1. 7152433 Add the CA extension to client hello by Bob Beck · 3 weeks ago master
  2. be88fd4 Add ssl_has_CA_names and ssl_add_CA_names by Bob Beck · 3 weeks ago
  3. 4bc2b66 Change around some "client CA" things by Bob Beck · 3 weeks ago
  4. e543bbd Add ChainContainsIssuer to SSL_CREDENTIAL by Bob Beck · 4 weeks ago
  5. 57b25d3 Drop the transcript buffer before hashing ClientHello whenever possible by David Benjamin · 22 hours ago
  6. 23396fe runner: Use some new Go conveniences by David Benjamin · 3 days ago
  7. 0f55aa8 Use InplaceVector for the various handshake derivations by David Benjamin · 3 days ago
  8. 905c390 rust: add SLH-DSA support. by Adam Langley · 3 weeks ago
  9. 4bc6e27 Fix a typo in scrypt docs by David Benjamin · 2 days ago
  10. fc03aae util/fipstools: SHA2-512-224 ACVP primitives by Daniel McCarney · 2 days ago
  11. d0a1756 Switch outgoing_messages to InplaceVector by David Benjamin · 3 days ago
  12. 87d0c17 Add a bssl::InplaceVector to libssl by David Benjamin · 3 weeks ago
  13. 0dc8b01 Bounds-check bssl::Array and bssl::Vector by David Benjamin · 3 days ago
  14. 12a48b2 Make bssl::Vector not require a default constructor by David Benjamin · 3 days ago
  15. 8116e73 Use the STL helpers for managing uninitialized buffers in bssl::Array by David Benjamin · 3 days ago
  16. 2570b28 Bump the minimum MSVC version to 2022 by David Benjamin · 3 days ago
  17. fa02146 Move `alignas` to start of declaration. by Adam Langley · 4 days ago
  18. 5f8d56b Rename GrowableArray to Vector by David Benjamin · 3 weeks ago
  19. f3680b6 Simplify SSLAEADContext::Create slightly by David Benjamin · 4 days ago
  20. 76968bb Rename default credential to legacy credential by David Benjamin · 8 days ago
  21. 91fa2d6 Use the same EVP_AEADs for TLS and DTLS by David Benjamin · 2 weeks ago
  22. a0b324f Remove redudant version information from SSLAEADContext by David Benjamin · 3 weeks ago
  23. f8cadd8 Indirect stderr through a function by David Benjamin · 6 weeks ago
  24. 3dee411 Note that the tag won't mirror to GitHub immediately by David Benjamin · 10 days ago
  25. 0eda639 Fix the endianness of DTLS 1.3 ChaCha20 record number encryption by David Benjamin · 2 weeks ago
  26. 81345b8 Bump module version and Bazel dependencies by David Benjamin · 11 days ago 0.20240930.0
  27. f8bb652 rust: add wrappings for ML-KEM and ML-DSA. by Adam Langley · 3 weeks ago
  28. 72a6050 Use illegal_parameter instead of decode_error for invalid key shares by David Benjamin · 14 days ago
  29. 37571ee Avoid an allocation when deriving the DTLS record number key by David Benjamin · 14 days ago
  30. 58e5330 Do not implement SSL_get_traffic_secrets for QUIC and DTLS by David Benjamin · 2 weeks ago
  31. 40dd941 go mod tidy by David Benjamin · 2 weeks ago
  32. dec0800 rust: minor changes resulting from safety review. by Adam Langley · 3 weeks ago
  33. fda6b54 rust: make bssl-sys `no_std`. by Adam Langley · 3 weeks ago
  34. 5a94aff Check for 0-RTT vs final version mismatches earlier by David Benjamin · 3 weeks ago
  35. 15b580f Remove redundant have_version bit by David Benjamin · 3 weeks ago
  36. 8514bf3 Add a test for a subtle corner of 0-RTT and version tracking by David Benjamin · 3 weeks ago
  37. 83824d2 Move ssl->version to ssl->s3->version by David Benjamin · 3 weeks ago
  38. 16ce213 Add test for how SSL_version interacts with SSL_clear and the initial state by David Benjamin · 3 weeks ago
  39. 86c2e62 Rearrange 0-RTT key schedule setup slightly by David Benjamin · 3 weeks ago
  40. df091b2 Check for HelloRetryRequest in the ServerHello state by David Benjamin · 3 weeks ago
  41. 62d8540 Rework the Bazel workaround's relationship with linkstatic by David Benjamin · 3 weeks ago
  42. 505c2c6 Work around a workaround of a workaround of a Bazel bug by David Benjamin · 3 weeks ago
  43. a4eb021 Extract SHA384/SHA512/SHA512_256 from bcm by Bob Beck · 5 weeks ago
  44. 718900a Test SSL_get_ivs across all versions and TLS/DTLS by David Benjamin · 3 weeks ago
  45. 0d9bb20 [DTLS 1.3] Use HelloRetryRequest in place of HelloVerifyRequest. by Nick Harper · 4 weeks ago
  46. c3a64fd runner: Slightly simplify sequence number management by David Benjamin · 3 weeks ago
  47. 2c0cc6c runner: Remove block pool by David Benjamin · 4 weeks ago
  48. 59c222f runner: Fix up how hpke and kyber get their test data by David Benjamin · 3 weeks ago
