- May 30, 2011
-
-
Dr. Stephen Henson authored
-
- May 25, 2011
-
-
Dr. Stephen Henson authored
http://eprint.iacr.org/2011/232.pdf Thanks to the original authors Billy Bob Brumley and Nicola Tuveri for bringing this to our attention.
-
- May 20, 2011
-
-
Dr. Stephen Henson authored
Submitted by: Alexei Khlebnikov <alexei.khlebnikov@opera.com> Reviewed by: steve OOM checking. Leak in OOM fix. Fall-through comment. Duplicate code elimination.
-
- May 19, 2011
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- May 12, 2011
-
-
Dr. Stephen Henson authored
Parse certificate request message and set digests appropriately. Generate new TLS v1.2 format certificate verify message. Keep handshake caches around for longer as they are needed for client auth.
-
- May 11, 2011
-
-
Dr. Stephen Henson authored
the FIPS capable OpenSSL.
-
- May 09, 2011
-
-
Dr. Stephen Henson authored
algorithms extension (including everything we support). Swicth to new signature format where needed and relax ECC restrictions. Not TLS v1.2 client certifcate support yet but client will handle case where a certificate is requested and we don't have one.
-
- May 06, 2011
-
-
Dr. Stephen Henson authored
signature algorithms extension and correct signature format for server key exchange. All ciphersuites should now work on the server but no client support and no client certificate support yet.
-
- Apr 29, 2011
-
-
Dr. Stephen Henson authored
checking added, SHA256 PRF support added. At present only RSA key exchange ciphersuites work with TLS v1.2 as the new signature format is not yet implemented.
-
Dr. Stephen Henson authored
OPENSSL_NO_SSL_INTERN all ssl related structures are opaque and internals cannot be directly accessed. Many applications will need some modification to support this and most likely some additional functions added to OpenSSL. The advantage of this option is that any application supporting it will still be binary compatible if SSL structures change.
-
- Apr 23, 2011
-
-
Dr. Stephen Henson authored
callback. Handle case where no multiple of the block size is in the interval [min_len, max_len].
-
Dr. Stephen Henson authored
-
- Apr 18, 2011
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- Apr 15, 2011
-
-
Dr. Stephen Henson authored
-
- Apr 14, 2011
-
-
Dr. Stephen Henson authored
allow status of POST to be monitored and/or failures induced.
-
- Apr 12, 2011
-
-
Dr. Stephen Henson authored
-
- Apr 06, 2011
-
-
Dr. Stephen Henson authored
-
- Apr 05, 2011
-
-
Dr. Stephen Henson authored
now use an internal RAND_METHOD. All dependencies to OpenSSL standard PRNG are now removed: it is the applications resposibility to setup the FIPS PRNG and initalise it. Initial OpenSSL RAND_init_fips() function that will setup the DRBG for the "FIPS capable OpenSSL".
-
Dr. Stephen Henson authored
used by applications directly and the X9.31 PRNG is deprecated by new FIPS140-2 rules anyway.
-
- Mar 17, 2011
-
-
Dr. Stephen Henson authored
Fix warnings. Instantiate DRBGs at maximum strength.
-
- Mar 16, 2011
-
-
Ben Laurie authored
-
- Mar 12, 2011
-
-
Ben Laurie authored
-
- Mar 09, 2011
-
-
Dr. Stephen Henson authored
-
- Mar 08, 2011
-
-
Dr. Stephen Henson authored
-
- Mar 04, 2011
-
-
Dr. Stephen Henson authored
not working, incomplete and unused SP800-90 DRBGs for CTR and Hash modes. Did I say this was untested?
-
- Feb 21, 2011
-
-
Dr. Stephen Henson authored
-
- Feb 17, 2011
-
-
Dr. Stephen Henson authored
-
- Feb 16, 2011
-
-
Dr. Stephen Henson authored
Fixups under fips/ to make symbol renaming work.
-
- Feb 15, 2011
-
-
Dr. Stephen Henson authored
-
- Feb 14, 2011
-
-
Dr. Stephen Henson authored
of algorithm test program.
-
- Feb 12, 2011
-
-
Dr. Stephen Henson authored
-
- Feb 11, 2011
-
-
Dr. Stephen Henson authored
associated utilities. This functionality will be used by the validated tarball.
-
- Feb 09, 2011
-
-
Dr. Stephen Henson authored
-
- Feb 08, 2011
-
-
Bodo Möller authored
(CVE-2011-0014 OCSP stapling fix has been applied to HEAD as well.)
-
- Feb 07, 2011
-
-
Dr. Stephen Henson authored
broken and subject to change.
-
Dr. Stephen Henson authored
the NULL value for the input buffer is sufficient to notice this case.
-
Dr. Stephen Henson authored
cipher handles all cipher symantics itself.
-
- Feb 03, 2011
-
-
Bodo Möller authored
-