x509: fix double locking problem

2022-12-08 Thread Pauli

  Branch: refs/heads/openssl-3.1
  Home:   https://github.com/openssl/openssl
  Commit: 1adc6dbdb8fd48bf1290e7e405af14dabffc04e8
  
https://github.com/openssl/openssl/commit/1adc6dbdb8fd48bf1290e7e405af14dabffc04e8
  Author: Pauli 
  Date:   2022-12-08 (Thu, 08 Dec 2022)

  Changed paths:
M crypto/x509/pcy_map.c

  Log Message:
  ---
  x509: fix double locking problem

This reverts commit 9aa4be691f5c73eb3c68606d824c104550c053f7 and removed the
redundant flag setting.

Fixes #19643

Fixes LOW CVE-2022-3996

Reviewed-by: Dmitry Belyavskiy 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19652)

(cherry picked from commit 4d0340a6d2f327700a059f0b8f954d6160f8eef5)


  Commit: d2cdcb663e646b372564485214fae1a878e292f4
  
https://github.com/openssl/openssl/commit/d2cdcb663e646b372564485214fae1a878e292f4
  Author: Pauli 
  Date:   2022-12-08 (Thu, 08 Dec 2022)

  Changed paths:
A test/certs/pkitsta.pem
M test/recipes/80-test_cms.t
A test/smime-eml/SignedInvalidMappingFromanyPolicyTest7.eml

  Log Message:
  ---
  test: add test case for deadlock reported in #19643

Reviewed-by: Dmitry Belyavskiy 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19652)

(cherry picked from commit 61203c2c59df5d0022e316a4fe614e5d18907715)


Compare: https://github.com/openssl/openssl/compare/31240c1a53af...d2cdcb663e64

[openssl/openssl] 4d0340: x509: fix double locking problem

2022-12-08 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 4d0340a6d2f327700a059f0b8f954d6160f8eef5
  
https://github.com/openssl/openssl/commit/4d0340a6d2f327700a059f0b8f954d6160f8eef5
  Author: Pauli 
  Date:   2022-12-08 (Thu, 08 Dec 2022)

  Changed paths:
M crypto/x509/pcy_map.c

  Log Message:
  ---
  x509: fix double locking problem

This reverts commit 9aa4be691f5c73eb3c68606d824c104550c053f7 and removed the
redundant flag setting.

Fixes #19643

Fixes LOW CVE-2022-3996

Reviewed-by: Dmitry Belyavskiy 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19652)


  Commit: 61203c2c59df5d0022e316a4fe614e5d18907715
  
https://github.com/openssl/openssl/commit/61203c2c59df5d0022e316a4fe614e5d18907715
  Author: Pauli 
  Date:   2022-12-08 (Thu, 08 Dec 2022)

  Changed paths:
A test/certs/pkitsta.pem
M test/recipes/80-test_cms.t
A test/smime-eml/SignedInvalidMappingFromanyPolicyTest7.eml

  Log Message:
  ---
  test: add test case for deadlock reported in #19643

Reviewed-by: Dmitry Belyavskiy 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19652)


Compare: https://github.com/openssl/openssl/compare/6c73ca4a2f4e...61203c2c59df

[openssl/openssl] 9ba4f4: evp_test: fix rebase mistake with no_gost

2022-11-29 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 9ba4f489ecd30901603d66a8ec578cbca08fac06
  
https://github.com/openssl/openssl/commit/9ba4f489ecd30901603d66a8ec578cbca08fac06
  Author: Pauli 
  Date:   2022-11-30 (Wed, 30 Nov 2022)

  Changed paths:
M test/recipes/30-test_evp.t

  Log Message:
  ---
  evp_test: fix rebase mistake with no_gost

Reviewed-by: Richard Levitte 
Reviewed-by: Hugo Landau 
(Merged from https://github.com/openssl/openssl/pull/19785)

[openssl/openssl] 059123: doc: fix location of AES-SIV ciphers

2022-11-29 Thread Pauli

  Branch: refs/heads/openssl-3.1
  Home:   https://github.com/openssl/openssl
  Commit: 059123bed8fa4e6d5af2d30063ebffeb0020ee85
  
https://github.com/openssl/openssl/commit/059123bed8fa4e6d5af2d30063ebffeb0020ee85
  Author: Pauli 
  Date:   2022-11-30 (Wed, 30 Nov 2022)

  Changed paths:
M doc/man7/EVP_CIPHER-AES.pod

  Log Message:
  ---
  doc: fix location of AES-SIV ciphers

Reviewed-by: Hugo Landau 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19776)

(cherry picked from commit d1aa7d11363ebb0dff080966f842fade91135eaa)

[openssl/openssl] d1aa7d: doc: fix location of AES-SIV ciphers

2022-11-29 Thread Pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: d1aa7d11363ebb0dff080966f842fade91135eaa
  
https://github.com/openssl/openssl/commit/d1aa7d11363ebb0dff080966f842fade91135eaa
  Author: Pauli 
  Date:   2022-11-30 (Wed, 30 Nov 2022)

  Changed paths:
M doc/man7/EVP_CIPHER-AES.pod

  Log Message:
  ---
  doc: fix location of AES-SIV ciphers

Reviewed-by: Hugo Landau 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19776)

[openssl/openssl] edaab8: aes: add AES-GCM-SIV modes to the FIPS provider

2022-11-29 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: edaab86dc001603741f5b5e406afc1cc3a1c4e6e
  
https://github.com/openssl/openssl/commit/edaab86dc001603741f5b5e406afc1cc3a1c4e6e
  Author: Pauli 
  Date:   2022-11-30 (Wed, 30 Nov 2022)

  Changed paths:
M doc/man7/EVP_CIPHER-AES.pod
M providers/fips/fipsprov.c
M providers/implementations/ciphers/build.info
M test/recipes/30-test_evp.t
M test/recipes/30-test_evp_data/evpciph_aes_gcm_siv.txt

  Log Message:
  ---
  aes: add AES-GCM-SIV modes to the FIPS provider

Reviewed-by: Hugo Landau 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19777)


  Commit: abff8bd842b802c09b981b7552bd92ef1d0ced64
  
https://github.com/openssl/openssl/commit/abff8bd842b802c09b981b7552bd92ef1d0ced64
  Author: Pauli 
  Date:   2022-11-30 (Wed, 30 Nov 2022)

  Changed paths:
M doc/man7/EVP_CIPHER-AES.pod
M test/recipes/30-test_evp_data/evpmac_common.txt

  Log Message:
  ---
  Update fips version check to be more robust

Reviewed-by: Hugo Landau 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19777)


  Commit: 4a7231df5ca9f3d8759dc8c22cb8e9f27b312024
  
https://github.com/openssl/openssl/commit/4a7231df5ca9f3d8759dc8c22cb8e9f27b312024
  Author: Pauli 
  Date:   2022-11-30 (Wed, 30 Nov 2022)

  Changed paths:
M doc/man7/OSSL_PROVIDER-FIPS.pod

  Log Message:
  ---
  fips prov: remove 3DES from list of inclusions

Reviewed-by: Hugo Landau 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19777)


Compare: https://github.com/openssl/openssl/compare/e44b34185268...4a7231df5ca9

[openssl/openssl] c5ca71: uint_set: convert uint_set to use the list data type

2022-11-15 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: c5ca718003e69ea0ef98392ce0abd4b6bfedeac8
  
https://github.com/openssl/openssl/commit/c5ca718003e69ea0ef98392ce0abd4b6bfedeac8
  Author: Pauli 
  Date:   2022-11-16 (Wed, 16 Nov 2022)

  Changed paths:
M include/internal/uint_set.h
M ssl/quic/quic_ackm.c
M ssl/quic/quic_sstream.c
M ssl/quic/uint_set.c

  Log Message:
  ---
  uint_set: convert uint_set to use the list data type

This is instead of re-implementing a linked list itself.

Reviewed-by: Tim Hudson 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19377)


  Commit: e32fc5ad0ea1a2d69f12d9208f2de489f7ee9737
  
https://github.com/openssl/openssl/commit/e32fc5ad0ea1a2d69f12d9208f2de489f7ee9737
  Author: Pauli 
  Date:   2022-11-16 (Wed, 16 Nov 2022)

  Changed paths:
M ssl/quic/quic_record_tx.c

  Log Message:
  ---
  QUIC tx record layer: use list.h

As opposed to implementing a linked list explicitly.

Reviewed-by: Tim Hudson 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19377)


  Commit: dead13551c6661d34af3e5ddf1bc53c9efdb5647
  
https://github.com/openssl/openssl/commit/dead13551c6661d34af3e5ddf1bc53c9efdb5647
  Author: Pauli 
  Date:   2022-11-16 (Wed, 16 Nov 2022)

  Changed paths:
M include/internal/quic_ackm.h
M ssl/quic/quic_ackm.c
M ssl/quic/quic_fifd.c

  Log Message:
  ---
  QUIC ackm: use list.h

Instead of implementing a list internally.

Reviewed-by: Tim Hudson 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19377)


  Commit: 3fb172ef0a635c2e705d3d1cb58624cfc6afd502
  
https://github.com/openssl/openssl/commit/3fb172ef0a635c2e705d3d1cb58624cfc6afd502
  Author: Pauli 
  Date:   2022-11-16 (Wed, 16 Nov 2022)

  Changed paths:
M include/internal/quic_demux.h
M ssl/quic/quic_demux.c
M ssl/quic/quic_record_rx.c

  Log Message:
  ---
  QUIC: use list.h

The demux and record RX implemented lists internally.  This changes them over
to using list.h.

Reviewed-by: Tim Hudson 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19377)


  Commit: ccdcb08d05725673a3c416f221905fb362dcf1a6
  
https://github.com/openssl/openssl/commit/ccdcb08d05725673a3c416f221905fb362dcf1a6
  Author: Pauli 
  Date:   2022-11-16 (Wed, 16 Nov 2022)

  Changed paths:
M include/internal/list.h

  Log Message:
  ---
  list: rename internal fields

This makes conversion to using list.h easier because the compiler will error
on an unknown field name rather than accepting `head` and `tail` and missing
some changes.

Reviewed-by: Tim Hudson 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19377)


  Commit: b6f1b059eefb493d02913e9b32bd267d9017ee73
  
https://github.com/openssl/openssl/commit/b6f1b059eefb493d02913e9b32bd267d9017ee73
  Author: Pauli 
  Date:   2022-11-16 (Wed, 16 Nov 2022)

  Changed paths:
M doc/internal/man3/DEFINE_LIST_OF.pod
M include/internal/list.h
M test/list_test.c

  Log Message:
  ---
  list: add an is empty function

Reviewed-by: Tim Hudson 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19377)


  Commit: 30773411264dca0a791a068759ec625bd0d4f34b
  
https://github.com/openssl/openssl/commit/30773411264dca0a791a068759ec625bd0d4f34b
  Author: Pauli 
  Date:   2022-11-16 (Wed, 16 Nov 2022)

  Changed paths:
M include/internal/list.h
M test/list_test.c

  Log Message:
  ---
  list: add debug sanity checks

Reviewed-by: Tim Hudson 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19377)


  Commit: 96796ab9baedee8b7de8d9ffc9e19dc0d8f8327a
  
https://github.com/openssl/openssl/commit/96796ab9baedee8b7de8d9ffc9e19dc0d8f8327a
  Author: Pauli 
  Date:   2022-11-16 (Wed, 16 Nov 2022)

  Changed paths:
M doc/internal/man3/DEFINE_LIST_OF.pod

  Log Message:
  ---
  Fix documenation mistakes

Reviewed-by: Tim Hudson 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19377)


Compare: https://github.com/openssl/openssl/compare/ec7689186f3e...96796ab9baed

[openssl/openssl] 6953cd: test: add two comparision options to fips version ...

2022-11-15 Thread Pauli

  Branch: refs/heads/openssl-3.1
  Home:   https://github.com/openssl/openssl
  Commit: 6953cda1edfd80c8d49269ce13314fbaff0d4532
  
https://github.com/openssl/openssl/commit/6953cda1edfd80c8d49269ce13314fbaff0d4532
  Author: Pauli 
  Date:   2022-11-15 (Tue, 15 Nov 2022)

  Changed paths:
M test/testutil.h
M test/testutil/provider.c

  Log Message:
  ---
  test: add two comparision options to fips version test utility code

Reviewed-by: Matt Caswell 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19666)

(cherry picked from commit fe84acc22757e77d48fb6ccc31abe4c72264c877)


  Commit: 176836fce910d499ff5d494bb61d3efafa820dc5
  
https://github.com/openssl/openssl/commit/176836fce910d499ff5d494bb61d3efafa820dc5
  Author: Pauli 
  Date:   2022-11-15 (Tue, 15 Nov 2022)

  Changed paths:
M test/recipes/03-test_fipsinstall.t

  Log Message:
  ---
  test: fix typo in test description

Reviewed-by: Matt Caswell 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19666)

(cherry picked from commit cc910f1b316a6ea3d4df57e719adda1922393f8f)


Compare: https://github.com/openssl/openssl/compare/08715aaa249f...176836fce910

[openssl/openssl] fe84ac: test: add two comparision options to fips version ...

2022-11-15 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: fe84acc22757e77d48fb6ccc31abe4c72264c877
  
https://github.com/openssl/openssl/commit/fe84acc22757e77d48fb6ccc31abe4c72264c877
  Author: Pauli 
  Date:   2022-11-15 (Tue, 15 Nov 2022)

  Changed paths:
M test/testutil.h
M test/testutil/provider.c

  Log Message:
  ---
  test: add two comparision options to fips version test utility code

Reviewed-by: Matt Caswell 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19666)


  Commit: cc910f1b316a6ea3d4df57e719adda1922393f8f
  
https://github.com/openssl/openssl/commit/cc910f1b316a6ea3d4df57e719adda1922393f8f
  Author: Pauli 
  Date:   2022-11-15 (Tue, 15 Nov 2022)

  Changed paths:
M test/recipes/03-test_fipsinstall.t

  Log Message:
  ---
  test: fix typo in test description

Reviewed-by: Matt Caswell 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19666)


Compare: https://github.com/openssl/openssl/compare/e5202fbd461c...cc910f1b316a

[openssl/openssl] 00cd06: test: add two comparision options to fips version ...

2022-11-14 Thread Pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: 00cd0627252a3159cde4818d4763103af19dad82
  
https://github.com/openssl/openssl/commit/00cd0627252a3159cde4818d4763103af19dad82
  Author: Pauli 
  Date:   2022-11-15 (Tue, 15 Nov 2022)

  Changed paths:
M test/testutil.h
M test/testutil/provider.c

  Log Message:
  ---
  test: add two comparision options to fips version test utility code

Reviewed-by: Tomas Mraz 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/19665)


  Commit: c3e8128befa7b4d8463d13d35eafdaf950531c43
  
https://github.com/openssl/openssl/commit/c3e8128befa7b4d8463d13d35eafdaf950531c43
  Author: Pauli 
  Date:   2022-11-15 (Tue, 15 Nov 2022)

  Changed paths:
M test/recipes/03-test_fipsinstall.t

  Log Message:
  ---
  fipsinstall test: skip PCT DSA signature test for new providers

Reviewed-by: Tomas Mraz 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/19665)


Compare: https://github.com/openssl/openssl/compare/bb0190e8a4d4...c3e8128befa7

[openssl/openssl] 709c04: punycode: update to use WPACKET instead of using c...

