| #
39dc3c0f |
| 09-Sep-2024 |
Pauli |
doc: document the health test EVP_RAND
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl
doc: document the health test EVP_RAND
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25415)
show more ...
|
| #
9524ca1b |
| 25-Jul-2024 |
Richard Levitte |
doc: Document EVP_{TYPE}_CTX_get_algor etc
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl
doc: Document EVP_{TYPE}_CTX_get_algor etc
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/25000)
show more ...
|
| #
38a71831 |
| 09-Jul-2024 |
Michael Baentsch <57787676+baentsch@users.noreply.github.com> |
adds TLS signature algorithms list feature
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Me
adds TLS signature algorithms list feature
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24821)
show more ...
|
| #
fe79159b |
| 07-Jun-2024 |
Dmitry Belyavskiy |
Implementation of the RFC 9579, PBMAC1 in PKCS#12
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openss
Implementation of the RFC 9579, PBMAC1 in PKCS#12
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24577)
show more ...
|
| #
1e7ff7be |
| 11-Jul-2024 |
Dimitri John Ledkov |
JITTER: excercise all tests in CI with JITTER seed source under certain build configuration
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
JITTER: excercise all tests in CI with JITTER seed source under certain build configuration
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24844)
show more ...
|
| #
8f3ebb7d |
| 11-Jul-2024 |
Dimitri John Ledkov |
JITTER: add documentation
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24844)
|
| #
0557d6c6 |
| 01-Jul-2024 |
slontis |
Add FIPS indicator callback.
Add a FIPS indicator callback that can be set via
OSSL_INDICATOR_set_callback(). This callback is intended to be run
whenever a non approved algorithm ch
Add FIPS indicator callback.
Add a FIPS indicator callback that can be set via
OSSL_INDICATOR_set_callback(). This callback is intended to be run
whenever a non approved algorithm check has occurred and strict checking
has been disabled.The callback may be used to
log non approved algorithms. The callback is passed a type and
description string as well as the cbarg specified in OSSL_INDICATOR_set_callback.
The return value can be either 0 or 1.
A value of 0 can be used for testing purposes to force an error to occur from the algorithm
that called the callback.
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24623)
show more ...
|
| #
b544047c |
| 08-Jul-2024 |
erbsland-dev |
Add documentation for deprecated CMAC_CTX functions
Fixes #5539: Create a new manual page `CMAC_CTX.pod` documenting the deprecated `CMAC_CTX` functions and add the necessary build dependenc
Add documentation for deprecated CMAC_CTX functions
Fixes #5539: Create a new manual page `CMAC_CTX.pod` documenting the deprecated `CMAC_CTX` functions and add the necessary build dependencies. This page includes function descriptions, usage details, and replacement suggestions with the `EVP_MAC` interface.
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24814)
show more ...
|
| #
2c1ef172 |
| 21-Jun-2024 |
erbsland-dev |
Add and Update Documentation for TS_VERIFY_CTX Functions
Mark the existing `TS_VERIFY_CTX_set_certs` function as deprecated in the
documentation.
Add missing documentation for the de
Add and Update Documentation for TS_VERIFY_CTX Functions
Mark the existing `TS_VERIFY_CTX_set_certs` function as deprecated in the
documentation.
Add missing documentation for the deprecated functions `TS_VERIFY_CTX_set_data`,
`TS_VERIFY_CTX_set_imprint`, and `TS_VERIFY_CTX_set_store`.
Write missing documentation for the following functions:
- `TS_VERIFY_CTX_new`
- `TS_VERIFY_CTX_init`
- `TS_VERIFY_CTX_free`
- `TS_VERIFY_CTX_cleanup`
- `TS_VERIFY_CTX_set_flags`
- `TS_VERIFY_CTX_add_flags`
- `TS_VERIFY_CTX_set0_data`
- `TS_VERIFY_CTX_set0_imprint`
- `TS_VERIFY_CTX_set0_store`
- `TS_VERIFY_CTX_set0_certs`
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24701)
show more ...
|
| #
6a3579e1 |
| 15-May-2024 |
Rajeev Ranjan |
CMP: add support for requesting cert template using genm/genp
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from ht
CMP: add support for requesting cert template using genm/genp
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24409)
show more ...
|
| #
f4b4a185 |
| 27-May-2024 |
Viktor Dukhovni |
MVP demo TLS server
- No concurrency, one client-at-a-time
- Blocking
- No client certs
- Fixed chain and key file names
- Minimal support for session resumption
Rev
MVP demo TLS server
- No concurrency, one client-at-a-time
- Blocking
- No client certs
- Fixed chain and key file names
- Minimal support for session resumption
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/24505)
show more ...
|
| #
58301e24 |
| 01-Jun-2024 |
Jonathan M. Wilbur |
Add support for targetingInformation X.509v3 extension
Support for the targetingInformation X.509v3 extension defined in ITU-T
Recommendation X.509 (2019), Section 17.1.2.2. This extensi
Add support for targetingInformation X.509v3 extension
Support for the targetingInformation X.509v3 extension defined in ITU-T
Recommendation X.509 (2019), Section 17.1.2.2. This extension is used
in attribute certificates.
