Utilities from the general purpose cryptography library with TLS implementation

Dmitry Belyavskiy 979f6ecb70 Rebuild ... Related: RHEL-55339		2024-09-05 10:38:14 +02:00
.fmf	Add interop rpm-tmt-tests	2023-05-24 15:41:56 +00:00
plans	Add interop rpm-tmt-tests	2023-05-24 15:41:56 +00:00
.gitignore	Rebase to OpenSSL 3.2.2. Fixes CVE-2024-2511, CVE-2024-4603, CVE-2024-4741, and Minerva attack.	2024-06-05 15:07:02 +02:00
0001-Aarch64-and-ppc64le-use-lib64.patch	Rebase to OpenSSL version 3.0.0	2021-04-12 00:34:30 +02:00
0002-Use-more-general-default-values-in-openssl.cnf.patch	Rebase to OpenSSL version 3.0.0	2021-04-12 00:34:30 +02:00
0003-Do-not-install-html-docs.patch	Rebasing to OpenSSL 3.2.1	2024-04-15 10:41:31 +02:00
0004-Override-default-paths-for-the-CA-directory-tree.patch	Provide empty evp_properties section in main OpenSSL configuration file	2023-10-17 12:56:38 +02:00
0005-apps-ca-fix-md-option-help-text.patch	Rebase to OpenSSL version 3.0.0	2021-04-12 00:34:30 +02:00
0006-Disable-signature-verification-with-totally-unsafe-h.patch	Update to Beta1 version	2021-07-14 13:31:08 +02:00
0007-Add-support-for-PROFILE-SYSTEM-system-default-cipher.patch	Rebasing to OpenSSL 3.2.1	2024-04-15 10:41:31 +02:00
0008-Add-FIPS_mode-compatibility-macro.patch	Adjusting include for the FIPS_mode macro	2022-11-28 17:37:27 +01:00
0009-Add-Kernel-FIPS-mode-flag-support.patch	Rebasing to OpenSSL 3.2.1	2024-04-15 10:41:31 +02:00
0010-Add-changes-to-ectest-and-eccurve.patch	Rebasing to OpenSSL 3.2.1	2024-04-15 10:41:31 +02:00
0011-Remove-EC-curves.patch	Rebasing to OpenSSL 3.2.1	2024-04-15 10:41:31 +02:00
0012-Disable-explicit-ec.patch	Forbid explicit curves when created via EVP_PKEY_fromdata	2023-10-17 13:26:14 +02:00
0013-skipped-tests-EC-curves.patch	Rebasing to OpenSSL 3.2.1	2024-04-15 10:41:31 +02:00
0024-load-legacy-prov.patch	Add a directory for OpenSSL providers configuration	2024-01-31 16:39:33 +01:00
0025-for-tests.patch	Always activate default provider via config	2021-11-23 16:52:23 +01:00
0032-Force-fips.patch	Rebasing to OpenSSL 3.2.1	2024-04-15 10:41:31 +02:00
0033-FIPS-embed-hmac.patch	Rebase to OpenSSL 3.2.2. Fixes CVE-2024-2511, CVE-2024-4603, CVE-2024-4741, and Minerva attack.	2024-06-05 15:07:02 +02:00
0034.fipsinstall_disable.patch	Rebasing to OpenSSL 3.2.1	2024-04-15 10:41:31 +02:00
0035-speed-skip-unavailable-dgst.patch	Rebasing to OpenSSL 3.0.7	2022-11-24 10:31:36 +01:00
0044-FIPS-140-3-keychecks.patch	Rebasing to OpenSSL 3.2.1	2024-04-15 10:41:31 +02:00
0045-FIPS-services-minimize.patch	Rebasing to OpenSSL 3.2.1	2024-04-15 10:41:31 +02:00
0047-FIPS-early-KATS.patch	Rebasing to OpenSSL 3.2.1	2024-04-15 10:41:31 +02:00