  49. 495be6b hex-search-modify: add tool used in FIPS validations. by Adam Langley · 3 weeks ago
  50. 1b91d26 break-kat.go should have a copyright header. by Adam Langley · 3 weeks ago
  51. 7750d4f Add some more no-op OPENSSL_INIT_* options for compatibility by David Benjamin · 3 weeks ago
  52. 3d6f9f7 Store state for each DTLS epoch. by Nick Harper · 4 weeks ago
  53. 2467c70 Add some compatibility symbols by David Benjamin · 4 months ago
  54. 8237469 DTLS 1.3 doesn't use EndOfEarlyData by David Benjamin · 5 weeks ago
  55. 2958490 slhdsa: fix some ClangTidy warnings. by Adam Langley · 4 weeks ago
  56. 67ceb11 slhdsa: clang-format by Adam Langley · 4 weeks ago
  57. 6b19771 Update deny-toml to match new version format by Maurice Lam · 9 weeks ago
  58. fb61601 Write custom tooling for publishing to BCR by David Benjamin · 4 weeks ago
  59. ea0f164 Sync presubmit.yml from BCR by David Benjamin · 4 weeks ago
  60. 58f3bc8 Add templates for Publish to BCR by David Benjamin · 4 weeks ago 0.20240913.0
  61. 581f83d Prepare to tag 0.20240913.0 as the first periodic snapshot by David Benjamin · 4 weeks ago
  62. d9ad235 Extract SHA224/256 from bcm by Bob Beck · 5 weeks ago
  63. eae890f Fix delocate with the aarch64 NO_ASM build by David Benjamin · 4 weeks ago
  64. 642e8e5 Add SLH-DSA-SHA2-128s from FIPS 205. by Adam Langley · 5 weeks ago
  65. 6a2ccdc Don't define `OPENSSL_cpuid_setup` in NO_ASM builds. by Adam Langley · 4 weeks ago
  66. e724ef0 Bump the minimum CMake version to 3.16 by David Benjamin · 5 weeks ago
  67. 229801d Extract SHA1 from bcm by Bob Beck · 7 weeks ago
  68. 40ec347 Switch to rules_license by David Benjamin · 4 weeks ago
  69. 6abe184 Update bzlmod dependencies by David Benjamin · 5 weeks ago
  70. 604868d break-kat: update to run all tests directly. by Adam Langley · 4 weeks ago
  71. e9e9754 Don't enable asm if OPENSSL_NO_ASM is set. by Adam Langley · 4 weeks ago
  72. f10c1dc nist-pkits: update README.chromium metadata by Adam Langley · 5 weeks ago
  73. 01e1ae3 Remove the bcm md5 assembler files. by Bob Beck · 5 weeks ago
  74. 2595943 Extract MD5 from bcm by Bob Beck · 6 weeks ago
  75. ed95627 Revamp test coverage for invalid key shares by David Benjamin · 5 weeks ago
  76. a8c536c Leave some more breadcrumbs in docs for error-handling by David Benjamin · 5 weeks ago
  77. 70a7387 Extract md4 from bcm by Bob Beck · 6 weeks ago
  78. 97322b2 Rename SPX files to have `spx_` prefix. by Adam Langley · 5 weeks ago
  79. 9224e6d Fix all_tests.go test counts by David Benjamin · 5 weeks ago
  80. 2fc7912 Remove now unnecessary OPENSSL_init_cpuid call by David Benjamin · 5 weeks ago
  81. 6763c95 Clarify BN_uadd and BN_usub's documentation by David Benjamin · 6 weeks ago
  82. 2c807d4 Simplify some unnecessary sign bit juggling by David Benjamin · 6 weeks ago
  83. 757f360 Consistently use accessors in service_indicator.c.inc by David Benjamin · 6 weeks ago
  84. a89348c Fix some missing includes in BCM by David Benjamin · 6 weeks ago
  85. d22f250 Remove OPENSSL_ia32cap_P references from ChaCha20-Poly1305 assembly by David Benjamin · 6 weeks ago
  86. 6b9ca1a Remove OPENSSL_ia32cap_P references from P-256 assembly by David Benjamin · 5 months ago
  87. d4ae47e Mark the CPU capability helpers as const, not just pure by David Benjamin · 5 weeks ago
  88. 517fd77 Remove some stray debugging by David Benjamin · 5 weeks ago
  89. dd23a93 Move ecp_nistz256_from_mont out of the header by David Benjamin · 6 weeks ago
  90. 7303079 Add DTLS 1.3 sequence number encryption by Nick Harper · 9 weeks ago
  91. d8cd383 Allow empty passwords in PEM password callback by David Benjamin · 6 weeks ago
  92. 6c3a639 DTLS 1.3 compatibility mode fix in test runner. by Nick Harper · 6 weeks ago
  93. 3a138e4 Rename bcm.c fragments to foo.c.inc by David Benjamin · 6 weeks ago
  94. d263849 Fix some mistakes in build.json by David Benjamin · 6 weeks ago
  95. ee79a93 Move fork detection support out of bcm by Bob Beck · 4 months ago
  96. ec09a2d Move urandom and OS entropy support out of BCM by Bob Beck · 5 months ago
  97. c25c376 Add an optional Bazel package to CI by David Benjamin · 6 weeks ago
  98. 13ef6ea Extract C++ files, rather than C, when working around Bazel bugs by David Benjamin · 6 weeks ago
  99. b450abd Fix a couple more IWYU errors by David Benjamin · 6 weeks ago
  100. 296ef28 Disable parse_headers feature by David Benjamin · 6 weeks ago