Commits · 5a6a1029d2a610188d4a3112aae1d7b55ce3f7e6 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Dec 09, 2015

EC_KEY_METHOD keygen support. · 5a6a1029

Dr. Stephen Henson authored Oct 22, 2015

Add keygen to EC_KEY_METHOD. Redirect EC_KEY_generate_key through
method and set the current EC key generation function as the default.

Reviewed-by: Richard Levitte <levitte@openssl.org>

5a6a1029

make errors · d2fa70d8
Dr. Stephen Henson authored Oct 21, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
d2fa70d8

Support for EC_KEY_METHOD. · 28572b57

Dr. Stephen Henson authored Oct 19, 2015



Add EC_KEY_METHOD. This is part of the EC revision and will make EC behave
more like other algorithms. Specifically:

EC_KEY_METHOD is part of EC_KEY.
It is part of ENGINE.
Default or key specific implementations can be provided to redirect some
or all operations.

Reviewed-by: Richard Levitte <levitte@openssl.org>

28572b57

Link library for backtrace() on BSD... · 28cbe2ab
Ben Laurie authored Dec 09, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
28cbe2ab

Dec 08, 2015

NEWS: Add a bit of precision regarding removal of cipher suites · 23fe34b4
Richard Levitte authored Dec 09, 2015
```
Suggested by Benjamin Kaduk <bkaduk@akamai.com>

Reviewed-by: Matt Caswell <matt@openssl.org>
```
23fe34b4
Additional NEWS · 6f9a3c37
Richard Levitte authored Dec 08, 2015
```
Reviewed-by: Tim Hudson <tjh@openssl.org>
```
6f9a3c37
Refer to website for acknowledgements. · ab29c82a
Rich Salz authored Dec 08, 2015
```
Reviewed-by: Steve Marquess <marquess@openssl.com>
```
ab29c82a
Not all 'find's know -xtype, use -type instead · 3cd7aef3
Richard Levitte authored Dec 08, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
3cd7aef3

Adapt the OS X build to use the OS X tar · 382af61f

Richard Levitte authored Dec 08, 2015



As part of this, move release creation to a script to be called from
.travis.yml.  That makes it much easier to test outside of travis.

Reviewed-by: Rich Salz <rsalz@openssl.org>

382af61f

Make it possible to affect the way dists are made · 4d3c30a1

Richard Levitte authored Dec 08, 2015



Introducing DISTTARVARS to propagate changed variables down to the
tar-making target.

Reviewed-by: Rich Salz <rsalz@openssl.org>

4d3c30a1

Update NEWS · d05775d7
Dr. Stephen Henson authored Dec 08, 2015
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
d05775d7
Extended master secret test script. · 42a8b3f9
Dr. Stephen Henson authored Dec 07, 2015
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
42a8b3f9
Add extms extension · b3fce9c9
Dr. Stephen Henson authored Dec 06, 2015
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
b3fce9c9

TLSProxy update · 040c8783

Dr. Stephen Henson authored Dec 08, 2015



Add function to delete extensions and fix ClientHello repacking.

Reviewed-by: Matt Caswell <matt@openssl.org>

040c8783

update errors · 41609361
Dr. Stephen Henson authored Dec 05, 2015
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
41609361

Extended master secret fixes and checks. · e7f0d921

Dr. Stephen Henson authored Dec 04, 2015



Add new flag TLS1_FLAGS_RECEIVED_EXTMS which is set when the peer sends
the extended master secret extension.

Server now sends extms if and only if the client sent extms.

Check consistency of extms extension when resuming sessions following (where
practical) RFC7627.

Reviewed-by: Matt Caswell <matt@openssl.org>

e7f0d921

Fix merge error · 686cf15e

Matt Caswell authored Dec 08, 2015

Commit 6140f036

 added some new ctrl constants. However due to a
merge error one of these values was duplicated with an existing
value.

Reviewed-by: Rich Salz <rsalz@openssl.org>

686cf15e

Add some new cipher ctrl constants · 6140f036

Dmitry Belyavskiy authored Sep 30, 2015



These are needed for GOST

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

6140f036

Cleanup the EVP_MD_CTX before exit rather than after · c376d170
Richard Levitte authored Dec 08, 2015
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
c376d170

Dec 07, 2015

Remove double semi (;) · 3cb9fd97

Richard Levitte authored Dec 08, 2015



When in the middle of declarations, some C compilers will complain.

