mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-12-27 06:21:43 +08:00
Code Issues Packages Projects Releases Wiki Activity
30,872 Commits 34 Branches 385 Tags 621 MiB
c8adf19d2d
Commit Graph

12 Commits

Author SHA1 Message Date
Tomas Mraz
085e3cecbd Move libssl related defines used by fips provider to prov_ssl.h 
This nicely reduces the number of files considered as fips
provider sources.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15609)
 2021-06-04 17:06:47 +02:00
Shane Lontis
c8830891e6 Add ossl_provider symbols 
Partial fix for #12964

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14473)
 2021-03-18 17:52:38 +10:00
Matt Caswell
a28d06f3e9 Update copyright year 
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14235)
 2021-02-18 15:05:17 +00:00
Tomas Mraz
9ff5bd612a ssl_test: Add testcases for disallowing non-TLS1.3 curves with TLS1.3 
Also correctly mark max protocol version for some curves.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14154)
 2021-02-12 19:05:17 +01:00
Matt Caswell
306b8e7e19 Add the nist group names as aliases for the normal TLS group names 
By recognising the nist group names directly we can avoid having to call
EC_curve_nist2nid in libssl, which is not available in a no-ec build.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13916)
 2021-02-05 15:22:42 +00:00
Matt Caswell
cbb85bda0c Fix builds that specify both no-dh and no-ec 
Various sections of code assumed that at least one of dh or ec would be
available. We also now also need to handle cases where a provider has
a key exchange algorithm and TLS-GROUP that we don't know about.

Fixes #13536

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13549)
 2020-11-30 10:50:13 +00:00
Matt Caswell
51d9ac870a Fix no-ec2m 
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12526)
 2020-07-27 10:07:35 +01:00
Pauli
ecca5b6e2e capabilities: make capability selection case insensitive. 
Everything else to do with algorithm selection and properties is case
insensitive.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12450)
 2020-07-16 09:19:24 +02:00
Matt Caswell
2f1d0b35c1 Ensure we excluse ec2m curves if ec2m is disabled 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12292)
 2020-07-08 08:55:56 +01:00
Dr. Matthias St. Pierre
23c48d94d4 Rename <openssl/core_numbers.h> -> <openssl/core_dispatch.h> 
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12222)
 2020-06-24 22:01:22 +02:00
Matt Caswell
48e971dd9f Create defines for TLS Group Ids 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11914)
 2020-06-19 10:19:32 +01:00
Matt Caswell
72bfc95858 Add the concept of "Capabilities" to the default and fips providers 
With capabilities we can query a provider about what it can do.
Initially we support a "TLS-GROUP" capability.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11914)
 2020-06-19 10:19:31 +01:00