summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Modify sigalgs extension processing to accomodate TLS 1.3.beck2019-01-238-40/+93
| | | | | | | | | | - Make a separate sigalgs list for TLS 1.3 including only modern algorithm choices which we use when the handshake will not negotiate TLS 1.2. - Modify the legacy sigalgs for TLS 1.2 to include the RSA PSS algorithms as mandated by RFC8446 when the handshake will permit negotiation of TLS 1.2 from a 1.3 handshake. ok jsing@ tb@
* revert previous, accidentally contained another diff in additionbeck2019-01-2310-408/+61
| | | | to the one I intended to commit
* Modify sigalgs extension processing for TLS 1.3.beck2019-01-2310-61/+408
| | | | | | | | | - Make a separate sigalgs list for TLS 1.3 including only modern algorithm choices which we use when the handshake will not negotiate TLS 1.2 - Modify the legacy sigalgs for TLS 1.2 to include the RSA PSS algorithms as mandated by RFC8446 when the handshake will permit negotiation of TLS 1.2 ok jsing@ tb@
* Sync the handshakes table with the generated table in regress.tb2019-01-231-19/+19
| | | | | | | This sorts the valid handshakes with respect to ascending flags value instead of the ad-hoc order produced by the algorithm. ok jsing
* incorrrect spellingtb2019-01-231-2/+2
|
* do not print the command in the print: targettb2019-01-231-2/+2
|
* Add a regression test that builds up the handshake state tabletb2019-01-232-1/+399
| | | | | | | from graph information and cross-checks it against the state table in tls13_handshake.c. with help from jsing
* Remove static from handshakes[][] so it is visible from regress/tb2019-01-231-2/+2
| | | | ok bcook
* No need to include <bsd.prog.mk> here.tb2019-01-232-4/+2
| | | | ok bcook
* sort sections, and add a missing verb to the EXAMPLES text;jmc2019-01-221-24/+24
|
* Wrap long lineotto2019-01-221-4/+4
|
* bump minors after symbol additiontb2019-01-223-3/+3
|
* Document SSL_get1_supported_ciphers(3) and SSL_get_client_ciphers(3).tb2019-01-221-7/+61
| | | | | | | The text comes from OpenSSL, where it was still published under a free license. from schwarze
* Add a re-implementation of SSL_get1_supported_ciphers().tb2019-01-223-2/+38
| | | | | | | Part of OpenSSL 1.1 API (pre-licence-change). input schwarze ok jsing
* Provide SSL_get_client_ciphers().tb2019-01-223-2/+12
| | | | | | Part of OpenSSL 1.1 API, pre-licence change. ok jsing
* Add missing symbols from the EC_KEY_METHOD port.tb2019-01-221-0/+8
| | | | Reported by bcook and sthen
* add support for xchacha20 and xchacha20-poly1305dlg2019-01-2210-11/+399
| | | | | | | xchacha is a chacha stream that allows for an extended nonce, which in turn makes it feasible to use random nonces. ok tb@
* lenght -> lengthjsg2019-01-212-3/+3
|
* a few tweakstedu2019-01-211-5/+9
|
* Add example showing a proper comparison function, as many examples showotto2019-01-211-3/+40
| | | | the wrong idiom. ok tedu@ but probably needs some tweakin
* Use the actual handshake message type in the certificate request handler.jsing2019-01-211-4/+2
|
* Move ssl_cipher_list_to_bytes() and ssl_bytes_to_cipher_list() totb2019-01-212-116/+120
| | | | | | | a more appropriately licenced file. jsing and doug have rewritten these functions (including the comments) over the past years. ok jsing
* Provide the initial TLSv1.3 client implementation.jsing2019-01-215-25/+192
| | | | | | | | | Move tls13_connect() to a new tls13_client.c file and provide a legacy wrapper to it, which allocates a struct tls_ctx if necessary. Also move tls13_client_hello_send() to tls13_client.c and actual implement the building of a client hello. ok tb@
* Wire up the handshake message send and recv actions.jsing2019-01-212-4/+44
| | | | | | | This means that we actually receive and send handshake messages to and from the record layer. ok tb@
* In ssl_lib.c rev. 1.197, jsing@ added TLSv1.3 support to SSL_get_version(3).schwarze2019-01-211-2/+4
| | | | Document it.
