Mirrors/openssl
0
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2026-01-18 17:11:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
38,783 Commits 37 Branches 420 Tags
master
Commit Graph

92 Commits

Author SHA1 Message Date
Bob Beck
2fab90bb5e 4.0-POST-CLANG-FORMAT-WEBKIT 
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29242)
 2025-12-09 00:28:19 -07:00
Norbert Pocs
26b1723ed4 apps/: Remove engines 
Signed-off-by: Norbert Pocs <norbertp@openssl.org>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29305)
 2025-12-04 07:31:05 -05:00
Eugene Syromiatnikov
ddee212bab apps: use app_malloc_array() 
Replace app_malloc() calls where app_malloc_array() ones where
appropriate.

Signed-off-by: Eugene Syromiatnikov <esyr@openssl.org>

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28444)
 2025-09-07 07:22:24 -04:00
openssl-machine
0c679f5566 Copyright year updates 
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Release: yes
 2025-03-12 13:35:59 +00:00
otherddn1978
e1a501a433 EC_get_buildin_curves does not return an error, this check is unnecessary. 
Found by Linux Verification Center (linuxtesting.org) with SVACE.

unused code has been removed

delete whitespace

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26719)
 2025-02-20 15:15:46 +01:00
Tomas Mraz
8f416ba9b0 ecparam: process -list_curves before reading input 
Fixes #26519

This is a regression from commit 1dbb67c4

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26525)
 2025-02-13 11:19:02 +01:00
Peiwei Hu
8baf61d51b Fix wrong return value checks for some functions 
- in particular in use of X509_LOOKUP_load_file, EVP_PKEY_print_params,
EVP_PKEY_keygen, X509_CRL_add1_ext_i2d, EVP_PKEY_keygen_init

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25811)
 2024-11-22 12:10:26 +01:00
Dr. David von Oheimb
1dbb67c4f1 APPS/{ecparam,pkeyparam}: fix case where infile and outfile are the same 
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25552)
 2024-10-04 12:09:33 +02:00
K1
08ae9fa627 Support decode SM2 parameters 
Reviewed-by: Hugo Landau <hlandau@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18819)
 2022-08-23 11:08:11 +10:00
Clemens Lang
2b8f687d76 APPS: ecparam: Support setting properties 
The -provider and -propquery options did not work on ecparam. Fix this
and add tests that check that operations that would usually fail with
the FIPS provider work when run with

| -provider default -propquery '?fips!=yes'

See also 30b2c3592e, which previously
fixed the same problem in dsaparam and gendsa. See also the initial
report in https://bugzilla.redhat.com/show_bug.cgi?id=2094956.

Signed-off-by: Clemens Lang <cllang@redhat.com>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/18717)
 2022-08-17 09:20:41 +02:00
Peiwei Hu
e85bef981c Fix the checks of EVP_PKEY_param_check 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/18424)
 2022-06-02 10:36:56 -04:00
Matt Caswell
fecb3aae22 Update copyright year 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Release: yes
 2022-05-03 13:34:51 +01:00
Dmitry Belyavskiy
fba140c735 str[n]casecmp => OPENSSL_strncasecmp 
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18069)
 2022-04-22 11:34:41 +02:00
Dr. David von Oheimb
d9f073575f APPS: Improve diagnostics on missing/extra args and unknown cipher/digest 
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16450)
 2021-12-07 15:26:40 +01:00
Tianjia Zhang
022411112d apps: Fix the mismatch of SM2 keys keymgmt 
The SM2 key has a separate keymgmt, which is independent of the
EC. The key generated by the subcommand ecparam is wrong. Using
'openssl ec -in sm2.key -noout -text' will also encounter some
errors.

When using the ecparam subcommand to generate the SM2 key, use
the correct keymgmt to solve this problem.

Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15454)
 2021-05-26 16:57:40 +02:00
Tomas Mraz
57cea5baf6 apps: Cleanup useless bio_open_default() calls for key input 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/15331)
 2021-05-21 10:00:21 +02:00
Tomas Mraz
d382e79632 Make the -inform option to be respected if possible 
Add OSSL_STORE_PARAM_INPUT_TYPE and make it possible to be
set when OSSL_STORE_open_ex() or OSSL_STORE_attach() is called.

The input type format is enforced only in case the file
type file store is used.

By default we use FORMAT_UNDEF meaning the input type
is not enforced.

Fixes #14569

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15100)
 2021-05-06 11:43:32 +01:00
Dr. David von Oheimb
b0f960189b APPS: Replace 'OPT_ERR = -1, OPT_EOF = 0, OPT_HELP' by OPT_COMMON macro 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15111)
 2021-05-05 20:48:20 +02:00
Dr. David von Oheimb
3ad6030948 APPS: make apps strict on app_RAND_load() and app_RAND_write() failure 
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14840)
 2021-04-14 16:48:27 +02:00
Tomas Mraz
fe75766c9c Rename OSSL_ENCODER_CTX_new_by_EVP_PKEY and OSSL_DECODER_CTX_new_by_EVP_PKEY 
Additional renames done in encoder and decoder implementation
to follow the style.

Fixes #13622

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14155)
 2021-02-17 15:26:12 +01:00
Rich Salz
51e5df0ed0 Load rand state after loading providers 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14135)
 2021-02-12 08:34:17 +10:00
Tomas Mraz
28e1904250 apps/ecparam: Avoid crash when parameters fail to load 
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14043)
 2021-02-03 12:09:44 +01:00
Richard Levitte
4333b89f50 Update copyright year 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13999)
 2021-01-28 13:54:57 +01:00
Richard Levitte
5ac632eed7 APPS: Restore inclusions 
An '#include <string.h>' was mistakenly removed from apps/ec.c and
apps/ecparam.c

Fixes #13986

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/13989)
 2021-01-28 10:24:30 +01:00
Shane Lontis
5b5eea4b60 Deprecate EC_KEY + Update ec apps to use EVP_PKEY 
Co-author: Richard Levitte <levitte@openssl.org>
Co-author: Tomas Mraz <tmraz@openssl.org>

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13139)
 2021-01-26 15:22:14 +01:00
Rich Salz
021410ea3f Check non-option arguments 
Make sure all commands check to see if there are any "extra" arguments
after the options, and print an error if so.

Made all error messages consistent (which is to say, minimal).

Fixes: #13527

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13563)
 2020-12-15 11:47:17 +01:00
Shane Lontis
c1131e6a0e Deprecate EC_POINT_bn2point and EC_POINT_point2bn. 
Fixes #10366

The one place that actually used was in the legacy printing of ecparams.
This has been replaced by the pointtobuf variant.

The ecparam app was using one of these functions - this line has just been
removed as another PR will remove all the code generated lines..

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13294)
 2020-12-07 17:15:39 +10:00
Rich Salz
1696b8909b Remove -C from dhparam,dsaparam,ecparam 
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13384)
 2020-11-13 14:45:22 +01:00
Billy Brumley
23ccae80bd Move EC_METHOD to internal-only 
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11928)
 2020-06-02 11:17:24 +03:00
Matt Caswell
33388b44b6 Update copyright year 
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11616)
 2020-04-23 13:55:52 +01:00
Rich Salz
1ae56f2f43 Don't compile commands if disabled 
Rather than wrapping whole files in "ifndef OPENSSL_NO_xxx" we handle
the changes in build.info

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/11250)
 2020-04-10 15:24:02 +02:00
Pauli
6bd4e3f231 cmdline app: add provider commandline options. 
Add a -provider option to allow providers to be loaded. This option can be
specified multiple times.

