- 21 5月, 2019 1 次提交
-
-
由 Kurt Roeckx 提交于
Fixes: #8737 Reviewed-by: NBernd Edlinger <bernd.edlinger@hotmail.de> Reviewed-by: NRichard Levitte <levitte@openssl.org> GH: #8741 (cherry picked from commit 70b0b977f73cd70e17538af3095d18e0cf59132e)
-
- 30 7月, 2018 1 次提交
-
-
由 Bryan Donlan 提交于
FIPS 186-4 does not specify a hard requirement on DSA digest lengths, and in any case the current check rejects the FIPS recommended digest lengths for key sizes != 1024 bits. Fixes: #6748 Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NAndy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6749)
-
- 17 4月, 2018 1 次提交
-
-
由 Richard Levitte 提交于
Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5990)
-
- 05 4月, 2018 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5800)
-
- 25 1月, 2017 1 次提交
-
-
由 FdaSilvaYY 提交于
Reviewed-by: NRich Salz <rsalz@openssl.org> Reviewed-by: NMatt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1618)
-
- 20 1月, 2017 1 次提交
-
-
由 Richard Levitte 提交于
When setting the digest parameter for DSA parameter generation, the signature MD was set instead of the parameter generation one. Fortunately, that's also the one that was used for parameter generation, but it ultimately meant the parameter generator MD and the signature MD would always be the same. Fixes github issue #2016 Reviewed-by: NRich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2250)
-
- 18 5月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 23 2月, 2016 1 次提交
-
-
由 Rich Salz 提交于
Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 10 11月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Continuing from previous commit ensure our style is consistent for malloc return checks. Reviewed-by: NKurt Roeckx <kurt@openssl.org>
-
- 24 8月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed-by: NBen Laurie <ben@openssl.org>
-
- 14 5月, 2015 1 次提交
-
-
由 Richard Levitte 提交于
There are header files in crypto/ that are used by a number of crypto/ submodules. Move those to crypto/include/internal and adapt the affected source code and Makefiles. The header files that got moved are: crypto/cryptolib.h crypto/md32_common.h Reviewed-by: NRich Salz <rsalz@openssl.org>
-
- 07 5月, 2015 1 次提交
-
-
由 Rich Salz 提交于
For the various string-compare routines (strcmp, strcasecmp, str.*cmp) use "strcmp()==0" instead of "!strcmp()" Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 05 5月, 2015 1 次提交
-
-
由 Rich Salz 提交于
For a local variable: TYPE *p; Allocations like this are "risky": p = OPENSSL_malloc(sizeof(TYPE)); if the type of p changes, and the malloc call isn't updated, you could get memory corruption. Instead do this: p = OPENSSL_malloc(sizeof(*p)); Also fixed a few memset() calls that I noticed while doing this. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 01 5月, 2015 2 次提交
-
-
由 Rich Salz 提交于
Don't check for NULL before calling OPENSSL_free Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
由 Rich Salz 提交于
This gets BN_.*free: BN_BLINDING_free BN_CTX_free BN_FLG_FREE BN_GENCB_free BN_MONT_CTX_free BN_RECP_CTX_free BN_clear_free BN_free BUF_MEM_free Also fix a call to DSA_SIG_free to ccgost engine and remove some #ifdef'd dead code in engines/e_ubsec. Reviewed-by: NRichard Levitte <levitte@openssl.org>
-
- 24 3月, 2015 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Move EVP internals to evp_int.h, remove -Ievp hack from crypto/Makefile Reviewed-by: NMatt Caswell <matt@openssl.org>
-
- 22 1月, 2015 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 09 12月, 2014 1 次提交
-
-
由 Matt Caswell 提交于
Reviewed-by: NTim Hudson <tjh@openssl.org>
-
- 22 6月, 2013 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 21 6月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 08 5月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 19 1月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
seed to: this doesn't introduce any binary compatibility issues as the function is only used internally. The seed output is needed for FIPS 140-2 algorithm testing: the functionality used to be in DSA_generate_parameters_ex() but was removed in OpenSSL 1.0.0
-
- 02 12月, 2009 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 02 9月, 2009 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Submitted by: Tomas Mraz <tmraz@redhat.com> Checked by: steve@openssl.org Fix so that the legacy digest EVP_dss1() still works.
