root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity
25,321 Commits 32 Branches 398 Tags 545 MiB
Commit Graph

209 Commits

Author SHA1 Message Date
Todd Short 3ec13237f0 Add cipher query functions 
Add functions to determine authentication, key-exchange, FIPS and AEAD.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-03-08 09:19:15 -05:00
Alessandro Ghedini aacfb134be GH355: Implement HKDF 
This patch implements the HMAC-based Extract-and-Expand Key Derivation
Function (HKDF) as defined in RFC 5869.

It is required to implement the QUIC and TLS 1.3 protocols (among others).

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2016-03-03 18:21:20 -05:00
Dr. Stephen Henson 899cf48f17 Rename OIDs. 
Use standard X25519 and X448 names for OIDs. Delete EdDSA OIDs: for now they
wont be used and EdDSA may use a different format.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
 2016-02-28 22:54:53 +00:00
Dr. Stephen Henson da15ce2212 update OID tables 
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-02-04 14:10:52 +00:00
Rich Salz d9f7772674 RT2752: Add some EKU OID's 
And some others found in the Internet.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
 2016-02-03 23:33:55 -05:00
Rich Salz b5c5a97141 RT2353: Add ipsec IKE OID 
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2016-02-02 14:41:06 -05:00
Rich Salz ced2c2c598 Templatize util/domd 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-01-29 16:56:07 -05:00
Emilia Kasper d8ca44ba41 Always DPURIFY 
The use of the uninitialized buffer in the RNG has no real security
benefits and is only a nuisance when using memory sanitizers.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
 2016-01-29 16:33:13 +01:00
Richard Levitte d20a161f46 Complete the removal of /* foo.c */ comments 
Some files that are automatically generated still had those comments
added by the generating scripts.

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-01-27 18:42:23 +01:00
Rich Salz 349807608f Remove /* foo.c */ comments 
This was done by the following
        find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
        print unless $. == 1 && m@/\* .*\.[ch] \*/@;
        close ARGV if eof; # Close file to reset $.

And then some hand-editing of other files.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
 2016-01-26 16:40:43 -05:00
Dr. Stephen Henson 1eff3485b6 Add TLS PRF method. 
Add EVP_PKEY algorithm for TLS1 PRF.

Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-01-19 14:00:32 +00:00
Rob Stradling ba67253db1 Support the TLS Feature (aka Must Staple) X.509v3 extension (RFC7633). 
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

GH: #495, MR: #1435
 2015-12-10 19:27:40 +01:00
Andy Polyakov 72bb2f64fc Add ChaCha20-Poly1305 and ChaCha20 NIDs. 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-10 11:59:49 +01:00
Dmitry Belyavskiy 52ee3ed3a1 New cipher and cipher modes standardized in Russia 
This change introduces short names and NIDs for Russian GOST ciphers
according to GOST R 34.13-2015

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2015-10-05 21:55:10 +01:00
Dmitry Belyavsky 31001f8131 Add new GOST OIDs 
Add new OIDs for latest GOST updates

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2015-08-17 15:34:30 +01:00
Dr. Stephen Henson 96b96d6c45 Add scrypt OID from draft-josefsson-scrypt-kdf-03 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2015-05-21 12:48:02 +01:00
Richard Levitte 2ed42bf639 make update 
Reviewed-by: Matt Caswell <matt@openssl.org>
 2015-05-05 21:49:51 +02:00
Rich Salz 8332f91cc0 fix various typo's 
https://github.com/openssl/openssl/pull/176 (CHANGES)
 https://rt.openssl.org/Ticket/Display.html?id=3545 (objects.txt)
 https://rt.openssl.org/Ticket/Display.html?id=3796 (verify.pod)

