summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Add to variables instead of overriding themtb2022-07-081-4/+4
|
* Add support for primality checkingtb2022-07-074-10/+218
| | | | | | | | | | | | | Project Wycheproof's primality_tests.json contain a set of 280 numbers that trigger edge cases in Miller-Rabin and related checks. libcrypto's Miller-Rabin test is known to be rather poor, hopefully we will soon see a diff on tech that improves on this. This extends the Go test in the usual way and also adds a perl script that allows testing on non-Go architectures. Deliberately not yet linked to regress since the tests are flaky with the current BN_is_prime_ex() implementatation.
* sorttb2022-07-071-1/+1
|
* Sync bs_cbb.c with libssl.tb2022-07-071-1/+4
| | | | ok jsing
* Make CBB_finish() fail if *out_data is not NULLtb2022-07-071-1/+4
| | | | | | | Contrary to CBS_stow(), CBB_finish() will leak, so ensure we fail if *out_data is populated. Discussed with & ok jsing
* Initialize hkdf_label to NULL.tb2022-07-071-2/+2
| | | | | | Needed for an upcoming diff adding a NULL check to CBB_finish(). ok jsing
* Use a local bits variable to avoid ugly line break due to nested functiontb2022-07-071-6/+16
| | | | | | calls. ok jsing
* Use the security level knob in the test script.tb2022-07-071-2/+14
| | | | from beck
* Only run tests against ciphers supported by the method.tb2022-07-072-4/+28
|
* Add some minimal regress coverage for the security level.tb2022-07-071-1/+6
| | | | From beck
* Make the ssltest security level aware.tb2022-07-071-1/+9
| | | | From beck
* Bump libtls minor after libcrypto and libssl minor bumptb2022-07-071-1/+1
|
* Unifdef LIBRESSL_HAS_SECURITY_LEVEL and remove some workaroundstb2022-07-073-35/+4
| | | | | | | that are no longer needed now that libcrypto exposes the necessary security-bits API. ok jsing
* Bump minor after symbol additiontb2022-07-071-1/+1
|
* Update Symbols.listtb2022-07-072-0/+25
| | | | ok jsing
* Expose security level symbols and error codes in the headers.tb2022-07-072-6/+2
| | | | ok jsing
* bump minor after symbol additiontb2022-07-071-1/+1
|
* Expose new API in headers.tb2022-07-077-31/+7
| | | | | | | These are mostly security-level related, but there are also ASN1_TIME and ASN_INTEGER functions here, as well as some missing accessors. ok jsing
* Switch ssltest to using the newly generated certs that use SHA-256 insteadtb2022-07-072-8/+6
| | | | | | of SHA-1. This helps the switch to security-level aware ssltest. From jsing
* Add missing X509_V_ERR_ strings using the ones from OpenSSL.tb2022-07-051-1/+17
| | | | | | | The well-known masters of consistency of course use strings that don't match the names of the errors. ok jsing
* Use secop instead of op everywheretb2022-07-051-15/+15
|
* Pull setting of is_ee out of the function calls to appease scan-buildtb2022-07-051-3/+5
|
* cope with ASN1_TIME_set_string_X509() renameanton2022-07-051-3/+3
|
* The OpenSSL API is called ASN1_TIME_set_string_X509() (uppercase x)tb2022-07-042-4/+4
|
* Bump to LibreSSL 3.6.0tb2022-07-041-3/+3
|
* Sync with changes in dsa_meth.ctb2022-07-042-11/+12
| | | | pointed out by jsing
* Prepare to provide DSA_meth_{get0,set1}_name()tb2022-07-043-8/+35
| | | | | | | | Also follow OpenSSL by making the name non-const to avoid ugly casting. Used by OpenSC's pkcs11-helper, as reported by Fabrice Fontaine in https://github.com/libressl-portable/openbsd/issues/130 ok jsing sthen
* Prepare to provide X509_VERIFY_PARAM_get_time()tb2022-07-042-2/+9
| | | | ok jsing sthen
* Reword a commenttb2022-07-031-2/+2
|
* Unwrap a linetb2022-07-031-3/+2
|
* Update instructions for using curl's mk-ca-bundle script.sthen2022-07-031-4/+4
|