-
- 06 11月, 2008 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 02 5月, 2008 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 17 3月, 2008 1 次提交
-
-
由 Geoff Thorpe 提交于
OPENSSL_NO_DEPRECATED, etc. Steve, please double-check the CMS stuff...
-
- 13 3月, 2008 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Initial support for CMS. Add zlib compression BIO. Add AES key wrap implementation. Generalize S/MIME MIME code to support CMS and/or PKCS7.
-
- 26 10月, 2007 1 次提交
-
-
由 Dr. Stephen Henson 提交于
of handshake failure 2. Changes to x509_certificate_type function (crypto/x509/x509type.c) to make it recognize GOST certificates as EVP_PKT_SIGN|EVP_PKT_EXCH (required for s3_srvr to accept GOST client certificates). 3. Changes to EVP - adding of function EVP_PKEY_CTX_get0_peerkey - Make function EVP_PKEY_derive_set_peerkey work for context with ENCRYPT operation, because we use peerkey field in the context to pass non-ephemeral secret key to GOST encrypt operation. - added EVP_PKEY_CTRL_SET_IV control command. It is really GOST-specific, but it is used in SSL code, so it has to go in some header file, available during libssl compilation 4. Fix to HMAC to avoid call of OPENSSL_cleanse on undefined data 5. Include des.h if KSSL_DEBUG is defined into some libssl files, to make debugging output which depends on constants defined there, work and other KSSL_DEBUG output fixes 6. Declaration of real GOST ciphersuites, two authentication methods SSL_aGOST94 and SSL_aGOST2001 and one key exchange method SSL_kGOST 7. Implementation of these methods. 8. Support for sending unsolicited serverhello extension if GOST ciphersuite is selected. It is require for interoperability with CryptoPro CSP 3.0 and 3.6 and controlled by SSL_OP_CRYPTOPRO_TLSEXT_BUG constant. This constant is added to SSL_OP_ALL, because it does nothing, if non-GOST ciphersuite is selected, and all implementation of GOST include compatibility with CryptoPro. 9. Support for CertificateVerify message without length field. It is another CryptoPro bug, but support is made unconditional, because it does no harm for draft-conforming implementation. 10. In tls1_mac extra copy of stream mac context is no more done. When I've written currently commited code I haven't read EVP_DigestSignFinal manual carefully enough and haven't noticed that it does an internal digest ctx copying. This implementation was tested against 1. CryptoPro CSP 3.6 client and server 2. Cryptopro CSP 3.0 server
-
- 03 2月, 2007 1 次提交
-
-
由 Nils Larsch 提交于
-
- 11 7月, 2006 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Send ctrls to EVP_PKEY_METHOD during signing of PKCS7 structure so customisation is possible.
-
- 25 5月, 2006 1 次提交
-
-
由 Dr. Stephen Henson 提交于
functions and EVP_MD_CTX_copy work properly.
-
- 24 5月, 2006 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 16 4月, 2006 1 次提交
-
-
由 Dr. Stephen Henson 提交于
value of the passed output buffer is NULL. The old method of using EVP_PKEY_size(pkey) isn't flexible enough to cover all cases where the output length may depend on the operation or the parameters associated with it.
-
- 13 4月, 2006 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 12 4月, 2006 2 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
- 11 4月, 2006 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 10 4月, 2006 2 次提交
-
-
由 Dr. Stephen Henson 提交于
Fix rsa_pkey_method.
-
由 Dr. Stephen Henson 提交于
Add digest size sanity checks.
-