- Jun 02, 2017
-
-
Matt Caswell authored
Fix undefined behaviour in curve25519.c. Prior to this running with ubsan produces errors like this: crypto/ec/curve25519.c:3871:18: runtime error: left shift of negative value -22867 [extended tests] Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3600)
-
- Jun 01, 2017
-
-
Keigo Tanaka authored
Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3456)
-
Aashil Patel authored
Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3596)
-
Rich Salz authored
Report if any non-public items are documented. Add util/private.num that lists items that aren't in the public (lib*.num) files that we do want to document. Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3603)
-
- May 31, 2017
-
-
Rich Salz authored
Thanks to Jan Alexander Steffens for finding the bug and confirming the fix. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3592)
-
Erwann Abalea authored
CLA: trivial Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3590)
-
Richard Levitte authored
This can be used by engines that need to retain the data for a longer time than just the call where this user data is passed. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3575)
-
Paul Yang authored
Reformat some indents and braces based on OpenSSL coding style spec. Signed-off-by: Paul Yang <paulyang.inf@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3586)
-
HorimotoYasuhiro authored
Fix coding style Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3581)
-
Matt Caswell authored
In a recent PR (#3566) it seems that TLSProxy gave up trying to connect to the server process too quickly. This meant the test failed even though the server *did* eventually start. Currently we try 3 times to connect with a 0.1 second pause between each attempt. That is probably too aggressive. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3587)
-
- May 30, 2017
-
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3503)
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3503)
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3503)
-
Dr. Stephen Henson authored
Add Ed25519 certificate verify test using certificate from draft-ietf-curdle-pkix-04 and custom generated root certificate. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3503)
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3503)
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3503)
-
Dr. Stephen Henson authored
Since ED25519 doesn't have an associated digest it needs custom sign/verify routines to handle ASN.1 signatures. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3503)
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3503)
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3503)
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3503)
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3503)
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3503)
-
Dr. Stephen Henson authored
Make X25519 key method more flexible by removing hard coding of NID_X25519 OID. Since the parameters and key syntax between ED25519 and X25519 are almost identical they can share a lot of common code. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3503)
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3503)
-
Dr. Stephen Henson authored
Rename and change ED25519_keypair_from_seed to ED25519_public_from_private to be consistent with X25519 API. Modidy ED25519_sign to take separate public key argument instead of requiring it to follow the private key. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3503)
-
Dr. Stephen Henson authored
Reinstate Ed25519 algorithm to curv25519.c this is largely just a copy of the code from BoringSSL with some adjustments so it compiles under OpenSSL. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3503)
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3503)
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3503)
-
Dr. Stephen Henson authored
Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3503)
-
Andy Polyakov authored
...as discussed in section 2.2 of "Keccak implementation overview". [skip ci] Reviewed-by: Rich Salz <rsalz@openssl.org>
-
Andy Polyakov authored
This targets 32-bit processors and is discussed in section 2.1 of "Keccak implementation overview". Reviewed-by: Rich Salz <rsalz@openssl.org>
-
- May 29, 2017
-
-
Rich Salz authored
Require a comma between every name and a single space before the dash Reviewed-by: Kurt Roeckx <kurt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3559)
-
Marek Klein authored
Reviewed-by: Kurt Roeckx <kurt@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3538)
-
Thijs Wenker authored
The version number 3 means version 4, while 2 means version 3. Since this is the v3nametest, version 3 should be used. CLA: Trivial Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3577)
-
- May 28, 2017
-
-
Richard Levitte authored
It turned out to be a bad idea. This reverts commits 6891a79d and c27bc746 . Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3576)
-
Richard Levitte authored
Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3574)
-
- May 27, 2017
-
-
Richard Levitte authored
Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3573)
-
Josh Soref authored
Unfortunately it affects error code macros in public cms.h header, for which reason misspelled names are preserved for backward compatibility. Reviewed-by: Andy Polyakov <appro@openssl.org> Reviewed-by: Kurt Roeckx <kurt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3463)
-
- May 26, 2017
-
-
Matt Caswell authored
Issue #3562 describes a problem where a race condition can occur in the Proxy such that a test "ok" line can appear in the middle of other text causing the test harness to miss it. The issue is that we do not wait for the client process to finish after the test is complete, so that process may continue to write data to stdout/stderr at the same time that the test harness does. This commit fixes TLSProxy so that we always wait for the client process to finish before continuing. Fixes #3562 Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3567)
-
Matt Caswell authored
Commit 9bfeeef8 made some function parameters const. This actually broke the pyca-cryptography tests. The discussion in #3360 considers this to actually be a problem with pyca-cryptography not an OpenSSL issue (they replicate some of our header file contents which then causes function prototype mismatches). This commit updates the pyca-cryptography version to pull in their fix for this issue and make our external tests pass again. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3569)
-