- Jul 17, 2013
-
-
Dr. Stephen Henson authored
For RSA and DSA keys return an appropriate RecipientInfo type. By setting CMS_RECIPINFO_NONE for DSA keys an appropriate error is returned if an attempt is made to use DSA with enveloped data.
-
Dr. Stephen Henson authored
Add support for ECDH in enveloped data. The CMS ctrls for the EC ASN1 method decode/encode the appropriate parameters from the CMS ASN1 data and send appropriate data to the EC public key method.
-
Dr. Stephen Henson authored
Add X9.62 KDF to EC EVP_PKEY_METHOD.
-
Dr. Stephen Henson authored
Add OIDs for KDF schemes from RFC5753 and add cross references for each type and the appropriate digest to use.
-
Dr. Stephen Henson authored
Add hooks to support key agreement recipient info type (KARI) using algorithm specific code in the relevant public key ASN1 method.
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
Add support for key wrap algorithms via EVP interface. Generalise AES wrap algorithm and add to modes, making existing AES wrap algorithm a special case. Move test code to evptests.txt
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
Keep original function names for nonce versions so we don't have to change error function codes.
-
- Jul 15, 2013
-
-
Adam Langley authored
This change updates 8a99cb29 to make the generation of (EC)DSA nonces using the message digest the default. It also reverts the changes to (EC)DSA_METHOD structure. In addition to making it the default, removing the flag from EC_KEY means that FIPS modules will no longer have an ABI mismatch.
-
- Jul 12, 2013
-
-
Andy Polyakov authored
-
Dr. Stephen Henson authored
PR #3090 Reported by: Franck Youssef <fry@open.ch> If no new reason codes are obtained after checking a CRL exit with an error to avoid repeatedly checking the same CRL. This will only happen if verify errors such as invalid CRL scope are overridden in a callback.
-
Ben Laurie authored
-
Ben Laurie authored
-
Ben Laurie authored
-
Ben Laurie authored
-
- Jul 10, 2013
-
-
Andy Polyakov authored
Submitted by: Gisle Vanem
-
- Jul 05, 2013
-
-
Andy Polyakov authored
-
Andy Polyakov authored
RT: 2582, 2850
-
Andy Polyakov authored
RT: 2582, 2850
-
Andy Polyakov authored
-
Andy Polyakov authored
-
- Jul 04, 2013
-
-
Jeff Walton authored
-
- Jul 02, 2013
-
-
Dr. Stephen Henson authored
-
- Jun 30, 2013
-
-
Andy Polyakov authored
Submitted by: Bryan Drewery PR: 3075
-
Andy Polyakov authored
-
Andy Polyakov authored
-
Andy Polyakov authored
-
- Jun 28, 2013
-
-
Trevor authored
-
Dr. Stephen Henson authored
-
- Jun 21, 2013
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
Document use of -keyopt to use RSA-PSS and RSA-OAEP modes.
-
Dr. Stephen Henson authored
Add new tests to cms-test.pl covering PSS and OAEP.
-
Dr. Stephen Henson authored
Add support for custom public key parameters in the cms utility using the -keyopt switch. Works for -sign and also -encrypt if -recip is used.
-
Dr. Stephen Henson authored
Extend RSA ASN1 method to support CMS PSS signatures for both sign and verify. For signing the EVP_PKEY_CTX parameters are read and the appropriate CMS structures set up. For verification the CMS structures are analysed and the corresponding parameters in the EVP_PKEY_CTX set. Also add RSA-OAEP support. For encrypt the EVP_PKEY_CTX parameters are used. For decrypt the CMS structure is uses to set the appropriate EVP_PKEY_CTX parameters.
-
Dr. Stephen Henson authored
Add support for customisation of CMS handling of signed and enveloped data from custom public key parameters. This will provide support for RSA-PSS and RSA-OAEP but could also be applied to other algorithms.
-
Dr. Stephen Henson authored
Add OAEP ctrls to retrieve MD and label. Return errors if an attempt is made to set or retrieve OAEP parameters when padding mode is not OAEP.
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- Jun 18, 2013
-
-
Trevor authored
serverinfo rejects non-empty extensions. Omit extension if no relevant serverinfo data. Improve error-handling in serverinfo callback. Cosmetic cleanups. s_client documentation. s_server documentation. SSL_CTX_serverinfo documentation. Cleaup -1 and NULL callback handling for custom extensions, add tests. Cleanup ssl_rsa.c serverinfo code. Whitespace cleanup. Improve comments in ssl.h for serverinfo. Whitespace. Cosmetic cleanup. Reject non-zero-len serverinfo extensions. Whitespace. Make it build.
-