1. 42d9a13 Put the legacy cipher constants back in tls1.h and ssl3.h by David Benjamin · 12 hours ago main
  2. b2a2955 Introduce cipher constants without the leading 0x03 by David Benjamin · 4 days ago
  3. 91f3df0 Update status of FIPS 20250728 by Adam Langley · 20 hours ago
  4. db63823 Tolerate nullptr in i2d_X509_NAME by David Benjamin · 4 days ago
  5. 2375765 Add some missing includes by David Benjamin · 4 days ago
  6. 857ca8d Fix and test other self-assignment cases in crypto/x509 by David Benjamin · 4 days ago
  7. 00676c4 Const-correct all i2d_*_bio functions by Lily Chen · 4 days ago
  8. 83297c2 Add ACVP modulewrapper for the jitter entropy SHA-384 implementation. by Adam Langley · 6 days ago
  9. a6b93d1 Document that HMAC_Final can have a nullptr `out_len`. by Adam Langley · 5 days ago
  10. d5e9aa6 Add a missing note about the hashes in ssl_compliance_policy_fips_202205 docs by David Benjamin · 5 days ago
  11. f12212b Fix bugs found by clangsa by poliudian-iv · 7 days ago
  12. 95f0592 Make setting an X509_NAME to itself work by David Benjamin · 5 days ago
  13. d41763c Make the ASN1_TYPE-level type take precedence over the ASN1_STRING one by David Benjamin · 5 days ago
  14. a34ea4d Use CRYPTO_addc_w in bn_from_montgomery_in_place by David Benjamin · 2 weeks ago
  15. db41dc2 Use a simpler process to compute n0 by David Benjamin · 3 weeks ago
  16. a135fe1 Forbid setting EC public key to point at infinity by Lily Chen · 8 days ago
  17. fa47b1d Remove stale comment by David Benjamin · 9 days ago
  18. 63f42a0 Upgrade the opportunistic CRYPTO_sysrand calls to normal ones by David Benjamin · 10 days ago
  19. e8c1dc3 Remove some stale ifdefs from urandom.cc by David Benjamin · 10 days ago
  20. f875db3 Reject explicit default X.509 versions and empty extension lists by David Benjamin · 12 days ago
  21. 05ff000 Bump the minimum CMake version to 3.22 by David Benjamin · 12 days ago
  22. dcaedb5 Add API for configuring client key shares by Lily Chen · 14 days ago
  23. 413704b draft-ietf-lamps-x509-policy-graph is now RFC 9618 by David Benjamin · 3 weeks ago
  24. de49ac9 Test a few more unusual TBS certificates by David Benjamin · 3 weeks ago
  25. 49aa5bc Const-correct a bunch more of <openssl/x509.h> by David Benjamin · 3 weeks ago
  26. acd171c Unwind ASN1_ANY_AS_STRING by David Benjamin · 4 weeks ago
  27. 854867e Embed X509_NAME into X509 by David Benjamin · 4 weeks ago
  28. 59eaed6 Don't create partial X509 and X509_CRL objects to search the X509_STORE by David Benjamin · 4 weeks ago
  29. 0fc0e7a Const-correct X509_NAME and test thread-safety by David Benjamin · 4 weeks ago
  30. 8fe61c3 Rewrite the X509_NAME parser by David Benjamin · 4 weeks ago
  31. 336efd4 Parameterize the tag in IMPLEMENT_EXTERN_ASN1_SIMPLE by David Benjamin · 4 weeks ago
  32. 3cb3f9e Test a few more cases of null STACK_OF(T) by David Benjamin · 4 weeks ago
  33. e85883f Make more of atomic<T> available to libcrypto by David Benjamin · 4 weeks ago
  34. 8780ea0 Test that X509_NAME_add_entry will not allow invalid entries to be added by David Benjamin · 4 weeks ago