Add a -provider_path option to allow the path to providers to be specified.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11167)
 2020-03-07 11:46:48 +10:00
Rich Salz
5388f9862d Add "sections" to -help output 
Remove "Valid options" label, since all commands have sections (and
[almost] always the first one is "General options").
Have "list --options" ignore section headers
Reformat ts's additional help

Add output section

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/9953)
 2019-11-08 06:08:30 +10:00
Matt Caswell
a9612d6c03 Make the EC code available from inside the FIPS provider 
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/9380)
 2019-08-06 11:19:07 +01:00
Shane Lontis
8402cd5f75 added code to validate EC named curve parameters 
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8555)
 2019-04-11 12:05:38 +03:00
Richard Levitte
dffa752023 Following the license change, modify the boilerplates in apps/ 
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7765)
 2018-12-06 14:15:27 +01:00
Matt Caswell
9cc570d4c4 Use the new non-curve type specific EC functions internally 
Fixes #6646

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6815)
 2018-07-31 09:08:38 +01:00
Bernd Edlinger
4bdc25b07f Fix ecparam -genkey with point compression or DER outform 
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5741)
 2018-03-25 11:12:46 +02:00
Matt Caswell
6738bf1417 Update copyright year 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2018-02-13 13:59:25 +00:00
Richard Levitte
dab2cd68e7 apps: Don't include progs.h in apps.h 
Everything in apps includes apps.h, because that one declares apps
internal library routines.  However, progs.h doesn't declare library
routines, but rather the main commands and their options, and there's
no reason why the library modules should include it.

So, remove the inclusion of progs.h from apps.h and add that inclusion
in all command source files.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5222)
 2018-01-31 23:45:12 +01:00
Rich Salz
cbe2964821 Consistent formatting for sizeof(foo) 
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4872)
 2017-12-07 19:11:49 -05:00
KaoruToda
26a7d938c9 Remove parentheses of return. 
Since return is inconsistent, I removed unnecessary parentheses and
unified them.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4541)
 2017-10-18 16:05:06 +01:00
Rich Salz
3ee1eac27a Standardize apps use of -rand, etc. 
Standardized the -rand flag and added a new one:
    -rand file...
            Always reads the specified files
    -writerand file
            Always writes to the file on exit

For apps that use a config file, the RANDFILE config parameter reads
the file at startup (to seed the RNG) and write to it on exit if
the -writerand flag isn't used.

Ensured that every app that took -rand also took -writerand, and
made sure all of that agreed with all the documentation.

Fix error reporting in write_file and -rand

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/3862)
 2017-07-16 19:20:45 -04:00
Rich Salz
aa8f3d76fc Modify Sun copyright to follow OpenSSL style 
Approved by Oracle.

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/3585)
 2017-06-20 11:13:45 -04:00
Paul Yang
2234212c3d Clean up a bundle of codingstyle stuff in apps directory 
Mostly braces and NULL pointer check and also copyright year bump

Signed-off-by: Paul Yang <paulyang.inf@gmail.com>

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3657)
 2017-06-12 16:11:05 -04:00
Richard Levitte
dd1abd4462 If an engine comes up explicitely, it must also come down explicitely 
In apps/apps.c, one can set up an engine with setup_engine().
However, we freed the structural reference immediately, which means
that for engines that don't already have a structural reference
somewhere else (because it's a built in engine), we end up returning
an invalid reference.

Instead, the function release_engine() is added, and called at the end
of the routines that call setup_engine().

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1643)
 2016-10-19 17:44:08 +02:00
FdaSilvaYY
44c83ebd70 Constify command options 
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1694)
 2016-10-14 18:25:50 +02:00
Rich Salz
846e33c729 Copyright consolidation 01/10 
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
 2016-05-17 14:19:19 -04:00
Kurt Roeckx
0335851754 argv was set but unused 
Also gives an error message when you gave it a parameter it didn't expect.

Reviewed-by: Rich Salz <rsalz@openssl.org>

MR: #2009
 2016-02-20 14:53:53 +01:00
Rich Salz
effaf4dee9 Use NON_EMPTY_TRANSLATION_UNIT, consistently. 
This also closes RT 4123

Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-02-09 20:13:29 -05:00