| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2013-10-01 | Algorithm parameter support. | Dr. Stephen Henson | |
| Check and set AlgorithmIdenfier parameters for key wrap algorithms. Currently these just set parameters to NULL. (cherry picked from commit e61f5d55bc0072e75023be8971ae6e849643f466) | |||
| 2013-10-01 | CMS support for key agreeement recipient info. | Dr. Stephen Henson | |
| Add hooks to support key agreement recipient info type (KARI) using algorithm specific code in the relevant public key ASN1 method. (cherry picked from commit 17c2764d2e6fc5a010ad3c12662068689ed2ad17) | |||
| 2013-10-01 | Add control to retrieve signature MD. | Dr. Stephen Henson | |
| (cherry picked from commit 810639536cfa66df0c232fa4f15a7e5f00f31ce8) | |||
| 2013-10-01 | EVP support for wrapping algorithms. | Dr. Stephen Henson | |
| Add support for key wrap algorithms via EVP interface. Generalise AES wrap algorithm and add to modes, making existing AES wrap algorithm a special case. Move test code to evptests.txt (cherry picked from commit 97cf1f6c2854a3a955fd7dd3a1f113deba00c9ef) Conflicts: CHANGES | |||
| 2013-10-01 | evptests.txt: add XTS test vectors | Andy Polyakov | |
| (cherry picked from commit c9a8e3d1c754cee8551d36cd54a1ea675ee8d055) | |||
| 2013-10-01 | evptests.txt: additional GCM test vectors. | Andy Polyakov | |
| (cherry picked from commit ca303d333bb3ff61a946f92b2569ee98ae18c3cb) | |||
| 2013-10-01 | Fix warnings. | Ben Laurie | |
| (cherry picked from commit 282a480a352e2aac4fad6e75932d951659bff62d) | |||
| 2013-10-01 | GCM and CCM test support | Dr. Stephen Henson | |
| Add code to support GCM an CCM modes in evp_test. On encrypt this will compare the expected ciphertext and tag. On decrypt it will compare the expected plaintext: tag comparison is done internally. Add a simple CCM test case and convert all tests from crypto/modes/gcm128.c (cherry picked from commit 15652f9825de25481676767aa73945409f9c82e2) | |||
| 2013-10-01 | Add CCM ciphers to tables. | Dr. Stephen Henson | |
| (cherry picked from commit 95248de327cb468d2ead36930fdf3d05d10d7b6a) | |||
| 2013-08-03 | crypto/evp/e_aes.c: fix logical pre-processor bug and formatting. | Andy Polyakov | |
| Bug would emerge when XTS is added to bsaes-armv7.pl. Pointed out by Ard Biesheuvel of Linaro. (cherry picked from commit 044f63086051d7542fa9485a1432498c39c4d8fa) | |||
| 2013-06-04 | Missing prototypes. | Ben Laurie | |
| 2013-06-04 | Remove added ;. | Ben Laurie | |
| 2013-05-20 | evp/e_aes.c: engage SPARC T4 AES support [from master]. | Andy Polyakov | |
| 2013-05-20 | evp/e_aes.c: engage AES-NI GCM stitch. | Andy Polyakov | |
| 2013-05-20 | evp/evp_err.c: update from master. | Andy Polyakov | |
| 2013-05-20 | evp/e_camellia.c: engage SPARC T5 Camellia support [from master]. | Andy Polyakov | |
| 2013-05-20 | evp/e_des[3].c: engage SPARC T4 DES support. | Andy Polyakov | |
| 2013-05-19 | evp/Makefile: fix typo. | Andy Polyakov | |
| 2013-05-19 | Add EVP glue to AES-NI SHA256 stich [from master]. | Andy Polyakov | |
| 2013-03-18 | e_aes_cbc_hmac_sha1.c: fix rare bad record mac on AES-NI plaforms. | Andy Polyakov | |
| PR: 3002 (cherry picked from commit 5c60046553716fcf160718f59160493194f212dc) | |||
| 2013-02-08 | e_aes_cbc_hmac_sha1.c: align calculated MAC at cache line. | Andy Polyakov | |
| It also ensures that valgring is happy. (cherry picked from commit 2141e6f30b1fd2906830fd23d8eae71fe72acc47) | |||
| 2013-02-06 | e_aes_cbc_hmac_sha1.c: cleanse temporary copy of HMAC secret. | Andy Polyakov | |
| (cherry picked from commit 529d27ea472fc2c7ba9190a15a58cb84012d4ec6) | |||
| 2013-02-06 | e_aes_cbc_hmac_sha1.c: address the CBC decrypt timing issues. | Andy Polyakov | |
