summaryrefslogtreecommitdiff
path: root/src/lib (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Fix wrong sizeof argument by using 'uint16_t *', with minor nit from tb@,mestre2018-11-141-2/+2
| | | | | | | | | | instead of 'uint16_t' Found with llvm's static analyzer, noticed that it was also already reported in Coverity CID 155890 and to ensure this was correct also inspected OpenSSL's equivalent code. OK tb@ and jsing@
* In TLS1.2 we use evp_sha1 if we fall back this far, not evp_md5_sha1 as in 1.1beck2018-11-141-2/+2
| | | | Makes connections to outlook.office365.com work
* Temporary workaround for breakage seen in www.videolan.org with curve mismatchbeck2018-11-131-3/+4
|
* NULL out mdctx to prevent possible double free introduced in version 1.4beck2018-11-131-1/+2
| | | | Spotted by maestre@, ok tb@
* Fix pkey_ok to be less strange, and add cuve checks required for the EC onesbeck2018-11-131-9/+26
| | | | ok tb@
* Missing initialization for pub_key. CID 184303.tb2018-11-121-2/+2
| | | | ok bcook
* Add check function to verify that pkey is usable with a sigalg.beck2018-11-114-7/+24
| | | | | Include check for appropriate RSA key size when used with PSS. ok tb@
* Add back a few missing compatibility stubsbcook2018-11-112-4/+37
| | | | ok beck@
* quiet warning on other compilersbcook2018-11-111-3/+3
| | | | ok beck@
* Add EVP_sm3() to OpenSSL_add_all_digests_internal().tb2018-11-111-1/+4
| | | | ok beck inoguchi
* bump minors after symbol addition.tb2018-11-113-3/+3
|
* Add SSL_set1_host(), a thin wrapper around X509_VERIFY_PARAM_set1_host().tb2018-11-113-2/+10
| | | | | | | Used by unbound's DNS over TLS implementation to do server name verification. ok jsing
* Add Ribose Inc's implementation of the SM3 hashing function withtb2018-11-118-3/+437
| | | | | | | | | tweaks from jsing and myself. The SM2/SM3/SM4 algorithms are mandatory for legal use of cryptography within China and [are] widely applied in the country, covering identification/financial cards, contactless, TPM 2.0 and PKI. ok beck inoguchi jsing
* Nuke trailing whitespacebeck2018-11-111-6/+6
|
* Add automatic threading initialization for libcrypto.bcook2018-11-116-452/+140
| | | | | | | | | | | | | | This implements automatic thread support initialization in libcrypto. This does not remove any functions from the ABI, but does turn them into no-ops. Stub implementations of pthread_mutex_(init|lock|unlock) are provided for ramdisks. This does not implement the new OpenSSL 1.1 thread API internally, keeping the original CRYTPO_lock / CRYPTO_add_lock functions for library locking. For -portable, crypto_lock.c can be reimplemented with OS-specific primitives as needed. ok beck@, tb@, looks sane guenther@
* Free the server tls transcript in case session reuse did not work.bluhm2018-11-111-3/+4
| | | | | Regression found by Perl module p5-IO-Socket-SSL tests. with beck@ tb@
* include crypto.h from the correct path, remove unused variablebcook2018-11-111-5/+2
|
* Add support for RSA PSS algorithims being used in sigalgs.beck2018-11-112-2/+29
| | | | | | lightly tested, but will need sanity checks and regress test changes before being added to any sigalgs list for real ok jsing@ tb@
* Convert signatures and verifcation to use the EVP_DigestXXX apibeck2018-11-113-45/+93
| | | | | | to allow for adding PSS, Nuke the now unneejded guard around the PSS algorithms in the sigalgs table ok jsing@ tb@
* Remove dead codebeck2018-11-102-16/+2
| | | | ok jsing@
* Tweak and improve the TLSv1.3 state machine.jsing2018-11-101-24/+46
| | | | | | | | | | | | | | | | - Provide a tls13_handshake_active_action() function to reduce code duplication and replace tls13_handshake_get_sender(). - Add an INVALID message_type, so we can explicitly detect invalid conditions. - Implement skeletons for the tls13_handshake_send_action() and tls13_handshake_recv_action() functions. - OR in the NEGOTIATED value at the end of recving or sending a server hello so that we switch to the next chain in the state table. ok tb@
* Avoid a double allocation and memory leak.jsing2018-11-101-4/+2
| | | | Reported by Ben L <bobsayshilol at live dot co dot uk>
* Stop keeping track of sigalgs by guessing it from digest and pkey,beck2018-11-108-92/+102
| | | | | | just keep the sigalg around so we can remember what we actually decided to use. ok jsing@
