Monthly Status Report (March 2021)

[Tomas Mraz]

My key activities this month were:

- triage of newly reported issues and responding to questions
- participation on the meetings
- participated on the openssl-1.1.1k security release by reviewing
  and doing the CVE-2021-3450 fix

- reviews of various PRs:
  - I've reviewed about 90 PRs this month
  - Major PRs reviewed:
    - Stop using EVP_PKEY in encoders and decoders #14314
    - Make 'tests' depend on a generated 'providers/fipsmodule.cnf'
#14320
    - Add testing for non-default library context into evp_extra_test
#14478
    - ESS for TSP and CAdES-BES: Correct logic of
ts_check_signing_certs() relating cert IDs to chain members #14503
    - KDF life-cycle documentation #14522
    - Fix Coverity resource leaks #14596
    - Fix DER reading from stdin for BIO_f_readbuffer #14599
    - HTTP: Fix method_POST param by moving it to
OSSL_HTTP_REQ_CTX_set_request_line() #14699

- submitted 31 PRs:
  - In particular:
    - TODO cleanups in test, ssl, and providers directories #14367
    - Another set of TODO 3.0 cleanups - this time mostly in crypto
#14404
    - CI: add job with external tests (temporarily krb5 and gost_engine
only) #14416
    - Change default algorithms in PKCS12_create() and PKCS12_set_mac()
#14450
    - Do not call RAND_get0_public from within the FIPS provider
initialization #14497
    - Make EVP_PKEY_missing_parameters work properly on provided RSA
keys #14511
    - Added functions for printing EVP_PKEYs to FILE * #14577
    - Implement EVP_PKEY_dup() function #14624
    - EVP_PKCS82PKEY: Create provided keys if possible #14659
    - Cleanups related to legacy nid support #14703
    - Add "save-parameters" encoder parameter #14746
    - Provider side decoder API documentation #14756

-- 
Tomáš Mráz
No matter how far down the wrong road you've gone, turn back.
                                              Turkish proverb
[You'll know whether the road is wrong if you carefully listen to your
conscience.]