Commit graph

143 commits

Author SHA1 Message Date
Jack Lloyd
3d328a445c Add SM2 signature and ECIES schemes
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4793)
2018-03-19 14:33:25 +01:00
Pauli
5cd42251ba Missings OIDs for XTS added.
Added two missing OIDs for AES-{128,256}-XTS.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5622)
2018-03-15 11:09:20 +10:00
gmile
e45b4dd292 Add OIDs for DSTU-4145
Original source:
2c5fc4c92b

Full list of OIDs is available on related enactment page
at http://zakon2.rada.gov.ua/laws/show/z0423-17

CLA: trivial

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5216)
2018-03-12 12:57:26 -04:00
Sergey Zhuravlev
3b5e517200 Add GOST OIDs for Edwards parameter sets
Add OIDs for parameter sets of Edwards elliptic curves.

CLA: trivial

Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5380)
2018-03-07 13:14:59 -05:00
Pauli
4bed94f0c1 SHA512/224 and SHA512/256
Support added for these two digests, available only via the EVP interface.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5093)
2018-01-24 07:09:46 +10:00
Josh Soref
46f4e1bec5 Many spelling fixes/typo's corrected.
Around 138 distinct errors found and fixed; thanks!

Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3459)
2017-11-11 19:03:10 -05:00
Jack Lloyd
a0c3e4fa90 SM3: Add SM3 hash function
SM3 is a secure hash function which is part of the Chinese
"Commercial Cryptography" suite of algorithms which use is
required for certain commercial applications in China.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4616)
2017-11-06 07:21:11 +08:00
Ronald Tse
f19a5ff9ab SM4: Add SM4 block cipher to EVP
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/4552)
2017-10-31 15:19:14 +10:00
Michael Richardson
fdc83a7c50 added cmcCA and cmcRA as per rfc6402, capitalized per RFC7030 author
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4378)
2017-10-16 14:56:14 -04:00
Dr. Stephen Henson
b6eae14704 Add objects for RFC7919 parameters
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4485)
2017-10-12 02:40:30 +01:00
Andy Polyakov
f9f3e17533 objects/objects.txt: fix RSA-SHA3-284 typo.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2017-09-11 22:17:02 +02:00
Jon Spillett
bc32673869 Implement Aria GCM/CCM Modes and TLS cipher suites
AEAD cipher mode implementation is based on that used for AES:

  https://tools.ietf.org/html/rfc5116

TLS GCM cipher suites as specified in:

  https://tools.ietf.org/html/rfc6209

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4287)
2017-08-30 12:33:53 +02:00
Johannes Bauer
cefa762ee5 Add interface to the scrypt KDF by means of PKEY_METHOD
Add an interface that allows accessing the scrypt KDF as a PKEY_METHOD.
This fixes #4021 (at least for the scrypt portion of the issue).

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Stephen Henson <steve@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4026)
2017-08-08 15:44:49 +01:00
Andy Polyakov
4811746f07 objects/objects.txt: add SHA3 OIDs.
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/3643)
2017-07-03 23:49:20 +02:00
FdaSilvaYY
0c9d6818c8 Declare a new x509v3 extension: x509ExtAdmission
Reviewed-by: Stephen Henson <steve@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2759)
2017-06-20 09:25:30 -04:00
Erwann Abalea
4a8ab10dd2 Add some OID's from X.520
CLA: trivial

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3590)
2017-05-31 13:33:20 -04:00
Dr. Stephen Henson
9691a749c8 Add EdDSA algorithm OIDs from draft-ietf-curdle-pkix-04
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3503)
2017-05-30 20:38:19 +01:00
Marek Klein
e92947d8d9 fixing incorrect OID of signingCertificateV2
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3538)
2017-05-29 18:23:29 -04:00
Marek Klein
f0ef20bf38 Added support for ESSCertIDv2
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/771)
2017-05-03 09:04:23 +02:00
Pauli
d42d0a4dc7 Implementation of the ARIA cipher as described in RFC 5794.
This implementation is written in endian agnostic C code. No attempt
at providing machine specific assembly code has been made. This
implementation expands the evptests by including the test cases from
RFC 5794 and ARIA official site rather than providing an individual
test case. Support for ARIA has been integrated into the command line
applications, but not TLS. Implemented modes are CBC, CFB1, CFB8,
CFB128, CTR, ECB and OFB128.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2337)
2017-02-21 11:51:45 +01:00
Dr. Stephen Henson
7114af3054 Add NID_auth_any and NID_kx_any NIDs.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2550)
2017-02-08 02:16:26 +00:00
Todd Short
3f5616d734 Add support for parameterized SipHash
The core SipHash supports either 8 or 16-byte output and a configurable
number of rounds.
The default behavior, as added to EVP, is to use 16-byte output and
2,4 rounds, which matches the behavior of most implementations.
There is an EVP_PKEY_CTRL that can control the output size.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2216)
2017-02-01 14:14:36 -05:00
Todd Short
52ad5b60e3 Add support for Poly1305 in EVP_PKEY
Add Poly1305 as a "signed" digest.

Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2128)
2017-01-24 15:40:37 +01:00
Dr. Stephen Henson
4950f8885c Use OIDs from draft-ietf-curdle-pkix-02
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-08-13 14:11:04 +01:00
Wim Lewis
505aee296d Additional CMS content types from RFC 4073, RFC 5083, and RFC 5084.
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1355)
2016-08-01 09:33:12 -04:00
Kurt Roeckx
208527a75d Review comments
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-11 10:39:10 -05:00
Bill Cox
2d0b441267 Add blake2 support.
Reviewed-by: Andy Polyakov <appro@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-11 10:39:10 -05:00
Todd Short
3ec13237f0 Add cipher query functions
Add functions to determine authentication, key-exchange, FIPS and AEAD.

Reviewed-by: Emilia Käsper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
2016-03-08 09:19:15 -05:00
Alessandro Ghedini
aacfb134be GH355: Implement HKDF
This patch implements the HMAC-based Extract-and-Expand Key Derivation
Function (HKDF) as defined in RFC 5869.

It is required to implement the QUIC and TLS 1.3 protocols (among others).

Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-03-03 18:21:20 -05:00
Dr. Stephen Henson
899cf48f17 Rename OIDs.
Use standard X25519 and X448 names for OIDs. Delete EdDSA OIDs: for now they
wont be used and EdDSA may use a different format.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Emilia Käsper <emilia@openssl.org>
2016-02-28 22:54:53 +00:00
Dr. Stephen Henson
d848944848 Add Curve OIDs from draft-josefsson-pkix-newcurves
Reviewed-by: Matt Caswell <matt@openssl.org>
2016-02-04 14:08:34 +00:00
Rich Salz
d9f7772674 RT2752: Add some EKU OID's
And some others found in the Internet.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2016-02-03 23:33:55 -05:00
Rich Salz
b5c5a97141 RT2353: Add ipsec IKE OID
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2016-02-02 14:41:06 -05:00
Dr. Stephen Henson
1eff3485b6 Add TLS PRF method.
Add EVP_PKEY algorithm for TLS1 PRF.

Reviewed-by: Matt Caswell <matt@openssl.org>
2016-01-19 14:00:32 +00:00
Rob Stradling
ba67253db1 Support the TLS Feature (aka Must Staple) X.509v3 extension (RFC7633).
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>

GH: #495, MR: #1435
2015-12-10 19:27:40 +01:00
Andy Polyakov
72bb2f64fc Add ChaCha20-Poly1305 and ChaCha20 NIDs.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-10 11:59:49 +01:00
Dmitry Belyavskiy
52ee3ed3a1 New cipher and cipher modes standardized in Russia
This change introduces short names and NIDs for Russian GOST ciphers
according to GOST R 34.13-2015

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-10-05 21:55:10 +01:00
Dmitry Belyavsky
31001f8131 Add new GOST OIDs
Add new OIDs for latest GOST updates

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-08-17 15:34:30 +01:00
Dr. Stephen Henson
96b96d6c45 Add scrypt OID from draft-josefsson-scrypt-kdf-03
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-05-21 12:48:02 +01:00
Richard Levitte
12048657a9 ZLIB compression deserves a better comment
What could be better than to refer to the RFC that defines it?

Reviewed-by: Stephen Henson <steve@openssl.org>
2015-05-06 02:07:58 +02:00
Richard Levitte
3c161d081e Remove the last traces of the fake RLE compression
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-05-05 21:48:43 +02:00
Rich Salz
8332f91cc0 fix various typo's
https://github.com/openssl/openssl/pull/176 (CHANGES)
 https://rt.openssl.org/Ticket/Display.html?id=3545 (objects.txt)
 https://rt.openssl.org/Ticket/Display.html?id=3796 (verify.pod)

Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-05-03 08:50:34 -04:00
Rich Salz
c81f425eaa RT937: Enable pilotAttributeType uniqueIdentifier
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-02-12 14:38:31 -05:00
Andy Polyakov
c79e17731f Add more Camellia OIDs.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-02-11 20:28:47 +01:00
Matt Caswell
e6b336efa3 Add EVP support for OCB mode
Reviewed-by: Tim Hudson <tjh@openssl.org>
2014-12-08 10:28:34 +00:00
Rob Stradling
52f71f8181 CABForum EV OIDs for Subject Jurisdiction of Incorporation or Registration. 2014-02-26 15:33:11 +00:00
Rob Stradling
dcfe8df148 Show the contents of the RFC6962 Signed Certificate Timestamp List Certificate/OCSP Extensions.
Add the RFC6962 OIDs to the objects table.
2014-02-14 23:24:35 +00:00
Dr. Stephen Henson
6af440ced4 Add new OIDs from RFC5753
Add OIDs for KDF schemes from RFC5753 and add cross references for
each type and the appropriate digest to use.
2013-07-17 21:45:00 +01:00
Dr. Stephen Henson
e423c360fd Add new OID to pSpecified from PKCS#1 2013-06-21 21:33:00 +01:00
Andy Polyakov
8a97a33063 Add AES-SHA256 stitch. 2013-05-13 22:49:58 +02:00