| #
e6b336ef |
| 06-Dec-2014 |
Matt Caswell |
Add EVP support for OCB mode
Reviewed-by: Tim Hudson <tjh@openssl.org>
|
|
Revision tags: OpenSSL-fips-2_0_9, OpenSSL_1_0_1j, OpenSSL_1_0_0o, OpenSSL_0_9_8zc, OpenSSL_1_0_2-beta3, OpenSSL_0_9_8zb, OpenSSL_1_0_0n, OpenSSL_1_0_1i, OpenSSL_1_0_2-beta2 |
|
| #
d31fed73 |
| 18-Jul-2014 |
Dr. Stephen Henson |
RFC 5649 support.
Add support for RFC5649 key wrapping with padding.
Add RFC5649 tests to evptests.txt
Based on PR#3434 contribution by Petr Spacek <pspacek@redhat.com>.
RFC 5649 support.
Add support for RFC5649 key wrapping with padding.
Add RFC5649 tests to evptests.txt
Based on PR#3434 contribution by Petr Spacek <pspacek@redhat.com>.
EVP support and minor changes added by Stephen Henson.
Doxygen comment block updates by Tim Hudson.
Reviewed-by: Tim Hudson <tjh@openssl.org>
show more ...
|
|
Revision tags: OpenSSL-fips-2_0_8, OpenSSL_1_0_1h, OpenSSL_1_0_0m, OpenSSL_0_9_8za, OpenSSL-fips-2_0_7, OpenSSL_1_0_1g, OpenSSL_1_0_2-beta1, OpenSSL_1_0_0l, OpenSSL_1_0_1f, OpenSSL-fips-2_0_6, OpenSSL-fips-2_0_5, OpenSSL-fips-2_0_4 |
|
| #
97cf1f6c |
| 17-Jul-2013 |
Dr. Stephen Henson |
EVP support for wrapping algorithms.
Add support for key wrap algorithms via EVP interface.
Generalise AES wrap algorithm and add to modes, making existing
AES wrap algorithm a
EVP support for wrapping algorithms.
Add support for key wrap algorithms via EVP interface.
Generalise AES wrap algorithm and add to modes, making existing
AES wrap algorithm a special case.
Move test code to evptests.txt
show more ...
|
| #
8a97a330 |
| 13-May-2013 |
Andy Polyakov |
Add AES-SHA256 stitch.
|
|
Revision tags: OpenSSL-fips-2_0_3 |
|
| #
95248de3 |
| 06-Mar-2013 |
Dr. Stephen Henson |
Add CCM ciphers to tables.
|
|
Revision tags: OpenSSL_1_0_1e, OpenSSL_0_9_8y, OpenSSL_1_0_0k, OpenSSL_1_0_1d |
|
| #
9970308c |
| 02-Feb-2013 |
Andy Polyakov |
e_aes_cbc_hmac_sha1.c: address the CBC decrypt timing issues.
Address CBC decrypt timing issues and reenable the AESNI+SHA1 stitch.
(cherry picked from commit 125093b59f3c2a2d33785b5563d
e_aes_cbc_hmac_sha1.c: address the CBC decrypt timing issues.
Address CBC decrypt timing issues and reenable the AESNI+SHA1 stitch.
(cherry picked from commit 125093b59f3c2a2d33785b5563d929d0472f1721)
show more ...
|
| #
2acc020b |
| 28-Jan-2013 |
Ben Laurie |
Make CBC decoding constant time.
This patch makes the decoding of SSLv3 and TLS CBC records constant
time. Without this, a timing side-channel can be used to build a padding
oracle a
Make CBC decoding constant time.
This patch makes the decoding of SSLv3 and TLS CBC records constant
time. Without this, a timing side-channel can be used to build a padding
oracle and mount Vaudenay's attack.
This patch also disables the stitched AESNI+SHA mode pending a similar
fix to that code.
In order to be easy to backport, this change is implemented in ssl/,
rather than as a generic AEAD mode. In the future this should be changed
around so that HMAC isn't in ssl/, but crypto/ as FIPS expects.
(cherry picked from commit e130841bccfc0bb9da254dc84e23bc6a1c78a64e)
show more ...
|
|
Revision tags: OpenSSL-fips-2_0-pl1, OpenSSL-fips-2_0_2, OpenSSL-fips-2_0_1, OpenSSL_1_0_1c, OpenSSL_1_0_0j, OpenSSL_0_9_8x, OpenSSL_1_0_1b, OpenSSL_0_9_8w, OpenSSL_1_0_1a, OpenSSL_0_9_8v, OpenSSL_1_0_0i, OpenSSL_1_0_1, OpenSSL_1_0_0h, OpenSSL_0_9_8u, OpenSSL_1_0_1-beta3, OpenSSL_1_0_1-beta2, OpenSSL-fips-2_0, OpenSSL_1_0_0g, OpenSSL_0_9_8t, OpenSSL_0_9_8s, OpenSSL_1_0_0f, OpenSSL-fips-2_0-rc8, OpenSSL_1_0_1-beta1, OpenSSL-fips-2_0-rc7, OpenSSL-fips-2_0-rc6, OpenSSL-fips-2_0-rc5, OpenSSL-fips-2_0-rc4, OpenSSL-fips-2_0-rc3, OpenSSL-fips-2_0-rc2, OpenSSL-fips-2_0-rc1 |
|
| #
e2473dcc |
| 18-Oct-2011 |
Andy Polyakov |
c_allc.c: add aes-xts to loop.
