Matt Caswell [Fri, 19 Dec 2025 11:49:25 +0000 (11:49 +0000)]
Cleanup the EVP_MD structure
Remove fields that are no longer needed.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29460)
Matt Caswell [Fri, 19 Dec 2025 11:32:23 +0000 (11:32 +0000)]
Remove legacy method deadcode for EVP_MD implementations
Remove the legacy EVP_MD implementation functions. These are no longer
used due to providers. This code is now unreachable due to the removal of
the functions related to custom EVP_MD methods.
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29460)
Richard Levitte [Sat, 3 Jan 2026 12:19:49 +0000 (13:19 +0100)]
Fix util/mkinstallvars.pl to treat LIBDIR and libdir correctly
OpenSSL's build file (Makefile) handles library directories via two
variables, 'LIBDIR' and 'libdir', where the former is empty when the
path given through ./Configure's '--libdir' is absolute.
This was forgotten when treating the resulting values in,
util/mkinstallvars.pl, which got libdir in exporters/libcrypto.pc
to not be quite right if .Configure was called with a '--libdir'
with an absolute path.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29540)
Bernd Edlinger [Mon, 5 Jan 2026 13:27:15 +0000 (14:27 +0100)]
Fix a possible crash in ASN1_generate_nconf
Due to an out of memory error, the i2d_ASN1_TYPE might fail
and cause a segfault.
This adds a missing check for NULL pointer and a test case
that exercises IMPLICIT and EXPLICT tagging in generate_v3,
since there was no test coverage at all for this code section.
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
MergeDate: Thu Jan 8 10:13:43 2026
(Merged from https://github.com/openssl/openssl/pull/29545)
Remove unused ossl_crypto_ex_data_get_ossl_lib_ctx() and memdbg_lock.
Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com>
MergeDate: Thu Jan 8 10:08:08 2026
(Merged from https://github.com/openssl/openssl/pull/29500)
Anton Moryakov [Wed, 29 Oct 2025 18:21:39 +0000 (21:21 +0300)]
apps: ocsp.c: fix null dereference in ocsp_response
Report of the static analyzer:
Function 'OCSP_cert_to_id' may return NULL on allocation failure,
but its return value is dereferenced in 'OCSP_id_issuer_cmp'
without prior NULL check at ocsp.c:1088. This can lead to a null
pointer dereference and cause a segmentation fault, resulting
in a denial-of-service (DoS) condition. Although such failures
are rare, an attacker could potentially trigger them under memory
pressure. All other calls to 'OCSP_cert_to_id' in the codebase
(e.g., add_ocsp_cert, add_ocsp_serial) properly check for NULL,
making this instance a clear omission.
Correct explained:
Added a NULL check after calling OCSP_cert_to_id() when creating
'ca_id' inside the issuer lookup loop. If the allocation fails, the
function now safely returns an internal error response instead of
risking a crash. This change aligns the code with existing
error-handling patterns in the same file and improves robustness
against resource exhaustion attacks.
Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Frederik Wedel-Heinen <fwh.openssl@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
MergeDate: Thu Jan 8 09:01:09 2026
(Merged from https://github.com/openssl/openssl/pull/29033)
Andreas Aigner [Wed, 12 Jun 2024 07:27:36 +0000 (09:27 +0200)]
Remove unused Data::Dumper from cmake exporter
* Remove additional dependency for old build boxes (in particular centos)
CLA: trivial
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
MergeDate: Thu Jan 8 08:55:10 2026
(Merged from https://github.com/openssl/openssl/pull/24632)
Neil Horman [Mon, 5 Jan 2026 18:26:53 +0000 (13:26 -0500)]
Add new test test_base64_simdutf to .gitignore file
the test_base64_simdutf test is commonly built but not ignored by our
.gitignore file, fix that up
Fixes #29529
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org> Reviewed-by: Paul Yang <paulyang.inf@gmail.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/29551)
Neil Horman [Sun, 4 Jan 2026 22:42:33 +0000 (17:42 -0500)]
prevent large latency in base64_simdutf test
The base64_simdutf test has a printf statement inside a double for loop
that causes a huge amount of latency when run under our perl scripts.