0049-Selectively-disallow-SHA1-signatures.patch	Rebasing to OpenSSL 3.2.1	2024-04-15 10:41:31 +02:00
0050-FIPS-enable-pkcs12-mac.patch	OpenSSL will generate keys with prime192v1 curve if it is provided using explicit parameters	2022-02-22 16:32:34 +01:00
0052-Allow-SHA1-in-seclevel-2-if-rh-allow-sha1-signatures.patch	Rebasing to OpenSSL 3.2.1	2024-04-15 10:41:31 +02:00
0056-strcasecmp.patch	Rebasing to OpenSSL 3.2.1	2024-04-15 10:41:31 +02:00
0058-FIPS-limit-rsa-encrypt.patch	Rebasing to OpenSSL 3.2.1	2024-04-15 10:41:31 +02:00
0061-Deny-SHA-1-signature-verification-in-FIPS-provider.patch	Rebasing to OpenSSL 3.0.7	2022-11-24 10:31:36 +01:00
0062-fips-Expose-a-FIPS-indicator.patch	Rebasing to OpenSSL 3.2.1	2024-04-15 10:41:31 +02:00
0073-FIPS-Use-OAEP-in-KATs-support-fixed-OAEP-seed.patch	Rebasing to OpenSSL 3.2.1	2024-04-15 10:41:31 +02:00
0074-FIPS-Use-digest_sign-digest_verify-in-self-test.patch	Rebasing to OpenSSL 3.2.1	2024-04-15 10:41:31 +02:00
0075-FIPS-Use-FFDHE2048-in-self-test.patch	FIPS self-test: RSA-OAEP, FFDHE2048, digest_sign	2022-08-01 17:18:12 +02:00
0076-FIPS-140-3-DRBG.patch	Update RNG changing for FIPS purpose	2024-06-05 15:07:02 +02:00
0077-FIPS-140-3-zeroization.patch	Rebasing to OpenSSL 3.2.1	2024-04-15 10:41:31 +02:00
0078-KDF-Add-FIPS-indicators.patch	Rebase to OpenSSL 3.2.2. Fixes CVE-2024-2511, CVE-2024-4603, CVE-2024-4741, and Minerva attack.	2024-06-05 15:07:02 +02:00
0080-rand-Forbid-truncated-hashes-SHA-3-in-FIPS-prov.patch	Rebasing to OpenSSL 3.2.1	2024-04-15 10:41:31 +02:00
0081-signature-Remove-X9.31-padding-from-FIPS-prov.patch	Remove support for X9.31 signature padding in FIPS mode	2022-11-21 10:42:34 +01:00
0083-hmac-Add-explicit-FIPS-indicator-for-key-length.patch	Rebasing to OpenSSL 3.2.1	2024-04-15 10:41:31 +02:00
0084-pbkdf2-Set-minimum-password-length-of-8-bytes.patch	Rebasing to OpenSSL 3.2.1	2024-04-15 10:41:31 +02:00
0085-FIPS-RSA-disable-shake.patch	Disallow SHAKE in OAEP decryption in FIPS mode	2023-01-11 14:12:12 +01:00
0088-signature-Add-indicator-for-PSS-salt-length.patch	Rebasing to OpenSSL 3.2.1	2024-04-15 10:41:31 +02:00
0091-FIPS-RSA-encapsulate.patch	Fix explicit indicator for PSS salt length	2022-11-29 13:23:25 +01:00
0093-DH-Disable-FIPS-186-4-type-parameters-in-FIPS-mode.patch	FIPS: Re-enable DHX, disable FIPS 186-4 groups	2023-05-23 14:01:14 +02:00
0110-GCM-Implement-explicit-FIPS-indicator-for-IV-gen.patch	Rebasing to OpenSSL 3.2.1	2024-04-15 10:41:31 +02:00
0112-pbdkf2-Set-indicator-if-pkcs5-param-disabled-checks.patch	Add explicit FIPS indicator for PBKDF2	2023-03-14 17:23:22 +01:00
0113-asymciphers-kem-Add-explicit-FIPS-indicator.patch	Rebasing to OpenSSL 3.2.1	2024-04-15 10:41:31 +02:00
