| Commit message (Collapse) | Author | Files | Lines |
|---|
|
No change to generated assembly.
|
|
|
|
This adds tls_config_error_code() and tls_error_code(), which will become
public API at a later date.
Additional error codes will be added in follow-up commits.
ok jsing@ beck@
|
|
No functional change.
|
|
bn_subw() will be used more widely in an upcoming change.
|
|
ok jsing@
|
|
This is now no longer needed.
ok tb@
|
|
ok tb@
|
|
|
|
|
|
quoth the muppet "yes I know this is horrible!"
|
|
ok tb@
|
|
RSA_verify_PKCS1_PSS_mgf1
ok jsing@ tb@
|
|
ok tb@
|
|
Use static inline functions instead of macros and improve handling of
aligned data. Also number rounds as per RFC 1321.
ok tb@
|
|
|
|
No functional change.
|
|
|
|
ok jsing@
|
|
ok jsing@
|
|
ok joshua jsing
|
|
This will allow us to know the client preferences for an upcoming
change to key share processing.
ok jsing@
|
|
ok jsing@
|
|
ok jsing@
|
|
ok beck@ jsing@
|
|
RFC 3631 allows for sub second ASN1 GENERALIZED times, if you
choose to support sub second time precison. It does not
indicate that an implementation must support them.
Supporting sub second timestamps is just silly and unrealistic,
so set our maximum to one second of precision. We then simplify
this code by removing some nasty eye-bleed that made artisinally
hand crafted strings and jammed them into an ASN1_GENERALIZEDTIME.
ok tb@, jsing@, with one second precision tested by kn@
|
|
Immediately error out when no name or value is passed instead of hiding
this in a a combination of ternary operator and strdup error check.
Use calloc(). Unindent some stupid, don't pretend this function can return
anything but -1 and 1, turn the whole thing into single exit and call the
now existing imodule_free() instead of handrolling it.
ok jsing
|
|
Simplify overflow checking and length tracking, use a CBB to handle output
and use HMAC_CTX_new() rather than having a HMAC_CTX on the stack.
ok tb@
|
|
ok tb@
|
|
ok tb@ jsing@
|
|
ok tb@
|
|
Reported by David Benjamin (BoringSSL)
OK tb@
|
|
ok tb@
|
|
ok tb@
|
|
The current CRYPTO_EX_DATA implementation allows for data to be set without
calling new, indexes can be used without allocation, new can be called without
getting an index and dup can be called after new or without calling new.
|
|
|
|
Rather than having a separate parse and process step for each TLS
extension, do a first pass that parses all of the TLS outer extensions and
retains the extension data, before running a second pass that calls the TLS
extension processing code.
ok beck@ tb@
|
|
The ts code is its own kind of special. I only sent this diff out to hear
beck squeal. This diff doesn't actually fix anything, apart from (maybe)
appeasing some obscure static analyzer. It is decidedly less bad than a
similar change in openssl's issue tracker.
ok beck
|
|
ok tb@
|
|
ok tb@
|
|
from jsing
|
|
|
|
Additionally, this tidies up some surrounding code and replaces usage of
free with freezero and malloc with calloc.
ok tb@
|
|
looked over by jsing
|
|
The TLS extension parsing and processing order is currently dependent on
the order of the extensions in the handshake message. This means that the
processing order (and callback order) is not under our control. Split the
parsing from the processing such that the processing (and callbacks) are
run in a defined order.
Convert ALPN to the new model - other extensions will be split into
separate parse/process in following diffs.
ok beck@ tb@
|
|
After peeling off enough layers, the entire wacky abstraction turns out
to be nothing but dispatching from a trust_id to a trust handler and
passing the appropriate nid and the cert.
ok beck jsing
|
|
ok tb@
|
|
The PSK extension must be the last extension in the client hello. This is
currently implemented by relying on the fact that it is the last extension
in the TLS extension table. Remove this dependency so that we can reorder
the table as needed.
ok tb@
|
|
|
|
The certificates no longer need to be modified since we cache the
extensions up front.
ok beck
|
