- Jan 30, 2017
-
-
Dr. Stephen Henson authored
Add function to retrieve signature type: in the case of RSA keys the signature type can be EVP_PKEY_RSA or EVP_PKEY_RSA_PSS. Reviewed-by:
Richard Levitte <levitte@openssl.org> Reviewed-by:
Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2301)
-
Dr. Stephen Henson authored
Store peer signature type in s->s3->tmp.peer_sigtype and check it to see if the peer used PSS. Reviewed-by:
-
Dr. Stephen Henson authored
Extend support for PSS key signatures by using the EVP_PKEY_RSA_PSS type to distinguish them from PKCS1 signature types. Allow setting of PSS signature algorithms using the string "PSS" or "RSA-PSS". Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Matt Caswell authored
Following review feedback. Reviewed-by:
Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2259)
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Now we're using an enum the values themselves are self explanatory Reviewed-by:
-
Matt Caswell authored
Based on review feedback Reviewed-by:
-
Matt Caswell authored
The newly added SSL3_CK_CIPHERSUITE_FLAG shouldn't be in a public header file Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Changing the value of SSL_MAX_MASTER_KEY_LENGTH had some unexpected side effects in the <=TLS1.2 code which apparently relies on this being 48 for interoperability. Therefore create a new define for the TLSv1.3 resumption master secret which can be up to 64 bytes. Found through the boring test suite. Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Now that we support internal tests properly, we can test wpacket even in shared builds. Reviewed-by:
-
Matt Caswell authored
When we have support for KeyUpdate we might consider doing that instead. Reviewed-by:
-
Matt Caswell authored
Remove "magic" return values and use an enum instead. Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
TLSProxy normally fires off s_client, which creates a connection to the server. TLSProxy also pipes some data to send to the process and s_client automatically exits when the pipe hits eof. Unfortunately this means that it sends the data and closes before it has processed the NewSessionTicket returned from the server in TLSv1.3. This commits adds an option for s_client to stay loaded until the sesion has been processed. A side effect of this is that s_client never sends a close_notify in this mode, so we count success as seeing that data has been transferred. Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
In TLSv1.3 the connection will be created before the session is established. In OpenSSL we send the NewSessionTicket message immediately after the client finished has been received. Therefore we change create_ssl_connection() to attempt a read of application data after the handshake has completed. We expect this to fail but it will force the reading of the NewSessionTicket and the session to be set up. Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
If we have deserialized the SSL_SESSION then in some circumstances the session->cipher value is NULL. We were patching up in some places but not in others. We should just do it as part of loading the SSL_SESSION. Reviewed-by:
-
Matt Caswell authored
psk_kex_mode stores the available modes - not the one which we selected. Reviewed-by:
-
Matt Caswell authored
Don't attempt to add a TLS1.3 session to a TLS1.2 ClientHello session ticket extensions. Similarly don't add a TLS1.2 session to a TLS1.3 psk extension. Reviewed-by:
-
Matt Caswell authored
Make sure the session version consistency check is inside ssl_get_prev_session(). Also fixes a bug where an inconsistent version can cause a seg fault in TLSv1.3. Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
Reviewed-by:
-
Matt Caswell authored
This mops up various edge cases with key_shares and makes sure we still generate the handshake secret if we haven't been provided with one but we have a PSK. Reviewed-by:
-
Matt Caswell authored
Requires a refactor of the ServerHello parsing, so that we parse first and then subsequently process. This is because the resumption information is held in the extensions block which is parsed last - but we need to know that information earlier. Reviewed-by:
-
Matt Caswell authored
Update SSL_SESSION to store the age_add and use it where needed. Reviewed-by:
-
