Late Monthly Status Report (September 2020)
Apart from normal business, such as normal reviews, OMC business, normal system administration tasks, small fixes, etc., key activities this month: * Development: - [WIP] EVP: retrieve EVP_CIPHER constants in the evp_cipher_from_dispatch() (PR openssl/openssl#11980) - [not_yet_merged] [WIP] APPS: Refactoring dsaparam and dhparam (PR openssl/openssl#12072) - DOC: Modify one example in EVP_PKEY_fromdata(3) (PR openssl/openssl#12389) - CORE: Implement unconditional provider autoactivation (PR openssl/openssl#12497) - [reviewed] Add SM2 key management (PR openssl/openssl#12536 by InfoHunter) - OSSL_STORE: Move 'file:' scheme loader to provider (PR openssl/openssl#12587) - dev/release.sh: Rework to be smoother (PR openssl/openssl#12614) - Building: Build Unix static libraries a limited number of object files at a time (PR openssl/openssl#12706) - PEM: Make PEM_write_bio_PrivateKey_traditional() handle provider-native keys (PR openssl/openssl#12738) - EVP: Preserve the EVP_PKEY id in a few more spots (PR openssl/openssl#12785) - EVP: Add support for delayed EVP_PKEY operation parameters (PR openssl/openssl#12789) - TEST: skip POSIX errcode zero in test/recipes/02-test_errstr.t (PR openssl/openssl#12799) - [reviewed] NonStop port updates for 3.0.0. (PR openssl/openssl#12800 by rsbeckerca) - ENCODER: Refactor provider implementations, and some cleanup (PR openssl/openssl#12803) - Diverse build.info: Adjust paths (PR openssl/openssl#12816) - STORE: Fix OSSL_STORE_attach() to check |ui_method| before use (PR openssl/openssl#12831) - OSSL_DECODER 'decode' function must never be NULL. (PR openssl/openssl#12849) - EC: Reimplement EVP_PKEY_CTX_set_ec_param_enc() to support providers (PR openssl/openssl#12853) - EVP: Centralise fetching error reporting (PR openssl/openssl#12857) - ENCODER: Refactor the OSSL_ENCODER API to be more like OSSL_DECODER (PR openssl/openssl#12873) - OpenSSL::ParseC: recognise inline function bodies (PR openssl/openssl#12882) - util/mkerr.h: Restore header file rename (PR openssl/openssl#12910) - EVP: Enforce that EVP_PKEY_set_alias_type() only works with legacy keys (PR openssl/openssl#12920) - DOC: POD syntax fixes in doc/man1/openssl-cmp.pod.in (PR openssl/openssl#12924) - Streamline/Rationalize HPE NonStop Configuration (PR openssl/openssl#12933) - Configurations/unix-Makefile.tmpl: make cleanup kinder (PR openssl/openssl#12939) - Hide ECX_KEY again (PR openssl/openssl#12956) - Configuration: Make it possible to have an argument file (PR openssl/openssl#12960) - Build: Make NonStop shared libraries only export selected symbols (PR openssl/openssl#12962) - STORE: Clear a couple of TODOs that were there for the sake of SM2 (PR openssl/openssl#12986) - Configure: handle undefined shared_target. (PR openssl/openssl#13031) * Web: - [reviewed] Add a new section to the Coding Style about argument ordering (PR openssl/web#194 by mattcaswell) - [reviewed] Add a new section to the Coding Style about extending existing functions (PR openssl/web#195 by mattcaswell) -- Richard Levitte levi...@openssl.org OpenSSL Project http://www.openssl.org/~levitte/
Monthly Status Report (October 2020)
Apart from normal business, such as normal reviews, OMC business, normal system administration tasks, small fixes, etc., key activities this month: * Development: - Configuration: add initial NonStop values in OpenSSL::config (PR openssl/openssl#12973) - EVP: Take care of locks when downgrading an EVP_PKEY (PR openssl/openssl#12978) - [not_yet_merged] EVP: Adapt EVP_PKEY2PKCS8() to better handle provider-native keys (PR openssl/openssl#12995) - Make a build file target to install the FIPS module installation config file (PR openssl/openssl#13032) - EVP: use evp_pkey_ctx_is_legacy() to find what implementation to use (PR openssl/openssl#13043) - APPS: Reduce deprecation warning suppression - ENGINE (PR openssl/openssl#13044) - DECODER: Handle abstract object data type (PR