Dr. Stephen Henson
|
8f12296e23
Disallow zero length signature algorithms
|
il y a 7 ans |
Dr. Stephen Henson
|
224b4e37c0
Don't allow DSA for TLS 1.3
|
il y a 7 ans |
Dr. Stephen Henson
|
095a982bb4
For TLS 1.3 reject SHA1 TLS signatures
|
il y a 7 ans |
Dr. Stephen Henson
|
e892e32558
Reject compressed point format with TLS 1.3
|
il y a 7 ans |
Dr. Stephen Henson
|
599b586d87
Add SuiteB support to tls_choose_sigalg()
|
il y a 7 ans |
Dr. Stephen Henson
|
75c13e7830
Tidy up certificate type handling.
|
il y a 7 ans |
Bernd Edlinger
|
79020b27be
Add some more consistency checks in tls_decrypt_ticket.
|
il y a 7 ans |
Dr. Stephen Henson
|
a8bb912d84
Set default validity flags.
|
il y a 7 ans |
Dr. Stephen Henson
|
9195ddcd0f
remove md array: it is not used any more.
|
il y a 7 ans |
Dr. Stephen Henson
|
5a8916d985
Explicitly disallow DSA for TLS 1.3
|
il y a 7 ans |
Dr. Stephen Henson
|
ad4dd362e0
Use tls_choose_sigalg for client auth.
|
il y a 7 ans |
Dr. Stephen Henson
|
717a265aa5
Add client side support to tls_choose_sigalg.
|
il y a 7 ans |
Dr. Stephen Henson
|
7b3a4d6107
Fix warning
|
il y a 7 ans |
Dr. Stephen Henson
|
59088e43b1
Set current certificate to selected certificate.
|
il y a 7 ans |
Dr. Stephen Henson
|
a34a9df071
Skip curve check if sigalg doesn't specify a curve.
|
il y a 7 ans |
Dr. Stephen Henson
|
a497cf2516
Use CERT_PKEY pointer instead of index
|
il y a 7 ans |
Dr. Stephen Henson
|
f365a3e2e5
Use cert_index and sigalg
|
il y a 7 ans |
Dr. Stephen Henson
|
0972bc5ced
Add sigalg for earlier TLS versions
|
il y a 7 ans |
Dr. Stephen Henson
|
4a419f6018
Change tls_choose_sigalg so it can set errors and alerts.
|
il y a 7 ans |
Bernd Edlinger
|
57b0d651f0
Use TLSEXT_KEYNAME_LENGTH in tls_decrypt_ticket.
|
il y a 7 ans |
Dr. Stephen Henson
|
d0ff28f8a2
Replace SSL_PKEY_RSA_ENC, SSL_PKEY_RSA_SIGN
|
il y a 7 ans |
Dr. Stephen Henson
|
8fd19b20be
Check index >= 0 as 0 is a valid index.
|
il y a 7 ans |
Peter Wu
|
6d047e06e6
SSL_get_shared_sigalgs: handle negative idx parameter
|
il y a 7 ans |
Richard Levitte
|
21f198ec48
Fix "no-ec"
|
il y a 7 ans |
Dr. Stephen Henson
|
93a77f9e2c
Add function tls_choose_sigalg().
|
il y a 7 ans |
Todd Short
|
222da97918
Majority rules, use session_ctx vs initial_ctx
|
il y a 7 ans |
Dr. Stephen Henson
|
f1adb0068f
Tidy up Suite B logic
|
il y a 7 ans |
Dr. Stephen Henson
|
6cbebb5516
Remove peer_md and use peer_sigalg instead.
|
il y a 7 ans |
Dr. Stephen Henson
|
44b6318f48
Simplify sigalgs code.
|
il y a 7 ans |
Dr. Stephen Henson
|
17ae384e49
Add digest and key indices to table.
|
il y a 7 ans |