Reviewed-by: Matt Caswell <matt@openssl.org>

3cb9fd97

Remove typedef of HMAC_CTX from crypto/hmac/hmac_lcl.h · 47abe380
Richard Levitte authored Dec 07, 2015
```
This is already defined in include/openssl/ossl_typ.h.

Reviewed-by: Matt Caswell <matt@openssl.org>
```
47abe380
Fix clang complaints about uninitialised variables. · 39d51932
Richard Levitte authored Dec 07, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
39d51932

Change tar owner and group to just 0 · b91dd150

Richard Levitte authored Dec 07, 2015



It seems like some tar versions don't like the name:id form for
--owner and --group.  The closest known anonymous user being 0 (root),
that seems to be the most appropriate user/group to assign ownership
to.  It matters very little when unpacking either way.

Reviewed-by: Rich Salz <rsalz@openssl.org>

b91dd150

Add an entry in CHANGES · 507db4c5
Richard Levitte authored Dec 01, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
507db4c5
Document EVP_MD constructors, destructors and manipulators · 706e2462
Richard Levitte authored Dec 04, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
706e2462
Document the HMAC changes · 716854d7
Richard Levitte authored Nov 30, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
716854d7
Document the EVP_MD_CTX changes · 25191fff
Richard Levitte authored Dec 01, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
25191fff
make update · b3bb7799
Richard Levitte authored Nov 27, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
b3bb7799
Cleanup: fix all sources that used HMAC_CTX_init · a87a0a6e
Richard Levitte authored Dec 02, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
a87a0a6e
Cleanup: rename HMAC_CTX_init to HMAC_CTX_reset · dc0099e1
Richard Levitte authored Dec 02, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
dc0099e1
Cleanup: support EVP_MD_CTX_(create|init|destroy) for deprecated use · e0a3a803
Richard Levitte authored Dec 02, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
e0a3a803
Cleanup: fix all sources that used EVP_MD_CTX_(create|init|destroy) · bfb0641f
Richard Levitte authored Dec 02, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
bfb0641f

Cleanup: rename EVP_MD_CTX_(create|init|destroy) to EVP_MD_CTX_(new|reset|free) · 959ed531

Richard Levitte authored Dec 02, 2015



Looking over names, it seems like we usually use names ending with
_new and _free as object constructors and destructors.  Also, since
EVP_MD_CTX_init is now used to reset a EVP_MD_CTX, it might as well be
named accordingly.

Reviewed-by: Rich Salz <rsalz@openssl.org>

959ed531

Cleanup: Remove M_EVP_MD_* macros · 67565323

Richard Levitte authored Dec 02, 2015



These macros were only meant for crypto/evp, and are now entirely
unused.

Reviewed-by: Rich Salz <rsalz@openssl.org>

67565323

Adapt the rest of the source to the removal of (EVP_MD_CTX|HMAC_CTX)_cleanup · eda34e4b
Richard Levitte authored Nov 30, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
eda34e4b

Remove HMAC_CTX_cleanup and combine its functionality into EVP_MD_CTX_init · 32fd54a9

Richard Levitte authored Nov 30, 2015



This follows the same idea as the combination of EVP_MD_CTX_cleanup
and EVP_MD_CTX_init into one function.

Reviewed-by: Rich Salz <rsalz@openssl.org>

32fd54a9

Remove EVP_MD_CTX_cleanup and put its functionality into EVP_MD_CTX_init · 74cabf3f

Richard Levitte authored Dec 01, 2015



The idea is that with EVP_MD_CTX_create() and EVP_MD_CTX_destroy(),
EVP_MD_CTX_cleanup and EVP_MD_CTX_init is not used the same as before.
Instead, we need a single function that can be used to reinitialise an
existing EVP_MD_CTX that's been created with EVP_MD_CTX_create()
previously.  Combining EVP_MD_CTX_cleanup and EVP_MD_CTX_init into
that one function is the answer.

Reviewed-by: Rich Salz <rsalz@openssl.org>

74cabf3f

Adapt the rest of the source to the opaque HMAC_CTX · bf7c6817
Richard Levitte authored Nov 30, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
bf7c6817

Make the definition of HMAC_CTX opaque · 3f43aecc

Richard Levitte authored Nov 30, 2015



This moves the definition to crypto/hmac/hmac_lcl.h.  Constructor and
destructor added, and the typedef moved to include/openssl/ossl_typ.h.

Reviewed-by: Rich Salz <rsalz@openssl.org>

3f43aecc

Add inclusion of internal/evp_int.h to all crypto/ files that need it · ab0a14bb
Richard Levitte authored Nov 30, 2015
```
These are the files that add new EVP_MDs.

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
ab0a14bb