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-05-03 08:50:34 -04:00
Rich Salz c81f425eaa RT937: Enable pilotAttributeType uniqueIdentifier 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-02-12 14:38:31 -05:00
Andy Polyakov c79e17731f Add more Camellia OIDs. 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2015-02-11 20:28:47 +01:00
Matt Caswell e6b336efa3 Add EVP support for OCB mode 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 10:28:34 +00:00
Dr. Stephen Henson abac8e0e08 Rebuild OID table. 2014-06-27 14:35:07 +01:00
Rob Stradling 52f71f8181 CABForum EV OIDs for Subject Jurisdiction of Incorporation or Registration. 2014-02-26 15:33:11 +00:00
Rob Stradling dcfe8df148 Show the contents of the RFC6962 Signed Certificate Timestamp List Certificate/OCSP Extensions. 
Add the RFC6962 OIDs to the objects table.
 2014-02-14 23:24:35 +00:00
Dr. Stephen Henson 7f5fd314c0 Sync OID numbers with 1.0.2 branch. 2013-10-15 11:33:30 +01:00
Dr. Stephen Henson 6af440ced4 Add new OIDs from RFC5753 
Add OIDs for KDF schemes from RFC5753 and add cross references for
each type and the appropriate digest to use.
 2013-07-17 21:45:00 +01:00
Dr. Stephen Henson e423c360fd Add new OID to pSpecified from PKCS#1 2013-06-21 21:33:00 +01:00
Andy Polyakov 8a97a33063 Add AES-SHA256 stitch. 2013-05-13 22:49:58 +02:00
Dr. Stephen Henson b36bab7812 PR: 2239 
Submitted by: Dominik Oepen <oepen@informatik.hu-berlin.de>

Add Brainpool curves from RFC5639.

Original patch by Annie Yousar <a.yousar@informatik.hu-berlin.de>
 2012-04-22 13:06:51 +00:00
Dr. Stephen Henson b333905011 incomplete provisional OAEP CMS decrypt support 2012-01-02 18:25:37 +00:00
Dr. Stephen Henson afb14cda8c Initial experimental support for X9.42 DH parameter format to handle 
RFC5114 parameters and X9.42 DH public and private keys.
 2011-12-07 00:32:34 +00:00
Andy Polyakov c608171d9c Add RC4-MD5 and AESNI-SHA1 "stitched" implementations. 2011-08-23 20:51:38 +00:00
Dr. Stephen Henson 32a2d8ddfe Provisional AES XTS support. 2011-04-12 23:21:33 +00:00
Dr. Stephen Henson ff04bbe363 Add PSS algorithm printing. This is an initial step towards full PSS support. 
Uses ASN1 module in Martin Kaiser's PSS patch.
 2010-03-06 19:55:25 +00:00
Dr. Stephen Henson df4c395c6d add anyExtendedKeyUsage OID 2010-02-24 15:53:58 +00:00
Andy Polyakov e5a4de9e44 Add assigned OIDs, as well as "anonymous" ones for AES counter mode. 2010-02-23 16:47:17 +00:00
Dr. Stephen Henson c8ef656df2 Make CMAC API similar to HMAC API. Add methods for CMAC. 2010-02-08 15:31:35 +00:00
Dr. Stephen Henson cab6de03a2 PR: 2149 
Submitted by: Douglas Stebila <douglas@stebila.ca>

Fix wap OIDs.
 2010-01-25 16:07:42 +00:00
Dr. Stephen Henson f2334630a7 Add OID for PWRI KEK algorithm. 2009-11-25 22:07:49 +00:00
Dr. Stephen Henson ddcfc25a6d Update from stable branch. 2009-03-25 19:02:22 +00:00
Dr. Stephen Henson df0681e554 Add permanentIdentifier OID. 2008-10-22 18:48:11 +00:00
Dr. Stephen Henson 249a77f5fb Add support for freshest CRL extension. 2008-08-27 15:52:05 +00:00
Dr. Stephen Henson 8528128b2a Update from stable branch. 2008-06-26 23:27:31 +00:00
Dr. Stephen Henson 3247812e34 Since OID NIDs with 0.9.8. 2008-04-02 10:48:34 +00:00
Dr. Stephen Henson 054307e7ed Allow alternate eContentType oids to be set in cms utility. 
Add id-ct-asciiTextWithCRLF OID.

Give more meaninful error message is attempt to use key ID from a certificate
without a key ID.
 2008-03-19 19:34:30 +00:00
Dr. Stephen Henson 16fe5f8b50 Produce meaningful error if sanity check fails. 
Delete trailing whitespace from objects.txt

Delete duplicate NIDs.
 2008-03-19 17:01:12 +00:00
Dr. Stephen Henson c36e936b60 Partial support for KEKRecipientInfo type. 2008-03-17 18:11:27 +00:00
Dr. Stephen Henson b510d77535 We already have an object for "zlib compression" but it was a place 
holder and its actual encoding never used.

Just as well because it's value looks like it was made up in the mists of
time...

