- 19 2月, 2018 2 次提交
-
-
由 Matt Caswell 提交于
According to TLSv1.3 draft-24 the record version for ClientHello2 should be TLS1.2, and not TLS1.0 as it is now. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5377)
-
由 Richard Levitte 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5396)
-
- 15 2月, 2018 1 次提交
-
-
由 Bernd Edlinger 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NKurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/5373)
-
- 14 2月, 2018 2 次提交
-
-
由 Richard Levitte 提交于
Without that, output comes one character per line. It's the same issue as has been observed before, this happens when using write() on a record oriented stream (possibly unbuffered too). This also uncovered a bug in BIO_f_linebuffer, where this would cause an error: BIO_write(bio, "1\n", 1); I.e. there's a \n just after the part of the string that we currently ask to get written. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5352)
-
由 Dr. Matthias St. Pierre 提交于
The NIST standard presents two alternative ways for seeding the CTR DRBG, depending on whether a derivation function is used or not. In Section 10.2.1 of NIST SP800-90Ar1 the following is assessed: The use of the derivation function is optional if either an approved RBG or an entropy source provides full entropy output when entropy input is requested by the DRBG mechanism. Otherwise, the derivation function shall be used. Since the OpenSSL DRBG supports being reseeded from low entropy random sources (using RAND_POOL), the use of a derivation function is mandatory. For that reason we change the default and replace the opt-in flag RAND_DRBG_FLAG_CTR_USE_DF with an opt-out flag RAND_DRBG_FLAG_CTR_NO_DF. This change simplifies the RAND_DRBG_new() calls. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5294)
-
- 13 2月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 10 2月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
The no-tls1_2 option does not work properly in conjunction with TLSv1.3 being enabled (which is now the default). This commit fixes the issues. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5301)
-
- 09 2月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5287)
-
- 08 2月, 2018 4 次提交
-
-
由 Matt Caswell 提交于
tls13encryptiontest is an "internal" test. As with all the other internal tests it should not be run on a shared native Windows build. [extended tests] Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5266)
-
由 Matt Caswell 提交于
If TLSv1.3 is enabled and combined with other options that extend the size of the ClientHello, then the clienthello test can sometimes fail because the ClientHello has grown too large. Part of the purpose of the test is to check that the padding extension works properly. This requires the ClientHello size to be kept within certain bounds. By restricting the number of ciphersuites sent we can reduce the size of the ClientHello. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5266)
-
由 Matt Caswell 提交于
[extended tests] Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5266)
-
由 Richard Levitte 提交于
It turns out that even if you successfully build the engine, it might not load properly, so we cannot make the test program fail for it. See the message in commit 25b9d11c This reverts commit 227a1e3f. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5276)
-
- 07 2月, 2018 3 次提交
-
-
由 Richard Levitte 提交于
The afalg engine was moved down from engines/afalg/ to engines/, but the test wasn't changed accordingly. This was undetected because the test program didn't fail when it couldn't load the engine. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5270)
-
由 Richard Levitte 提交于
If you know that there's no afalg engine, don't run this test. test/recipes/30-test_afalg.t checks this correctly. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5270)
-
由 Richard Levitte 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/5268)
-
- 03 2月, 2018 1 次提交
-
-
由 Tatsuhiro Tsujikawa 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4944)
-
- 02 2月, 2018 1 次提交
-
-
由 Todd Short 提交于
Add SSL_verify_client_post_handshake() for servers to initiate PHA Add SSL_force_post_handshake_auth() for clients that don't have certificates initially configured, but use a certificate callback. Update SSL_CTX_set_verify()/SSL_set_verify() mode: * Add SSL_VERIFY_POST_HANDSHAKE to postpone client authentication until after the initial handshake. * Update SSL_VERIFY_CLIENT_ONCE now only sends out one CertRequest regardless of when the certificate authentication takes place; either initial handshake, re-negotiation, or post-handshake authentication. Add 'RequestPostHandshake' and 'RequirePostHandshake' SSL_CONF options that add the SSL_VERIFY_POST_HANDSHAKE to the 'Request' and 'Require' options Add support to s_client: * Enabled automatically when cert is configured * Can be forced enabled via -force_pha Add support to s_server: * Use 'c' to invoke PHA in s_server * Remove some dead code Update documentation Update unit tests: * Illegal use of PHA extension * TLSv1.3 certificate tests DTLS and TLS behave ever-so-slightly differently. So, when DTLS1.3 is implemented, it's PHA support state machine may need to be different. Add a TODO and a #error Update handshake context to deal with PHA. The handshake context for TLSv1.3 post-handshake auth is up through the ClientFinish message, plus the CertificateRequest message. Subsequent Certificate, CertificateVerify, and Finish messages are based on this handshake context (not the Certificate message per se, but it's included after the hash). KeyUpdate, NewSessionTicket, and prior Certificate Request messages are not included in post-handshake authentication. After the ClientFinished message is processed, save off the digest state for future post-handshake authentication. When post-handshake auth occurs, copy over the saved handshake context into the "main" handshake digest. This effectively discards the any KeyUpdate or NewSessionTicket messages and any prior post-handshake authentication. This, of course, assumes that the ID-22 did not mean to include any previous post-handshake authentication into the new handshake transcript. This is implied by section 4.4.1 that lists messages only up to the first ClientFinished. Reviewed-by: NBen Kaduk <kaduk@mit.edu> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4964)
