- 05 Sep, 2011 5 commits
-
-
Bodo Möller authored
-
Bodo Möller authored
-
Bodo Möller authored
Submitted by: Adam Langley
-
Bodo Möller authored
-
Bodo Möller authored
-
- 26 Aug, 2011 1 commit
-
-
Dr. Stephen Henson authored
Modify fips_dssvs to support appropriate file format.
-
- 23 Aug, 2011 1 commit
-
-
Andy Polyakov authored
-
- 14 Aug, 2011 1 commit
-
-
Dr. Stephen Henson authored
using OBJ xref utilities instead of string comparison with OID name. This removes the arbitrary restriction on using SHA1 only with some ECC ciphersuites.
-
- 08 Aug, 2011 1 commit
-
-
Dr. Stephen Henson authored
-
- 03 Aug, 2011 1 commit
-
-
Dr. Stephen Henson authored
invocation field. Add complete support for AES GCM ciphersuites including all those in RFC5288 and RFC5289.
-
- 25 Jul, 2011 1 commit
-
-
Dr. Stephen Henson authored
-
- 04 Jul, 2011 1 commit
-
-
Dr. Stephen Henson authored
-
- 15 Jun, 2011 1 commit
-
-
Bodo Möller authored
into 1.0.1 should not be listed as "changes between 1.0.1 and 1.0.0". This makes the OpenSSL_1_0_1-stable and HEAD versions of this file consistent with each other (the HEAD version has the additional 1.1.0 section, but doesn't otherwise differ).
-
- 30 May, 2011 1 commit
-
-
Dr. Stephen Henson authored
-
- 25 May, 2011 1 commit
-
-
Dr. Stephen Henson authored
http://eprint.iacr.org/2011/232.pdf Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for bringing this to our attention.
-
- 20 May, 2011 1 commit
-
-
Dr. Stephen Henson authored
Submitted by: Alexei Khlebnikov <alexei.khlebnikov@opera.com> Reviewed by: steve OOM checking. Leak in OOM fix. Fall-through comment. Duplicate code elimination.
-
- 19 May, 2011 2 commits
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- 12 May, 2011 1 commit
-
-
Dr. Stephen Henson authored
Parse certificate request message and set digests appropriately. Generate new TLS v1.2 format certificate verify message. Keep handshake caches around for longer as they are needed for client auth.
-
- 11 May, 2011 1 commit
-
-
Dr. Stephen Henson authored
the FIPS capable OpenSSL.
-
- 09 May, 2011 1 commit
-
-
Dr. Stephen Henson authored
algorithms extension (including everything we support). Swicth to new signature format where needed and relax ECC restrictions. Not TLS v1.2 client certifcate support yet but client will handle case where a certificate is requested and we don't have one.
-
- 06 May, 2011 1 commit
-
-
Dr. Stephen Henson authored
signature algorithms extension and correct signature format for server key exchange. All ciphersuites should now work on the server but no client support and no client certificate support yet.
-
- 29 Apr, 2011 2 commits
-
-
Dr. Stephen Henson authored
checking added, SHA256 PRF support added. At present only RSA key exchange ciphersuites work with TLS v1.2 as the new signature format is not yet implemented.
-
Dr. Stephen Henson authored
OPENSSL_NO_SSL_INTERN all ssl related structures are opaque and internals cannot be directly accessed. Many applications will need some modification to support this and most likely some additional functions added to OpenSSL. The advantage of this option is that any application supporting it will still be binary compatible if SSL structures change.
-
- 23 Apr, 2011 2 commits
-
-
Dr. Stephen Henson authored
callback. Handle case where no multiple of the block size is in the interval [min_len, max_len].
-
Dr. Stephen Henson authored
-
- 18 Apr, 2011 2 commits
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- 15 Apr, 2011 1 commit
-
-
Dr. Stephen Henson authored
-
- 14 Apr, 2011 1 commit
-
-
Dr. Stephen Henson authored
allow status of POST to be monitored and/or failures induced.
-
- 12 Apr, 2011 1 commit
-
-
Dr. Stephen Henson authored
-
- 06 Apr, 2011 1 commit
-
-
Dr. Stephen Henson authored
-
- 05 Apr, 2011 2 commits
-
-
Dr. Stephen Henson authored
now use an internal RAND_METHOD. All dependencies to OpenSSL standard PRNG are now removed: it is the applications resposibility to setup the FIPS PRNG and initalise it. Initial OpenSSL RAND_init_fips() function that will setup the DRBG for the "FIPS capable OpenSSL".
-
Dr. Stephen Henson authored
used by applications directly and the X9.31 PRNG is deprecated by new FIPS140-2 rules anyway.
-
- 17 Mar, 2011 1 commit
-
-
Dr. Stephen Henson authored
Fix warnings. Instantiate DRBGs at maximum strength.
-
- 16 Mar, 2011 1 commit
-
-
Ben Laurie authored
-
- 12 Mar, 2011 1 commit
-
-
Ben Laurie authored
-
- 09 Mar, 2011 1 commit
-
-
Dr. Stephen Henson authored
-
- 08 Mar, 2011 1 commit
-
-
Dr. Stephen Henson authored
-
- 04 Mar, 2011 1 commit
-
-
Dr. Stephen Henson authored
not working, incomplete and unused SP800-90 DRBGs for CTR and Hash modes. Did I say this was untested?
-