Richard Levitte
ea09088e17
Better splitting regexp for test_ordinals
...
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-15 17:02:34 +01:00
Rich Salz
2ab9687479
Remove GMP engine.
...
Reviewed-by: Ben Laurie <ben@openssl.org>
2015-12-15 07:59:56 -05:00
Matt Caswell
8caab744f5
Fix s_server problem with no-ec
...
s_server was trying to set the ECDH curve when no-ec was defined. This also
highlighted the fact that the -no_ecdhe option to s_server is broken, and
doesn't make any sense any more (ECDHE is on by default and the only way it
can be disabled is through the cipherstring). Therefore this commit removes
the option.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-12-15 11:26:38 +00:00
Matt Caswell
73cd6175b9
Fix no-psk compile failure
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-12-15 11:22:34 +00:00
Matt Caswell
bbf431cb5e
Fix compile failure with no-srp
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-12-15 11:22:34 +00:00
Dr. Stephen Henson
0c497e96c4
Update EVP_PKEY documentation.
...
Add EVP_PKEY_up_ref() documentation and fix various typos.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2015-12-14 23:06:14 +00:00
Dr. Stephen Henson
6745fcf627
make update
...
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2015-12-14 23:06:14 +00:00
Dr. Stephen Henson
c01ff880d4
New function X509_get0_pubkey
...
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2015-12-14 23:06:14 +00:00
Dr. Stephen Henson
2872dbe1c4
Add EVP_PKEY_get0_* functions.
...
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2015-12-14 23:06:14 +00:00
Dr. Stephen Henson
2986ecdc08
Extend EVP_PKEY_copy_parameters()
...
Make EVP_PKEY_copy_parameters() work if the destination has no type
(e.g. if obtained from EVP_PKEY_new()) or the underlying key is NULL.
This is useful where we want to copy the parameters from an existing
key to a new key.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2015-12-14 23:06:14 +00:00
Emilia Kasper
d911097d7c
Fix a ** 0 mod 1 = 0 for real this time.
...
Commit 2b0180c37f
attempted to do this but
only hit one of many BN_mod_exp codepaths. Fix remaining variants and add
a test for each method.
Thanks to Hanno Boeck for reporting this issue.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
2015-12-14 17:39:39 +01:00
Andy Polyakov
81eae077ce
crpyto/ppccpuid.pl: add FPU probe and fix OPENSSL_rdtsc.
...
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-12-14 16:09:25 +01:00
Andy Polyakov
2688d99989
crypto/ppccap.c: add SIGILL-free processor capability detection code.
...
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-12-14 16:08:49 +01:00
Hongze Zhu
f562aedae4
add malloc fail check & fix memory leak
...
Signed-off-by: Hongze Zhu <hongze.zhu@gmail.com>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-14 17:38:56 +08:00
Viktor Dukhovni
b311b74d78
Fix erroneous SO suffix in darwin64-debug-test-64-clang target
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-13 22:43:29 -05:00
Ben Kaduk
3903e1c334
Fix typo
...
Signed-off-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-13 22:19:22 -05:00
Viktor Dukhovni
a465ca7841
Fix option value parsing in crl2pkcs7 -certfile
...
Reviewed-by: Rich Saltz <rsalz@openssl.org>
2015-12-13 21:31:03 -05:00
Viktor Dukhovni
7eff6aa0d6
Avoid erroneous "assert(private)" failures.
...
When processing a public key input via "-pubin", "private" was
sometimes erroneously set, or else not set and incorrectly asserted.
Reviewed-by: Rich salz <rsalz@openssl.org>
2015-12-13 20:13:49 -05:00
Andy Polyakov
b974943234
x86_64 assembly pack: tune clang version detection even further.
...
RT#4171
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-12-13 22:18:18 +01:00
Andy Polyakov
22c2e80f89
Configure: add framework for ChaCha and Poly1305 assembly.
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-13 20:56:50 +01:00
Andy Polyakov
0c14d44254
Configure: 'reconf' to respect CROSS_COMPILE and CC.
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-13 20:54:22 +01:00
Ben Laurie
d25aeabca8
Don't use EC when no-ec.
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-13 16:14:35 +00:00
Ben Laurie
6c3b566497
Remove no longer existant structure member and direct references to EVP_MD_CTX internals.
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-13 14:59:10 +00:00
Ben Laurie
4eacfadedc
Fix (incorrect) uninitialised variable warning.
