History log of /openssl/ (Results 251 – 275 of 36072)
Revision (<<< Hide revision tags) (Show revision tags >>>)Date Author Comments
(<<< Hide modified files)
(Show modified files >>>)
0fdf965b11-Sep-2024 Neil Horman

review fixups for quic-hq-interop

Reviewed-by: Sasa Nedvedicky <sashan@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>

review fixups for quic-hq-interop

Reviewed-by: Sasa Nedvedicky <sashan@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25426)

show more ...

a62fb94610-Sep-2024 Neil Horman

Clean up style issues

Reviewed-by: Sasa Nedvedicky <sashan@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from

Clean up style issues

Reviewed-by: Sasa Nedvedicky <sashan@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25426)

show more ...

67b739fb10-Sep-2024 Neil Horman

Add some more tests to the interop matrix and fixup a typo

* Add resumption and multiplexing tests
* Remove needless head -n operation when patching implementation.json

Reviewed

Add some more tests to the interop matrix and fixup a typo

* Add resumption and multiplexing tests
* Remove needless head -n operation when patching implementation.json

Reviewed-by: Sasa Nedvedicky <sashan@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25426)

show more ...

e4bfcee210-Sep-2024 Neil Horman

Adding more documentation

Reviewed-by: Sasa Nedvedicky <sashan@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged

Adding more documentation

Reviewed-by: Sasa Nedvedicky <sashan@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25426)

show more ...

1b6638b106-Sep-2024 Neil Horman

Do batching of stream requests

We have a limited number of streams to use
send requests in accordance with the number of streams we have
and batch requests according to that limit

Do batching of stream requests

We have a limited number of streams to use
send requests in accordance with the number of streams we have
and batch requests according to that limit

Reviewed-by: Sasa Nedvedicky <sashan@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25426)

show more ...

34d6ec8004-Sep-2024 Neil Horman

support polling of multiple streams

Reviewed-by: Sasa Nedvedicky <sashan@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>

support polling of multiple streams

Reviewed-by: Sasa Nedvedicky <sashan@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25426)

show more ...

3951741230-Aug-2024 Neil Horman

update quic docker container files

1) Limit clone depth to allow faster fetches
2) Supply OPENSSL_URL and OPENSSL_BRANCH args to allow for branch
testing

Reviewed-by: Sas

update quic docker container files

1) Limit clone depth to allow faster fetches
2) Supply OPENSSL_URL and OPENSSL_BRANCH args to allow for branch
testing

Reviewed-by: Sasa Nedvedicky <sashan@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25426)

show more ...

1b114e3929-Aug-2024 Neil Horman

Add lots of docs

Reviewed-by: Sasa Nedvedicky <sashan@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from http

Add lots of docs

Reviewed-by: Sasa Nedvedicky <sashan@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25426)

show more ...

d978e5fb29-Aug-2024 Neil Horman

Adding session resume support to hq-interop

Reviewed-by: Sasa Nedvedicky <sashan@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl

Adding session resume support to hq-interop

Reviewed-by: Sasa Nedvedicky <sashan@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25426)

show more ...

1df1cb4329-Aug-2024 Neil Horman

Convert retry test to use hq-interop client

Reviewed-by: Sasa Nedvedicky <sashan@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl

Convert retry test to use hq-interop client

Reviewed-by: Sasa Nedvedicky <sashan@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25426)

show more ...

2858149e22-Aug-2024 Neil Horman

Adding an hq-interop alpn client

Reviewed-by: Sasa Nedvedicky <sashan@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(

Adding an hq-interop alpn client

Reviewed-by: Sasa Nedvedicky <sashan@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25426)

show more ...

c8127df005-Sep-2024 Neil Horman

Detect fin state of a QUIC stream for streams which are completely read

SSL_poll indicates that a stream which has had the fin bit set on it,
should generate SSL_POLL_EVENT_R events, so

Detect fin state of a QUIC stream for streams which are completely read

SSL_poll indicates that a stream which has had the fin bit set on it,
should generate SSL_POLL_EVENT_R events, so that applications can detect
stream completion via SSL_read_ex and SSL_get_error returning
SSL_ERROR_ZERO_RETURN.

However, the quic polling code misses on this, as a client that
completely reads a buffer after receipt has its underlying stream buffer
freed, loosing the fin status

We can however detect stream completion still, as a stream which has
been finalized, and had all its data read will be in the
QUIC_RSTREAM_STATE_DATA_READ state, iff the fin bit was set.

Fix it by checking in test_poll_event_r for that state, and generating a
SSL_POLL_EVENT_R if its found to be true, so as to stay in line with the
docs.

Fixes openssl/private#627

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Sasa Nedvedicky <sashan@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25399)

show more ...

8e0d479b13-Sep-2024 Richard Levitte

docs: Correct bad link to provider-keymgmt(7) in provider-signature(7)

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://g

docs: Correct bad link to provider-keymgmt(7) in provider-signature(7)

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25423)

show more ...

