Commits · ea11c6e92090078319e606d5639b7a81bdd57897 · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

11 Dec, 2015 8 commits
- make update, missed file · ea11c6e9
  Richard Levitte authored Dec 11, 2015
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
  ea11c6e9
- Use SHA256 not MD5 as default digest. · f8547f62
  Rich Salz authored Jun 13, 2015
```
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
```
  f8547f62
- make update · 6ebe8dac
  Richard Levitte authored Dec 11, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  6ebe8dac
- Adapt EVP tests to the opaque EVP_ENCODE_CTX · 254b26af
  Richard Levitte authored Dec 11, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  254b26af
- Adapt PEM routines to the opaque EVP_ENCODE_CTX · 601ab315
  Richard Levitte authored Dec 11, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  601ab315
- Adapt BIO_f_base64 to the opaque EVP_ENCODE_CTX · b518d2d5
  Richard Levitte authored Dec 11, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  b518d2d5
- Make EVP_ENCODE_CTX opaque · a0be4fd1
  Richard Levitte authored Dec 11, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  a0be4fd1
- Fix OCB link · 1ee3b17f
  Matt Caswell authored Dec 10, 2015
```
The link to the OCB patent pdf changed, so the link in CHANGES needs to be
updated.

Reviewed-by: Rich Salz <rsalz@openssl.org>
```
  1ee3b17f
10 Dec, 2015 25 commits

Support the TLS Feature (aka Must Staple) X.509v3 extension (RFC7633). · ba67253d

Rob Stradling authored Dec 04, 2015



Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

GH: #495, MR: #1435

ba67253d

Restore full support for EVP_CTX_create() etc. · f8137a62

Viktor Dukhovni authored Dec 10, 2015



Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

f8137a62

Prepare for 1.1.0-pre2-dev · 278d6b36
Matt Caswell authored Dec 10, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
278d6b36
Prepare for 1.1.0-pre1 release · 22c21b60
Matt Caswell authored Dec 10, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
OpenSSL_1_1_0-pre1

22c21b60
OpenSSL 1.1.0 is now in pre release · ac7f47dc
Matt Caswell authored Dec 10, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
ac7f47dc
make update · b0cae88c
Matt Caswell authored Dec 10, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
b0cae88c
Don't run rehash as part of building the openssl app · e7986647
Richard Levitte authored Dec 10, 2015
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
e7986647

Update CHANGES and NEWS for alpha release · 7c314196

Matt Caswell authored Dec 10, 2015



Misc updates to the CHANGES and NEWS files ready for the alpha release.

Reviewed-by: Richard Levitte <levitte@openssl.org>

7c314196

Ensure |rwstate| is set correctly on BIO_flush · 67f60be8

Matt Caswell authored Nov 04, 2015

A BIO_flush call in the DTLS code was not correctly setting the |rwstate|
variable to SSL_WRITING. This means that SSL_get_error() will not return
SSL_ERROR_WANT_WRITE in the event of an IO retry.

Reviewed-by: Richard Levitte <levitte@openssl.org>

67f60be8

Fix DTLS handshake fragment retries · 2ad226e8

Matt Caswell authored Nov 03, 2015



If using DTLS and NBIO then if a second or subsequent handshake message
fragment hits a retry, then the retry attempt uses the wrong fragment
offset value. This commit restores the fragment offset from the last
attempt.

Reviewed-by: Richard Levitte <levitte@openssl.org>

2ad226e8

evp/e_aes.c: wire hardware-assisted block function to OCB. · 02dc0b82
Andy Polyakov authored Dec 08, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
02dc0b82
x86[_64] assembly pack: add optimized AES-NI OCB subroutines. · bd30091c
Andy Polyakov authored Dec 02, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
bd30091c

Fix mkfiles for new directories · 2fb5535e

Matt Caswell authored Dec 10, 2015



Add the new chacha and poly1305 directories to mkfiles.pl to enable proper
building on windows.

Reviewed-by: Andy Polyakov <appro@openssl.org>

2fb5535e

Add a return value check · 330dcb09

Matt Caswell authored Nov 11, 2015



If the call to OBJ_find_sigid_by_algs fails to find the relevant NID then
we should set the NID to NID_undef.

Reviewed-by: Richard Levitte <levitte@openssl.org>

330dcb09

modes/ocb128.c: fix overstep. · 44bf7119
Andy Polyakov authored Dec 02, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
44bf7119
make update. · c7b5b9f4
Andy Polyakov authored Dec 10, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
c7b5b9f4
Configure: make no-chacha and no-poly1305 work. · 48f14845
Andy Polyakov authored Dec 09, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
48f14845
Wire ChaCha20-Poly1305 to TLS. · a76ba82c
Andy Polyakov authored Dec 09, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
a76ba82c
evp/c_allc.c: wire ChaCha20-Poly1305 and add tests. · bd3385d8
Andy Polyakov authored Dec 09, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
bd3385d8
test/evp_test.c: allow generic AEAD ciphers to be tested. · eb85cb86
Andy Polyakov authored Dec 09, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
eb85cb86
crypto/evp: add e_chacha20_poly1305.c. · bd989745
Andy Polyakov authored Dec 09, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
bd989745

evp/evp_enc.c: allow EVP_CIPHER.ctx_size to be 0. · f6b94279

Andy Polyakov authored Dec 09, 2015



In such case it would be EVP_CIPHER.cleanup's reponsibility to wipe
EVP_CIPHEX_CTX.cipher_data.

Reviewed-by: Richard Levitte <levitte@openssl.org>

f6b94279

Add ChaCha20-Poly1305 and ChaCha20 NIDs. · 72bb2f64
Andy Polyakov authored Dec 09, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
72bb2f64

Add reference ChaCha20 and Poly1305 implementations. · 7dcb2186

Andy Polyakov authored Dec 09, 2015



Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>

7dcb2186

make default_ec_key_meth static · a0ffedaf
Dr. Stephen Henson authored Dec 10, 2015
```
Reviewed-by: Rich Salz <rsalz@openssl.org>
```
a0ffedaf

09 Dec, 2015 7 commits
- remove deleted directories from mkfiles.pl · 59ff61f3
  Dr. Stephen Henson authored Dec 09, 2015
```
Reviewed-by: Matt Caswell <matt@openssl.org>
```
  59ff61f3
- Fix warnings about unused variables when EC is disabled. · 60f43e9e
  Richard Levitte authored Dec 09, 2015
```
Reviewed-by: Stephen Henson <steve@openssl.org>
```
  60f43e9e
- Move the definitions of EC_KEY and EC_KEY_METHOD to ossl_typ.h · f8d3ab49
  Richard Levitte authored Dec 09, 2015
```
Most of all, that has inclusion of openssl/engine.h work even if EC
has been disabled.  This is the same as has been done for DH, DSA, RSA
and more...

Reviewed-by: Stephen Henson <steve@openssl.org>
```
  f8d3ab49
- add CHANGES and NEWS entry · 5e030525
  Dr. Stephen Henson authored Dec 09, 2015
```
Todo: update documentation.

Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  5e030525
- remove ECDSA error line · 8b8689ae
  Dr. Stephen Henson authored Dec 09, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  8b8689ae
- add compatibility headers · 970e7b5b
  Dr. Stephen Henson authored Dec 09, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  970e7b5b
- Use NULL comparison · 91e7bcc2
  Dr. Stephen Henson authored Dec 09, 2015
```
Reviewed-by: Richard Levitte <levitte@openssl.org>
```
  91e7bcc2