0fdf965b | 11-Sep-2024 |
Neil Horman |
review fixups for quic-hq-interop Reviewed-by: Sasa Nedvedicky <sashan@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
review fixups for quic-hq-interop Reviewed-by: Sasa Nedvedicky <sashan@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25426)
show more ...
|
a62fb946 | 10-Sep-2024 |
Neil Horman |
Clean up style issues Reviewed-by: Sasa Nedvedicky <sashan@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from
Clean up style issues Reviewed-by: Sasa Nedvedicky <sashan@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25426)
show more ...
|
67b739fb | 10-Sep-2024 |
Neil Horman |
Add some more tests to the interop matrix and fixup a typo * Add resumption and multiplexing tests * Remove needless head -n operation when patching implementation.json Reviewed
Add some more tests to the interop matrix and fixup a typo * Add resumption and multiplexing tests * Remove needless head -n operation when patching implementation.json Reviewed-by: Sasa Nedvedicky <sashan@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25426)
show more ...
|
e4bfcee2 | 10-Sep-2024 |
Neil Horman |
Adding more documentation Reviewed-by: Sasa Nedvedicky <sashan@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged
Adding more documentation Reviewed-by: Sasa Nedvedicky <sashan@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25426)
show more ...
|
1b6638b1 | 06-Sep-2024 |
Neil Horman |
Do batching of stream requests We have a limited number of streams to use send requests in accordance with the number of streams we have and batch requests according to that limit
Do batching of stream requests We have a limited number of streams to use send requests in accordance with the number of streams we have and batch requests according to that limit Reviewed-by: Sasa Nedvedicky <sashan@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25426)
show more ...
|
34d6ec80 | 04-Sep-2024 |
Neil Horman |
support polling of multiple streams Reviewed-by: Sasa Nedvedicky <sashan@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org>
support polling of multiple streams Reviewed-by: Sasa Nedvedicky <sashan@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25426)
show more ...
|
39517412 | 30-Aug-2024 |
Neil Horman |
update quic docker container files 1) Limit clone depth to allow faster fetches 2) Supply OPENSSL_URL and OPENSSL_BRANCH args to allow for branch testing Reviewed-by: Sas
update quic docker container files 1) Limit clone depth to allow faster fetches 2) Supply OPENSSL_URL and OPENSSL_BRANCH args to allow for branch testing Reviewed-by: Sasa Nedvedicky <sashan@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25426)
show more ...
|
1b114e39 | 29-Aug-2024 |
Neil Horman |
Add lots of docs Reviewed-by: Sasa Nedvedicky <sashan@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from http
Add lots of docs Reviewed-by: Sasa Nedvedicky <sashan@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25426)
show more ...
|
d978e5fb | 29-Aug-2024 |
Neil Horman |
Adding session resume support to hq-interop Reviewed-by: Sasa Nedvedicky <sashan@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl
Adding session resume support to hq-interop Reviewed-by: Sasa Nedvedicky <sashan@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25426)
show more ...
|
1df1cb43 | 29-Aug-2024 |
Neil Horman |
Convert retry test to use hq-interop client Reviewed-by: Sasa Nedvedicky <sashan@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl
Convert retry test to use hq-interop client Reviewed-by: Sasa Nedvedicky <sashan@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25426)
show more ...
|
2858149e | 22-Aug-2024 |
Neil Horman |
Adding an hq-interop alpn client Reviewed-by: Sasa Nedvedicky <sashan@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (
Adding an hq-interop alpn client Reviewed-by: Sasa Nedvedicky <sashan@openssl.org> Reviewed-by: Viktor Dukhovni <viktor@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25426)
show more ...
|
c8127df0 | 05-Sep-2024 |
Neil Horman |
Detect fin state of a QUIC stream for streams which are completely read SSL_poll indicates that a stream which has had the fin bit set on it, should generate SSL_POLL_EVENT_R events, so
Detect fin state of a QUIC stream for streams which are completely read SSL_poll indicates that a stream which has had the fin bit set on it, should generate SSL_POLL_EVENT_R events, so that applications can detect stream completion via SSL_read_ex and SSL_get_error returning SSL_ERROR_ZERO_RETURN. However, the quic polling code misses on this, as a client that completely reads a buffer after receipt has its underlying stream buffer freed, loosing the fin status We can however detect stream completion still, as a stream which has been finalized, and had all its data read will be in the QUIC_RSTREAM_STATE_DATA_READ state, iff the fin bit was set. Fix it by checking in test_poll_event_r for that state, and generating a SSL_POLL_EVENT_R if its found to be true, so as to stay in line with the docs. Fixes openssl/private#627 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Sasa Nedvedicky <sashan@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25399)
show more ...
|
8e0d479b | 13-Sep-2024 |
Richard Levitte |
docs: Correct bad link to provider-keymgmt(7) in provider-signature(7) Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://g
docs: Correct bad link to provider-keymgmt(7) in provider-signature(7) Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25423)
show more ...