04c134a910-Sep-2024 Richard Levitte

docs: Document the new signature interface for providers

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/open

docs: Document the new signature interface for providers

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25423)

show more ...

22c2928a12-Sep-2024 Sahana Prasad

IANA has assigned numbers for new TLS Supported Groups in ML-KEM
https://www.ietf.org/archive/id/draft-kwiatkowski-tls-ecdhe-mlkem-01.html#name-iana-considerations
Signed-off-by: Sahana Prasa

IANA has assigned numbers for new TLS Supported Groups in ML-KEM
https://www.ietf.org/archive/id/draft-kwiatkowski-tls-ecdhe-mlkem-01.html#name-iana-considerations
Signed-off-by: Sahana Prasad <sahana@redhat.com>

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/25477)

show more ...

645edf5010-Sep-2024 erbsland-dev

Add Missing Error Messages for AES-OCB Tag Length Validation

Related to #8331
Addressing found issues by adding specific error messages to improve
feedback when tag length checks fai

Add Missing Error Messages for AES-OCB Tag Length Validation

Related to #8331
Addressing found issues by adding specific error messages to improve
feedback when tag length checks fail for the `EVP_CTRL_AEAD_SET_TAG`
parameter in the AES-OCB algorithm.

- Added PROV_R_INVALID_TAG_LENGTH error to indicate when the current tag
length exceeds the maximum tag length of the algorithm.
- Added `PROV_R_INVALID_TAG_LENGTH` error to indicate when the current tag
length in the context does not match a custom tag length provided as
a parameter.
- Added `ERR_R_PASSED_INVALID_ARGUMENT` error to handle cases where an
invalid pointer is passed in encryption mode.

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25425)

show more ...

9cd4051e06-Aug-2024 Holger Dengler

s390x: Add hardware acceleration for full AES-XTS

The CPACF instruction KM provides support for accelerating the full
AES-XTS algorithm on newer machines for AES_XTS_128 and AES_XTS_256.

s390x: Add hardware acceleration for full AES-XTS

The CPACF instruction KM provides support for accelerating the full
AES-XTS algorithm on newer machines for AES_XTS_128 and AES_XTS_256.

Preliminary measurements showed performance improvements of up to 50%,
dependent on the message size.

Signed-off-by: Holger Dengler <dengler@linux.ibm.com>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25414)

show more ...

af8b7e4311-Sep-2024 Tomas Mraz

Update the version to 3.5.0-dev

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed

Update the version to 3.5.0-dev

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/25437)

show more ...

3cd5aeb310-Sep-2024 Richard Levitte

docs: Document the implemented composite signature+hash algorithms

The details for RSA and EdDSA have already been documented, albeit the
RSA documentation wasn't conforming properly to

docs: Document the implemented composite signature+hash algorithms

The details for RSA and EdDSA have already been documented, albeit the
RSA documentation wasn't conforming properly to the POD format.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25422)

show more ...

f37dea4111-Sep-2024 Daiki Ueno

s_server: Support reading HTTP request from early data

This would be useful when testing with browsers / downloaders which
support 0-RTT only through HTTP.

Signed-off-by: Daiki

s_server: Support reading HTTP request from early data

This would be useful when testing with browsers / downloaders which
support 0-RTT only through HTTP.

Signed-off-by: Daiki Ueno <dueno@redhat.com>

Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16055)

show more ...

2a53df6909-Sep-2024 Gerd Hoffmann

fix small footprint builds on arm

Building with '-D OPENSSL_SMALL_FOOTPRINT' for aarch64 fails due to
'gcm_ghash_4bit' being undeclared. Fix that by not setting the function
pointer

fix small footprint builds on arm

Building with '-D OPENSSL_SMALL_FOOTPRINT' for aarch64 fails due to
'gcm_ghash_4bit' being undeclared. Fix that by not setting the function
pointer when building with OPENSSL_SMALL_FOOTPRINT, matching openssl
behavior on x86.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25419)

show more ...

e8498dc615-Jul-2024 Michael Baentsch <57787676+baentsch@users.noreply.github.com>

document provider dependency handling

Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24884)

2478d3b714-Jun-2024 Frederik Wedel-Heinen

Cleanup of unused functions and macros in ssl_local.h

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.

Cleanup of unused functions and macros in ssl_local.h

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24648)

show more ...

7a4f0c6a07-Sep-2024 Jonathan M. Wilbur

feat: print <none> in issuer serials in ac targeting extension

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.

feat: print <none> in issuer serials in ac targeting extension

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25244)

show more ...

f6b2ab0b21-Aug-2024 Jonathan M. Wilbur

test: authorityAttributeIdentifier X.509v3 extension

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openss

test: authorityAttributeIdentifier X.509v3 extension

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25244)

show more ...

1...<<11121314151617181920>>...1443