|
|
Revision tags: OpenSSL-fips-1_2_3, OpenSSL-fips-1_2_2, OpenSSL-fips-1_2_1, OpenSSL_1_0_0e |
|
| #
c608171d |
| 23-Aug-2011 |
Andy Polyakov |
Add RC4-MD5 and AESNI-SHA1 "stitched" implementations.
|
| #
28dd49fa |
| 03-Aug-2011 |
Dr. Stephen Henson |
Expand range of ctrls for AES GCM to support retrieval and setting of
invocation field.
Add complete support for AES GCM ciphersuites including all those in
RFC5288 and RFC5289.
|
|
Revision tags: OpenSSL_1_0_0d, OpenSSL_0_9_8r, OpenSSL_0_9_8q, OpenSSL_1_0_0c, OpenSSL_0_9_8p, OpenSSL_1_0_0b, OpenSSL_0_9_8o, OpenSSL_1_0_0a, OpenSSL_1_0_0, OpenSSL_0_9_8n, OpenSSL_0_9_8m |
|
| #
d976f992 |
| 23-Feb-2010 |
Andy Polyakov |
Add AES counter mode to EVP.
|
|
Revision tags: OpenSSL_0_9_8m-beta1, OpenSSL_1_0_0-beta5 |
|
| #
7e765bf2 |
| 25-Dec-2009 |
Dr. Stephen Henson |
Traditional Yuletide commit ;-)
Add Triple DES CFB1 and CFB8 to algorithm list and NID translation.
|
|
Revision tags: OpenSSL_1_0_0-beta4, OpenSSL_0_9_8l, OpenSSL_1_0_0-beta3, OpenSSL_1_0_0-beta2, OpenSSL_1_0_0-beta1, OpenSSL_0_9_8k, OpenSSL_0_9_8j, OpenSSL_0_9_8i, OpenSSL_0_9_8h, OpenSSL_0_9_8g, OpenSSL_0_9_8f, FIPS_098_TEST_8, FIPS_098_TEST_7, FIPS_098_TEST_6, FIPS_098_TEST_5, FIPS_098_TEST_4, FIPS_098_TEST_3, FIPS_098_TEST_2, FIPS_098_TEST_1 |
|
| #
96afc1cf |
| 23-Apr-2007 |
Bodo Möller |
Add SEED encryption algorithm.
PR: 1503
Submitted by: KISA
Reviewed by: Bodo Moeller
|
|
Revision tags: OpenSSL_0_9_7m, OpenSSL_0_9_8e, OpenSSL_0_9_7l, OpenSSL_0_9_8d, OpenSSL_0_9_8c, OpenSSL_0_9_7k |
|
| #
f3dea9a5 |
| 09-Jun-2006 |
Bodo Möller |
Camellia cipher, contributed by NTT
Submitted by: Masashi Fujita
Reviewed by: Bodo Moeller
|
| #
b8f702a0 |
| 15-May-2006 |
Dr. Stephen Henson |
Change builting PBE to use static table. Add entries for HMAC and MD5, GOST.
|
|
Revision tags: OpenSSL_0_9_7j, OpenSSL_0_9_8b, OpenSSL_FIPS_1_0, OpenSSL_0_9_7i, OpenSSL_0_9_8a, OpenSSL_0_9_7h, OpenSSL_0_9_8, FIPS_TEST_10, OpenSSL_0_9_8-beta6, OpenSSL_0_9_8-beta5, FIPS_TEST_9, OpenSSL_0_9_8-beta4, OpenSSL_0_9_8-beta3, BEN_FIPS_TEST_8, OpenSSL_0_9_8-beta2, OpenSSL_0_9_8-beta1, OpenSSL_0_9_7g, OpenSSL_0_9_7f, BEN_FIPS_TEST_7, BEN_FIPS_TEST_6, OpenSSL_0_9_7e, OpenSSL_0_9_7d, OpenSSL-engine-0_9_6m, OpenSSL_0_9_6m, LEVITTE_after_const, LEVITTE_before_const, BEN_FIPS_TEST_5 |
|
| #
8d1ebe0b |
| 28-Jan-2004 |
Richard Levitte |
Add the missing parts for DES CFB1 and CFB8.
