openbsd - A mirror of https://github.com/libressl/openbsd.git

	Commit message (Collapse)	Author	Age	Files	Lines
*	Make internal header file names consistent	tb	2022-11-26	1	-2/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Libcrypto currently has a mess of _lcl.h, _locl.h, and _local.h names used for internal headers. Move all these headers we inherited from OpenSSL to _local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special. Adjust all .c files in libcrypto, libssl and regress. The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually. discussed with jsing, no objection bcook
*	Rename uses 'curve' to 'group' and rework tls1 group API.	tb	2022-07-02	1	-3/+3
\| \| \| \| \| \| \| \| \| \|	This reworks various tls1_ curve APIs to indicate success via a boolean return value and move the output to an out parameter. This makes the caller code easier and more consistent. Based on a suggestion by jsing ok jsing
*	Make tls1_ec_curve_id2nid() return explicit NID_undef instead of 0 on error	tb	2022-07-02	1	-2/+2
\| \| \| \| \| \|	and adjust the only caller that didn't check for NID_undef already. ok beck jsing
*	Check the security of DH key shares	tb	2022-06-29	1	-1/+12
\| \| \| \|	ok beck, looks good to jsing
*	Plumb decode errors through key share parsing code.	jsing	2022-01-11	1	-12/+24
\| \| \| \| \| \| \| \| \| \| \| \|	Distinguish between decode errors and other errors, so that we can send a SSL_AD_DECODE_ERROR alert when appropriate. Fixes a tlsfuzzer failure, due to it expecting a decode error alert and not receiving one. Prompted by anton@ ok tb@
*	Convert legacy server to tls_key_share.	jsing	2022-01-07	1	-4/+65
\| \| \| \| \| \| \| \| \| \| \|	This requires a few more additions to the DHE key share code - we need to be able to either set the DHE parameters or specify the number of key bits for use with auto DHE parameters. Additionally, we need to be able to serialise the DHE parameters to send to the client. This removes the infamous 'tmp' struct from ssl3_state_internal_st. ok inoguchi@ tb@
*	Convert legacy TLS client to tls_key_share.	jsing	2022-01-06	1	-32/+125
\| \| \| \| \| \| \| \| \|	This requires adding DHE support to tls_key_share. In doing so, tls_key_share_peer_public() has to lose the group argument and gains an invalid_key argument. The one place that actually needs the group check is tlsext_keyshare_client_parse(), so add code to do this. ok inoguchi@ tb@
*	Rename tls13_key_share to tls_key_share.	jsing	2022-01-05	1	-0/+307
	In preparation to use the key share code in both the TLSv1.3 and legacy stacks, rename tls13_key_share to tls_key_share, moving it into the shared handshake struct. Further changes will then allow the legacy stack to make use of the same code for ephemeral key exchange. ok inoguchi@ tb@