aboutsummaryrefslogtreecommitdiff
path: root/providers/implementations/ciphers
Commit message (Collapse)AuthorAgeFilesLines
* vendor/openssl: import OpenSSL 3.0.17vendor/openssl/3.0.17Enji Cooper2025-07-112-10/+20
| | | | | | | | | | | | | | | | | Per the upstream release notes, this is a ["bugfix release"](https://github.com/openssl/openssl/blob/openssl-3.0/CHANGES.md#openssl-30). It does not contain any security-critical bugfixes, unlike the most recent prior releases of OpenSSL 3.0. This release is not an immediate candidate for inclusion in 14.3-* releases. That being said, content from this release will potentially be rolled into upcoming releases by virtue of this being an iterative 3.0.x release. The changes may be benign, but some care might be required in the event that some of the bugfixes affect shipping code which requires behavior that may have been changed in this release. Obtained from: https://github.com/openssl/openssl/releases/download/openssl-3.0.17/openssl-3.0.17.tar.gz
* openssl: Import OpenSSL 3.0.16vendor/openssl/3.0.16Enji Cooper2025-03-061-2/+10
| | | | | | | | | This release incorporates the following bug fixes and mitigations: - [CVE-2024-13176](https://www.openssl.org/news/vulnerabilities.html#CVE-2024-13176 - [CVE-2024-9143](https://www.openssl.org/news/vulnerabilities.html#CVE-2024-9143) Release notes can be found at: https://openssl-library.org/news/openssl-3.0-notes/index.html
* OpenSSL: Vendor import of OpenSSL 3.0.13vendor/openssl/3.0.13Cy Schubert2024-02-0216-21/+198
| | | | | | | | | | | | | * Fixed PKCS12 Decoding crashes ([CVE-2024-0727]) * Fixed Excessive time spent checking invalid RSA public keys ([CVE-2023-6237]) * Fixed POLY1305 MAC implementation corrupting vector registers on PowerPC CPUs which support PowerISA 2.07 ([CVE-2023-6129]) * Fix excessive time spent in DH check / generation with large Q parameter value ([CVE-2023-5678]) Release notes can be found at https://www.openssl.org/news/openssl-3.0-notes.html.
* openssl: Vendor import of OpenSSL 3.0.11vendor/openssl/3.0.11Pierre Pronchery2023-09-221-1/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Major changes between OpenSSL 3.0.10 and OpenSSL 3.0.11: * Fix POLY1305 MAC implementation corrupting XMM registers on Windows ([CVE-2023-4807]) Release notes can otherwise be found at https://www.openssl.org/news/openssl-3.0-notes.html. Obtained from: https://www.openssl.org/source/openssl-3.0.11.tar.gz Sponsored by: The FreeBSD Foundation Test Plan: ``` $ git status On branch vendor/openssl-3.0 Your branch is up to date with 'origin/vendor/openssl-3.0'. nothing to commit, working tree clean $ OSSLVER=3.0.11 $ XLIST=FREEBSD-Xlist $ (cd ..; fetch https://www.openssl.org/source/openssl-${OSSLVER}.tar.gz https://www.openssl.org/source/openssl-${OSSLVER}.tar.gz.asc) openssl-3.0.11.tar.gz 14 MB 17 MBps 01s openssl-3.0.11.tar.gz.asc 833 B 8301 kBps 00s $ gpg --list-keys /home/khorben/.gnupg/pubring.kbx -------------------------------- pub rsa4096 2011-03-01 [SCA] DC34EE5DB2417BCC151E5100E5F8F8212F77A498 uid [ unknown] Willem Toorop <willem@nlnetlabs.nl> sub rsa4096 2011-03-01 [E] pub rsa4096 2014-10-04 [SC] [expires: 2024-01-30] EFC0A467D613CB83C7ED6D30D894E2CE8B3D79F5 uid [ unknown] OpenSSL security team <openssl-security@openssl.org> uid [ unknown] OpenSSL OMC <openssl-omc@openssl.org> uid [ unknown] OpenSSL Security <openssl-security@openssl.org> sub rsa4096 2014-10-04 [E] [expires: 2024-01-30] $ gpg --verify ../openssl-${OSSLVER}.tar.gz.asc ../openssl-${OSSLVER}.tar.gz gpg: Signature made Tue Sep 19 15:02:51 2023 CEST gpg: using RSA key EFC0A467D613CB83C7ED6D30D894E2CE8B3D79F5 gpg: Good signature from "OpenSSL security team <openssl-security@openssl.org>" [unknown] gpg: aka "OpenSSL OMC <openssl-omc@openssl.org>" [unknown] gpg: aka "OpenSSL Security <openssl-security@openssl.org>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: EFC0 A467 D613 CB83 C7ED 6D30 D894 E2CE 8B3D 79F5 $ tar -x -X $XLIST -f ../openssl-${OSSLVER}.tar.gz -C .. $ rsync --exclude FREEBSD.