summaryrefslogtreecommitdiffstats
path: root/ssl/t1_enc.c
AgeCommit message (Expand)Author
2013-03-28Enable TLS 1.2 ciphers in DTLS 1.2.Dr. Stephen Henson
2013-03-19Typo.Dr. Stephen Henson
2013-03-18Use enc_flags when deciding protocol variations.Dr. Stephen Henson
2013-02-08ssl/*: revert "remove SSL_RECORD->orig_len" and merge "fix IV".Andy Polyakov
2013-02-06ssl/*: remove SSL3_RECORD->orig_len to restore binary compatibility.Andy Polyakov
2013-02-06Timing fix mitigation for FIPS mode.Dr. Stephen Henson
2013-02-06Update DTLS code to match CBC decoding in TLS.Ben Laurie
2013-02-06Don't crash when processing a zero-length, TLS >= 1.1 record.Ben Laurie
2013-02-06Make CBC decoding constant time.Ben Laurie
2012-09-21* ssl/t1_enc.c (tls1_change_cipher_state): Stupid bug. Fortunately inRichard Levitte
2012-08-28New compile time option OPENSSL_SSL_TRACE_CRYPTO, when set this passesDr. Stephen Henson
2012-05-10Sanity check record length before skipping explicit IV in TLS 1.2, 1.1 andDr. Stephen Henson
2012-03-13ssl/t1_enc.c: pay attention to EVP_CIPH_FLAG_CUSTOM_CIPHER.Andy Polyakov
2012-02-22SSL export fixes (from Adam Langley) [original from 1.0.1]Dr. Stephen Henson
2011-12-13Remove redundant TLS exporter.Ben Laurie
2011-11-25PR: 1794Dr. Stephen Henson
2011-11-21bcmp doesn't exist on all platforms, replace with memcmpDr. Stephen Henson
2011-11-15Add TLS exporter.Ben Laurie
2011-08-03Expand range of ctrls for AES GCM to support retrieval and setting ofDr. Stephen Henson
2011-07-11ssl/t1_enc.c: initial support for AEAD ciphers.Andy Polyakov
2011-05-31Don't round up partitioned premaster secret length if there is only oneDr. Stephen Henson
2011-05-19Implement FIPS_mode and FIPS_mode_setDr. Stephen Henson
2011-05-09Initial TLS v1.2 client support. Include a default supported signatureDr. Stephen Henson
2011-04-29Initial incomplete TLS v1.2 support. New ciphersuites added, new versionDr. Stephen Henson
2011-03-12Add SRP support.Ben Laurie
2011-01-04Don't use decryption_failed alert for TLS v1.1 or later.Dr. Stephen Henson
2010-11-24use generalise mac API for SSL key generationDr. Stephen Henson
2010-11-14Only use explicit IV if cipher is in CBC mode.Dr. Stephen Henson
2010-07-18PR: 1830Dr. Stephen Henson
2010-07-18oops, revert wrong patch..Dr. Stephen Henson
2010-07-18Fix warnings (From HEAD, original patch by Ben).Dr. Stephen Henson
2010-06-27no need for empty fragments with TLS 1.1 and later due to explicit IVDr. Stephen Henson
2010-06-12Fix warnings.Ben Laurie
2010-05-17PR: 2259Dr. Stephen Henson
2009-12-07Initial experimental TLSv1.1 supportDr. Stephen Henson
2009-04-20Updates from 1.0.0-stable branch.Dr. Stephen Henson
2009-01-11Fix warnings properly this time ;-)Dr. Stephen Henson
2009-01-11Fix sign-compare warnings.Dr. Stephen Henson
2009-01-05Fix compilation with -no-comp by adding some more #ifndef OPENSSL_NO_COMPLutz Jänicke
2008-12-29If we're going to return errors (no matter how stupid), then we shouldBen Laurie
2008-12-27Handle the unlikely event that BIO_get_mem_data() returns -ve.Ben Laurie
2008-11-12Revert the size_t modifications from HEAD that had led to moreGeoff Thorpe
2008-11-10Make -DKSSL_DEBUG work again.Dr. Stephen Henson
2008-01-05Fix unsigned/signed warnings in ssl.Andy Polyakov
2007-10-261. Changes for s_client.c to make it return non-zero exit code in caseDr. Stephen Henson
2007-10-09Make DTLS1 record layer MAC calculation RFC compliant.Andy Polyakov
2007-09-26Support for certificate status TLS extension.Dr. Stephen Henson
2007-09-21Implement the Opaque PRF Input TLS extensionBodo Möller
2007-08-31Update ssl code to support digests other than MD5+SHA1 in handshake.Dr. Stephen Henson
2007-06-04Update ssl library to support EVP_PKEY MAC API. Include generic MAC support.Dr. Stephen Henson
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-25 14:33:29 +0000