wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
19468 commits 20 branches 302 tags 153 MiB
Commit graph

124 commits

Author SHA1 Message Date
Pauli
d42d0a4dc7 Implementation of the ARIA cipher as described in RFC 5794. 
This implementation is written in endian agnostic C code. No attempt
at providing machine specific assembly code has been made. This
implementation expands the evptests by including the test cases from
RFC 5794 and ARIA official site rather than providing an individual
test case. Support for ARIA has been integrated into the command line
applications, but not TLS. Implemented modes are CBC, CFB1, CFB8,
CFB128, CTR, ECB and OFB128.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2337)
 2017-02-21 11:51:45 +01:00
Dr. Stephen Henson
7114af3054 Add NID_auth_any and NID_kx_any NIDs. 
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2550)
 2017-02-08 02:16:26 +00:00
Todd Short
3f5616d734 Add support for parameterized SipHash 
The core SipHash supports either 8 or 16-byte output and a configurable
number of rounds.
The default behavior, as added to EVP, is to use 16-byte output and
2,4 rounds, which matches the behavior of most implementations.
There is an EVP_PKEY_CTRL that can control the output size.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2216)
 2017-02-01 14:14:36 -05:00
Todd Short
52ad5b60e3 Add support for Poly1305 in EVP_PKEY 
Add Poly1305 as a "signed" digest.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2128)
 2017-01-24 15:40:37 +01:00
Dr. Stephen Henson
4950f8885c Use OIDs from draft-ietf-curdle-pkix-02 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-08-13 14:11:04 +01:00
Wim Lewis
505aee296d Additional CMS content types from RFC 4073, RFC 5083, and RFC 5084. 
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1355)
 2016-08-01 09:33:12 -04:00
Kurt Roeckx
208527a75d Review comments 
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-03-11 10:39:10 -05:00
Bill Cox
2d0b441267 Add blake2 support. 
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-03-11 10:39:10 -05:00
Todd Short
3ec13237f0 Add cipher query functions 
Add functions to determine authentication, key-exchange, FIPS and AEAD.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2016-03-08 09:19:15 -05:00
Alessandro Ghedini
aacfb134be GH355: Implement HKDF 
This patch implements the HMAC-based Extract-and-Expand Key Derivation
Function (HKDF) as defined in RFC 5869.

It is required to implement the QUIC and TLS 1.3 protocols (among others).

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2016-03-03 18:21:20 -05:00
Dr. Stephen Henson
899cf48f17 Rename OIDs. 
Use standard X25519 and X448 names for OIDs. Delete EdDSA OIDs: for now they
wont be used and EdDSA may use a different format.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
 2016-02-28 22:54:53 +00:00
Dr. Stephen Henson
d848944848 Add Curve OIDs from draft-josefsson-pkix-newcurves 
Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-02-04 14:08:34 +00:00
Rich Salz
d9f7772674 RT2752: Add some EKU OID's 
And some others found in the Internet.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
 2016-02-03 23:33:55 -05:00
Rich Salz
b5c5a97141 RT2353: Add ipsec IKE OID 
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
 2016-02-02 14:41:06 -05:00
Dr. Stephen Henson
1eff3485b6 Add TLS PRF method. 
Add EVP_PKEY algorithm for TLS1 PRF.

Reviewed-by: Matt Caswell <matt@openssl.org>
 2016-01-19 14:00:32 +00:00
Rob Stradling
ba67253db1 Support the TLS Feature (aka Must Staple) X.509v3 extension (RFC7633). 
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

GH: #495, MR: #1435
 2015-12-10 19:27:40 +01:00
Andy Polyakov
72bb2f64fc Add ChaCha20-Poly1305 and ChaCha20 NIDs. 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-12-10 11:59:49 +01:00
Dmitry Belyavskiy
52ee3ed3a1 New cipher and cipher modes standardized in Russia 
This change introduces short names and NIDs for Russian GOST ciphers
according to GOST R 34.13-2015

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2015-10-05 21:55:10 +01:00
Dmitry Belyavsky
31001f8131 Add new GOST OIDs 
Add new OIDs for latest GOST updates

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
 2015-08-17 15:34:30 +01:00
Dr. Stephen Henson
96b96d6c45 Add scrypt OID from draft-josefsson-scrypt-kdf-03 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2015-05-21 12:48:02 +01:00
Richard Levitte
12048657a9 ZLIB compression deserves a better comment 
What could be better than to refer to the RFC that defines it?