2022-11-10 Thread Pauli

  Branch: refs/heads/openssl-3.1
  Home:   https://github.com/openssl/openssl
  Commit: 709c04b5dd6a24f88459d9e214e85e396b2471fd
  
https://github.com/openssl/openssl/commit/709c04b5dd6a24f88459d9e214e85e396b2471fd
  Author: Pauli 
  Date:   2022-11-11 (Fri, 11 Nov 2022)

  Changed paths:
M crypto/punycode.c
M crypto/x509/v3_ncons.c
M doc/internal/man3/ossl_punycode_decode.pod
M include/crypto/punycode.h
M test/punycode_test.c

  Log Message:
  ---
  punycode: update to use WPACKET instead of using custom range checking

Add test for `.' overflows, remove the output size argument from
ossl_a2ulabel() since it was never used and greatly complicated the code.
Convert ossl_a2ulabel() to use WPACKET for building the output string.
Update the documentation to match the new definition of ossl_a2ulabel().

x509: let punycode handle the '\0' string termination.  Saves a memset(3)
and some size fiddling.  Also update to deal with the modified parameters.

Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/19591)

(cherry picked from commit 905ba924398f474e647de70345b4ae4089fedba7)


  Commit: f01ebab0c0ef26677ab6d885922ca1a1b24494fc
  
https://github.com/openssl/openssl/commit/f01ebab0c0ef26677ab6d885922ca1a1b24494fc
  Author: Pauli 
  Date:   2022-11-11 (Fri, 11 Nov 2022)

  Changed paths:
M fuzz/build.info
A fuzz/corpora/punycode/
A fuzz/corpora/punycode/0001
M fuzz/fuzzer.h
A fuzz/punycode.c
M include/crypto/punycode.h

  Log Message:
  ---
  fuzz: add punycode decoder fuzz test

Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/19591)

(cherry picked from commit 8aa82b337081b7a22c35dddad8d62fb1ca9ea884)


Compare: https://github.com/openssl/openssl/compare/7abe06cbb52c...f01ebab0c0ef

[openssl/openssl] 905ba9: punycode: update to use WPACKET instead of using c...

2022-11-10 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 905ba924398f474e647de70345b4ae4089fedba7
  
https://github.com/openssl/openssl/commit/905ba924398f474e647de70345b4ae4089fedba7
  Author: Pauli 
  Date:   2022-11-11 (Fri, 11 Nov 2022)

  Changed paths:
M crypto/punycode.c
M crypto/x509/v3_ncons.c
M doc/internal/man3/ossl_punycode_decode.pod
M include/crypto/punycode.h
M test/punycode_test.c

  Log Message:
  ---
  punycode: update to use WPACKET instead of using custom range checking

Add test for `.' overflows, remove the output size argument from
ossl_a2ulabel() since it was never used and greatly complicated the code.
Convert ossl_a2ulabel() to use WPACKET for building the output string.
Update the documentation to match the new definition of ossl_a2ulabel().

x509: let punycode handle the '\0' string termination.  Saves a memset(3)
and some size fiddling.  Also update to deal with the modified parameters.

Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/19591)


  Commit: 8aa82b337081b7a22c35dddad8d62fb1ca9ea884
  
https://github.com/openssl/openssl/commit/8aa82b337081b7a22c35dddad8d62fb1ca9ea884
  Author: Pauli 
  Date:   2022-11-11 (Fri, 11 Nov 2022)

  Changed paths:
M fuzz/build.info
A fuzz/corpora/punycode/
A fuzz/corpora/punycode/0001
M fuzz/fuzzer.h
A fuzz/punycode.c
M include/crypto/punycode.h

  Log Message:
  ---
  fuzz: add punycode decoder fuzz test

Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/19591)


Compare: https://github.com/openssl/openssl/compare/373d90128042...8aa82b337081

[openssl/openssl] d65b52: Put 3DES back into the FIPS provider as a non-appr...

2022-11-10 Thread Pauli

  Branch: refs/heads/openssl-3.1
  Home:   https://github.com/openssl/openssl
  Commit: d65b52ab5751c0c041d0acff2f09e1c30de16daa
  
https://github.com/openssl/openssl/commit/d65b52ab5751c0c041d0acff2f09e1c30de16daa
  Author: Pauli 
  Date:   2022-11-10 (Thu, 10 Nov 2022)

  Changed paths:
M providers/fips/fipsprov.c

  Log Message:
  ---
  Put 3DES back into the FIPS provider as a non-approved algorithm

This reverts commit fc0bb3411bd0c6ca264f610303933d0bf4f4682c and changes
how 3DES is advertised.

Reviewed-by: Shane Lontis 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19631)

(cherry picked from commit a0ea8ac134e8f503876f19bdc04da69e8862f3a7)


  Commit: d0afc4ecc004d4d7c7555947ec3307d6af5501f9
  
https://github.com/openssl/openssl/commit/d0afc4ecc004d4d7c7555947ec3307d6af5501f9
  Author: Pauli 
  Date:   2022-11-10 (Thu, 10 Nov 2022)

  Changed paths:
M test/recipes/30-test_evp.t

  Log Message:
  ---
  Revert "Move DES based test cases out of FIPS territory"

This reverts commit c511953a0828e126b80a9ea8cee12d001d685ba8.

Reviewed-by: Shane Lontis 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19631)

(cherry picked from commit c69cf38ec4b592a488f0c8d3042ecc345787ffc9)


  Commit: a7fb08256d0fbd881f828aa865e6450fdaa9d2b9
  
https://github.com/openssl/openssl/commit/a7fb08256d0fbd881f828aa865e6450fdaa9d2b9
  Author: Pauli 
  Date:   2022-11-10 (Thu, 10 Nov 2022)

  Changed paths:
M test/evp_libctx_test.c

  Log Message:
  ---
  Revert "Remove conditional FIPS dependence for 3DES"

This reverts commit 464c1011b02936850fc779739013dba52650840a.

Reviewed-by: Shane Lontis 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19631)

(cherry picked from commit ccc860a77e542bee24f64e44f7bcea5706068866)


  Commit: 78a4827dad6db9d45b37dde409ea5d6f3f3deeac
  
https://github.com/openssl/openssl/commit/78a4827dad6db9d45b37dde409ea5d6f3f3deeac
  Author: Pauli 
  Date:   2022-11-10 (Thu, 10 Nov 2022)

  Changed paths:
M test/recipes/80-test_cms.t

  Log Message:
  ---
  Revert "Skip DES based tests in FIPS mode"

This reverts commit 5db2b4a292b4576185287a9e01e4ba4098b4aa66.

Reviewed-by: Shane Lontis 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19631)

(cherry picked from commit 75fcf1062817421d8c5850ad0d52a913a2e6499a)


Compare: https://github.com/openssl/openssl/compare/13d3be4a37fc...78a4827dad6d

[openssl/openssl] a0ea8a: Put 3DES back into the FIPS provider as a non-appr...

2022-11-10 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: a0ea8ac134e8f503876f19bdc04da69e8862f3a7
  
https://github.com/openssl/openssl/commit/a0ea8ac134e8f503876f19bdc04da69e8862f3a7
  Author: Pauli 
  Date:   2022-11-10 (Thu, 10 Nov 2022)

  Changed paths:
M providers/fips/fipsprov.c

  Log Message:
  ---
  Put 3DES back into the FIPS provider as a non-approved algorithm

This reverts commit fc0bb3411bd0c6ca264f610303933d0bf4f4682c and changes
how 3DES is advertised.

Reviewed-by: Shane Lontis 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19631)


  Commit: c69cf38ec4b592a488f0c8d3042ecc345787ffc9
  
https://github.com/openssl/openssl/commit/c69cf38ec4b592a488f0c8d3042ecc345787ffc9
  Author: Pauli 
  Date:   2022-11-10 (Thu, 10 Nov 2022)

  Changed paths:
M test/recipes/30-test_evp.t

  Log Message:
  ---
  Revert "Move DES based test cases out of FIPS territory"

This reverts commit c511953a0828e126b80a9ea8cee12d001d685ba8.

Reviewed-by: Shane Lontis 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19631)


  Commit: ccc860a77e542bee24f64e44f7bcea5706068866
  
https://github.com/openssl/openssl/commit/ccc860a77e542bee24f64e44f7bcea5706068866
  Author: Pauli 
  Date:   2022-11-10 (Thu, 10 Nov 2022)

  Changed paths:
M test/evp_libctx_test.c

  Log Message:
  ---
  Revert "Remove conditional FIPS dependence for 3DES"

This reverts commit 464c1011b02936850fc779739013dba52650840a.

Reviewed-by: Shane Lontis 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19631)


  Commit: 75fcf1062817421d8c5850ad0d52a913a2e6499a
  
https://github.com/openssl/openssl/commit/75fcf1062817421d8c5850ad0d52a913a2e6499a
  Author: Pauli 
  Date:   2022-11-10 (Thu, 10 Nov 2022)

  Changed paths:
M test/recipes/80-test_cms.t

  Log Message:
  ---
  Revert "Skip DES based tests in FIPS mode"

This reverts commit 5db2b4a292b4576185287a9e01e4ba4098b4aa66.

Reviewed-by: Shane Lontis 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19631)


Compare: https://github.com/openssl/openssl/compare/2a5c0d93cfe6...75fcf1062817

[openssl/openssl] 5c7a2f: Coverity 1516624: Fix overrun memory access.

2022-11-03 Thread Pauli

  Branch: refs/heads/openssl-3.1
  Home:   https://github.com/openssl/openssl
  Commit: 5c7a2fc2790114d984526d6ca665affe039490e2
  
https://github.com/openssl/openssl/commit/5c7a2fc2790114d984526d6ca665affe039490e2
  Author: Pauli 
  Date:   2022-11-03 (Thu, 03 Nov 2022)

  Changed paths:
M test/punycode_test.c

  Log Message:
  ---
  Coverity 1516624: Fix overrun memory access.

Not possible to hit but good to address.

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19576)

(cherry picked from commit ce0a7cadadb973216399e70d3a69f352b0843deb)

[openssl/openssl] de45fe: Coverity 1516624: Fix overrun memory access.

2022-11-03 Thread Pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: de45fecf8aeab68cd137c7737973e00a9669897c
  
https://github.com/openssl/openssl/commit/de45fecf8aeab68cd137c7737973e00a9669897c
  Author: Pauli 
  Date:   2022-11-03 (Thu, 03 Nov 2022)

  Changed paths:
M test/punycode_test.c

  Log Message:
  ---
  Coverity 1516624: Fix overrun memory access.

Not possible to hit but good to address.

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19576)

(cherry picked from commit ce0a7cadadb973216399e70d3a69f352b0843deb)

[openssl/openssl] ce0a7c: Coverity 1516624: Fix overrun memory access.

2022-11-03 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: ce0a7cadadb973216399e70d3a69f352b0843deb
  
https://github.com/openssl/openssl/commit/ce0a7cadadb973216399e70d3a69f352b0843deb
  Author: Pauli 
  Date:   2022-11-03 (Thu, 03 Nov 2022)

  Changed paths:
M test/punycode_test.c

  Log Message:
  ---
  Coverity 1516624: Fix overrun memory access.

Not possible to hit but good to address.

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19576)

[openssl/openssl] 7c8187: rand: add set0 calls for the private and public DRBGs

2022-11-01 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 7c8187d43d043c6a66559ed341ff1e01b8711093
  
https://github.com/openssl/openssl/commit/7c8187d43d043c6a66559ed341ff1e01b8711093
  Author: Pauli 
  Date:   2022-11-02 (Wed, 02 Nov 2022)

  Changed paths:
M crypto/evp/evp_rand.c
M crypto/rand/rand_lib.c
M doc/man3/EVP_RAND.pod
M doc/man3/RAND_get0_primary.pod
M include/openssl/evp.h
M include/openssl/rand.h
M util/libcrypto.num

  Log Message:
  ---
  rand: add set0 calls for the private and public DRBGs

The FIPS 140-3 DSA and ECDSA tests need to be known answer tests which means
the entropy needs to be cooked.  This permits this.

Reviewed-by: Tomas Mraz 
Reviewed-by: Tim Hudson 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19510)


  Commit: 5db2b4a292b4576185287a9e01e4ba4098b4aa66
  
https://github.com/openssl/openssl/commit/5db2b4a292b4576185287a9e01e4ba4098b4aa66
  Author: Pauli 
  Date:   2022-11-02 (Wed, 02 Nov 2022)

  Changed paths:
M test/recipes/80-test_cms.t

  Log Message:
  ---
  Skip DES based tests in FIPS mode

Reviewed-by: Tomas Mraz 
Reviewed-by: Tim Hudson 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19510)


  Commit: c511953a0828e126b80a9ea8cee12d001d685ba8
  
https://github.com/openssl/openssl/commit/c511953a0828e126b80a9ea8cee12d001d685ba8
  Author: Pauli 
  Date:   2022-11-02 (Wed, 02 Nov 2022)

  Changed paths:
M test/recipes/30-test_evp.t

  Log Message:
  ---
  Move DES based test cases out of FIPS territory

Co-authored-by: Randall Steck 
Co-authored-by: Mark J. Minnoch 
Co-authored-by: Steve Weymann 

Reviewed-by: Tomas Mraz 
Reviewed-by: Tim Hudson 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19510)


  Commit: 464c1011b02936850fc779739013dba52650840a
  
https://github.com/openssl/openssl/commit/464c1011b02936850fc779739013dba52650840a
  Author: Pauli 
  Date:   2022-11-02 (Wed, 02 Nov 2022)

  Changed paths:
M test/evp_libctx_test.c

  Log Message:
  ---
  Remove conditional FIPS dependence for 3DES

Reviewed-by: Tomas Mraz 
Reviewed-by: Tim Hudson 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19510)


  Commit: 6e38ac39bbf2bc899485c5f710a2ced6238b1ea1
  
https://github.com/openssl/openssl/commit/6e38ac39bbf2bc899485c5f710a2ced6238b1ea1
  Author: Pauli 
  Date:   2022-11-02 (Wed, 02 Nov 2022)

  Changed paths:
M test/recipes/03-test_fipsinstall.t

  Log Message:
  ---
  Update fipsinstall tests

Co-authored-by: Randall Steck 
Co-authored-by: Mark J. Minnoch 
Co-authored-by: Steve Weymann 

Reviewed-by: Tomas Mraz 
Reviewed-by: Tim Hudson 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19510)


  Commit: fc0bb3411bd0c6ca264f610303933d0bf4f4682c
  
https://github.com/openssl/openssl/commit/fc0bb3411bd0c6ca264f610303933d0bf4f4682c
  Author: Pauli 
  Date:   2022-11-02 (Wed, 02 Nov 2022)

  Changed paths:
M providers/fips/fipsprov.c

  Log Message:
  ---
  Remove DES cipher from the FIPS provider

Co-authored-by: Randall Steck 
Co-authored-by: Mark J. Minnoch 
Co-authored-by: Steve Weymann 

Reviewed-by: Tomas Mraz 
Reviewed-by: Tim Hudson 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19510)


  Commit: 5b234be4c44f5b178bc69da3d610ae1b70441873
  
https://github.com/openssl/openssl/commit/5b234be4c44f5b178bc69da3d610ae1b70441873
  Author: Pauli 
  Date:   2022-11-02 (Wed, 02 Nov 2022)

  Changed paths:
M crypto/dsa/dsa_key.c
M crypto/ec/ec_key.c

  Log Message:
  ---
  dsa/ec: update pairwise tests to account for 140-3 IG 10.3.A additiocal 
comment 1

This mandates following SP 800-56A which, in 5.6.2.4, mandates a comparision
against a newly calculated public key.

