Manuel Pégourié-Gonnard
|
db77175e99
|
Make ecdsa_verify() return value more explicit
|
2013-08-27 22:21:21 +02:00 |
|
Manuel Pégourié-Gonnard
|
9cc6f5c61b
|
Fix some hash debugging
|
2013-08-27 22:21:21 +02:00 |
|
Manuel Pégourié-Gonnard
|
4bd1284f59
|
Fix ECDSA hash selection bug with TLS 1.0 and 1.1
|
2013-08-27 22:21:21 +02:00 |
|
Manuel Pégourié-Gonnard
|
9c9812a299
|
Fix bug introduced in dbf69cf
(Was writing outside array bounds.)
|
2013-08-27 22:21:21 +02:00 |
|
Manuel Pégourié-Gonnard
|
df0142bd17
|
Fix some dependencies in tests
|
2013-08-27 22:21:21 +02:00 |
|
Manuel Pégourié-Gonnard
|
2fb15f694c
|
Un-rename ssl_set_own_cert_alt()
|
2013-08-27 22:21:21 +02:00 |
|
Manuel Pégourié-Gonnard
|
c6b6803dcf
|
Add forgotten "inline" keyword
|
2013-08-27 22:21:21 +02:00 |
|
Manuel Pégourié-Gonnard
|
e511ffca50
|
Allow compiling without RSA or DH
Only library and programs now, need to check test suites later.
|
2013-08-27 22:21:21 +02:00 |
|
Manuel Pégourié-Gonnard
|
ee98f8e7a3
|
Add EC certificates in certs.c
|
2013-08-27 22:21:21 +02:00 |
|
Manuel Pégourié-Gonnard
|
f484282e96
|
Rm a few unneeded tests
|
2013-08-27 22:21:21 +02:00 |
|
Manuel Pégourié-Gonnard
|
d11eb7c789
|
Fix sig_alg extension on client.
Temporary solution on server.
|
2013-08-27 22:21:21 +02:00 |
|
Manuel Pégourié-Gonnard
|
bfe32efb9b
|
pk_{sign,verify}() now accept hash_len = 0
|
2013-08-27 22:21:21 +02:00 |
|
Manuel Pégourié-Gonnard
|
a20c58c6f1
|
Use convert functions for SSL_SIG_* and SSL_HASH_*
|
2013-08-27 22:21:20 +02:00 |
|
Manuel Pégourié-Gonnard
|
51be559c53
|
Fix PKCS#11 deps: now goes through PK
|
2013-08-27 22:21:20 +02:00 |
|
Manuel Pégourié-Gonnard
|
c40b4c3708
|
Add configuration item for the PK module
|
2013-08-27 22:21:20 +02:00 |
|
Manuel Pégourié-Gonnard
|
0d42049440
|
Merge code for RSA and ECDSA in SSL
|
2013-08-27 22:21:20 +02:00 |
|
Manuel Pégourié-Gonnard
|
070cc7fd21
|
Use the new PK RSA-alt interface
|
2013-08-27 22:21:20 +02:00 |
|
Manuel Pégourié-Gonnard
|
12c1ff0ecb
|
Add RSA-alt to the PK layer
|
2013-08-27 22:21:20 +02:00 |
|
Manuel Pégourié-Gonnard
|
a2d3f22007
|
Add and use pk_encrypt(), pk_decrypt()
|
2013-08-27 22:21:20 +02:00 |
|
Manuel Pégourié-Gonnard
|
8df2769178
|
Introduce pk_sign() and use it in ssl
|
2013-08-27 22:21:20 +02:00 |
|
Manuel Pégourié-Gonnard
|
583b608401
|
Fix some return values
|
2013-08-27 22:21:20 +02:00 |
|
Manuel Pégourié-Gonnard
|
76c18a1a77
|
Add client support for ECDSA client auth
|
2013-08-27 22:21:20 +02:00 |
|
Manuel Pégourié-Gonnard
|
abae74c4a0
|
Add server support for ECDHE_ECDSA key exchange
|
2013-08-27 22:21:20 +02:00 |
|
Manuel Pégourié-Gonnard
|
ac75523593
|
Adapt ssl_set_own_cert() to generic keys
|
2013-08-27 22:21:20 +02:00 |
|
Manuel Pégourié-Gonnard
|
09edda888e
|
Check key type against selected key exchange
|
2013-08-27 22:21:19 +02:00 |
|
Manuel Pégourié-Gonnard
|
20846b1a50
|
Add client support for ECDHE_ECDSA key exchange
|
2013-08-27 22:21:19 +02:00 |
|
Manuel Pégourié-Gonnard
|
efebb0a394
|
Refactor ssl_parse_server_key_exchange() a bit
|
2013-08-27 22:21:19 +02:00 |
|
Manuel Pégourié-Gonnard
|
32ea60a127
|
Declare ECDSA key exchange and ciphersuites
Also fix bug in ssl_list_ciphersuites().
