kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
04fe9013c4
boringssl/ssl
History
David Benjamin 04fe9013c4 Require custom private keys to specify curve in 1.3. 
If someone is still using EVP_PKEY_EC (I really should get on converting
Chromium...), don't silently skip the curve match check in TLS 1.3,
otherwise it may work on accident. Refuse to sign anything so this gets
caught.

Change-Id: I4ea46efb0b8f31a656771b9d2e5f882bba64eb99
Reviewed-on: https://boringssl-review.googlesource.com/11244
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Reviewed-by: Steven Valdez <svaldez@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
2016-09-26 17:22:48 +00:00
..
test Implement draft-davidben-tls-grease-01. 2016-09-23 21:11:15 +00:00
CMakeLists.txt Add TLS 1.3 1-RTT. 2016-07-18 09:54:46 +00:00
custom_extensions.c Use C99 for size_t loops. 2016-09-12 19:44:24 +00:00
d1_both.c Take the version parameter out of ssl_do_msg_callback. 2016-09-21 18:55:27 +00:00
d1_lib.c Remove RC4 from TLS for real. 2016-09-16 03:06:36 +00:00
d1_pkt.c Take the version parameter out of ssl_do_msg_callback. 2016-09-21 18:55:27 +00:00
d1_srtp.c Make kSRTPProfiles static. 2016-05-13 14:12:22 +00:00
dtls_method.c Don't return invalid versions in version_from_wire. 2016-09-21 19:51:45 +00:00
dtls_record.c Take the version parameter out of ssl_do_msg_callback. 2016-09-21 18:55:27 +00:00
handshake_client.c Implement draft-davidben-tls-grease-01. 2016-09-23 21:11:15 +00:00
handshake_server.c Disable Channel ID signature checking in fuzzer mode. 2016-09-22 21:35:12 +00:00
internal.h Implement draft-davidben-tls-grease-01. 2016-09-23 21:11:15 +00:00
s3_both.c Only predict X25519 in TLS 1.3. 2016-09-21 21:18:34 +00:00
s3_enc.c Splitting SSL session state. 2016-07-29 21:22:46 +00:00
s3_lib.c Move peer_psk_identity_hint to SSL_HANDSHAKE. 2016-09-20 22:37:24 +00:00
s3_pkt.c Take the version parameter out of ssl_do_msg_callback. 2016-09-21 18:55:27 +00:00
ssl_aead_ctx.c Use C99 for size_t loops. 2016-09-12 19:44:24 +00:00
ssl_asn1.c Use C99 for size_t loops. 2016-09-12 19:44:24 +00:00
ssl_buffer.c Add SSL_is_dtls. 2016-08-02 20:43:58 +00:00
ssl_cert.c Use C99 for size_t loops. 2016-09-12 19:44:24 +00:00
ssl_cipher.c Remove RC4 from TLS for real. 2016-09-16 03:06:36 +00:00
ssl_ecdh.c Use C99 for size_t loops. 2016-09-12 19:44:24 +00:00
ssl_file.c Banish SSL_add_dir_cert_subjects_to_stack and OPENSSL_DIR_CTX to decrepit. 2016-04-27 18:40:25 +00:00
ssl_lib.c Implement draft-davidben-tls-grease-01. 2016-09-23 21:11:15 +00:00
ssl_rsa.c Require custom private keys to specify curve in 1.3. 2016-09-26 17:22:48 +00:00
ssl_session.c No-op ticket encryption in fuzzer mode. 2016-09-22 21:26:23 +00:00
ssl_stat.c Factor out the client_cert_cb code. 2016-07-20 09:25:52 +00:00
ssl_test.cc Support default versions with set_{min,max}_proto_version. 2016-09-21 21:41:49 +00:00
t1_enc.c Splitting SSL session state. 2016-07-29 21:22:46 +00:00
t1_lib.c Implement draft-davidben-tls-grease-01. 2016-09-23 21:11:15 +00:00
tls13_both.c Implement BORINGSSL_UNSAFE_FUZZER_MODE for TLS 1.3. 2016-08-19 19:11:34 +00:00
tls13_client.c Only predict X25519 in TLS 1.3. 2016-09-21 21:18:34 +00:00
tls13_enc.c const-correct a variable. 2016-09-06 18:19:37 +00:00
tls13_server.c Fix some bugs in TLS 1.3 server key_share code. 2016-09-21 20:40:10 +00:00
tls_method.c Don't return invalid versions in version_from_wire. 2016-09-21 19:51:45 +00:00
tls_record.c Take the version parameter out of ssl_do_msg_callback. 2016-09-21 18:55:27 +00:00