Co-authored-by: Randall Steck 
Co-authored-by: Mark J. Minnoch 
Co-authored-by: Steve Weymann 

Reviewed-by: Tomas Mraz 
Reviewed-by: Tim Hudson 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19510)


  Commit: a11064c83b58f9e1b3741704a11cfec2d91aac0e
  
https://github.com/openssl/openssl/commit/a11064c83b58f9e1b3741704a11cfec2d91aac0e
  Author: Pauli 
  Date:   2022-11-02 (Wed, 02 Nov 2022)

  Changed paths:
M include/openssl/self_test.h
M providers/fips/self_test.c
M providers/fips/self_test_data.inc
M providers/fips/self_test_kats.c

  Log Message:
  ---
  Update FIPS KATs for 140-3

Co-authored-by: Randall Steck 
Co-authored-by: Mark J. Minnoch 
Co-authored-by: Steve Weymann 

Reviewed-by: Tomas Mraz 
Reviewed-by: Tim Hudson 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19510)


  Commit: 7057dddbcb5e053470121adeff0b6595fa6da0d8
  
https://github.com/openssl/openssl/commit/7057dddbcb5e053470121adeff0b6595fa6da0d8
  Author: Pauli 
  Date

[openssl/openssl] e30aad: rand: add set0 calls for the private and public DRBGs

2022-11-01 Thread Pauli

  Branch: refs/heads/openssl-3.1
  Home:   https://github.com/openssl/openssl
  Commit: e30aad54159aeef15b6386d67d4724242d828d12
  
https://github.com/openssl/openssl/commit/e30aad54159aeef15b6386d67d4724242d828d12
  Author: Pauli 
  Date:   2022-11-02 (Wed, 02 Nov 2022)

  Changed paths:
M crypto/evp/evp_rand.c
M crypto/rand/rand_lib.c
M doc/man3/EVP_RAND.pod
M doc/man3/RAND_get0_primary.pod
M include/openssl/evp.h
M include/openssl/rand.h
M util/libcrypto.num

  Log Message:
  ---
  rand: add set0 calls for the private and public DRBGs

The FIPS 140-3 DSA and ECDSA tests need to be known answer tests which means
the entropy needs to be cooked.  This permits this.

Reviewed-by: Tomas Mraz 
Reviewed-by: Tim Hudson 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19486)


  Commit: 3e218fd7bedaeafdb8ff25d8414aa7d70b09c124
  
https://github.com/openssl/openssl/commit/3e218fd7bedaeafdb8ff25d8414aa7d70b09c124
  Author: Pauli 
  Date:   2022-11-02 (Wed, 02 Nov 2022)

  Changed paths:
M test/recipes/80-test_cms.t

  Log Message:
  ---
  Skip DES based tests in FIPS mode

Reviewed-by: Tomas Mraz 
Reviewed-by: Tim Hudson 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19486)


  Commit: 55d9f73a43dc5c8036d87b9042beb505af1f1ad6
  
https://github.com/openssl/openssl/commit/55d9f73a43dc5c8036d87b9042beb505af1f1ad6
  Author: Pauli 
  Date:   2022-11-02 (Wed, 02 Nov 2022)

  Changed paths:
M test/recipes/30-test_evp.t

  Log Message:
  ---
  Move DES based test cases out of FIPS territory

Co-authored-by: Randall Steck 
Co-authored-by: Mark J. Minnoch 
Co-authored-by: Steve Weymann 

Reviewed-by: Tomas Mraz 
Reviewed-by: Tim Hudson 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19486)


  Commit: bf9c7c4bb42c6bf32023c97f9e90968f7f83a62b
  
https://github.com/openssl/openssl/commit/bf9c7c4bb42c6bf32023c97f9e90968f7f83a62b
  Author: Pauli 
  Date:   2022-11-02 (Wed, 02 Nov 2022)

  Changed paths:
M test/evp_libctx_test.c

  Log Message:
  ---
  Remove conditional FIPS dependence for 3DES

Reviewed-by: Tomas Mraz 
Reviewed-by: Tim Hudson 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19486)


  Commit: f66c14a0cc151e1fee78088cdeee1b320f160f7c
  
https://github.com/openssl/openssl/commit/f66c14a0cc151e1fee78088cdeee1b320f160f7c
  Author: Pauli 
  Date:   2022-11-02 (Wed, 02 Nov 2022)

  Changed paths:
M test/recipes/03-test_fipsinstall.t

  Log Message:
  ---
  Update fipsinstall tests

Co-authored-by: Randall Steck 
Co-authored-by: Mark J. Minnoch 
Co-authored-by: Steve Weymann 

Reviewed-by: Tomas Mraz 
Reviewed-by: Tim Hudson 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19486)


  Commit: dfb79d08e28dcaf1e3ccbc000775d3f52f33d4cf
  
https://github.com/openssl/openssl/commit/dfb79d08e28dcaf1e3ccbc000775d3f52f33d4cf
  Author: Pauli 
  Date:   2022-11-02 (Wed, 02 Nov 2022)

  Changed paths:
M providers/fips/fipsprov.c

  Log Message:
  ---
  Remove DES cipher from the FIPS provider

Co-authored-by: Randall Steck 
Co-authored-by: Mark J. Minnoch 
Co-authored-by: Steve Weymann 

Reviewed-by: Tomas Mraz 
Reviewed-by: Tim Hudson 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19486)


  Commit: df8f8432eb10b2ed56e48b692f930991f9624453
  
https://github.com/openssl/openssl/commit/df8f8432eb10b2ed56e48b692f930991f9624453
  Author: Pauli 
  Date:   2022-11-02 (Wed, 02 Nov 2022)

  Changed paths:
M crypto/dsa/dsa_key.c
M crypto/ec/ec_key.c

  Log Message:
  ---
  dsa/ec: update pairwise tests to account for 140-3 IG 10.3.A additiocal 
comment 1

This mandates following SP 800-56A which, in 5.6.2.4, mandates a comparision
against a newly calculated public key.

Co-authored-by: Randall Steck 
Co-authored-by: Mark J. Minnoch 
Co-authored-by: Steve Weymann 

Reviewed-by: Tomas Mraz 
Reviewed-by: Tim Hudson 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19486)


  Commit: 18477977496bbb183e0ccb71b71b1a8a87321729
  
https://github.com/openssl/openssl/commit/18477977496bbb183e0ccb71b71b1a8a87321729
  Author: Pauli 
  Date:   2022-11-02 (Wed, 02 Nov 2022)

  Changed paths:
M include/openssl/self_test.h
M providers/fips/self_test.c
M providers/fips/self_test_data.inc
M providers/fips/self_test_kats.c

  Log Message:
  ---
  Update FIPS KATs for 140-3

Co-authored-by: Randall Steck 
Co-authored-by: Mark J. Minnoch 
Co-authored-by: Steve Weymann 

Reviewed-by: Tomas Mraz 
Reviewed-by: Tim Hudson 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19486)


  Commit: dad5676c1a7ad669aac8d83f8ad1d5c4e4d74863
  
https://github.com/openssl/openssl/commit/dad5676c1a7ad669aac8d83f8ad1d5c4e4d74863
  Author: Pauli 
  Date

[openssl/openssl] 3b421e: Fix CVE-2022-3602 in punycode decoder.

2022-11-01 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 3b421ebc64c7b52f1b9feb3812bdc7781c784332
  
https://github.com/openssl/openssl/commit/3b421ebc64c7b52f1b9feb3812bdc7781c784332
  Author: Pauli 
  Date:   2022-11-01 (Tue, 01 Nov 2022)

  Changed paths:
M crypto/punycode.c

  Log Message:
  ---
  Fix CVE-2022-3602 in punycode decoder.

An off by one error in the punycode decoder allowed for a single unsigned int
overwrite of a buffer which could cause a crash and possible code execution.

Reviewed-by: Matt Caswell 
Reviewed-by: Tomas Mraz 
(cherry picked from commit fe3b639dc19b325846f4f6801f2f4604f56e3de3)


  Commit: 680e65b94c916af259bfdc2e25f1ab6e0c7a97d6
  
https://github.com/openssl/openssl/commit/680e65b94c916af259bfdc2e25f1ab6e0c7a97d6
  Author: Pauli 
  Date:   2022-11-01 (Tue, 01 Nov 2022)

  Changed paths:
M crypto/punycode.c

  Log Message:
  ---
  Fix CVE-2022-3786 in punycode decoder.

Fixed the ossl_a2ulabel() function which also contained a potential
buffer overflow, albeit without control of the contents.
This overflow could result in a crash (causing a denial of service).

The function also did not NUL-terminate the output in some cases.

The two issues fixed here were dentified and reported
by Viktor Dukhovni while researching CVE-2022-3602.

Reviewed-by: Matt Caswell 
Reviewed-by: Tomas Mraz 
(cherry picked from commit c42165b5706e42f67ef8ef4c351a9a4c5d21639a)


  Commit: a0af4a3c8b18c435a5a4afb28b3ad1a2730e6ea8
  
https://github.com/openssl/openssl/commit/a0af4a3c8b18c435a5a4afb28b3ad1a2730e6ea8
  Author: Pauli 
  Date:   2022-11-01 (Tue, 01 Nov 2022)

  Changed paths:
M test/build.info
A test/punycode_test.c
A test/recipes/04-test_punycode.t

  Log Message:
  ---
  punycode: add unit tests

These tests verify basic functionality and specifically test for
CVE-2022-3602.

Reviewed-by: Matt Caswell 
Reviewed-by: Tomas Mraz 
(cherry picked from commit f0f530216bf93e9cdc9c2c9e3c095229d216da15)


Compare: https://github.com/openssl/openssl/compare/89d723113277...a0af4a3c8b18

[openssl/openssl] 9fb0ff: rand: remove the ossl_rand_pool_add_additional_dat...

2022-10-26 Thread Pauli

  Branch: refs/heads/openssl-3.1
  Home:   https://github.com/openssl/openssl
  Commit: 9fb0ff30343a08cf9650159410426468502eaebf
  
https://github.com/openssl/openssl/commit/9fb0ff30343a08cf9650159410426468502eaebf
  Author: Pauli 
  Date:   2022-10-27 (Thu, 27 Oct 2022)

  Changed paths:
M providers/implementations/include/prov/seeding.h
M providers/implementations/rands/seeding/rand_unix.c
M providers/implementations/rands/seeding/rand_vms.c
M providers/implementations/rands/seeding/rand_vxworks.c
M providers/implementations/rands/seeding/rand_win.c

  Log Message:
  ---
  rand: remove the ossl_rand_pool_add_additional_data() function.

This function isn't called from anywhere and cannot easily be used
by the current RNG infrastructure.

Reviewed-by: Tomas Mraz 
Reviewed-by: Matthias St. Pierre 
(Merged from https://github.com/openssl/openssl/pull/19493)

(cherry picked from commit da7db83cc44d2c8761e9074caf8befd443ea8be8)

[openssl/openssl] da7db8: rand: remove the ossl_rand_pool_add_additional_dat...

2022-10-26 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: da7db83cc44d2c8761e9074caf8befd443ea8be8
  
https://github.com/openssl/openssl/commit/da7db83cc44d2c8761e9074caf8befd443ea8be8
  Author: Pauli 
  Date:   2022-10-27 (Thu, 27 Oct 2022)

  Changed paths:
M providers/implementations/include/prov/seeding.h
M providers/implementations/rands/seeding/rand_unix.c
M providers/implementations/rands/seeding/rand_vms.c
M providers/implementations/rands/seeding/rand_vxworks.c
M providers/implementations/rands/seeding/rand_win.c

  Log Message:
  ---
  rand: remove the ossl_rand_pool_add_additional_data() function.

This function isn't called from anywhere and cannot easily be used
by the current RNG infrastructure.

Reviewed-by: Tomas Mraz 
Reviewed-by: Matthias St. Pierre 
(Merged from https://github.com/openssl/openssl/pull/19493)

[openssl/openssl] c7a02b: doc: fix copy/paste error

2022-10-23 Thread Pauli

  Branch: refs/heads/OpenSSL_1_1_1-stable
  Home:   https://github.com/openssl/openssl
  Commit: c7a02ba09e3c3088d635a91ab179a1e7bdd5e340
  
https://github.com/openssl/openssl/commit/c7a02ba09e3c3088d635a91ab179a1e7bdd5e340
  Author: Pauli 
  Date:   2022-10-24 (Mon, 24 Oct 2022)

  Changed paths:
M doc/man3/OPENSSL_init_crypto.pod

  Log Message:
  ---
  doc: fix copy/paste error

Fixes #19460

Reviewed-by: Tim Hudson 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19461)

(cherry picked from commit 5b9480fc1e814bf8fa2dce0dbbede147f04d477c)

[openssl/openssl] 5b9480: doc: fix copy/paste error

2022-10-23 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 5b9480fc1e814bf8fa2dce0dbbede147f04d477c
  
https://github.com/openssl/openssl/commit/5b9480fc1e814bf8fa2dce0dbbede147f04d477c
  Author: Pauli 
  Date:   2022-10-24 (Mon, 24 Oct 2022)

  Changed paths:
M doc/man3/OPENSSL_init_crypto.pod

  Log Message:
  ---
  doc: fix copy/paste error

Fixes #19460

Reviewed-by: Tim Hudson 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19461)

[openssl/openssl] f713ec: doc: fix copy/paste error

2022-10-23 Thread Pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: f713ec7d9d146194ca572f7b7f8cc3434119f400
  
https://github.com/openssl/openssl/commit/f713ec7d9d146194ca572f7b7f8cc3434119f400
  Author: Pauli 
  Date:   2022-10-24 (Mon, 24 Oct 2022)

  Changed paths:
M doc/man3/OPENSSL_init_crypto.pod

  Log Message:
  ---
  doc: fix copy/paste error

Fixes #19460

Reviewed-by: Tim Hudson 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19461)

(cherry picked from commit 5b9480fc1e814bf8fa2dce0dbbede147f04d477c)

[openssl/openssl] 453446: default provider: include RIPEMD160

2022-10-19 Thread Pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: 4534468866c2b29d197c48f0763c32e5a7b65868
  
https://github.com/openssl/openssl/commit/4534468866c2b29d197c48f0763c32e5a7b65868
  Author: Pauli 
  Date:   2022-10-19 (Wed, 19 Oct 2022)

  Changed paths:
M crypto/ripemd/build.info
M providers/defltprov.c
M providers/implementations/digests/build.info
M test/recipes/30-test_evp_data/evpmd_ripemd.txt

  Log Message:
  ---
  default provider: include RIPEMD160

Including RIPEMD160 in both the default and legacy providers shouldn't break
anyone and makes the algorithm available more readily.

Fixes #17722

Reviewed-by: Richard Levitte 
Reviewed-by: Tim Hudson 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19375)

(cherry picked from commit ecd831469919215b0a45693b00ec0fd7d42d5d61)


  Commit: 2f355186551c9d7d5285c96a205a8f2767173527
  
https://github.com/openssl/openssl/commit/2f355186551c9d7d5285c96a205a8f2767173527
  Author: Tomas Mraz 
  Date:   2022-10-19 (Wed, 19 Oct 2022)

  Changed paths:
M crypto/ripemd/build.info
M providers/implementations/digests/build.info

  Log Message:
  ---
  Avoid putting ripemd_prov.c in libcommon otherwise it is regarded as fips 
source

Reviewed-by: Richard Levitte 
Reviewed-by: Paul Dale 
Reviewed-by: Tim Hudson 
(Merged from https://github.com/openssl/openssl/pull/19375)

(cherry picked from commit 155a82d1fe1c50d859081ff67f26633b9d7dada8)


  Commit: f1e990b855ce1613041d847ccd3048ca6835f95a
  
https://github.com/openssl/openssl/commit/f1e990b855ce1613041d847ccd3048ca6835f95a
  Author: Pauli 
  Date:   2022-10-19 (Wed, 19 Oct 2022)

  Changed paths:
M doc/man7/EVP_MD-RIPEMD160.pod
M doc/man7/OSSL_PROVIDER-default.pod

  Log Message:
  ---
  ripemd: document as being present in the default provider

Reviewed-by: Richard Levitte 
Reviewed-by: Tim Hudson 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19375)

(cherry picked from commit fdc5043d58900663b493147298e64f11353b35fe)


Compare: https://github.com/openssl/openssl/compare/c861c3ee142a...f1e990b855ce

[openssl/openssl] ce9317: Add changes entry for RIPEMD160 being added to the...

