summaryrefslogtreecommitdiff
path: root/src/lib/libtls/tls_signer.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Drop X9.31 support from libtlstb2023-04-091-5/+1
| | | | | | | | | The TLS signer isn't exposed in public API (we should finally fix it...) and it supports X9.31, a standard that has been retired and deprecated for a very long time. libcrypto will stop supporting it soon, this step is needed to prepare userland. ok jsing
* Provide our own signature padding defines.jsing2022-02-011-5/+33
| | | | | | | | Rather than leaking libcrypto defines through the tls_sign_cb and tls_signer_sign() interfaces, provide and use our own TLS_PADDING_* defines. ok inoguchi@ tb@
* Revise signer callback interface.jsing2022-02-011-76/+121
| | | | | | | | | | | | | | | | | | | | | | | | | | The current design of tls_sign_cb provides a pointer to a buffer where the signature needs to be copied, however it fails to provide a length which could result in buffer overwrites. Furthermore, tls_signer_sign() is designed such that it allocates and returns ownership to the caller. Revise tls_sign_cb so that the called function is expected to allocate a buffer, returning ownership of the buffer (along with its length) to the caller of the callback. This makes it far easier (and safer) to implement a tls_sign_cb callback, plus tls_signer_sign can be directly plugged in (with an appropriate cast). While here, rename and reorder some arguments - while we will normally sign a digest, there is no requirement for this to be the case hence use 'input' and 'input_len'. Move padding (an input) before the outputs and add some additional bounds/return value checks. This is technically an API/ABI break that would need a libtls major bump, however since nothing is using the signer interface (outside of regress), we'll ride the original minor bump. With input from tb@ ok inoguchi@ tb@
* Add limits.h for INT_MAX in tls_signer.cinoguchi2022-01-291-1/+3
| | | | ok jsing@ tb@
* Introduce a signer interface intented to make TLS privsep simplereric2022-01-251-0/+376
to implement. Add a tls_config_set_sign_cb() function that allows to register a callback for the signing operation on a tls_config. When used, the context installs fake pivate keys internally, and the callback receives the hash of the public key. Add a tls_signer_*() set of functions to manage tls_signer objects. A tls_signer is an opaque structure on which keys are added. It is used to compute signatures with private keys identified by their associated public key hash. Discussed with and ok jsing@ tb@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-22 04:26:48 +0000