aboutsummaryrefslogtreecommitdiff
path: root/crypto/ct
AgeCommit message (Collapse)AuthorFilesLines
2022-06-21Update copyright yearMatt Caswell1-1/+1
Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes
2022-06-02CTLOG_new_ex: Fix copy&paste error when setting propqTomas Mraz1-1/+1
Fixes #18431 Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/18432) (cherry picked from commit 163bf682fd93971d07e66e3da339c229b86dc849)
2021-06-17Update copyright yearMatt Caswell2-2/+2
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15801)
2021-06-08Fix CTLOG_new_from_base64_ex()Matt Caswell1-1/+1
Ensure that the libctx/propq are passed to d2i_PUBKEY_ex() Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15504)
2021-06-02ct: remove TODOsPauli1-5/+0
Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15539)
2021-05-26err: rename err_load_xxx_strings_int functionsPauli1-1/+1
The new names are ossl_err_load_xxx_strings. Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15446)
2021-04-08Update copyright yearMatt Caswell3-3/+3
Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14801)
2021-03-18Add ossl_v3 symbolsShane Lontis2-2/+2
Partial fix for #12964 Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14473)
2021-03-12misc: other init function param additionsPauli1-1/+1
Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14383)
2021-03-11Update copyright yearMatt Caswell1-1/+1
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14512)
2021-03-09Reword repeated words.Shane Lontis1-1/+1
A trivial PR to remove some commonly repeated words. It looks like this is not the first PR to do this. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14420)
2021-02-18Update copyright yearMatt Caswell1-1/+1
Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14235)
2021-02-12Use ERR_R_*_LIB instead of ERR_LIB_* as reason code for sub-librariesRichard Levitte1-1/+1
Using ERR_LIB_* causes the error output to say 'reason(n)' instead of the name of the sub-library in question. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14152)
2021-01-28Update copyright yearRichard Levitte1-1/+1
Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13999)
2021-01-20X509v3_get_ext_by_NID.pod: Add warning on counter-intuitive behavior of ↵Dr. David von Oheimb1-4/+1
X509v3_delete_ext() etc. Also simplify two uses of these functions. Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13711)
2020-11-24ERR: Rebuild all generated error headers and source filesRichard Levitte1-6/+12
This is the result of 'make errors ERROR_REBUILD=-rebuild' Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13390)
2020-11-13Convert all {NAME}err() in crypto/ to their corresponding ERR_raise() callRichard Levitte7-62/+62
This includes error reporting for libcrypto sub-libraries in surprising places. This was done using util/err-to-raise Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/13318)
2020-10-15Rename OPENSSL_CTX prefix to OSSL_LIB_CTXDr. Matthias St. Pierre5-10/+10
Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER. The OPENSSL_CTX type stands out a little by using a different prefix. For consistency reasons, this type is renamed to OSSL_LIB_CTX. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12621)
2020-10-01Run the withlibctx.pl scriptMatt Caswell4-19/+17
Automatically rename all instances of _with_libctx() to _ex() as per our coding style. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12970)
2020-09-13Fix safestack issues in ct.hMatt Caswell5-10/+0
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12781)
2020-08-09Add EVP signature with libctx methods.Shane Lontis1-2/+3
-Added EVP_SignFinal_with_libctx() and EVP_VerifyFinal_with_libctx() -Renamed EVP_DigestSignInit_ex() and EVP_DigestVerifyInit_with_libctx() to EVP_DigestSignInit_with_libctx() and EVP_DigestVerifyInit_with_libctx() Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11884)
2020-05-15Update copyright yearMatt Caswell3-3/+3
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11839)
2020-04-30coverity 1462541 Dereference after null checkPauli1-1/+3
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11651)
2020-04-30coverity 1462550 Resource leakPauli1-0/+1
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11651)
2020-04-24In OpenSSL builds, declare STACK for datatypes ...Rich Salz5-0/+10
... and only *define* them in the source files that need them. Use DEFINE_OR_DECLARE which is set appropriately for internal builds and not non-deprecated builds. Deprecate stack-of-block Better documentation Move some ASN1 struct typedefs to types.h Update ParseC to handle this. Most of all, ParseC needed to be more consistent. The handlers are "recursive", in so far that they are called again and again until they terminate, which depends entirely on what the "massager" returns. There's a comment at the beginning of ParseC that explains how that works. {Richard Levtte} Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10669)
2020-04-23Update copyright yearMatt Caswell7-7/+7
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11616)
2020-04-09Make the CT code library context awareMatt Caswell7-30/+124
Add the new functions CTLOG_STORE_new_with_libctx(), CTLOG_new_with_libctx() and CTLOG_new_from_base64_with_libctx() to pass in the library context/property query string to use a library context is to be used. We also add the function CT_POLICY_EVAL_CTX_new_with_libctx() to enable the creation of a CT_POLICY_EVAL_CTX to be associated with a libctx and property query string. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11483)