openssl/openssl#13060) - DECODER: Allow precise result type for OSSL_DECODER_CTX_new_by_EVP_PKEY() (PR openssl/openssl#13061) - Refactor deprecation macros (PR openssl/openssl#13074) - Modify util/mknum.pl to drop new symbols that don't exist any more (PR openssl/openssl#13092) - Fix diverse ERR code conflicts (PR openssl/openssl#13093) - ENCODER / DECODER: Add functions to encode/decode to/from a buffer (PR openssl/openssl#13094) - [not_yet_merged] Add new provider encoders implementations for more output standards (PR openssl/openssl#13095, openssl/openssl#13167) - [not_yet_merged] Deprecate RSA harder (PR openssl/openssl#13096) - DH: stop setting the private key length arbitrarily (PR openssl/openssl#13140) - TEST: fix small logic error in test/evp_pkey_provided_test.c (PR openssl/openssl#13146) - TEST: modify tconversion.pl for forensics (PR openssl/openssl#13147) - ENCODER & DECODER: set params on all encoder/decoder instances, unconditionally (PR openssl/openssl#13156) - dev/release.sh: improve instruction for pushing the tag (PR openssl/openssl#13159) - DH: make the private key length importable / exportable (PR openssl/openssl#13166) - Add easy to digest selector macros for EVP_PKEYs (PR openssl/openssl#13189) - Work around Windows ftell() bug as per Microsoft engineering's suggestion (PR openssl/openssl#13190) - APPS: Implement load_keyparams() to load key parameters (PR openssl/openssl#13191) - Unexport internal MSBLOB and PVK functions (PR openssl/openssl#13196) - configdata.pm.in: Make a HERE document stricter. (PR openssl/openssl#13225) - APPS: Remove the format argument where it's not used (PR openssl/openssl#13236) - [not_yet_merged] util/fix-deprecation: DEPRECATEDIN conversion util for public headers (PR openssl/openssl#13239) - [not_yet_merged] Simplify and clarify doc/internal/man7/deprecation.pod (PR openssl/openssl#13240) - [not_yet_merged] Add new provider decoders implementations for more input standards (PR openssl/openssl#13248) - [not_yet_merged] test/endecoder_legacy_test.c: new test for legacy comparison (PR openssl/openssl#13262) - test/recipes/15-test_gendh.t: don't try DER params (PR openssl/openssl#13266) - [not_yet_merged] test/recipes/90-test_shlibload.t: Skip when address sanitizer enabled (PR openssl/openssl#13281) - [not_yet_published] Adapt OpenSSL 3.0 for VMS -- Richard Levitte levi...@openssl.org OpenSSL Project http://www.openssl.org/~levitte/
Late Monthly Status Report (August 2020)
Apart from normal business, such as normal reviews, OMC business, normal system administration tasks, small fixes, etc., key activities this month: * Development: - OSSL_STORE for providers, take 2 (PR openssl/openssl#12512) - PROV: Make the DER to KEY deserializer decode parameters too (PR openssl/openssl#12569) - DESERIALIZER: Fix EVP_PKEY construction by export (PR openssl/openssl#12571) - Add MSBLOB and PVK deserializers (PR openssl/openssl#12574, openssl/openssl#12601) - RSA: Be less strict on PSS parameters when exporting to provider (PR openssl/openssl#12583) - EVP: Fix the returned value for ASN1_PKEY_CTRL_DEFAULT_MD_NID (PR openssl/openssl#12586) - EVP: Have evp_pkey_cmp_any() detect if export wasn't possible (PR openssl/openssl#12610) - Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODER / OSSL_DECODER (PR openssl/openssl#12659, openssl/openssl#12660) - X509: Add d2i_PUBKEY_ex(), which take a libctx and propq (PR openssl/openssl#12671) - TEST: separate out NIST ECC tests from non-NIST (PR openssl/openssl#12672) - PEM: Add more library context aware PEM readers (PR openssl/openssl#12673) - RSA: Fix rsa_todata() to only add params for existing data (PR openssl/openssl#12676) - PROV: Fix EC OSSL_FUNC_keymgmt_match() to work in the FIPS provider (PR openssl/openssl#12677) - PROV: Fix DSA and DH private key serializers (PR openssl/openssl#12679) - crypto/x509/v3_utl.c: Fix IPv6 output in ipaddr_to_asc() (PR openssl/openssl#12696) - TEST: Fix CMP tests so they load keys in the current library context (PR openssl/openssl#12705) - Fix PEM_write_bio_PrivateKey_traditional() to not output PKCS#8 (PR openssl/openssl#12728) - [1.1.1] Fix PEM_write_bio_PrivateKey_traditional() to not output PKCS#8 (PR openssl/openssl#12729) -- Richard Levitte levi...@openssl.org OpenSSL Project http://www.openssl.org/~levitte/