-
- 01 2月, 2018 3 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5229)
-
由 Richard Levitte 提交于
This avoids having to enumerate specific modules in apps, or to have to include them in libtestutil.a. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5222)
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NPaul Dale <paul.dale@oracle.com>
-
- 29 1月, 2018 1 次提交
-
-
由 Richard Levitte 提交于
The rehash test broke the test if run by root. Instead, just skip the check that requires non-root to be worth it. Fixes #4387 Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5184)
-
- 28 1月, 2018 1 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5181)
-
- 26 1月, 2018 3 次提交
-
-
由 Benjamin Kaduk 提交于
Make the sigalg name in comments reflect one that actually exists in the draft standard. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5174)
-
由 Benjamin Kaduk 提交于
We don't need to send this extension in normal operation since we are our own X.509 library, but add some test cases that force the extension to be sent and exercise our code to process the extension. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5068)
-
由 Benjamin Kaduk 提交于
We now have a split in the signature algorithms codepoint space for whether the certificate's key is for rsaEncryption or a PSS-specific key, which should let us get rid of some special-casing that we previously needed to try to coax rsaEncryption keys into performing PSS. (This will be done in a subsequent commit.) Send the new PSS-with-PSS-specific key first in our list, so that we prefer the new technology to the old one. We need to update the expected certificate type in one test, since the "RSA-PSS+SHA256" form now corresponds to a public key of type rsaEncryption, so we should expect the server certificate type to be just "RSA". If we want to get a server certificate type of "RSA-PSS", we need to use a new signature algorithm that cannot be represented as signature+hash, so add a test for that as well. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5068)
-
- 25 1月, 2018 2 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4435)
-
由 Matt Caswell 提交于
Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/4435)
-
- 24 1月, 2018 2 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5153)
-
由 Pauli 提交于
Support added for these two digests, available only via the EVP interface. Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5093)
-
- 23 1月, 2018 1 次提交
-
-
由 Richard Levitte 提交于
That inclusion turned out to be completely unnecessary [extended tests] Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5136)
-
- 22 1月, 2018 1 次提交
-
-
由 Richard Levitte 提交于
This includes unnecessary use of the top as inclusion directory Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5132)
-
- 20 1月, 2018 1 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> (Merged from https://github.com/openssl/openssl/pull/5094)
-
- 19 1月, 2018 1 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NPaul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/5110)
-
- 09 1月, 2018 1 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5038)
-
- 06 1月, 2018 1 次提交
-
-
由 Bernd Edlinger 提交于
Add comments to no longer usable ciphers. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5023)
-
- 04 1月, 2018 1 次提交
-
-
由 Dr. Matthias St. Pierre 提交于
The DRGB concept described in NIST SP 800-90A provides for having different algorithms to generate random output. In fact, the FIPS object module used to implement three of them, CTR DRBG, HASH DRBG and HMAC DRBG. When the FIPS code was ported to master in #4019, two of the three algorithms were dropped, and together with those the entire code that made RAND_DRBG generic was removed, since only one concrete implementation was left. This commit restores the original generic implementation of the DRBG, making it possible again to add additional implementations using different algorithms (like RAND_DRBG_CHACHA20) in the future. Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4998)
-
- 03 1月, 2018 1 次提交
-
-
由 Benjamin Kaduk 提交于
Add a regression test for the functionality enabled in the previous commit. [extended tests] Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4463)
-
- 02 1月, 2018 1 次提交
-
-
由 Daniel Bevenius 提交于
Similar to commit 17b60280( "Remove extra `the` in SSL_SESSION_set1_id.pod"), this commit removes typos where additional 'the' have been added. Reviewed-by: NAndy Polyakov <appro@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4999)
-
- 27 12月, 2017 1 次提交
-
-
由 Bernd Edlinger 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4981)
-
- 18 12月, 2017 1 次提交
-
-
由 Dr. Matthias St. Pierre 提交于
Every DRBG now supports automatic reseeding not only after a given number of generate requests, but also after a specified time interval. Signed-off-by: NDr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: NPaul Dale <paul.dale@oracle.com> Reviewed-by: NKurt Roeckx <kurt@roeckx.be> (Merged from https://github.com/openssl/openssl/pull/4402)
-