summaryrefslogtreecommitdiff
path: root/src/lib/libssl/tls_internal.h (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Use tls_buffer for alert and handshake fragments in the legacy stack.jsing2022-11-101-1/+2
| | | | | | This avoids a bunch of pointer munging and a handrolled memmove. ok tb@
* Provide record layer callbacks for QUIC.jsing2022-07-241-1/+13
| | | | | | | | | | | | QUIC uses TLS to complete the handshake, however unlike normal TLS it does not use the TLS record layer, rather it provides its own transport. This means that we need to intercept all communication between the TLS handshake and the record layer. This allows TLS handshake message writes to be directed to QUIC, likewise for TLS handshake message reads. Alerts also need to be sent via QUIC, plus it needs to be provided with the traffic keys that are derived by TLS. ok tb@
* Add read and write support to tls_buffer.jsing2022-07-221-2/+7
| | | | | | | | tls_buffer was original created for a specific use case, namely reading in length prefixed messages. This adds read and write support, along with a capacity limit, allowing it to be used in additional use cases. ok beck@ tb@
* Remove tls_buffer_set_data() and remove/revise callers.jsing2022-07-201-2/+1
| | | | | | | | | | | | | There is no way that tls_buffer_set_data() can currently work in conjunction with tls_buffer_expand(). This fact is currently hidden by the way that PHH works, which reads the same data from the record layer (which it needs to do anyway, since we may not have all of the handshake message in a single record). Since this is broken, mop it up and change the PHH callback to not provide the record data. ok beck@ tb@
* Check the security of DH key sharestb2022-06-291-1/+2
| | | | ok beck, looks good to jsing
* Plumb decode errors through key share parsing code.jsing2022-01-111-3/+3
| | | | | | | | | | | | Distinguish between decode errors and other errors, so that we can send a SSL_AD_DECODE_ERROR alert when appropriate. Fixes a tlsfuzzer failure, due to it expecting a decode error alert and not receiving one. Prompted by anton@ ok tb@
* Convert legacy server to tls_key_share.jsing2022-01-071-1/+5
| | | | | | | | | | | This requires a few more additions to the DHE key share code - we need to be able to either set the DHE parameters or specify the number of key bits for use with auto DHE parameters. Additionally, we need to be able to serialise the DHE parameters to send to the client. This removes the infamous 'tmp' struct from ssl3_state_internal_st. ok inoguchi@ tb@
* Convert legacy TLS client to tls_key_share.jsing2022-01-061-3/+6
| | | | | | | | | This requires adding DHE support to tls_key_share. In doing so, tls_key_share_peer_public() has to lose the group argument and gains an invalid_key argument. The one place that actually needs the group check is tlsext_keyshare_client_parse(), so add code to do this. ok inoguchi@ tb@
* Rename tls13_key_share to tls_key_share.jsing2022-01-051-1/+21
| | | | | | | | | In preparation to use the key share code in both the TLSv1.3 and legacy stacks, rename tls13_key_share to tls_key_share, moving it into the shared handshake struct. Further changes will then allow the legacy stack to make use of the same code for ephemeral key exchange. ok inoguchi@ tb@
* Rename tls13_buffer to tls_buffer.jsing2021-10-231-0/+56
This code will soon be used in the DTLSv1.2 and TLSv1.2 stack. Also introduce tls_internal.h and move/rename the read/write/flush callbacks. ok beck@ tb@