30a1ba0843
- Change version of the sources to 0.%%cd to avoid problems when upgrading if the versioning changes. - Added patch: * soname-sover.patch + Replace patchelf run with patch that makes cmake produce the shared libraries with the right SONAME and SOVER. - Remove unnecessary dependencies on go, patchelf, ninja and libunwind, since they are only needed for tests we are not running
Pedro Monreal Gonzalez2024-10-28 08:59:55 +00:00
e9940d43bc
Accepting request 1145361 from security:tls
Ana Guerrero2024-02-09 22:53:52 +00:00
0b30400cdf
Accepting request 1145360 from home:ohollmann:branches:security:tls
Otto Hollmann
2024-02-09 08:26:34 +00:00
d0e0a68384
- Update to version 20190916: * Revert "Fix VS build when assembler is enabled" * Only bypass the signature verification itself in fuzzer mode. * Move the PQ-experiment signal to SSL_CTX. * Name cipher suite tests in runner by IETF names. * Align TLS 1.3 cipher suite names with OpenSSL. * Prefix all the SIKE symbols. * Rename SIKE's params.c. * Add post-quantum experiment signal extension. * Fix shim error message endings. * Add initial draft of ACVP tool. * Implements SIKE/p434 * Add SipHash-2-4. * Remove android_tools checkout * Support key wrap with padding in CAVP. * Add android_sdk checkout * Move fipstools/ to util/fipstools/cavp * Factor out TLS cipher selection to ssl_choose_tls_cipher. * Emit empty signerInfos in PKCS#7 bundles. * Clarify language about default SSL_CTX session ticket key behavior. * Add an API to record use of delegated credential * Fix runner tests with Go 1.13. * Add a value barrier to constant-time selects. * Avoid leaking intermediate states in point doubling special case. * Split p224-64.c multiplication functions in three. * Add AES-KWP * Discuss the doubling case in windowed Booth representation. * Update build tools. * Set a minimum CMake version of 3.0. * Replace addc64,subc64,mul64 in SIKE Go code with functions from math/bits
Martin Pluskal2019-10-14 10:48:31 +00:00
570c177ee5
- Update to version 20190523: * Disable RDRAND on AMD chips before Zen. * Always store early data tickets. * Align PKCS12_parse closer to OpenSSL. * Support PKCS#12 KeyBags. * Support PKCS#8 blobs using PBES2 with HMAC-SHA256. * Make EVP_PKEY_keygen work for Ed25519. * Sync aesp8-ppc.pl with upstream. * Update generate_build_files.py for SIKE. * Fix the last casts in third_party/sike. * Remove no-op casts around tt1. * Define p503 with crypto_word_t, not uint64_t. * Add support for SIKE/p503 post-quantum KEM * tool: fix speed tests. * Add an option to skip crypto_test_data.cc in GN too. * Save and restore errors when ignoring ssl_send_alert result. * Reject obviously invalid DSA parameters during signing. * Make expect/expected flag and variable names match. * clang-format Flag arrays in test_config.cc. * Rename remnants of ticket_early_data_info. * Enforce the ticket_age parameter for 0-RTT. * Add SSL_get_early_data_reason. * Remove implicit -on-resume for -expect-early-data-accept. * Use weak symbols only on supported platforms * Fix spelling in comments. * Add functions for "raw" EVP_PKEY serializations. * Remove stray underscores. * Add a compatibility EVP_DigestFinalXOF function. * Fix up EVP_DigestSign implementation for Ed25519. * Check for errors when setting up X509_STORE_CTX.
Martin Pluskal2019-09-03 07:30:31 +00:00
Ana Guerrero
Pedro Monreal Gonzalez
Otto Hollmann
Dominique Leuenberger
Marcus Meissner
Michał Rostecki
Yuchen Lin
Tomáš Chvátal
Martin Pluskal