- 20 11月, 2017 1 次提交
-
-
由 Paul Yang 提交于
EVP_PKEY_public_check() and EVP_PKEY_param_check() Doc and test cases are added Reviewed-by: NTim Hudson <tjh@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4647)
-
- 12 10月, 2017 3 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4485)
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4485)
-
由 Dr. Stephen Henson 提交于
Add functions to return DH parameters using NID and to return the NID if parameters match a named set. Currently this supports only RFC7919 parameters but could be expanded in future. Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4485)
-
- 08 6月, 2017 1 次提交
-
-
由 Rich Salz 提交于
Run perltidy on util/mkerr Change some mkerr flags, write some doc comments Make generated tables "const" when genearting lib-internal ones. Add "state" file for mkerr Renerate error tables and headers Rationalize declaration of ERR_load_XXX_strings Fix out-of-tree build Add -static; sort flags/vars for options. Also tweak code output Moved engines/afalg to engines (from master) Use -static flag Standard engine #include's of errors Don't linewrap err string tables unless necessary Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3392)
-
- 27 4月, 2017 1 次提交
-
-
由 Bernd Edlinger 提交于
Fixes #3063. Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3100)
-
- 04 4月, 2017 1 次提交
-
-
由 Matt Caswell 提交于
DHparams has d2i_DHparams_fp, d2i_DHxparams_bio etc, but the equivalent macros for DHxparams were omitted. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3111)
-
- 26 1月, 2017 1 次提交
-
-
由 Richard Levitte 提交于
When the client reads DH parameters from the TLS stream, we only checked that they all are non-zero. This change updates the check to use DH_check_params() DH_check_params() is a new function for light weight checking of the p and g parameters: check that p is odd check that 1 < g < p - 1 Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
- 21 7月, 2016 1 次提交
-
-
由 Kurt Roeckx 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> GH: #1330
-
- 16 6月, 2016 1 次提交
-
-
由 Richard Levitte 提交于
Including documentation changes Reviewed-by: NStephen Henson <steve@openssl.org> Reviewed-by: NEmilia Käsper <emilia@openssl.org>
-
- 06 6月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
The flags RSA_FLAG_NO_CONSTTIME, DSA_FLAG_NO_EXP_CONSTTIME and DH_FLAG_NO_EXP_CONSTTIME which previously provided the ability to switch off the constant time implementation for RSA, DSA and DH have been made no-ops and deprecated. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 24 5月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Add script to find unused err/reason codes Remove unused reason codes. Remove entries for unused functions Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 18 5月, 2016 2 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 29 4月, 2016 1 次提交
-
-
由 FdaSilvaYY 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/952)
-
- 09 4月, 2016 2 次提交
-
-
由 Matt Caswell 提交于
Move the dh_method structure into an internal header file and provide relevant accessors for the internal fields. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Matt Caswell 提交于
Move the dh_st structure into an internal header file and provide relevant accessors for the internal fields. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 05 4月, 2016 2 次提交
-
-
由 Rich Salz 提交于
This reverts commit 620d540b. It wasn't reviewed. Reviewed-by: NRich Salz <rsalz@openssl.org>
-
由 FdaSilvaYY 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 21 3月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Don't have #error statements in header files, but instead wrap the contents of that file in #ifndef OPENSSL_NO_xxx This means it is now always safe to include the header file. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 10 3月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NDr. Stephen Henson <steve@openssl.org>
-
- 08 3月, 2016 1 次提交
-
-
由 Alessandro Ghedini 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 29 1月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
A new return value for DH_check_pub_key was recently added: DH_CHECK_PUBKEY_INVALID. As this is a flag which can be ORed with other return values it should have been set to the value 4 not 3. RT#4278 Reviewed-by: NAndy Polyakov <appro@openssl.org>
-
- 28 1月, 2016 1 次提交
-
-
