Commit Graph

413 Commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard
56dc9e8bba Authenticate session tickets. 2013-08-14 14:08:07 +02:00
Manuel Pégourié-Gonnard
990c51a557 Encrypt session tickets 2013-08-14 14:08:07 +02:00
Manuel Pégourié-Gonnard
779e42982c Start adding ticket keys (only key_name for now) 2013-08-14 14:08:06 +02:00
Manuel Pégourié-Gonnard
aa0d4d1aff Add ssl_set_session_tickets() 2013-08-14 14:08:06 +02:00
Manuel Pégourié-Gonnard
06650f6a37 Fix reusing session more than once 2013-08-14 14:08:06 +02:00
Manuel Pégourié-Gonnard
a5cc6025e7 Parse NewSessionTicket message 2013-08-14 14:08:04 +02:00
Manuel Pégourié-Gonnard
60182ef989 ssl_cli: write & parse session ticket extension 2013-08-14 14:08:04 +02:00
Manuel Pégourié-Gonnard
75d440192c Introduce ticket field in session structure 2013-08-14 14:08:04 +02:00
Manuel Pégourié-Gonnard
747180391d Add ssl_get_session() to save session on client 2013-08-14 14:08:03 +02:00
Paul Bakker
48e93c84b7 Made padding modes configurable from config.h 2013-08-14 14:02:48 +02:00
Paul Bakker
1a45d91cf2 Restructured cipher_set_padding_mode() to use switch statement 2013-08-14 14:02:48 +02:00
Manuel Pégourié-Gonnard
ebdc413f44 Add 'no padding' mode 2013-08-14 14:02:48 +02:00
Manuel Pégourié-Gonnard
0e7d2c0f95 Add zero padding 2013-08-14 14:02:47 +02:00
Manuel Pégourié-Gonnard
8d4291b52a Add zeros-and-length (ANSI X.923) padding 2013-08-14 14:02:47 +02:00
Manuel Pégourié-Gonnard
679f9e90ad Add one-and-zeros (ISO/IEC 7816-4) padding 2013-08-14 14:02:47 +02:00
Manuel Pégourié-Gonnard
ac56a1aec4 Make cipher_set_padding() actually work
(Only one padding mode recognized yet.)
2013-08-14 14:02:46 +02:00
Manuel Pégourié-Gonnard
d5fdcaf9e5 Add cipher_set_padding() (no effect yet)
Fix pattern in tests/.gitignore along the way.
2013-08-14 14:02:46 +02:00
Paul Bakker
0f2f0bfc87 CAMELLIA-based PSK and DHE-PSK ciphersuites added 2013-07-26 15:04:03 +02:00
Paul Bakker
d6f41c5bcd Fixed size of ctx_enc / ctx_dec in ssl for gcm_context size 2013-07-25 17:01:54 +02:00
Paul Bakker
f16db18c55 Fixed header file comments on ciphersuites 2013-07-25 11:30:31 +02:00
Paul Bakker
8c1ede655f Changed prototype for ssl_set_truncated_hmac() to allow disabling 2013-07-19 14:51:47 +02:00
Manuel Pégourié-Gonnard
277f7f23e2 Implement hmac truncation 2013-07-19 14:51:47 +02:00
Manuel Pégourié-Gonnard
57c2852807 Added truncated hmac negociation (without effect) 2013-07-19 14:51:47 +02:00
Manuel Pégourié-Gonnard
e980a994f0 Add interface for truncated hmac 2013-07-19 14:51:47 +02:00
Manuel Pégourié-Gonnard
e048b67d0a Misc minor fixes
- avoid "multi-line comment" warning in ssl_client2.c
- rm useless initialisation of mfl_code in ssl_init()
- const-correctness of ssl_parse_*_ext()
- a code formating issue
2013-07-19 12:56:08 +02:00
Manuel Pégourié-Gonnard
ed4af8b57c Move negotiated max fragment length to session
User-set max fragment length remains in ssl_context.
The min of the two is used for sizing fragments.
