| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
| |
To generate current obj_xref.h, third item of lines
id_tc26_signwithdigest_gost3410_2012_256/512 should be id_GostR3410_2001.
obj_xref.txt r1.2 and obj_xref.h r1.3 were committed at the same time,
and these third item were coded different value each other.
This adjusts obj_xref.txt to current obj_xref.h.
ok tb@
|
| |
|
|
|
|
|
|
| |
The information contained in SSL_AEAD_CTX really belongs in the
tls12_record_protection struct. Absorb SSL_AEAD_CTX, using more appropriate
types in the process.
ok tb@
|
| |
|
|
|
|
|
|
| |
In tls12_record_protection_clear(), rather than zeroing or NULLing
individual fields once a pointer has been freed, zero the entire struct once
the pointers have been dealt with.
ok tb@
|
| |
|
|
|
| |
While the implementation needs tls13_internal.h, consumers of
tls13_record.h should not.
|
| | |
|
| |
|
|
|
| |
Consistently include local headers in the same location, using the same
grouping/sorting across all files.
|
| |
|
|
|
|
|
|
| |
Now that the DTLS structs are opaque, add a dtls_locl.h header and move
internal-only structs from dtls1.h, along with prototypes from ssl_locl.h.
Only pull this header in where DTLS code actually exists.
ok inoguchi@ tb@
|
| | |
|
| | |
|
| |
|
|
|
| |
Forward declare struct sigalg in ssl_locl.h and avoid including
ssl_sigalgs.h. Explicitly include ssl_sigalgs.h where it is needed.
|
| |
|
|
|
| |
The bytestring APIs are self contained, hence including openssl headers
here is unnecessary.
|
| |
|
|
|
|
| |
Where a file references to OPENSSL_NO_* conditions, ensure that we
explicitly include <openssl/opensslconf.h> before any references, rather
than relying on another header to pull this in.
|
| | |
|
| |
|
|
|
|
|
| |
Modify objxref.pl to output $OpenBSD$ header and
__BEGIN_HIDDEN_DECLS / __END_HIDDEN_DECLS .
ok and comment from tb@
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
Based on the OpenSSL 1.1.1 manual written by Rich Salz with a healthy
dose of improvements by schwarze.
ok schwarze
|
| |
|
|
|
|
|
|
|
|
| |
Found missing sigoid_srt record in crypto/objects/obj_xref.h, and
this causes error while executing openssl cms -encrypt with EC key/cert.
Added required definitions to obj_xref.txt and obj_xref.h.
Issue reported by Theodore Wynnychenko (tmw <at> uchicago.edu) on misc.
ok tb@
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
for EC_POINT_set_compressed_coordinates from OpenSSL 1.1.1.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
and a few other structs in libssl opaque.
from/ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
| |
EC_POINT_set_compressed_coordinates(3)
ok jsing
|
| |
|
|
| |
ok jsing
|
| |
|
|
|
|
|
|
| |
Listed under 'SMI Security for S/MIME CMS Content Type
(1.2.840.113549.1.9.16.1)'
https://www.iana.org/assignments/smi-numbers/smi-numbers.xhtml#security-smime-1
OK tb@
|
| |
|
|
|
|
|
|
|
|
|
| |
These are one-shot versions combining EVP_Digest{Sign,Verify}{Update,Final}.
and are part of the OpenSSL 1.1.1 API. While they simplify callers in some
situations slightly, their real use is for EdDSA that by design can't be
split into Update/Final steps.
Based on OpenSSL commit 7539418981c140648a620d72edd7398564878b5c
ok inoguchi
|
| |
|
|
| |
ok inoguchi@ tb@
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
For TLSv1.2 a single key block is generated, then partitioned into
individual secrets for use as IVs and keys. The previous implementation
splits this across two functions tls1_setup_key_block() and
tls1_change_cipher_state(), which means that the IV and key sizes have to
be known in multiple places.
This implementation generates and partitions the key block in a single
step, meaning that the secrets are then simply handed out when requested.
ok inoguchi@ tb@
|
| |
|
|
|
|
|
|
|
| |
Per X9.62 4.4.1.b., the compressed representation of a point with
zero x coordinate on a binary curve must have y_bit unset. Error
out in that case of ec_GF2m_set_compressed_coordinates() instead
of ignoring y_bit.
ok jsing
|
| |
|
|
|
| |
copied from other 64 bit arch
ok jsg@
|
| |
|
|
|
|
|
|
| |
After jsing's recent commits, SSL3_CC_{READ,WRITE,CLIENT,SERVER}
and the derived SSL3_CHANGE_CIPHER_{CLIENT,SERVER}_{READ,WRITE}
are no longer used by LibreSSL and should never be used again.
discussed with jsing
|
| |
|
|
|
|
|
|
| |
Replace flag gymnastics at call sites with separate read and write,
functions which call the common code. Condition on s->server instead of
using SSL_ST_ACCEPT, for consistency and more readable code.
ok inoguchi@ tb@
|
| |
|
|
|
|
|
| |
This avoids calling into the key block setup code multiple times and makes
the server code consistent with the client.
ok inoguchi@ tb@
|
| |
|
|
|
|
|
|
|
|
| |
Rather than doing flag gymnastics, split dtls1_reset_seq_numbers() into
separate read and write functions. Move the calls of these functions into
tls1_change_cipher_state() so they directly follow the change of cipher
state in the record layer, which avoids having to duplicate the calls in
the client and server.
ok inoguchi@ tb@
|
| |
|
|
|
|
|
|
|
|
| |
There are several paths where a subtle bug could result in
tls1_transcript_hash_value() being called with a NULL handshake hash - add
an explicit check for this case. As noted by tb@, due to the wonders of
the libcrypto EVP APIs, combined with integer promotion, we already have
a NULL check - this one is just more obvious.
ok tb@
|
| |
|
|
|
|
|
| |
Require master key length to be greater than zero if we're asked to derive
verify data for a finished or peer finished message.
ok tb@
|