2022-10-19 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: ce9317a4cfc01541964a14745c4d09e2a846981c
  
https://github.com/openssl/openssl/commit/ce9317a4cfc01541964a14745c4d09e2a846981c
  Author: Pauli 
  Date:   2022-10-19 (Wed, 19 Oct 2022)

  Changed paths:
M CHANGES.md

  Log Message:
  ---
  Add changes entry for RIPEMD160 being added to the default provider

Reviewed-by: Richard Levitte 
Reviewed-by: Tim Hudson 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19375)


  Commit: ecd831469919215b0a45693b00ec0fd7d42d5d61
  
https://github.com/openssl/openssl/commit/ecd831469919215b0a45693b00ec0fd7d42d5d61
  Author: Pauli 
  Date:   2022-10-19 (Wed, 19 Oct 2022)

  Changed paths:
M crypto/ripemd/build.info
M providers/defltprov.c
M providers/implementations/digests/build.info
M test/recipes/30-test_evp_data/evpmd_ripemd.txt

  Log Message:
  ---
  default provider: include RIPEMD160

Including RIPEMD160 in both the default and legacy providers shouldn't break
anyone and makes the algorithm available more readily.

Fixes #17722

Reviewed-by: Richard Levitte 
Reviewed-by: Tim Hudson 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19375)


  Commit: 155a82d1fe1c50d859081ff67f26633b9d7dada8
  
https://github.com/openssl/openssl/commit/155a82d1fe1c50d859081ff67f26633b9d7dada8
  Author: Tomas Mraz 
  Date:   2022-10-19 (Wed, 19 Oct 2022)

  Changed paths:
M crypto/ripemd/build.info
M providers/implementations/digests/build.info

  Log Message:
  ---
  Avoid putting ripemd_prov.c in libcommon otherwise it is regarded as fips 
source

Reviewed-by: Richard Levitte 
Reviewed-by: Paul Dale 
Reviewed-by: Tim Hudson 
(Merged from https://github.com/openssl/openssl/pull/19375)


  Commit: fdc5043d58900663b493147298e64f11353b35fe
  
https://github.com/openssl/openssl/commit/fdc5043d58900663b493147298e64f11353b35fe
  Author: Pauli 
  Date:   2022-10-19 (Wed, 19 Oct 2022)

  Changed paths:
M doc/man7/EVP_MD-RIPEMD160.pod
M doc/man7/OSSL_PROVIDER-default.pod

  Log Message:
  ---
  ripemd: document as being present in the default provider

Reviewed-by: Richard Levitte 
Reviewed-by: Tim Hudson 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19375)


Compare: https://github.com/openssl/openssl/compare/72620ac79133...fdc5043d5890

[openssl/openssl] e2b2e6: init: fix defined but unused warning/error

2022-10-18 Thread Pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: e2b2e6b166b2d1b9c094d62e5e8cf79ab9e24430
  
https://github.com/openssl/openssl/commit/e2b2e6b166b2d1b9c094d62e5e8cf79ab9e24430
  Author: Pauli 
  Date:   2022-10-18 (Tue, 18 Oct 2022)

  Changed paths:
M crypto/init.c

  Log Message:
  ---
  init: fix defined but unused warning/error

The #ifdefs weren't quite correct at times.

Reviewed-by: Tomas Mraz 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/18503)

(cherry picked from commit 979575c6ef10ab9b8d74d8c00852b2250eb78f29)

[openssl/openssl] 9ab57f: Coverity 1515953: negative loop bound

2022-10-16 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 9ab57f29c78d8d69b6ba9c579521594d7170ca44
  
https://github.com/openssl/openssl/commit/9ab57f29c78d8d69b6ba9c579521594d7170ca44
  Author: Pauli 
  Date:   2022-10-14 (Fri, 14 Oct 2022)

  Changed paths:
M crypto/encode_decode/encoder_pkey.c

  Log Message:
  ---
  Coverity 1515953: negative loop bound

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19413)

[openssl/openssl] 681c46: test: condition out code that relies on CHACHA.

2022-10-10 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 681c461910b1b72af263ec735bac1310b2fadcd0
  
https://github.com/openssl/openssl/commit/681c461910b1b72af263ec735bac1310b2fadcd0
  Author: Pauli 
  Date:   2022-10-10 (Mon, 10 Oct 2022)

  Changed paths:
M test/bio_dgram_test.c
M test/quic_record_test.c

  Log Message:
  ---
  test: condition out code that relies on CHACHA.

Run checker does a no-chacha build and tests fail because it can't be fetched.

Fixes #19363

Reviewed-by: Dmitry Belyavskiy 
Reviewed-by: Shane Lontis 
Reviewed-by: Tomas Mraz 
Reviewed-by: Tim Hudson 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/19366)

[openssl/openssl] 9690b9: Coverity 1515540: resource leak

2022-09-27 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 9690b9737d46cc52cc93682a63b110f5513e7671
  
https://github.com/openssl/openssl/commit/9690b9737d46cc52cc93682a63b110f5513e7671
  Author: Pauli 
  Date:   2022-09-27 (Tue, 27 Sep 2022)

  Changed paths:
M test/pkcs12_format_test.c

  Log Message:
  ---
  Coverity 1515540: resource leak

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19275)


  Commit: 8bc703c2886c2104f1d472ab681bc7a8c081427a
  
https://github.com/openssl/openssl/commit/8bc703c2886c2104f1d472ab681bc7a8c081427a
  Author: Pauli 
  Date:   2022-09-27 (Tue, 27 Sep 2022)

  Changed paths:
M apps/pkcs12.c

  Log Message:
  ---
  Coverity 1515538: resource leak

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19275)


Compare: https://github.com/openssl/openssl/compare/508e087c4c9e...8bc703c2886c

[openssl/openssl] 4efc96: update overview with a note about many to one conn...

2022-09-23 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 4efc969852cdb7883d240e423e887a57504dcd36
  
https://github.com/openssl/openssl/commit/4efc969852cdb7883d240e423e887a57504dcd36
  Author: Pauli 
  Date:   2022-09-23 (Fri, 23 Sep 2022)

  Changed paths:
M doc/designs/quic-design/quic-overview.md

  Log Message:
  ---
  update overview with a note about many to one connection ID cache

Reviewed-by: Hugo Landau 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/18824)


  Commit: 538ee4e0977492009f8ca39d577d8a1aeb8d27fd
  
https://github.com/openssl/openssl/commit/538ee4e0977492009f8ca39d577d8a1aeb8d27fd
  Author: Pauli 
  Date:   2022-09-23 (Fri, 23 Sep 2022)

  Changed paths:
A doc/designs/quic-design/connection-id-cache.md

  Log Message:
  ---
  Add design document for the QUIC connection ID cache.

Reviewed-by: Hugo Landau 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/18824)


Compare: https://github.com/openssl/openssl/compare/8e90a12ad82d...538ee4e09774

[openssl/openssl] 33796d: Coverity 1515415: NULL dereference

2022-09-21 Thread Pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: 33796db4a5c3ea68ae80530dcbff60222c5a2008
  
https://github.com/openssl/openssl/commit/33796db4a5c3ea68ae80530dcbff60222c5a2008
  Author: Pauli 
  Date:   2022-09-21 (Wed, 21 Sep 2022)

  Changed paths:
M test/helpers/ssltestlib.c

  Log Message:
  ---
  Coverity 1515415: NULL dereference

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19236)

(cherry picked from commit 82d46d14462491681f25d016508715e85c1dc4d1)

[openssl/openssl] 82d46d: Coverity 1515415: NULL dereference

2022-09-21 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 82d46d14462491681f25d016508715e85c1dc4d1
  
https://github.com/openssl/openssl/commit/82d46d14462491681f25d016508715e85c1dc4d1
  Author: Pauli 
  Date:   2022-09-21 (Wed, 21 Sep 2022)

  Changed paths:
M test/helpers/ssltestlib.c

  Log Message:
  ---
  Coverity 1515415: NULL dereference

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19236)

[openssl/openssl] 03781b: Remove FIPS condition on SM2 test.

2022-09-21 Thread Pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: 03781b3771092fd095fe9b8b5ba64aca45acf362
  
https://github.com/openssl/openssl/commit/03781b3771092fd095fe9b8b5ba64aca45acf362
  Author: Pauli 
  Date:   2022-09-21 (Wed, 21 Sep 2022)

  Changed paths:
M test/evp_extra_test.c

  Log Message:
  ---
  Remove FIPS condition on SM2 test.

Reviewed-by: Richard Levitte 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19237)

(cherry picked from commit 919adfcf6683d82f876060b6cf9f57e875d547b2)


  Commit: 5f3dcdf37e777191b4e859000fd1f9c64262f1b5
  
https://github.com/openssl/openssl/commit/5f3dcdf37e777191b4e859000fd1f9c64262f1b5
  Author: Pauli 
  Date:   2022-09-21 (Wed, 21 Sep 2022)

  Changed paths:
M test/aesgcmtest.c

  Log Message:
  ---
  Remove FIPS condition on IV gen test.

Reviewed-by: Richard Levitte 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19237)

(cherry picked from commit 3fd255acb7b65a30afd1b23e17db2163fb9ffd8d)


  Commit: c663fb6fc880269663aa0ee744b579fbfbd255b8
  
https://github.com/openssl/openssl/commit/c663fb6fc880269663aa0ee744b579fbfbd255b8
  Author: Pauli 
  Date:   2022-09-21 (Wed, 21 Sep 2022)

  Changed paths:
M test/drbgtest.c

  Log Message:
  ---
  Runtime detect FIPS RNG usage in test

Reviewed-by: Richard Levitte 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19237)

(cherry picked from commit c91f972c9fba61c5db761a49e13df4dadcba068a)


  Commit: ff9b1fe302c2c5022f35ad3b78f05080ff4908da
  
https://github.com/openssl/openssl/commit/ff9b1fe302c2c5022f35ad3b78f05080ff4908da
  Author: Pauli 
  Date:   2022-09-21 (Wed, 21 Sep 2022)

  Changed paths:
M test/build.info

  Log Message:
  ---
  Remove unnecessary define

Reviewed-by: Richard Levitte 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19237)

(cherry picked from commit 1cef04091ab12bda0e1c6a5874e9d113c44bbdd8)


Compare: https://github.com/openssl/openssl/compare/e711c4b32b09...ff9b1fe302c2

[openssl/openssl] 919adf: Remove FIPS condition on SM2 test.

2022-09-21 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 919adfcf6683d82f876060b6cf9f57e875d547b2
  
https://github.com/openssl/openssl/commit/919adfcf6683d82f876060b6cf9f57e875d547b2
  Author: Pauli 
  Date:   2022-09-21 (Wed, 21 Sep 2022)

  Changed paths:
M test/evp_extra_test.c

  Log Message:
  ---
  Remove FIPS condition on SM2 test.

Reviewed-by: Richard Levitte 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19237)


  Commit: 3fd255acb7b65a30afd1b23e17db2163fb9ffd8d
  
https://github.com/openssl/openssl/commit/3fd255acb7b65a30afd1b23e17db2163fb9ffd8d
  Author: Pauli 
  Date:   2022-09-21 (Wed, 21 Sep 2022)

  Changed paths:
M test/aesgcmtest.c

  Log Message:
  ---
  Remove FIPS condition on IV gen test.

Reviewed-by: Richard Levitte 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19237)


  Commit: c91f972c9fba61c5db761a49e13df4dadcba068a
  
https://github.com/openssl/openssl/commit/c91f972c9fba61c5db761a49e13df4dadcba068a
  Author: Pauli 
  Date:   2022-09-21 (Wed, 21 Sep 2022)

  Changed paths:
M test/drbgtest.c

  Log Message:
  ---
  Runtime detect FIPS RNG usage in test

Reviewed-by: Richard Levitte 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19237)


  Commit: 1cef04091ab12bda0e1c6a5874e9d113c44bbdd8
  
https://github.com/openssl/openssl/commit/1cef04091ab12bda0e1c6a5874e9d113c44bbdd8
  Author: Pauli 
  Date:   2022-09-21 (Wed, 21 Sep 2022)

  Changed paths:
M test/build.info

  Log Message:
  ---
  Remove unnecessary define

Reviewed-by: Richard Levitte 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19237)


Compare: https://github.com/openssl/openssl/compare/200d84478295...1cef04091ab1

[openssl/openssl] 4a84c5: test: make unit tests FIPS provider version aware

2022-09-15 Thread Pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: 4a84c54dbe9bbe88fb8138794163e5d04c5bc411
  
https://github.com/openssl/openssl/commit/4a84c54dbe9bbe88fb8138794163e5d04c5bc411
  Author: Pauli 
  Date:   2022-09-16 (Fri, 16 Sep 2022)

  Changed paths:
M test/testutil.h
M test/testutil/provider.c

  Log Message:
  ---
  test: make unit tests FIPS provider version aware

Fixes #19171

Reviewed-by: Matt Caswell 
Reviewed-by: Tomas Mraz 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19201)

(cherry picked from commit eaac0584db6e7452fdb627502527fb0678bb9a93)


  Commit: 8462f5d441a3d61810118bb1a548dc0a0152b188
  
https://github.com/openssl/openssl/commit/8462f5d441a3d61810118bb1a548dc0a0152b188
  Author: Pauli 
  Date:   2022-09-16 (Fri, 16 Sep 2022)

  Changed paths:
M test/evp_test.c

  Log Message:
  ---
  evp_test: allow FIPS provider version based escapes in evp_test

Also fix a number of regressions when run against the 3.0.0 FIPS provider
that result from bug fixes.

