summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
...
* Bump libcrypto, libssl and libtls minors due to symbol additions.jsing2019-11-023-3/+3
|
* Provide RSA_PKCS1_OpenSSL().jsing2019-11-023-3/+10
| | | | Prompted by inoguchi@
* Make RSA_padding_{add,check}_PKCS1_OAEP_mgf1() public.jsing2019-11-023-9/+10
|
* Make RSA_OAEP_PARAMs public.jsing2019-11-023-17/+22
|
* Document tls_conn_cipher_strength().jsing2019-11-021-2/+14
| | | | ok schwarze@
* Enable CMS in LibreSSL.jsing2019-11-023-2/+135
| | | | ok bcook@ deraadt@ inoguchi@ job@ tb@
* Provide tls_conn_cipher_strength().jsing2019-11-024-3/+15
| | | | | | | | | This returns the strength in bits of the symmetric cipher used for the connection. Diff from gilles@ ok tb@
* In evp/pmeth_lib.c rev. 1.16, jsing@ enabled EVP_PKEY_RSA_PSS.schwarze2019-11-011-3/+5
| | | | Document it.
* In rsa.h rev. 1.45, jsing@ providedschwarze2019-11-011-8/+16
| | | | | | the three macro constants RSA_PSS_SALTLEN_*; document them. The wording is a combination of our existing text and the wording in the OpenSSL 1.1.1 branch, which is still under a free license.
* Add DSA CMS support.jsing2019-11-011-1/+25
| | | | | | From OpenSSL 1.1.1d. ok tb@
* Add RSA CMS support.jsing2019-11-013-5/+262
| | | | | | From OpenSSL 1.1.1d. ok tb@
* Provide NID for pSpecified.jsing2019-11-012-0/+2
| | | | ok tb@
* Wire up PKEY methods for RSA-PSS.jsing2019-11-011-2/+6
| | | | ok tb@
* Wire up ASN.1 methods for RSA-PSS.jsing2019-11-011-1/+5
| | | | ok tb@
* In rsa.h rev. 1.45, jsing@ provided the threeschwarze2019-11-012-6/+64
| | | | | | macros EVP_PKEY_CTX_set_rsa_pss_keygen_*(3); document them. Text mostly taken from the OpenSSL 1.1.1 branch, which is still under a free license, but rearranged to fit the structure of our manual pages.
* move the PSS macros to the end in preparation for adding more macros,schwarze2019-11-011-50/+45
| | | | | reduce text duplication by forming subsections, and some minor corrections
* The EVP_PKEY_CTX_ctrl(3) manual page requires additions for RSA-PSSschwarze2019-11-014-267/+358
| | | | but it is growing to excessive size, so split out RSA_pkey_ctx_ctrl(3).
* Update RSA ASN.1 code to handle RSA-PSS.jsing2019-11-014-302/+389
| | | | | | From OpenSSL 1.1.1d. ok tb@
* Clean up RSA_new_method().jsing2019-11-011-40/+24
| | | | | | | | | | Use calloc() instead of malloc() for initialisation and remove explicit zero initialisation of members. This ensures that new members always get initialised. Also use a single error return path, simplifying code. ok tb@
* Add RSA OAEP test for pkeyutl in appstest.shinoguchi2019-10-311-1/+21
|
* In rsa_pmeth.c rev. 1.30, jsing@ set the minimum RSA key lengthschwarze2019-10-311-2/+3
| | | | for RSA key generation to 512 bits. Document that minimum.
* Add CMS controls for RSA.jsing2019-10-311-1/+8
|
* Add support for RSA-PSS.jsing2019-10-315-65/+370
| | | | | | From OpenSSL 1.1.1d. ok inoguchi@
* Move RSA min modulus to a define and increase from 256 to 512 bits.jsing2019-10-312-4/+6
| | | | | | From OpenSSL 1.1.1d. ok inoguchi@
* Fix indent and indent before labels.jsing2019-10-311-5/+5
|
* Use braces where a statement has both multi-line and single-line blocks.jsing2019-10-311-8/+13
| | | | | | Makes code more robust and reduces differences with OpenSSL. ok inoguchi@
* Add additional validation of key size, message digest size and publicjsing2019-10-311-3/+17
| | | | | | | | exponent. From OpenSSL 1.1.1d. ok inoguchi@
* Clean up some code.jsing2019-10-311-11/+13
| | | | | | | Assign and test, explicitly test against NULL and use calloc() rather than malloc. ok inoguchi@
* Avoid potentially leaking pub_exp in pkey_rsa_copy().jsing2019-10-311-4/+4
| | | | ok inoguchi@
* In rsa.h rev. 1.41, jsing@ provided RSA_pkey_ctx_ctrl(3).schwarze2019-10-291-1/+26
| | | | Write the documentation from scratch.
