#
123c8586 |
| 01-Sep-2023 |
Neil Horman |
Add dupctx support to rc4_hmac_md5 algo Pretty straightforward, just clone the requested context, no pointers to fixup Fixes #21887 Reviewed-by: Paul Dale <pauli@openss
Add dupctx support to rc4_hmac_md5 algo Pretty straightforward, just clone the requested context, no pointers to fixup Fixes #21887 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21933)
show more ...
|
#
da1c088f |
| 07-Sep-2023 |
Matt Caswell |
Copyright year updates Reviewed-by: Richard Levitte <levitte@openssl.org> Release: yes
|
#
1e6bd31e |
| 19-Apr-2023 |
Irak Rigia |
Replaced '{ 0, NULL }' with OSSL_DISPATCH_END in OSSL_DISPATCH arrays Fixes #20710 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org>
Replaced '{ 0, NULL }' with OSSL_DISPATCH_END in OSSL_DISPATCH arrays Fixes #20710 Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/20745)
show more ...
|
#
fecb3aae |
| 03-May-2022 |
Matt Caswell |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> Release: yes
|
#
33219939 |
| 15-Apr-2022 |
Matt Caswell |
Fix the RC4-MD5 cipher A copy&paste error meant that the RC4-MD5 cipher (used in TLS) used the TLS AAD data as the MAC key. CVE-2022-1434 Fixes #18112 Reviewed
Fix the RC4-MD5 cipher A copy&paste error meant that the RC4-MD5 cipher (used in TLS) used the TLS AAD data as the MAC key. CVE-2022-1434 Fixes #18112 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org>
show more ...
|
Revision tags: openssl-3.0.0-alpha17, openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13 |
|
#
8f42380a |
| 02-Mar-2021 |
Pauli |
prov: support params argument to RCx ciphers Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14383)
|
#
644c5dd3 |
| 23-Feb-2021 |
Pauli |
prov: upport modified gettable/settable ctx calls for ciphers Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14240)
|
Revision tags: openssl-3.0.0-alpha12, OpenSSL_1_1_1j |
|
#
2741128e |
| 05-Feb-2021 |
Tomas Mraz |
Move the PROV_R reason codes to a public header The PROV_R codes can be returned to applications so it is useful to have some common set of provider reason codes for the applications
Move the PROV_R reason codes to a public header The PROV_R codes can be returned to applications so it is useful to have some common set of provider reason codes for the applications or third party providers. Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14086)
show more ...
|
Revision tags: openssl-3.0.0-alpha11, openssl-3.0.0-alpha10 |
|
#
a054d15c |
| 17-Dec-2020 |
Shane Lontis |
Replace provider cipher flags with separate param fields Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13830)
|
#
4333b89f |
| 28-Jan-2021 |
Richard Levitte |
Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13999)
|
#
1dccccf3 |
| 07-Jan-2021 |
Matt Caswell |
Fix enable-weak-ssl-ciphers Commit e260bee broke the enable-weak-ssl-ciphers option. The stitched rc4-hmac-md5 cipher implementation did not recognise the tls_version parameter, and
Fix enable-weak-ssl-ciphers Commit e260bee broke the enable-weak-ssl-ciphers option. The stitched rc4-hmac-md5 cipher implementation did not recognise the tls_version parameter, and therefore was being incorrectly handled. Fixes #13795 Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/13803)
show more ...
|
Revision tags: OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7 |
|
#
592dcfd3 |
| 29-Sep-2020 |
Pauli |
prov: prefix all exposed 'cipher' symbols with ossl_ Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13030)
|
#
7d6766cb |
| 28-Sep-2020 |
Pauli |
prov: prefix provider internal functions with ossl_ Also convert the names to lower case. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/open
prov: prefix provider internal functions with ossl_ Also convert the names to lower case. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13014)
show more ...
|
#
1be63951 |
| 28-Sep-2020 |
Pauli |
prov: prefix all OSSL_DISPATCH tables names with ossl_ This stops them leaking into other namespaces in a static build. They remain internal. Reviewed-by: Richard Levitte <levit
prov: prefix all OSSL_DISPATCH tables names with ossl_ This stops them leaking into other namespaces in a static build. They remain internal. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13013)
show more ...
|
Revision tags: OpenSSL_1_1_1h |
|
#
f99d3eed |
| 08-Sep-2020 |
Pauli |
ciphers: add FIPS error state handling The functions that check for the provider being runnable are: new, init, final and dupctx. Reviewed-by: Matt Caswell <matt@openssl.org>
ciphers: add FIPS error state handling The functions that check for the provider being runnable are: new, init, final and dupctx. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12801)
show more ...
|
#
1017ab21 |
| 07-Aug-2020 |
Pauli |
provider: add the unused paramater tag to the gettable and settable functions Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12603)
|
Revision tags: openssl-3.0.0-alpha6 |
|
#
af5e1e85 |
| 05-Aug-2020 |
Pauli |
gettables: provider changes to pass the provider context. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12581)
|
Revision tags: openssl-3.0.0-alpha5, openssl-3.0.0-alpha4 |
|
#
63ee6ec1 |
| 23-Jun-2020 |
Matt Caswell |
Ensure any allocated MAC is freed in the provider code Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12288)
|
#
363b1e5d |
| 20-Jun-2020 |
Dr. Matthias St. Pierre |
Make the naming scheme for dispatched functions more consistent The new naming scheme consistently usese the `OSSL_FUNC_` prefix for all functions which are dispatched between the core a
Make the naming scheme for dispatched functions more consistent The new naming scheme consistently usese the `OSSL_FUNC_` prefix for all functions which are dispatched between the core and providers. This change includes in particular all up- and downcalls, i.e., the dispatched functions passed from core to provider and vice versa. - OSSL_core_ -> OSSL_FUNC_core_ - OSSL_provider_ -> OSSL_FUNC_core_ For operations and their function dispatch tables, the following convention is used: Type | Name (evp_generic_fetch(3)) | ---------------------|-----------------------------------| operation | OSSL_OP_FOO | function id | OSSL_FUNC_FOO_FUNCTION_NAME | function "name" | OSSL_FUNC_foo_function_name | function typedef | OSSL_FUNC_foo_function_name_fn | function ptr getter | OSSL_FUNC_foo_function_name | Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12222)
show more ...
|
Revision tags: openssl-3.0.0-alpha3, openssl-3.0.0-alpha2, openssl-3.0.0-alpha1 |
|
#
33388b44 |
| 23-Apr-2020 |
Matt Caswell |
Update copyright year Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11616)
|
Revision tags: OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e |
|
#
781aa7ab |
| 15-Jan-2020 |
Pauli |
Deprecate the low level MD5 functions. Use of the low level MD5 functions has been informally discouraged for a long time. We now formally deprecate them. Reviewed-by: Matt Cas
Deprecate the low level MD5 functions. Use of the low level MD5 functions has been informally discouraged for a long time. We now formally deprecate them. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10791)
show more ...
|
#
a8fca728 |
| 13-Jan-2020 |
Pauli |
Deprecate the low level RC4 functions Use of the low level RC4 functions has been informally discouraged for a long time. We now formally deprecate them. Applications should in
Deprecate the low level RC4 functions Use of the low level RC4 functions has been informally discouraged for a long time. We now formally deprecate them. Applications should instead use the EVP APIs, e.g. EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex and the equivalently named decrypt functions. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10834)
show more ...
|
Revision tags: OpenSSL_1_0_2u |
|
#
8fece335 |
| 10-Oct-2019 |
Shane Lontis |
Add rc4_hmac_md5 cipher to default provider Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10179)
|