Late Monthly Status Report (July 2020)
Apart from normal business, such as normal reviews, OMC business, normal system administration tasks, small fixes, etc., key activities this month: * Development: - [closed in favor of #12512] WIP: OSSL_STORE for providers (PR openssl/openssl#9389) - Configure: Check source and build dir equality a little more thoroughly (PR openssl/openssl#12337) - util/perl/OpenSSL/config.pm: move misplaced Windows and VMS entries (PR openssl/openssl#12339) - Refactor ERR codes (PRs openssl/openssl#12314, openssl/openssl#12343) - Configure: fix handling of build.info attributes with value (PR openssl/openssl#12344) - Configuration and build: Fix solaris tags (PR openssl/openssl#12360) - CORE: perform post-condition in algorithm_do_this() under all circumstances (PR openssl/openssl#12365) - DOC: install documentation without execution permissions. (PR openssl/openssl#12373) - Makefile template: fix incorrect treatment of produced document files (PR openssl/openssl#12374) - BN: Check endianness in run-time, in BN_native2bn() and BN_bn2nativepad() (PR openssl/openssl#12390) - OSSL_DESERIALIZER: New API for provider based deserializers (PR openssl/openssl#12410) - util/find-doc-nits: read full declarations as one line in name_synopsis() (PR openssl/openssl#12452) - Fix typo for SSL_get_peer_certificate() (PR openssl/openssl#12468) - PROV: Move bio_prov.c from libcommon.a to libfips.a / libnonfips.a (PR openssl/openssl#12486) - PROV: Add a DER to RSA-PSS deserializer implementation (PR openssl/openssl#12492) - util/find-doc-nits: Relax check of function declarations in name_synopsis() (PR openssl/openssl#12494) * System Administration: - Performed operating system upgrade on our main machine * Other: - Performed the release of OpenSSL 3.0.0 alpha5 -- Richard Levitte levi...@openssl.org OpenSSL Project http://www.openssl.org/~levitte/
Late Monthly Status Report (June 2020)
Apart from normal business, such as normal reviews, OMC business, normal system administration tasks, small fixes, etc., key activities this month: * Development: - Incorporate system guessing in Configure (PR openssl/openssl#11230) - PEM: Make PKCS8 serializing functions aware of OSSL_SERIALIZERs (PR openssl/openssl#11855) - APPS: Make it possible to load_cert() from stdin again (PR openssl/openssl#11873) - CORE: make sure activated fallback providers stay activated (PR openssl/openssl#11926) - APPS: Create a library context in the main app, and pass it to commands (PR openssl/openssl#11982) - APPS: Drop interactive mode in the 'openssl' program (PR openssl/openssl#12023) - EVP: Let EVP_PKEY_gen() initialize ctx->keygen_info (PR openssl/openssl#12048) - TESTUTIL: Separate TAP output and other output by BIO filter (PR openssl/openssl#12057) - util/find-doc-nits: Do not read "missing" files when -u is given (PR openssl/openssl#12125) - EVP: allow empty strings to EVP_Decode* functions (PR openssl/openssl#12144) - DOCS: Add documentation for EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md_name() (PR openssl/openssl#12188) - Build: Remove faulty DES assembler spec (PR openssl/openssl#12203) - CORE: Add OPENSSL_CTX_set0_default(), to set a default library context (PR openssl/openssl#12228) - INSTALL.md: Restore $ as command prompt indicator (PR openssl/openssl#12257) - apps/openssl: Fix buffer-overflow for command with no arguments (PR openssl/openssl#12259) - apps/openssl: clean-up of unused fallback code (PR openssl/openssl#12295) * Other: - Performed the transition from travis-ci.org to travis-ci.com. -- Richard Levitte levi...@openssl.org OpenSSL Project http://www.openssl.org/~levitte/