1. 9f55d97 Make X509_SIG and X509_CERT_AUX opaque. by David Benjamin · 4 days ago master
  2. 9fc6174 acvp: move hash iterations into modulewrapper. by Adam Langley · 3 days ago
  3. 2b2cb7d Switch HPKE to a three-parameter output buffer. by David Benjamin · 5 days ago
  4. f39c81d Introduce EVP_HPKE_{AEAD,KDF} types. by David Benjamin · 6 days ago
  5. 1d842c6 Don't mark up the first word in a collective comment. by David Benjamin · 4 days ago
  6. da4390f Revise the deterministic for_test variant of HPKE's SetupBaseS. by David Benjamin · 6 days ago
  7. 198c5f5 Fix a memory leak with d2i_ASN1_OBJECT object reuse. by David Benjamin · 4 days ago
  8. e4d6556 Remove HPKE PSK mode. by David Benjamin · 6 days ago
  9. 9f70097 Remove HKDF-SHA384 and HKDF-SHA512 from HPKE. by David Benjamin · 6 days ago
  10. 1264f0c Correctly order PKCS#7 certificates and CRLs. by David Benjamin · 6 days ago
  11. 94a63a5 Implement ECH draft 10 and update HPKE to draft 08. by Steven Valdez · 11 days ago
  12. fe049e4 Document expected use of BTI and PAC macros. by David Benjamin · 11 days ago
  13. 853ca1e Remove non-deterministic bits from ECDSA ACVP test. by Adam Langley · 10 days ago
  14. d4f877e Reference the newer ChaCha20-Poly1305 RFC. by David Benjamin · 10 days ago
  15. 1cf78cd Use passive entropy collection everywhere. by Adam Langley · 10 days ago
  16. a96f4dd Rename X509V*_VERSION constants. by David Benjamin · 12 days ago
  17. 782d9b6 Const-correct ASN1_OBJECT_create. by David Benjamin · 3 weeks ago
  18. 354cd48 Clarify OBJ_get0_data and OBJ_get_length. by David Benjamin · 3 weeks ago
  19. c5dc278 avcp: SHA-1 for ECDSA _verification_ is still supported by NIST. by Adam Langley · 3 weeks ago
  20. 2e54edf A couple of Aarch64 FIPS delocate fixes. by Adam Langley · 3 weeks ago
  21. eec7f32 Use a placeholder for unknown errors in ERR_*_error_string. by David Benjamin · 3 weeks ago
  22. 16c76ac Include assembly optimizations in Bazel builds on Linux-aarch64. by Piotr Sikora · 3 weeks ago
  23. fcec391 Remove some BoringSSL-only X509_CINF functions. by David Benjamin · 3 weeks ago
  24. ab7811e Document and test X509_ATTRIBUTE creation functions. by David Benjamin · 3 weeks ago
  25. daf1aca Revert handshaker fd numbers and make StartProcess more flexible. by David Benjamin · 3 weeks ago
  26. b173d91 Remove support for malformed X509_ATTRIBUTEs. by David Benjamin · 3 weeks ago
  27. 575d112 Make X509_ATTRIBUTE opaque. by David Benjamin · 3 weeks ago
  28. 68a799a acvptool: Fix typo hard-coding the HTTP method. by Gurleen Grewal · 3 weeks ago
  29. f0e6490 Document a few more x509.h functions. by David Benjamin · 3 weeks ago
  30. e60893c Make X509_PUBKEY opaque. by David Benjamin · 3 weeks ago
  31. 468cde9 Always encode booleans as DER. by David Benjamin · 3 weeks ago
  32. 2f3958a Fix issuerUID and subjectUID parsing in the key usage checker. by David Benjamin · 3 weeks ago
  33. b571e77 Add experimental handshake hints API. by David Benjamin · 6 weeks ago
  34. 666f2ab Make our Python scripts Python-3-compatible. by David Benjamin · 7 weeks ago
  35. 1596137 Export ssl_client_hello_init for fuzzers. by David Benjamin · 4 weeks ago
  36. 7a1986c acvp: support GMAC as an algorithm. by Adam Langley · 4 weeks ago
  37. 94b477c Record a fuzzing corpus for the ClientHelloInner decoder. by David Benjamin · 4 weeks ago
  38. 5545b61 Use a consistent plural for 'corpus'. by David Benjamin · 4 weeks ago
  39. 4382899 Add util/bot/libFuzzer to .gitignore. by David Benjamin · 4 weeks ago
  40. 09f71c1 acvp: support KAS-ECC-SSC staticUnified mode. by Adam Langley · 4 weeks ago
  41. 12a3e7e Check for invalid ALPN inputs in SSL_(CTX_)set_alpn_protos. by David Benjamin · 4 weeks ago
  42. e4c1917 Don't duplicate ServerHello construction code. by David Benjamin · 4 weeks ago
  43. 3b8c5ec Rearrange key share and early data logic. by David Benjamin · 4 weeks ago
  44. e2b7bb7 Only skip early data with HRR when offered. by David Benjamin · 4 weeks ago
  45. 2de33c6 Add ECH server config API to ssl_ctx_api fuzzer by Dan McArdle · 4 weeks ago
  46. 3af8854 Fix ppc64le build. by Adam Langley · 4 weeks ago
  47. 669ffe6 Simplify the Lucky13 mitigation. by David Benjamin · 5 weeks ago
  48. 00e434d Add ECH server (draft-ietf-tls-esni-09). by Daniel McArdle · 3 months ago
  49. 61d5aab runner: Remove unused field by David Benjamin · 5 weeks ago
  50. ca65bff runner: Construct finishedHash earlier. by David Benjamin · 5 weeks ago
  51. c31fb79 Simplify tls_cbc.c slightly. by David Benjamin · 5 weeks ago
