Commit graph

11776 commits

Author SHA1 Message Date
Andy Polyakov
72a158703b crypto/bn/asm/x86_64-mont.pl: minor optimization. 2013-09-09 21:40:33 +02:00
Dr. Stephen Henson
ce4555967e Remove ancient PATENTS section and FAQ reference. 2013-09-08 21:24:02 +01:00
Dr. Stephen Henson
52073b7675 Partial path fix.
When verifying a partial path always check to see if the EE certificate
is explicitly trusted: the path could contain other untrusted certificates.
2013-09-08 19:26:59 +01:00
Dr. Stephen Henson
a6e7d1c0e3 Document extension clash. 2013-09-08 15:10:46 +01:00
Dr. Stephen Henson
5e3ff62c34 Experimental encrypt-then-mac support.
Experimental support for encrypt then mac from
draft-gutmann-tls-encrypt-then-mac-02.txt

To enable it set the appropriate extension number (0x10 for the test server)
using e.g. -DTLSEXT_TYPE_encrypt_then_mac=0x10

For non-compliant peers (i.e. just about everything) this should have no
effect.
2013-09-08 13:14:03 +01:00
Dr. Stephen Henson
226751ae4a Set TLS v1.2 disabled mask properly. 2013-09-08 00:09:39 +01:00
Ben Laurie
1769dfab06 Const fix. 2013-09-06 14:03:28 +01:00
Scott Deboy
67c408cee9 Free generated supp data after handshake completion, add comment regarding use of num_renegotiations in TLS and supp data generation callbacks 2013-09-06 13:59:14 +01:00
Ben Laurie
5eda213ebe More cleanup. 2013-09-06 13:59:14 +01:00
Ben Laurie
a6a48e87bc Make it build. 2013-09-06 13:59:13 +01:00
Scott Deboy
36086186a9 Add callbacks supporting generation and retrieval of supplemental data entries, facilitating RFC 5878 (TLS auth extensions)
Removed prior audit proof logic - audit proof support was implemented using the generic TLS extension API
Tests exercising the new supplemental data registration and callback api can be found in ssltest.c.
Implemented changes to s_server and s_client to exercise supplemental data callbacks via the -auth argument, as well as additional flags to exercise supplemental data being sent only during renegotiation.
2013-09-06 13:59:13 +01:00
Ben Laurie
cda01d55ba s/recommend/recommended/ 2013-09-05 21:43:50 +01:00
Veres Lajos
478b50cf67 misspellings fixes by https://github.com/vlajos/misspell_fixer 2013-09-05 21:39:42 +01:00
Ben Laurie
d2625fd657 Clean up layout. 2013-09-05 17:28:05 +01:00
Carlos Alberto Lopez Perez
b98af49d97 Add an "-xmpphost" option to s_client
* Many XMPP servers are configured with multiple domains (virtual hosts)
 * In order to establish successfully the TLS connection you have to specify
   which virtual host you are trying to connect.
 * Test this, for example with ::
   * Fail:
       openssl s_client -connect talk.google.com:5222 -starttls xmpp
   * Works:
       openssl s_client -connect talk.google.com:5222 -starttls xmpp -xmpphost gmail.com
2013-09-05 17:24:56 +01:00
Carlos Alberto Lopez Perez
50f307a98f Add "xmpp" to the list of supported starttls protocols on s_client manpage 2013-09-05 17:24:56 +01:00
Carlos Alberto Lopez Perez
4249d4ba86 Fix infinite loop on s_client starttls xmpp
* When the host used in "-connect" is not what the remote XMPP server expects
   the server will return an error like this:
     <stream:error>
       <host-unknown xmlns='urn:ietf:params:xml:ns:xmpp-streams'/>
     </stream:error>
 * But the actual code will stay on the loop forever because the stop condition
   "/stream:features>" will never happen,
 * Make this more robust: The stop condition should be that BIO_read failed
 * Test if for example with ::

    openssl s_client  -connect random.jabb3r.net:5222 -starttls xmpp
2013-09-05 17:24:56 +01:00
Carlos Alberto Lopez Perez
4e48c77572 Fix XMPP code detection on s_client starttls xmpp
* Some XMPP Servers (OpenFire) use double quotes.
 * This makes s_client starttls work with this servers.
 * Tested with OpenFire servers from http://xmpp.net/ ::

