#
ea09abc8 |
| 14-Jan-2019 |
Matt Caswell |
Don't get the mac type in TLSv1.3 We don't use this information so we shouldn't fetch it. As noted in the comments in #8005. Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged f
Don't get the mac type in TLSv1.3 We don't use this information so we shouldn't fetch it. As noted in the comments in #8005. Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/8020)
show more ...
|
#
0b4233f5 |
| 16-Dec-2018 |
Bernd Edlinger |
Fix a minor nit in the hkdflabel size Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/
Fix a minor nit in the hkdflabel size Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7913)
show more ...
|
#
2c18d164 |
| 06-Dec-2018 |
Richard Levitte |
Following the license change, modify the boilerplates in ssl/ Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7768)
|
#
0fb2815b |
| 04-Dec-2018 |
Matt Caswell |
Fix some SSL_export_keying_material() issues Fix some issues in tls13_hkdf_expand() which impact the above function for TLSv1.3. In particular test that we can use the maximum label leng
Fix some SSL_export_keying_material() issues Fix some issues in tls13_hkdf_expand() which impact the above function for TLSv1.3. In particular test that we can use the maximum label length in TLSv1.3. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7755)
show more ...
|
#
ed371b8c |
| 03-Dec-2018 |
Matt Caswell |
Revert "Reduce stack usage in tls13_hkdf_expand" This reverts commit ec0c5f5693e39c5a013f81e6dd9dfd09ec65162d. SSL_export_keying_material() may use longer label lengths. Fi
Revert "Reduce stack usage in tls13_hkdf_expand" This reverts commit ec0c5f5693e39c5a013f81e6dd9dfd09ec65162d. SSL_export_keying_material() may use longer label lengths. Fixes #7712 Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7755)
show more ...
|
Revision tags: OpenSSL_1_0_2q, OpenSSL_1_1_0j, OpenSSL_1_1_1a |
|
#
ec0c5f56 |
| 23-Sep-2018 |
Bernd Edlinger |
Reduce stack usage in tls13_hkdf_expand Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pul
Reduce stack usage in tls13_hkdf_expand Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7297)
show more ...
|
Revision tags: OpenSSL_1_1_1 |
|
#
8f39d8af |
| 04-Sep-2018 |
Shane Lontis |
key zeroization fix for a branch path of tls13_final_finish_mac Reviewed-by: Paul Yang <yang.yang@baishancloud.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https:/
key zeroization fix for a branch path of tls13_final_finish_mac Reviewed-by: Paul Yang <yang.yang@baishancloud.com> Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/7110)
show more ...
|
Revision tags: OpenSSL_1_1_1-pre9, OpenSSL_1_0_2p, OpenSSL_1_1_0i |
|
#
7426cd34 |
| 07-Aug-2018 |
Matt Caswell |
Ensure that we write out alerts correctly after early_data If we sent early_data and then received back an HRR, the enc_write_ctx was stale resulting in errors if an alert needed to be s
Ensure that we write out alerts correctly after early_data If we sent early_data and then received back an HRR, the enc_write_ctx was stale resulting in errors if an alert needed to be sent. Thanks to Quarkslab for reporting this. In any case it makes little sense to encrypt alerts using the client_early_traffic_secret, so we add special handling for alerts sent after early_data. All such alerts are sent in plaintext. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6887)
show more ...
|
#
43a0f273 |
| 30-Jul-2018 |
Matt Caswell |
Fix some TLSv1.3 alert issues Ensure that the certificate required alert actually gets sent (and doesn't get translated into handshake failure in TLSv1.3). Ensure that proper re
Fix some TLSv1.3 alert issues Ensure that the certificate required alert actually gets sent (and doesn't get translated into handshake failure in TLSv1.3). Ensure that proper reason codes are given for the new TLSv1.3 alerts. Remove an out of date macro for TLS13_AD_END_OF_EARLY_DATA. This is a left over from an earlier TLSv1.3 draft that is no longer used. Fixes #6804 Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6809)
show more ...
|
Revision tags: OpenSSL_1_1_1-pre8 |
|
#
4ff1a526 |
| 01-Jun-2018 |
Matt Caswell |
Fix TLSv1.3 ticket nonces All tickets on a connection need to have a unique nonce. When this was originally implemented we only ever sent one ticket on the conneciton so this didn't
Fix TLSv1.3 ticket nonces All tickets on a connection need to have a unique nonce. When this was originally implemented we only ever sent one ticket on the conneciton so this didn't matter. We were just using the value 0. Now we can get multiple tickets to we need to start doing the ticket nonce properly. Fixes #6387 Reviewed-by: Andy Polyakov <appro@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6415)
show more ...
|
#
bceae201 |
| 29-May-2018 |
Matt Caswell |
EVP_MD_size() can return an error Fix some instances where we weren't checking the error return. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/opens
EVP_MD_size() can return an error Fix some instances where we weren't checking the error return. Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/6373)
show more ...
