/dev/crypto engine: add missing RC4 parameter
[openssl.git] / ssl / t1_lib.c
2018-09-04 Matt CaswellDon't use an RSA-PSS cert for RSA key exchange
2018-08-22 Matt CaswellUse the same min-max version range on the client consis...
2018-07-18 Matt CaswellCheck that the public key OID matches the sig alg
2018-07-13 Matt CaswellDo not use GOST sig algs in TLSv1.3 where possible
2018-06-29 PauliCheck return from BN_set_word.
2018-06-07 Matt CaswellFix EAP-FAST
2018-05-30 Dmitry BelyavskiySend GOST SignatureAlgorithms when TLS 1.2 in use
2018-05-30 Dmitry BelyavskiyBugfix: GOST2012 certificates for GOST ciphersuites...
2018-05-12 Kurt RoeckxSet sess to NULL after freeing it.
2018-05-11 Matt CaswellRework the decrypt ticket callback
2018-05-11 Matt CaswellFix ticket callbacks in TLSv1.3
2018-04-25 Matt CaswellFix the MAX_CURVELIST definition
2018-04-24 Matt CaswellAllow TLSv1.3 EC certs to use compressed points
2018-04-03 Rich SalzSet error code on alloc failures
2018-03-28 Matt CaswellTolerate a Certificate using a non-supported group...
2018-03-19 Todd ShortPlace ticket keys into secure memory
2018-03-19 Matt CaswellAlways call the new_session_cb when issuing a NewSessio...
2018-03-12 Todd ShortSession Ticket app data
2018-03-05 Matt CaswellAdd X448/Ed448 support to libssl
2018-02-21 Matt CaswellSanity check the ticket length before using key name/IV
2018-02-12 Matt CaswellThe function ssl_get_min_max_version() can fail
2018-01-26 Benjamin KadukFix uninitialized read in sigalg parsing code
2018-01-25 Benjamin KadukAdd support for the TLS 1.3 signature_algorithms_cert...
2018-01-25 Benjamin KadukPropagate TLS 1.3 sigalgs through tls1_set_sigalgs()
2018-01-25 Benjamin KadukAdd TLS 1.3 draft-23 PSS signature algorithms
2018-01-09 Richard LevitteUpdate copyright years on all files merged since Jan...
2018-01-08 Noah RobbinUse the index that matches the key type (either SSL_PKE...
2018-01-08 Noah RobbinUse size of server key when selecting signature algorithm.
2017-12-04 Matt CaswellConvert the state machine code to use SSLfatal()
2017-11-13 Andy PolyakovResolve warnings in VC-WIN32 build, which allows to...
2017-11-05 FdaSilvaYYImplement Maximum Fragment Length TLS extension.
2017-10-21 KaoruTodaVarious clean-ups
2017-10-06 Dr. Stephen HensonMerge tls1_check_curve into tls1_check_group_id
2017-10-06 Dr. Stephen HensonChange curves to groups where relevant
2017-10-06 Dr. Stephen HensonUse separate functions for supported and peer groups...
2017-09-26 Dr. Stephen HensonAdd and use function tls1_in_list to avoid code duplica...
2017-09-26 Dr. Stephen HensonUse tls1_group_id_lookup in tls1_curve_allowed
2017-09-26 Dr. Stephen HensonRename tls1_get_curvelist.
2017-09-26 Dr. Stephen HensonRewrite compression and group checks.
2017-09-26 Dr. Stephen HensonReplace tls1_ec_curve_id2nid.
2017-09-26 Dr. Stephen HensonRename tls_curve_info to TLS_GROUP_INFO, move to ssl_locl.h
2017-09-26 Dr. Stephen HensonReturn group id in tls1_shared_group
2017-09-26 Dr. Stephen HensonReturn correct Suite B curve, fix comment.
2017-09-23 Kurt RoeckxUse curve_id not the nid
2017-09-22 Dr. Stephen HensonStore groups as uint16_t
2017-09-21 Patrick SteuerFix strict-warnings build
2017-09-20 Dr. Stephen HensonAllow RSA certificates to be used for RSA-PSS
2017-09-20 Dr. Stephen HensonAdd RSA-PSS key certificate type.
2017-08-29 Paulie_os.h removal from other headers and source files.