* merge documentation for several macros EVP_PKEY_CTX_*_rsa_oaep_*(3)schwarze2019-10-291-4/+239
| | | | | | and EVP_PKEY_CTX_*_ecdh_*(3); from Antoine Salon <asalon at vmware dot com> via OpenSSL commit 87103969 Oct 1 14:11:57 2018 -0700 from the OpenSSL 1.1.1 branch, which is still under a free license
* merge documentation for EVP_PKEY_CTX_set1_id(3), EVP_PKEY_CTX_get1_id(3),schwarze2019-10-291-2/+57
| | | | | | and EVP_PKEY_CTX_get1_id_len(3), but make it sound more like English text; from Paul Yang via OpenSSL commit f922dac8 Sep 6 10:36:11 2018 +0800 from the OpenSSL 1.1.1 branch, which is still under a free license
* merge documentation of EVP_PKEY_CTX_set_ec_param_enc(3)schwarze2019-10-291-6/+23
| | | | from Stephen Henson via OpenSSL commit 146ca72c Feb 19 14:35:43 2015 +0000
* correct HISTORY of some RSA control macrosschwarze2019-10-291-5/+26
|
* list supported algorithm ids and clarify how the engine argument is usedschwarze2019-10-291-10/+50
|
* Add two controls that were missed in the previous commit.jsing2019-10-291-1/+13
|
* Update RSA OAEP code.jsing2019-10-292-21/+124
| | | | | | | This syncs the RSA OAEP code with OpenSSL 1.1.1d, correctly handling OAEP padding and providing various OAEP related controls. ok inoguchi@ tb@
* Provide EVP_PKEY_CTX_md().jsing2019-10-292-8/+18
| | | | | | | | | | | | This handles controls with a message digest by name, looks up the message digest and then proxies the control through with the EVP_MD *. This is internal only for now and will be used in upcoming RSA related changes. Based on OpenSSL 1.1.1d. ok inoguchi@ tb@
* Free maskHash when RSA_PSS_PARAMS is freed.jsing2019-10-251-3/+23
| | | | ok tb@
* Service names are still resolved with -nkn2019-10-241-4/+4
| | | | | | | | | Just like pfctl(8)'s -N, this flag only avoid DNS; "nc -vz ::1 socks" still works. Fix documentation by copying pfctl's wording. OK deraadt
* Provide ASN1_TYPE_{,un}pack_sequence().jsing2019-10-242-2/+36
| | | | | | | | These are internal only for now. Based on OpenSSL 1.1.1d. ok inoguchi@
* Provide RSA_OAEP_PARAMS along with ASN.1 encoding/decoding.jsing2019-10-242-2/+97
| | | | | | | | For now these are internal only. From OpenSSL 1.1.1d. ok inoguchi@
* Bump libcrypto, libssl and libtls majors due to changes in struct sizesjsing2019-10-243-6/+6
| | | | and symbol addition.
* Add RSA_PSS_PARAMS pointer to RSA struct.jsing2019-10-241-1/+8
| | | | | | This will be used by upcoming RSA-PSS code. ok tb@
* Add maskHash field to RSA_PSS_PARAMS.jsing2019-10-241-1/+4
| | | | | | | This will be soon used as an optimisation and reduces the differences between OpenSSL. ok tb@
* Provide RSA_pkey_ctx_ctrl().jsing2019-10-243-2/+20
| | | | | | | | | This is a wrapper around EVP_PKEY_CTX_ctrl() which requires the key to be either RSA or RSA-PSS. From OpenSSL 1.1.1d. ok tb@
* Add EVP_PKEY_RSA_PSS.jsing2019-10-241-1/+2
| | | | ok tb@
* Print IP address in verbose modejob2019-10-241-12/+34
| | | | OK kn@
* Revert previous, which works for -N case but causes regress failuresbeck2019-10-231-18/+1
| | | | | | | for tls, since the socket is shut down without calling tls_close(). Since nc appears to have a problem with this in other shutdown() cases I am simply going to bake a new diff for this. noticed by bluhm@.
* Sync RSA_padding_check_PKCS1_OAEP_mgf1().jsing2019-10-171-64/+111
| | | | | | | | | Update RSA_padding_check_PKCS1_OAEP_mgf1() with code from OpenSSL 1.1.1d (with some improvements/corrections to comments). This brings in code to make the padding check constant time. ok inoguchi@ tb@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-04 00:24:03 +0000