  35. 30c7a1d Make make_unusual_tbs.go test data idempotent by David Benjamin · 2 weeks ago
  36. f7309e7 Add EVP_pkey_rsa_pss_sha384 and EVP_pkey_rsa_pss_sha512 by David Benjamin · 3 weeks ago
  37. 4c14fb3 Store the PSS parameters in the RSA object by David Benjamin · 3 weeks ago
  38. d142233 Don't include every field in every EVP_PKEY_ALG by David Benjamin · 3 weeks ago
  39. b28a8c9 Allow SSL_HANDSHAKE::key_shares to vary in size by Lily Chen · 3 weeks ago
  40. 0459431 Always populate supported_group_list by Lily Chen · 3 weeks ago
  41. 94fddae Require configured groups for key exchange to be unique by Lily Chen · 3 weeks ago
  42. 0226f30 Various IWYU fixes by David Benjamin · 3 weeks ago
  43. b6b33a8 [gtest] Clean up single-arg `testing::Invoke()`s by Jonathan Lee · 3 weeks ago
  44. 29cd444 Remove stale static asserts about atomics by David Benjamin · 4 weeks ago
  45. 4bc3b84 Add X509_parse_with_algorithms by David Benjamin · 4 weeks ago
  46. 9e96cc5 Make X509_verify X509_sign_ctx work with EVP_PKEY_RSA_PSS by David Benjamin · 4 weeks ago
  47. 117f86e Rewrite X509's parser with CBS/CBB by David Benjamin · 5 weeks ago
  48. a317d59 Rename X509_CINF::signature to X509_CINF::tbs_sig_alg by David Benjamin · 5 weeks ago
  49. 8999c98 Rewrite X509_PUBKEY's parsers with CBS/CBB by David Benjamin · 5 weeks ago
  50. c1811e0 Parse X509's signature algorithm with the CBS/CBB functions by David Benjamin · 5 weeks ago
  51. 421f177 Parse X509_ALGOR without depending on the templates by David Benjamin · 5 weeks ago
  52. a79eeb4 Make ASN1_EXTERN_FUNCS's parse callback CBS-based by David Benjamin · 5 weeks ago
  53. c08d7ba Remove the tag parameter to IMPLEMENT_EXTERN_ASN1 by David Benjamin · 5 weeks ago
  54. e8db903 Add X509_ALGOR_copy by David Benjamin · 5 weeks ago
  55. 15f2302 Write some templated functions for the d2i/i2d convention by David Benjamin · 5 weeks ago
  56. 06296a8 Make CBS/CBB-versions of crypto/asn1 types by David Benjamin · 5 weeks ago
  57. 26111ab Avoid one malloc indirection in X509 by David Benjamin · 5 weeks ago
  58. f33224e Test the implicit cleanup feature of X509_sign_ctx, etc. by David Benjamin · 4 weeks ago
  59. d000ce1 Add a benchmark for parsing with d2i_X509 by David Benjamin · 5 weeks ago
  60. e2a6fe9 Systematically test that parsers catch trailing data by David Benjamin · 4 weeks ago
  61. f3230c3 Test verifying signatures over "unusual" TBSCertificates by David Benjamin · 4 weeks ago
  62. 3682758 Use std::string_view in x509_test.cc by David Benjamin · 4 weeks ago
  63. 40e035a Clear the extension list when removing the last extension by David Benjamin · 4 weeks ago
  64. dba32d7 Refresh basic constraints test certificates by David Benjamin · 4 weeks ago
  65. 087d397 Document ASN1_item_sign's order of operations a bit by David Benjamin · 4 weeks ago
  66. 28e4622 Add a few more TODOs for functions that should be const but aren't by David Benjamin · 5 weeks ago
  67. 50e28f5 Use the new SPKI API in d2i_RSA_PUBKEY and friends by David Benjamin · 5 weeks ago