Average run time on my system is about 1min 58 seconds.
We shouldn't be using a printf statement there anyway (likely TEST_info
instead), but we don't need that either, so just remove the printf
entirely. This decreases the run time to around a second to complete.
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org> Reviewed-by: Paul Yang <paulyang.inf@gmail.com> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/29542)
test: use runtime FIPS detection instead of compile-time check
Replace #ifdef FIPS_MODULE with OSSL_PROVIDER_available() runtime check
in ecdsatest.c. The compile-time check is not meaningful for test cases
as the test binary may be compiled without FIPS_MODULE but run with the
FIPS provider loaded.
Fixes #28255
CLA: trivial
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/29527)
apps.c: fix next_item() to correctly handle space(s) before comma separators
* Modified the parsing logic to handle space-followed-by-comma patterns
* Updated the separator skipping logic to process at most one comma while allowing multiple spaces
* Added a test case with a mixed DNS and IP SAN entry that includes the problematic spacing pattern
Bernd Edlinger [Sun, 4 Jan 2026 18:52:15 +0000 (19:52 +0100)]
Fix a memory leak in sctp code
There is a memory leak of the addrinfo struct when
`./openssl s_server -dtls -sctp -accept 127.0.0.1:4433`
is used, but `sysctl -w net.sctp.auth_enable=1`
is not done before.
Additionally this fixes an oversight, when
`./openssl s_client -dtls -sctp -connect localhost:4433`
is used to connect to above server.
The first connect attempt is to IPv6 ::1, which might fail,
but the second attempt might still succeed, so continue to
try all addesses even when the SCTP socket fails for one of them.
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Yang <paulyang.inf@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29541)
Neil Horman [Wed, 31 Dec 2025 14:19:42 +0000 (09:19 -0500)]
Fix dead code/constant expression in simdutf test
Coverity issues:
https://scan5.scan.coverity.com/#/project-view/60762/10222?selectedIssue=1677828
and
https://scan5.scan.coverity.com/#/project-view/60762/10222?selectedIssue=1677827
caught some dead code in the simdutf test.
The total variable is defined as an int, which is tested against <=
INT_MAX, and > INT_MAX, which will always be true, and false
respectively, making the <= test needless, and the condition the latter
bounds dead code
Clean that up.
Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29525)
With recent changes, evp_encodeblock_int may return a negative value,
which EVP_EncodeFinal does not anticipate. As the latter sets out[ret]
to "\0" where ret is the return value of evp_encodeblock_int, we may
underflow the array index and access invalid memory locations.
Only update the output buffer if the return value is greater or equal to
zero.
Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29525)
ret is incremented by inl in b64_write prior to being tested for zero.
Since inl is previously tested for being <= 0, and returns if it is, ret
must be at least 1 during the test, making the trinary test dead code.
Just return -1 here.
Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29525)
Bob Beck [Fri, 21 Nov 2025 00:06:11 +0000 (17:06 -0700)]
Remove the ASN1_STRING_FLAG_X509_TIME flag
It's only use was to do some somewhat confused cruftery
inside of ossl_asn1_time_to_tm as a special case to
implement ASN1_TIME_set_string_X509.
As it turns out, you don't need the cruftery of a special
case inside of ossl_asn1_time_to_tm to implement this
function, so the flag is completely unnecessary.
This removes flag, and simplifies this to work without it.
It removes the cruft only from ossl_asn1_time_to_tm,
minimally. This function really needs some cleanup and
makes my eyes bleed but I am resisting the temptation
to do that with this PR and making this a the minimal
change needed for review. I will clean up that function
in a follow on pr.
As tests on the behaviour of ASN1_TIME_set_string_X509
were added with it, Beyonce dances happily for me and I
only need to pass the existing tests, not write as bunch
of new ones.. .
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29187)
Neil Horman [Wed, 31 Dec 2025 21:38:21 +0000 (16:38 -0500)]
Fix register save/restore issue in ppc
Recently, the addition of some vector register save restore logic from:
https://github.com/openssl/openssl/pull/28990
Triggered an issue in our quic_multistream_test, notably causing a
connection shutdown with error code 1, rather than successful
completion.