Reviewed-by: Matt Caswell 
Reviewed-by: Tomas Mraz 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19201)

(cherry picked from commit 54a7bbedf43a1ade98c8f47eb8896d75f3db0165)


  Commit: 5eabf8e5548607a317b41a437806bb075947d0fa
  
https://github.com/openssl/openssl/commit/5eabf8e5548607a317b41a437806bb075947d0fa
  Author: Pauli 
  Date:   2022-09-16 (Fri, 16 Sep 2022)

  Changed paths:
M test/recipes/30-test_evp_data/evpciph_des3_common.txt

  Log Message:
  ---
  TDES: fix test with old FIPS provider

Reviewed-by: Matt Caswell 
Reviewed-by: Tomas Mraz 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19201)

(cherry picked from commit 4d0249c2d1d0f81c211354d8a36738595936fad8)


  Commit: e520991371cab8418995586df55f5ab3dfd3d044
  
https://github.com/openssl/openssl/commit/e520991371cab8418995586df55f5ab3dfd3d044
  Author: Pauli 
  Date:   2022-09-16 (Fri, 16 Sep 2022)

  Changed paths:
M test/recipes/30-test_evp_data/evppkey_ffdhe.txt

  Log Message:
  ---
  Fix default padding regression against 3.0.0 FIPS provider

Reviewed-by: Matt Caswell 
Reviewed-by: Tomas Mraz 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19201)

(cherry picked from commit 9684335839fcdeac06d21b06628c4c37117b5478)


  Commit: c2f8d715e54d0f82f0a27fd69b85fd52578d89b8
  
https://github.com/openssl/openssl/commit/c2f8d715e54d0f82f0a27fd69b85fd52578d89b8
  Author: Tomáš Mráz 
  Date:   2022-09-16 (Fri, 16 Sep 2022)

  Changed paths:
M crypto/evp/p_lib.c

  Log Message:
  ---
  EVP_PKEY_eq: regain compatibility with the 3.0.0 FIPS provider

Reviewed-by: Matt Caswell 
Reviewed-by: Shane Lontis 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/19201)

(cherry picked from commit c342004e07fd2c03a672f79353d13554fe0ffdaf)


  Commit: 65759e35afa545835910ea85582522c01087fde3
  
https://github.com/openssl/openssl/commit/65759e35afa545835910ea85582522c01087fde3
  Author: Tomas Mraz 
  Date:   2022-09-16 (Fri, 16 Sep 2022)

  Changed paths:
M test/build.info
M test/endecode_test.c
M test/evp_test.c
A test/fips_version_test.c
M test/recipes/25-test_verify.t
M test/testutil.h
M test/testutil/provider.c

  Log Message:
  ---
  With fips provider 3.0.0 skip tests related to explicit curves handling

Reviewed-by: Matt Caswell 
Reviewed-by: Shane Lontis 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/19201)

(cherry picked from commit e1289d90d0069ea1c3ea8ae80bfc3916077ec24e)


  Commit: 1ab630794dfef98f83b59b5e18981dc3223bb1bf
  
https://github.com/openssl/openssl/commit/1ab630794dfef98f83b59b5e18981dc3223bb1bf
  Author: Pauli 
  Date:   2022-09-16 (Fri, 16 Sep 2022)

  Changed paths:
A .github/workflows/fips-old.yml

  Log Message:
  ---
  Add CI to test old FIPS provider versions

Reviewed-by: Matt Caswell 
Reviewed-by: Tomas Mraz 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19201)

(cherry picked from commit 65080a3e1ebced54af838481e6d40e1c0cb7991e)


Compare: https://github.com/openssl/openssl/compare/1ed89de84f6e...1ab630794dfe

[openssl/openssl] eaac05: test: make unit tests FIPS provider version aware

2022-09-15 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: eaac0584db6e7452fdb627502527fb0678bb9a93
  
https://github.com/openssl/openssl/commit/eaac0584db6e7452fdb627502527fb0678bb9a93
  Author: Pauli 
  Date:   2022-09-16 (Fri, 16 Sep 2022)

  Changed paths:
M test/testutil.h
M test/testutil/provider.c

  Log Message:
  ---
  test: make unit tests FIPS provider version aware

Fixes #19171

Reviewed-by: Matt Caswell 
Reviewed-by: Tomas Mraz 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19201)


  Commit: 54a7bbedf43a1ade98c8f47eb8896d75f3db0165
  
https://github.com/openssl/openssl/commit/54a7bbedf43a1ade98c8f47eb8896d75f3db0165
  Author: Pauli 
  Date:   2022-09-16 (Fri, 16 Sep 2022)

  Changed paths:
M test/evp_test.c

  Log Message:
  ---
  evp_test: allow FIPS provider version based escapes in evp_test

Also fix a number of regressions when run against the 3.0.0 FIPS provider
that result from bug fixes.

Reviewed-by: Matt Caswell 
Reviewed-by: Tomas Mraz 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19201)


  Commit: 4d0249c2d1d0f81c211354d8a36738595936fad8
  
https://github.com/openssl/openssl/commit/4d0249c2d1d0f81c211354d8a36738595936fad8
  Author: Pauli 
  Date:   2022-09-16 (Fri, 16 Sep 2022)

  Changed paths:
M test/recipes/30-test_evp_data/evpciph_des3_common.txt

  Log Message:
  ---
  TDES: fix test with old FIPS provider

Reviewed-by: Matt Caswell 
Reviewed-by: Tomas Mraz 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19201)


  Commit: 9684335839fcdeac06d21b06628c4c37117b5478
  
https://github.com/openssl/openssl/commit/9684335839fcdeac06d21b06628c4c37117b5478
  Author: Pauli 
  Date:   2022-09-16 (Fri, 16 Sep 2022)

  Changed paths:
M test/recipes/30-test_evp_data/evppkey_ffdhe.txt

  Log Message:
  ---
  Fix default padding regression against 3.0.0 FIPS provider

Reviewed-by: Matt Caswell 
Reviewed-by: Tomas Mraz 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19201)


  Commit: c342004e07fd2c03a672f79353d13554fe0ffdaf
  
https://github.com/openssl/openssl/commit/c342004e07fd2c03a672f79353d13554fe0ffdaf
  Author: Tomáš Mráz 
  Date:   2022-09-16 (Fri, 16 Sep 2022)

  Changed paths:
M crypto/evp/p_lib.c

  Log Message:
  ---
  EVP_PKEY_eq: regain compatibility with the 3.0.0 FIPS provider

Reviewed-by: Matt Caswell 
Reviewed-by: Shane Lontis 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/19201)


  Commit: e1289d90d0069ea1c3ea8ae80bfc3916077ec24e
  
https://github.com/openssl/openssl/commit/e1289d90d0069ea1c3ea8ae80bfc3916077ec24e
  Author: Tomas Mraz 
  Date:   2022-09-16 (Fri, 16 Sep 2022)

  Changed paths:
M test/build.info
M test/endecode_test.c
M test/evp_test.c
A test/fips_version_test.c
M test/recipes/25-test_verify.t
M test/testutil.h
M test/testutil/provider.c

  Log Message:
  ---
  With fips provider 3.0.0 skip tests related to explicit curves handling

Reviewed-by: Matt Caswell 
Reviewed-by: Shane Lontis 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/19201)


  Commit: 65080a3e1ebced54af838481e6d40e1c0cb7991e
  
https://github.com/openssl/openssl/commit/65080a3e1ebced54af838481e6d40e1c0cb7991e
  Author: Pauli 
  Date:   2022-09-16 (Fri, 16 Sep 2022)

  Changed paths:
A .github/workflows/fips-old.yml

  Log Message:
  ---
  Add CI to test old FIPS provider versions

Reviewed-by: Matt Caswell 
Reviewed-by: Tomas Mraz 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/19201)


Compare: https://github.com/openssl/openssl/compare/edb271ee5d68...65080a3e1ebc

[openssl/openssl] fabce8: design: TX Packetiser

2022-09-13 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: fabce8090c3ba49527d434a4621c660eedad2aaa
  
https://github.com/openssl/openssl/commit/fabce8090c3ba49527d434a4621c660eedad2aaa
  Author: Pauli 
  Date:   2022-09-13 (Tue, 13 Sep 2022)

  Changed paths:
A doc/designs/quic-design/tx-packetiser.md

  Log Message:
  ---
  design: TX Packetiser

Reviewed-by: Tomas Mraz 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/18570)

[openssl/openssl] 364c3b: time: add some additional utilities and document e...

2022-09-13 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 364c3b7b1ac3172dbe2108be23ae215b86ef8e08
  
https://github.com/openssl/openssl/commit/364c3b7b1ac3172dbe2108be23ae215b86ef8e08
  Author: Pauli 
  Date:   2022-09-13 (Tue, 13 Sep 2022)

  Changed paths:
M doc/internal/man3/OSSL_TIME.pod
M include/internal/time.h
M ssl/time.c

  Log Message:
  ---
  time: add some additional utilities and document everything

Some of the recently added functions were not documents.  This has been 
addressed.
Also added utility functions for conversions between time_t, seconds and struct 
timeval
to/from OSSL_TIME.

Reviewed-by: Todd Short 
Reviewed-by: Richard Levitte 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/19082)


  Commit: f0131dc04a39afcb1629f5bec2814ef3a4925bbf
  
https://github.com/openssl/openssl/commit/f0131dc04a39afcb1629f5bec2814ef3a4925bbf
  Author: Pauli 
  Date:   2022-09-13 (Tue, 13 Sep 2022)

  Changed paths:
M ssl/d1_lib.c
M ssl/quic/quic_impl.c
M ssl/quic/quic_local.h
M ssl/s3_lib.c
M ssl/ssl_asn1.c
M ssl/ssl_lib.c
M ssl/ssl_local.h
M ssl/ssl_sess.c
M ssl/ssl_txt.c
M ssl/statem/extensions_clnt.c
M ssl/statem/extensions_srvr.c
M ssl/statem/statem_clnt.c
M ssl/statem/statem_srvr.c
M ssl/t1_lib.c

  Log Message:
  ---
  ssl: modify libssl so that it uses OSSL_TIME

This is instead of time_t and struct timeval.  Some public APIs mandate a
presence of these two types, but they are converted to OSSL_TIME internally.

Reviewed-by: Todd Short 
Reviewed-by: Richard Levitte 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/19082)


  Commit: 4fc04c71acf180dad0b4418d12b3ed31ba46179a
  
https://github.com/openssl/openssl/commit/4fc04c71acf180dad0b4418d12b3ed31ba46179a
  Author: Pauli 
  Date:   2022-09-13 (Tue, 13 Sep 2022)

  Changed paths:
M ssl/quic/quic_ackm.c
M ssl/quic/quic_statm.c

  Log Message:
  ---
  Avoid struct timeval in QUIC code

Reviewed-by: Todd Short 
Reviewed-by: Richard Levitte 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/19082)


  Commit: 02d0f87a8ba143eaeaee3334a2f63543b10148a9
  
https://github.com/openssl/openssl/commit/02d0f87a8ba143eaeaee3334a2f63543b10148a9
  Author: Pauli 
  Date:   2022-09-13 (Tue, 13 Sep 2022)

  Changed paths:
M crypto/build.info
A crypto/time.c
M ssl/build.info
R ssl/time.c

  Log Message:
  ---
  time: move OSSL_TIME to libcrypto

Keep building it for libssl without exposing any symbols.

Reviewed-by: Todd Short 
Reviewed-by: Richard Levitte 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/19082)


  Commit: 5d1bb4fc47582b06dd224a788bdfaaced60e72a0
  
https://github.com/openssl/openssl/commit/5d1bb4fc47582b06dd224a788bdfaaced60e72a0
  Author: Pauli 
  Date:   2022-09-13 (Tue, 13 Sep 2022)

  Changed paths:
M crypto/bio/bss_dgram.c
M crypto/ct/ct_policy.c
M crypto/ts/ts_rsp_sign.c
M include/internal/e_os.h

  Log Message:
  ---
  libcrypto: remove reliance on struct timeval

Reviewed-by: Todd Short 
Reviewed-by: Richard Levitte 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/19082)


  Commit: 0f4be8a14a2bcb8a92cf78d94d157152c0a03d88
  
https://github.com/openssl/openssl/commit/0f4be8a14a2bcb8a92cf78d94d157152c0a03d88
  Author: Pauli 
  Date:   2022-09-13 (Tue, 13 Sep 2022)

  Changed paths:
M include/internal/safe_math.h

  Log Message:
  ---
  Fix white space

Reviewed-by: Todd Short 
Reviewed-by: Richard Levitte 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/19082)


Compare: https://github.com/openssl/openssl/compare/ee68d2b95792...0f4be8a14a2b

[openssl/openssl] 35b670: list: add an option to list all available algorithms

2022-09-11 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 35b670702466b91b3baa724635e5aecbc2061fa7
  
https://github.com/openssl/openssl/commit/35b670702466b91b3baa724635e5aecbc2061fa7
  Author: Pauli 
  Date:   2022-09-11 (Sun, 11 Sep 2022)

  Changed paths:
M apps/list.c
M doc/man1/openssl-list.pod.in

  Log Message:
  ---
  list: add an option to list all available algorithms

Fixes #19145

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/19168)

[openssl/openssl] fbeb48: Coverity: explicit null dereference

2022-09-07 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: fbeb4866f4250a4a23e7afb884a0aa0456d152f8
  
https://github.com/openssl/openssl/commit/fbeb4866f4250a4a23e7afb884a0aa0456d152f8
  Author: Pauli 
  Date:   2022-09-07 (Wed, 07 Sep 2022)

  Changed paths:
M test/list_test.c

  Log Message:
  ---
  Coverity: explicit null dereference

Coverity is being pretty silly here but adding the explicit pointer checks
will stop a crash if something goes badly awry.

Fixes Coverity 1513706 - 1513709

Reviewed-by: Shane Lontis 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19136)

[openssl/openssl] cb12a6: Coverity 1513478: negative return

2022-09-06 Thread Pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: cb12a691796372f73c13ac8a3ecb17a8d3a059d9
  
https://github.com/openssl/openssl/commit/cb12a691796372f73c13ac8a3ecb17a8d3a059d9
  Author: Pauli 
  Date:   2022-09-06 (Tue, 06 Sep 2022)

  Changed paths:
M ssl/tls13_enc.c

  Log Message:
  ---
  Coverity 1513478: negative return

Reviewed-by: Dmitry Belyavskiy 
Reviewed-by: Tomas Mraz 
Reviewed-by: Hugo Landau 
(Merged from https://github.com/openssl/openssl/pull/19126)

(cherry picked from commit 1d1537067304b8c8d87b2df393363b40370ad640)

[openssl/openssl] 1d1537: Coverity 1513478: negative return

2022-09-06 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 1d1537067304b8c8d87b2df393363b40370ad640
  
https://github.com/openssl/openssl/commit/1d1537067304b8c8d87b2df393363b40370ad640
  Author: Pauli 
  Date:   2022-09-06 (Tue, 06 Sep 2022)

  Changed paths:
M ssl/tls13_enc.c

  Log Message:
  ---
  Coverity 1513478: negative return

Reviewed-by: Dmitry Belyavskiy 
Reviewed-by: Tomas Mraz 
Reviewed-by: Hugo Landau 
(Merged from https://github.com/openssl/openssl/pull/19126)

[openssl/openssl] f5eac2: list: add a doubly linked list type.

2022-09-05 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: f5eac259a03c68c96c77f9b998b1b9c16a8439e7
  
https://github.com/openssl/openssl/commit/f5eac259a03c68c96c77f9b998b1b9c16a8439e7
  Author: Pauli 
  Date:   2022-09-05 (Mon, 05 Sep 2022)

  Changed paths:
A doc/internal/man3/DEFINE_LIST_OF.pod
A include/internal/list.h
M test/build.info
A test/list_test.c
A test/recipes/02-test_list.t

  Log Message:
  ---
  list: add a doubly linked list type.