* --delete -av ../openssl-${OSSLVER}/* . [...] $ diff -arq ../openssl-${OSSLVER} . Only in .: .git Only in .: FREEBSD-Xlist Only in .: FREEBSD-upgrade Only in .: appveyor.yml $ git status FREEBSD* On branch vendor/openssl-3.0 Your branch is up to date with 'origin/vendor/openssl-3.0'. nothing to commit, working tree clean ```
* openssl: Vendor import of OpenSSL-3.0.9vendor/openssl/3.0.10Pierre Pronchery2023-08-032-9/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Summary: Release notes can be found at https://www.openssl.org/news/openssl-3.0-notes.html . Obtained from: https://www.openssl.org/source/openssl-3.0.10.tar.gz Test Plan: ``` $ git status On branch vendor/openssl-3.0 Your branch is up to date with 'origin/vendor/openssl-3.0'. nothing to commit, working tree clean $ (cd ..; fetch https://www.openssl.org/source/openssl-${OSSLVER}.tar.gz https://www.openssl.org/source/openssl-${OSSLVER}.tar.gz.asc) openssl-3.0.10.tar.gz 14 MB 15 MBps 01s openssl-3.0.10.tar.gz.asc 833 B 11 MBps 00s $ set | egrep '(XLIST|OSSLVER)=' OSSLVER=3.0.10 XLIST=FREEBSD-Xlist $ gpg --list-keys /home/khorben/.gnupg/pubring.kbx -------------------------------- pub rsa4096 2011-03-01 [SCA] DC34EE5DB2417BCC151E5100E5F8F8212F77A498 uid [ unknown] Willem Toorop <willem@nlnetlabs.nl> sub rsa4096 2011-03-01 [E] pub rsa4096 2014-10-04 [SC] [expires: 2024-01-30] EFC0A467D613CB83C7ED6D30D894E2CE8B3D79F5 uid [ unknown] OpenSSL security team <openssl-security@openssl.org> uid [ unknown] OpenSSL OMC <openssl-omc@openssl.org> uid [ unknown] OpenSSL Security <openssl-security@openssl.org> sub rsa4096 2014-10-04 [E] [expires: 2024-01-30] $ gpg --verify ../openssl-${OSSLVER}.tar.gz.asc ../openssl-${OSSLVER}.tar.gz gpg: Signature made Tue Aug 1 15:47:28 2023 CEST gpg: using RSA key EFC0A467D613CB83C7ED6D30D894E2CE8B3D79F5 gpg: Good signature from "OpenSSL security team <openssl-security@openssl.org>" [unknown] gpg: aka "OpenSSL OMC <openssl-omc@openssl.org>" [unknown] gpg: aka "OpenSSL Security <openssl-security@openssl.org>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: EFC0 A467 D613 CB83 C7ED 6D30 D894 E2CE 8B3D 79F5 $ tar -x -X $XLIST -f ../openssl-${OSSLVER}.tar.gz -C .. $ rsync --exclude FREEBSD.* --delete -avzz ../openssl-${OSSLVER}/* . [...] $ diff -arq ../openssl-${OSSLVER} . Only in .: .git Only in .: FREEBSD-Xlist Only in .: FREEBSD-upgrade $ git status FREEBSD* On branch vendor/openssl-3.0 Your branch is up to date with 'origin/vendor/openssl-3.0'. nothing to commit, working tree clean ``` Subscribers: imp Differential Revision: https://reviews.freebsd.org/D41293
* openssl: Vendor import of OpenSSL-3.0.9vendor/openssl/3.0.9Pierre Pronchery2023-06-231-6/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Summary: Release notes can be found at https://www.openssl.org/news/openssl-3.0-notes.html . Obtained from: https://www.openssl.org/source/openssl-3.0.9.tar.gz Test Plan: ``` $ git status On branch vendor/openssl-3.0 Your branch is up to date with 'origin/vendor/openssl-3.0'. nothing to commit, working tree clean $ (cd ..; fetch http://www.openssl.org/source/openssl-${OSSLVER}.tar.gz http://www.openssl.org/source/openssl-${OSSLVER}.tar.gz.asc) openssl-3.0.9.tar.gz 14 MB 74 MBps 01s openssl-3.0.9.tar.gz.asc 