summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Merge remote-tracking branch 'scott2/ben-openssl' into supplemental-data-api-2supplemental-data-api-2Ben Laurie2013-09-052-12/+36
|\ | | | | | | | | | | Conflicts: apps/s_client.c apps/s_server.c
| * Free generated supp data after handshake completion, add comment regarding ↵Scott Deboy2013-08-012-12/+36
| | | | | | | | use of num_renegotiations in TLS and supp data generation callbacks
| * More cleanup.Ben Laurie2013-08-017-32/+25
| |
| * More cleanup.Ben Laurie2013-08-013-16/+10
| |
| * Make it build.Ben Laurie2013-08-016-50/+61
| |
| * Remove end-of-line whitespace, change an int i to size_t iScott Deboy2013-07-3110-40/+36
| |
| * Merge remote-tracking branch 'openssl-github/master' into supplemental-data-apiScott Deboy2013-07-312-11/+10
| |\ | | | | | | | | | | | | | | | Conflicts: ssl/s23_clnt.c ssl/ssl_rsa.c
| * | Add callbacks supporting generation and retrieval of supplemental data ↵Scott Deboy2013-07-2425-816/+915
| | | | | | | | | | | | | | | | | | | | | | | | entries, facilitating RFC 5878 (TLS auth extensions) Removed prior audit proof logic - audit proof support was implemented using the generic TLS extension API Tests exercising the new supplemental data registration and callback api can be found in ssltest.c. Implemented changes to s_server and s_client to exercise supplemental data callbacks via the -auth argument, as well as additional flags to exercise supplemental data being sent only during renegotiation.
* | | Fix merge issue.Ben Laurie2013-09-051-2/+0
| | |
* | | More cleanup.Ben Laurie2013-09-057-32/+25
| | |
* | | More cleanup.Ben Laurie2013-09-053-16/+10
| | |
* | | Make it build.Ben Laurie2013-09-056-50/+61
| | |
* | | Remove end-of-line whitespace, change an int i to size_t iScott Deboy2013-09-0510-40/+36
| | |
* | | Add callbacks supporting generation and retrieval of supplemental data ↵Scott Deboy2013-09-0525-807/+923
| | | | | | | | | | | | | | | | | | | | | | | | entries, facilitating RFC 5878 (TLS auth extensions) Removed prior audit proof logic - audit proof support was implemented using the generic TLS extension API Tests exercising the new supplemental data registration and callback api can be found in ssltest.c. Implemented changes to s_server and s_client to exercise supplemental data callbacks via the -auth argument, as well as additional flags to exercise supplemental data being sent only during renegotiation.
* | | Document supported curve functions.Dr. Stephen Henson2013-09-031-0/+100
| | |
* | | Document -force_pubkey option.Dr. Stephen Henson2013-08-211-0/+10
| | |
* | | Correct ECDSA example.Dr. Stephen Henson2013-08-211-7/+3
| | |
* | | Correctly test for no-ec.Ben Laurie2013-08-211-1/+1
| | |
* | | Fix compile errors.Ben Laurie2013-08-211-3/+4
| | |
* | | Typo: don't call RAND_cleanup during app startup.Dr. Stephen Henson2013-08-181-1/+1
| | | | | | | | | | | | (cherry picked from commit 90e7f983b573c3f3c722a02db4491a1b1cd87e8c)
* | | Add documentation.Dr. Stephen Henson2013-08-174-0/+211
| | | | | | | | | | | | | | | Preliminary documentation for chain and verify stores and certificate chain setting functions.
* | | Don't run ECDH CMS tests if EC disabled.Dr. Stephen Henson2013-08-171-0/+20
| | |
* | | Make no-ec compilation work.Dr. Stephen Henson2013-08-179-22/+79
| | |
* | | Return 1 when setting ECDH auto mode.Dr. Stephen Henson2013-08-171-2/+2
| | |
* | | Add the server 'hang' issue to the FAQDr. Stephen Henson2013-08-141-0/+11
| | |
* | | DTLS message_sequence number wrong in rehandshake ServerHelloMichael Tuexen2013-08-132-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fix ensures that * A HelloRequest is retransmitted if not responded by a ClientHello * The HelloRequest "consumes" the sequence number 0. The subsequent ServerHello uses the sequence number 1. * The client also expects the sequence number of the ServerHello to be 1 if a HelloRequest was received earlier. This patch fixes the RFC violation.
* | | DTLS handshake fix.Michael Tuexen2013-08-081-0/+6
| | | | | | | | | | | | | | | | | | Reported by: Prashant Jaikumar <rmstar@gmail.com> Fix handling of application data received before a handshake.