These list can be embedded into structures and structures can be members of
multiple lists.  Moreover, this is done without dynamic memory allocation.
That is, this is legal:

typedef struct item_st ITEM;

struct item_st {
...
OSSL_LIST_MEMBER(new_items, ITEM);
OSSL_LIST_MEMBER(failed_items, ITEM);
...
};

DEFINE_LIST_OF(new_items, TESTL);
DEFINE_LIST_OF(failed_items, TESTL);

struct {
...
OSSL_LIST(new_items) new;
OSSL_LIST(failed_items) failed;
...
} *st;

ITEM *p;

for (p = ossl_list_new_items_head(>new); p != NULL;
 p = ossl_list_new_items_next(p))
/* do something */

Reviewed-by: Shane Lontis 
Reviewed-by: Richard Levitte 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/19115)

[openssl/openssl] 3c1f8f: Add missing ')' to command help

2022-08-25 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 3c1f8fb13e064ad7f42e9b65c601c68e1aa79f7d
  
https://github.com/openssl/openssl/commit/3c1f8fb13e064ad7f42e9b65c601c68e1aa79f7d
  Author: Pauli 
  Date:   2022-08-26 (Fri, 26 Aug 2022)

  Changed paths:
M apps/rsa.c

  Log Message:
  ---
  Add missing ')' to command help

Reviewed-by: Tomas Mraz 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/19049)

[openssl/openssl] b15764: Add missing ')' to command help

2022-08-25 Thread Pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: b15764e515da395e4d7fed1df7f01255834c1769
  
https://github.com/openssl/openssl/commit/b15764e515da395e4d7fed1df7f01255834c1769
  Author: Pauli 
  Date:   2022-08-26 (Fri, 26 Aug 2022)

  Changed paths:
M apps/rsa.c

  Log Message:
  ---
  Add missing ')' to command help

Reviewed-by: Tomas Mraz 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/19049)

(cherry picked from commit 3c1f8fb13e064ad7f42e9b65c601c68e1aa79f7d)

[openssl/openssl] 25c486: Coverity 1508532: out of bounds access

2022-08-23 Thread Pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: 25c486762daf8a279676e3e98136855e2e021100
  
https://github.com/openssl/openssl/commit/25c486762daf8a279676e3e98136855e2e021100
  Author: Pauli 
  Date:   2022-08-23 (Tue, 23 Aug 2022)

  Changed paths:
M crypto/dh/dh_pmeth.c

  Log Message:
  ---
  Coverity 1508532: out of bounds access

Reviewed-by: Tomas Mraz 
Reviewed-by: Hugo Landau 
(Merged from https://github.com/openssl/openssl/pull/19033)

(cherry picked from commit eb7a5cc3454174094c0c09f1d00aec464ce0f786)

[openssl/openssl] eb7a5c: Coverity 1508532: out of bounds access

2022-08-23 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: eb7a5cc3454174094c0c09f1d00aec464ce0f786
  
https://github.com/openssl/openssl/commit/eb7a5cc3454174094c0c09f1d00aec464ce0f786
  Author: Pauli 
  Date:   2022-08-23 (Tue, 23 Aug 2022)

  Changed paths:
M crypto/dh/dh_pmeth.c

  Log Message:
  ---
  Coverity 1508532: out of bounds access

Reviewed-by: Tomas Mraz 
Reviewed-by: Hugo Landau 
(Merged from https://github.com/openssl/openssl/pull/19033)

[openssl/openssl] 07ecb7: Coverity 1508506: misuse of time_t

2022-08-21 Thread Pauli

  Branch: refs/heads/OpenSSL_1_1_1-stable
  Home:   https://github.com/openssl/openssl
  Commit: 07ecb790b02c0e8781ae591e7efb2a4f93177354
  
https://github.com/openssl/openssl/commit/07ecb790b02c0e8781ae591e7efb2a4f93177354
  Author: Pauli 
  Date:   2022-08-22 (Mon, 22 Aug 2022)

  Changed paths:
M ssl/packet.c
M ssl/packet_local.h
M ssl/statem/extensions_srvr.c

  Log Message:
  ---
  Coverity 1508506: misuse of time_t

Fixes a bug in the cookie code which would have caused problems for ten
minutes before and after the lower 32 bits of time_t rolled over.

Reviewed-by: Ben Kaduk 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/19022)

[openssl/openssl] ec47c3: Coverity 1508506: misuse of time_t

2022-08-21 Thread Pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: ec47c3060bd3b7c3e75dbcfada113de9d94de747
  
https://github.com/openssl/openssl/commit/ec47c3060bd3b7c3e75dbcfada113de9d94de747
  Author: Pauli 
  Date:   2022-08-22 (Mon, 22 Aug 2022)

  Changed paths:
M crypto/packet.c
M include/internal/packet.h
M ssl/statem/extensions_srvr.c

  Log Message:
  ---
  Coverity 1508506: misuse of time_t

Fixes a bug in the cookie code which would have caused problems for ten
minutes before and after the lower 32 bits of time_t rolled over.

Reviewed-by: Ben Kaduk 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/19023)

[openssl/openssl] 87ceff: evp enc: cache cipher IV length

2022-08-19 Thread Pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: 87ceff925f5f1d43dac0413f36c8b7bba94e4a41
  
https://github.com/openssl/openssl/commit/87ceff925f5f1d43dac0413f36c8b7bba94e4a41
  Author: Pauli 
  Date:   2022-08-19 (Fri, 19 Aug 2022)

  Changed paths:
M crypto/evp/evp_enc.c
M crypto/evp/evp_lib.c
M crypto/evp/evp_local.h

  Log Message:
  ---
  evp enc: cache cipher IV length

Instead of doing a heavy params based query every time a context is asked for
its IV length, this value is cached in the context and only queried if it could
have been modified.

Fixes #17064

Reviewed-by: Tomas Mraz 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/18995)


  Commit: 2e4b074800a293c5f3049286116a0a5030ea9312
  
https://github.com/openssl/openssl/commit/2e4b074800a293c5f3049286116a0a5030ea9312
  Author: Pauli 
  Date:   2022-08-19 (Fri, 19 Aug 2022)

  Changed paths:
M crypto/evp/evp_lib.c

  Log Message:
  ---
  Fix bug in EVP_CIPHER_CTX_get_iv_length()

Out of range values could possibly be returned due to a lack of range checking.
Very unlikely to be exploitable for our provider because sensible values are
returned for all ciphers.

Also fixed the defaulting code so that the cipher's IV length is returned if
the cipher ctx doesn't support getting.

Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/18995)


Compare: https://github.com/openssl/openssl/compare/d3072f3f3ba3...2e4b074800a2

[openssl/openssl] d3072f: Limit the size of various MAXCHUNK definitions

2022-08-19 Thread Pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: d3072f3f3ba3a6385bd41473483c9ee81443b684
  
https://github.com/openssl/openssl/commit/d3072f3f3ba3a6385bd41473483c9ee81443b684
  Author: Pauli 
  Date:   2022-08-19 (Fri, 19 Aug 2022)

  Changed paths:
M include/crypto/evp.h
M providers/implementations/include/prov/ciphercommon.h

  Log Message:
  ---
  Limit the size of various MAXCHUNK definitions

The current code has issues when sizeof(long) <> sizeof(size_t).  The two
types are assumed to be interchangeable and them being different will
cause crashes and endless loops.

This fix limits the maximum chunk size for many of the symmetric ciphers
to 2^30 bytes.  This chunk size limits the amount of data that will
be encrypted/decrypted in one lump.  The code internally handles block
of data later than the chunk limit, so this will present no difference
to the caller.  Any loss of efficiency due to limiting the chunking to
1Gbyte rather than more should be insignificant.

Fixes Coverity issues:
1508498, 1508500 - 1508505, 1508507 - 1508527, 1508529 - 1508533,
1508535 - 1508537, 1508539, 1508541 - 1508549, 1508551 - 1508569 &
1508571 - 1508582.

Reviewed-by: Dmitry Belyavskiy 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18997)

(cherry picked from commit 709d4be78f64a8ba0707fb5682b90039e848dad4)

[openssl/openssl] 709d4b: Limit the size of various MAXCHUNK definitions

2022-08-19 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 709d4be78f64a8ba0707fb5682b90039e848dad4
  
https://github.com/openssl/openssl/commit/709d4be78f64a8ba0707fb5682b90039e848dad4
  Author: Pauli 
  Date:   2022-08-19 (Fri, 19 Aug 2022)

  Changed paths:
M include/crypto/evp.h
M providers/implementations/include/prov/ciphercommon.h

  Log Message:
  ---
  Limit the size of various MAXCHUNK definitions

The current code has issues when sizeof(long) <> sizeof(size_t).  The two
types are assumed to be interchangeable and them being different will
cause crashes and endless loops.

This fix limits the maximum chunk size for many of the symmetric ciphers
to 2^30 bytes.  This chunk size limits the amount of data that will
be encrypted/decrypted in one lump.  The code internally handles block
of data later than the chunk limit, so this will present no difference
to the caller.  Any loss of efficiency due to limiting the chunking to
1Gbyte rather than more should be insignificant.

Fixes Coverity issues:
1508498, 1508500 - 1508505, 1508507 - 1508527, 1508529 - 1508533,
1508535 - 1508537, 1508539, 1508541 - 1508549, 1508551 - 1508569 &
1508571 - 1508582.

Reviewed-by: Dmitry Belyavskiy 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18997)

[openssl/openssl] 552603: Coverity 1508534 & 1508540: misuses of time_t

2022-08-18 Thread Pauli

  Branch: refs/heads/OpenSSL_1_1_1-stable
  Home:   https://github.com/openssl/openssl
  Commit: 552603edfed18f30466277d29b70939390fea65b
  
https://github.com/openssl/openssl/commit/552603edfed18f30466277d29b70939390fea65b
  Author: Pauli 
  Date:   2022-08-19 (Fri, 19 Aug 2022)

  Changed paths:
M ssl/statem/extensions_clnt.c
M ssl/statem/extensions_srvr.c

  Log Message:
  ---
  Coverity 1508534 & 1508540:  misuses of time_t

Avoid problems when the lower 32 bits of time_t roll over by delaying
the cast to integer until after the time delta has been computed.

Reviewed-by: Ben Kaduk 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/19004)

(cherry picked from commit a6cadcbdc3b4f3fbd0fd228e41177f0661b68264)

[openssl/openssl] a6cadc: Coverity 1508534 & 1508540: misuses of time_t

2022-08-18 Thread Pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: a6cadcbdc3b4f3fbd0fd228e41177f0661b68264
  
https://github.com/openssl/openssl/commit/a6cadcbdc3b4f3fbd0fd228e41177f0661b68264
  Author: Pauli 
  Date:   2022-08-19 (Fri, 19 Aug 2022)

  Changed paths:
M ssl/statem/extensions_clnt.c
M ssl/statem/extensions_srvr.c

  Log Message:
  ---
  Coverity 1508534 & 1508540:  misuses of time_t

Avoid problems when the lower 32 bits of time_t roll over by delaying
the cast to integer until after the time delta has been computed.

Reviewed-by: Ben Kaduk 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/19004)

(cherry picked from commit e8a557dc3c1ed16faff4aeb39268f8f5a3f8b81d)

[openssl/openssl] e8a557: Coverity: misuses of time_t

2022-08-18 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: e8a557dc3c1ed16faff4aeb39268f8f5a3f8b81d
  
https://github.com/openssl/openssl/commit/e8a557dc3c1ed16faff4aeb39268f8f5a3f8b81d
  Author: Pauli 
  Date:   2022-08-19 (Fri, 19 Aug 2022)

  Changed paths:
M ssl/statem/extensions_clnt.c
M ssl/statem/extensions_srvr.c

  Log Message:
  ---
  Coverity: misuses of time_t

Coverity 1508506:

Fixes a bug in the cookie code which would have caused problems for
ten minutes before and after the lower 32 bits of time_t rolled over.

Coverity 1508534 & 1508540:

Avoid problems when the lower 32 bits of time_t roll over by delaying
the cast to integer until after the time delta has been computed.

Reviewed-by: Ben Kaduk 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/19004)

[openssl/openssl] 624664: bn_nist: fix strict aliasing problem

2022-08-17 Thread Pauli

  Branch: refs/heads/OpenSSL_1_1_1-stable
  Home:   https://github.com/openssl/openssl
  Commit: 6246649d657127a031782b29ba6132a4203260b2
  
https://github.com/openssl/openssl/commit/6246649d657127a031782b29ba6132a4203260b2
  Author: Pauli 
  Date:   2022-08-17 (Wed, 17 Aug 2022)

  Changed paths:
M crypto/bn/bn_nist.c

  Log Message:
  ---
  bn_nist: fix strict aliasing problem

As of clang-14 the strict aliasing is causing code to magically disappear.
By explicitly inlining the code, the aliasing problem evaporates.

Fixes #18225

Backport of #18258 to 1.1.1.

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18948)

[openssl/openssl] 93e5c6: Avoid using tsan_add

2022-08-17 Thread Pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: 93e5c63ee7a7ef627d234558e850ff962e5dbc71
  
https://github.com/openssl/openssl/commit/93e5c63ee7a7ef627d234558e850ff962e5dbc71
  Author: Pauli 
  Date:   2022-08-17 (Wed, 17 Aug 2022)

  Changed paths:
M crypto/property/property.c

  Log Message:
  ---
  Avoid using tsan_add

Reviewed-by: Tomas Mraz 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/19009)

[openssl/openssl] d6e3a2: property: make cache flushing slight less determin...

2022-08-16 Thread Pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: d6e3a2c15929a793d15e034f81cca19e1808efdc
  
https://github.com/openssl/openssl/commit/d6e3a2c15929a793d15e034f81cca19e1808efdc
  Author: Pauli 
  Date:   2022-08-17 (Wed, 17 Aug 2022)

  Changed paths:
M crypto/property/property.c

  Log Message:
  ---
  property: make cache flushing slight less deterministic

If there is no timer available to seed the stochastic flushing, revert to a
global seed that gets updated each flush.

Reviewed-by: Tomas Mraz 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/18906)

(cherry picked from commit 56d4ff6cd7fc200943197dff65146a8864b7df98)

[openssl/openssl] d13c8b: Make OSSL_TIME a structure

2022-08-12 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: d13c8b7725437490be8c1a2b438936af10f808d0
  
https://github.com/openssl/openssl/commit/d13c8b7725437490be8c1a2b438936af10f808d0
  Author: Pauli 
  Date:   2022-08-12 (Fri, 12 Aug 2022)

  Changed paths:
M doc/internal/man3/OSSL_TIME.pod
M include/internal/time.h
M ssl/event_queue.c
M ssl/quic/quic_wire.c
M ssl/time.c
M test/event_queue_test.c
M test/quic_wire_test.c

  Log Message:
  ---
  Make OSSL_TIME a structure

This prevents misuses creeping in.

Reviewed-by: Hugo Landau 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/18882)

[openssl/openssl] 56d4ff: property: make cache flushing slight less determin...

2022-08-10 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 56d4ff6cd7fc200943197dff65146a8864b7df98
  
https://github.com/openssl/openssl/commit/56d4ff6cd7fc200943197dff65146a8864b7df98
  Author: Pauli 
  Date:   2022-08-10 (Wed, 10 Aug 2022)

  Changed paths:
M crypto/property/property.c

  Log Message:
  ---
  property: make cache flushing slight less deterministic

If there is no timer available to seed the stochastic flushing, revert to a
global seed that gets updated each flush.

Reviewed-by: Tomas Mraz 
Reviewed-by: Matt Caswell 
(Merged from https://github.com/openssl/openssl/pull/18906)

[openssl/openssl] f428e2: Fix bug in EVP_CIPHER_CTX_get_iv_length()

2022-08-02 Thread Pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: f428e2112c6c795db76d804e0fcb36aac40f1477
  
https://github.com/openssl/openssl/commit/f428e2112c6c795db76d804e0fcb36aac40f1477
  Author: Pauli 
  Date:   2022-08-03 (Wed, 03 Aug 2022)

  Changed paths:
M crypto/evp/evp_lib.c

  Log Message:
  ---
  Fix bug in EVP_CIPHER_CTX_get_iv_length()

Out of range values could possibly be returned due to a lack of range checking.
Very unlikely to be exploitable for our provider because sensible values are
returned for all ciphers.

Also fixed the defaulting code so that the cipher's IV length is returned if
the cipher ctx doesn't support getting.

Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/18875)

(cherry picked from commit e0e338c8c50c226efc92fe79c788c9cdc03fc01f)


  Commit: 2a6275f58bdb2371c603be7f89310f7b4906e5c0
  
https://github.com/openssl/openssl/commit/2a6275f58bdb2371c603be7f89310f7b4906e5c0
  Author: Pauli 
  Date:   2022-08-03 (Wed, 03 Aug 2022)

  Changed paths:
M doc/man3/EVP_EncryptInit.pod

  Log Message:
  ---
  Note that EVP_CIPHER_get_iv_length returns negative values on error

Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/18875)

(cherry picked from commit 0a90577e717f76483525b2d8be6a42a9f04020d8)


Compare: https://github.com/openssl/openssl/compare/cc750a9a81e2...2a6275f58bdb

[openssl/openssl] e0e338: Fix bug in EVP_CIPHER_CTX_get_iv_length()

2022-08-02 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: e0e338c8c50c226efc92fe79c788c9cdc03fc01f
  
https://github.com/openssl/openssl/commit/e0e338c8c50c226efc92fe79c788c9cdc03fc01f
  Author: Pauli 
  Date:   2022-08-03 (Wed, 03 Aug 2022)

  Changed paths:
M crypto/evp/evp_lib.c

  Log Message:
  ---
  Fix bug in EVP_CIPHER_CTX_get_iv_length()

Out of range values could possibly be returned due to a lack of range checking.
Very unlikely to be exploitable for our provider because sensible values are
returned for all ciphers.

