- 09 7月, 2019 1 次提交
-
-
由 Shane Lontis 提交于
Move the KDF code for CMS DH key agreement into an EVP_KDF object. There are 2 specifications for X9.42 KDF. This implementation uses DER for otherinfo which embeds the KDF loop counter inside the DER object. Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8898)
-
- 06 6月, 2019 1 次提交
-
-
由 Kurt Roeckx 提交于
Reviewed-by: NTomas Mraz <tmraz@fedoraproject.org> GH: #7651
-
- 04 6月, 2019 1 次提交
-
-
由 Shane Lontis 提交于
Move digest code into the relevant providers (fips, default, legacy). The headers are temporarily moved to be internal, and will be moved into providers after all external references are resolved. The deprecated digest code can not be removed until EVP_PKEY (signing) is supported by providers. EVP_MD data can also not yet be cleaned up for the same reasons. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8763)
-
- 16 5月, 2019 1 次提交
-
-
由 Shane Lontis 提交于
X963 KDF is used for CMS ec keyagree Recipient Info. The X963 KDF that is used by CMS EC Key Agreement has been moved into a EVP_KDF object. This KDF is almost identical to the the SSKDF hash variant, so it has been implemented inside the SSKDF code with its own method table. Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8902)
-
- 03 5月, 2019 1 次提交
-
-
由 Shane Lontis 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8808)
-
- 19 4月, 2019 2 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8700)
-
由 Matt Caswell 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8700)
-
- 03 4月, 2019 1 次提交
-
-
由 Matt Caswell 提交于
Fixes #8565 Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8604)
-
- 21 3月, 2019 2 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8513)
-
由 Matt Caswell 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/8513)
-
- 19 3月, 2019 1 次提交
-
-
由 Shane Lontis 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8230)
-
- 07 3月, 2019 1 次提交
-
-
由 David von Oheimb 提交于
constify *_dup() and *i2d_*() and related functions as far as possible, introducing DECLARE_ASN1_DUP_FUNCTION Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8029)
-
- 27 2月, 2019 1 次提交
-
-
由 Simo Sorce 提交于
SSH's KDF is defined in RFC 4253 in Section 7.2 Signed-off-by: NSimo Sorce <simo@redhat.com> Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7290)
-
- 13 2月, 2019 1 次提交
-
-
由 David Makepeace 提交于
Changed PKEY/KDF API to call the new API. Added wrappers for PKCS5_PBKDF2_HMAC() and EVP_PBE_scrypt() to call the new EVP KDF APIs. Documentation updated. Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6674)
-
- 06 2月, 2019 2 次提交
-
-
由 Antoine Salon 提交于
Signed-off-by: NAntoine Salon <asalon@vmware.com> Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7726)
-
由 Antoine Salon 提交于
Signed-off-by: NAntoine Salon <asalon@vmware.com> Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7726)
-
- 06 12月, 2018 1 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7770)
-
- 14 11月, 2018 1 次提交
-
-
由 Shane Lontis 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7597)
-
- 05 11月, 2018 2 次提交
-
-
由 Paul Yang 提交于
This is based on the latest EVP MAC interface introduced in PR #7393. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7459)
-
由 Pauli 提交于
Remove GMAC demo program because it has been superceded by the EVP MAC one Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7548)
-
- 30 10月, 2018 3 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7494)
-
由 Richard Levitte 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7483)
-
由 Richard Levitte 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7484)
-
- 29 10月, 2018 2 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7393)
-
由 Richard Levitte 提交于
We currently implement EVP MAC methods as EVP_PKEY methods. This change creates a separate EVP API for MACs, to replace the current EVP_PKEY ones. A note about this EVP API and how it interfaces with underlying MAC implementations: Other EVP APIs pass the EVP API context down to implementations, and it can be observed that the implementations use the pointer to their own private data almost exclusively. The EVP_MAC API deviates from that pattern by passing the pointer to the implementation's private data directly, and thereby deny the implementations access to the EVP_MAC context structure. This change is made to provide a clearer separation between the EVP library itself and the implementations of its supported algorithm classes. Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7393)
-
- 07 9月, 2018 2 次提交
-
-
由 Paul Yang 提交于
zero-length ID is allowed, but it's not allowed to skip the ID. Fixes: #6534 Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7113)
-
由 Paul Yang 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7113)
-
- 19 6月, 2018 1 次提交
-
-
由 Jack Lloyd 提交于
Use EVP_PKEY_set_alias_type to access Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6443)
-
- 13 4月, 2018 2 次提交
-
-
由 Matt Caswell 提交于
Historically we used to implement standalone base64 code for SRP. This was replaced by commit 3d3f21aa with the standard base64 processing code. However, the SRP base64 code was designed to be compatible with other SRP libraries (notably libsrp, but also others) that use a variant of standard base64. Specifically a different alphabet is used and no padding '=' characters are used. Instead 0 padding is added to the front of the string. By changing to standard base64 we change the behaviour of the API which may impact interoperability. It also means that SRP verifier files created prior to 1.1.1 would not be readable in 1.1.1 and vice versa. Instead we expand our standard base64 processing with the capability to be able to read and generate the SRP base64 variant. Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5925)
-
由 Matt Caswell 提交于
Previously they were using EVP_EncodeBlock/EVP_DecodeBlock. These are low level functions that do not handle padding characters. This was causing the SRP code to fail. One side effect of using EVP_EncodeUpdate is that it inserts newlines which is not what we need in SRP so we add a flag to avoid that. Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5925)
-
- 02 3月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
This adds all of the relevant EVP plumbing required to make X448 and Ed448 work. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NKurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/5481)
-
- 27 2月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 23 2月, 2018 1 次提交
-
-
由 Bernd Edlinger 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5426)
-
- 20 11月, 2017 1 次提交
-
-
由 Paul Yang 提交于
EVP_PKEY_public_check() and EVP_PKEY_param_check() Doc and test cases are added Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4647)
-
- 12 11月, 2017 1 次提交
-
-
由 Josh Soref 提交于
Around 138 distinct errors found and fixed; thanks! Reviewed-by: NKurt Roeckx <kurt@roeckx.be> Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3459)
-
- 12 10月, 2017 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Add an ENGINE to EVP_PKEY structure which can be used for cryptographic operations: this will typically be used by an HSM key to redirect calls to a custom EVP_PKEY_METHOD. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4503)
-
- 14 9月, 2017 2 次提交
-
-
由 Paul Yang 提交于
1. make app pkey methods cleanup internal 2. add EVP_PKEY_meth_remove Fixes travis-ci failure in #4337 Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4356)
-
由 Paul Yang 提交于
A new method is added to EVP_PKEY_METH as: int (*check) (EVP_PKEY_CTX *ctx); and to EVP_PKEY_ASN1_METHOD as: int (*pkey_check) (EVP_PKEY_CTX *ctx); This is used to check the validity of a specific key. The order of calls is: EVP_PKEY_check -> pmeth.check -> ameth.pkey_check. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4337)
-
- 08 8月, 2017 1 次提交
-
-
由 Johannes Bauer 提交于
Add an interface that allows accessing the scrypt KDF as a PKEY_METHOD. This fixes #4021 (at least for the scrypt portion of the issue). Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NStephen Henson <steve@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4026)
-
- 31 5月, 2017 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3503)
-