由 Matt Caswell 提交于
Historically OpenSSL only ever generated DH parameters based on "safe" primes. More recently (in version 1.0.2) support was provided for generating X9.42 style parameter files such as those required for RFC 5114 support. The primes used in such files may not be "safe". Where an application is using DH configured with parameters based on primes that are not "safe" then an attacker could use this fact to find a peer's private DH exponent. This attack requires that the attacker complete multiple handshakes in which the peer uses the same DH exponent. A simple mitigation is to ensure that y^q (mod p) == 1 CVE-2016-0701 Issue reported by Antonio Sanso. Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
- 27 1月, 2016 1 次提交
-
-
由 Rich Salz 提交于
This was done by the following find . -name '*.[ch]' | /tmp/pl where /tmp/pl is the following three-line script: print unless $. == 1 && m@/\* .*\.[ch] \*/@; close ARGV if eof; # Close file to reset $. And then some hand-editing of other files. Reviewed-by: NViktor Dukhovni <viktor@openssl.org>
-
- 08 1月, 2016 1 次提交
-
-
由 Viktor Dukhovni 提交于
Provide backwards-compatiblity for functions, macros and include files if OPENSSL_API_COMPAT is either not defined or defined less than the version number of the release in which the feature was deprecated. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 02 12月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Add CRYPTO_free_ex_index (for shared libraries) Unify and complete the documentation for all "ex_data" API's and objects. Replace xxx_get_ex_new_index functions with a macro. Added an exdata test. Renamed the ex_data internal datatypes. Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 30 9月, 2015 1 次提交
-
-
由 Rich Salz 提交于
Looks like someone forgot to do a "make update" since crypto/ts/Makefile keeps changing. So include that. Second is that the declare_dh_bn macro fools the libeay.num script. The declarations are only needed in one file (dh_rfc5114) so remove them from the header and put the "raw" declarations directly into that file. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 20 9月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 11 9月, 2015 1 次提交
-
-
由 Ben Laurie 提交于
-Wincompatible-pointer-types-discards-qualifiers (the latter did not require any code changes). Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 04 9月, 2015 1 次提交
-
-
由 David Bar 提交于
Also has changes from from David Woodhouse <David.Woodhouse@intel.com> and some tweaks from me. Signed-off-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 31 7月, 2015 1 次提交
-
-
由 Nicholas Cooper 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 09 6月, 2015 1 次提交
-
-
由 Kurt Roeckx 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> MR #588
-
- 01 4月, 2015 1 次提交
-
-
由 Richard Levitte 提交于
Rather than making include/openssl/foo.h a symlink to crypto/foo/foo.h, this change moves the file to include/openssl/foo.h once and for all. Likewise, move crypto/foo/footest.c to test/footest.c, instead of symlinking it there. Originally-by: NGeoff Thorpe <geoff@openssl.org> Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 27 1月, 2015 1 次提交
-
-
由 Rich Salz 提交于
The following compile options (#ifdef's) are removed: OPENSSL_NO_BIO OPENSSL_NO_BUFFER OPENSSL_NO_CHAIN_VERIFY OPENSSL_NO_EVP OPENSSL_NO_FIPS_ERR OPENSSL_NO_HASH_COMP OPENSSL_NO_LHASH OPENSSL_NO_OBJECT OPENSSL_NO_SPEED OPENSSL_NO_STACK OPENSSL_NO_X509 OPENSSL_NO_X509_VERIFY This diff is big because of updating the indents on preprocessor lines. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 22 1月, 2015 3 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
Sometimes it fails to format them very well, and sometimes it corrupts them! This commit moves some particularly problematic ones. Reviewed-by: NTim Hudson <tjh@openssl.org>
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 15 1月, 2015 1 次提交
-
-
由 Rich Salz 提交于
OPENSSL_NO_RIPEMD160, OPENSSL_NO_RIPEMD merged into OPENSSL_NO_RMD160 OPENSSL_NO_FP_API merged into OPENSSL_NO_STDIO Two typo's on #endif comments fixed: OPENSSL_NO_ECB fixed to OPENSSL_NO_OCB OPENSSL_NO_HW_SureWare fixed to OPENSSL_NO_HW_SUREWARE Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 19 12月, 2014 1 次提交
-
-
由 Matt Caswell 提交于
Introduce use of DECLARE_DEPRECATED Reviewed-by: NRich Salz <rsalz@openssl.org>
-