Also fixed the defaulting code so that the cipher's IV length is returned if
the cipher ctx doesn't support getting.

Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/18875)


  Commit: 0a90577e717f76483525b2d8be6a42a9f04020d8
  
https://github.com/openssl/openssl/commit/0a90577e717f76483525b2d8be6a42a9f04020d8
  Author: Pauli 
  Date:   2022-08-03 (Wed, 03 Aug 2022)

  Changed paths:
M doc/man3/EVP_EncryptInit.pod

  Log Message:
  ---
  Note that EVP_CIPHER_get_iv_length returns negative values on error

Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/18875)


Compare: https://github.com/openssl/openssl/compare/771fef7793ae...0a90577e717f

[openssl/openssl] 76ad9a: Coverity 1507484: dereference before null check

2022-08-01 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 76ad9ae6fa459af0bd804c01d3d681ec02cddb4b
  
https://github.com/openssl/openssl/commit/76ad9ae6fa459af0bd804c01d3d681ec02cddb4b
  Author: Pauli 
  Date:   2022-08-01 (Mon, 01 Aug 2022)

  Changed paths:
M ssl/tls_srp.c

  Log Message:
  ---
  Coverity 1507484: dereference before null check

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18907)

[openssl/openssl] 7dfe4a: Note that EVP_CIPHER_iv_length returns negative va...

2022-07-29 Thread Pauli

  Branch: refs/heads/OpenSSL_1_1_1-stable
  Home:   https://github.com/openssl/openssl
  Commit: 7dfe4aa2b08d1c3111b0861e26cac0246e3e8f58
  
https://github.com/openssl/openssl/commit/7dfe4aa2b08d1c3111b0861e26cac0246e3e8f58
  Author: Pauli 
  Date:   2022-07-29 (Fri, 29 Jul 2022)

  Changed paths:
M doc/man3/EVP_EncryptInit.pod

  Log Message:
  ---
  Note that EVP_CIPHER_iv_length returns negative values on error

Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
Reviewed-by: Hugo Landau 
(Merged from https://github.com/openssl/openssl/pull/18894)

[openssl/openssl] 7dfe4a: Note that EVP_CIPHER_iv_length returns negative va...

2022-07-29 Thread pauli

  Branch: refs/heads/OpenSSL_1_1_1-stable
  Home:   https://github.openssl.org/openssl/openssl
  Commit: 7dfe4aa2b08d1c3111b0861e26cac0246e3e8f58
  
https://github.openssl.org/openssl/openssl/commit/7dfe4aa2b08d1c3111b0861e26cac0246e3e8f58
  Author: Pauli 
  Date:   2022-07-29 (Fri, 29 Jul 2022)

  Changed paths:
M doc/man3/EVP_EncryptInit.pod

  Log Message:
  ---
  Note that EVP_CIPHER_iv_length returns negative values on error

Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
Reviewed-by: Hugo Landau 
(Merged from https://github.com/openssl/openssl/pull/18894)

[openssl/openssl] 3b9082: Fixes segfault occurrence in PEM_write()

2022-07-28 Thread pauli

  Branch: refs/heads/OpenSSL_1_1_1-stable
  Home:   https://github.openssl.org/openssl/openssl
  Commit: 3b9082c844913d3a0efada9fac0bd2924ce1a8f2
  
https://github.openssl.org/openssl/openssl/commit/3b9082c844913d3a0efada9fac0bd2924ce1a8f2
  Author: valdaarhun 
  Date:   2022-07-29 (Fri, 29 Jul 2022)

  Changed paths:
M crypto/pem/pem_lib.c

  Log Message:
  ---
  Fixes segfault occurrence in PEM_write()

Checks if header is NULL or not before calling strlen().

CLA: trivial

Fixes #18825

Reviewed-by: Tomas Mraz 
Reviewed-by: Ben Kaduk 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/18865)

(cherry picked from commit 205957405d08ef199e6ab654e333a627bbca9ccc)

[openssl/openssl] 683480: Fixes segfault occurrence in PEM_write()

2022-07-28 Thread pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.openssl.org/openssl/openssl
  Commit: 683480726f6ab46216e30c7505d1a3c4ec90ace9
  
https://github.openssl.org/openssl/openssl/commit/683480726f6ab46216e30c7505d1a3c4ec90ace9
  Author: valdaarhun 
  Date:   2022-07-29 (Fri, 29 Jul 2022)

  Changed paths:
M crypto/pem/pem_lib.c

  Log Message:
  ---
  Fixes segfault occurrence in PEM_write()

Checks if header is NULL or not before calling strlen().

CLA: trivial

Fixes #18825

Reviewed-by: Tomas Mraz 
Reviewed-by: Ben Kaduk 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/18865)

(cherry picked from commit 205957405d08ef199e6ab654e333a627bbca9ccc)

[openssl/openssl] 205957: Fixes segfault occurrence in PEM_write()

2022-07-28 Thread pauli

  Branch: refs/heads/master
  Home:   https://github.openssl.org/openssl/openssl
  Commit: 205957405d08ef199e6ab654e333a627bbca9ccc
  
https://github.openssl.org/openssl/openssl/commit/205957405d08ef199e6ab654e333a627bbca9ccc
  Author: valdaarhun 
  Date:   2022-07-29 (Fri, 29 Jul 2022)

  Changed paths:
M crypto/pem/pem_lib.c

  Log Message:
  ---
  Fixes segfault occurrence in PEM_write()

Checks if header is NULL or not before calling strlen().

CLA: trivial

Fixes #18825

Reviewed-by: Tomas Mraz 
Reviewed-by: Ben Kaduk 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/18865)

[openssl/openssl] a1598f: Correction: uncompressed is the default value

2022-07-28 Thread pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.openssl.org/openssl/openssl
  Commit: a1598fb98e93fdf947327561071341012acc5c99
  
https://github.openssl.org/openssl/openssl/commit/a1598fb98e93fdf947327561071341012acc5c99
  Author: GregoryTrzonkowski 
  Date:   2022-07-29 (Fri, 29 Jul 2022)

  Changed paths:
M doc/man1/openssl-ec.pod.in

  Log Message:
  ---
  Correction: uncompressed is the default value

CLA: trivial

The description was incorrect. The uncompressed is the default value.

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/18889)

(cherry picked from commit df274c334c523f7375d5aa60ff4b9a846c3e2a6c)

[openssl/openssl] df274c: Correction: uncompressed is the default value

2022-07-28 Thread pauli

  Branch: refs/heads/master
  Home:   https://github.openssl.org/openssl/openssl
  Commit: df274c334c523f7375d5aa60ff4b9a846c3e2a6c
  
https://github.openssl.org/openssl/openssl/commit/df274c334c523f7375d5aa60ff4b9a846c3e2a6c
  Author: GregoryTrzonkowski 
  Date:   2022-07-29 (Fri, 29 Jul 2022)

  Changed paths:
M doc/man1/openssl-ec.pod.in

  Log Message:
  ---
  Correction: uncompressed is the default value

CLA: trivial

The description was incorrect. The uncompressed is the default value.

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/18889)

[openssl/openssl] 680612: Update EVP_KDF-X942-ASN1.pod

2022-07-27 Thread pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.openssl.org/openssl/openssl
  Commit: 68061255db06623e7332ac4dd1b2765a7d173a31
  
https://github.openssl.org/openssl/openssl/commit/68061255db06623e7332ac4dd1b2765a7d173a31
  Author: Joachim Vandersmissen 
  Date:   2022-07-28 (Thu, 28 Jul 2022)

  Changed paths:
M doc/man7/EVP_KDF-X942-ASN1.pod

  Log Message:
  ---
  Update EVP_KDF-X942-ASN1.pod

Replaced OSSL_KDF_PARAM_KEY with OSSL_KDF_PARAM_SECRET as that seems to be the 
intended value from the code (OSSL_KDF_PARAM_KEY is also supported but looks 
like a fallback).
Fixed name for OSSL_KDF_PARAM_X942_USE_KEYBITS.

CLA: trivial

Reviewed-by: Shane Lontis 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/18878)

(cherry picked from commit 08c00377cb82f7eefcf7433606e687f348b9e7a0)

[openssl/openssl] 08c003: Update EVP_KDF-X942-ASN1.pod

2022-07-27 Thread pauli

  Branch: refs/heads/master
  Home:   https://github.openssl.org/openssl/openssl
  Commit: 08c00377cb82f7eefcf7433606e687f348b9e7a0
  
https://github.openssl.org/openssl/openssl/commit/08c00377cb82f7eefcf7433606e687f348b9e7a0
  Author: Joachim Vandersmissen 
  Date:   2022-07-28 (Thu, 28 Jul 2022)

  Changed paths:
M doc/man7/EVP_KDF-X942-ASN1.pod

  Log Message:
  ---
  Update EVP_KDF-X942-ASN1.pod

Replaced OSSL_KDF_PARAM_KEY with OSSL_KDF_PARAM_SECRET as that seems to be the 
intended value from the code (OSSL_KDF_PARAM_KEY is also supported but looks 
like a fallback).
Fixed name for OSSL_KDF_PARAM_X942_USE_KEYBITS.

CLA: trivial

Reviewed-by: Shane Lontis 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/18878)

[openssl/openssl] 1f6eb7: GCM: record limit counter gets reset on AAD changes

2022-07-27 Thread Pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: 1f6eb7b9799d3a8b8ebc071f5fbd17b11c914b8f
  
https://github.com/openssl/openssl/commit/1f6eb7b9799d3a8b8ebc071f5fbd17b11c914b8f
  Author: Pauli 
  Date:   2022-07-27 (Wed, 27 Jul 2022)

  Changed paths:
M providers/implementations/ciphers/ciphercommon_gcm.c

  Log Message:
  ---
  GCM: record limit counter gets reset on AAD changes

It shouldn't be.  This moves the reset to the init function instead and only
does the reset on a key change.

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18860)

(cherry picked from commit 3ebcb2fff56bda788ab1f363eb0023715018a4e5)

[openssl/openssl] 3ebcb2: GCM: record limit counter gets reset on AAD changes

2022-07-27 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 3ebcb2fff56bda788ab1f363eb0023715018a4e5
  
https://github.com/openssl/openssl/commit/3ebcb2fff56bda788ab1f363eb0023715018a4e5
  Author: Pauli 
  Date:   2022-07-27 (Wed, 27 Jul 2022)

  Changed paths:
M providers/implementations/ciphers/ciphercommon_gcm.c

  Log Message:
  ---
  GCM: record limit counter gets reset on AAD changes

It shouldn't be.  This moves the reset to the init function instead and only
does the reset on a key change.

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18860)

[openssl/openssl] 1f6eb7: GCM: record limit counter gets reset on AAD changes

2022-07-27 Thread pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.openssl.org/openssl/openssl
  Commit: 1f6eb7b9799d3a8b8ebc071f5fbd17b11c914b8f
  
https://github.openssl.org/openssl/openssl/commit/1f6eb7b9799d3a8b8ebc071f5fbd17b11c914b8f
  Author: Pauli 
  Date:   2022-07-27 (Wed, 27 Jul 2022)

  Changed paths:
M providers/implementations/ciphers/ciphercommon_gcm.c

  Log Message:
  ---
  GCM: record limit counter gets reset on AAD changes

It shouldn't be.  This moves the reset to the init function instead and only
does the reset on a key change.

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18860)

(cherry picked from commit 3ebcb2fff56bda788ab1f363eb0023715018a4e5)

[openssl/openssl] 3ebcb2: GCM: record limit counter gets reset on AAD changes

2022-07-27 Thread pauli

  Branch: refs/heads/master
  Home:   https://github.openssl.org/openssl/openssl
  Commit: 3ebcb2fff56bda788ab1f363eb0023715018a4e5
  
https://github.openssl.org/openssl/openssl/commit/3ebcb2fff56bda788ab1f363eb0023715018a4e5
  Author: Pauli 
  Date:   2022-07-27 (Wed, 27 Jul 2022)

  Changed paths:
M providers/implementations/ciphers/ciphercommon_gcm.c

  Log Message:
  ---
  GCM: record limit counter gets reset on AAD changes

It shouldn't be.  This moves the reset to the init function instead and only
does the reset on a key change.

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18860)

[openssl/openssl] e544f3: Fix error in LHASH documentation

2022-07-26 Thread Pauli

  Branch: refs/heads/OpenSSL_1_1_1-stable
  Home:   https://github.com/openssl/openssl
  Commit: e544f3ec8354db9e187ac5883cc20cb96e679a25
  
https://github.com/openssl/openssl/commit/e544f3ec8354db9e187ac5883cc20cb96e679a25
  Author: Pauli 
  Date:   2022-07-26 (Tue, 26 Jul 2022)

  Changed paths:
M doc/man3/OPENSSL_LH_COMPFUNC.pod

  Log Message:
  ---
  Fix error in LHASH documentation

Reviewed-by: Hugo Landau 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/18859)

(cherry picked from commit 316fad64c1e541a530910a13160d48b7545ac1e0)

[openssl/openssl] ea66c8: Fix error in LHASH documentation

2022-07-26 Thread Pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: ea66c8d85a7104b9da9169e4130bd739215ea12d
  
https://github.com/openssl/openssl/commit/ea66c8d85a7104b9da9169e4130bd739215ea12d
  Author: Pauli 
  Date:   2022-07-26 (Tue, 26 Jul 2022)

  Changed paths:
M doc/man3/OPENSSL_LH_COMPFUNC.pod

  Log Message:
  ---
  Fix error in LHASH documentation

Reviewed-by: Hugo Landau 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/18859)

(cherry picked from commit 316fad64c1e541a530910a13160d48b7545ac1e0)

[openssl/openssl] 316fad: Fix error in LHASH documentation

2022-07-26 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 316fad64c1e541a530910a13160d48b7545ac1e0
  
https://github.com/openssl/openssl/commit/316fad64c1e541a530910a13160d48b7545ac1e0
  Author: Pauli 
  Date:   2022-07-26 (Tue, 26 Jul 2022)

  Changed paths:
M doc/man3/OPENSSL_LH_COMPFUNC.pod

  Log Message:
  ---
  Fix error in LHASH documentation

Reviewed-by: Hugo Landau 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/18859)

[openssl/openssl] e544f3: Fix error in LHASH documentation

2022-07-26 Thread pauli

  Branch: refs/heads/OpenSSL_1_1_1-stable
  Home:   https://github.openssl.org/openssl/openssl
  Commit: e544f3ec8354db9e187ac5883cc20cb96e679a25
  
https://github.openssl.org/openssl/openssl/commit/e544f3ec8354db9e187ac5883cc20cb96e679a25
  Author: Pauli 
  Date:   2022-07-26 (Tue, 26 Jul 2022)

  Changed paths:
M doc/man3/OPENSSL_LH_COMPFUNC.pod

  Log Message:
  ---
  Fix error in LHASH documentation

Reviewed-by: Hugo Landau 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/18859)

(cherry picked from commit 316fad64c1e541a530910a13160d48b7545ac1e0)

[openssl/openssl] ea66c8: Fix error in LHASH documentation

2022-07-26 Thread pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.openssl.org/openssl/openssl
  Commit: ea66c8d85a7104b9da9169e4130bd739215ea12d
  
https://github.openssl.org/openssl/openssl/commit/ea66c8d85a7104b9da9169e4130bd739215ea12d
  Author: Pauli 
  Date:   2022-07-26 (Tue, 26 Jul 2022)

  Changed paths:
M doc/man3/OPENSSL_LH_COMPFUNC.pod

  Log Message:
  ---
  Fix error in LHASH documentation

Reviewed-by: Hugo Landau 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/18859)

(cherry picked from commit 316fad64c1e541a530910a13160d48b7545ac1e0)

