summaryrefslogtreecommitdiffstats
path: root/CHANGES.md (follow)
Commit message (Collapse)AuthorAgeFilesLines
* adds TLS signature algorithms list featureMichael Baentsch2024-08-131-0/+5
| | | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24821)
* jitter: add a new provider containing a jitter entropy source aloneDimitri John Ledkov2024-07-311-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | This entropy source can be used instead of SEED-SRC. Sample openssl.cnf configuration is provided. It is built as a separate provider, because it is likely to require less frequent updates than fips provider. The same build likely can span multiple generations of FIPS 140 standard revisions. Note that rand-instances currently chain from public/private instances to primary, prior to consuming the seed. Thus currently a unique ESV needs to be obtained, and resue of jitterentropy.a certificate is not possible as is. Separately a patch will be sent to allow for unchaining public/private RAND instances for the purpose of reusing ESV. Also I do wonder if it makes sense to create a fips variant of stock SEED-SRC entropy source, which in addition to using getrandom() also verifies that the kernel is operating in FIPS mode and thus is likely a validated entropy source. As in on Linux, check that /proc/sys/crypto/fips_enabled is set to 1, and similar checks on Windows / MacOS and so on. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24844)
* changes: add no_short_mac entryPauli2024-07-261-1/+7
| | | | | | Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> (Merged from https://github.com/openssl/openssl/pull/24917)
* Add Changes entryNeil Horman2024-07-091-0/+6
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24450)
* Fix typos found by codespellDimitri Papadopoulos2024-06-241-4/+4
| | | | | | Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Kurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/24691)
* Add CHANGES.md entry for the EC/DSA nonce generation fixesTomas Mraz2024-06-201-0/+8
| | | | | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/24660) (cherry picked from commit 72bff68f6acc4f420e283bcc77db76eb1917d7bf)
* Allow group methods to customize initialization for speedWatson Ladd2024-06-051-0/+5
| | | | | | | | | | | This commit also adds an implementation for P256 that avoids some expensive initialization of Montgomery arithmetic structures in favor of precomputation. Since ECC groups are not always cached by higher layers this brings significant savings to TLS handshakes. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22746)
* Update CHANGES.md and NEWS.md for the upcoming releaseTomas Mraz2024-06-041-0/+25
| | | | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> (Merged from https://github.com/openssl/openssl/pull/24549) (cherry picked from commit 6152b08631568551f155f9d8219298f55aef5d94)
* CHANGES.md: add an entry about newly deprecated time-related functionsAlexander Kanavin2024-05-301-0/+6
| | | | | | | | | Signed-off-by: Alexander Kanavin <alex@linutronix.de> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24307)
* Check DSA parameters for excessive sizes before validatingTomas Mraz2024-05-161-1/+16
| | | | | | | | | | | | | This avoids overly long computation of various validation checks. Fixes CVE-2024-4603 Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/24346)
* Sync up CHANGES.md with 3.3 branchTomas Mraz2024-05-161-1/+5
| | | | | | | | Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/24346)
* Document that SHAKE-128 and SHAKE-256 have no default digest lengthTomas Mraz2024-05-151-0/+10
| | | | | | Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/24105)
* Add support for integrity-only cipher suites for TLS v1.3Rajeev Ranjan2024-05-141-0/+7
| | | | | | | | | | | | | | | | | | - add test vectors for tls1_3 integrity-only ciphers - recmethod_local.h: add new member for MAC - tls13_meth.c: add MAC only to tls 1.3 - tls13_enc.c: extend function to add MAC only - ssl_local.h: add ssl_cipher_get_evp_md_mac() - s3_lib.c: add the new ciphers and add #ifndef OPENSSL_NO_INTEGRITY_ONLY_CIPHERS - ssl_ciph.c : add ssl_cipher_get_evp_md_mac() and use it - tls13secretstest.c: add dummy test function - Configure: add integrity-only-ciphers option - document the new ciphers Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22903)
* Add documentation for OSSL_LIB_CTX_set/get_conf_diagnosticsTomas Mraz2024-05-091-1/+7
| | | | | | Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24275)
* Security hardening: Expose Build flags for Position Independed Execution (PIE)Craig Lorentzen2024-05-061-0/+7
| | | | | | Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22596)
* CMP: Improvements of the support for requesting CRLRajeev Ranjan2024-05-011-4/+6
| | | | | | | Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23768)
* CMP: add support for genm with crlStatusList and genp with crlsDr. David von Oheimb2024-05-011-0/+4
