Rich Salz
7644a9aef8
Rename some BUF_xxx to OPENSSL_xxx
...
Rename BUF_{strdup,strlcat,strlcpy,memdup,strndup,strnlen}
to OPENSSL_{strdup,strlcat,strlcpy,memdup,strndup,strnlen}
Add #define's for the old names.
Add CRYPTO_{memdup,strndup}, called by OPENSSL_{memdup,strndup} macros.
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-12-16 16:14:49 -05:00
Dr. Stephen Henson
2c61a5ecca
Constify EC_KEY in ECDH_compute_key.
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-16 14:17:53 +00:00
Dr. Stephen Henson
57be4444c6
Remove SSL_OP_SINGLE_ECDH_USE code.
...
Since auto ecdh is now always used SSL_OP_SINGLE_ECDH_USE is
redundant. Simplify associated code.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-16 14:17:53 +00:00
Dr. Stephen Henson
981bd8a2f2
New EC functions.
...
New functions EC_POINT_point2buf and EC_KEY_key2buf which encode
a point and allocate a buffer in one call.
New function EC_KEY_oct2key() which sets public key in an EC_KEY
structure from an encoded point.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-16 14:17:53 +00:00
Rich Salz
2ab9687479
Remove GMP engine.
...
Reviewed-by: Ben Laurie <ben@openssl.org>
2015-12-15 07:59:56 -05:00
Dr. Stephen Henson
c01ff880d4
New function X509_get0_pubkey
...
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2015-12-14 23:06:14 +00:00
Dr. Stephen Henson
2872dbe1c4
Add EVP_PKEY_get0_* functions.
...
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2015-12-14 23:06:14 +00:00
Dr. Stephen Henson
7538cb82f9
remove ancient SSLeay bug workaround
...
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-13 00:43:43 +00:00
Richard Levitte
601ab3151f
Adapt PEM routines to the opaque EVP_ENCODE_CTX
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-11 16:18:01 +01:00
Richard Levitte
a0be4fd17b
Make EVP_ENCODE_CTX opaque
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-11 16:18:01 +01:00
Rob Stradling
ba67253db1
Support the TLS Feature (aka Must Staple) X.509v3 extension (RFC7633).
...
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
GH: #495 , MR: #1435
2015-12-10 19:27:40 +01:00
Viktor Dukhovni
f8137a62d9
Restore full support for EVP_CTX_create() etc.
...
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-10 11:05:07 -05:00
Matt Caswell
278d6b3663
Prepare for 1.1.0-pre2-dev
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-10 14:24:22 +00:00
Matt Caswell
22c21b60af
Prepare for 1.1.0-pre1 release
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-10 14:23:10 +00:00
Matt Caswell
ac7f47dce1
OpenSSL 1.1.0 is now in pre release
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-10 14:21:59 +00:00
Andy Polyakov
bd30091c97
x86[_64] assembly pack: add optimized AES-NI OCB subroutines.
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-10 13:11:26 +01:00
Andy Polyakov
a76ba82ccb
Wire ChaCha20-Poly1305 to TLS.
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-10 12:05:30 +01:00
Andy Polyakov
bd989745b7
crypto/evp: add e_chacha20_poly1305.c.
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-10 12:00:29 +01:00
Andy Polyakov
72bb2f64fc
Add ChaCha20-Poly1305 and ChaCha20 NIDs.
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-10 11:59:49 +01:00
Richard Levitte
f8d3ab4928
Move the definitions of EC_KEY and EC_KEY_METHOD to ossl_typ.h
...
Most of all, that has inclusion of openssl/engine.h work even if EC
has been disabled. This is the same as has been done for DH, DSA, RSA
and more...
Reviewed-by: Stephen Henson <steve@openssl.org>
2015-12-09 23:56:57 +01:00
Dr. Stephen Henson
970e7b5bf8
add compatibility headers
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:20 +00:00
Dr. Stephen Henson
7bb75a5d08
add block comment
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:20 +00:00
Dr. Stephen Henson
f8d7d2d6df
EC_KEY_METHOD accessors.
