| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Preserve the transcript hash at specific stages of the TLSv1.3 handshake. | jsing | 2019-02-10 | 2 | -2/+16 |
| | | | | | | | | | | There are various points where we need the hash of all messages prior to the current message. Support this by having the handshake code preserve the transcript hash prior to recording the current message, which avoids the need to sprinkle this throughout multiple handlers. ok inoguchi@ tb@ | ||||
| * | Fix weird wrap showing cipher list in interactive mode | inoguchi | 2019-02-09 | 6 | -13/+23 |
| | | | | | ok jsing@ tb@ | ||||
| * | Rename the file that contains the transcript handling code. | jsing | 2019-02-09 | 2 | -3/+3 |
| | | | | | ok inoguchi@ tb@ | ||||
| * | Rename tls1_handshake_hash*() to tls1_transcript_hash*(). | jsing | 2019-02-09 | 7 | -29/+29 |
| | | | | | | | | | | While handshake hash is correct (in as far as it is a hash of handshake messages), using tls1_transcript_hash*() aligns them with the naming of the tls1_transcript*() functions. Additionally, the TLSv1.3 specification uses Transcript-Hash and "transcript hash", which this matches. ok inoguchi@ tb@ | ||||
| * | Provide a reference from the TLSv1.3 context to the handshake state. | jsing | 2019-02-09 | 2 | -19/+25 |
| | | | | | | | | This allows ctx->hs to be used throughout the TLSv1.3 code, rather than S3I(ctx->ssl)->hs_tls13. ok inoguchi@ tb@ | ||||
| * | Summarize the 4 same name functions and move it to apps.c | inoguchi | 2019-02-09 | 7 | -72/+26 |
| | | | | | ok tb@ jsing@ | ||||
| * | Implement processing of EncryptedExtensions in the TLS 1.3 client. | jsing | 2019-02-07 | 2 | -8/+28 |
| | | | | | ok bcook@ tb@ | ||||
| * | Add islower check to show_ciphers in pkey.c and rsa.c. | inoguchi | 2019-02-05 | 2 | -2/+10 |
| | | | | | | suggested by jsing@ ok tb@ | ||||
| * | Convert openssl(1) pkey to the newer style of option handling. | inoguchi | 2019-02-05 | 1 | -96/+171 |
| | | | | | ok jsing@ | ||||
| * | Implement parsing and processing of TLSv1.3 ServerHello messages. | jsing | 2019-02-04 | 3 | -11/+187 |
| | | | | | ok tb@ | ||||
| * | Make it easier to build with LIBRESSL_HAS_TLS1_3 enabled. | jsing | 2019-02-04 | 1 | -1/+4 |
| | | | | | ok tb@ | ||||
| * | Document missing command line options for the rsautl command. | tb | 2019-02-04 | 2 | -9/+16 |
| | | | | | ok jsing, "looks good!" jmc | ||||
| * | zap spaces before tabs | tb | 2019-02-03 | 1 | -5/+5 |
| | | |||||
| * | Convert openssl(1) rsautl to the newer style of option handling. | jsing | 2019-02-03 | 1 | -121/+196 |
| | | | | | ok beck@ inoguchi@ tb@ | ||||
| * | Revert r1.38 as it introduces use of a stack value post function return. | jsing | 2019-02-03 | 1 | -50/+86 |
| | | | | | | The deduplication is also not quite right - this will be revisited in due course. | ||||
| * | Use malloc() and memcpy() the test X25519 x25519_peer_public value. | jsing | 2019-02-03 | 1 | -3/+6 |
| | | | | | | | | Otherwise, if tlsext_keyshare_server_build() fails we call free with a pointer to static memory and bad things happen. Reported by bcook@ | ||||
| * | unwrap a line introduced in previous. | tb | 2019-01-31 | 1 | -3/+2 |
| | | |||||
| * | Correct handling of TLS sigalgs extension for TLSv1.0/TLSv1.1. | jsing | 2019-01-30 | 1 | -33/+19 |
| | | | | | | | | | | | | | | When operating as a TLSv1.0 or TLSv1.1 server, we still have to parse the TLS sigalgs extension if presented by the client (which might be TLSv1.2 capable), rather than treating its presence as an error. While here, remove future version dependence issues by avoiding explicit version equality checks. Issue reported by bluhm@. ok bluhm@ tb@ | ||||
| * | instead of calling abort() for 3 "must not use anymore" interfaces, | deraadt | 2019-01-29 | 1 | -7/+4 |
| | | | | | | | call OPENSSL_assert() with the specific message, which due to recent changes will end up syslog :) ok jsing | ||||
| * | Remove SSLv23 padding mode from rsautl's usage (left behind in a removal | tb | 2019-01-29 | 1 | -2/+1 |
| | | | | | | | from code and manual in 2017). Reported by KEINOS in github issue #101. | ||||
| * | spelling; | jmc | 2019-01-28 | 1 | -3/+3 |
| | | |||||
| * | Deduplicate a bunch of replicated code in the extension handling | beck | 2019-01-28 | 1 | -86/+50 |
| | | | | | ok tb@ | ||||
| * | Add tls_extension_seen(), a utility to know if a particular extension | beck | 2019-01-28 | 2 | -9/+15 |
| | | | | | | has been seen in the handshake so far. Use it for keyshare. ok tb@ | ||||
| * | zap a commented out line. 0RTT will need more thought than | tb | 2019-01-27 | 1 | -2/+1 |
| | | | | | just uncommenting this. | ||||
| * | refactor and clean up the code generating dot output. | tb | 2019-01-27 | 1 | -53/+76 |
| | | |||||
| * | Recent discussions about abort() potentially leaving key material in | deraadt | 2019-01-26 | 1 | -5/+8 |
