summaryrefslogtreecommitdiff
path: root/src/lib/libssl/ssl_sigalgs.c (follow)
Commit message (Expand)AuthorAgeFilesLines
* Don't push the error stack in ssl_sigalg_select()beck2024-07-091-2/+1
* Remove GOST and STREEBOG support from libssl.beck2024-02-031-27/+1
* Make internal header file names consistenttb2022-11-261-2/+2
* Stop using ssl{_ctx,}_security() outside of ssl_seclevel.ctb2022-07-021-5/+2
* Rename uses 'curve' to 'group' and rework tls1 group API.tb2022-07-021-7/+7
* Check sigalg security level when selecting them.tb2022-06-291-1/+4
* Check the security bits of the sigalgs' pkeytb2022-06-291-1/+7
* Check the security level when building sigalgstb2022-06-291-4/+11
* Annotate sigalgs with their security level.tb2022-06-291-1/+21
* Bye bye S3I.jsing2022-02-051-7/+7
* Remove the remaining three parens in return statements.tb2022-01-201-4/+4
* Use correct spelling of NULL.tb2022-01-201-2/+2
* Stop reaching into EVP_PKEY in the rest of libssl.tb2021-11-261-5/+5
* Pull up and dedup the TLS version check in ssl_sigalg_pkey_ok().jsing2021-06-291-5/+6
* Simplify RSA PSS key size comment.jsing2021-06-291-5/+2
* Change ssl_sigalg_from_value() to take SSL * instead of a TLS version.jsing2021-06-291-7/+6
* Make various sigalg functions static now that they're only used internally.jsing2021-06-291-4/+4
* Provide a ssl_sigalg_for_peer() function and use in the TLSv1.3 code.jsing2021-06-291-2/+24
* Move the RSA-PSS check for TLSv1.3 to ssl_sigalg_pkey_ok().jsing2021-06-291-23/+18
* Factor out handling of legacy default signature algorithms.jsing2021-06-291-32/+27
* Mop up now unused variables.jsing2021-06-291-7/+2
* Change ssl_sigalgs_from_value() to perform sigalg list selection.jsing2021-06-271-10/+14
* Rename ssl_sigalg() to ssl_sigalg_from_value().jsing2021-06-271-3/+3
* Change ssl_sigalgs_build() to perform sigalg list selection.jsing2021-06-271-2/+19
* Tidy some comments and simplify some code.jsing2021-06-271-15/+7
* Keep sigalg initialiser order consistent - key type, then hash.jsing2021-06-271-18/+18
* Explicitly include <openssl/opensslconf.h> in files using OPENSSL_NO_*jsing2021-05-161-1/+2
* Improve internal version handling.jsing2021-03-101-4/+4
* Constipate ssl3_ciphers and tls1[23]_sigalgs*, pushing them intoguenther2020-10-111-8/+8
* Forcibly ensure that only PSS may be used with RSA in TLS 1.3.beck2020-05-091-2/+8
* Correct subtle bug in sigalgs, only care about curve_nid if we arebeck2019-04-011-4/+4
* Strip out all of the pkey to sigalg and sigalg to pkey linkages.jsing2019-03-251-21/+1
* Defer sigalgs selection until the certificate is known.jsing2019-03-251-5/+79
* Avoid an internal 2 byte overread in ssl_sigalgs().jsing2019-03-191-7/+2
* Remove SHA224 based sigalgs from use in TLS 1.2 as SHA224 is deprecated.beck2019-01-241-6/+1
* Correct ECDSA_SECP512R1 typo to ECDSA_SECP521R1beck2019-01-231-4/+4
* Modify sigalgs extension processing to accomodate TLS 1.3.beck2019-01-231-2/+19
* revert previous, accidentally contained another diff in additionbeck2019-01-231-19/+2
* Modify sigalgs extension processing for TLS 1.3.beck2019-01-231-2/+19
* Unbreak legacy ciphers for prior to 1.1 by setting having a legacybeck2018-11-161-3/+12
* In TLS1.2 we use evp_sha1 if we fall back this far, not evp_md5_sha1 as in 1.1beck2018-11-141-2/+2
* Temporary workaround for breakage seen in www.videolan.org with curve mismatchbeck2018-11-131-3/+4
* Fix pkey_ok to be less strange, and add cuve checks required for the EC onesbeck2018-11-131-9/+26
* Add check function to verify that pkey is usable with a sigalg.beck2018-11-111-1/+17
* Convert signatures and verifcation to use the EVP_DigestXXX apibeck2018-11-111-3/+1
* Remove dead codebeck2018-11-101-14/+1
* Stop keeping track of sigalgs by guessing it from digest and pkey,beck2018-11-101-16/+5
* Ensure we only choose sigalgs from our prefernce list, not the whole listbeck2018-11-091-4/+11
* Add the ability to have a separate priority list for sigalgs.beck2018-11-091-6/+34
* Reimplement the sigalgs processing code into a new implementationbeck2018-11-091-0/+218