#
6f08353a |
| 04-Oct-2024 |
Dimitri John Ledkov |
doc: EVP_KDF document the semantic meaning of output Explicitely document what semantic meaning do various EVP_KDF algorithms produce. PBKDF2 produces cryptographic keys that ar
doc: EVP_KDF document the semantic meaning of output Explicitely document what semantic meaning do various EVP_KDF algorithms produce. PBKDF2 produces cryptographic keys that are subject to cryptographic security measures, for example as defined in NIST SP 800-132. All other algorithms produce keying material, not subject to explicit output length checks in any known standards. Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25610)
show more ...
|
#
7ed6de99 |
| 05-Sep-2024 |
Tomas Mraz |
Copyright year updates Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes
|
#
8e7f39e8 |
| 15-Aug-2024 |
slontis |
Cleanups for FIPS indicator documentation Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/
Cleanups for FIPS indicator documentation Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25195)
show more ...
|
#
6fa9a843 |
| 30-Jul-2024 |
pohsingwu |
Update documentation Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from https://github.com/openssl/openssl/pull/23900)
|
#
1b838621 |
| 02-Jun-2024 |
pohsingwu |
Restrict the length of key-derivation key used in KDFs Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from https://github.com/o
Restrict the length of key-derivation key used in KDFs Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com> (Merged from https://github.com/openssl/openssl/pull/23900)
show more ...
|
#
14e46600 |
| 17-Jul-2024 |
pohsingwu |
Restrict digest in set_ctx_params In this commit, we also return different error if the digest is XOF. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale
Restrict digest in set_ctx_params In this commit, we also return different error if the digest is XOF. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23889)
show more ...
|
#
6d47e819 |
| 02-Jun-2024 |
pohsingwu |
Restrict digest algorithm used in KDFs Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/
Restrict digest algorithm used in KDFs Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23889)
show more ...
|
#
2c3f1a6c |
| 15-Jul-2024 |
Pauli |
Fix parameter types int -> integer changes Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Richard Levitte <levitte@op
Fix parameter types int -> integer changes Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24881)
show more ...
|
#
c13ddf0a |
| 01-Jul-2024 |
slontis |
Change all existing FIPS configurable checks to use FIPS indicators. This changes the logic to always do the security checks and then decide what to do based on if this passes or not. Fa
Change all existing FIPS configurable checks to use FIPS indicators. This changes the logic to always do the security checks and then decide what to do based on if this passes or not. Failure of a check causes either a failure OR the FIPS indicator callback to be triggered. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24623)
show more ...
|
#
4741c80c |
| 16-Nov-2022 |
slontis |
Add missing HISTORY sections for OpenSSL 3.0 related documents. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com
Add missing HISTORY sections for OpenSSL 3.0 related documents. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/19690)
show more ...
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13 |
|
#
8020d79b |
| 11-Mar-2021 |
Matt Caswell |
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14512)
|
#
6980e36a |
| 26-Feb-2021 |
Pauli |
doc: document additional argument to KDF derive calls Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14310)
|
Revision tags: openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11, openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7, OpenSSL_1_1_1h, openssl-3.0.0-alpha6, openssl-3.0.0-alpha5, openssl-3.0.0-alpha4 |
|
#
660c5344 |
| 18-Jun-2020 |
Matt Caswell |
Revert "kdf: make function naming consistent." The commit claimed to make things more consistent. In fact it makes it less so. Revert back to the previous namig convention. This
Revert "kdf: make function naming consistent." The commit claimed to make things more consistent. In fact it makes it less so. Revert back to the previous namig convention. This reverts commit 765d04c9460a304c8119f57941341a149498b9db. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12186)
show more ...
|
#
fbd2ece1 |
| 25-Jun-2020 |
Matt Caswell |
Update copyright year Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/12273)
|
#
765d04c9 |
| 08-Jun-2020 |
Pauli |
kdf: make function naming consistent. The EVP_KDF_CTX_* functions have been relocated to the EVP_KDF_* namespace for consistency. Reviewed-by: Richard Levitte <levitte@openssl.o
kdf: make function naming consistent. The EVP_KDF_CTX_* functions have been relocated to the EVP_KDF_* namespace for consistency. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11996)
show more ...
|
Revision tags: openssl-3.0.0-alpha3, openssl-3.0.0-alpha2, openssl-3.0.0-alpha1, OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e, OpenSSL_1_0_2u |
|
#
dfabee82 |
| 27-Sep-2019 |
Richard Levitte |
Make doc/man7/ and doc/internal/man3/ conform with man-pages(7) It's all in the details, from man-pages(7): Formatting conventions for manual pages describing functions
Make doc/man7/ and doc/internal/man3/ conform with man-pages(7) It's all in the details, from man-pages(7): Formatting conventions for manual pages describing functions ... Variable names should, like argument names, be specified in italics. ... Formatting conventions (general) ... Special macros, which are usually in uppercase, are in bold. Exception: don't boldface NULL. ... Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10034)
show more ...
|
Revision tags: OpenSSL_1_0_2t, OpenSSL_1_1_0l, OpenSSL_1_1_1d |
|
#
0c452a51 |
| 10-Sep-2019 |
Pauli |
Reformat param description lines Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10024)
|
#
4c04e7b1 |
| 16-Sep-2019 |
Pauli |
Fix links to functions. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9905)
|
#
40526dfd |
| 15-Sep-2019 |
Pauli |
Clean up KDF documentation in section 7. The EVP_KDF_ctrl function doesn't exist anymore and have been replaced by EVP_KDF_CTX_set_params. The EVP_KDF_new_id function doesn't ex
Clean up KDF documentation in section 7. The EVP_KDF_ctrl function doesn't exist anymore and have been replaced by EVP_KDF_CTX_set_params. The EVP_KDF_new_id function doesn't exist either and EVP_KDF_new should be used instead. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9905)
show more ...
|
#
a218770d |
| 14-Sep-2019 |
Pauli |
Fix examples in the section 7 KDF man pages. All of the examples called EVP_KDF_set_params() when they should have been calling EVP_KDF_CTX_set_params(). Reviewed-by: Richard Le
Fix examples in the section 7 KDF man pages. All of the examples called EVP_KDF_set_params() when they should have been calling EVP_KDF_CTX_set_params(). Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9898)
show more ...
|
#
ccd7115a |
| 02-Sep-2019 |
Pauli |
Update KDF documentation (section 7) Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/9662)
|