1. c1571fe acvp: add HKDF support. by Adam Langley · 5 days ago master
  2. 7a817f4 Add 'generate-ech' command to bssl tool by Dan McArdle · 12 days ago
  3. e38cf79 Don't enable atomics in NO_THREADS configurations. by David Benjamin · 6 days ago
  4. 17be387 Check strtoul return for overflow error in GetUnsigned() by Dan McArdle · 6 days ago
  5. 897a2ca Add convenience functions to malloc EVP_HPKE_CTX and EVP_HPKE_KEY. by David Benjamin · 10 days ago
  6. 6191cc9 Document that SSL_PRIVATE_KEY_METHOD should configure signing prefs. by David Benjamin · 10 days ago
  7. 519c298 Always have CRYPTO_sysrand_for_seed. by Adam Langley · 11 days ago
  8. 7153013 hrss: use less stack space. by Adam Langley · 4 weeks ago
  9. 94a608a Make X509_EXTENSION opaque. by David Benjamin · 12 days ago
  10. a5a9b54 Make X509_CRL opaque. by David Benjamin · 12 days ago
  11. b86dcfe Switch another malloc to bssl::Array. by David Benjamin · 2 weeks ago
  12. ecc301c Add a pointer alignment helper function. by David Benjamin · 3 weeks ago
  13. 268a4a6 Remove unused field in X509_NAME_ENTRY. by David Benjamin · 3 weeks ago
  14. 61a21e7 Fix sign bit in BN_div if numerator and quotient alias. by David Benjamin · 3 weeks ago
  15. ad5db96 Handle the server case in SSL_get0_ech_name_override. by David Benjamin · 3 weeks ago
  16. 62d6ed6 Remove -2 return value from X509*_get_*_by_NID. by David Benjamin · 4 weeks ago
  17. 2cf7a2c Remove X509at_get0_data_by_OBJ. by David Benjamin · 4 weeks ago
  18. 957f23d Document a batch of extension-related functions in x509.h. by David Benjamin · 4 weeks ago
  19. 7ada846 conf: fix getting keys from the default section. by Adam Langley · 4 weeks ago
  20. 919a973 conf: don't crash when parsing. by Adam Langley · 4 weeks ago
  21. ae7c178 Add some OpenSSL compatibility aliases. by David Benjamin · 4 weeks ago
  22. 170045f Make ASN1_OBJECT opaque. by David Benjamin · 4 weeks ago
  23. e3a7bd0 Rename asn1_locl.h to internal.h. by David Benjamin · 4 weeks ago
  24. 5514476 Update hpke_test.go. by Adam Langley · 4 weeks ago
  25. c220b5f Decorate x509v3_a2i_ipadd declaration as its definition. by Giorgio Marinelli · 4 weeks ago
  26. 25d501c SHA-256 is used on AArch64, even if NO_ASM. by Adam Langley · 5 weeks ago
  27. b90cddd swtb is another AArch64 magic tweak. by Adam Langley · 5 weeks ago
  28. ba423c9 Implement ClientHelloOuter handshakes. by David Benjamin · 6 weeks ago
  29. ca7ef8c runner: Add a convenience function for base64 flags. by David Benjamin · 6 weeks ago
  30. a10017c Reduce bouncing on the cache lock in ssl_update_cache. by David Benjamin · 6 weeks ago
  31. 10a76ac Only clear not_resumable after the handshake. by David Benjamin · 6 weeks ago
  32. afa867b runner: Test that clients actually use renewed tickets. by David Benjamin · 6 weeks ago
  33. 5d224a5 runner: Clean up test logic. by David Benjamin · 5 weeks ago
  34. c41a3a9 runner: Fix process exit timeout. by David Benjamin · 5 weeks ago
  35. 479adf9 Remove old ASN.1 SET macros. by David Benjamin · 5 weeks ago
  36. b147c99 Document some ASN1_INTEGER and ASN1_ENUMERATED functions. by David Benjamin · 5 weeks ago
  37. 87be659 Document ASN1_STRING_to_UTF8. by David Benjamin · 5 weeks ago
  38. 5f8c681 Const-correct ASN1_item_verify a bit more. by David Benjamin · 5 weeks ago
  39. 5206782 Compute ASN.1 BIT STRING sizes more consistently. by David Benjamin · 5 weeks ago
  40. cafb992 Remove lh_FOO_doall. by David Benjamin · 5 weeks ago
  41. ec8c67d Prefix internal LHASH functions. by David Benjamin · 5 weeks ago
  42. 7f85116 Unexport almost all of LHASH. by David Benjamin · 5 weeks ago
  43. ec552ca Rename t1_lib.cc to extensions.cc. by David Benjamin · 6 weeks ago
  44. f25ada3 Prefix and unexport a2i_ipadd. by David Benjamin · 6 weeks ago
  45. f315a86 Fix a -Wdeprecated-copy warning. by Peter Kasting · 5 weeks ago
  46. 9cbe737 Validate ECH public names. by David Benjamin · 6 weeks ago
  47. 869bf9f Fold X509_VERIFY_PARAM_ID into X509_VERIFY_PARAM. by David Benjamin · 5 weeks ago
  48. 58abd2e Make X509_VERIFY_PARAM opaque. by David Benjamin · 6 weeks ago
  49. 36ea4d1 Move crypto/x509/vpm_int.h into internal.h. by David Benjamin · 6 weeks ago
  50. 6d3d069 Reformat x509_vfy.h and convert comments. by David Benjamin · 6 weeks ago
  51. 995574c Reland "Add util/fetch_ech_config_list.go" by Dan McArdle · 7 weeks ago
  52. 9a5abe0 Revert "Add util/fetch_ech_config_list.go" by David Benjamin · 6 weeks ago