2013-07-18 14:07:09 +02:00
Manuel Pégourié-Gonnard
581e6b6d6c Prepare migrating max fragment length to session
Remove max_frag_len member so that reseting session by memset()ing it to zero
does the right thing.
2013-07-18 12:32:27 +02:00
Manuel Pégourié-Gonnard
48f8d0dbbd Read max_fragment_length extension (server) 2013-07-18 11:18:14 +02:00
Manuel Pégourié-Gonnard
8b46459ae5 Add ssl_set_max_frag_len() 2013-07-18 11:18:13 +02:00
Manuel Pégourié-Gonnard
fd5164e283 Fix some more ifdef's RSA/EC, in pk and debug 2013-07-17 15:59:44 +02:00
Manuel Pégourié-Gonnard
ab2d9836b4 Fix some ifdef's in x509parse
While at it:
- move _rsa variants systematically after generic functions
- unsplit x509parse_key_pkcs8_encrypted_der() (reverts a5d9974)
2013-07-17 15:59:44 +02:00
Manuel Pégourié-Gonnard
96f3a4e1b3 Rm ecp_keypair.alg
Avoid duplicating information already present in pk_context.
2013-07-17 15:59:44 +02:00
Manuel Pégourié-Gonnard
a2d4e644ac Some more EC pubkey parsing refactoring
Fix a bug in pk_rsa() and pk_ec() along the way
2013-07-17 15:59:43 +02:00
Manuel Pégourié-Gonnard
1c808a011c Refactor some EC key parsing code 2013-07-17 15:59:43 +02:00
Manuel Pégourié-Gonnard
991d0f5aca Remove rsa member from x509_cert structure 2013-07-17 15:59:42 +02:00
Manuel Pégourié-Gonnard
360a583029 Adapt x509parse_cert_info() for EC 2013-07-17 15:59:41 +02:00
Manuel Pégourié-Gonnard
674b2243eb Prepare transition from x509_cert.rsa to pk 2013-07-17 15:59:41 +02:00
Manuel Pégourié-Gonnard
2692a30c1b Relax ifdef's in pk.h by analogy with md.h 2013-07-17 15:59:41 +02:00
Manuel Pégourié-Gonnard
1e60cd09b0 Expand oid_get_sig_alg() for ECDSA-based algs 2013-07-17 15:59:40 +02:00
Manuel Pégourié-Gonnard
244569f4b1 Use generic x509_get_pubkey() for RSA functions 2013-07-17 15:59:40 +02:00
Manuel Pégourié-Gonnard
788db112a5 Get rid of x509_cert.pkoid
Unused, comment did not match reality, and will soon be superseeded by the
'type' field of the pk_context which will replace rsa_context.
2013-07-17 15:59:39 +02:00
Manuel Pégourié-Gonnard
374e4b87d4 pk_set_type() cannot be used to reset key type 2013-07-17 15:59:39 +02:00
Paul Bakker
f4a1427ae7 base64_decode() also forcefully returns on dst == NULL 2013-07-16 17:48:58 +02:00
Manuel Pégourié-Gonnard
7d4e5b739e Simplify password check in pem_read_buffer() 2013-07-09 16:42:35 +02:00
Manuel Pégourié-Gonnard
de44a4aecf Rename ecp_check_prvkey with a 'i' for consistency 2013-07-09 16:42:34 +02:00
Manuel Pégourié-Gonnard
81c313ccc6 Add #ifdef's on RSA and EC in PK 2013-07-09 10:49:09 +02:00
Manuel Pégourié-Gonnard
7a6c946446 Fix error code in pk.h 2013-07-09 10:37:27 +02:00
Manuel Pégourié-Gonnard
8838099330 Add x509parse_{,public}_key{,file}()
Also make previously public *_ec functions private.
2013-07-08 17:32:27 +02:00
Manuel Pégourié-Gonnard
12e0ed9115 Add pk_context and associated functions 2013-07-08 17:32:27 +02:00
Manuel Pégourié-Gonnard
f8648d51b1 Fix undocumented feature of pem_read_buffer()
Used to work only for RSAPrivateKey content, now accepts ECPrivateKey too,
and may even work with similar enough structures when they appear.
2013-07-08 17:32:26 +02:00