| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
These are no longer used now that we defer signature algorithm selection.
ok beck@
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Previously the signature algorithm was selected when the TLS extension was
parsed (or the client received a certificate request), however the actual
certificate to be used is not known at this stage. This leads to various
problems, including the selection of a signature algorithm that cannot be
used with the certificate key size (as found by jeremy@ via ruby regress).
Instead, store the signature algorithms list and only select a signature
algorithm when we're ready to do signature generation.
Joint work with beck@.
|
| |
|
|
| |
spotted by naddy@
|
| |
|
|
|
|
|
|
|
|
| |
- Make a separate sigalgs list for TLS 1.3 including only modern
algorithm choices which we use when the handshake will not negotiate
TLS 1.2.
- Modify the legacy sigalgs for TLS 1.2 to include the RSA PSS algorithms as
mandated by RFC8446 when the handshake will permit negotiation of TLS 1.2
from a 1.3 handshake.
ok jsing@ tb@
|
| |
|
|
| |
to the one I intended to commit
|
| |
|
|
|
|
|
|
|
| |
- Make a separate sigalgs list for TLS 1.3 including only modern
algorithm choices which we use when the handshake will not negotiate
TLS 1.2
- Modify the legacy sigalgs for TLS 1.2 to include the RSA PSS algorithms as
mandated by RFC8446 when the handshake will permit negotiation of TLS 1.2
ok jsing@ tb@
|
| |
|
|
|
| |
sigalg for MD5_SHA1 and using it as the non sigalgs default
ok jsing@
|
| |
|
|
|
| |
Include check for appropriate RSA key size when used with PSS.
ok tb@
|
| |
|
|
| |
ok jsing@
|
| |
|
|
|
|
| |
just keep the sigalg around so we can remember what we actually
decided to use.
ok jsing@
|
| |
|
|
| |
ok jsing@
|
| |
|
|
|
| |
Add a priority list for tls 1.2
ok jsing@
|
| | |
|
|
|
that will be usable with TLS 1.3 with less eye bleed.
ok jsing@ tb@
|