  53. 160a889 Add util/fetch_ech_config_list.go by Dan McArdle · 7 weeks ago
  54. 9734e44 More reliably report handshake errors through SSL_write. by David Benjamin · 6 weeks ago
  55. e9c5d72 Add an option to permute ClientHello extension order. by David Benjamin · 7 weeks ago
  56. 5358cb5 runner: Check the test name against the protocol being tested. by David Benjamin · 6 weeks ago
  57. 878795c Remove outdated comment in primality testing. by David Benjamin · 6 weeks ago
  58. 83a4993 Add most of an ECH client implementation. by David Benjamin · 10 weeks ago
  59. 24545c5 Add a basic API to make ECHConfigs. by David Benjamin · 7 weeks ago
  60. c890ae5 Make ECH server APIs take EVP_HPKE_KEY. by David Benjamin · 7 weeks ago
  61. c3b373b Rename SSL_ECH_SERVER_CONFIG_LIST to SSL_ECH_KEYS. by David Benjamin · 7 weeks ago
  62. 0724e3d runner: Self-check tests more accurately and earlier. by David Benjamin · 7 weeks ago
  63. cd89004 Don't pad the second ClientHello. by David Benjamin · 8 weeks ago
  64. 350fe3b Fix ext_pre_shared_key_clienthello_length calculation. by David Benjamin · 8 weeks ago
  65. b32aa05 Tidy up the PSK binder logic. by David Benjamin · 8 weeks ago
  66. c89ce97 Move the TLS vs DTLS header length adjustment into ssl_add_clienthello_tlsext. by David Benjamin · 8 weeks ago
  67. fb4d257 Shift some complexity out of ssl_add_clienthello_tlsext. by David Benjamin · 8 weeks ago
  68. 9052286 Add a note about extension callback names. by David Benjamin · 9 weeks ago
  69. e9109cb Add move support to EVP_MD_CTX. by David Benjamin · 9 weeks ago
  70. 5acf9f4 Replace hs->needs_psk_binder with an output parameter. by David Benjamin · 9 weeks ago
  71. 14e51ad Make add_clienthello callbacks const. by David Benjamin · 10 weeks ago
  72. 5fd91db Fix documentation typo. by David Benjamin · 7 weeks ago
  73. 246c556 Compute the ECH GREASE payload outside of the callbacks. by David Benjamin · 10 weeks ago
  74. 43ab56c Pick up the GREASE ECH config ID from grease_seed. by David Benjamin · 10 weeks ago
  75. 33e8c78 Initialize grease_seed on construction. by David Benjamin · 10 weeks ago
  76. 52b3638 Remove the extension init hook. by David Benjamin · 10 weeks ago
  77. 97ede40 Move key_share computation out of ClientHello callbacks. by David Benjamin · 10 weeks ago
  78. 6c9758f Release some temporaries outside of ClientHello callbacks. by David Benjamin · 10 weeks ago
  79. 4e93cd4 Move the early_data_{offered,reason} logic out of extension callbacks. by David Benjamin · 10 weeks ago
  80. 26f186b Implement a handshake hint for certificate compression. by David Benjamin · 7 weeks ago
  81. 7fffa46 runner: Implement ECH server for testing. by David Benjamin · 7 weeks ago
  82. 1f54fd9 runner: Parse the status_request extension more strictly. by David Benjamin · 8 weeks ago
  83. 00bccd6 runner: Make echIsInner a boolean. by David Benjamin · 8 weeks ago
  84. 1241228 runner: Revise ECHConfig type in preparation for client implementation by David Benjamin · 8 weeks ago
  85. 88df13d Fix ECH-Server-RepeatedConfigID test. by David Benjamin · 8 weeks ago
  86. 3a036c7 Add SSL_ech_accepted API and ech_is_required alerts. by David Benjamin · 8 weeks ago
  87. 5b7ec83 Reject the ECH extension in TLS 1.2 ServerHello. by David Benjamin · 8 weeks ago
  88. da15f29 Move ECH-related APIs to encrypted_client_hello.cc. by David Benjamin · 10 weeks ago
  89. bcef514 Const-correct message creation hooks. by David Benjamin · 8 weeks ago
  90. b587911 Remove the Channel ID callback. by David Benjamin · 10 weeks ago
  91. 8acec00 Manage Channel ID handshake state better. by David Benjamin · 10 weeks ago
  92. bc4c91a DTLS-SRTP is only defined for DTLS. by David Benjamin · 10 weeks ago
  93. 4848294 Remove impossible ssl->s3 null check. by David Benjamin · 9 weeks ago
  94. 7a3e801 fix #415: Perl scripts fail when building from a path with spaces by Florin Crișan · 8 weeks ago
  95. a1d3bfb Cite an RFC over 9000 (draft-ietf-quic-tls is now RFC 9001). by David Benjamin · 8 weeks ago
  96. cf816d0 Add compatibility impl for EVP_PKEY_get0 by Shelley Vohr · 8 weeks ago
  97. 597ffef Make md32_common.h single-included and use an unsized helper for SHA-256. by David Benjamin · 4 months ago
  98. 4320bc4 Pull HASH_TRANSFORM out of md32_common.h. by David Benjamin · 4 months ago
  99. d4c3f2a Ensure name not null in EVP_get_cipherbyname by Shelley Vohr · 8 weeks ago
  100. 92c6fbf Fix array-parameter warnings by Peter Foley · 8 weeks ago