|
04c134a9 | 10-Sep-2024 |
Richard Levitte |
docs: Document the new signature interface for providers Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/open
docs: Document the new signature interface for providers Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25423)
show more ...
|
22c2928a | 12-Sep-2024 |
Sahana Prasad |
IANA has assigned numbers for new TLS Supported Groups in ML-KEM https://www.ietf.org/archive/id/draft-kwiatkowski-tls-ecdhe-mlkem-01.html#name-iana-considerations Signed-off-by: Sahana Prasa
IANA has assigned numbers for new TLS Supported Groups in ML-KEM https://www.ietf.org/archive/id/draft-kwiatkowski-tls-ecdhe-mlkem-01.html#name-iana-considerations Signed-off-by: Sahana Prasad <sahana@redhat.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> (Merged from https://github.com/openssl/openssl/pull/25477)
show more ...
|
645edf50 | 10-Sep-2024 |
erbsland-dev |
Add Missing Error Messages for AES-OCB Tag Length Validation Related to #8331 Addressing found issues by adding specific error messages to improve feedback when tag length checks fai
Add Missing Error Messages for AES-OCB Tag Length Validation Related to #8331 Addressing found issues by adding specific error messages to improve feedback when tag length checks fail for the `EVP_CTRL_AEAD_SET_TAG` parameter in the AES-OCB algorithm. - Added PROV_R_INVALID_TAG_LENGTH error to indicate when the current tag length exceeds the maximum tag length of the algorithm. - Added `PROV_R_INVALID_TAG_LENGTH` error to indicate when the current tag length in the context does not match a custom tag length provided as a parameter. - Added `ERR_R_PASSED_INVALID_ARGUMENT` error to handle cases where an invalid pointer is passed in encryption mode. Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25425)
show more ...
|
9cd4051e | 06-Aug-2024 |
Holger Dengler |
s390x: Add hardware acceleration for full AES-XTS The CPACF instruction KM provides support for accelerating the full AES-XTS algorithm on newer machines for AES_XTS_128 and AES_XTS_256.
s390x: Add hardware acceleration for full AES-XTS The CPACF instruction KM provides support for accelerating the full AES-XTS algorithm on newer machines for AES_XTS_128 and AES_XTS_256. Preliminary measurements showed performance improvements of up to 50%, dependent on the message size. Signed-off-by: Holger Dengler <dengler@linux.ibm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25414)
show more ...
|
af8b7e43 | 11-Sep-2024 |
Tomas Mraz |
Update the version to 3.5.0-dev Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed
Update the version to 3.5.0-dev Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from https://github.com/openssl/openssl/pull/25437)
show more ...
|
3cd5aeb3 | 10-Sep-2024 |
Richard Levitte |
docs: Document the implemented composite signature+hash algorithms The details for RSA and EdDSA have already been documented, albeit the RSA documentation wasn't conforming properly to
docs: Document the implemented composite signature+hash algorithms The details for RSA and EdDSA have already been documented, albeit the RSA documentation wasn't conforming properly to the POD format. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25422)
show more ...
|
f37dea41 | 11-Sep-2024 |
Daiki Ueno |
s_server: Support reading HTTP request from early data This would be useful when testing with browsers / downloaders which support 0-RTT only through HTTP. Signed-off-by: Daiki
s_server: Support reading HTTP request from early data This would be useful when testing with browsers / downloaders which support 0-RTT only through HTTP. Signed-off-by: Daiki Ueno <dueno@redhat.com> Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16055)
show more ...
|
2a53df69 | 09-Sep-2024 |
Gerd Hoffmann |
fix small footprint builds on arm Building with '-D OPENSSL_SMALL_FOOTPRINT' for aarch64 fails due to 'gcm_ghash_4bit' being undeclared. Fix that by not setting the function pointer
fix small footprint builds on arm Building with '-D OPENSSL_SMALL_FOOTPRINT' for aarch64 fails due to 'gcm_ghash_4bit' being undeclared. Fix that by not setting the function pointer when building with OPENSSL_SMALL_FOOTPRINT, matching openssl behavior on x86. Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25419)
show more ...
|
e8498dc6 | 15-Jul-2024 |
Michael Baentsch <57787676+baentsch@users.noreply.github.com> |
document provider dependency handling Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24884) |
2478d3b7 | 14-Jun-2024 |
Frederik Wedel-Heinen |
Cleanup of unused functions and macros in ssl_local.h Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.
Cleanup of unused functions and macros in ssl_local.h Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24648)
show more ...
|
7a4f0c6a | 07-Sep-2024 |
Jonathan M. Wilbur |
feat: print <none> in issuer serials in ac targeting extension Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.
feat: print <none> in issuer serials in ac targeting extension Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25244)
show more ...
|
f6b2ab0b | 21-Aug-2024 |
Jonathan M. Wilbur |
test: authorityAttributeIdentifier X.509v3 extension Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openss
test: authorityAttributeIdentifier X.509v3 extension Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25244)
show more ...
|