* Use TLS13_HS_{CLIENT,SERVER} instead of using a redundant _SEND{,S}.tb2018-11-101-30/+28
| | | | ok jsing
* Fix last of the empty hash nonsensebeck2018-11-101-26/+3
| | | | ok jsing@
* Fix the TLSv1.3 key schedule implementation.jsing2018-11-092-66/+95
| | | | | | | | | | | | When the RFC refers to ("") for key derivation, it is referring to the transcript hash of an empty string, not an empty string. Rename tls13_secrets_new() to tls13_secrets_create(), make it take an EVP_MD * and calculate the hash of an empty string so that we have it available for the "derived" and other steps. Merge tls13_secrets_init() into the same function, remove the EVP_MD * from other functions and use the empty string hash at the appropriate places. ok beck@ tb@
* Use "send" and "recv" consistently instead of mixing them with "read"tb2018-11-091-98/+108
| | | | | | and "write". Use self-documenting C99 initializers. ok bcook, jsing
* Initialize priv_key and pub_key on first use instead of at the top.tb2018-11-091-6/+4
| | | | | | While there, eliminate a flag that was only used once. ok beck jsing mestre
* Initialize priv_key and pub_key on first use instead of at the top.tb2018-11-091-4/+4
| | | | ok beck jsing mestre
* Avoid dereferencing eckey before checking it for NULL.tb2018-11-091-5/+6
| | | | | | CID 184282 ok beck jsing mestre
* Remove ethers(5) YP support bits from libc as it makes it difficult tobrynet2018-11-092-70/+8
| | | | | | | | effectively use pledge(2) in some programs. approval from many, thanks! idea by & ok deraadt@
* Ensure we free the handshake transcript upon session resumption.jsing2018-11-091-1/+4
| | | | | | Found the hard way by jmc@ ok tb@
* Ensure we only choose sigalgs from our prefernce list, not the whole listbeck2018-11-094-10/+19
| | | | ok jsing@
* Add the ability to have a separate priority list for sigalgs.beck2018-11-094-12/+43
| | | | | Add a priority list for tls 1.2 ok jsing@
* Correct defines for writer tests in connect/accept loops.jsing2018-11-091-3/+3
| | | | ok tb@
* Correct function naming for tls13_handshake_advance_state_machine().jsing2018-11-091-4/+2
| | | | ok tb@
* Avoid leak: free existing SRTP connection profiles beforetb2018-11-091-1/+2
| | | | | | setting it. From Ben L <bobsayshilol () live ! co ! uk>.
* Avoid leaking memory that was already allocated in ASN1_item_new().tb2018-11-091-5/+1
| | | | From Ben L <bobsayshilol () live ! co ! uk>
* Fix a buffer overrun in asn1_parse2().tb2018-11-091-4/+7
| | | | | From Ben L bobsayshilol () live ! co ! uk Similar fixes in BoringSSL and OpensSSL.
* Add const to the data argument of ASN1_set{,_int}_octetstring().tb2018-11-092-6/+6
| | | | | | From Ben L bobsayshilol () live ! co ! uk ok jsing
* Add header guards and hidden declarations.jsing2018-11-092-2/+19
|
* Add header guards and hidden declarations.jsing2018-11-091-1/+10
|
* Reimplement the sigalgs processing code into a new implementationbeck2018-11-099-253/+340
| | | | | that will be usable with TLS 1.3 with less eye bleed. ok jsing@ tb@
* First skeleton of the TLS 1.3 state machine. Based on RFC 8446 andtb2018-11-083-4/+607
| | | | | | inspired by s2n's state machine. Lots of help and input from jsing. ok beck, jsing
* KNFbeck2018-11-081-3/+4
|
* Clean up and simplify the handshake transcript code.jsing2018-11-0810-166/+144
| | | | | | | This provides a cleaner, simpler and more readable API, with code that uses a BUF_MEM instead of a BIO. ok beck@ ("hurry up") and tb@.
* Stop pretending that a cert member in a SSL and SSL_CTX can be NULL.jsing2018-11-088-121/+18
| | | | ok beck@ tb@
* Move #include <openssl/evp.h> to the header.tb2018-11-082-3/+4
| | | | discussed with beck and jsing
* Ensure the handshake transcript is cleaned up.jsing2018-11-082-3/+20
| | | | | | | | | Add a check at the completion of the client/server handshake to ensure that the handshake transcript has been freed. Fix the case where a server asks the client for a certificate, but it does not have one, resulting in the handshake transcript being left around post-handshake. ok bcook@ tb@
* Remove some function prototypes that should have been removed in thejsing2018-11-081-10/+2
| | | | | | previous clean up. Spotted by bcook@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 16:17:53 +0000