- 14 3月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
As of TLSv1.3 draft-25 the record header data must be used as AAD Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/5604)
-
- 13 2月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 08 2月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5266)
-
- 07 8月, 2017 1 次提交
-
-
由 Dr. Stephen Henson 提交于
The test ENGINE effectively used a predictable PRNG because it supplied a bogus implementation of SHA256 which the old version of OpenSSL's PRNG used. The new DRBG does not use SHA256 so it is no longer predictable if the SHA256 implementation is replaced. Use an explicit predictable PRNG instead. Reviewed-by: NKurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/4098)
-
- 08 6月, 2017 1 次提交
-
-
由 Rich Salz 提交于
Run perltidy on util/mkerr Change some mkerr flags, write some doc comments Make generated tables "const" when genearting lib-internal ones. Add "state" file for mkerr Renerate error tables and headers Rationalize declaration of ERR_load_XXX_strings Fix out-of-tree build Add -static; sort flags/vars for options. Also tweak code output Moved engines/afalg to engines (from master) Use -static flag Standard engine #include's of errors Don't linewrap err string tables unless necessary Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3392)
-
- 30 11月, 2016 2 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> -
由 Matt Caswell 提交于
This updates the record layer to use the TLSv1.3 style nonce construciton. It also updates TLSProxy and ossltest to be able to recognise the new layout. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 02 11月, 2016 2 次提交
-
-
由 Matt Caswell 提交于
Based on feedback received Reviewed-by: NRich Salz <rsalz@openssl.org> -
由 Matt Caswell 提交于
This might need more changes once we do a "real" TLS1.3 ciphersuite. But it should do for now. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 18 5月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 09 2月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
This builds on the previous commit to auto initialise/deinitialise libcrypto. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 27 1月, 2016 1 次提交
-
-
由 Rich Salz 提交于
This was done by the following find . -name '*.[ch]' | /tmp/pl where /tmp/pl is the following three-line script: print unless $. == 1 && m@/\* .*\.[ch] \*/@; close ARGV if eof; # Close file to reset $. And then some hand-editing of other files. Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
- 12 1月, 2016 2 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> -
由 Richard Levitte 提交于
Note: there's a larger number of implementations in crypto/evp/ that aren't affected because they include evp_locl.h. They will be handled in a separate commit. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 08 12月, 2015 2 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> -
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 03 12月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Remove sign/verify and required_pkey_type fields of EVP_MD: these are a legacy from when digests were linked to public key types. All signing is now handled by the corresponding EVP_PKEY_METHOD. Only allow supported digest types in RSA EVP_PKEY_METHOD: other algorithms already block unsupported types. Remove now obsolete EVP_dss1() and EVP_ecdsa(). Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 10 11月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Continuing from previous work standardise use of malloc in the engine code. Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 30 9月, 2015 1 次提交
-
-
由 Andy Polyakov 提交于
Problem was exposed in mingw64 build, or in other words on P64 platform. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 25 9月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
The ossltest engine wraps the built-in implementation of aes128-cbc. Normally in an engine the cipher_data structure is automatically allocated by the EVP layer. However this relies on the engine specifying up front the size of that cipher_data structure. In the case of ossltest this value isn't available at compile time. This change makes the ossltest engine allocate its own cipher_data structure instead of leaving it to the EVP layer. Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 12 8月, 2015 2 次提交
-
-
由 Richard Levitte 提交于
Use a dynamic engine for ossltest engine so that we can build it without subsequently deploying it during install. We do not want people accidentally using this engine. Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org>
-
由 Matt Caswell 提交于
This engine is for testing purposes only. It provides crippled crypto implementations and therefore must not be used in any instance where security is required. This will be used by the forthcoming libssl test harness which will operate as a man-in-the-middle proxy. The test harness will be able to modify TLS packets and read their contents. By using this test engine packets are not encrypted and MAC codes always verify. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-