The problem has been root caused to an error in how the ppc aes code
saves and restores vector registers.
The aes gcm code uses VSR instructions (vsldoi, etc), to maniuplate
vector registers, which only operate on the upper half of the vector
register file (VS32-63), and operands are implicitly offset to do this.
(i.e. <instr> v31 actually operates on register vs63).
However, the SAVE/RESTORE macros which save and restore those values use
stxv/lxv instructions to do the save and restore, which are VSX
instructions that have access to the full vector register file, and so
by restoring V1, rather than V33, etc, we actuall restore values to the
wrong registers, causing various issues (most notably the above
misconfiguration of the quic SSL shutdown event, which sets the error
code erroneously to 1 instead of the expected 0 value).
Fix it by offsetting the SAVE_REGS and RESTORE_REGS macros to reference
the proper registers when doing save and restore.
Fixes #29516
Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29528)
609bob [Fri, 19 Dec 2025 02:27:06 +0000 (10:27 +0800)]
bss_acpt.c: Free strings returned from previous BIO_ADDR_hostname_string() calls
CLA: trivial
Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Frederik Wedel-Heinen <fwh.openssl@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29452)
zhoulu [Fri, 19 Dec 2025 02:08:02 +0000 (10:08 +0800)]
SM4-CBC performance improvement on RISC-V
Modify the IV update method to further improve the performance of
SM4-CBC encryption on the RISC-V architecture.
Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29451)
xxcui [Sat, 29 Nov 2025 01:56:10 +0000 (09:56 +0800)]
SM3: Performance optimized with RISC-V Vector Crypto
RISC-V Cryptographic Vector Extension provides ZVK instructions which
can be used to accelerate SM3 computing.
By calculating SHA512 performance on C930 FPGA, it is proven that sm3
speed is improved from 120695K to 323844K.
Reviewed-by: Paul Yang <paulyang.inf@gmail.com> Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/29264)
fengpengbo [Fri, 19 Dec 2025 03:00:59 +0000 (11:00 +0800)]
This PR performs further optimization based on the already merged "Implement Montgomery multiplication assembly optimization for RV64GC" (#28012).
The key improvements include:code formatting unification、instruction scheduling optimization、register allocation strategy update、updates to addition/subtraction carry and borrow flag handling.
These enhancements aim to improve both the code maintainability and its execution performance, particularly on out-of-order RISC-V cores.
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/29438)
Add check for the return value of BIO_new() to avoid NULL pointer dereference.
Fixes: fd19fc4c27 ("Test that a key is usable after an EVP_PKEY_fromdata call") Signed-off-by: Jiasheng Jiang <jiashengjiangcool@gmail.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Frederik Wedel-Heinen <fwh.openssl@gmail.com> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/27994)
Neil Horman [Sun, 21 Dec 2025 19:40:45 +0000 (14:40 -0500)]
Add ci test to run against minimal gcc version we support
We currently support gcc 9 as a minimum compiler version. We should run
at least one ci job against that minimal version to make sure we don't
break anything.
Most notably this will help us catch errors if we attempt to use
intrinsics that aren't supported by that compiler.
Reviewed-by: Paul Yang <paulyang.inf@gmail.com> Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/29482)
fengpengbo [Thu, 18 Dec 2025 06:45:39 +0000 (14:45 +0800)]
Fix register usage comment in ARMv8 Montgomery sqr asm.
In the bn_sqr8x_mont function, a comment describing the accumulation step for the partial product a[1]*a[0] incorrectly referenced the low part ('lo') of the product. The value being added to the temporary register t[2] is actually the high part ('hi') of that multiplication.
Correct the comment from "t[2]+lo(a[1]*a[0])" to "t[2]+hi(a[1]*a[0])".
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/29436)
Andrew Dinh [Tue, 16 Dec 2025 20:44:18 +0000 (00:44 +0400)]
Add no-ssl3 back as a no-op
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Paul Yang <paulyang.inf@gmail.com> Reviewed-by: Saša Nedvědický <sashan@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29338)
Andrew Dinh [Mon, 22 Sep 2025 08:50:42 +0000 (18:50 +1000)]
Allow enabling deprecated flags that haven't been removed yet
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29338)
Andrew Dinh [Mon, 8 Sep 2025 13:43:01 +0000 (23:43 +1000)]
Deprecate SSL3 Configure flags
Show a deprecated warning if users attempt to run Configure script with
no-ssl3, no-ssl, or no-ssl3-method. Also adds a fix to the Configure
script preventing users from enabling deprecated flags.