* The main handshake loop can be shared between client and server.jsing2019-01-212-29/+15
| | | | | | | Pull the shared code up into a function and call it from tls13_connect() and tls13_accept() instead of duplicating it. "Yes, please!" tb@
* Use ssl_cipher_is_permitted() in ssl_cipher_list_to_bytes().tb2019-01-211-9/+6
| | | | ok jsing
* Add ssl_cipher_is_permitted(), an internal helper function thattb2019-01-213-2/+49
| | | | | | | will be used in a few places shortly, e.g. in ssl_cipher_list_to_bytes(). ok jsing
* Correct some rwstate handling that I broke when refactoring.jsing2019-01-211-3/+13
|
* Provide TLS 1.3 cipher AEAD/hash and legacy I/O handling functions.jsing2019-01-213-2/+210
| | | | | | | | | Provide functionality for determining AEADs and hashes for TLS 1.3 ciphers. Also provide wire read/write callbacks that interface with BIO and functions that interface between SSL_read/SSL_write and the TLS 1.3 record layer API. ok tb@
* Move struct tls13_ctx into a header since other things need access to it.jsing2019-01-213-21/+21
| | | | | | | | While here, rename struct handshake to struct handshake_stage to avoid potential ambiguity/conflict with the handshake data struct. Also add forward and back pointers between SSL and struct tls13_ctx. ok tb@
* Ensure we free TLS 1.3 handshake state.jsing2019-01-211-6/+11
| | | | | | | | There is no guarantee that ssl3_clear() is called before ssl3_free(), so free things here. Also move the chunk in ssl3_clear() up so that it is with the "free" code rather than the "reinit" code. ok beck@ tb@
* Teach ssl_version_string() about TLS1_3_VERSION.jsing2019-01-211-1/+3
|
* Store the record version and make it available for use.jsing2019-01-212-10/+21
| | | | | | While here correct an int vs size_t mismatch. ok tb@
* Fix header guardtb2019-01-201-2/+5
|
* Provide a handshake message handling implementation for TLS 1.3.jsing2019-01-203-3/+213
| | | | | | | | It receives handshake messages by reading and parsing data from the record layer. It also provides support for building and sending handshake messages. ok tb@
* Provide an initial implementation of the TLS 1.3 record layer.jsing2019-01-203-6/+790
| | | | | | | | | | | This is entirely self-contained and knows nothing about SSL or BIO. The bottom of the stack is provided by wire read and write callbacks, with the API to the record layer primarily being via tls13_{read,write}_{application,handshake}_data(). This currently lacks some functionality, however will be worked on in tree. ok tb@
* Update record regress to match functionality changes.jsing2019-01-201-6/+37
|
* Provide a way to get just the record header.jsing2019-01-202-7/+33
| | | | | | Also check record size limits when reading records and setting data. ok tb@
* hook handshake testtb2019-01-201-1/+2
|
* Add a simple test that verifies that every valid handshaketb2019-01-202-0/+76
| | | | sets action->handshake_complete.
* revert second hunk of previous that was committed by accidenttb2019-01-201-2/+2
|
* Add missing prototype for tls13_handshake_active_action().tb2019-01-201-2/+4
| | | | ok jsing
* include stdint.h over sys/types.hbcook2019-01-201-2/+2
| | | | ok deraadt@ tedu@
* Add some internal consistency checks to the handshake state handling.jsing2019-01-201-9/+23
| | | | | | | | Fix the tls13_handshake_advance_state_machine() return value, which inadvertantly got flipped in an earlier commit. Also move this function to a more suitable location. ok tb@
* TLS 1.3 clients always need to send the supported groups extension.jsing2019-01-201-4/+5
| | | | | | A couple of cleanup/style tweaks while here. ok tb@
* Add an explicit flag to indicate a successful handshake insteadtb2019-01-201-8/+6
| | | | | | of overloading/abusing action->sender. ok jsing
* Fix BN_is_prime_* calls in openssl(1), the API returns -1 on error.tb2019-01-201-4/+8
| | | | | | | Found thanks to BoringSSL's commit 53409ee3d7595ed37da472bc73b010cd2c8a5ffd by David Benjamin. ok djm, jsing
* Fix BN_is_prime_* calls in libcrypto, the API returns -1 on error.tb2019-01-203-18/+35
| | | | | | | From BoringSSL's commit 53409ee3d7595ed37da472bc73b010cd2c8a5ffd by David Benjamin. ok djm, jsing
* change the default digest used byjsg2019-01-192-4/+4
| | | | | | | | openssl x509 -fingerprint openssl crl -fingerprint from sha1 to sha256 ok jsing@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-25 09:50:19 +0000