[openssl/openssl] 316fad: Fix error in LHASH documentation

2022-07-26 Thread pauli

  Branch: refs/heads/master
  Home:   https://github.openssl.org/openssl/openssl
  Commit: 316fad64c1e541a530910a13160d48b7545ac1e0
  
https://github.openssl.org/openssl/openssl/commit/316fad64c1e541a530910a13160d48b7545ac1e0
  Author: Pauli 
  Date:   2022-07-26 (Tue, 26 Jul 2022)

  Changed paths:
M doc/man3/OPENSSL_LH_COMPFUNC.pod

  Log Message:
  ---
  Fix error in LHASH documentation

Reviewed-by: Hugo Landau 
Reviewed-by: Shane Lontis 
(Merged from https://github.com/openssl/openssl/pull/18859)

[openssl/openssl] 4f1f3e: Coverity 1507376: Dereference after null check

2022-07-22 Thread Pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: 4f1f3e14728a1c5bccd2e49e988e8c8634caae58
  
https://github.com/openssl/openssl/commit/4f1f3e14728a1c5bccd2e49e988e8c8634caae58
  Author: Pauli 
  Date:   2022-07-22 (Fri, 22 Jul 2022)

  Changed paths:
M crypto/sparse_array.c

  Log Message:
  ---
  Coverity 1507376: Dereference after null check

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18837)

(cherry picked from commit 93429fc0ce9468242a463ff5878cd53b97e7f13f)

[openssl/openssl] 93429f: Coverity 1507376: Dereference after null check

2022-07-22 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 93429fc0ce9468242a463ff5878cd53b97e7f13f
  
https://github.com/openssl/openssl/commit/93429fc0ce9468242a463ff5878cd53b97e7f13f
  Author: Pauli 
  Date:   2022-07-22 (Fri, 22 Jul 2022)

  Changed paths:
M crypto/sparse_array.c

  Log Message:
  ---
  Coverity 1507376: Dereference after null check

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18837)

[openssl/openssl] 4f1f3e: Coverity 1507376: Dereference after null check

2022-07-22 Thread pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.openssl.org/openssl/openssl
  Commit: 4f1f3e14728a1c5bccd2e49e988e8c8634caae58
  
https://github.openssl.org/openssl/openssl/commit/4f1f3e14728a1c5bccd2e49e988e8c8634caae58
  Author: Pauli 
  Date:   2022-07-22 (Fri, 22 Jul 2022)

  Changed paths:
M crypto/sparse_array.c

  Log Message:
  ---
  Coverity 1507376: Dereference after null check

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18837)

(cherry picked from commit 93429fc0ce9468242a463ff5878cd53b97e7f13f)

[openssl/openssl] 93429f: Coverity 1507376: Dereference after null check

2022-07-22 Thread pauli

  Branch: refs/heads/master
  Home:   https://github.openssl.org/openssl/openssl
  Commit: 93429fc0ce9468242a463ff5878cd53b97e7f13f
  
https://github.openssl.org/openssl/openssl/commit/93429fc0ce9468242a463ff5878cd53b97e7f13f
  Author: Pauli 
  Date:   2022-07-22 (Fri, 22 Jul 2022)

  Changed paths:
M crypto/sparse_array.c

  Log Message:
  ---
  Coverity 1507376: Dereference after null check

Reviewed-by: Hugo Landau 
Reviewed-by: Tomas Mraz 
(Merged from https://github.com/openssl/openssl/pull/18837)

[openssl/openssl] 32eb72: Fix error in example.

2022-07-22 Thread Pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.com/openssl/openssl
  Commit: 32eb729a420e2eaaa05e9fa4abb4c93ce132cdbd
  
https://github.com/openssl/openssl/commit/32eb729a420e2eaaa05e9fa4abb4c93ce132cdbd
  Author: Pauli 
  Date:   2022-07-22 (Fri, 22 Jul 2022)

  Changed paths:
M doc/man3/EVP_PKEY_gettable_params.pod

  Log Message:
  ---
  Fix error in example.

Fixes #18828

Reviewed-by: Tomas Mraz 
Reviewed-by: Hugo Landau 
(Merged from https://github.com/openssl/openssl/pull/18829)

(cherry picked from commit 2752ab2eb61dcfc799775d34eaeda3621b85f95f)

[openssl/openssl] 2752ab: Fix error in example.

2022-07-22 Thread Pauli

  Branch: refs/heads/master
  Home:   https://github.com/openssl/openssl
  Commit: 2752ab2eb61dcfc799775d34eaeda3621b85f95f
  
https://github.com/openssl/openssl/commit/2752ab2eb61dcfc799775d34eaeda3621b85f95f
  Author: Pauli 
  Date:   2022-07-22 (Fri, 22 Jul 2022)

  Changed paths:
M doc/man3/EVP_PKEY_gettable_params.pod

  Log Message:
  ---
  Fix error in example.

Fixes #18828

Reviewed-by: Tomas Mraz 
Reviewed-by: Hugo Landau 
(Merged from https://github.com/openssl/openssl/pull/18829)

[openssl/openssl] 32eb72: Fix error in example.

2022-07-22 Thread pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.openssl.org/openssl/openssl
  Commit: 32eb729a420e2eaaa05e9fa4abb4c93ce132cdbd
  
https://github.openssl.org/openssl/openssl/commit/32eb729a420e2eaaa05e9fa4abb4c93ce132cdbd
  Author: Pauli 
  Date:   2022-07-22 (Fri, 22 Jul 2022)

  Changed paths:
M doc/man3/EVP_PKEY_gettable_params.pod

  Log Message:
  ---
  Fix error in example.

Fixes #18828

Reviewed-by: Tomas Mraz 
Reviewed-by: Hugo Landau 
(Merged from https://github.com/openssl/openssl/pull/18829)

(cherry picked from commit 2752ab2eb61dcfc799775d34eaeda3621b85f95f)

[openssl/openssl] 2752ab: Fix error in example.

2022-07-22 Thread pauli

  Branch: refs/heads/master
  Home:   https://github.openssl.org/openssl/openssl
  Commit: 2752ab2eb61dcfc799775d34eaeda3621b85f95f
  
https://github.openssl.org/openssl/openssl/commit/2752ab2eb61dcfc799775d34eaeda3621b85f95f
  Author: Pauli 
  Date:   2022-07-22 (Fri, 22 Jul 2022)

  Changed paths:
M doc/man3/EVP_PKEY_gettable_params.pod

  Log Message:
  ---
  Fix error in example.

Fixes #18828

Reviewed-by: Tomas Mraz 
Reviewed-by: Hugo Landau 
(Merged from https://github.com/openssl/openssl/pull/18829)

[openssl/openssl] 3cfc2a: Coverity 1503321 & 1503327: dereference after null...

2022-07-20 Thread pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.openssl.org/openssl/openssl
  Commit: 3cfc2a967a4a5313f141ae433b833f3c6c9a5643
  
https://github.openssl.org/openssl/openssl/commit/3cfc2a967a4a5313f141ae433b833f3c6c9a5643
  Author: Pauli 
  Date:   2022-07-20 (Wed, 20 Jul 2022)

  Changed paths:
M crypto/provider_core.c

  Log Message:
  ---
  Coverity 1503321 & 1503327: dereference after null check

The earlier fix being inadequate

Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/18822)

(cherry picked from commit f913c3cd7e22eecbcc8f84b72c645081fa37fdf4)


  Commit: d3cc10eb0ee31a3950bb310c8201614fb076f759
  
https://github.openssl.org/openssl/openssl/commit/d3cc10eb0ee31a3950bb310c8201614fb076f759
  Author: Pauli 
  Date:   2022-07-20 (Wed, 20 Jul 2022)

  Changed paths:
M test/evp_extra_test2.c

  Log Message:
  ---
  Coverity 1507372: explicit null dereference

Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/18822)

(cherry picked from commit d768f853bb05b5a49a2aeb5b5702776834e68d06)


Compare: 
https://github.openssl.org/openssl/openssl/compare/3f348a0f6c31...d3cc10eb0ee3

[openssl/openssl] f913c3: Coverity 1503321 & 1503327: dereference after null...

2022-07-20 Thread pauli

  Branch: refs/heads/master
  Home:   https://github.openssl.org/openssl/openssl
  Commit: f913c3cd7e22eecbcc8f84b72c645081fa37fdf4
  
https://github.openssl.org/openssl/openssl/commit/f913c3cd7e22eecbcc8f84b72c645081fa37fdf4
  Author: Pauli 
  Date:   2022-07-20 (Wed, 20 Jul 2022)

  Changed paths:
M crypto/provider_core.c

  Log Message:
  ---
  Coverity 1503321 & 1503327: dereference after null check

The earlier fix being inadequate

Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/18822)


  Commit: d768f853bb05b5a49a2aeb5b5702776834e68d06
  
https://github.openssl.org/openssl/openssl/commit/d768f853bb05b5a49a2aeb5b5702776834e68d06
  Author: Pauli 
  Date:   2022-07-20 (Wed, 20 Jul 2022)

  Changed paths:
M test/evp_extra_test2.c

  Log Message:
  ---
  Coverity 1507372: explicit null dereference

Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
(Merged from https://github.com/openssl/openssl/pull/18822)


Compare: 
https://github.openssl.org/openssl/openssl/compare/1efd8533e1cc...d768f853bb05

[openssl/openssl] c7f510: Coverity 1503321 & 1503327: dereference after null...

2022-07-18 Thread pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.openssl.org/openssl/openssl
  Commit: c7f5109e5f847ccb96b761774186ec0ff6c8fec6
  
https://github.openssl.org/openssl/openssl/commit/c7f5109e5f847ccb96b761774186ec0ff6c8fec6
  Author: Pauli 
  Date:   2022-07-17 (Sun, 17 Jul 2022)

  Changed paths:
M crypto/provider_core.c

  Log Message:
  ---
  Coverity 1503321 & 1503327: dereference after null check

Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
Reviewed-by: Hugo Landau 
(Merged from https://github.com/openssl/openssl/pull/18799)

(cherry picked from commit f80910390cb882f346fe59c9803fc914b9c367c2)


  Commit: 1d6c45694a1ae4ac5f9aa8f76dc1de68089f8a72
  
https://github.openssl.org/openssl/openssl/commit/1d6c45694a1ae4ac5f9aa8f76dc1de68089f8a72
  Author: Pauli 
  Date:   2022-07-17 (Sun, 17 Jul 2022)

  Changed paths:
M crypto/evp/evp_lib.c
M crypto/evp/evp_rand.c
M crypto/evp/exchange.c
M crypto/evp/kdf_lib.c
M crypto/evp/kem.c
M crypto/evp/keymgmt_meth.c
M crypto/evp/mac_lib.c
M crypto/evp/p_lib.c
M crypto/evp/signature.c

  Log Message:
  ---
  evp: make all _is_a functions accept and handle a NULL argument

Makes life easier for callers.

Fixes Coverity 1503326

Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
Reviewed-by: Hugo Landau 
(Merged from https://github.com/openssl/openssl/pull/18799)

(cherry picked from commit ee8db8c5fb5b091f48d29914126d35a7e29cdcf2)


  Commit: 87dcdcc12434d2ed251efc182f2a24a244e74e4d
  
https://github.openssl.org/openssl/openssl/commit/87dcdcc12434d2ed251efc182f2a24a244e74e4d
  Author: Pauli 
  Date:   2022-07-17 (Sun, 17 Jul 2022)

  Changed paths:
M crypto/bio/bss_dgram.c

  Log Message:
  ---
  Coverity 1506566: unchecked return value

There isn't much else that can be done here unfortunately.

Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
Reviewed-by: Hugo Landau 
(Merged from https://github.com/openssl/openssl/pull/18799)

(cherry picked from commit 358103b4a651ab3f392f088d86cd30469dccce2e)


Compare: 
https://github.openssl.org/openssl/openssl/compare/a3845612a690...87dcdcc12434

[openssl/openssl] f80910: Coverity 1503321 & 1503327: dereference after null...

2022-07-18 Thread pauli

  Branch: refs/heads/master
  Home:   https://github.openssl.org/openssl/openssl
  Commit: f80910390cb882f346fe59c9803fc914b9c367c2
  
https://github.openssl.org/openssl/openssl/commit/f80910390cb882f346fe59c9803fc914b9c367c2
  Author: Pauli 
  Date:   2022-07-17 (Sun, 17 Jul 2022)

  Changed paths:
M crypto/provider_core.c

  Log Message:
  ---
  Coverity 1503321 & 1503327: dereference after null check

Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
Reviewed-by: Hugo Landau 
(Merged from https://github.com/openssl/openssl/pull/18799)


  Commit: ee8db8c5fb5b091f48d29914126d35a7e29cdcf2
  
https://github.openssl.org/openssl/openssl/commit/ee8db8c5fb5b091f48d29914126d35a7e29cdcf2
  Author: Pauli 
  Date:   2022-07-17 (Sun, 17 Jul 2022)

  Changed paths:
M crypto/evp/evp_lib.c
M crypto/evp/evp_rand.c
M crypto/evp/exchange.c
M crypto/evp/kdf_lib.c
M crypto/evp/kem.c
M crypto/evp/keymgmt_meth.c
M crypto/evp/mac_lib.c
M crypto/evp/p_lib.c
M crypto/evp/signature.c

  Log Message:
  ---
  evp: make all _is_a functions accept and handle a NULL argument

Makes life easier for callers.

Fixes Coverity 1503326

Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
Reviewed-by: Hugo Landau 
(Merged from https://github.com/openssl/openssl/pull/18799)


  Commit: 358103b4a651ab3f392f088d86cd30469dccce2e
  
https://github.openssl.org/openssl/openssl/commit/358103b4a651ab3f392f088d86cd30469dccce2e
  Author: Pauli 
  Date:   2022-07-17 (Sun, 17 Jul 2022)

  Changed paths:
M crypto/bio/bss_dgram.c

  Log Message:
  ---
  Coverity 1506566: unchecked return value

There isn't much else that can be done here unfortunately.

Reviewed-by: Tomas Mraz 
Reviewed-by: Dmitry Belyavskiy 
Reviewed-by: Hugo Landau 
(Merged from https://github.com/openssl/openssl/pull/18799)


Compare: 
https://github.openssl.org/openssl/openssl/compare/98b183d3c65e...358103b4a651

[openssl/openssl] a0ff8e: add a check for the return of OBJ_new_nid()

2022-07-12 Thread pauli

  Branch: refs/heads/master
  Home:   https://github.openssl.org/openssl/openssl
  Commit: a0ff8e413e94ba46720a4bf3a5032c50531c526c
  
https://github.openssl.org/openssl/openssl/commit/a0ff8e413e94ba46720a4bf3a5032c50531c526c
  Author: xkernel 
  Date:   2022-07-13 (Wed, 13 Jul 2022)

  Changed paths:
M crypto/objects/obj_dat.c

  Log Message:
  ---
  add a check for the return of OBJ_new_nid()

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/18773)

[openssl/openssl] 8d222d: add a check for the return of OBJ_new_nid()

2022-07-12 Thread pauli

  Branch: refs/heads/openssl-3.0
  Home:   https://github.openssl.org/openssl/openssl
  Commit: 8d222dd9ec5f1542035b55395c7d7a4b42d618b0
  
https://github.openssl.org/openssl/openssl/commit/8d222dd9ec5f1542035b55395c7d7a4b42d618b0
  Author: xkernel 
  Date:   2022-07-13 (Wed, 13 Jul 2022)

  Changed paths:
M crypto/objects/obj_dat.c

  Log Message:
  ---
  add a check for the return of OBJ_new_nid()

Reviewed-by: Tomas Mraz 
Reviewed-by: Paul Dale 
(Merged from https://github.com/openssl/openssl/pull/18773)

(cherry picked from commit a0ff8e413e94ba46720a4bf3a5032c50531c526c)

1 2 >

1 - 100 of 186 matches

Mail list logo