| Address CBC decrypt timing issues and reenable the AESNI+SHA1 stitch. (cherry picked from commit 125093b59f3c2a2d33785b5563d929d0472f1721) | |||
| 2013-02-06 | Make CBC decoding constant time. | Ben Laurie | |
| This patch makes the decoding of SSLv3 and TLS CBC records constant time. Without this, a timing side-channel can be used to build a padding oracle and mount Vaudenay's attack. This patch also disables the stitched AESNI+SHA mode pending a similar fix to that code. In order to be easy to backport, this change is implemented in ssl/, rather than as a generic AEAD mode. In the future this should be changed around so that HMAC isn't in ssl/, but crypto/ as FIPS expects. (cherry picked from commit e130841bccfc0bb9da254dc84e23bc6a1c78a64e) | |||
| 2013-01-15 | make update | Dr. Stephen Henson | |
| 2012-10-16 | Don't require tag before ciphertext in AESGCM mode | Dr. Stephen Henson | |
| 2012-09-15 | e_aes.c: uninitialized variable in aes_ccm_init_key [from HEAD]. | Andy Polyakov | |
| PR: 2874 Submitted by: Tomas Mraz | |||
| 2012-07-13 | type | Dr. Stephen Henson | |
| 2012-07-04 | add missing evp_cnf.c file | Dr. Stephen Henson | |
| 2012-07-03 | PR: 2840 | Dr. Stephen Henson | |
| Reported by: David McCullough <david_mccullough@mcafee.com> Restore fips configuration module from 0.9.8. | |||
| 2012-06-10 | revert more "version skew" changes that break FIPS builds | Dr. Stephen Henson | |
| 2012-06-03 | Reduce version skew: trivia (I hope). | Ben Laurie | |
| 2012-05-13 | Experimental multi-implementation support for FIPS capable OpenSSL. | Dr. Stephen Henson | |
| When in FIPS mode the approved implementations are used as normal, when not in FIPS mode the internal unapproved versions are used instead. This means that the FIPS capable OpenSSL isn't forced to use the (often lower perfomance) FIPS implementations outside FIPS mode. | |||
| 2012-04-20 | e_rc4_hmac_md5.c: reapply commit#21726, which was erroneously omitted [from ↵ | Andy Polyakov | |
| 1.0.1]. PR: 2797, 2792 | |||
| 2012-04-20 | make ciphers work again for FIPS builds | Dr. Stephen Henson | |
| 2012-04-19 | e_rc4_hmac_md5.c: last commit was inappropriate for non-x86[_64] platforms | Andy Polyakov | |
| [from HEAD]. PR: 2792 | |||
| 2012-04-18 | only call FIPS_cipherinit in FIPS mode | Dr. Stephen Henson | |
| 2012-04-18 | e_rc4_hmac_md5.c: update from HEAD, fixes crash on legacy Intel CPUs. | Andy Polyakov | |
| PR: 2792 | |||
| 2012-04-18 | recognise X9.42 DH certificates on servers | Dr. Stephen Henson | |
| 2012-04-15 | e_aes_cbc_hmac_sha1.c: handle zero-length payload and engage empty frag | Andy Polyakov | |
| countermeasure [from HEAD]. PR: 2778 | |||
| 2012-04-07 | Initial experimental support for X9.42 DH parameter format to handle | Dr. Stephen Henson | |
| RFC5114 parameters and X9.42 DH public and private keys. (backport from HEAD) | |||
| 2012-03-22 | fix leak | Dr. Stephen Henson | |
| 2012-02-10 | only cleanup ctx if we need to, save ctx flags when we do | Dr. Stephen Henson | |
| 2012-01-18 | undef some symbols that cause problems with make depend for fips builds | Dr. Stephen Henson | |
| 2011-12-27 | make update | Dr. Stephen Henson | |
| 2011-12-02 | Fix warnings. | Ben Laurie | |
| 2011-11-22 | Workaround so "make depend" works for fips builds. | Dr. Stephen Henson | |
| 2011-11-15 | e_rc4_hmac_md5.c: make it work on darwin64, which is configured with RC4_CHAR. | Andy Polyakov | |
| 2011-11-15 | Configure, e_aes.c: allow for XTS assembler implementation [from HEAD]. | Andy Polyakov | |
| 2011-11-14 | e_aes.c: jumbo update from HEAD. | Andy Polyakov | |
 |
index : openssl | |
| Mirror of https://github.com/openssl/openssl | matthias |
| summaryrefslogtreecommitdiffstats |