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29338)
Andrew Dinh [Thu, 11 Sep 2025 07:06:59 +0000 (17:06 +1000)]
Rename SSL3 error codes to TLS equivalents
Updated error code names and references from SSL3 to TLS in error definitions and error strings. Legacy error codes are preserved in sslerr_legacy.h for backward compatibility
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29338)
Bob Beck [Mon, 29 Sep 2025 21:16:33 +0000 (15:16 -0600)]
Constify return value of X509_get_X509_PUBKEY()
You really should not be mutating this.
Part of #28654 Fixes: https://github.com/openssl/project/issues/1771 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/29428)
Bob Beck [Mon, 29 Sep 2025 21:32:39 +0000 (15:32 -0600)]
Constify the return value of X509_get0_pubkey_bitstr()
Part of #28654 Fixes: https://github.com/openssl/project/issues/1772 Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/29434)
Norbert Pocs [Sat, 20 Dec 2025 14:17:27 +0000 (15:17 +0100)]
Interop: c_rehash was removed; don't look for it
Signed-off-by: Norbert Pocs <norbertp@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29474)
xxcui [Sat, 29 Nov 2025 01:46:04 +0000 (09:46 +0800)]
SHA512 performance optimized by RISCV RVV
This patch is dedicated to improve SHA512 speed with RISCV
Cryptographic Vector Extension.
Below performance output is calculated by Xuantie C930 FPGA with VLEN256.
- sha512 speed might be improved from 197032K to 1010986KB
Reviewed-by: Paul Yang <paulyang.inf@gmail.com> Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/29263)
Tomas Mraz [Thu, 18 Dec 2025 16:07:44 +0000 (17:07 +0100)]
Remove BIO_f_reliable() as it is broken
It was broken since the OpenSSL 3.0 release and
nobody complained. Apparently nobody is using it.
It would be practically impossible to reimplement
it with the provided EVP_MDs in backwards-compatible
manner.
Fixes #29413
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29445)
Sashan [Tue, 16 Dec 2025 09:50:53 +0000 (10:50 +0100)]
Update doc/man3/OPENSSL_init_crypto.pod
Co-authored-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29385)
Sashan [Mon, 15 Dec 2025 15:33:35 +0000 (16:33 +0100)]
Update NEWS.md
Co-authored-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29385)
Sashan [Mon, 15 Dec 2025 15:33:17 +0000 (16:33 +0100)]
Update CHANGES.md
Co-authored-by: Matt Caswell <matt@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29385)
sashan [Mon, 15 Dec 2025 10:34:13 +0000 (11:34 +0100)]
- update NEWS.md
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29385)
sashan [Mon, 15 Dec 2025 09:57:59 +0000 (10:57 +0100)]
- fix CHANGES.md style
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29385)
sashan [Mon, 15 Dec 2025 09:56:57 +0000 (10:56 +0100)]
- fix .cstyle
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29385)
libcrypto does not arm OPENSSL_cleanup() function as atexit(3) handler by default.
If application/user wants libcrypto to install OPENSSL_cleanup() as atexit handler,
then OPENSSL_ATEXIT_CLEANUP env. variable must be set.
If platform's libc does not provide atexit(3), then OPENSSL_ATEXIT_CLEANUP has no effect.
The OPENSSL_atexit() is wrapper of atexit(3) provided by libc now.
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29385)
Norbert Pocs [Wed, 17 Dec 2025 20:04:53 +0000 (21:04 +0100)]
win-makefile.tmpl: Fix program install check
When the array is empty then copy.pl fails, because there is nothing to
copy. The empty check was done on a different variable.
Signed-off-by: Norbert Pocs <norbertp@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29427)
Norbert Pocs [Wed, 17 Dec 2025 16:28:06 +0000 (17:28 +0100)]
Remove the c_rehash script
The `openssl rehash` should be used instead.
