mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-02-23 14:42:15 +08:00
Code Issues Packages Projects Releases Wiki Activity
340fe504e4
openssl/crypto
History
Lutz Jaenicke 178696d602 X509: Add "code sign" as purpose for verification of certificates 
Code signing certificates have other properties as for example described in
CA Browser Forum documents. This leads to "unsupported certificate purpose" errors when
verifying signed objects.
This patch adds the purpose "codesign" to the table in X.509 certificate verification and
the verification parameter "code_sign" to X509_VERIFY_PARAM.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18567)
2022-08-18 10:24:53 +02:00
..
aes Fix aarch64 signed bit shift issue found by UBSAN 2022-07-19 12:14:33 +02:00
aria Change loops conditions to make zero loop risk more obvious. 2022-05-24 14:11:20 +10:00
asn1 Handle SMIME_crlf_copy return code 2022-07-28 10:05:59 +01:00
async Update copyright year 2022-05-03 13:34:51 +01:00
bf Rename x86-32 assembly files from .s to .S. 2022-05-24 13:16:06 +10:00
bio Fix asan finding in bio_addr 2022-08-12 16:13:13 +01:00
bn Fix memory leak in BN_rand_range() 2022-08-17 18:42:14 +02:00
buffer Update copyright year 2021-06-17 13:24:59 +01:00
camellia Rename x86-32 assembly files from .s to .S. 2022-05-24 13:16:06 +10:00
cast Rename x86-32 assembly files from .s to .S. 2022-05-24 13:16:06 +10:00
chacha Add ROTATE inline RISC-V zbb/zbkb asm for chacha 2022-07-13 18:15:12 +01:00
cmac Fix the incorrect checks of EVP_CIPHER_CTX_set_key_length 2022-05-27 07:57:43 +02:00
cmp Add OSSL_CMP_CTX_get0_validatedSrvCert(), correcting OSSL_CMP_validate_msg() 2022-07-20 11:40:37 +02:00
cms Check that IV length is not less than zero 2022-08-01 08:14:23 +01:00
comp Fix coverity 1493364 & 1493375: unchecked return value 2021-11-08 08:55:32 +10:00
conf Avoid crashing if CONF_modules_unload() is called after OPENSSL_cleanup() 2022-07-01 11:20:51 +02:00
crmf crmf_lib.c: Make sure Ed signature for POPO is called without digest 2022-05-05 09:52:27 +02:00
ct CTLOG_new_ex: Fix copy&paste error when setting propq 2022-06-02 12:08:12 +02:00
des Add ROTATE inline RISC-V zbb/zbkb asm for DES 2022-08-15 12:04:19 +10:00
dh Use as small dh key size as possible to support the security 2022-07-18 08:06:17 +01:00
dsa Coverity: fix 1506297: negative returns 2022-07-01 16:36:21 +10:00
dso Update copyright year 2022-05-03 13:34:51 +01:00
ec Fix EC_KEY_set_private_key() priv_key regression 2022-08-04 12:17:06 +03:00
encode_decode "Reserve" the method store when constructing methods 2022-07-20 07:28:17 +01:00
engine Add deprecation macro for 3.1 and deprecate OPENSSL_LH_stats 2022-06-22 09:36:14 +02:00
err RSA keygen update: Raise an error if no prime candidate q is found. 2022-06-13 10:56:31 +02:00
ess
evp Fix bug in EVP_CIPHER_CTX_get_iv_length() 2022-08-03 12:25:24 +10:00
ffc ossl_ffc_params_copy: Copy the keylength too 2022-07-18 08:06:17 +01:00
hmac Adapt other parts of the source to the changed EVP_Q_digest() and EVP_Q_mac() 2021-06-23 23:00:36 +02:00
http http_client.c: 2nd fix for calculation of Content-Length in set1_content() 2022-07-14 10:19:33 +02:00
idea
kdf
lhash Add deprecation macro for 3.1 and deprecate OPENSSL_LH_stats 2022-06-22 09:36:14 +02:00
md2
md4
