- 15 3月, 2018 19 次提交
-
-
由 Matt Caswell 提交于
Renamed to EVP_PKEY_new_raw_private_key()/EVP_new_raw_public_key() as per feedback. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5520)
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5520)
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5520)
-
由 Matt Caswell 提交于
Include more information about how to create keys for these algorithms. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5520)
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5520)
-
由 Matt Caswell 提交于
Previously private and public keys had to be pem encoded to be read by evp_test. This enables us to embed the raw private/public key values in the test file. The algorithm has to support EVP_PKEY_new_private_key() and EVP_PKEY_new_public_key() for this to work. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5520)
-
由 Matt Caswell 提交于
Also adds some documentation for related existing functions/macros Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5520)
-
由 Matt Caswell 提交于
Also to use the new EVP_PKEY_new_CMAC_key() Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5520)
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5520)
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5520)
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5520)
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5520)
-
由 Matt Caswell 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5520)
-
由 Matt Caswell 提交于
Not all algorithms will support this, since their keys are not a simple block of data. But many can. Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5520)
-
The Debian build system uses a `debian' target which sets CFLAGS and then we have for instance debian-amd64 which inherits from linux-x86_64 and debian [0]. So far so good. Unless there are different suggestions how to do this, I would keep it. However since the target name does not start with `linux', the build system does not enable the afalg engine. So in order to get enabled, I added a `enable => [ "afalgeng" ],' to the generic linux config which sets it explicit (as suggested by Richard Levitte). Having this set, we can check for it instead matching the target name. [0] https://sources.debian.org/src/openssl/1.1.0g-2/Configurations/20-debian.conf/Signed-off-by: NSebastian Andrzej Siewior <sebastian@breakpoint.cc> Reviewed-by: NMatt Caswell <matt@openssl.org> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5169)
-
由 Matt Caswell 提交于
In TLSv1.3 the session is not ready until after the end of the handshake when we are constructing the NewSessionTicket. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5621)
-
由 Pauli 提交于
Added two missing OIDs for AES-{128,256}-XTS. Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5622)
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5618)
-
由 Patrick Steuer 提交于
Random path generation code in test/recipes/15-test_out_option.t does not work: The code sets rand_path to "/test.pem". I.e. the test will fail as expected for unprivileged user but will pass for root user. Signed-off-by: NPatrick Steuer <patrick.steuer@de.ibm.com> Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NRichard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5595)
-
- 14 3月, 2018 19 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5617)
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5616)
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5392)
-
由 Matt Caswell 提交于
A place in clienthellotest was missed in converting to the new mechanism for configuration of TLSv1.3 ciphersuites. Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5392)
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5392)
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5392)
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5392)
-
由 Matt Caswell 提交于
With the current mechanism, old cipher strings that used to work in 1.1.0, may inadvertently disable all TLSv1.3 ciphersuites causing connections to fail. This is confusing for users. In reality TLSv1.3 are quite different to older ciphers. They are much simpler and there are only a small number of them so, arguably, they don't need the same level of control that the older ciphers have. This change splits the configuration of TLSv1.3 ciphers from older ones. By default the TLSv1.3 ciphers are on, so you cannot inadvertently disable them through your existing config. Fixes #5359 Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5392)
-
由 Matt Caswell 提交于
Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/5604)
-
由 Matt Caswell 提交于
As per the latest text in TLSv1.3 draft-26 Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/5604)
-
由 Matt Caswell 提交于
As of TLSv1.3 draft-25 the record header data must be used as AAD Reviewed-by: NBen Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/5604)
-
由 Richard Levitte 提交于
We have '--strict-warnings' for this kind of stuff... also, user flags are added last, so this overrides any warning supression --strict-warnings may put in place (for good reasons). Fixes #5609 Reviewed-by: NTim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5612)
-
由 Richard Levitte 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5608)
-
由 Richard Levitte 提交于
... also, name it with "-$$" added instead of ".$$" Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5608)
-
由 Richard Levitte 提交于
Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5608)
-
由 Andy Polyakov 提交于
Move Android targets to separate file, automate sysroot setup and add support for NDK 16. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5589)
-
由 Andy Polyakov 提交于
Unlike "upstream", Android NDK's arm64 gcc [but not clang] performs 64x64=128-bit multiplications with library calls, which appears to have devastating impact on performance. [The condition is reduced to __ANDROID__ [&& !__clang__], because x86_64 has corresponding assembly module.] Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5589)
-
由 Andy Polyakov 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5589)
-
由 Richard Levitte 提交于
With the help of the perl script util/add-depends.pl, which takes all its information directly from configdata.pm, the dependency adding procedure can be streamlined for all support platforms. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5606)
-
- 13 3月, 2018 2 次提交
-
-
由 Tim Hudson 提交于
As per discussion with Peter Sylvester Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5603)
-
由 Richard Levitte 提交于
OPENSSL_DIR_read() now returns unique file names on VMS, no generation number. We therefore do not need to handle that case in apps/rehash.c any more. Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5602)
-