|
Revision tags: OpenSSL_1_1_1-pre7 |
|
#
de9f5b35 |
| 18-May-2018 |
Matt Caswell |
Use the client app traffic secret for PHA Finished message The TLSv1.3 spec requires us to use the client application traffic secret during generation of the Finished message following a
Use the client app traffic secret for PHA Finished message The TLSv1.3 spec requires us to use the client application traffic secret during generation of the Finished message following a post handshake authentication. Fixes #6263 Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/6297)
show more ...
|
Revision tags: OpenSSL_1_1_1-pre6, OpenSSL_1_1_1-pre5, OpenSSL_1_1_1-pre4, OpenSSL_1_0_2o, OpenSSL_1_1_0h |
|
#
01a2a654 |
| 21-Mar-2018 |
Peter Wu |
Add support for logging early exporter secret This will be necessary to enable Wireshark to decrypt QUIC 0-RTT data. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Rich
Add support for logging early exporter secret This will be necessary to enable Wireshark to decrypt QUIC 0-RTT data. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5702)
show more ...
|
#
6329ce8f |
| 20-Mar-2018 |
Peter Wu |
Add support for logging TLS 1.3 exporter secret NSS 3.34 and boringssl have support for "EXPORTER_SECRET" (https://bugzilla.mozilla.org/show_bug.cgi?id=1287711) which is needed for Q
Add support for logging TLS 1.3 exporter secret NSS 3.34 and boringssl have support for "EXPORTER_SECRET" (https://bugzilla.mozilla.org/show_bug.cgi?id=1287711) which is needed for QUIC 1-RTT decryption support in Wireshark. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5702)
show more ...
|
Revision tags: OpenSSL_1_1_1-pre3 |
|
#
16cfc2c9 |
| 08-Mar-2018 |
Kurt Roeckx |
Don't use a ssl specific DRBG anymore Since the public and private DRBG are per thread we don't need one per ssl object anymore. It could also try to get entropy from a DRBG that's r
Don't use a ssl specific DRBG anymore Since the public and private DRBG are per thread we don't need one per ssl object anymore. It could also try to get entropy from a DRBG that's really from an other thread because the SSL object moved to an other thread. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/5547)
show more ...
|
#
d4ef4fbf |
| 16-Mar-2018 |
Bernd Edlinger |
Fix a crash in SSLfatal due to invalid enc_write_ctx Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5645)
|
#
f929439f |
| 15-Mar-2018 |
Matt Caswell |
Rename EVP_PKEY_new_private_key()/EVP_PKEY_new_public_key() Renamed to EVP_PKEY_new_raw_private_key()/EVP_new_raw_public_key() as per feedback. Reviewed-by: Richard Levitte <lev
Rename EVP_PKEY_new_private_key()/EVP_PKEY_new_public_key() Renamed to EVP_PKEY_new_raw_private_key()/EVP_new_raw_public_key() as per feedback. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5520)
show more ...
|
#
e32b52a2 |
| 05-Mar-2018 |
Matt Caswell |
Add support for setting raw private HMAC keys Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5520)
|
Revision tags: OpenSSL_1_1_1-pre2, OpenSSL_1_1_1-pre1, OpenSSL_1_0_2n |
|
#
d91f4568 |
| 05-Nov-2017 |
Kurt Roeckx |
Tell the ciphers which DRBG to use for generating random bytes. Reviewed-by: Richard Levitte <levitte@openssl.org> GH: #4672
|
#
b38ede80 |
| 04-Feb-2018 |
Tatsuhiro Tsujikawa |
Export keying material using early exporter master secret This commit adds SSL_export_keying_material_early() which exports keying material using early exporter master secret. R
Export keying material using early exporter master secret This commit adds SSL_export_keying_material_early() which exports keying material using early exporter master secret. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/5252)
show more ...
|
#
6738bf14 |
| 13-Feb-2018 |
Matt Caswell |
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org>
|
#
1f5878b8 |
| 21-Jan-2018 |
Tatsuhiro Tsujikawa |
Make sure that exporting keying material is allowed Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/op
Make sure that exporting keying material is allowed Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4944)
show more ...
|
#
b1a51abb |
| 18-Jan-2018 |
Tatsuhiro Tsujikawa |
Remove generation of exporter master secret on client application traffic Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https:/
Remove generation of exporter master secret on client application traffic Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4944)
show more ...
|
#
2221ec10 |
| 16-Dec-2017 |
Tatsuhiro Tsujikawa |
Generate exporter_master_secret after server Finished Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/
Generate exporter_master_secret after server Finished Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4944)
show more ...
|
#
d4d2f3a4 |
| 23-Nov-2017 |
Matt Caswell |
Convert more functions in ssl/statem/statem.c to use SSLfatal() Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4778)
|