  52. 7a0834b Remove remnants of CBC SHA2 cipher suites. by David Benjamin · 5 weeks ago
  53. bff8834 runner: Test different V2ClientHello challenge lengths. by David Benjamin · 5 weeks ago
  54. 6810f0e runner: Ensure helloBytes is always the same as hello.marshal(). by David Benjamin · 5 weeks ago
  55. fa2d3d5 runner: Fix ECH confirmation calculation with PSKs in tests. by David Benjamin · 5 weeks ago
  56. 7d2ddd2 runner: Fix HPKE parameter order. by David Benjamin · 5 weeks ago
  57. d791fbd runner: UpdateForHelloRetryRequest cannot fail. by David Benjamin · 5 weeks ago
  58. 4151b9f runner: Don't use the buffer in TLS 1.3. by David Benjamin · 5 weeks ago
  59. 4b854a6 runner: Don't maintain two copies of the same transcript hash. by David Benjamin · 5 weeks ago
  60. 99f6d4b runner: Remove remnants of SSL 3.0. by David Benjamin · 5 weeks ago
  61. 5f757bc runner: Fix writeClientHash and writeRecord ordering. by David Benjamin · 5 weeks ago
  62. 7a15a70 runner: Remove CheckTLS13DowngradeRandom. by David Benjamin · 5 weeks ago
  63. f225516 runner: Remove remnants of the separate HelloRetryRequest message. by David Benjamin · 5 weeks ago
  64. 0508271 runner: Store a cipherSuite in ClientSessionState. by David Benjamin · 5 weeks ago
  65. 26a589e runner: Move writeHash to the finishedHash struct. by David Benjamin · 5 weeks ago
  66. fd73985 Fix the spelling of HPKE AEAD constants. by David Benjamin · 5 weeks ago
  67. dfde04f Don't reset server callback expectations on new handshake. by David Benjamin · 6 weeks ago
  68. 8501579 Fix MockQuicTransport::Flush error handling. by David Benjamin · 6 weeks ago
  69. 15e0f67 Fold ripemd/internal.h into ripemd.c. by David Benjamin · 6 weeks ago
  70. ca45987 Move load/store helpers to crypto/internal.h. by David Benjamin · 6 weeks ago
  71. 8d4c8fc Make words in crypto/fipsmodule/modes actually words. by David Benjamin · 6 weeks ago
  72. 6b9c012 Handle EINTR more in handshaker.cc. by David Benjamin · 6 weeks ago
  73. 084064b Add a few missing SSL_R_BIO_NOT_SET cases. by David Benjamin · 6 weeks ago
  74. 9bcf307 Fix some unreachable code in the QUIC handshaker driver. by David Benjamin · 6 weeks ago
  75. 0a6c3fc Rearrange SSLKeyShare::Serialize. by David Benjamin · 6 weeks ago
  76. 08b1729 Fix ssl/internal.h sectioning. by David Benjamin · 6 weeks ago
  77. b62a48f Remove some now unnecessary test exclusions from split handshakes. by David Benjamin · 6 weeks ago
  78. 60a78dc Remove tls13-split-handshakes flag. by David Benjamin · 6 weeks ago
  79. 953650c Define HANDSHAKER_SUPPORTED in once place. by David Benjamin · 6 weeks ago
  80. b9b0363 Tidy up handshaker tester. by David Benjamin · 6 weeks ago
  81. 1a93f4f modulewrapper: add option to print build information. by Adam Langley · 6 weeks ago
  82. 0da75f3 FIPS counters for AES-CTR. by Adam Langley · 6 weeks ago
  83. 3af6226 Enforce that pre_shared_key must come with psk_key_exchange_modes. by David Benjamin · 6 weeks ago
  84. 4aef687 Zero out FIPS counters. by Adam Langley · 6 weeks ago
  85. da890de Remove is_resume field on TestState. by David Benjamin · 6 weeks ago
  86. 04c44d9 Remove OPENSSL_DANGEROUS_RELEASE_PTHREAD_KEY build flag. by David Benjamin · 7 weeks ago
  87. 20f7bba Add some warnings on how to use OPENSSL_memory_* functions. by David Benjamin · 7 weeks ago
  88. a24ab54 Use an unsized helper for truncated SHA-512 variants. by David Benjamin · 6 weeks ago
  89. 139adff Fix mismatch between header and implementation of bn_sqr_comba8. by David Benjamin · 7 weeks ago
  90. 49f0329 Remove GCC 4.8.99 check. by David Benjamin · 7 weeks ago
  91. d0b66c7 Bump minimum CMake version. by David Benjamin · 7 weeks ago
  92. edfe413 Automatically enable C11 atomics when available. by David Benjamin · 7 weeks ago
  93. 5650816 Make generate_build_files.py python3 compatible. by Yoshisato Yanagisawa · 7 weeks ago
  94. 9be3252 Remove X509_REQ_set_extension_nids and document related functions. by David Benjamin · 7 weeks ago
  95. a99d3a8 Document a few more functions in x509.h. by David Benjamin · 7 weeks ago
  96. ac85c03 Do not access value.ptr with V_ASN1_BOOLEAN. by David Benjamin · 7 weeks ago
  97. 477b309 Add X509_PUBKEY_get0_public_key. by David Benjamin · 7 weeks ago
  98. 502fcee Test empty EVP_CIPHER inputs and fix exact memcpy overlap. by David Benjamin · 7 weeks ago
  99. e5fe31c Revert "Implement rsa_pkcs1_sha256_legacy." by David Benjamin · 7 weeks ago
  100. 8c31179 Fix unnecessarily direction-specific tests in cipher_tests.txt by David Benjamin · 7 weeks ago