root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity
16,020 Commits 32 Branches 398 Tags 545 MiB
Commit Graph

161 Commits

Author SHA1 Message Date
Kurt Roeckx 208527a75d Review comments 
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-03-11 10:39:10 -05:00
Bill Cox 2d0b441267 Add blake2 support. 
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-03-11 10:39:10 -05:00
Todd Short 3ec13237f0 Add cipher query functions 
Add functions to determine authentication, key-exchange, FIPS and AEAD.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-03-08 09:19:15 -05:00
Alessandro Ghedini aacfb134be GH355: Implement HKDF 
This patch implements the HMAC-based Extract-and-Expand Key Derivation
Function (HKDF) as defined in RFC 5869.

It is required to implement the QUIC and TLS 1.3 protocols (among others).

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2016-03-03 18:21:20 -05:00
Dr. Stephen Henson 899cf48f17 Rename OIDs. 
Use standard X25519 and X448 names for OIDs. Delete EdDSA OIDs: for now they
wont be used and EdDSA may use a different format.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
 2016-02-28 22:54:53 +00:00
Dr. Stephen Henson da15ce2212 update OID tables 
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-02-04 14:10:52 +00:00
Rich Salz d9f7772674 RT2752: Add some EKU OID's 
And some others found in the Internet.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
 2016-02-03 23:33:55 -05:00
Rich Salz b5c5a97141 RT2353: Add ipsec IKE OID 
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2016-02-02 14:41:06 -05:00
Rich Salz ced2c2c598 Templatize util/domd 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2016-01-29 16:56:07 -05:00
Emilia Kasper d8ca44ba41 Always DPURIFY 
The use of the uninitialized buffer in the RNG has no real security
benefits and is only a nuisance when using memory sanitizers.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
 2016-01-29 16:33:13 +01:00
Richard Levitte d20a161f46 Complete the removal of /* foo.c */ comments 
Some files that are automatically generated still had those comments
added by the generating scripts.

Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-01-27 18:42:23 +01:00
Rich Salz 349807608f Remove /* foo.c */ comments 
This was done by the following
        find . -name '*.[ch]' | /tmp/pl
where /tmp/pl is the following three-line script:
        print unless $. == 1 && m@/\* .*\.[ch] \*/@;
        close ARGV if eof; # Close file to reset $.

And then some hand-editing of other files.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
 2016-01-26 16:40:43 -05:00
Dr. Stephen Henson 1eff3485b6 Add TLS PRF method. 
Add EVP_PKEY algorithm for TLS1 PRF.

Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-01-19 14:00:32 +00:00
Rob Stradling ba67253db1 Support the TLS Feature (aka Must Staple) X.509v3 extension (RFC7633). 
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

GH: #495, MR: #1435
 2015-12-10 19:27:40 +01:00
Andy Polyakov 72bb2f64fc Add ChaCha20-Poly1305 and ChaCha20 NIDs. 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-10 11:59:49 +01:00
Dmitry Belyavskiy 52ee3ed3a1 New cipher and cipher modes standardized in Russia 
This change introduces short names and NIDs for Russian GOST ciphers
according to GOST R 34.13-2015

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2015-10-05 21:55:10 +01:00
Dmitry Belyavsky 31001f8131 Add new GOST OIDs 
Add new OIDs for latest GOST updates

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2015-08-17 15:34:30 +01:00
Dr. Stephen Henson 96b96d6c45 Add scrypt OID from draft-josefsson-scrypt-kdf-03 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2015-05-21 12:48:02 +01:00
Richard Levitte 2ed42bf639 make update 
Reviewed-by: Matt Caswell <matt@openssl.org>
 2015-05-05 21:49:51 +02:00
Rich Salz 8332f91cc0 fix various typo's 
https://github.com/openssl/openssl/pull/176 (CHANGES)
 https://rt.openssl.org/Ticket/Display.html?id=3545 (objects.txt)
 https://rt.openssl.org/Ticket/Display.html?id=3796 (verify.pod)

