summaryrefslogtreecommitdiff
path: root/src (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Remove SSLv23 padding mode from rsautl's usage (left behind in a removaltb2019-01-291-2/+1
| | | | | | from code and manual in 2017). Reported by KEINOS in github issue #101.
* spelling;jmc2019-01-281-3/+3
|
* Deduplicate a bunch of replicated code in the extension handlingbeck2019-01-281-86/+50
| | | | ok tb@
* Add tls_extension_seen(), a utility to know if a particular extensionbeck2019-01-282-9/+15
| | | | | has been seen in the handshake so far. Use it for keyshare. ok tb@
* zap a commented out line. 0RTT will need more thought thantb2019-01-271-2/+1
| | | | just uncommenting this.
* refactor and clean up the code generating dot output.tb2019-01-271-53/+76
|
* Recent discussions about abort() potentially leaving key material inderaadt2019-01-261-5/+8
| | | | | | | | core files (which can depend upon various file layouts) have resonated with my hate for this function outside a purely debugging context. I also dislike how the report goes to stderr which may get lost or ignored. Increase the noise (with syslog_r) and use _exit(1) to gaurantee termination. ok jsing
* print errors to stderrtb2019-01-251-19/+21
|
* sort output suffixestb2019-01-251-2/+2
|
* I am retiring my old email address; replace it with my OpenBSD one.millert2019-01-2527-61/+61
|
* Add code to visualize the state machine. Both the state machine and thetb2019-01-242-5/+79
| | | | | | | output will have to be tweaked, but this may as well happen in-tree. To try it, pkg_add graphviz and run 'make handshake.svg' in this directory. Committing early so Bob's followers can play.
* Set pointer variables in tls13 handshake to NULL on clearbeck2019-01-241-1/+5
| | | | ok jsing@ bcook@
* set the NEGOTIATED flag in the flags argument rather thantb2019-01-241-4/+4
| | | | squeezing it into the table.
* Add server side of versions, keyshare, and client and server of cookiebeck2019-01-245-28/+742
| | | | | | | | extensions for tls1.3. versions is currently defanged to ignore its result until tls13 server side wired in full, so that server side code still works today when we only support tls 1.2 ok bcook@ tb@ jsing@
* move the extensions_seen into the handshake structbeck2019-01-243-6/+12
| | | | ok jsing@
* Remove SHA224 based sigalgs from use in TLS 1.2 as SHA224 is deprecated.beck2019-01-243-37/+22
| | | | | Remove GOST based sigalgs from TLS 1.2 since they don't work with TLS 1.2. ok jsing@
* Correct ECDSA_SECP512R1 typo to ECDSA_SECP521R1beck2019-01-232-6/+6
| | | | spotted by naddy@
* make whitespace inside curlies consistent; sort function prototypes.tb2019-01-231-24/+24
|
* Rename NUM_HANDSHAKE to handshake_count and make it a variabletb2019-01-233-13/+47
| | | | | | | | | so it can be used from regress. Update regress accordingly. Make sure the print target generates the entire table as it currently is in tls13_handshake.c discussed with beck and jsing ok jsing
* assert.h is often misused. It should not be used in a librarybeck2019-01-232-8/+5
| | | | ok bcook@ jsing@
* Modify sigalgs extension processing to accomodate TLS 1.3.beck2019-01-238-40/+93
| | | | | | | | | | - Make a separate sigalgs list for TLS 1.3 including only modern algorithm choices which we use when the handshake will not negotiate TLS 1.2. - Modify the legacy sigalgs for TLS 1.2 to include the RSA PSS algorithms as mandated by RFC8446 when the handshake will permit negotiation of TLS 1.2 from a 1.3 handshake. ok jsing@ tb@
* revert previous, accidentally contained another diff in additionbeck2019-01-2310-408/+61
| | | | to the one I intended to commit
* Modify sigalgs extension processing for TLS 1.3.beck2019-01-2310-61/+408
| | | | | | | | | - Make a separate sigalgs list for TLS 1.3 including only modern algorithm choices which we use when the handshake will not negotiate TLS 1.2 - Modify the legacy sigalgs for TLS 1.2 to include the RSA PSS algorithms as mandated by RFC8446 when the handshake will permit negotiation of TLS 1.2 ok jsing@ tb@
