summaryrefslogtreecommitdiffstats
path: root/ssl/t1_lib.c
AgeCommit message (Expand)Author
2017-07-13Replace tls12_get_pkey_idxDr. Stephen Henson
2017-06-29Update SSL_export_keying_material() for TLSv1.3Matt Caswell
2017-06-24Disallow DSA/SHA1/etc. for pure TLS 1.3 ClientHellosBenjamin Kaduk
2017-06-21Use EVP_PKEY_X25519, EVP_PKEY_ED25519 instead of NIDs where appropriate.Dr. Stephen Henson
2017-06-21Allow Ed25519 in TLS 1.2Dr. Stephen Henson
2017-06-21Handle signature algorithms with no associated digestDr. Stephen Henson
2017-06-21Add Ed25519 signature algorithmDr. Stephen Henson
2017-06-21Add Ed25519 to signature algorithm tableDr. Stephen Henson
2017-06-21Add index for ED25519Dr. Stephen Henson
2017-06-21Use X509_get_signature_info to get signature strength.Dr. Stephen Henson
2017-06-15Fix no-ecBenjamin Kaduk
2017-06-08Add back support for SHA224 based sig algsMatt Caswell
2017-05-22Convert existing usage of assert() to ossl_assert() in libsslMatt Caswell
2017-05-19Try to be more consistent about the alerts we sendMatt Caswell
2017-04-26Add a ciphersuite config sanity check for serversMatt Caswell
2017-04-24Don't fail the connection in SSLv3 if server selects ECDHEMatt Caswell
2017-04-03New certificate_authorities functionsDr. Stephen Henson
2017-03-29More typo fixesFdaSilvaYY
2017-03-10Avoid questionable use of the value of a pointerBernd Edlinger
2017-03-10Fixup previous merge.Bernd Edlinger
2017-03-03Set specific error is we have no valid signature algorithms setDr. Stephen Henson
2017-03-03Signature algorithm enhancement.Dr. Stephen Henson
2017-03-03Disallow zero length signature algorithmsDr. Stephen Henson
2017-03-03Don't allow DSA for TLS 1.3Dr. Stephen Henson
2017-02-25For TLS 1.3 reject SHA1 TLS signaturesDr. Stephen Henson
2017-02-24Reject compressed point format with TLS 1.3Dr. Stephen Henson
2017-02-24Add SuiteB support to tls_choose_sigalg()Dr. Stephen Henson
2017-02-24Tidy up certificate type handling.Dr. Stephen Henson
2017-02-22Add some more consistency checks in tls_decrypt_ticket.Bernd Edlinger
2017-02-21Set default validity flags.Dr. Stephen Henson
2017-02-21remove md array: it is not used any more.Dr. Stephen Henson
2017-02-17Explicitly disallow DSA for TLS 1.3Dr. Stephen Henson
2017-02-16Use tls_choose_sigalg for client auth.Dr. Stephen Henson
2017-02-16Add client side support to tls_choose_sigalg.Dr. Stephen Henson
2017-02-16Fix warningDr. Stephen Henson
2017-02-15Set current certificate to selected certificate.Dr. Stephen Henson
2017-02-15Skip curve check if sigalg doesn't specify a curve.Dr. Stephen Henson
2017-02-15Use CERT_PKEY pointer instead of indexDr. Stephen Henson
2017-02-15Use cert_index and sigalgDr. Stephen Henson
2017-02-15Add sigalg for earlier TLS versionsDr. Stephen Henson
2017-02-15Change tls_choose_sigalg so it can set errors and alerts.Dr. Stephen Henson
2017-02-14Use TLSEXT_KEYNAME_LENGTH in tls_decrypt_ticket.Bernd Edlinger
2017-02-10Replace SSL_PKEY_RSA_ENC, SSL_PKEY_RSA_SIGNDr. Stephen Henson
2017-02-10Check index >= 0 as 0 is a valid index.Dr. Stephen Henson
2017-02-09SSL_get_shared_sigalgs: handle negative idx parameterPeter Wu
2017-02-03Fix "no-ec"Richard Levitte
2017-02-02Add function tls_choose_sigalg().Dr. Stephen Henson
2017-01-31Majority rules, use session_ctx vs initial_ctxTodd Short
2017-01-31Tidy up Suite B logicDr. Stephen Henson
2017-01-31Remove peer_md and use peer_sigalg instead.Dr. Stephen Henson
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-19 04:38:50 +0000