| | | | | | | | | | | | | | | | Introduce the capability to retrieve and update Certificate Revocation Lists (CRLs) in the CMP client, as specified in section 4.3.4 of RFC 9483. To request a CRL update, the CMP client can send a genm message with the option -infotype crlStatusList. The server will respond with a genp message containing the updated CRL, using the -infoType id-it-crls. The client can then save the CRL in a specified file using the -crlout parameter. Co-authored-by: Rajeev Ranjan <ranjan.rajeev@siemens.com> Reviewed-by: Todd Short <todd.short@me.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23768)
* Add Attribute Certificate suport comments to CHANGES and NEWSDamian Hobson-Garcia2024-04-241-0/+6
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15857)
* Use empty renegotiate extension instead of SCSV for TLS > 1.0Tim Perry2024-04-221-0/+6
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24161)
* Make X25519 and X448 FIPS unapprovedTomas Mraz2024-04-191-0/+5
| | | | | | | | Partially fixes: #22105 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from https://github.com/openssl/openssl/pull/24099)
* apps: ca,req,x509: Add explicit start and end dates optionsStephan Wurm2024-04-091-1/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | - Added options `-not_before` (start date) and `-not-after` (end date) for explicit setting of the validity period of a certificate in the apps `ca`, `req` and `x509` - The new options accept time strings or "today" - In app `ca`, use the new options as aliases of the already existing options `-startdate` and `-enddate` - When used in apps `req` and `x509`, the end date must be >= the start date, in app `ca` end date < start date is also accepted - In any case, `-not-after` overrides the `-days` option - Added helper function `check_cert_time_string` to validate given certificate time strings - Use the new helper function in apps `ca`, `req` and `x509` - Moved redundant code for time string checking into `set_cert_times` helper function. - Added tests for explicit start and end dates in apps `req` and `x509` - test: Added auxiliary functions for parsing fields from `-text` formatted output to `tconversion.pl` - CHANGES: Added to new section 3.4 Signed-off-by: Stephan Wurm <atomisirsi@gsklan.de> Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21716)
* Sync CHANGES.md and NEWS.md with 3.3 branchTomas Mraz2024-04-091-0/+55
| | | | | | Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24034)
* Add a CHANGES.md/NEWS.md entry for the unbounded memory growth bugMatt Caswell2024-04-081-0/+19
| | | | | | | | Related to CVE-2024-2511 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24042)
* apps/req,crl: exit with 1 on verification failureVladimir Kotal2024-03-261-0/+5
| | | | | | | | Fixes #23771 Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/23773)
* Limit the number of http headers when receiving the http responseAlexandr Nedvedicky2024-03-121-0/+8
| | | | | | | | | | | | | | Change introduces a default limit on HTTP headers we expect to receive from server to 256. If limit is exceeded http client library indicates HTTP_R_RESPONSE_TOO_MANY_HDRLINES error. Application can use OSSL_HTTP_REQ_CTX_set_max_response_hdr_lines() to change default. Setting limit to 0 implies no limit (current behavior). Fixes #22264 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23781)
* Fix BIO_get_new_index() to return an error when it is exhausted.slontis2024-03-111-0/+8
| | | | | | | | | | | | | | | Fixes #23655 BIO_get_new_index() returns a range of 129..255. It is set to BIO_TYPE_START (128) initially and is incremented on each call. >= 256 is reserved for the class type flags (BIO_TYPE_DESCRIPTOR) so it should error if it reaches the upper bound. Reviewed-by: Hugo Landau <hlandau@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23732)
* Add CHANGESHugo Landau2024-03-091-0/+5
| | | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23584)
* Enable qlog support by defaultHugo Landau2024-03-061-2/+2
| | | | | | Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23744)
* Document that unknown groups and sigalgs marked with ? are ignoredTomas Mraz2024-03-061-0/+13
| | | | | | Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/23050)
* Add appropriate lower bound checks for GeneralizedTime and UTCTimeJob Snijders2024-02-251-0/+6
| | | | | | | | | | | | | | | ITU-T X.690 / ISO/IEC 8825-1 section 11.7 and section 11.8 impose specific constraints on how GeneralizedTime and UTCTime can be encoded in BER/CER/DER. Following from these constraints a minimum length can be derived. Checking the length in this context can potentially help prevent applications from interpreting an invalid GeneralizedTime as a valid UTCTime. Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23483)
* Extended SSL_SESSION functions using time_tIjtaba Hussain2024-02-211-0/+6
| | | | | | Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21206)
* Add entry to CHANGES.mdHugo Landau2024-02-191-0/+6
| | | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23535)