* Simplify certificate list handling code in legacy server.jsing2022-07-031-62/+50
| | | | | | | | | | | | | A client is required to send an empty list if it does not have a suitable certificate - handle this case up front, rather than going through the normal code path and ending up with an empty certificate list. This matches what we do in the TLSv1.3 stack and will allow for ruther clean up (in addition to making the code more readable). Also tidy up the CBS code and remove some unnecessary length checks. Use 'cert' and 'certs' for certificates, rather than 'x' and 'sk'. ok tb@
* Simplify certificate list handling code in legacy client.jsing2022-07-031-45/+33
| | | | | | | Tidy up CBS code and remove some unnecessary length checks. Use 'cert' and 'certs' for certificates, rather than 'x' and 'sk'. ok tb@
* Simplify tls1_ec_nid2group_id()tb2022-07-031-98/+10
| | | | | | | Replace long switch statement duplicating data from nid_list[] with a linear scan. requested by and ok jsing
* Simplify tls1_ec_group_id2{bits,nid}()tb2022-07-031-9/+9
| | | | | | | Instead of a nonsensical NULL check, check nid_list[group_id].{bits,nid} is not 0. This way we can drop the group_id < 1 check. ok jsing
* Call certificate variables cert and certs, rather than x and skjsing2022-07-021-6/+6
| | | | ok tb@
* Use ASN1_INTEGER to parse/build (Z)LONG_itjsing2022-07-021-69/+67
| | | | | | | Rather than having yet another (broken) ASN.1 INTEGER content builder and parser, use {c2i,i2c}_ASN1_INTEGER(). ok beck@
* Remove references to openssl/obj_mac.hjsing2022-07-023-12/+11
| | | | Consumers should include openssl/objects.h instead.
* Stop using ssl{_ctx,}_security() outside of ssl_seclevel.ctb2022-07-027-23/+60
| | | | | | | | | The API is ugly and we can easily abstract it away. The SSL_SECOP_* stuff is now confined into ssl_seclevel.c and the rest of the library can make use of the more straightforward wrappers, which makes it a lot easier on the eyes. ok beck jsing
* Adjust to new tls1_ec_nid2group_id API.tb2022-07-021-7/+13
|
* Rename uses 'curve' to 'group' and rework tls1 group API.tb2022-07-0212-162/+204
| | | | | | | | | | This reworks various tls1_ curve APIs to indicate success via a boolean return value and move the output to an out parameter. This makes the caller code easier and more consistent. Based on a suggestion by jsing ok jsing
* Fix off-by-one in length check.tb2022-07-021-3/+3
| | | | Spotted by jsing
* Make tls1_ec_curve_id2nid() return explicit NID_undef instead of 0 on errortb2022-07-022-5/+5
| | | | | | and adjust the only caller that didn't check for NID_undef already. ok beck jsing
* To figure our whether a large allocation can be grown into theguenther2022-06-301-12/+2
| | | | | | | | | | | following page(s) we've been first mquery()ing for it, mmapp()ing w/o MAP_FIXED if available, and then munmap()ing if there was a race. Instead, just try it directly with mmap(MAP_FIXED | __MAP_NOREPLACE) tested in snaps for weeks ok deraadt@
* Remove redundant commentstb2022-06-301-30/+30
| | | | discussed with jsing
* Check security level for supported groups.tb2022-06-304-35/+179
| | | | ok jsing
* Rename variable from tls_version to version since it could also betb2022-06-301-3/+3
| | | | a DTLS version at this point.
* Check whether the security level allows session tickets.tb2022-06-301-2/+6
| | | | ok beck jsing
* Add checks to ensure we do not initiate or negotiate handshakes withtb2022-06-305-7/+34
| | | | | | versions below the minimum required by the security level. input & ok jsing
* Replace obj_mac.h with object.htb2022-06-306-15/+17
| | | | Pointed out by and ok jsing
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-01 12:41:46 +0000