openssl

mirror of https://github.com/openssl/openssl.git synced 2024-11-28 04:25:31 +08:00

History

Shane Lontis 46eee7104d Add domain parameter match check for DH and ECDH key exchange. Fixes #14808 Validation checks were moved into EVP_PKEY_derive_set_peer() which broke an external negative test. Originally the old code was semi working by checking the peers public key was in the range of other parties p. It was not actually ever checking that the domain parameters were consistent between the 2 parties. It now checks the parameters match as well as validating the peers public key. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14823)		2021-04-14 16:01:13 +10:00
..
asymciphers	Deprecate the EVP_PKEY controls for CMS and PKCS#7	2021-04-06 09:10:11 +02:00
ciphers	Always reset IV for CBC, OFB, and CFB mode on cipher context reinit	2021-04-12 09:49:09 +02:00
digests	Update copyright year	2021-04-08 13:04:41 +01:00
encode_decode	Update copyright year	2021-04-08 13:04:41 +01:00
exchange	Add domain parameter match check for DH and ECDH key exchange.	2021-04-14 16:01:13 +10:00
include/prov	Update copyright year	2021-04-08 13:04:41 +01:00
kdfs	Update copyright year	2021-04-08 13:04:41 +01:00
kem	Deprecate the EVP_PKEY controls for CMS and PKCS#7	2021-04-06 09:10:11 +02:00
keymgmt	Replace OSSL_PARAM_BLD_free_params() with OSSL_PARAM_free().	2021-04-12 16:55:30 +10:00
macs	Fix windows compiler error in kmac_prov.c	2021-04-13 13:16:23 +10:00
rands	Update copyright year	2021-04-08 13:04:41 +01:00
signature	Deprecate the EVP_PKEY controls for CMS and PKCS#7	2021-04-06 09:10:11 +02:00
storemgmt	CORE: Add an algorithm_description field to OSSL_ALGORITHM	2021-04-02 08:52:37 +02:00
build.info	Add KEM (Key encapsulation mechanism) support to providers	2020-09-19 18:08:46 +10:00