0114-FIPS-enforce-EMS-support.patch	Rebasing to OpenSSL 3.2.1	2024-04-15 10:41:31 +02:00
0115-skip-quic-pairwise.patch	Rebasing to OpenSSL 3.2.1	2024-04-15 10:41:31 +02:00
0116-version-aliasing.patch	Rebasing to OpenSSL 3.2.1	2024-04-15 10:41:31 +02:00
0117-ignore-unknown-sigalgorithms-groups.patch	Rebase to OpenSSL 3.2.2. Fixes CVE-2024-2511, CVE-2024-4603, CVE-2024-4741, and Minerva attack.	2024-06-05 15:07:02 +02:00
0121-FIPS-cms-defaults.patch	Use OAEP padding and aes-128-cbc by default in cms command in FIPS mode	2023-05-22 10:58:28 +02:00
0122-TMP-KTLS-test-skip.patch	Rebasing to OpenSSL 3.2.1	2024-04-15 10:41:31 +02:00
0123-kdf-Preserve-backward-compatibility-with-older-provi.patch	Replace HKDF backward compatibility patch with the official one	2024-06-22 10:24:51 +09:00
0124-Fix-SSL_select_next_proto.patch	Fix CVE-2024-5535	2024-08-21 18:09:03 +02:00
0125-More-correctly-handle-a-selected_len-of-0-when-proce.patch	Fix CVE-2024-5535	2024-08-21 18:09:03 +02:00
0126-Use-correctly-formatted-ALPN-data-in-tserver.patch	Fix CVE-2024-5535	2024-08-21 18:09:03 +02:00
0127-Clarify-the-SSL_select_next_proto-documentation.patch	Fix CVE-2024-5535	2024-08-21 18:09:03 +02:00
0128-Add-a-test-for-SSL_select_next_proto.patch	Fix CVE-2024-5535	2024-08-21 18:09:03 +02:00
0129-Allow-an-empty-NPN-ALPN-protocol-list-in-the-tests.patch	Fix CVE-2024-5535	2024-08-21 18:09:03 +02:00
0130-Correct-return-values-for-tls_construct_stoc_next_pr.patch	Fix CVE-2024-5535	2024-08-21 18:09:03 +02:00
0131-Add-ALPN-validation-in-the-client.patch	Fix CVE-2024-5535	2024-08-21 18:09:03 +02:00
0132-Add-explicit-testing-of-ALN-and-NPN-in-sslapitest.patch	Fix CVE-2024-5535	2024-08-21 18:09:03 +02:00
0133-Add-a-test-for-an-empty-NextProto-message.patch	Fix CVE-2024-5535	2024-08-21 18:09:03 +02:00
0136-CVE-2024-6119.patch	Fix CVE-2024-6119: Possible denial of service in X.509 name checks	2024-09-04 11:24:27 +02:00
ci.fmf	ci.fmf: Enable golang tests as reverse dependency	2023-05-29 10:01:36 +02:00
configuration-prefix.h	Rebase to OpenSSL version 3.0.0	2021-04-12 00:34:30 +02:00
configuration-switch.h	Rebase to OpenSSL version 3.0.0	2021-04-12 00:34:30 +02:00
gating.yaml	Temporary manual test	2022-04-21 13:20:27 +02:00
genpatches	Rebase to OpenSSL version 3.0.0	2021-04-12 00:34:30 +02:00
make-dummy-cert	RHEL 9.0.0 Alpha bootstrap	2020-10-15 22:27:53 +02:00
Makefile.certificate	RHEL 9.0.0 Alpha bootstrap	2020-10-15 22:27:53 +02:00
openssl.spec	Rebuild	2024-09-05 10:38:14 +02:00
renew-dummy-cert	RHEL 9.0.0 Alpha bootstrap	2020-10-15 22:27:53 +02:00
rpminspect.yaml	Make rpminspect happy	2021-12-10 14:19:15 +01:00
sources	Rebase to OpenSSL 3.2.2. Fixes CVE-2024-2511, CVE-2024-4603, CVE-2024-4741, and Minerva attack.	2024-06-05 15:07:02 +02:00