833 B 10 MBps 00s $ set | egrep '(XLIST|OSSLVER)=' OSSLVER=3.0.9 XLIST=FREEBSD-Xlist $ gpg --list-keys /home/khorben/.gnupg/pubring.kbx -------------------------------- pub rsa4096 2021-07-16 [SC] [expires: 2031-07-14] A21FAB74B0088AA361152586B8EF1A6BA9DA2D5C uid [ unknown] Tomáš Mráz <tm@t8m.info> uid [ unknown] Tomáš Mráz <tomas@arleto.cz> uid [ unknown] Tomáš Mráz <tomas@openssl.org> sub rsa4096 2021-07-16 [S] [expires: 2027-07-15] sub rsa4096 2021-07-16 [E] [expires: 2031-07-14] $ gpg --verify ../openssl-${OSSLVER}.tar.gz.asc ../openssl-${OSSLVER}.tar.gz gpg: Signature made Tue May 30 14:32:24 2023 CEST gpg: using RSA key DC7032662AF885E2F47F243F527466A21CA79E6D gpg: Good signature from "Tomáš Mráz <tm@t8m.info>" [unknown] gpg: aka "Tomáš Mráz <tomas@arleto.cz>" [unknown] gpg: aka "Tomáš Mráz <tomas@openssl.org>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: A21F AB74 B008 8AA3 6115 2586 B8EF 1A6B A9DA 2D5C Subkey fingerprint: DC70 3266 2AF8 85E2 F47F 243F 5274 66A2 1CA7 9E6D $ tar -x -X $XLIST -f ../openssl-${OSSLVER}.tar.gz -C .. $ rsync --exclude FREEBSD.* --delete -avzz ../openssl-${OSSLVER}/* . [...] $ diff -arq ../openssl-${OSSLVER} . Only in .: .git Only in .: FREEBSD-Xlist Only in .: FREEBSD-upgrade $ git status FREEBSD* On branch vendor/openssl-3.0 Your branch is up to date with 'origin/vendor/openssl-3.0'. nothing to commit, working tree clean ```
* openssl: Vendor import of OpenSSL-3.0.8vendor/openssl/3.0.8Enji Cooper2023-03-06108-0/+14387
Summary: Release notes can be found at https://www.openssl.org/news/openssl-3.0-notes.html . Obtained from: https://www.openssl.org/source/openssl-3.0.8.tar.gz Differential Revision: https://reviews.freebsd.org/D38835 Test Plan: ``` $ git status On branch vendor/openssl-3.0 nothing to commit, working tree clean $ (cd ..; fetch http://www.openssl.org/source/openssl-${OSSLVER}.tar.gz http://www.openssl.org/source/openssl-${OSSLVER}.tar.gz.asc) openssl-3.0.8.tar.gz 14 MB 4507 kBps 04s openssl-3.0.8.tar.gz.asc 833 B 10 MBps 00s $ set | egrep '(XLIST|OSSLVER)=' OSSLVER=3.0.8 XLIST=FREEBSD-Xlist $ gpg --list-keys /home/ngie/.gnupg/pubring.kbx ----------------------------- pub rsa4096 2014-10-04 [SC] 7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C uid [ unknown] Richard Levitte <richard@levitte.org> uid [ unknown] Richard Levitte <levitte@lp.se> uid [ unknown] Richard Levitte <levitte@openssl.org> sub rsa4096 2014-10-04 [E] $ gpg --verify openssl-${OSSLVER}.tar.gz.asc openssl-${OSSLVER}.tar.gz gpg: Signature made Tue Feb 7 05:43:55 2023 PST gpg: using RSA key 7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C gpg: Good signature from "Richard Levitte <richard@levitte.org>" [unknown] gpg: aka "Richard Levitte <levitte@lp.se>" [unknown] gpg: aka "Richard Levitte <levitte@openssl.org>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 7953 AC1F BC3D C8B3 B292 393E D5E9 E43F 7DF9 EE8C $ (cd vendor.checkout/; git status; find . -type f -or -type l | cut -c 3- | sort > ../old) On branch vendor/openssl-3.0 nothing to commit, working tree clean $ tar -x -X $XLIST -f ../openssl-${OSSLVER}.tar.gz -C .. $ rsync --exclude FREEBSD.* --delete -avzz ../openssl-${OSSLVER}/* . $ cat .git gitdir: /home/ngie/git/freebsd-src/.git/worktrees/vendor.checkout $ diff -arq ../openssl-3.0.8 . Only in .: .git Only in .: FREEBSD-Xlist Only in .: FREEBSD-upgrade $ git status FREEBSD* On branch vendor/openssl-3.0 nothing to commit, working tree clean $ ``` Reviewers: emaste, jkim Subscribers: imp, andrew, dab Differential Revision: https://reviews.freebsd.org/D38835
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-21 10:44:15 +0000