- Oct 20, 2013
-
-
Nick Mathewson authored
-
Nick Mathewson authored
Instead, send random bytes, unless SSL_SEND_{CLIENT,SERVER}RANDOM_MODE is set. This is a forward-port of commits: 4af79303 f4c93b46 3da721da 25832701 While the gmt_unix_time record was added in an ostensible attempt to mitigate the dangers of a bad RNG, its presence leaks the host's view of the current time in the clear. This minor leak can help fingerprint TLS instances across networks and protocols... and what's worse, it's doubtful thet the gmt_unix_time record does any good at all for its intended purpose, since: * It's quite possible to open two TLS connections in one second. * If the PRNG output is prone to repeat itself, ephemeral handshakes (and who knows what else besides) are broken.
-
Steve Marquess authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
Removing RSA+MD5 from the default signature algorithm list prevents its use by default. If a broken implementation attempts to use RSA+MD5 anyway the sanity checking of signature algorithms will cause a fatal alert. (cherry picked from commit 77a0f740d00ecf8f6b01c0685a2f858c3f65a3dd)
-
Ben Laurie authored
-
- Oct 15, 2013
-
-
Andy Polyakov authored
Suggested by: Anton Blanchard (cherry picked from commit 76c15d79)
-
Dr. Stephen Henson authored
(cherry picked from commit 6699cb84)
-
Dr. Stephen Henson authored
(cherry picked from commit f6983769c1bcd6c3c6b6bbfbbc41848f6dccf127)
-
Dr. Stephen Henson authored
(cherry picked from commit 8ba2d4ed7f128e400693562efd35985068c45e4d)
-
Dr. Stephen Henson authored
(cherry picked from commit 695e8c36528f9c3275f5f56e9633ac6a0c11f2e3)
-
- Oct 14, 2013
-
-
Andy Polyakov authored
Includes multiple updates: AES module to comply with more ABI flavors, SHA512 for PPC32, .size directives.
-
Andy Polyakov authored
PR: 3110 Submitted by Corinna Vinschen. (cherry picked from commit b3ef742c)
-
- Oct 13, 2013
-
-
Andy Polyakov authored
(cherry picked from commit 039081b8)
-
Andy Polyakov authored
Latest MIPS ISA specification declared 'branch likely' instructions obsolete. To makes code future-proof replace them with equivalent. (cherry picked from commit 0c2adb0a)
-
- Oct 12, 2013
-
-
Andy Polyakov authored
Performance improvement and Windows-specific bugfix (PR#3139).
-
- Oct 10, 2013
-
-
Andy Polyakov authored
(cherry picked from commit fa104be3)
-
- Oct 07, 2013
-
-
Ben Laurie authored
-
- Oct 05, 2013
-
-
Ben Laurie authored
-
Andy Polyakov authored
Submitted by: Yuriy Kaminskiy (cherry picked from commit 524b00c0)
-
Andy Polyakov authored
PR: 3130 (cherry picked from commit 6b2cae0c)
-
- Oct 04, 2013
-
-
Ben Laurie authored
-
Ben Laurie authored
-
Ben Laurie authored
-
- Oct 03, 2013
-
-
Ben Laurie authored
-
Andy Polyakov authored
Submitted by: Yuriy Kaminskiy (cherry picked from commit 524b00c0)
-
Andy Polyakov authored
PR: 3130 (cherry picked from commit 6b2cae0c)
-
- Oct 01, 2013
-
-
Adam Langley authored
Add tests for AEAD functions: AES-128-GCM, AES-256-GCM and ChaCha20+Poly1305.
-
Adam Langley authored
Add support for Chacha20 + Poly1305.
-
Adam Langley authored
Switches AES-GCM ciphersuites to use AEAD interfaces.
-
Adam Langley authored
This change allows AEADs to be used in ssl/ to implement SSL/TLS ciphersuites.
-
Adam Langley authored
This change adds an AEAD interface to EVP and an AES-GCM implementation suitable for use in TLS.
-
Adam Langley authored
The previous version of the function made adding AEAD changes very difficult. This change should be a semantic no-op - it should be purely a cleanup.
-
Ben Laurie authored
-
Dr. Stephen Henson authored
(cherry picked from commit dfcb42c6)
-
Ben Laurie authored
(cherry picked from commit d5605699)
-
Dr. Stephen Henson authored
(cherry picked from commit b85f8afe)
-
Dr. Stephen Henson authored
(cherry picked from commit bbc098ff)
-
Dr. Stephen Henson authored
Add some ECDH CMS tests. (cherry picked from commit 5cdc25a7)
-
Dr. Stephen Henson authored
(cherry picked from commit 75787fd8)
-