Signed-off-by: Norbert Pocs <norbertp@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29427)
Richard Levitte [Thu, 18 Dec 2025 13:11:30 +0000 (14:11 +0100)]
test/run_tests.pl: Ensure that all HARNESS_VERBOSE values are respected
... with perl truthiness in mind
Most of all, this means not having undue expectations that its value
is numerical (this is particularly true when HARNESS_VERBOSE isn't given
by the user, and this script's default is "yes").
We do this by ensuring that $tap_verbosity is turned into an appropriate
number if HARNESS_VERBOSE's value isn't numerical.
Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29443)
Danny Tsen [Thu, 23 Oct 2025 20:51:05 +0000 (16:51 -0400)]
ppc64le: Restore VSX registers in AES/GCM ppc64le encrypt/decrypt
The implementation failed to restore VSX vector registers from vs14-vs22.
Re-implemented based on Linux kernel version.
Fixes #28961
Signed-off-by: Danny Tsen <dtsen@us.ibm.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28990)
Milan Broz [Tue, 16 Dec 2025 10:53:27 +0000 (11:53 +0100)]
Add engine stubs test
This test tries to use all stub macros and compare return values
to verify that OPENSSL_ENGINE_STUBS define works.
Fixes openssl/project#1762
Signed-off-by: Milan Broz <gmazyland@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Norbert Pocs <norbertp@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29414)
Milan Broz [Tue, 16 Dec 2025 13:34:14 +0000 (14:34 +0100)]
Remove ossl_err_load_ENGINE_strings from stubs
This was an internal function and should not be here.
Signed-off-by: Milan Broz <gmazyland@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Norbert Pocs <norbertp@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29414)
Milan Broz [Tue, 16 Dec 2025 11:41:09 +0000 (12:41 +0100)]
Fix stub definitions for no-deprecated config
Used types are only available if OPENSSL_NO_DEPRECATED_3_0
is not defined.
Signed-off-by: Milan Broz <gmazyland@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Norbert Pocs <norbertp@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29414)
Milan Broz [Tue, 16 Dec 2025 10:52:47 +0000 (11:52 +0100)]
Fix typo in engine.h stub
Signed-off-by: Milan Broz <gmazyland@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Norbert Pocs <norbertp@openssl.org> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29414)
Simo Sorce [Mon, 15 Dec 2025 16:23:57 +0000 (11:23 -0500)]
Harden digest context deserialization
The deserialization functions for SHA2 and SHA3 digest contexts did not
sufficiently validate the incoming data. Corruption in transmission or
on saved disk data could cause a out-of-bounds memory access if buffer
sizes did not match expected values.
Add sanity checks to the SHA2 and SHA3 deserialization functions to validate
buffer-related fields before they are used. The serialization format for these
digests has been changed to place these critical fields early in the stream to
enable this validation.
Additionally, add a note to the EVP_DigestInit man page to warn users that
deserialization should only be performed on trusted data. The checks we
implement are not meant to address processing of untrusted data
maliciously crafted by an attacker.
Application that need to store data or transmit it through untrusted
media SHOULD implement proper encryption and message authentication
on their own using things like CMS or other appropriate secure message
containers.
These check have been added also to quiet a bit security researchers
that try to find any way to claim CVE bounties even in completely
unlikely or invalid scenarios.
Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/29404)
The "Verify-Message" type looks for private keys only,
which meant anything using a public key got skipped.
Changed the entries to "Verify-Message-Public" which tries the public
key first.
This uncovered one test that needed to be removed since ECDSA-MD5 is not
a valid fetchable algorithm (in any OpenSSL provider).
Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28040)
Richard Levitte [Thu, 18 Dec 2025 08:52:11 +0000 (09:52 +0100)]
Use 'codespell:ignore' where justifiable
There's this one random string where we have the word "Hellow". It's a
random string, "correct" spelling is really not important, so we tell
codespell to just ignore that line.
Reviewed-by: Norbert Pocs <norbertp@openssl.org> Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29437)
Bob Beck [Fri, 14 Nov 2025 20:36:56 +0000 (13:36 -0700)]
Add new public API for checking certificate times.
