Commits · 7c283d9e9727e9e2b85cb5f780384c3a74f7dd3f · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

17 Jan, 2013 1 commit
- add option to get a certificate or CRL from a URL · 7c283d9e
  Dr. Stephen Henson authored Dec 02, 2012
  
  7c283d9e
16 Jan, 2013 1 commit
- print out issuer and subject unique identifier fields in certificates · 2aa3ef78
  Dr. Stephen Henson authored Jun 12, 2012
  
  2aa3ef78
15 Jan, 2013 6 commits
- add wrapper function for certificate download · 1c0964e8
  Dr. Stephen Henson authored Nov 29, 2012
  
  1c0964e8
- Generalise OCSP I/O functions to support dowloading of other ASN1 · 5c8d41be
  Dr. Stephen Henson authored Nov 29, 2012
```
structures using HTTP. Add wrapper function to handle CRL download.
```
  5c8d41be
- Update default dependency flags. · b2866403
  Dr. Stephen Henson authored Jan 15, 2013
  
  b2866403
- make update · 75a8ff92
  Dr. Stephen Henson authored Jan 15, 2013
  
  75a8ff92
- Add support for broken protocol tests (backport from master branch) · 50b5966e
  Dr. Stephen Henson authored Jan 15, 2013
  
  50b5966e
- Make whitespace consistent with master branch. · 8eb4456f
  Dr. Stephen Henson authored Jan 15, 2013
  
  8eb4456f
13 Jan, 2013 1 commit
- Fix some clang warnings. · 24c45fab
  Ben Laurie authored Jan 13, 2013
  
  24c45fab
12 Jan, 2013 1 commit
- Correct EVP_PKEY_verifyrecover to EVP_PKEY_verify_recover (RT 2955). · 010ac38a
  Ben Laurie authored Jan 12, 2013
  
  010ac38a
07 Jan, 2013 2 commits
- In FIPS mode use PKCS#8 format when writing private keys: · 1c25ed5d
  Dr. Stephen Henson authored Jan 07, 2013
```
traditional format uses MD5 which is prohibited in FIPS mode.
```
  1c25ed5d
- Change default bits to 1024 · bf1d32e5
  Dr. Stephen Henson authored Jan 07, 2013
  
  bf1d32e5
06 Jan, 2013 2 commits
- Add .gitignore from master branch. · 6c86b697
  Dr. Stephen Henson authored Jan 06, 2013
  
  6c86b697
- Fix warning. · 72dfff2d
  Ben Laurie authored Jan 06, 2013
  
  72dfff2d
30 Dec, 2012 5 commits
- add support for separate verify can chain stores to s_client (backport from HEAD) · 3341b820
  Dr. Stephen Henson authored Dec 30, 2012
  
  3341b820
- add -chain options to s_client (backrpot from HEAD) · ede5f6cf
  Dr. Stephen Henson authored Dec 30, 2012
  
  ede5f6cf
- make no-comp compile · 321a9fea
  Dr. Stephen Henson authored Dec 30, 2012
  
  321a9fea
- stop warning when compiling with no-comp · 2e00f46b
  Dr. Stephen Henson authored Dec 30, 2012
  
  2e00f46b
- remove unused cipher functionality from s_client · 8c3f8689
  Dr. Stephen Henson authored Dec 30, 2012
  
  8c3f8689
29 Dec, 2012 5 commits
- Update debug-steve* options. · d03cc94f
  Dr. Stephen Henson authored Dec 29, 2012
  
  d03cc94f
- make JPAKE work again, fix memory leaks · 5477ff9b
  Dr. Stephen Henson authored Dec 29, 2012
  
  5477ff9b
- update ordinals · 46b11600
  Dr. Stephen Henson authored Dec 29, 2012
  
  46b11600
- Delegate command line handling for many common options in s_client/s_server to · 15387e4c
  Dr. Stephen Henson authored Dec 29, 2012
```
the SSL_CONF APIs.

This is complicated a little because the SSL_CTX structure is not available
when the command line is processed: so just check syntax of commands initially
and store them, ready to apply later.

(backport from HEAD)
```
  15387e4c
- add SSL_CONF functions and documentation (backport from HEAD) · 49ef33fa
  Dr. Stephen Henson authored Dec 29, 2012
  
  49ef33fa
26 Dec, 2012 16 commits
- Update ordinals. · 11663235
  Dr. Stephen Henson authored Dec 26, 2012
  
  11663235
- Portability fix: use BIO_snprintf and pick up strcasecmp alternative · 29113688
  Dr. Stephen Henson authored Dec 26, 2012
```
definitions from e_os.h
```
  29113688
- typo · 44c97074
  Dr. Stephen Henson authored Dec 26, 2012
  
  44c97074
- SSL/TLS record tracing code (backport from HEAD). · bc200e69
  Dr. Stephen Henson authored Dec 26, 2012
  
  bc200e69
- Reject zero length ec point format list. · a08f8d73
  Dr. Stephen Henson authored Dec 26, 2012
```
Give more meaningful error is attempt made to use incorrect curve.

(from HEAD)
```
  a08f8d73
- handle point format list retrieval for clients too (from HEAD) · b52f12b3
  Dr. Stephen Henson authored Dec 26, 2012
  
  b52f12b3
- Add support for printing out and retrieving EC point formats extension. · 78b5d89d
  Dr. Stephen Henson authored Dec 26, 2012
```
(backport from HEAD)
```
  78b5d89d
- return error if Suite B mode is selected and TLS 1.2 can't be used. · b79df62e
  Dr. Stephen Henson authored Dec 26, 2012
```
(backport from HEAD)
```
  b79df62e
- set auto ecdh parameter selction for Suite B · e3c76874
  Dr. Stephen Henson authored Dec 26, 2012
```
(backport from HEAD)
```
  e3c76874
- add Suite B 128 bit mode offering only combination 2 · 4347394a
  Dr. Stephen Henson authored Dec 26, 2012
```
(backport from HEAD)
```
  4347394a
- Use client version when deciding which cipher suites to disable. · 53bb7238
  Dr. Stephen Henson authored Dec 26, 2012
```
(backport from HEAD)
```
  53bb7238
- Use default point formats extension for server side as well as client · 684a2264
  Dr. Stephen Henson authored Dec 26, 2012
```
side, if possible.

Don't advertise compressed char2 for SuiteB as it is not supported.
(backport from HEAD)
```
  684a2264
- add Suite B verification flags · fde8dc17
  Dr. Stephen Henson authored Dec 26, 2012
  
  fde8dc17
- contify · 3c87a2bd
  Dr. Stephen Henson authored Dec 26, 2012
```
(backport from HEAD)
```
  3c87a2bd
- Add ctrl and utility functions to retrieve raw cipher list sent by client in · 1520e6c0
  Dr. Stephen Henson authored Dec 26, 2012
```
client hello message. Previously this could only be retrieved on an initial
connection and it was impossible to determine the cipher IDs of any uknown
ciphersuites.
(backport from HEAD)
```
  1520e6c0
- new ctrl to retrive value of received temporary key in server key exchange... · 2001129f
  Dr. Stephen Henson authored Dec 26, 2012
```
new ctrl to retrive value of received temporary key in server key exchange message, print out details in s_client
(backport from HEAD)
```
  2001129f