2020-01-19Deprecate the low level SHA functions.Pauli1-2/+2
Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10791)
2019-10-17Replace BUF_ string function calls with OPENSSL_ onesRich Salz1-3/+3
Deprecate the BUF_ string macros Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10207)
2019-09-28Reorganize local header filesDr. Matthias St. Pierre9-8/+8
Apart from public and internal header files, there is a third type called local header files, which are located next to source files in the source directory. Currently, they have different suffixes like '*_lcl.h', '*_local.h', or '*_int.h' This commit changes the different suffixes to '*_local.h' uniformly. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9333)
2019-09-12util/mkerr.pl: make it not depend on the function codeRichard Levitte1-1/+1
The output C code was made to use ERR_func_error_string() to see if a string table was already loaded or not. Since this function returns NULL always, this check became useless. Change it to use ERR_reason_error_string() instead, as there's no reason to believe we will get rid of reason strings, ever. To top it off, we rebuild all affected C sources. Fixes #9756 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9756)
2019-07-16Regenerate mkerr filesRich Salz1-43/+2
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9058)
2018-12-06Following the license change, modify the boilerplates in crypto/ct/Richard Levitte11-11/+11
[skip ci] Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7786)
2018-09-24Use secure_getenv(3) when available.Pauli1-1/+1
Change all calls to getenv() inside libcrypto to use a new wrapper function that use secure_getenv() if available and an issetugid then getenv if not. CPU processor override flags are unchanged. Extra checks for OPENSSL_issetugid() have been removed in favour of the safe getenv. Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/7047)
2018-06-21Add -Wstrict-prototypes option to --strict-warningsBernd Edlinger1-1/+1
[extended tests] Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6542)
2018-05-29Update copyright yearMatt Caswell1-1/+1
Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6371)
2018-05-11Use void in all function definitions that do not take any argumentsKurt Roeckx1-1/+1
Reviewed-by: Rich Salz <rsalz@openssl.org> GH: #6208
2017-09-18Null pointer used.Pauli1-1/+1
Address coverity report of null pointer being dereferenced. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4381)
2017-09-06Add checks for alloc failing.Rich Salz1-0/+2
Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/4341)
2017-06-09Fix memory leaks in CTLOG_new_from_base64Benjamin Kaduk1-4/+8
Move the call to ct_base64_decode(), which allocates, until after the check for NULL output parameter. Also place a cap on the number of padding characters used to decrement the output length -- any more than two '='s is not permitted in a well-formed base64 text. Prior to this change, ct_base64_decode() would return a length of -1 along with allocated storage for an input of "====". Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3379)
2017-06-07make error tables const and separate header fileRich Salz1-58/+67
Run perltidy on util/mkerr Change some mkerr flags, write some doc comments Make generated tables "const" when genearting lib-internal ones. Add "state" file for mkerr Renerate error tables and headers Rationalize declaration of ERR_load_XXX_strings Fix out-of-tree build Add -static; sort flags/vars for options. Also tweak code output Moved engines/afalg to engines (from master) Use -static flag Standard engine #include's of errors Don't linewrap err string tables unless necessary Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3392)
2017-05-22Newlines!Alex Gaynor1-0/+4
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3149)
2017-05-22Style fixes and use the source parameter so the OCSP path worksAlex Gaynor1-5/+7
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3149)
2017-05-22This is an intAlex Gaynor1-1/+1
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3149)
2017-05-22Don't use a for-loop declerationAlex Gaynor1-1/+2
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3149)
2017-05-22Fixed #3020 -- set entry type on SCTs from X.509 and OCSP extensionsAlex Gaynor1-2/+39
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3149)
2017-01-29Fix faulty freeRichard Levitte1-6/+6
On error, i2o_SCT_signature() and i2o_SCT() free a pointer that may have wandered off from the start of the allocated block (not currently true for i2o_SCT_signature(), but has that potential as the code may change. To avoid this, save away the start of the allocated block and free that instead. Thanks to Guido Vranken for reporting this issue. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2323)
2016-11-16Move SCT_LIST_free definition into a more logical placeRob Percival2-5/+5
This reflects its position in include/openssl/ct.h. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1548)
2016-11-16Pass a temporary pointer to o2i_SCT_signature from SCT_new_from_base64Rob Percival1-1/+4
Otherwise, |dec| gets moved past the end of the signature by o2i_SCT_signature and then can't be correctly freed afterwards. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1548)
2016-11-16Subtract padding from outlen in ct_base64_decodeRob Percival1-0/+5
Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1548)
generated by cgit v1.1 at 2024-07-13 02:33:11 +0000