- Aug 17, 2013
-
-
Dr. Stephen Henson authored
Preliminary documentation for chain and verify stores and certificate chain setting functions.
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
- Aug 14, 2013
-
-
Dr. Stephen Henson authored
-
- Aug 13, 2013
-
-
Michael Tuexen authored
This fix ensures that * A HelloRequest is retransmitted if not responded by a ClientHello * The HelloRequest "consumes" the sequence number 0. The subsequent ServerHello uses the sequence number 1. * The client also expects the sequence number of the ServerHello to be 1 if a HelloRequest was received earlier. This patch fixes the RFC violation.
-
- Aug 08, 2013
-
-
Michael Tuexen authored
Reported by: Prashant Jaikumar <rmstar@gmail.com> Fix handling of application data received before a handshake.
-
- Aug 06, 2013
-
-
Kaspar Brand authored
PR: 3028 Fix bug introduced in PEM_X509_INFO_bio which wouldn't process RSA keys correctly if they appeared first.
-
- Aug 05, 2013
-
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
Add X9.42 DH KDF. Move sharedinfo generation code to CMS library as the same structure is used by DH and ECDH. Move ASN1_OBJECT typedef to ossl_typ.h so it can be picked up by dh headers without the need to use ASN1.
-
Dr. Stephen Henson authored
Add support for DH parameter generation using DSA methods including FIPS 186-3.
-
Dr. Stephen Henson authored
Make DHparams_dup work properly with X9.42 DH parameters.
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
Don't need to use temporary buffer if remaining length equals digest length.
-
Dr. Stephen Henson authored
Check and set AlgorithmIdenfier parameters for key wrap algorithms. Currently these just set parameters to NULL.
-
- Aug 03, 2013
-
-
Andy Polyakov authored
Bug would emerge when XTS is added to bsaes-armv7.pl. Pointed out by Ard Biesheuvel of Linaro.
-
Andy Polyakov authored
-
- Jul 31, 2013
-
-
Andy Polyakov authored
-
Trevor Perrin authored
Force no SSL2 when custom extensions in use. Don't clear extension state when cert is set. Clear on renegotiate.
-
- Jul 22, 2013
-
-
Adam Langley authored
Conflicts: ssl/ssltest.c
-
Ben Laurie authored
-
Adam Langley authored
This change adds support for ALPN[1] in OpenSSL. ALPN is the IETF blessed version of NPN and we'll be supporting both ALPN and NPN for some time yet. [1] https://tools.ietf.org/html/draft-ietf-tls-applayerprotoneg-00 Conflicts: ssl/ssl3.h ssl/t1_lib.c
-
- Jul 19, 2013
-
-
Dr. Stephen Henson authored
Update ecdsatest to use ECDSA_sign_setup and ECDSA_sign_ex, this avoids the nonce generation which would otherwise break the test. Reinstate ecdsatest.
-
Dr. Stephen Henson authored
Disable ECDSA test temporarily: it is incompatible with ECDSA nonces.
-
- Jul 17, 2013
-
-
Dr. Stephen Henson authored
Add some ECDH CMS tests.
-
Dr. Stephen Henson authored
Add a script to generate keys and certificates for the S/MIME and CMS tests. Update certificates and add EC examples.
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
For RSA and DSA keys return an appropriate RecipientInfo type. By setting CMS_RECIPINFO_NONE for DSA keys an appropriate error is returned if an attempt is made to use DSA with enveloped data.
-
Dr. Stephen Henson authored
Add support for ECDH in enveloped data. The CMS ctrls for the EC ASN1 method decode/encode the appropriate parameters from the CMS ASN1 data and send appropriate data to the EC public key method.
-
Dr. Stephen Henson authored
Add X9.62 KDF to EC EVP_PKEY_METHOD.
-
Dr. Stephen Henson authored
Add OIDs for KDF schemes from RFC5753 and add cross references for each type and the appropriate digest to use.
-
Dr. Stephen Henson authored
Add hooks to support key agreement recipient info type (KARI) using algorithm specific code in the relevant public key ASN1 method.
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
Add support for key wrap algorithms via EVP interface. Generalise AES wrap algorithm and add to modes, making existing AES wrap algorithm a special case. Move test code to evptests.txt
-
Dr. Stephen Henson authored
-
Dr. Stephen Henson authored
Keep original function names for nonce versions so we don't have to change error function codes.
-
- Jul 15, 2013
-
-
Adam Langley authored
This change updates 8a99cb29 to make the generation of (EC)DSA nonces using the message digest the default. It also reverts the changes to (EC)DSA_METHOD structure. In addition to making it the default, removing the flag from EC_KEY means that FIPS modules will no longer have an ABI mismatch.
-