Fixes: #1631
This changes the previously internal ossl_x509_check_certificate_times()
to be the public X509_check_certificate_times(). It adds documentation
for the new function and marks X509_cmp_time, X509_cmp_timeframe,
and X509_cmp_current_time as deprecated in 4.0, as discussed in #1631.
Since the function is now public, we can replace the remaining
uses of deprecated stuff with this function.
Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29152)
Weizhi Ao [Thu, 11 Dec 2025 13:06:23 +0000 (21:06 +0800)]
Fix silent failure in ASYNC_start_job when size is 0
When ASYNC_start_job is called with args != NULL but size == 0,
OPENSSL_malloc(0) is called. Depending on the libc implementation,
malloc(0) may return NULL, causing a silent failure.
This patch modifies the logic to skip allocation if size is 0.
CLA: trivial
Reviewed-by: Norbert Pocs <norbertp@openssl.org> Reviewed-by: Saša Nedvědický <sashan@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29377)
Matthias Kraft [Wed, 10 Dec 2025 16:02:54 +0000 (17:02 +0100)]
Ensure path to libcrypto can be resolved on AIX.
On AIX, the environment of the test executable for test_includes doesn't
contain a resolvable search path to the just built libcrypto. Setup
LIBPATH to point to the build results.
Fixes #29352.
Signed-off-by: Matthias Kraft <Matthias.Kraft@ibm.com> Reviewed-by: Simo Sorce <simo@redhat.com> Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29375)
Matt Caswell [Fri, 12 Dec 2025 16:26:14 +0000 (16:26 +0000)]
Add removed EVP_PKEY_meth* functions to ossl-removed-api.pod
Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Yang <paulyang.inf@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/29384)
Matt Caswell [Fri, 12 Dec 2025 16:12:48 +0000 (16:12 +0000)]
Remove all EVP_PKEY_meth_* functions from the documentation
These functions have been removed so the documentation should be updated
accordingly.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Yang <paulyang.inf@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/29384)
Matt Caswell [Fri, 12 Dec 2025 12:01:56 +0000 (12:01 +0000)]
Clean up some final vistigial remnants of EVP_PKEY_METHOD
We retain the opaque type because it is still used by the ENGINE stubs.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Yang <paulyang.inf@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/29384)
Matt Caswell [Thu, 11 Dec 2025 16:14:13 +0000 (16:14 +0000)]
Remove references to the pmeth field in an EVP_PKEY_CTX
We don't set this field anymore so we should remove all usage of it.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Yang <paulyang.inf@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/29384)
Matt Caswell [Thu, 11 Dec 2025 16:05:05 +0000 (16:05 +0000)]
Delete the EC EVP_PKEY_METHOD
It is no longer used so can be removed
Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Yang <paulyang.inf@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/29384)
Matt Caswell [Thu, 11 Dec 2025 16:01:56 +0000 (16:01 +0000)]
Delete the DSA EVP_PKEY_METHOD
It is no longer used so can be removed
Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Yang <paulyang.inf@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/29384)
Matt Caswell [Thu, 11 Dec 2025 15:58:53 +0000 (15:58 +0000)]
Delete the RSA EVP_PKEY_METHOD
It is no longer used so can be removed
Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Yang <paulyang.inf@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/29384)
Matt Caswell [Thu, 11 Dec 2025 15:54:54 +0000 (15:54 +0000)]
Delete the ECX EVP_PKEY_METHOD
It is no longer used so can be removed
Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Yang <paulyang.inf@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/29384)
Matt Caswell [Thu, 11 Dec 2025 15:44:15 +0000 (15:44 +0000)]
Delete the DH EVP_PKEY_METHOD
It is no longer used so can be removed
Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Yang <paulyang.inf@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/29384)
Matt Caswell [Thu, 11 Dec 2025 12:29:29 +0000 (12:29 +0000)]
Remove custom EVP_PKEY_METHODs
We retain custom EVP_PKEY_ASN1_METHODs for now - to be removed in some
subsequent PR.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Yang <paulyang.inf@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/29384)
projects / thirdparty / openssl.git / log
