aboutsummaryrefslogtreecommitdiff
path: root/ssl/t1_lib.c
AgeCommit message (Expand)AuthorFilesLines
2017-08-30e_os.h removal from other headers and source files.Pauli1-1/+2
2017-07-13Use cert tables in ssl_set_sig_maskDr. Stephen Henson1-33/+12
2017-07-13Use certificate tables instead of ssl_cert_typeDr. Stephen Henson1-4/+10
2017-07-13Use certificate tables instead of ssl_cipher_get_cert_index.Dr. Stephen Henson1-64/+51
2017-07-13Replace tls12_get_pkey_idxDr. Stephen Henson1-40/+3
2017-06-29Update SSL_export_keying_material() for TLSv1.3Matt Caswell1-1/+1
2017-06-24Disallow DSA/SHA1/etc. for pure TLS 1.3 ClientHellosBenjamin Kaduk1-0/+6
2017-06-21Use EVP_PKEY_X25519, EVP_PKEY_ED25519 instead of NIDs where appropriate.Dr. Stephen Henson1-5/+5
2017-06-21Allow Ed25519 in TLS 1.2Dr. Stephen Henson1-5/+15
2017-06-21Handle signature algorithms with no associated digestDr. Stephen Henson1-20/+41
2017-06-21Add Ed25519 signature algorithmDr. Stephen Henson1-0/+2
2017-06-21Add Ed25519 to signature algorithm tableDr. Stephen Henson1-0/+3
2017-06-21Add index for ED25519Dr. Stephen Henson1-1/+4
2017-06-21Use X509_get_signature_info to get signature strength.Dr. Stephen Henson1-9/+8
2017-06-15Fix no-ecBenjamin Kaduk1-2/+0
2017-06-08Add back support for SHA224 based sig algsMatt Caswell1-7/+24
2017-05-22Convert existing usage of assert() to ossl_assert() in libsslMatt Caswell1-5/+11
2017-05-19Try to be more consistent about the alerts we sendMatt Caswell1-3/+3
2017-04-26Add a ciphersuite config sanity check for serversMatt Caswell1-1/+1
2017-04-24Don't fail the connection in SSLv3 if server selects ECDHEMatt Caswell1-4/+16
2017-04-03New certificate_authorities functionsDr. Stephen Henson1-1/+1
2017-03-29More typo fixesFdaSilvaYY1-6/+6
2017-03-10Avoid questionable use of the value of a pointerBernd Edlinger1-1/+2
2017-03-10Fixup previous merge.Bernd Edlinger1-1/+1
2017-03-03Set specific error is we have no valid signature algorithms setDr. Stephen Henson1-0/+2
2017-03-03Signature algorithm enhancement.Dr. Stephen Henson1-25/+31
2017-03-03Disallow zero length signature algorithmsDr. Stephen Henson1-1/+1
2017-03-03Don't allow DSA for TLS 1.3Dr. Stephen Henson1-0/+3
2017-02-25For TLS 1.3 reject SHA1 TLS signaturesDr. Stephen Henson1-5/+7
2017-02-24Reject compressed point format with TLS 1.3Dr. Stephen Henson1-3/+10
2017-02-24Add SuiteB support to tls_choose_sigalg()Dr. Stephen Henson1-0/+17
2017-02-24Tidy up certificate type handling.Dr. Stephen Henson1-12/+7
2017-02-22Add some more consistency checks in tls_decrypt_ticket.Bernd Edlinger1-0/+5
2017-02-21Set default validity flags.Dr. Stephen Henson1-10/+30
2017-02-21remove md array: it is not used any more.Dr. Stephen Henson1-99/+25
2017-02-17Explicitly disallow DSA for TLS 1.3Dr. Stephen Henson1-5/+12
2017-02-16Use tls_choose_sigalg for client auth.Dr. Stephen Henson1-52/+0
2017-02-16Add client side support to tls_choose_sigalg.Dr. Stephen Henson1-24/+54
2017-02-16Fix warningDr. Stephen Henson1-1/+6
2017-02-15Set current certificate to selected certificate.Dr. Stephen Henson1-0/+1
2017-02-15Skip curve check if sigalg doesn't specify a curve.Dr. Stephen Henson1-2/+2
2017-02-15Use CERT_PKEY pointer instead of indexDr. Stephen Henson1-6/+4
2017-02-15Use cert_index and sigalgDr. Stephen Henson1-1/+4
2017-02-15Add sigalg for earlier TLS versionsDr. Stephen Henson1-20/+144
2017-02-15Change tls_choose_sigalg so it can set errors and alerts.Dr. Stephen Henson1-1/+3
2017-02-14Use TLSEXT_KEYNAME_LENGTH in tls_decrypt_ticket.Bernd Edlinger1-2/+2
2017-02-10Replace SSL_PKEY_RSA_ENC, SSL_PKEY_RSA_SIGNDr. Stephen Henson1-27/+13
2017-02-10Check index >= 0 as 0 is a valid index.Dr. Stephen Henson1-1/+1
2017-02-09SSL_get_shared_sigalgs: handle negative idx parameterPeter Wu1-0/+1
2017-02-03Fix "no-ec"Richard Levitte1-0/+6
generated by cgit v1.1 at 2024-09-13 12:06:05 +0000