...
Set of accessors to set and get each field.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:19 +00:00
Dr. Stephen Henson
89313de5cb
make errors
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:19 +00:00
Dr. Stephen Henson
7d711cbc33
Engine EC_KEY_METHOD functionality.
...
Rename ENGINE _EC_KEY functions to _EC.
Add support for EC_KEY_METHOD in ENGINE_set_default et al. Copy
ec_meth.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:19 +00:00
Dr. Stephen Henson
1eb97c3ecd
remove ECDSA_METHOD from ENGINE
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:19 +00:00
Dr. Stephen Henson
c8bfd40a92
remove ECDSA_METHOD typedef
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:19 +00:00
Dr. Stephen Henson
180eec1666
add missing prototypes
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:19 +00:00
Dr. Stephen Henson
fb29bb5926
remove ecdsa.h header
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:19 +00:00
Dr. Stephen Henson
cf517a6d3d
add ECDSA_size to ec_asn1.c
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:19 +00:00
Dr. Stephen Henson
6e73d12e76
return errors for unsupported operations
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:19 +00:00
Dr. Stephen Henson
bd3602eb89
Move and adapt ECDSA sign and verify functions.
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:18 +00:00
Dr. Stephen Henson
7236e3c8f7
Add ECDSA_SIG accessor.
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:18 +00:00
Dr. Stephen Henson
ef5b2ba6fb
move ECDSA_SIG prototypes
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:18 +00:00
Dr. Stephen Henson
8c661f76b6
make errors
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:18 +00:00
Dr. Stephen Henson
714b2abb29
move ECDSA_SIG definition
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:18 +00:00
Dr. Stephen Henson
1e8622297d
remove ECDH_METHOD typedef
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:18 +00:00
Dr. Stephen Henson
30243c9523
remove ecdh.h header
...
Remove redundant ecdh.h header and any references to it.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:18 +00:00
Dr. Stephen Henson
f517ffbb83
remove ECDH_METHOD from ENGINE
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:17 +00:00
Dr. Stephen Henson
53e3189d0c
make errors
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:17 +00:00
Dr. Stephen Henson
a22a7e7089
Add compute key support to EC_KEY_METHOD
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:17 +00:00
Dr. Stephen Henson
768c53e1b6
Move ECDH_KDF_X9_62 to crypto/ec
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:17 +00:00
Dr. Stephen Henson
5a6a1029d2
EC_KEY_METHOD keygen support.
...
Add keygen to EC_KEY_METHOD. Redirect EC_KEY_generate_key through
method and set the current EC key generation function as the default.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:17 +00:00
Dr. Stephen Henson
d2fa70d82b
make errors
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:17 +00:00
Dr. Stephen Henson
28572b577c
Support for EC_KEY_METHOD.
...
Add EC_KEY_METHOD. This is part of the EC revision and will make EC behave
more like other algorithms. Specifically:
EC_KEY_METHOD is part of EC_KEY.
It is part of ENGINE.
Default or key specific implementations can be provided to redirect some
or all operations.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:17 +00:00
Dr. Stephen Henson
4160936143
update errors
...
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-08 16:32:39 +00:00
Dr. Stephen Henson
e7f0d9210c
Extended master secret fixes and checks.
...
Add new flag TLS1_FLAGS_RECEIVED_EXTMS which is set when the peer sends
the extended master secret extension.
Server now sends extms if and only if the client sent extms.
Check consistency of extms extension when resuming sessions following (where
practical) RFC7627.
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-08 16:32:39 +00:00
Matt Caswell
686cf15e9d
Fix merge error
...
Commit 6140f0365
added some new ctrl constants. However due to a
merge error one of these values was duplicated with an existing
value.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-08 13:00:59 +00:00
Dmitry Belyavskiy
6140f03653
Add some new cipher ctrl constants
...
These are needed for GOST
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-08 11:56:39 +00:00
Richard Levitte
dc0099e1dd
Cleanup: rename HMAC_CTX_init to HMAC_CTX_reset
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-07 17:40:20 +01:00