| | | | | | | | | | core files (which can depend upon various file layouts) have resonated with my hate for this function outside a purely debugging context. I also dislike how the report goes to stderr which may get lost or ignored. Increase the noise (with syslog_r) and use _exit(1) to gaurantee termination. ok jsing | ||||
| * | print errors to stderr | tb | 2019-01-25 | 1 | -19/+21 |
| | | |||||
| * | sort output suffixes | tb | 2019-01-25 | 1 | -2/+2 |
| | | |||||
| * | I am retiring my old email address; replace it with my OpenBSD one. | millert | 2019-01-25 | 27 | -61/+61 |
| | | |||||
| * | Add code to visualize the state machine. Both the state machine and the | tb | 2019-01-24 | 2 | -5/+79 |
| | | | | | | | | output will have to be tweaked, but this may as well happen in-tree. To try it, pkg_add graphviz and run 'make handshake.svg' in this directory. Committing early so Bob's followers can play. | ||||
| * | Set pointer variables in tls13 handshake to NULL on clear | beck | 2019-01-24 | 1 | -1/+5 |
| | | | | | ok jsing@ bcook@ | ||||
| * | set the NEGOTIATED flag in the flags argument rather than | tb | 2019-01-24 | 1 | -4/+4 |
| | | | | | squeezing it into the table. | ||||
| * | Add server side of versions, keyshare, and client and server of cookie | beck | 2019-01-24 | 5 | -28/+742 |
| | | | | | | | | | extensions for tls1.3. versions is currently defanged to ignore its result until tls13 server side wired in full, so that server side code still works today when we only support tls 1.2 ok bcook@ tb@ jsing@ | ||||
| * | move the extensions_seen into the handshake struct | beck | 2019-01-24 | 3 | -6/+12 |
| | | | | | ok jsing@ | ||||
| * | Remove SHA224 based sigalgs from use in TLS 1.2 as SHA224 is deprecated. | beck | 2019-01-24 | 3 | -37/+22 |
| | | | | | | Remove GOST based sigalgs from TLS 1.2 since they don't work with TLS 1.2. ok jsing@ | ||||
| * | Correct ECDSA_SECP512R1 typo to ECDSA_SECP521R1 | beck | 2019-01-23 | 2 | -6/+6 |
| | | | | | spotted by naddy@ | ||||
| * | make whitespace inside curlies consistent; sort function prototypes. | tb | 2019-01-23 | 1 | -24/+24 |
| | | |||||
| * | Rename NUM_HANDSHAKE to handshake_count and make it a variable | tb | 2019-01-23 | 3 | -13/+47 |
| | | | | | | | | | | so it can be used from regress. Update regress accordingly. Make sure the print target generates the entire table as it currently is in tls13_handshake.c discussed with beck and jsing ok jsing | ||||
| * | assert.h is often misused. It should not be used in a library | beck | 2019-01-23 | 2 | -8/+5 |
| | | | | | ok bcook@ jsing@ | ||||
| * | Modify sigalgs extension processing to accomodate TLS 1.3. | beck | 2019-01-23 | 8 | -40/+93 |
| | | | | | | | | | | | - Make a separate sigalgs list for TLS 1.3 including only modern algorithm choices which we use when the handshake will not negotiate TLS 1.2. - Modify the legacy sigalgs for TLS 1.2 to include the RSA PSS algorithms as mandated by RFC8446 when the handshake will permit negotiation of TLS 1.2 from a 1.3 handshake. ok jsing@ tb@ | ||||
| * | revert previous, accidentally contained another diff in addition | beck | 2019-01-23 | 10 | -408/+61 |
| | | | | | to the one I intended to commit | ||||
| * | Modify sigalgs extension processing for TLS 1.3. | beck | 2019-01-23 | 10 | -61/+408 |
| | | | | | | | | | | - Make a separate sigalgs list for TLS 1.3 including only modern algorithm choices which we use when the handshake will not negotiate TLS 1.2 - Modify the legacy sigalgs for TLS 1.2 to include the RSA PSS algorithms as mandated by RFC8446 when the handshake will permit negotiation of TLS 1.2 ok jsing@ tb@ | ||||
| * | Sync the handshakes table with the generated table in regress. | tb | 2019-01-23 | 1 | -19/+19 |
| | | | | | | | | This sorts the valid handshakes with respect to ascending flags value instead of the ad-hoc order produced by the algorithm. ok jsing | ||||
| * | incorrrect spelling | tb | 2019-01-23 | 1 | -2/+2 |
| | | |||||
| * | do not print the command in the print: target | tb | 2019-01-23 | 1 | -2/+2 |
| | | |||||
| * | Add a regression test that builds up the handshake state table | tb | 2019-01-23 | 2 | -1/+399 |
| | | | | | | | | from graph information and cross-checks it against the state table in tls13_handshake.c. with help from jsing | ||||
| * | Remove static from handshakes[][] so it is visible from regress/ | tb | 2019-01-23 | 1 | -2/+2 |
| | | | | | ok bcook | ||||
| * | No need to include <bsd.prog.mk> here. | tb | 2019-01-23 | 2 | -4/+2 |
| | | | | | ok bcook | ||||
| * | sort sections, and add a missing verb to the EXAMPLES text; | jmc | 2019-01-22 | 1 | -24/+24 |
| | | |||||
| * | Wrap long line | otto | 2019-01-22 | 1 | -4/+4 |
| | | |||||
 |
index : openbsd | |
| A mirror of https://github.com/libressl/openbsd.git |
| summaryrefslogtreecommitdiff |