md5 Rename x86-32 assembly files from .s to .S. 2022-05-24 13:16:06 +10:00
mdc2
modes Fix GHASH-ASM implementation on s390x 2022-08-09 10:52:08 +01:00
objects add a check for the return of OBJ_new_nid() 2022-07-13 11:26:30 +10:00
ocsp Update copyright year 2022-05-03 13:34:51 +01:00
pem Fixes segfault occurrence in PEM_write() 2022-07-29 12:39:02 +10:00
perlasm x86asm: Generate endbr32 based on __CET__. 2022-05-24 13:16:06 +10:00
pkcs7 Handle SMIME_crlf_copy return code 2022-07-28 10:05:59 +01:00
pkcs12 Fix memleak in PKCS12_pbe_crypt_ex() 2022-07-18 10:19:11 +02:00
poly1305 Generate the preprocessed .s files for chacha and poly 1305 on ia64 2022-05-27 08:10:49 +02:00
property property: make cache flushing slight less deterministic 2022-08-10 12:03:54 +01:00
rand Pre-declare all core dispatch table functions, and fix the internal ones 2022-07-13 07:56:51 +02:00
rc2
rc4 Rename x86-32 assembly files from .s to .S. 2022-05-24 13:16:06 +10:00
rc5 Rename x86-32 assembly files from .s to .S. 2022-05-24 13:16:06 +10:00
ripemd Rename x86-32 assembly files from .s to .S. 2022-05-24 13:16:06 +10:00
rsa Fix memory leak in ossl_rsa_fromdata. 2022-06-28 17:07:53 +02:00
seed Update copyright year 2021-06-17 13:24:59 +01:00
sha Fix SHA, SHAKE, and KECCAK ASM flag passing 2022-07-11 09:28:19 +10:00
siphash Update copyright year 2022-05-03 13:34:51 +01:00
sm2 Remove duplicated #include headers 2022-05-04 13:46:10 +10:00
sm3 Add ROTATE inline asm support for SM3 2022-06-22 12:46:50 +02:00
sm4 Update copyright year 2022-05-03 13:34:51 +01:00
srp fix some code with obvious wrong coding style 2021-10-28 13:10:46 +10:00
stack Fix Coverity 1493746: constant expression result 2021-11-17 08:15:35 +10:00
store "Reserve" the method store when constructing methods 2022-07-20 07:28:17 +01:00
ts Update copyright year 2022-05-03 13:34:51 +01:00
txt_db
ui Fix the check of UI_method_set_ex_data 2022-05-27 07:57:43 +02:00
whrlpool Rename x86-32 assembly files from .s to .S. 2022-05-24 13:16:06 +10:00
x509 X509: Add "code sign" as purpose for verification of certificates 2022-08-18 10:24:53 +02:00
alphacpuid.pl
arm64cpuid.pl Update copyright year 2022-05-03 13:34:51 +01:00
arm_arch.h Fix aarch64 signed bit shift issue found by UBSAN 2022-07-19 12:14:33 +02:00
armcap.c Apply the AES-GCM unroll8 optimization patch to Neoverse N2 2022-05-23 11:05:51 +10:00
armv4cpuid.pl
asn1_dsa.c
bsearch.c
build.info Add sparse array to libssl 2022-07-06 10:33:11 +10:00
c64xpluscpuid.pl
context.c Update copyright year 2022-05-03 13:34:51 +01:00
core_algorithm.c "Reserve" the method store when constructing methods 2022-07-20 07:28:17 +01:00
core_fetch.c "Reserve" the method store when constructing methods 2022-07-20 07:28:17 +01:00
core_namemap.c Add deprecation macro for 3.1 and deprecate OPENSSL_LH_stats 2022-06-22 09:36:14 +02:00
cpt_err.c err: add additional errors 2022-01-12 20:10:21 +11:00
cpuid.c Update copyright year 2022-05-03 13:34:51 +01:00
cryptlib.c Update copyright year 2022-05-03 13:34:51 +01:00
ctype.c tolower: refine the tolower code to avoid a memory access 2022-05-23 09:51:28 +10:00
cversion.c
der_writer.c der_writer: Use uint32_t instead of long. 2022-06-27 10:58:40 +02:00
dllmain.c Update copyright year 2022-05-03 13:34:51 +01:00
ebcdic.c
ex_data.c