Reviewed-by: Stephen Henson <steve@openssl.org>
 2015-05-06 02:07:58 +02:00
Richard Levitte
3c161d081e Remove the last traces of the fake RLE compression 
Reviewed-by: Matt Caswell <matt@openssl.org>
 2015-05-05 21:48:43 +02:00
Rich Salz
8332f91cc0 fix various typo's 
https://github.com/openssl/openssl/pull/176 (CHANGES)
 https://rt.openssl.org/Ticket/Display.html?id=3545 (objects.txt)
 https://rt.openssl.org/Ticket/Display.html?id=3796 (verify.pod)

Reviewed-by: Tim Hudson <tjh@openssl.org>
 2015-05-03 08:50:34 -04:00
Rich Salz
c81f425eaa RT937: Enable pilotAttributeType uniqueIdentifier 
Reviewed-by: Richard Levitte <levitte@openssl.org>
 2015-02-12 14:38:31 -05:00
Andy Polyakov
c79e17731f Add more Camellia OIDs. 
Reviewed-by: Rich Salz <rsalz@openssl.org>
 2015-02-11 20:28:47 +01:00
Matt Caswell
e6b336efa3 Add EVP support for OCB mode 
Reviewed-by: Tim Hudson <tjh@openssl.org>
 2014-12-08 10:28:34 +00:00
Rob Stradling
52f71f8181 CABForum EV OIDs for Subject Jurisdiction of Incorporation or Registration. 2014-02-26 15:33:11 +00:00
Rob Stradling
dcfe8df148 Show the contents of the RFC6962 Signed Certificate Timestamp List Certificate/OCSP Extensions. 
Add the RFC6962 OIDs to the objects table.
 2014-02-14 23:24:35 +00:00
Dr. Stephen Henson
6af440ced4 Add new OIDs from RFC5753 
Add OIDs for KDF schemes from RFC5753 and add cross references for
each type and the appropriate digest to use.
 2013-07-17 21:45:00 +01:00
Dr. Stephen Henson
e423c360fd Add new OID to pSpecified from PKCS#1 2013-06-21 21:33:00 +01:00
Andy Polyakov
8a97a33063 Add AES-SHA256 stitch. 2013-05-13 22:49:58 +02:00
Dr. Stephen Henson
b36bab7812 PR: 2239 
Submitted by: Dominik Oepen <oepen@informatik.hu-berlin.de>

Add Brainpool curves from RFC5639.

Original patch by Annie Yousar <a.yousar@informatik.hu-berlin.de>
 2012-04-22 13:06:51 +00:00
Dr. Stephen Henson
b333905011 incomplete provisional OAEP CMS decrypt support 2012-01-02 18:25:37 +00:00
Dr. Stephen Henson
afb14cda8c Initial experimental support for X9.42 DH parameter format to handle 
RFC5114 parameters and X9.42 DH public and private keys.
 2011-12-07 00:32:34 +00:00
Andy Polyakov
c608171d9c Add RC4-MD5 and AESNI-SHA1 "stitched" implementations. 2011-08-23 20:51:38 +00:00
Dr. Stephen Henson
32a2d8ddfe Provisional AES XTS support. 2011-04-12 23:21:33 +00:00
Dr. Stephen Henson
ff04bbe363 Add PSS algorithm printing. This is an initial step towards full PSS support. 
Uses ASN1 module in Martin Kaiser's PSS patch.
 2010-03-06 19:55:25 +00:00
Dr. Stephen Henson
df4c395c6d add anyExtendedKeyUsage OID 2010-02-24 15:53:58 +00:00
Andy Polyakov
e5a4de9e44 Add assigned OIDs, as well as "anonymous" ones for AES counter mode. 2010-02-23 16:47:17 +00:00
Dr. Stephen Henson
c8ef656df2 Make CMAC API similar to HMAC API. Add methods for CMAC. 2010-02-08 15:31:35 +00:00
Dr. Stephen Henson
cab6de03a2 PR: 2149 
Submitted by: Douglas Stebila <douglas@stebila.ca>

Fix wap OIDs.
 2010-01-25 16:07:42 +00:00
Dr. Stephen Henson
f2334630a7 Add OID for PWRI KEK algorithm. 2009-11-25 22:07:49 +00:00
Dr. Stephen Henson
ddcfc25a6d Update from stable branch. 2009-03-25 19:02:22 +00:00
Dr. Stephen Henson
df0681e554 Add permanentIdentifier OID. 2008-10-22 18:48:11 +00:00
Dr. Stephen Henson
249a77f5fb Add support for freshest CRL extension. 2008-08-27 15:52:05 +00:00
Dr. Stephen Henson
8528128b2a Update from stable branch. 2008-06-26 23:27:31 +00:00
Dr. Stephen Henson
054307e7ed Allow alternate eContentType oids to be set in cms utility. 
Add id-ct-asciiTextWithCRLF OID.

Give more meaninful error message is attempt to use key ID from a certificate
without a key ID.
 2008-03-19 19:34:30 +00:00
Dr. Stephen Henson
16fe5f8b50 Produce meaningful error if sanity check fails. 
Delete trailing whitespace from objects.txt

Delete duplicate NIDs.
 2008-03-19 17:01:12 +00:00
Dr. Stephen Henson
c36e936b60 Partial support for KEKRecipientInfo type. 2008-03-17 18:11:27 +00:00
Dr. Stephen Henson
b510d77535 We already have an object for "zlib compression" but it was a place 
holder and its actual encoding never used.

Just as well because it's value looks like it was made up in the mists of
time...

Now there is a registered value for zlib compression (used in S/MIME
compressedData content type) use that instead.
 2008-02-29 14:24:52 +00:00