Closed
Conversation
slontis
force-pushed
the
cms_provider_support
branch
from
997f81a to
ea412b3
Compare
slontis
changed the title
slontis
added
the
approval: review pending
slontis
changed the title
This was referenced May 24, 2020
bukka
reviewed
May 25, 2020
bukka
reviewed
May 25, 2020
bukka
reviewed
May 25, 2020
bukka
reviewed
May 25, 2020
mattcaswell
requested changes
May 26, 2020
slontis
force-pushed
the
cms_provider_support
branch
from
add6f89 to
1569e32
Compare
Member
Author
|
This should be ready for review again. |
Member
Author
|
ping |
2 tasks
slontis
changed the title
Member
Author
slontis
force-pushed
the
cms_provider_support
branch
from
ddc936d to
7c23c9b
Compare
slontis
changed the title
Member
Author
|
@mattcaswell |
mattcaswell
requested changes
Aug 4, 2020
slontis
force-pushed
the
cms_provider_support
branch
from
7c23c9b to
45d3347
Compare
Member
Author
|
I had to search for with_libctx to fix up all the indentation and documentation. Hopefully I got them all now. |
Member
Author
|
The last 5 commits are the fix ups after a rebase. |
Member
Author
|
Looks like fuzzing test is generally broken at the moment. |
openssl-machine
pushed a commit
that referenced
this pull request
Aug 9, 2020
-Public PKCS7 methods that create a PKCS7 object now have variants that also add a libctx and propq. This includes PKCS7_new_with_libctx(), PKCS7_sign_with_libctx() and PKCS7_encrypt_with_libctx() -Added SMIME_read_PKCS7_ex() so that a created PKCS7 object can be passed to the read. -d2i_PKCS7_bio() has been modified so that after it loads the PKCS7 object it then resolves any subobjects that require the libctx/propq (such as objects containing X509 certificates). Reviewed-by: Matt Caswell <[email protected]> (Merged from #11884)
openssl-machine
pushed a commit
that referenced
this pull request
Aug 9, 2020
…o they use a libctx to retrieve the digest Reviewed-by: Matt Caswell <[email protected]> (Merged from #11884)
openssl-machine
pushed a commit
that referenced
this pull request
Aug 9, 2020
Code is now correctly included in the fips provider. Reviewed-by: Matt Caswell <[email protected]> (Merged from #11884)
openssl-machine
pushed a commit
that referenced
this pull request
Aug 9, 2020
Reviewed-by: Matt Caswell <[email protected]> (Merged from #11884)
openssl-machine
pushed a commit
that referenced
this pull request
Aug 9, 2020
-Added EVP_SignFinal_with_libctx() and EVP_VerifyFinal_with_libctx() -Renamed EVP_DigestSignInit_ex() and EVP_DigestVerifyInit_with_libctx() to EVP_DigestSignInit_with_libctx() and EVP_DigestVerifyInit_with_libctx() Reviewed-by: Matt Caswell <[email protected]> (Merged from #11884)
openssl-machine
pushed a commit
that referenced
this pull request
Aug 9, 2020
A DHX related test has been commented out and TODO(3) added, until DHX is added correctly to a provider. Added generated files. Reviewed-by: Matt Caswell <[email protected]> (Merged from #11884)
openssl-machine
pushed a commit
that referenced
this pull request
Aug 9, 2020
Reviewed-by: Matt Caswell <[email protected]> (Merged from #11884)
Member
Author
|
Thanks for reviewing. Finally merged to master. |
swenkeratmicrosoft
pushed a commit
to swenkeratmicrosoft/openssl
that referenced
this pull request
Sep 1, 2020