Now there is a registered value for zlib compression (used in S/MIME
compressedData content type) use that instead.
 2008-02-29 14:24:52 +00:00
Dr. Stephen Henson 400ca0e467 Add OIDs for compressedData content type and zlib compression. 2008-02-12 13:48:10 +00:00
Dr. Stephen Henson 1ad6a1b5e9 Rebuild OID database: duplicates got in there somehow?? 2007-11-23 00:34:00 +00:00
Dr. Stephen Henson 6e150083bb Fix from stable branch. 2007-11-23 00:19:24 +00:00
Dr. Stephen Henson 98d8baabbd Add caRepository OID and sync object NIDs with OpenSSL 0.9.8. 2007-11-23 00:14:59 +00:00
Lutz Jänicke 86140095b5 Add OIDs by CMP (RFC 4210) and CRMF (RFC 4211) 
Submitted by: Martin Peylo <martinmeis@googlemail.com>
 2007-11-01 08:24:56 +00:00
Andy Polyakov 26f0cf69d3 Constify obj_dat.[ch], as well as minimize linker relocations. 2007-09-18 21:05:21 +00:00
Dr. Stephen Henson 81025661a9 Update ssl code to support digests other than MD5+SHA1 in handshake. 
Submitted by: Victor B. Wagner <vitus@cryptocom.ru>
 2007-08-31 12:42:53 +00:00
Bodo Möller 96afc1cfd5 Add SEED encryption algorithm. 
PR: 1503
Submitted by: KISA
Reviewed by: Bodo Moeller
 2007-04-23 23:48:59 +00:00
Dr. Stephen Henson 74633553a9 Experimental HMAC support via EVP_PKEY_METHOD. 2007-04-11 12:33:06 +00:00
Dr. Stephen Henson 9981a51e42 Stage 1 GOST ciphersuite support. 
Submitted by: ran@cryptocom.ru
Reviewed by: steve@openssl.org
 2007-03-23 17:04:05 +00:00
Nils Larsch 357d5de5b9 add support for DSA with SHA2 2007-02-03 14:41:12 +00:00
Nils Larsch 06e2dd037e add support for ecdsa-with-sha256 etc. 2006-12-20 08:58:54 +00:00
Dr. Stephen Henson 5de3a0ff3d Sync OID NIDs with OpenSSL 0.9.8. 2006-12-06 13:44:21 +00:00
Nils Larsch b0eedd77f6 add "Certificate Issuer" and "Subject Directory Attributes" OIDs 
PR: 1433
 2006-12-04 18:51:06 +00:00
Bodo Möller f3dea9a595 Camellia cipher, contributed by NTT 
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
 2006-06-09 15:44:59 +00:00
Dr. Stephen Henson 1631d5f9b9 HMAC OIDs from RFC4231. 2006-05-17 12:27:45 +00:00
Dr. Stephen Henson 856640b54f Extend PBE code to support non default PKCS#5 v2.0 PRFs. 2006-05-14 18:40:53 +00:00
Dr. Stephen Henson d202709808 Add OID cross reference table. 
Fix some typos in GOST OIDs.