For now, disable it on server.
Client will offer it but fail if server selects it.
|
2013-08-27 22:21:19 +02:00 |
|
Manuel Pégourié-Gonnard
|
0b03200e96
|
Add server-side support for ECDSA client auth
|
2013-08-27 22:21:19 +02:00 |
|
Paul Bakker
|
fb08fd2e23
|
Entropy collector and CTR-DRBG now also work on SHA-256 if SHA-512 not available
|
2013-08-27 15:06:54 +02:00 |
|
Manuel Pégourié-Gonnard
|
0a20171d52
|
Fix compiler warning from gcc -Os
|
2013-08-26 14:31:43 +02:00 |
|
Manuel Pégourié-Gonnard
|
70f1768b9d
|
Make two format strings literal
Fixes clang warning
|
2013-08-26 14:31:33 +02:00 |
|
Manuel Pégourié-Gonnard
|
5151b45aa1
|
Minor comment fixes
|
2013-08-26 14:31:20 +02:00 |
|
Manuel Pégourié-Gonnard
|
356da16ce3
|
Update VisualStudio files
|
2013-08-26 14:31:01 +02:00 |
|
Manuel Pégourié-Gonnard
|
c6554aab3d
|
Check length of session tickets we write
|
2013-08-26 14:26:33 +02:00 |
|
Manuel Pégourié-Gonnard
|
38d1eba3b5
|
Move verify_result from ssl_context to session
|
2013-08-26 14:26:02 +02:00 |
|
Paul Bakker
|
43fdd617e1
|
Merged update certificate verification for EC certificates into
development
|
2013-08-20 23:13:29 +02:00 |
|
Paul Bakker
|
ca2da515f3
|
Merged ECDSA tests / enhancements and example into development
|
2013-08-20 23:12:59 +02:00 |
|
Paul Bakker
|
2b217c36b6
|
Merged latest fix for test framework revamp into development
|
2013-08-20 23:11:42 +02:00 |
|
Paul Bakker
|
667086b01d
|
Fixed Makefile leftover typo
|
2013-08-20 23:11:06 +02:00 |
|
Manuel Pégourié-Gonnard
|
fff80f8879
|
PK: use NULL for unimplemented operations
|
2013-08-20 20:46:05 +02:00 |
|
Manuel Pégourié-Gonnard
|
f73da02962
|
PK: change pk_verify arguments (md_info "optional")
|
2013-08-20 20:46:04 +02:00 |
|
Manuel Pégourié-Gonnard
|
ab46694558
|
Change pk_set_type to pk_init_ctx for consistency
|
2013-08-20 20:46:04 +02:00 |
|
Manuel Pégourié-Gonnard
|
7e56de1671
|
Adapt ssl_cert_test to changes in PK
|
2013-08-20 20:46:04 +02:00 |
|
Manuel Pégourié-Gonnard
|
ac4cd36297
|
PK rsa_verify: check signature length
|
2013-08-20 20:46:04 +02:00 |
|
Manuel Pégourié-Gonnard
|
15699380e5
|
Small PK cleanups
- better error codes
- rm now-useless include
|
2013-08-20 20:46:04 +02:00 |
|
Manuel Pégourié-Gonnard
|
3fb5c5ee1c
|
PK: rename members for consistency CIPHER, MD
Also add pk_get_name() to remove a direct access to pk_type
|
2013-08-20 20:46:04 +02:00 |
|
Manuel Pégourié-Gonnard
|
09162ddcaa
|
PK: reuse some eckey functions for ecdsa
Also add some forgotten 'static' while at it.
|
2013-08-20 20:46:04 +02:00 |
|
Manuel Pégourié-Gonnard
|
c6ac8870d5
|
Nicer interface between PK and debug.
Finally get rid of pk_context.type member, too.
|
2013-08-20 20:46:04 +02:00 |
|
Manuel Pégourié-Gonnard
|
b3d9187cea
|
PK: add nice interface functions
Also fix a const-corectness issue.
|
2013-08-20 20:46:04 +02:00 |
|