     openssl s_client -connect coderollers.com:5222 -starttls xmpp
2013-09-05 17:24:55 +01:00
Rob Stradling
dece3209f2 Don't prefer ECDHE-ECDSA ciphers when the client appears to be Safari on OS X.
OS X 10.8..10.8.3 has broken support for ECDHE-ECDSA ciphers.
2013-09-05 13:09:03 +01:00
Dr. Stephen Henson
c3eb33763b Document supported curve functions. 2013-09-03 15:43:01 +01:00
Dr. Stephen Henson
902efde1cc Document -force_pubkey option. 2013-08-21 13:43:00 +01:00
Dr. Stephen Henson
36019f70e8 Correct ECDSA example. 2013-08-21 13:43:00 +01:00
Ben Laurie
d5605699a1 Correctly test for no-ec. 2013-08-21 04:21:57 +01:00
Ben Laurie
a0aaa5660a Fix compile errors. 2013-08-21 04:21:42 +01:00
Dr. Stephen Henson
fcb2bcfe65 Typo: don't call RAND_cleanup during app startup.
(cherry picked from commit 90e7f983b5)
2013-08-18 19:06:51 +01:00
Dr. Stephen Henson
eeb15452a0 Add documentation.
Preliminary documentation for chain and verify stores and certificate chain
setting functions.
2013-08-17 17:41:14 +01:00
Dr. Stephen Henson
b85f8afe37 Don't run ECDH CMS tests if EC disabled. 2013-08-17 17:41:14 +01:00
Dr. Stephen Henson
14536c8c9c Make no-ec compilation work. 2013-08-17 17:41:13 +01:00
Dr. Stephen Henson
42082eda6f Return 1 when setting ECDH auto mode. 2013-08-17 17:41:13 +01:00
Dr. Stephen Henson
5ef24a806d Add the server 'hang' issue to the FAQ 2013-08-14 16:38:06 +01:00
Michael Tuexen
b62f4daac0 DTLS message_sequence number wrong in rehandshake ServerHello
This fix ensures that
* A HelloRequest is retransmitted if not responded by a ClientHello
* The HelloRequest "consumes" the sequence number 0. The subsequent
ServerHello uses the sequence number 1.
* The client also expects the sequence number of the ServerHello to
be 1 if a HelloRequest was received earlier.
This patch fixes the RFC violation.
2013-08-13 18:53:19 +01:00
Michael Tuexen
0c75eeacd3 DTLS handshake fix.
Reported by: Prashant Jaikumar <rmstar@gmail.com>

Fix handling of application data received before a handshake.
2013-08-08 13:30:49 +01:00
Kaspar Brand
5ae8d6bcba Fix for PEM_X509_INFO_read_bio.
PR: 3028
Fix bug introduced in PEM_X509_INFO_bio which wouldn't process RSA keys
correctly if they appeared first.
2013-08-06 16:01:47 +01:00
Dr. Stephen Henson
dfcb42c68e Update cms docs. 2013-08-05 16:23:22 +01:00
Dr. Stephen Henson
bbc098ffb3 Add X9.42 DH test. 2013-08-05 16:23:22 +01:00
Dr. Stephen Henson
75787fd833 Add X9.42 DH certificate to S/MIME test 2013-08-05 16:23:22 +01:00
Dr. Stephen Henson
bd59f2b91d CMS RFC2631 X9.42 DH enveloped data support. 2013-08-05 16:23:13 +01:00
Dr. Stephen Henson
dc1ce3bc64 Add KDF for DH.
Add X9.42 DH KDF. Move sharedinfo generation code to CMS library as the
same structure is used by DH and ECDH.

Move ASN1_OBJECT typedef to ossl_typ.h so it can be picked up by dh headers
without the need to use ASN1.
2013-08-05 15:45:01 +01:00
Dr. Stephen Henson
3909087801 Extend DH parameter generation support.
Add support for DH parameter generation using DSA methods including
FIPS 186-3.
2013-08-05 15:45:01 +01:00
Dr. Stephen Henson
d3cc91eee2 Enhance DH dup functions.
Make DHparams_dup work properly with X9.42 DH parameters.
2013-08-05 15:45:01 +01:00
Dr. Stephen Henson
c9577ab5ea If present print j, seed and counter values for DH 2013-08-05 15:45:00 +01:00
Dr. Stephen Henson
3f6b6f0b8c Minor optimisation to KDF algorithm.
Don't need to use temporary buffer if remaining length equals digest length.
2013-08-05 15:45:00 +01:00
Dr. Stephen Henson
e61f5d55bc Algorithm parameter support.
Check and set AlgorithmIdenfier parameters for key wrap algorithms.
Currently these just set parameters to NULL.
2013-08-05 15:45:00 +01:00
Andy Polyakov
a59f436295 crypto/evp/e_aes.c: fix logical pre-processor bug and formatting.
Bug would emerge when XTS is added to bsaes-armv7.pl. Pointed out by
Ard Biesheuvel of Linaro.
2013-08-03 17:09:06 +02:00
Andy Polyakov
fd8ad019e1 crypto/bn/asm/rsax-x86_64.pl: make it work on Darwin. 2013-08-03 16:28:50 +02:00
Andy Polyakov
006784378d crypto/sha/asm/sha*-x86_64.pl: comply with Win64 ABI. 2013-07-31 23:50:15 +02:00
Trevor Perrin
0b2bde70dd Various custom extension fixes.
Force no SSL2 when custom extensions in use.
Don't clear extension state when cert is set.
Clear on renegotiate.
2013-07-31 14:29:41 +01:00
Adam Langley
a898936218 Add tests for ALPN functionality.
Conflicts:
	ssl/ssltest.c
2013-07-22 15:47:48 +01:00
Ben Laurie
a108f841ba Add a no-opt 64-bit target. 2013-07-22 15:28:20 +01:00
Adam Langley
6f017a8f9d Support ALPN.
This change adds support for ALPN[1] in OpenSSL. ALPN is the IETF
blessed version of NPN and we'll be supporting both ALPN and NPN for
some time yet.

[1] https://tools.ietf.org/html/draft-ietf-tls-applayerprotoneg-00

Conflicts:
	ssl/ssl3.h
	ssl/t1_lib.c
2013-07-22 15:28:20 +01:00