Update dependencies.
 2006-04-18 23:36:07 +00:00
Dr. Stephen Henson 29da3ade3c Rebuild mac table to avoid duplicates. 2006-04-05 12:09:09 +00:00
Dr. Stephen Henson de908d6319 Typos in a few OID names. 2006-04-05 12:06:32 +00:00
Dr. Stephen Henson 5e0e9fce5d Minor object name edit. 2006-04-05 11:29:31 +00:00
Dr. Stephen Henson 228b4e426b Update and add last (?) set of GOST OIDs. 2006-04-04 15:53:21 +00:00
Dr. Stephen Henson 362ab3e4f9 More GOST OIDs 2006-04-02 13:22:39 +00:00
Dr. Stephen Henson 2aed84d16b Add GOST parameter set OIDs. 2006-04-02 03:01:27 +00:00
Dr. Stephen Henson 5a47825ece Fix gost OIDs. 2006-03-31 10:57:32 +00:00
Dr. Stephen Henson 74e564cd46 Add some GOST OIDs. 2006-03-29 13:02:21 +00:00
Andy Polyakov f106fb85d4 Add Whirlpool OID. 2005-11-28 20:51:46 +00:00
Nils Larsch 5f10073c95 fix typo in sbgp names 
PR: 1194
 2005-09-02 21:23:25 +00:00
Nils Larsch 8215e7a938 fix warnings when building openssl with the following compiler options: 
-Wmissing-prototypes -Wcomment -Wformat -Wimplicit -Wmain -Wmultichar
        -Wswitch -Wshadow -Wtrigraphs -Werror -Wchar-subscripts
        -Wstrict-prototypes -Wreturn-type -Wpointer-arith  -W -Wunused
        -Wno-unused-parameter -Wuninitialized
 2005-08-28 22:49:57 +00:00
Dr. Stephen Henson 231493c93c Initial print only support for IDP CRL extension. 2005-07-23 23:33:06 +00:00
Ben Laurie 45d8574b93 Fix warnings. 2005-06-29 10:25:06 +00:00
Andy Polyakov ce92b6eb9c Further BUILDENV refinement, further fool-proofing of Makefiles and 
[most importantly] put back dependencies accidentaly eliminated in
check-in #13342.
 2005-05-16 16:55:47 +00:00
Richard Levitte 6951c23afd Add functionality needed to process proxy certificates. 2004-12-28 00:21:35 +00:00
Dr. Stephen Henson 8544a80776 Add couple of OIDs. Resync NIDs for consistency with 0.9.7. 2004-12-01 18:09:53 +00:00
Richard Levitte 914d36ba19 make update 2004-05-31 13:16:08 +00:00
Dr. Stephen Henson edec614efd Support for inhibitAnyPolicy extension. 2004-03-08 13:56:31 +00:00
Richard Levitte 8d1ebe0bd1 Add the missing parts for DES CFB1 and CFB8. 
Add the corresponding AES parts while I'm at it.
make update
 2004-01-28 19:05:35 +00:00
Richard Levitte 0d78bc3356 Add IPSec/IKE/Oakley curves. 
PR: 768
Submitted by: Vadim Fedukovich <vf@unity.net>
 2003-11-29 09:25:59 +00:00
Bodo Möller 968766cad8 updates for draft-ietf-tls-ecc-03.txt 
Submitted by: Douglas Stebila
Reviewed by: Bodo Moeller
 2003-07-22 12:34:21 +00:00
Richard Levitte c89f31def0 make update 2003-06-26 10:27:11 +00:00
Dr. Stephen Henson 1c2d141238 Name Constraints OID. 2003-03-24 00:56:09 +00:00
Dr. Stephen Henson 6f528cac5a Typo: OID should be policyMappings 2003-03-20 17:14:27 +00:00
Dr. Stephen Henson ba5df66a8b Add some OIDs. 2003-03-13 23:37:55 +00:00
Bodo Möller 54d4f8c320 undo part of a recent change: it's "surname", not "surName" 
(see X.520 aka ISO/IEC 9594-6)
 2003-01-13 15:52:04 +00:00
Richard Levitte c9ecb1edd8 Keep the internal lowercase 'surname', for programmer's sake. 2002-12-20 09:39:34 +00:00
Richard Levitte 8baf5fdca0 Be consistent with capitalisation of object names. 2002-12-20 09:24:17 +00:00
Richard Levitte 6dc78bf7e8 make update 2002-11-15 11:20:43 +00:00
Bodo Möller 16dc1cfb5c Add more WAP/WTLS elliptic curve OIDs. 
Submitted by: Douglas Stebila <douglas.stebila@sun.com>
 2002-08-02 12:28:34 +00:00
Lutz Jänicke 82869b3c8d Add OIDs for Secure Electronic Transactions (SET) 
Submitted by: Vadim Fedukovich <vf@unity.net>
Reviewed by: Lutz Jaenicke
PR: 80
 2002-06-13 11:52:56 +00:00
Lutz Jänicke 345731731a New OID for X509 usage: pseudonym 
Submitted by: Michael Bell <michael.bell@rz.hu-berlin.de>
Reviewed by: Lutz Jaenicke
PR: 83
 2002-06-06 07:33:00 +00:00
Lutz Jänicke f1e6643751 Add generationQualifier OID (proposed by Fiel Cabral). 2002-04-25 18:03:13 +00:00
Lutz Jänicke ea7fc0311c Use the "mail" short name according to RFC2798 (Michael Bell 
<michael.bell@rz.hu-berlin.de>).
 2002-04-15 13:30:41 +00:00