* Sync the handshakes table with the generated table in regress.tb2019-01-231-19/+19
| | | | | | | This sorts the valid handshakes with respect to ascending flags value instead of the ad-hoc order produced by the algorithm. ok jsing
* incorrrect spellingtb2019-01-231-2/+2
|
* do not print the command in the print: targettb2019-01-231-2/+2
|
* Add a regression test that builds up the handshake state tabletb2019-01-232-1/+399
| | | | | | | from graph information and cross-checks it against the state table in tls13_handshake.c. with help from jsing
* Remove static from handshakes[][] so it is visible from regress/tb2019-01-231-2/+2
| | | | ok bcook
* No need to include <bsd.prog.mk> here.tb2019-01-232-4/+2
| | | | ok bcook
* sort sections, and add a missing verb to the EXAMPLES text;jmc2019-01-221-24/+24
|
* Wrap long lineotto2019-01-221-4/+4
|
* bump minors after symbol additiontb2019-01-223-3/+3
|
* Document SSL_get1_supported_ciphers(3) and SSL_get_client_ciphers(3).tb2019-01-221-7/+61
| | | | | | | The text comes from OpenSSL, where it was still published under a free license. from schwarze
* Add a re-implementation of SSL_get1_supported_ciphers().tb2019-01-223-2/+38
| | | | | | | Part of OpenSSL 1.1 API (pre-licence-change). input schwarze ok jsing
* Provide SSL_get_client_ciphers().tb2019-01-223-2/+12
| | | | | | Part of OpenSSL 1.1 API, pre-licence change. ok jsing
* Add missing symbols from the EC_KEY_METHOD port.tb2019-01-221-0/+8
| | | | Reported by bcook and sthen
* add support for xchacha20 and xchacha20-poly1305dlg2019-01-2210-11/+399
| | | | | | | xchacha is a chacha stream that allows for an extended nonce, which in turn makes it feasible to use random nonces. ok tb@
* lenght -> lengthjsg2019-01-212-3/+3
|
* a few tweakstedu2019-01-211-5/+9
|
* Add example showing a proper comparison function, as many examples showotto2019-01-211-3/+40
| | | | the wrong idiom. ok tedu@ but probably needs some tweakin
* Use the actual handshake message type in the certificate request handler.jsing2019-01-211-4/+2
|
* Move ssl_cipher_list_to_bytes() and ssl_bytes_to_cipher_list() totb2019-01-212-116/+120
| | | | | | | a more appropriately licenced file. jsing and doug have rewritten these functions (including the comments) over the past years. ok jsing
* Provide the initial TLSv1.3 client implementation.jsing2019-01-215-25/+192
| | | | | | | | | Move tls13_connect() to a new tls13_client.c file and provide a legacy wrapper to it, which allocates a struct tls_ctx if necessary. Also move tls13_client_hello_send() to tls13_client.c and actual implement the building of a client hello. ok tb@
* Wire up the handshake message send and recv actions.jsing2019-01-212-4/+44
| | | | | | | This means that we actually receive and send handshake messages to and from the record layer. ok tb@
* In ssl_lib.c rev. 1.197, jsing@ added TLSv1.3 support to SSL_get_version(3).schwarze2019-01-211-2/+4
| | | | Document it.
* The main handshake loop can be shared between client and server.jsing2019-01-212-29/+15
| | | | | | | Pull the shared code up into a function and call it from tls13_connect() and tls13_accept() instead of duplicating it. "Yes, please!" tb@
* Use ssl_cipher_is_permitted() in ssl_cipher_list_to_bytes().tb2019-01-211-9/+6
| | | | ok jsing
* Add ssl_cipher_is_permitted(), an internal helper function thattb2019-01-213-2/+49
| | | | | | | will be used in a few places shortly, e.g. in ssl_cipher_list_to_bytes(). ok jsing
* Correct some rwstate handling that I broke when refactoring.jsing2019-01-211-3/+13
|
* Provide TLS 1.3 cipher AEAD/hash and legacy I/O handling functions.jsing2019-01-213-2/+210
| | | | | | | | | Provide functionality for determining AEADs and hashes for TLS 1.3 ciphers. Also provide wire read/write callbacks that interface with BIO and functions that interface between SSL_read/SSL_write and the TLS 1.3 record layer API. ok tb@
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-02 01:49:31 +0000