Denys Vlasenko
|
c8c1fcdba1
tls: move definitions around, no code changes
|
2 jaren geleden |
Denys Vlasenko
|
9bab580cd4
tls: include signature_algorithms extension in client hello message
|
2 jaren geleden |
Denys Vlasenko
|
446d136109
tls: tweak debug printout
|
3 jaren geleden |
Denys Vlasenko
|
3b411ebbfc
tls: replace "26-bit" P256 code with 32-bit one.
|
3 jaren geleden |
Denys Vlasenko
|
55578f2fb7
tls: fix the case of sp_256_mont_tpl_10() leaving striay high bits
|
3 jaren geleden |
Denys Vlasenko
|
934bb01d51
tls: "server cert is not RSA" is a fatal error
|
3 jaren geleden |
Denys Vlasenko
|
1f5a44d20c
tls: add scaffolding to selectively disable ciphers. no code changes
|
3 jaren geleden |
Denys Vlasenko
|
6b69ab68b4
tls: make x25519 key generation code more similar to P256
|
3 jaren geleden |
Denys Vlasenko
|
f18a1fd6f3
tls: implement secp256r1 elliptic curve (aka P256)
|
3 jaren geleden |
Denys Vlasenko
|
6ca36077cc
tls: "server did not provide EC key" is fatal
|
3 jaren geleden |
Denys Vlasenko
|
972e29881a
tls: make constant basepoint9[32] array 8-byte aligned
|
3 jaren geleden |
Denys Vlasenko
|
965b795b87
decrease paddign: gcc-9.3.1 slaps 32-byte alignment on arrays willy-nilly
|
4 jaren geleden |
Denys Vlasenko
|
9a2d899273
ntpd: fix refid reported in server mode, closes 13056
|
4 jaren geleden |
James Byrne
|
6937487be7
libbb: reduce the overhead of single parameter bb_error_msg() calls
|
5 jaren geleden |
Denys Vlasenko
|
84fc645605
*: slap on a few ALIGN1/2s where appropriate
|
5 jaren geleden |
Denys Vlasenko
|
959b04bc0e
tls: add comment about dl.fedoraproject.org needing secp256r1 ECC curve
|
5 jaren geleden |
Denys Vlasenko
|
3a4d5a73a8
tls: prepare for ECDH_anon ciphers
|
6 jaren geleden |
Denys Vlasenko
|
c67ff8a1b0
tls: fix a potential (currently "disabled" by a macro) SHA1-related bug
|
6 jaren geleden |
Denys Vlasenko
|
63bfe0e4c0
tls: if !ENABLE_FEATURE_TLS_SHA1, tls->MAC_size is always SHA256_OUTSIZE for AES-CBC
|
6 jaren geleden |
Denys Vlasenko
|
71fa5b0a4c
tls: introduce FEATURE_TLS_SHA1 to make SHA1 code optional
|
6 jaren geleden |
Denys Vlasenko
|
dffc8ff6a6
tls: add ECDHE_PSK and remove ARIA cipher ids
|
6 jaren geleden |
Denys Vlasenko
|
8a46c74f8d
tls: add _anon_ cipher definitions
|
6 jaren geleden |
Denys Vlasenko
|
2eb04290f9
tls: enable TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 cipher
|
6 jaren geleden |
Denys Vlasenko
|
60f784027e
tls: cipher 009D is not yet supported, don't test for it
|
6 jaren geleden |
Denys Vlasenko
|
d9f6c3b091
tls: speed up prf_hmac_sha256()
|
6 jaren geleden |
Denys Vlasenko
|
d4681c7293
tls: simplify hmac_begin()
|
6 jaren geleden |
Denys Vlasenko
|
ca7cdd4b03
tls: add support for 8 more cipher ids - all tested to work
|
6 jaren geleden |
Denys Vlasenko
|
838b88c044
tls: fix comments
|
6 jaren geleden |
Denys Vlasenko
|
330d7f53f7
tls: add a comment on expanding list of supported ciphers
|
6 jaren geleden |
Denys Vlasenko
|
a6192f347f
tls: do not leak RSA key
|
6 jaren geleden |