2017-07-13 Dr. Stephen HensonUse cert tables in ssl_set_sig_mask
2017-07-13 Dr. Stephen HensonUse certificate tables instead of ssl_cert_type
2017-07-13 Dr. Stephen HensonUse certificate tables instead of ssl_cipher_get_cert_i...
2017-07-13 Dr. Stephen HensonReplace tls12_get_pkey_idx
2017-06-29 Matt CaswellUpdate SSL_export_keying_material() for TLSv1.3
2017-06-25 Benjamin KadukDisallow DSA/SHA1/etc. for pure TLS 1.3 ClientHellos
2017-06-21 Dr. Stephen HensonUse EVP_PKEY_X25519, EVP_PKEY_ED25519 instead of NIDs...
2017-06-21 Dr. Stephen HensonAllow Ed25519 in TLS 1.2
2017-06-21 Dr. Stephen HensonHandle signature algorithms with no associated digest
2017-06-21 Dr. Stephen HensonAdd Ed25519 signature algorithm
2017-06-21 Dr. Stephen HensonAdd Ed25519 to signature algorithm table
2017-06-21 Dr. Stephen HensonAdd index for ED25519
2017-06-21 Dr. Stephen HensonUse X509_get_signature_info to get signature strength.
2017-06-15 Benjamin KadukFix no-ec
2017-06-08 Matt CaswellAdd back support for SHA224 based sig algs
2017-05-22 Matt CaswellConvert existing usage of assert() to ossl_assert(...
2017-05-19 Matt CaswellTry to be more consistent about the alerts we send
2017-04-26 Matt CaswellAdd a ciphersuite config sanity check for servers
2017-04-24 Matt CaswellDon't fail the connection in SSLv3 if server selects...
2017-04-03 Dr. Stephen HensonNew certificate_authorities functions
2017-03-29 FdaSilvaYYMore typo fixes
2017-03-10 Bernd EdlingerAvoid questionable use of the value of a pointer
2017-03-10 Bernd EdlingerFixup previous merge.
2017-03-03 Dr. Stephen HensonSet specific error is we have no valid signature algori...
2017-03-03 Dr. Stephen HensonSignature algorithm enhancement.
2017-03-03 Dr. Stephen HensonDisallow zero length signature algorithms
2017-03-03 Dr. Stephen HensonDon't allow DSA for TLS 1.3
2017-02-25 Dr. Stephen HensonFor TLS 1.3 reject SHA1 TLS signatures
2017-02-24 Dr. Stephen HensonReject compressed point format with TLS 1.3
2017-02-24 Dr. Stephen HensonAdd SuiteB support to tls_choose_sigalg()
2017-02-24 Dr. Stephen HensonTidy up certificate type handling.
2017-02-22 Bernd EdlingerAdd some more consistency checks in tls_decrypt_ticket.
2017-02-21 Dr. Stephen HensonSet default validity flags.
2017-02-21 Dr. Stephen Hensonremove md array: it is not used any more.
2017-02-17 Dr. Stephen HensonExplicitly disallow DSA for TLS 1.3
2017-02-16 Dr. Stephen HensonUse tls_choose_sigalg for client auth.
2017-02-16 Dr. Stephen HensonAdd client side support to tls_choose_sigalg.
2017-02-16 Dr. Stephen HensonFix warning
2017-02-15 Dr. Stephen HensonSet current certificate to selected certificate.
2017-02-15 Dr. Stephen HensonSkip curve check if sigalg doesn't specify a curve.
2017-02-15 Dr. Stephen HensonUse CERT_PKEY pointer instead of index
2017-02-15 Dr. Stephen HensonUse cert_index and sigalg
2017-02-15 Dr. Stephen HensonAdd sigalg for earlier TLS versions
2017-02-15 Dr. Stephen HensonChange tls_choose_sigalg so it can set errors and alerts.
2017-02-14 Bernd EdlingerUse TLSEXT_KEYNAME_LENGTH in tls_decrypt_ticket.
2017-02-10 Dr. Stephen HensonReplace SSL_PKEY_RSA_ENC, SSL_PKEY_RSA_SIGN
2017-02-10 Dr. Stephen HensonCheck index >= 0 as 0 is a valid index.
2017-02-09 Peter WuSSL_get_shared_sigalgs: handle negative idx parameter
2017-02-03 Richard LevitteFix "no-ec"
2017-02-02 Dr. Stephen HensonAdd function tls_choose_sigalg().
2017-02-01 Todd ShortMajority rules, use session_ctx vs initial_ctx
next