root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity
36,422 Commits 32 Branches 398 Tags 545 MiB
Commit Graph

10 Commits

Author SHA1 Message Date
Richard Levitte 3cd5aeb3cc docs: Document the implemented composite signature+hash algorithms 
The details for RSA and EdDSA have already been documented, albeit the
RSA documentation wasn't conforming properly to the POD format.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25422)
 2024-09-12 15:20:23 +02:00
Tomas Mraz 7ed6de997f Copyright year updates 
Reviewed-by: Neil Horman <nhorman@openssl.org>
Release: yes
 2024-09-05 09:35:49 +02:00
Pauli a9fc8702e0 doc: document the OSSL_SIGNATURE_PARAM_FIPS_VERIFY_MESSAGE parameter 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/25211)
 2024-08-23 07:17:02 +10:00
Pauli 2c3f1a6cad Fix parameter types int -> integer changes 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Yang <kaishen.yy@antfin.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24881)
 2024-07-16 06:42:05 +02:00
slontis c13ddf0a6c Change all existing FIPS configurable checks to use FIPS indicators. 
This changes the logic to always do the security checks and then decide
what to do based on if this passes or not. Failure of a check causes
either a failure OR the FIPS indicator callback to be triggered.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24623)
 2024-07-11 08:29:43 +10:00
Matt Caswell da1c088f59 Copyright year updates 
Reviewed-by: Richard Levitte <levitte@openssl.org>
Release: yes
 2023-09-07 09:59:15 +01:00
Ingo Franzki 1d85794532 Allow OSSL_SIGNATURE_PARAM_NONCE_TYPE to be retrieved 
Context parameter OSSL_SIGNATURE_PARAM_NONCE_TYPE can now also be
retrieved for ECDSA and DSA.

Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20070)
 2023-01-23 10:34:36 +01:00
slontis f3090fc710 Implement deterministic ECDSA sign (RFC6979) 
This PR is based off the contributions in PR #9223 by Jemmy1228.

It has been modified and reworked to:
(1) Work with providers
(2) Support ECDSA and DSA
(3) Add a KDF HMAC_DRBG implementation that shares code with the RAND HMAC_DRBG.

A nonce_type is passed around inside the Signing API's, in order to support any
future deterministic algorithms.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18809)
 2022-11-30 07:31:53 +00:00
Pauli 57cd10dd1e doc: remove end of line whitespace 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/16641)
 2021-09-22 16:22:50 +10:00
Shane Lontis b808665265 Update core_names.h fields and document most fields. 
Renamed some values in core_names i.e Some DH specific names were changed to use DH instead of FFC.
Added some strings values related to RSA keys.
Moved set_params related docs out of EVP_PKEY_CTX_ctrl.pod into its own file.
Updated Keyexchange and signature code and docs.
Moved some common DSA/DH docs into a shared EVP_PKEY-FFC.pod.
Moved Ed25519.pod into EVP_SIGNATURE-ED25519.pod and reworked it.

Added some usage examples. As a result of the usage examples the following change was also made:
ec allows OSSL_PKEY_PARAM_USE_COFACTOR_ECDH as a settable gen parameter.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11610)
 2020-05-26 13:53:07 +10:00