Commits · b3fce9c91eeee661be6a89803778e18ac76d05a4 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

Dec 08, 2015

Add extms extension · b3fce9c9
Dr. Stephen Henson authored Dec 06, 2015
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
b3fce9c9

Dr. Stephen Henson authored Dec 08, 2015



Add function to delete extensions and fix ClientHello repacking.

Reviewed-by: Matt Caswell <matt@openssl.org>

040c8783

update errors · 41609361
Dr. Stephen Henson authored Dec 05, 2015
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
41609361

Extended master secret fixes and checks. · e7f0d921

Dr. Stephen Henson authored Dec 04, 2015



Add new flag TLS1_FLAGS_RECEIVED_EXTMS which is set when the peer sends
the extended master secret extension.

Server now sends extms if and only if the client sent extms.

Check consistency of extms extension when resuming sessions following (where
practical) RFC7627.

Reviewed-by: Matt Caswell <matt@openssl.org>

e7f0d921

Fix merge error · 686cf15e

Matt Caswell authored Dec 08, 2015

Commit 6140f036

 added some new ctrl constants. However due to a
merge error one of these values was duplicated with an existing
value.

Reviewed-by: Rich Salz <rsalz@openssl.org>

686cf15e

Add some new cipher ctrl constants · 6140f036

Dmitry Belyavskiy authored Sep 30, 2015



These are needed for GOST

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

6140f036

Cleanup the EVP_MD_CTX before exit rather than after · c376d170
Richard Levitte authored Dec 08, 2015
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
c376d170

Dec 07, 2015

Remove double semi (;) · 3cb9fd97

Richard Levitte authored Dec 08, 2015



When in the middle of declarations, some C compilers will complain.

Reviewed-by: Matt Caswell <matt@openssl.org>

3cb9fd97

Remove typedef of HMAC_CTX from crypto/hmac/hmac_lcl.h · 47abe380
Richard Levitte authored Dec 07, 2015
```
This is already defined in include/openssl/ossl_typ.h.

Reviewed-by: Matt Caswell <matt@openssl.org>
```
47abe380
Fix clang complaints about uninitialised variables. · 39d51932
Richard Levitte authored Dec 07, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
39d51932

Change tar owner and group to just 0 · b91dd150

Richard Levitte authored Dec 07, 2015



It seems like some tar versions don't like the name:id form for
--owner and --group.  The closest known anonymous user being 0 (root),
that seems to be the most appropriate user/group to assign ownership
to.  It matters very little when unpacking either way.

Reviewed-by: Rich Salz <rsalz@openssl.org>

b91dd150

Add an entry in CHANGES · 507db4c5
Richard Levitte authored Dec 01, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
507db4c5
Document EVP_MD constructors, destructors and manipulators · 706e2462
Richard Levitte authored Dec 04, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
706e2462
Document the HMAC changes · 716854d7
Richard Levitte authored Nov 30, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
716854d7
Document the EVP_MD_CTX changes · 25191fff
Richard Levitte authored Dec 01, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
25191fff
make update · b3bb7799
Richard Levitte authored Nov 27, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
b3bb7799
Cleanup: fix all sources that used HMAC_CTX_init · a87a0a6e
Richard Levitte authored Dec 02, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
a87a0a6e
Cleanup: rename HMAC_CTX_init to HMAC_CTX_reset · dc0099e1
Richard Levitte authored Dec 02, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
dc0099e1
Cleanup: support EVP_MD_CTX_(create|init|destroy) for deprecated use · e0a3a803
Richard Levitte authored Dec 02, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
e0a3a803
Cleanup: fix all sources that used EVP_MD_CTX_(create|init|destroy) · bfb0641f
Richard Levitte authored Dec 02, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
bfb0641f

Cleanup: rename EVP_MD_CTX_(create|init|destroy) to EVP_MD_CTX_(new|reset|free) · 959ed531

Richard Levitte authored Dec 02, 2015



Looking over names, it seems like we usually use names ending with
_new and _free as object constructors and destructors.  Also, since
EVP_MD_CTX_init is now used to reset a EVP_MD_CTX, it might as well be
named accordingly.

Reviewed-by: Rich Salz <rsalz@openssl.org>

959ed531

Cleanup: Remove M_EVP_MD_* macros · 67565323

Richard Levitte authored Dec 02, 2015



These macros were only meant for crypto/evp, and are now entirely
unused.