  68. 85c1fe0 Unexport a few more ASN1_ITEMs by David Benjamin · 5 weeks ago
  69. 7c1863d Make some test data of unknown ASN.1 types slightly less invalid by David Benjamin · 5 weeks ago
  70. 074b6da Test ASN1_TYPE parsing more extensively by David Benjamin · 5 weeks ago
  71. 208361a Add EVP_PKEY_ALG-based raw public/private key importers by David Benjamin · 5 weeks ago
  72. 74c3b4b Use EVP_PKEY_bits in SimplePathBuilderDelegate by David Benjamin · 5 weeks ago
  73. 92ae3b9 Update citations from RFC 3447 to RFC 8017 by David Benjamin · 5 weeks ago
  74. 815fec1 Replace OPENSSL_ARRAY_SIZE with std::size by David Benjamin · 5 weeks ago
  75. 42dea11 Const-correct the kPrintMethods table by David Benjamin · 5 weeks ago
  76. be4e218 Add SHA-256-only support for EVP_PKEY_RSA_PSS by David Benjamin · 4 months ago
  77. caf92ce Write a CBS-based RSA-PSS parameter parser by David Benjamin · 4 months ago
  78. b0e18ff Switch libssl to the new SPKI parsing APIs by David Benjamin · 5 weeks ago
  79. 9cda5e2 Switch libpki to the new SPKI-parsing APIs by David Benjamin · 5 weeks ago
  80. 50d8772 bssl-crypto: Switch to new SPKI/PKCS8 parsing APIs by David Benjamin · 6 weeks ago
  81. 96c2425 Introduce EVP_PKEY_ALG by David Benjamin · 7 weeks ago
  82. b402cff Add internal EC parsing functions that take lists of allowed groups by David Benjamin · 6 weeks ago
  83. 136d6b7 Test lookup and creation by RSA parameters in evp_test by David Benjamin · 5 weeks ago
  84. 1a1ec90 bump fiat-crypto (remove redundant return statements) by Andres Erbsen · 5 weeks ago
  85. 5c2bd0a Make FileTest work with std::string_view by David Benjamin · 5 weeks ago
  86. afb970d Test key import in EVPTest a bit more extensively by David Benjamin · 5 weeks ago
  87. 51ed8ad infra/config: Remove luci.recipes.use_python3 experiment by Takuto Ikuta · 5 weeks ago
  88. 7091d09 Add an ERR_equals function by David Benjamin · 6 weeks ago
  89. f8c5f56 Add utility for dumping raw jitter samples. by Adam Langley · 9 weeks ago
  90. e4fa20e Use inline asm to read cntvct_el0 to accommodate GCC by David Benjamin · 5 weeks ago
  91. 26e8a8a bssl-crypto: Fix Ed25519 SPKI parser to check key types by David Benjamin · 6 weeks ago
  92. edb1440 Add a jitter entropy source. by Adam Langley · 3 months ago
  93. b0ef87e Set an EVP_PKEY's algorithm and data together by David Benjamin · 7 weeks ago
  94. 5b7171f Make some more half-empty EVP_PKEY states impossible by David Benjamin · 7 weeks ago
  95. 9b602f2 Limit EVP_PKEY_set_type to EVP_PKEY_X25519 by David Benjamin · 7 weeks ago
  96. 4d48736 Add a test that arbitrary curves can be wrapped in EVP_PKEY by David Benjamin · 6 weeks ago
  97. 5dc17fa Stop tracking an ENGINE in EVP_PKEY_CTX by David Benjamin · 7 weeks ago
  98. b62f30a Rename EVP_PKEY_METHOD to EVP_PKEY_CTX_METHOD by David Benjamin · 7 weeks ago
  99. 04eb147 Pull the EC_GROUP_new_by_curve_name up into EVP_PKEY_CTX_set_ec_paramgen_curve_nid by David Benjamin · 7 weeks ago
  100. 57a6e5d Split evp_tests.txt into separate files by David Benjamin · 6 weeks ago