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-05-03 08:50:34 -04:00
Rich Salz c81f425eaa RT937: Enable pilotAttributeType uniqueIdentifier 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-02-12 14:38:31 -05:00
Andy Polyakov c79e17731f Add more Camellia OIDs. 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2015-02-11 20:28:47 +01:00
Matt Caswell e6b336efa3 Add EVP support for OCB mode 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 10:28:34 +00:00
Dr. Stephen Henson abac8e0e08 Rebuild OID table. 2014-06-27 14:35:07 +01:00
Rob Stradling 52f71f8181 CABForum EV OIDs for Subject Jurisdiction of Incorporation or Registration. 2014-02-26 15:33:11 +00:00
Rob Stradling dcfe8df148 Show the contents of the RFC6962 Signed Certificate Timestamp List Certificate/OCSP Extensions. 
Add the RFC6962 OIDs to the objects table.
 2014-02-14 23:24:35 +00:00
Dr. Stephen Henson 7f5fd314c0 Sync OID numbers with 1.0.2 branch. 2013-10-15 11:33:30 +01:00
Dr. Stephen Henson 6af440ced4 Add new OIDs from RFC5753 
Add OIDs for KDF schemes from RFC5753 and add cross references for
each type and the appropriate digest to use.
 2013-07-17 21:45:00 +01:00
Dr. Stephen Henson e423c360fd Add new OID to pSpecified from PKCS#1 2013-06-21 21:33:00 +01:00
Andy Polyakov 8a97a33063 Add AES-SHA256 stitch. 2013-05-13 22:49:58 +02:00
Dr. Stephen Henson b36bab7812 PR: 2239 
Submitted by: Dominik Oepen <oepen@informatik.hu-berlin.de>

Add Brainpool curves from RFC5639.

Original patch by Annie Yousar <a.yousar@informatik.hu-berlin.de>
 2012-04-22 13:06:51 +00:00
Dr. Stephen Henson b333905011 incomplete provisional OAEP CMS decrypt support 2012-01-02 18:25:37 +00:00
Dr. Stephen Henson afb14cda8c Initial experimental support for X9.42 DH parameter format to handle 
RFC5114 parameters and X9.42 DH public and private keys.
 2011-12-07 00:32:34 +00:00
Andy Polyakov c608171d9c Add RC4-MD5 and AESNI-SHA1 "stitched" implementations. 2011-08-23 20:51:38 +00:00
Dr. Stephen Henson 32a2d8ddfe Provisional AES XTS support. 2011-04-12 23:21:33 +00:00
Dr. Stephen Henson ff04bbe363 Add PSS algorithm printing. This is an initial step towards full PSS support. 
Uses ASN1 module in Martin Kaiser's PSS patch.
 2010-03-06 19:55:25 +00:00
Dr. Stephen Henson df4c395c6d add anyExtendedKeyUsage OID 2010-02-24 15:53:58 +00:00
Andy Polyakov e5a4de9e44 Add assigned OIDs, as well as "anonymous" ones for AES counter mode. 2010-02-23 16:47:17 +00:00
Dr. Stephen Henson c8ef656df2 Make CMAC API similar to HMAC API. Add methods for CMAC. 2010-02-08 15:31:35 +00:00
Dr. Stephen Henson cab6de03a2 PR: 2149 
Submitted by: Douglas Stebila <douglas@stebila.ca>

Fix wap OIDs.
 2010-01-25 16:07:42 +00:00
Dr. Stephen Henson f2334630a7 Add OID for PWRI KEK algorithm. 2009-11-25 22:07:49 +00:00
Dr. Stephen Henson ddcfc25a6d Update from stable branch. 2009-03-25 19:02:22 +00:00
Dr. Stephen Henson df0681e554 Add permanentIdentifier OID. 2008-10-22 18:48:11 +00:00
Dr. Stephen Henson 249a77f5fb Add support for freshest CRL extension. 2008-08-27 15:52:05 +00:00
Dr. Stephen Henson 8528128b2a Update from stable branch. 2008-06-26 23:27:31 +00:00
Dr. Stephen Henson 3247812e34 Since OID NIDs with 0.9.8. 2008-04-02 10:48:34 +00:00
Dr. Stephen Henson 054307e7ed Allow alternate eContentType oids to be set in cms utility. 
Add id-ct-asciiTextWithCRLF OID.

Give more meaninful error message is attempt to use key ID from a certificate
without a key ID.
 2008-03-19 19:34:30 +00:00
Dr. Stephen Henson 16fe5f8b50 Produce meaningful error if sanity check fails. 
Delete trailing whitespace from objects.txt

Delete duplicate NIDs.
 2008-03-19 17:01:12 +00:00
Dr. Stephen Henson c36e936b60 Partial support for KEKRecipientInfo type. 2008-03-17 18:11:27 +00:00
Dr. Stephen Henson b510d77535 We already have an object for "zlib compression" but it was a place 
holder and its actual encoding never used.

Just as well because it's value looks like it was made up in the mists of
time...

Now there is a registered value for zlib compression (used in S/MIME
compressedData content type) use that instead.
 2008-02-29 14:24:52 +00:00