Reviewed-by: Rich Salz <rsalz@openssl.org>

67565323

Adapt the rest of the source to the removal of (EVP_MD_CTX|HMAC_CTX)_cleanup · eda34e4b
Richard Levitte authored Nov 30, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
eda34e4b

Remove HMAC_CTX_cleanup and combine its functionality into EVP_MD_CTX_init · 32fd54a9

Richard Levitte authored Nov 30, 2015



This follows the same idea as the combination of EVP_MD_CTX_cleanup
and EVP_MD_CTX_init into one function.

Reviewed-by: Rich Salz <rsalz@openssl.org>

32fd54a9

Remove EVP_MD_CTX_cleanup and put its functionality into EVP_MD_CTX_init · 74cabf3f

Richard Levitte authored Dec 01, 2015



The idea is that with EVP_MD_CTX_create() and EVP_MD_CTX_destroy(),
EVP_MD_CTX_cleanup and EVP_MD_CTX_init is not used the same as before.
Instead, we need a single function that can be used to reinitialise an
existing EVP_MD_CTX that's been created with EVP_MD_CTX_create()
previously.  Combining EVP_MD_CTX_cleanup and EVP_MD_CTX_init into
that one function is the answer.

Reviewed-by: Rich Salz <rsalz@openssl.org>

74cabf3f

Adapt the rest of the source to the opaque HMAC_CTX · bf7c6817
Richard Levitte authored Nov 30, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
bf7c6817

Make the definition of HMAC_CTX opaque · 3f43aecc

Richard Levitte authored Nov 30, 2015



This moves the definition to crypto/hmac/hmac_lcl.h.  Constructor and
destructor added, and the typedef moved to include/openssl/ossl_typ.h.

Reviewed-by: Rich Salz <rsalz@openssl.org>

3f43aecc

Add inclusion of internal/evp_int.h to all crypto/ files that need it · ab0a14bb
Richard Levitte authored Nov 30, 2015
```
These are the files that add new EVP_MDs.

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
ab0a14bb
Adapt all engines that add new EVP_MDs · cddcea8c
Richard Levitte authored Nov 30, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
cddcea8c
Have the few apps that accessed EVP_MD directly use accessors instead · cc9d6655
Richard Levitte authored Nov 29, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
cc9d6655

Make the definition of EVP_MD opaque · 2db6bf6f

Richard Levitte authored Nov 29, 2015



This moves the definition to crypto/include/internal/evp_int.h and
defines all the necessary method creators, destructors, writers and
accessors.  The name standard for the latter is inspired from the
corresponding functions to manipulate UI methods.

Reviewed-by: Rich Salz <rsalz@openssl.org>

2db6bf6f

Adjust all accesses to EVP_MD_CTX to use accessor functions. · 6e59a892
Richard Levitte authored Nov 27, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
6e59a892
Document the changed HMAC API. · 9b6c0070
Richard Levitte authored Nov 27, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
9b6c0070

Adapt HMAC to the EVP_MD_CTX changes · fa0c23de

Richard Levitte authored Nov 27, 2015



This change required some special treatment, as HMAC is intertwined
with EVP_MD.  For now, all local HMAC_CTX variables MUST be
initialised with HMAC_CTX_EMPTY, or whatever happens to be on the
stack will be mistaken for actual pointers to EVP_MD_CTX.  This will
change as soon as HMAC_CTX becomes opaque.

Also, since HMAC_CTX_init() can fail now, its return type changes from
void to int, and it will return 0 on failure, 1 on success.

Reviewed-by: Rich Salz <rsalz@openssl.org>

fa0c23de

Have other crypto/evp files include evp_locl.h · 77a01145

Richard Levitte authored Nov 27, 2015



Note: this does not include the files in crypto/evp that are just
instanciations of EVP_MD.

Reviewed-by: Rich Salz <rsalz@openssl.org>

77a01145

Make the definition of EVP_MD_CTX opaque · 7638370c

Richard Levitte authored Nov 27, 2015



This moves the definitionto crypto/evp/evp_locl.h, along with a few
associated accessor macros.  A few accessor/writer functions added.

Reviewed-by: Rich Salz <rsalz@openssl.org>

7638370c

Do not add symlinks in the source release · 451a5bdf
Richard Levitte authored Dec 07, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
451a5bdf
In travis, build from a "source release" rather than from the build tree · 475fc3d8
Richard Levitte authored Dec 07, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
475fc3d8

Small changes to creating dists · 4a544810

Richard Levitte authored Dec 07, 2015

Make TARFILE include ../ instead of having that hard coded all over the place.
When transforming file names in TAR_COMMAND, use $(NAME) instead of openssl-$(VERSION)

Reviewed-by: Rich Salz <rsalz@openssl.org>

4a544810

Fix and update versions in CHANGES and NEWS · 5fa30720
Dr. Stephen Henson authored Dec 03, 2015
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
5fa30720