Dr. Stephen Henson
3475bc9675
Add set methods.
...
Add set_group, set_public and set_private methods. An EC_KEY_METHOD can use
these to perform any appropriate operation when the key components are set,
such as caching data in some more convenient ENGINE specific format or
returning an error if the parameters are invalid or the operation is
not supported.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:18 +00:00
Dr. Stephen Henson
ea0392b921
EC_KEY_METHOD copy support
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:18 +00:00
Dr. Stephen Henson
0d6ff6d3d1
EC_KEY_METHOD init and finish support
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:18 +00:00
Dr. Stephen Henson
5196641617
ENGINE fixes
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:18 +00:00
Dr. Stephen Henson
cda302d94f
remove ECDH from mkdef.pl
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:18 +00:00
Dr. Stephen Henson
1e8622297d
remove ECDH_METHOD typedef
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:18 +00:00
Dr. Stephen Henson
30243c9523
remove ecdh.h header
...
Remove redundant ecdh.h header and any references to it.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:18 +00:00
Dr. Stephen Henson
fe74cc0432
remove ECDH error loading
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:17 +00:00
Dr. Stephen Henson
d3bcab845e
Remove crypto/ecdh update Makefile.org
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:17 +00:00
Dr. Stephen Henson
f517ffbb83
remove ECDH_METHOD from ENGINE
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:17 +00:00
Dr. Stephen Henson
53e3189d0c
make errors
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:17 +00:00
Dr. Stephen Henson
a22a7e7089
Add compute key support to EC_KEY_METHOD
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:17 +00:00
Dr. Stephen Henson
647b223875
Adapt ecdh_compute_key
...
Rename ecdh_compute_key into ossl_ecdh_compute_key and modify it
to use EC error codes. Remove superfluous old ECDH functions.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:17 +00:00
Dr. Stephen Henson
168e8374ee
move ECDH implementation to crypto/ec
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:17 +00:00
Dr. Stephen Henson
768c53e1b6
Move ECDH_KDF_X9_62 to crypto/ec
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:17 +00:00
Dr. Stephen Henson
5a6a1029d2
EC_KEY_METHOD keygen support.
...
Add keygen to EC_KEY_METHOD. Redirect EC_KEY_generate_key through
method and set the current EC key generation function as the default.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:17 +00:00
Dr. Stephen Henson
d2fa70d82b
make errors
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:17 +00:00
Dr. Stephen Henson
28572b577c
Support for EC_KEY_METHOD.
...
Add EC_KEY_METHOD. This is part of the EC revision and will make EC behave
more like other algorithms. Specifically:
EC_KEY_METHOD is part of EC_KEY.
It is part of ENGINE.
Default or key specific implementations can be provided to redirect some
or all operations.
Reviewed-by: Richard Levitte <levitte@openssl.org>
2015-12-09 22:09:17 +00:00
Ben Laurie
28cbe2ab4a
Link library for backtrace() on BSD...
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-09 13:37:30 +00:00
Richard Levitte
23fe34b47a
NEWS: Add a bit of precision regarding removal of cipher suites
...
Suggested by Benjamin Kaduk <bkaduk@akamai.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-09 00:35:58 +01:00
Richard Levitte
6f9a3c37db
Additional NEWS
...
Reviewed-by: Tim Hudson <tjh@openssl.org>
2015-12-08 23:36:18 +01:00
Rich Salz
ab29c82a55
Refer to website for acknowledgements.
...
Reviewed-by: Steve Marquess <marquess@openssl.com>
2015-12-08 16:07:09 -05:00
Richard Levitte
3cd7aef34d
Not all 'find's know -xtype, use -type instead
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-08 21:04:53 +01:00
Richard Levitte
382af61f62
Adapt the OS X build to use the OS X tar
...
As part of this, move release creation to a script to be called from
.travis.yml. That makes it much easier to test outside of travis.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-08 21:04:53 +01:00
Richard Levitte
4d3c30a179
Make it possible to affect the way dists are made
...
Introducing DISTTARVARS to propagate changed variables down to the
tar-making target.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-08 21:04:53 +01:00
Dr. Stephen Henson
d05775d703
Update NEWS
...