-Public CMS methods that create a CMS_ContentInfo object now have variants that also add a libctx and propq. This includes CMS_ContentInfo_new_with_libctx(), CMS_sign_with_libctx(), CMS_data_create_with_libctx(), CMS_digest_create_with_libctx(), CMS_EncryptedData_encrypt_with_libctx(), CMS_EnvelopedData_create_with_libctx(). -Added CMS_ReceiptRequest_create0_with_libctx(). -Added SMIME_read_CMS_ex() so that a new CMS_ContentInfo object (created using CMS_ContentInfo_new_with_libctx()) can be passed to the read. -d2i_CMS_bio() has been modified so that after it loads the CMS_ContentInfo() it then resolves any subobjects that require the libctx/propq (such as objects containing X509 certificates). Reviewed-by: Matt Caswell <[email protected]> (Merged from openssl#11884)
swenkeratmicrosoft
pushed a commit
to swenkeratmicrosoft/openssl
that referenced
this pull request
Sep 1, 2020
This should only be called during (or right after) using d2iXXX on a object that contains embedded certificate(s) that require a non default library context. X509_new_with_libctx() should be used if possible. Reviewed-by: Matt Caswell <[email protected]> (Merged from openssl#11884)
swenkeratmicrosoft
pushed a commit
to swenkeratmicrosoft/openssl
that referenced
this pull request
Sep 1, 2020
Added SMIME_write_ASN1_with_libctx() since it fetches rand internally. Added SMIME_read_CMS_ex() so that a created object (CMS_ContentInfo) can be passed to the read. Reviewed-by: Matt Caswell <[email protected]> (Merged from openssl#11884)
swenkeratmicrosoft
pushed a commit
to swenkeratmicrosoft/openssl
that referenced
this pull request
Sep 1, 2020
-Public PKCS7 methods that create a PKCS7 object now have variants that also add a libctx and propq. This includes PKCS7_new_with_libctx(), PKCS7_sign_with_libctx() and PKCS7_encrypt_with_libctx() -Added SMIME_read_PKCS7_ex() so that a created PKCS7 object can be passed to the read. -d2i_PKCS7_bio() has been modified so that after it loads the PKCS7 object it then resolves any subobjects that require the libctx/propq (such as objects containing X509 certificates). Reviewed-by: Matt Caswell <[email protected]> (Merged from openssl#11884)
swenkeratmicrosoft
pushed a commit
to swenkeratmicrosoft/openssl
that referenced
this pull request
Sep 1, 2020
…o they use a libctx to retrieve the digest Reviewed-by: Matt Caswell <[email protected]> (Merged from openssl#11884)
swenkeratmicrosoft
pushed a commit
to swenkeratmicrosoft/openssl
that referenced
this pull request
Sep 1, 2020
Code is now correctly included in the fips provider. Reviewed-by: Matt Caswell <[email protected]> (Merged from openssl#11884)
swenkeratmicrosoft
pushed a commit
to swenkeratmicrosoft/openssl
that referenced
this pull request
Sep 1, 2020
Reviewed-by: Matt Caswell <[email protected]> (Merged from openssl#11884)
swenkeratmicrosoft
pushed a commit
to swenkeratmicrosoft/openssl
that referenced
this pull request
Sep 1, 2020
-Added EVP_SignFinal_with_libctx() and EVP_VerifyFinal_with_libctx() -Renamed EVP_DigestSignInit_ex() and EVP_DigestVerifyInit_with_libctx() to EVP_DigestSignInit_with_libctx() and EVP_DigestVerifyInit_with_libctx() Reviewed-by: Matt Caswell <[email protected]> (Merged from openssl#11884)
swenkeratmicrosoft
pushed a commit
to swenkeratmicrosoft/openssl
that referenced
this pull request
Sep 1, 2020
A DHX related test has been commented out and TODO(3) added, until DHX is added correctly to a provider. Added generated files. Reviewed-by: Matt Caswell <[email protected]> (Merged from openssl#11884)
swenkeratmicrosoft
pushed a commit
to swenkeratmicrosoft/openssl
that referenced
this pull request
Sep 1, 2020
Reviewed-by: Matt Caswell <[email protected]> (Merged from openssl#11884)
2 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Checklist