- 02 Feb, 2017 4 commits
-
-
Dr. Stephen Henson authored
New function tls_choose_sigalg(). This is a signature algorithm version of ssl3_choose_cipher(): it picks and sets the appropriate signature algorithm and certificate based on shared signature algorithms. Reviewed-by:
Rich Salz <rsalz@openssl.org> Reviewed-by:
Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2339)
-
Dr. Stephen Henson authored
Reviewed-by:
-
Cory Benfield authored
Reviewed-by:
Richard Levitte <levitte@openssl.org> Reviewed-by:
-
Cory Benfield authored
Reviewed-by:
-
- 01 Feb, 2017 11 commits
-
-
Todd Short authored
The core SipHash supports either 8 or 16-byte output and a configurable number of rounds. The default behavior, as added to EVP, is to use 16-byte output and 2,4 rounds, which matches the behavior of most implementations. There is an EVP_PKEY_CTRL that can control the output size. Reviewed-by:
-
Bernd Edlinger authored
Reviewed-by:
-
Todd Short authored
session_ctx and initial_ctx are aliases of each other, and with the opaque data structures, there's no need to keep both around. Since there were more references of session_ctx, replace all instances of initial_ctx with session_ctx. Reviewed-by:
-
Richard Levitte authored
Reviewed-by: -
Geoff Thorpe authored
The BIGNUM behaviour is supposed to be "consistent" when going into and out of APIs, where "consistent" means 'top' is set minimally and that 'neg' (negative) is not set if the BIGNUM is zero (which is iff 'top' is zero, due to the previous point). The BN_DEBUG testing (make test) caught the cases that this patch corrects. Note, bn_correct_top() could have been used instead, but that is intended for where 'top' is expected to (sometimes) require adjustment after direct word-array manipulation, and so is heavier-weight. Here, we are just catching the negative-zero case, so we test and correct for that explicitly, in-place. Change-Id: Iddefbd3c28a13d935648932beebcc765d5b85ae7 Signed-off-by:
Geoff Thorpe <geoff@openssl.org> Reviewed-by:
-
Geoff Thorpe authored
Change-Id: I5ab72ad0aae9069b47d5b7b7b9e25bd1b7afa251 Signed-off-by:
-
Geoff Thorpe authored
Couple of updates to make this code work properly again; * use OPENSSL_assert() instead of assert() (and #include <assert.h>) * the circular-dependency-avoidance uses RAND_bytes() (not pseudo) Change-Id: Iefb5a9dd73f71fd81c1268495c54a64378955354 Signed-off-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
Richard Levitte authored
Reviewed-by:
-
- 31 Jan, 2017 9 commits
-
-
Rich Salz authored
Also fix a block comment formatting glitch. Reviewed-by:
Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2327)
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
Remove unnecessary lookup operations: use the indices and data in the lookup table directly. Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
- 30 Jan, 2017 16 commits
-
-
Matt Caswell authored
Reviewed-by:
Kurt Roeckx <kurt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2326)
-
Matt Caswell authored
Otherwise we get a memory leak. Reviewed-by:
-
Dr. Stephen Henson authored
Use TLS_MAX_SIGALGCNT for the maximum number of entries in the signature algorithms array. Use TLS_MAX_SIGSTRING_LEN for the maxiumum length of each signature component instead of a magic number. Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
For TLS 1.2 if we have no signature algorithms extension then lookup using the complete table instead of (empty) shared signature algorithms list so we pick up defaults. Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
Add details of the use of PSS for signature algorithms. Document SSL_get_peer_signature_nid() and SSL_get_peer_signature_type_nid(). Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
Since every supported signature algorithm is now an entry in the SIGALG_LOOKUP table we can replace shared signature algortihms with pointers to constant table entries. Reviewed-by:
-
Dr. Stephen Henson authored
Reviewed-by:
-
Dr. Stephen Henson authored
Add additional entries in the TLS 1.2 signature table to include the name, sig and hash NID (if any) and required curve (if any). Reviewed-by:
-
Dr. Stephen Henson authored
Lookup the signature type in the shared list: we can use this to use PSS if the peer supports it for TLS 1.2. Reviewed-by:
-
Dr. Stephen Henson authored
Add function to retrieve signature type: in the case of RSA keys the signature type can be EVP_PKEY_RSA or EVP_PKEY_RSA_PSS. Reviewed-by:
-
Dr. Stephen Henson authored
Store peer signature type in s->s3->tmp.peer_sigtype and check it to see if the peer used PSS. Reviewed-by:
-