getenv.c Update copyright year 2022-05-03 13:34:51 +01:00
ia64cpuid.S
info.c Update copyright year 2022-05-03 13:34:51 +01:00
init.c Avoid reusing the init_lock for a different purpose 2022-06-15 09:45:51 +02:00
initthread.c Update copyright year 2022-05-03 13:34:51 +01:00
LPdir_nyi.c
LPdir_unix.c Update copyright year 2022-05-03 13:34:51 +01:00
LPdir_vms.c
LPdir_win32.c
LPdir_win.c
LPdir_wince.c
mem_clr.c
mem_sec.c Fix UWP builds by defining VirtualLock 2022-07-26 12:35:40 +01:00
mem.c CRYPTO_mem_debug_push() and CRYPTO_mem_debug_pop() should return 0 2022-08-17 12:57:48 +02:00
mips_arch.h
o_dir.c Update copyright year 2022-05-03 13:34:51 +01:00
o_fopen.c Update copyright year 2022-05-03 13:34:51 +01:00
o_init.c Update copyright year 2022-05-03 13:34:51 +01:00
o_str.c strcasecmp: implement strcasecmp and strncasecmp 2022-05-23 09:51:28 +10:00
o_time.c
packet.c QUIC Frame Encoding and Decoding Functions 2022-07-29 16:28:37 +10:00
param_build_set.c Update copyright year 2022-05-03 13:34:51 +01:00
param_build.c Update copyright year 2022-05-03 13:34:51 +01:00
params_dup.c Update copyright year 2022-05-03 13:34:51 +01:00
params_from_text.c Allow sign extension in OSSL_PARAM_allocate_from_text() 2021-11-24 19:18:19 +01:00
params.c Update copyright year 2022-05-03 13:34:51 +01:00
pariscid.pl
passphrase.c Update copyright year 2022-05-03 13:34:51 +01:00
ppccap.c Update copyright year 2022-05-03 13:34:51 +01:00
ppccpuid.pl Update copyright year 2022-05-03 13:34:51 +01:00
provider_child.c For child libctx / provider, don't count self-references in parent 2022-05-05 15:06:11 +02:00
provider_conf.c Update copyright year 2022-05-03 13:34:51 +01:00
provider_core.c Coverity 1503321 & 1503327: dereference after null check 2022-07-20 16:22:00 +10:00
provider_local.h make struct provider_info_st a full type 2021-06-24 14:48:15 +01:00
provider_predefined.c make struct provider_info_st a full type 2021-06-24 14:48:15 +01:00
provider.c Correctly activate the provider in OSSL_PROVIDER_try_load 2021-11-12 17:16:14 +00:00
punycode.c Move more general parts of internal/cryptlib.h to new internal/common.h 2021-11-17 15:48:37 +01:00
quic_vlint.c QUIC wire format support 2022-05-27 08:00:52 +02:00
README-sparse_array.md
riscv64cpuid.pl Add basic RISC-V cpuid and OPENSSL_riscvcap 2022-05-19 16:32:49 +10:00
riscvcap.c Add basic RISC-V cpuid and OPENSSL_riscvcap 2022-05-19 16:32:49 +10:00
s390x_arch.h Update copyright year 2022-05-03 13:34:51 +01:00
s390xcap.c s390: Add new machine generation 2022-04-12 13:04:57 +02:00
s390xcpuid.pl
self_test_core.c Update copyright year 2022-05-03 13:34:51 +01:00
sparccpuid.S
sparcv9cap.c Split bignum code out of the sparcv9cap.c 2021-07-15 09:33:04 +02:00
sparse_array.c Coverity 1507376: Dereference after null check 2022-07-22 14:42:13 +02:00
threads_lib.c
threads_none.c
threads_pthread.c Update copyright year 2022-05-03 13:34:51 +01:00
threads_win.c VC++ 2008 or earlier x86 compilers do not have an inline implementation of InterlockedOr64 for 32bit and will fail to run on Windows XP 32bit. 2022-08-12 10:30:02 +01:00
trace.c http_client.c: Dump response on error when tracing is enabled 2022-05-30 22:43:44 +02:00
uid.c Openssl fails to compile on Debian with kfreebsd kernels 2021-09-02 10:02:32 +10:00
vms_rms.h
x86_64cpuid.pl
x86cpuid.pl