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-13 12:44:46 +00:00
Dr. Stephen Henson
14e8e4d3e6
fix warning
...
Reviewed-by: Ben Laurie <ben@openssl.org>
2015-12-13 03:02:52 +00:00
Dr. Stephen Henson
7538cb82f9
remove ancient SSLeay bug workaround
...
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-13 00:43:43 +00:00
tjmao
3e166c136e
Allow ChaCha20-Poly1305 in DTLS
...
GCM and CCM are modes of operation for block ciphers only. ChaCha20-Poly1305
operates in neither of them but it is AEAD. This change also enables future
AEAD ciphers to be available for use with DTLS.
Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-12 19:30:16 -05:00
Rich Salz
5320c07193
Revert "Allow ChaCha20-Poly1305 in DTLS"
...
This reverts commit 777f482d99
.
Author credit missing. Reverting this and re-committing with
an Author line.
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-12 19:28:31 -05:00
Rich Salz
9e8b6f0427
Use SHA256 not MD5 as default digest.
...
(Documentation update was in the MR but not the commit. Oops.)
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2015-12-12 19:25:25 -05:00
Ben Laurie
40abdf8e39
Support ccache.
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-12-12 23:05:41 +00:00
Matt Caswell
7a93c85826
Fix compile failure with no-threads
...
The async code was causing a compile failure if no-threads was used.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-12-12 14:26:22 +00:00
Dr. Stephen Henson
9391ba1b51
Add extension utility documentation.
...
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-12-12 14:11:20 +00:00
Dr. Stephen Henson
3a59ad98e9
add X509_up_ref() documentation
...
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-12-12 14:11:20 +00:00
Dr. Stephen Henson
e989e54f66
extension documentation
...
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
2015-12-12 14:11:20 +00:00
Kurt Roeckx
a5ecdc6af8
Use OPENSSL_NO_DTLS instead of OPENSSL_NO_DTLS1
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-12 12:07:14 +01:00
Matt Caswell
8ca8fc4804
Fix compile failure
...
Fix compile failure introduced by commit 94d6151236
due to a typo.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-11 22:18:00 +00:00
Andy Polyakov
30a5f32227
evp/e_chacha20_poly1305.c: TLS interop fixes.
...
Thanks to: David Benjamin of Chromuim.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-11 21:07:51 +01:00
Andy Polyakov
80b1247fe6
Configurations/10-main.conf: fix typos in mingw/cygwin configs.
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-11 21:04:02 +01:00
Rich Salz
777f482d99
Allow ChaCha20-Poly1305 in DTLS
...
GCM and CCM are modes of operation for block ciphers only. ChaCha20-Poly1305
operates in neither of them but it is AEAD. This change also enables future
AEAD ciphers to be available for use with DTLS.
Signed-off-by: Rich Salz <rsalz@akamai.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-11 14:48:09 -05:00
Ben Laurie
94d6151236
Make no-dh work, plus other no-dh problems found by Richard.
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-11 18:38:38 +00:00
Richard Levitte
ea11c6e920
make update, missed file
...
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-11 18:07:05 +01:00
Rich Salz
f8547f62c2
Use SHA256 not MD5 as default digest.
...
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
2015-12-11 11:59:59 -05:00
Richard Levitte
6ebe8dac3e
make update
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-11 16:18:35 +01:00
Richard Levitte
254b26af20
Adapt EVP tests to the opaque EVP_ENCODE_CTX
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-11 16:18:01 +01:00
Richard Levitte
601ab3151f
Adapt PEM routines to the opaque EVP_ENCODE_CTX
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-11 16:18:01 +01:00
Richard Levitte
b518d2d5f8
Adapt BIO_f_base64 to the opaque EVP_ENCODE_CTX
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-11 16:18:01 +01:00
Richard Levitte
a0be4fd17b
Make EVP_ENCODE_CTX opaque
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-11 16:18:01 +01:00
Matt Caswell
1ee3b17fa0
Fix OCB link
...
The link to the OCB patent pdf changed, so the link in CHANGES needs to be
updated.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-11 14:15:20 +00:00
Rob Stradling
ba67253db1
Support the TLS Feature (aka Must Staple) X.509v3 extension (RFC7633).
...
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
GH: #495 , MR: #1435
2015-12-10 19:27:40 +01:00
Viktor Dukhovni
f8137a62d9
Restore full support for EVP_CTX_create() etc.
...
Reviewed-by: Dr. Stephen Henson <steve@openssl.org>
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-10 11:05:07 -05:00