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22206)
show more ...
|
| #
d3184110 |
| 22-Apr-2024 |
Hongren Zheng |
Add OPENSSL_riscvcap man page
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24172)
|
| #
a0d37e20 |
| 02-May-2024 |
Tomas Mraz |
Add documentation for OSSL_LIB_CTX_set/get_conf_diagnostics
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/o
Add documentation for OSSL_LIB_CTX_set/get_conf_diagnostics
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24275)
show more ...
|
| #
aecaacca |
| 30-Apr-2024 |
Matt Caswell |
Document the SSL_set_session_secret_cb() function
This function is only useful for EAP-FAST, but was previously undocumented.
Reviewed-by: Neil Horman <nhorman@openssl.org>
Revi
Document the SSL_set_session_secret_cb() function
This function is only useful for EAP-FAST, but was previously undocumented.
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24309)
show more ...
|
| #
40a200f9 |
| 03-Dec-2022 |
Dr. David von Oheimb |
CMP: add support for genm with crlStatusList and genp with crls
Introduce the capability to retrieve and update Certificate Revocation Lists
(CRLs) in the CMP client, as specified in sec
CMP: add support for genm with crlStatusList and genp with crls
Introduce the capability to retrieve and update Certificate Revocation Lists
(CRLs) in the CMP client, as specified in section 4.3.4 of RFC 9483.
To request a CRL update, the CMP client can send a genm message with the
option -infotype crlStatusList. The server will respond with a genp message
containing the updated CRL, using the -infoType id-it-crls. The client can
then save the CRL in a specified file using the -crlout parameter.
Co-authored-by: Rajeev Ranjan <ranjan.rajeev@siemens.com>
Reviewed-by: Todd Short <todd.short@me.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23768)
show more ...
|
| #
dab96a4f |
| 03-Jun-2021 |
Damian Hobson-Garcia |
x509_acert: Load attributes from config file section
Several of the attribute values defined for use by attribute certificates
use multi-valued data in an ASN.1 SEQUENCE. Allow reading o
x509_acert: Load attributes from config file section
Several of the attribute values defined for use by attribute certificates
use multi-valued data in an ASN.1 SEQUENCE. Allow reading of these values
from a configuration file, similar to how generic X.509 extensions are
handled.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15857)
show more ...
|
| #
0e8020a4 |
| 08-Jun-2021 |
Damian Hobson-Garcia |
Add IETFAttrSyntax type support
The IETFAtrrSyntax type is used for the values of several attributes
defined in RFC 5755 for use with attribute certificates.
Specifically this type i
Add IETFAttrSyntax type support
The IETFAtrrSyntax type is used for the values of several attributes
defined in RFC 5755 for use with attribute certificates.
Specifically this type is used with the "Charging Identity" and
"Group" attributes.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15857)
show more ...
|
| #
62960b87 |
| 30-Jun-2023 |
Damian Hobson-Garcia |
x509_acert: Add, remove and get attribute certificate attributes
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://githu
x509_acert: Add, remove and get attribute certificate attributes
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15857)
show more ...
|
| #
6b167313 |
| 30-Jun-2023 |
Damian Hobson-Garcia |
Attribute certificate printing functions
Add functions to print an attribute certificate. Several
attribute value types defined by the RFC 5755 specification
are multi-field values
Attribute certificate printing functions
Add functions to print an attribute certificate. Several
attribute value types defined by the RFC 5755 specification
are multi-field values (i.e ASN1_SEQUENCE rather than an ASN1_STRING
or similar format). Currently those values are printed using
`ASN1_item_print`. A more user-friendly output mechanism (maybe
similar to the i2r_ functions used for X509 extensions) could be
added in future.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15857)
show more ...
|
| #
9e1a8b5e |
| 18-Jun-2021 |
Damian Hobson-Garcia |
Attribute certificate getter and setter API
Only fields that are allowed by RFC 5755 are
accessible through this API. Fields that are only supported
in version 1 attribute certifica
Attribute certificate getter and setter API
Only fields that are allowed by RFC 5755 are
accessible through this API. Fields that are only supported
in version 1 attribute certificates (e.g. the AttCertIssuer
v1Form fields) are not implemented.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15857)
show more ...
|
| #
faa4a10e |
| 17-Apr-2024 |
Richard Levitte |
OSSL_STORE: Add reference docs for the built-in Windows store implementation
Fixes openssl/project#422
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Neil Horman <nho
OSSL_STORE: Add reference docs for the built-in Windows store implementation
Fixes openssl/project#422
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24170)
show more ...
|
| #
f945986a |
| 02-Feb-2024 |
Hugo Landau |
make update
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23495)
|
| #
d51398b9 |
| 22-Jan-2024 |
Hugo Landau |
QUIC: Add documentation for tuning API
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Me
QUIC: Add documentation for tuning API
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23360)
show more ...
|
| #
82973bcf |
| 23-Jan-2024 |
Hugo Landau |
QLOG: Add manpage openssl-qlog(7)
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/220
QLOG: Add manpage openssl-qlog(7)
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22037)
show more ...
|
