- Feb 23, 2014
-
-
Dr. Stephen Henson authored
New flags to build certificate chains. The can be used to rearrange the chain so all an application needs to do is add all certificates in arbitrary order and then build the chain to check and correct them. Add verify error code when building chain. Update docs. (cherry picked from commit 13dc3ce9)
-
Dr. Stephen Henson authored
(cherry picked from commit daddd9a9)
-
Ben Laurie authored
-
Ben Laurie authored
-
- Feb 21, 2014
-
-
Andy Polyakov authored
(cherry picked from commit 214368ff)
-
Andy Polyakov authored
-
- Feb 20, 2014
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Rob Stradling authored
Add the RFC6962 OIDs to the objects table. (backport from master branch)
-
- Feb 18, 2014
-
-
Dr. Stephen Henson authored
(cherry picked from commit 6ecbc2bb)
-
- Feb 15, 2014
-
-
Dr. Stephen Henson authored
(cherry picked from commit f3a39032)
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
(cherry picked from commit 5a7652c3)
-
Klaus-Peter Junghanns authored
This can be used to speed up SRTP with libsrtp, e.g. on TI omap/sitara based devices. (cherry picked from commit be2c4d9b)
-
- Feb 14, 2014
-
-
Kurt Roeckx authored
If you use "-newkey rsa" it's supposed to read the default number of bits from the config file. However the value isn't used to generate the key, but it does print it's generating such a key. The set_keygen_ctx() doesn't call EVP_PKEY_CTX_set_rsa_keygen_bits() and you end up with the default set in pkey_rsa_init() (1024). Afterwards the number of bits gets read from the config file, but nothing is done with that anymore. We now read the config first and use the value from the config file when no size is given. PR: 2592 (cherry picked from commit 33432203)
-
Kurt Roeckx authored
(cherry picked from commit e547c45f)
-
Scott Schaefer authored
(cherry picked from commit 2b4ffc65)
-
Scott Schaefer authored
apps/pkcs12.c accepts -password as an argument. The document author almost certainly meant to write "-password, -passin". However, that is not correct, either. Actually the code treats -password as equivalent to -passin, EXCEPT when -export is also specified, in which case -password as equivalent to -passout. (cherry picked from commit 856c6dfb)
-
Dr. Stephen Henson authored
-
Andy Polyakov authored
(cherry picked from commit 70113432)
-
Andy Polyakov authored
(cherry picked from commit f4d45640)
-
Andy Polyakov authored
Improve CBC decrypt and CTR by ~13/16%, which adds up to ~25/33% improvement over "pre-Silvermont" version. [Add performance table to aesni-x86.pl]. (cherry picked from commit 5599c733)
-
Dr. Stephen Henson authored
as issuer and subject names. Although this is an incompatible change it should have little impact in pratice because self-issued certificates that are not self-signed are rarely encountered. (cherry picked from commit b1efb716)
-
Dr. Stephen Henson authored
When a chain is complete and ends in a trusted root checks are also performed on the TA and the callback notified with ok==1. For consistency do the same for chains where the TA is not self signed. (cherry picked from commit 385b3486)
-
Dr. Stephen Henson authored
(from master)
-
Dr. Stephen Henson authored
-
- Feb 13, 2014
-
-
Andy Polyakov authored
-
Andy Polyakov authored
(and remove duplicates).
-
Andy Polyakov authored
(cherry picked from commit 9587429f)
-
Andy Polyakov authored
(other processors unaffected). (cherry picked from commit 98e143f1)
-
- Feb 09, 2014
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
Revert libssl ordinals to OpenSSL 1.0.1 values first to tidy up and avoid entries for deleted functions.
-
Dr. Stephen Henson authored
-
Ben Laurie authored
-
Ben Laurie authored
Merge branch '102_stable_tlsext_suppdata_changes' of git://github.com/scottdeboy/openssl into scottdeboy-102_stable_tlsext_suppdata_changes
-
Scott Deboy authored
-
Ben Laurie authored
-
Ben Laurie authored
(cherry picked from commit 5eda213e) Conflicts: apps/s_client.c apps/s_server.c
-