* | | Fix for PEM_X509_INFO_read_bio.Kaspar Brand2013-08-061-0/+1
| | | | | | | | | | | | | | | | | | PR: 3028 Fix bug introduced in PEM_X509_INFO_bio which wouldn't process RSA keys correctly if they appeared first.
* | | Update cms docs.Dr. Stephen Henson2013-08-051-2/+16
| | |
* | | Add X9.42 DH test.Dr. Stephen Henson2013-08-051-0/+8
| | |
* | | Add X9.42 DH certificate to S/MIME testDr. Stephen Henson2013-08-052-1/+47
| | |
* | | CMS RFC2631 X9.42 DH enveloped data support.Dr. Stephen Henson2013-08-054-9/+565
| | |
* | | Add KDF for DH.Dr. Stephen Henson2013-08-058-64/+274
| | | | | | | | | | | | | | | | | | | | | | | | Add X9.42 DH KDF. Move sharedinfo generation code to CMS library as the same structure is used by DH and ECDH. Move ASN1_OBJECT typedef to ossl_typ.h so it can be picked up by dh headers without the need to use ASN1.
* | | Extend DH parameter generation support.Dr. Stephen Henson2013-08-052-2/+121
| | | | | | | | | | | | | | | Add support for DH parameter generation using DSA methods including FIPS 186-3.
* | | Enhance DH dup functions.Dr. Stephen Henson2013-08-052-22/+60
| | | | | | | | | | | | Make DHparams_dup work properly with X9.42 DH parameters.
* | | If present print j, seed and counter values for DHDr. Stephen Henson2013-08-051-0/+25
| | |
* | | Minor optimisation to KDF algorithm.Dr. Stephen Henson2013-08-051-1/+1
| | | | | | | | | | | | Don't need to use temporary buffer if remaining length equals digest length.
* | | Algorithm parameter support.Dr. Stephen Henson2013-08-054-4/+29
| | | | | | | | | | | | | | | Check and set AlgorithmIdenfier parameters for key wrap algorithms. Currently these just set parameters to NULL.
* | | crypto/evp/e_aes.c: fix logical pre-processor bug and formatting.Andy Polyakov2013-08-031-5/+11
| | | | | | | | | | | | | | | Bug would emerge when XTS is added to bsaes-armv7.pl. Pointed out by Ard Biesheuvel of Linaro.
* | | crypto/bn/asm/rsax-x86_64.pl: make it work on Darwin.Andy Polyakov2013-08-031-9/+9
| | |
* | | crypto/sha/asm/sha*-x86_64.pl: comply with Win64 ABI.Andy Polyakov2013-07-312-8/+8
| |/ |/|
* | Various custom extension fixes.Trevor Perrin2013-07-313-20/+13
|/ | | | | | Force no SSL2 when custom extensions in use. Don't clear extension state when cert is set. Clear on renegotiate.
* Add tests for ALPN functionality.Adam Langley2013-07-223-0/+174
| | | | | Conflicts: ssl/ssltest.c
* Add a no-opt 64-bit target.Ben Laurie2013-07-221-0/+1
|
* Support ALPN.Adam Langley2013-07-228-7/+432
| | | | | | | | | | | | This change adds support for ALPN[1] in OpenSSL. ALPN is the IETF blessed version of NPN and we'll be supporting both ALPN and NPN for some time yet. [1] https://tools.ietf.org/html/draft-ietf-tls-applayerprotoneg-00 Conflicts: ssl/ssl3.h ssl/t1_lib.c
* Make ecdsatest work with nonces.Dr. Stephen Henson2013-07-192-2/+10
| | | | | | | Update ecdsatest to use ECDSA_sign_setup and ECDSA_sign_ex, this avoids the nonce generation which would otherwise break the test. Reinstate ecdsatest.
* Temporarily disable ECDSA test.Dr. Stephen Henson2013-07-191-1/+1
| | | | Disable ECDSA test temporarily: it is incompatible with ECDSA nonces.
* New CMS tests.Dr. Stephen Henson2013-07-171-0/+25
| | | | Add some ECDH CMS tests.
* Scripts to recreate S/MIME test certificates.Dr. Stephen Henson2013-07-1711-205/+489
| | | | | | | Add a script to generate keys and certificates for the S/MIME and CMS tests. Update certificates and add EC examples.
* Custom key wrap option for cms utility.Dr. Stephen Henson2013-07-171-1/+17
|
View Lorry Controller Status