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-08 16:49:12 +00:00
Dr. Stephen Henson
42a8b3f90a
Extended master secret test script.
...
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-08 16:33:04 +00:00
Dr. Stephen Henson
b3fce9c91e
Add extms extension
...
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-08 16:33:04 +00:00
Dr. Stephen Henson
040c878350
TLSProxy update
...
Add function to delete extensions and fix ClientHello repacking.
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-08 16:33:04 +00:00
Dr. Stephen Henson
4160936143
update errors
...
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-08 16:32:39 +00:00
Dr. Stephen Henson
e7f0d9210c
Extended master secret fixes and checks.
...
Add new flag TLS1_FLAGS_RECEIVED_EXTMS which is set when the peer sends
the extended master secret extension.
Server now sends extms if and only if the client sent extms.
Check consistency of extms extension when resuming sessions following (where
practical) RFC7627.
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-08 16:32:39 +00:00
Matt Caswell
686cf15e9d
Fix merge error
...
Commit 6140f0365 added some new ctrl constants. However due to a
merge error one of these values was duplicated with an existing
value.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-08 13:00:59 +00:00
Dmitry Belyavskiy
6140f03653
Add some new cipher ctrl constants
...
These are needed for GOST
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-08 11:56:39 +00:00
Richard Levitte
c376d170d1
Cleanup the EVP_MD_CTX before exit rather than after
...
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-08 01:01:13 +01:00
Richard Levitte
3cb9fd97ce
Remove double semi (;)
...
When in the middle of declarations, some C compilers will complain.
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-08 00:11:47 +01:00
Richard Levitte
47abe38004
Remove typedef of HMAC_CTX from crypto/hmac/hmac_lcl.h
...
This is already defined in include/openssl/ossl_typ.h.
Reviewed-by: Matt Caswell <matt@openssl.org>
2015-12-07 20:53:17 +01:00
Richard Levitte
39d5193201
Fix clang complaints about uninitialised variables.
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-07 20:37:08 +01:00
Richard Levitte
b91dd150d2
Change tar owner and group to just 0
...
It seems like some tar versions don't like the name:id form for
--owner and --group. The closest known anonymous user being 0 (root),
that seems to be the most appropriate user/group to assign ownership
to. It matters very little when unpacking either way.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-07 17:49:15 +01:00
Richard Levitte
507db4c531
Add an entry in CHANGES
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-07 17:40:20 +01:00
Richard Levitte
706e2462f1
Document EVP_MD constructors, destructors and manipulators
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-07 17:40:20 +01:00
Richard Levitte
716854d74e
Document the HMAC changes
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-07 17:40:20 +01:00
Richard Levitte
25191fffb9
Document the EVP_MD_CTX changes
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-07 17:40:20 +01:00
Richard Levitte
b3bb779997
make update
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-07 17:40:20 +01:00
Richard Levitte
a87a0a6e5e
Cleanup: fix all sources that used HMAC_CTX_init
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-07 17:40:20 +01:00
Richard Levitte
dc0099e1dd
Cleanup: rename HMAC_CTX_init to HMAC_CTX_reset
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-07 17:40:20 +01:00
Richard Levitte
e0a3a803d9
Cleanup: support EVP_MD_CTX_(create|init|destroy) for deprecated use
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-07 17:40:20 +01:00
Richard Levitte
bfb0641f93
Cleanup: fix all sources that used EVP_MD_CTX_(create|init|destroy)
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-07 17:40:20 +01:00
Richard Levitte
959ed5316c
Cleanup: rename EVP_MD_CTX_(create|init|destroy) to EVP_MD_CTX_(new|reset|free)
...
Looking over names, it seems like we usually use names ending with
_new and _free as object constructors and destructors. Also, since
EVP_MD_CTX_init is now used to reset a EVP_MD_CTX, it might as well be
named accordingly.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-07 17:39:23 +01:00
Richard Levitte
6756532358
Cleanup: Remove M_EVP_MD_* macros
...
These macros were only meant for crypto/evp, and are now entirely
unused.
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-07 17:39:23 +01:00
Richard Levitte
eda34e4bef
Adapt the rest of the source to the removal of (EVP_MD_CTX|HMAC_CTX)_cleanup
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
2015-12-07 17:39:23 +01:00