* Add CHANGES: Fixed SSL_export_keying_material for QUIC.Hugo Landau2024-02-141-1/+8
| | | | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23567) (cherry picked from commit a2ccaa666545c4c8dd501e6739d88b4e4d9199be)
* Amend CHANGES.md/NEWS.md to reflect DN output changesDmitry Belyavskiy2024-02-091-1/+1
| | | | | | | | Fixes #23492 Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23507)
* Add CHANGES entryHugo Landau2024-02-081-0/+6
| | | | | | | Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23360)
* QLOG: Editorial fixes (QLOG is spelled 'qlog')Hugo Landau2024-02-021-3/+3
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
* QLOG: Adjust CHANGES.md for editorial consistencyHugo Landau2024-02-021-5/+7
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
* QLOG: Add CHANGES entryHugo Landau2024-02-021-0/+9
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22037)
* Add atexit configuration option to using atexit() in libcrypto at build-time.Randall S. Becker2024-02-021-0/+7
| | | | | | | | | | | | | | | | | | | | | | | This fixes an issue with a mix of atexit() usage in DLL and statically linked libcrypto that came out in the test suite on NonStop, which has slightly different DLL unload processing semantics compared to Linux. The change allows a build configuration to select whether to register OPENSSL_cleanup() with atexit() or not, so avoid situations where atexit() registration causes SIGSEGV. INSTALL.md and CHANGES.md have been modified to include and describe this option. The no-atexit option has been added to .github/workflows/run-checker-daily.yml. Fixes: #23135 Signed-of-by: Randall S. Becker <randall.becker@nexbridge.ca> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Todd Short <todd.short@me.com> (Merged from https://github.com/openssl/openssl/pull/23394)
* Remove a CVE reference from CHANGES/NEWSMatt Caswell2024-02-011-7/+7
| | | | | | | | | master/3.2 was never vulnerable to CVE-2023-5678 since it was fixed before it was released. Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23432)
* Fix typo in CHANGES.mdIngo Franzki2024-02-011-1/+1
| | | | | | | | | | | OSSL_PKEY_PARAM_DERIVE_FROM_PQ must be OSSL_PKEY_PARAM_RSA_DERIVE_FROM_PQ (note the missing '_RSA'). Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23438)
* Update CHANGES.md and NEWS.md for new releaseMatt Caswell2024-01-301-23/+42
| | | | | | Reviewed-by: Tomas Mraz <tomas@openssl.org> Release: yes (Merged from https://github.com/openssl/openssl/pull/23421)
* Add CHANGES entryHugo Landau2024-01-231-0/+5
| | | | | | Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23343)
* Add CHANGES.md and NEWS.md entries for CVE-2023-6237Tomas Mraz2024-01-151-0/+23
| | | | | | Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23243)
* Add apps/x509 -set_issuer & -set_subject option to override issuer & subjectJob Snijders2024-01-151-0/+6
| | | | | | | | | | | | | | | | | This changeset adds the counterpart to the '-subj' option to allow overriding the Issuer. For consistency, the `-subj` option is aliased to `-set_subject`. The issuer can be specified as following apps/openssl x509 -new -set_issuer '/CN=example-nro-ta' -subj '/CN=2a7dd1d787d793e4c8af56e197d4eed92af6ba13' ... This is useful in constructing specific test-cases or rechaining PKI trees Joint work with George Michaelson (@geeohgeegeeoh) Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23257)
* Fix the encoding of SM2 keysRichard Levitte2024-01-121-0/+6
| | | | | | | | | | | | | | OpenSSL's encoding of SM2 keys used the SM2 OID for the algorithm OID where an AlgorithmIdentifier is encoded (for encoding into the structures PrivateKeyInfo and SubjectPublicKeyInfo). Such keys should be encoded as ECC keys. Fixes #22184 Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22529)
* Add CHANGES.md and NEWS.md entries for CVE-2023-6129Tomas Mraz2024-01-091-0/+21
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23200)
* Sync CHANGES.md and NEWS.md with 3.2 branchTomas Mraz2024-01-091-5/+7
| | | | | | Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23200)
* Augment RSA provider to generate CRT coefficients on EVP_PKEY_fromdata()Neil Horman2024-01-091-0/+6
| | | | | | | | | | | | | | It would be helpful to be able to generate RSA's dmp1/dmq1/iqmp values when not provided in the param list to EVP_PKEY_fromdata. Augment the provider in ossl_rsa_fromdata to preform this generation iff: a) At least p q n e and e are provided b) the new parameter OSSL_PARAM_RSA_DERIVE_PQ is set to 1 Fixes #21826 Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21875)
* Make OPENSSL_sk_push return only 0 or 1Tomas Mraz2024-01-041-0/+5
| | | | | | | | | | | | Most of the callers do not actually check for the special -1 return condition because they do not pass NULL to it. It is also extremely improbable that any code depends on this -1 return value in this condition so it can be safely changed to 0 return. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/22930)
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-30 17:36:02 +0100