Skip to content

O
openssl

btwise / openssl

通知 1
Star 0
Fork 0
O
openssl

体验新版 GitCode,发现更多精彩内容 >>

切换分支/标签
  1. 24 6月, 2019 1 次提交
  3. 17 6月, 2019 1 次提交
  5. 11 6月, 2019 1 次提交
    • S
      PBKDF2 updates to conform to SP800-132 · f0efeea2
      Shane Lontis 提交于 
      The existing code used PKCS5 specifications.
SP800-132 adds the following additional constraints for:
  - the range of the key length.
  - the minimum iteration count (1000 recommended).
  - salt length (at least 128 bits).
These additional constraints may cause errors (in scrypt, and
some PKCS5 related test vectors). To disable the new
constraints use the new ctrl string "pkcs5".
For backwards compatability, the checks are only enabled by
default for fips mode.
Reviewed-by: NMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8868)
      f0efeea2
  7. 04 6月, 2019 1 次提交
    • S
      Move digests to providers · d5e5e2ff
      Shane Lontis 提交于 
      Move digest code into the relevant providers (fips, default, legacy).
The headers are temporarily moved to be internal, and will be moved
into providers after all external references are resolved. The deprecated
digest code can not be removed until EVP_PKEY (signing) is supported by
providers. EVP_MD data can also not yet be cleaned up for the same reasons.
Reviewed-by: NMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8763)
      d5e5e2ff
  9. 03 6月, 2019 1 次提交
    • S
      Add the content type attribute to additional CMS signerinfo. · 19e512a8
      Shane Lontis 提交于 
      Fixes #8923

Found using the openssl cms -resign option.
This uses an alternate path to do the signing which was not adding the required signed attribute
content type. The content type attribute should always exist since it is required is there are
any signed attributes.
As the signing time attribute is always added in code, the content type attribute is also required.
The CMS_si_check_attributes() method adds validity checks for signed and unsigned attributes
e.g. The message digest attribute is a signed attribute that must exist if any signed attributes
exist, it cannot be an unsigned attribute and there must only be one instance containing a single
value.
Reviewed-by: NMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8944)
      19e512a8
  11. 27 5月, 2019 1 次提交
  13. 23 5月, 2019 1 次提交
  15. 21 5月, 2019 1 次提交
  17. 16 5月, 2019 1 次提交
  19. 08 5月, 2019 1 次提交
  21. 04 5月, 2019 1 次提交
  23. 03 5月, 2019 1 次提交
  25. 24 4月, 2019 1 次提交
  27. 19 4月, 2019 1 次提交
  29. 11 4月, 2019 2 次提交
  31. 09 4月, 2019 1 次提交
  33. 05 4月, 2019 2 次提交
  35. 04 4月, 2019 1 次提交
  37. 03 4月, 2019 1 次提交
  39. 30 3月, 2019 1 次提交
  41. 27 3月, 2019 3 次提交
  43. 19 3月, 2019 2 次提交
  45. 14 3月, 2019 1 次提交
  47. 13 3月, 2019 3 次提交
    • R
      test/params_test.c: Add "real world" parameter testing · 9ad41d24
      Richard Levitte 提交于 
      test/params_test.c is a program that tries to mimic how a provider and
an application would or could handle OSSL_PARAM arrays.

For the moment, this program tests a very raw way of handling
OSSL_PARAM arrays.  It is, however, written in a way that will
hopefully make it possible to extend with other methods as APIs arise,
and to set up test cases where a "provider" handles the array one way
while the "application" handles it another way.
Reviewed-by: NPaul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8396)
      9ad41d24
    • M
      Fix various no-* options · 5810bbd8
      Matt Caswell 提交于 
      no-cmac, no-poly1305 and no-siphash all caused the new test_mac to fail.
Reviewed-by: NPaul Dale <paul.dale@oracle.com>
Reviewed-by: NRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8458)
      5810bbd8
    • P
      OSSL_PARAM helper functions. · 7ffbd7ca
      Pauli 提交于 
      Provide a number of functions to allow parameters to be set and
retrieved in a type safe manner.  Functions are provided for many
integral types plus double, BIGNUM, UTF8 strings and OCTET strings.

All of the integer functions will widen the parameter data as
required.  This permits a degree of malleability in the parameter
definition.  For example a type can be changed from a thirty two bit
integer to a sixty four bit one without changing application code.
Only four and eight byte integral sizes are supported here.

A pair of real functions are available for doubles.

A pair of functions is available for BIGNUMs.  These accept any sized
unsigned integer input and convert to/from a BIGNUM.

For each OCTET and UTF8 strings, four functions are defined.  This
provide get and set functionality for string and for pointers to
strings.  The latter avoiding copies but have other inherent risks.

Finally, some utility macros and functions are defined to allow
OSSL_PARAM definition arrays to be specified in a simple manner.
There are two macro and one function for most types.  The exception
being BIGNUM, for which there is one macro and one function.
Reviewed-by: NMatt Caswell <matt@openssl.org>
Reviewed-by: NRichard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8451)
      7ffbd7ca
  49. 12 3月, 2019 2 次提交
  51. 11 3月, 2019 1 次提交
  53. 07 3月, 2019 1 次提交
  55. 06 3月, 2019 1 次提交
  57. 01 3月, 2019 1 次提交
  59. 27 2月, 2019 2 次提交
  61. 26 2月, 2019 1 次提交