Add the corresponding AES parts while I'm at it.
make update
|
|
Revision tags: BEN_FIPS_TEST_4, OpenSSL-engine-0_9_6l, OpenSSL_0_9_6l, BEN_FIPS_TEST_3, BEN_FIPS_TEST_2, BEN_FIPS_TEST_1, OpenSSL-engine-0_9_6k, OpenSSL_0_9_6k, OpenSSL_0_9_7c, OpenSSL-engine-0_9_6j, OpenSSL_0_9_7b, OpenSSL_0_9_6j, OpenSSL-engine-0_9_6i, OpenSSL_0_9_6i, OpenSSL_0_9_7a, OpenSSL_0_9_7, OpenSSL_0_9_7-beta6, STATE_after_zlib, STATE_before_zlib, OpenSSL_0_9_7-beta5, OpenSSL-engine-0_9_6h, OpenSSL_0_9_6h, OpenSSL_0_9_7-beta4, OpenSSL-engine-0_9_6g, OpenSSL_0_9_6g, OpenSSL-engine-0_9_6f, OpenSSL_0_9_6f, OpenSSL_0_9_7-beta3, OpenSSL-engine-0_9_6e, OpenSSL_0_9_6e, OpenSSL_0_9_7-beta2, OpenSSL_0_9_7-beta1 |
|
| #
bd54d55c |
| 31-May-2002 |
Richard Levitte |
Declare the CFB and OFB modes for AES, and prepare for a declaration
of CTR mode.
|
|
Revision tags: AFTER_COMPAQ_PATCH, BEFORE_COMPAQ_PATCH, OpenSSL-engine-0_9_6d, OpenSSL_0_9_6d, OpenSSL-engine-0_9_6d-beta1, OpenSSL_0_9_6d-beta1 |
|
| #
5b7848a3 |
| 20-Feb-2002 |
Richard Levitte |
Add comfy aliases for AES in CBC mode.
|
|
Revision tags: OpenSSL-engine-0_9_6c, OpenSSL_0_9_6c |
|
| #
354c3ace |
| 18-Aug-2001 |
Ben Laurie |
Add first cut symmetric crypto support.
|
| #
c518ade1 |
| 21-Jul-2001 |
Ben Laurie |
Clean up EVP macros, rename DES EDE3 modes correctly, temporary support for
OpenBSD /dev/crypto (this will be revamped later when the appropriate machinery
is available).
|
|
Revision tags: OpenSSL-engine-0_9_6b, OpenSSL_0_9_6b, OpenSSL_0_9_6a, OpenSSL-engine-0_9_6a, OpenSSL-engine-0_9_6a-beta3, OpenSSL_0_9_6a-beta3, OpenSSL-engine-0_9_6a-beta2, OpenSSL_0_9_6a-beta2, OpenSSL-engine-0_9_6a-beta1, OpenSSL_0_9_6a-beta1 |
|
| #
cf1b7d96 |
| 19-Feb-2001 |
Richard Levitte |
Make all configuration macros available for application by making
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other package
Make all configuration macros available for application by making
sure they are available in opensslconf.h, by giving them names starting
with "OPENSSL_" to avoid conflicts with other packages and by making
sure e_os2.h will cover all platform-specific cases together with
opensslconf.h.
I've checked fairly well that nothing breaks with this (apart from
external software that will adapt if they have used something like
NO_KRB5), but I can't guarantee it completely, so a review of this
change would be a good thing.
show more ...
|
| #
deb2c1a1 |
| 07-Feb-2001 |
Dr. Stephen Henson |
Fix AES code.
Update Rijndael source to v3.0
Add AES OIDs.
Change most references of Rijndael to AES.
Add new draft AES ciphersuites.
|
| #
259810e0 |
| 06-Feb-2001 |
Ben Laurie |
Rijdael CBC mode and partial undebugged SSL support.
|
|
Revision tags: rsaref, BEFORE_engine |
|
| #
3ab56511 |
| 14-Oct-2000 |
Richard Levitte |
The experimental Rijndael code moved to the main trunk.
make update done.
|
|
Revision tags: OpenSSL_0_9_6-beta2, OpenSSL_0_9_6-beta1, OpenSSL_0_9_6, OpenSSL-engine-0_9_6, OpenSSL-engine-0_9_6-beta3, OpenSSL_0_9_6-beta3, OpenSSL-engine-0_9_6-beta2, OpenSSL-engine-0_9_6-beta1, OpenSSL_0_9_5, OpenSSL_0_9_5a, OpenSSL_0_9_5a-beta2, OpenSSL_0_9_5a-beta1, OpenSSL_0_9_5beta2, OpenSSL_0_9_5beta1 |
|
| #
41e68ef2 |
| 23-Feb-2000 |
Dr. Stephen Henson |
Add PBE algorithms with ciphers, not digests.
|
