boringssl

History

David Benjamin 1bf2337fe1 Reject compressed ECDH coordinates in TLS. We don't advertise compressed coordinates (and point format negotiation was deprecated in TLS 1.3), so reject them. Both Internet Explorer and Firefox appear to reject them already. Later I hope to add an easier to use ECDH API that acts on bytes, not EC_POINT. This clears the way for that API to only accept uncompressed coordinates. Compressed coordinates never got deployed over NIST curves, for better or worse. At this point, there is no sense in changing that as new protocols should use curve25519. Change-Id: Id2f1be791ddcf155d596f4eb0b79351766c5cdab Reviewed-on: https://boringssl-review.googlesource.com/26024 Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Reviewed-by: Adam Langley <agl@google.com>		2018-02-15 01:42:54 +00:00
..
test	Reject compressed ECDH coordinates in TLS.	2018-02-15 01:42:54 +00:00
bio_ssl.cc
CMakeLists.txt	Add initial, experimental support for split handshakes.	2018-01-31 22:24:17 +00:00
custom_extensions.cc	Rename ssl3_send_alert and ssl3_protocol_version.	2017-10-12 16:24:35 +00:00
d1_both.cc	Give DTLS1_STATE a destructor.	2017-10-25 03:23:26 +00:00
d1_lib.cc	Give DTLS1_STATE a destructor.	2017-10-25 03:23:26 +00:00
d1_pkt.cc	Make SSL3_BUFFER a proper C++ class.	2017-10-24 17:32:45 +00:00
d1_srtp.cc
dtls_method.cc	Remove supports_cipher hook.	2017-11-01 16:44:46 +00:00
dtls_record.cc	Give DTLS1_STATE a destructor.	2017-10-25 03:23:26 +00:00
handoff.cc	Add initial, experimental support for split handshakes.	2018-01-31 22:24:17 +00:00
handshake_client.cc	Remove draft22 and experiment2.	2018-01-31 18:07:53 +00:00
handshake_server.cc	Add initial, experimental support for split handshakes.	2018-01-31 22:24:17 +00:00
handshake.cc	Add initial, experimental support for split handshakes.	2018-01-31 22:24:17 +00:00
internal.h	Add tests for split handshakes.	2018-01-31 22:33:42 +00:00
s3_both.cc	Revert "Pack encrypted handshake messages together."	2017-10-27 14:36:37 +00:00
s3_lib.cc	Add a draft TLS 1.3 anti-downgrade signal.	2017-12-21 01:50:33 +00:00
s3_pkt.cc	Remove draft22 and experiment2.	2018-01-31 18:07:53 +00:00
span_test.cc
ssl_aead_ctx.cc	Remove deprecated TLS 1.3 variants.	2017-12-18 21:20:32 +00:00
ssl_asn1.cc	Expose ssl_session_serialize to libssl.	2018-01-26 22:31:47 +00:00
ssl_buffer.cc	Move init_buf and rwstate into SSL3_STATE.	2017-10-24 18:55:05 +00:00
ssl_cert.cc	Adding support for draft 21 as a TLS 1.3 variant.	2017-11-01 21:32:36 +00:00
ssl_cipher.cc	Move the SSL_eNULL special-case into the matching function.	2017-11-01 16:45:06 +00:00
ssl_file.cc
ssl_key_share.cc	Reject compressed ECDH coordinates in TLS.	2018-02-15 01:42:54 +00:00
ssl_lib.cc	Add initial, experimental support for split handshakes.	2018-01-31 22:24:17 +00:00
ssl_privkey.cc	Push an error if custom private keys fail.	2018-02-01 21:43:42 +00:00
ssl_session.cc	Use more scopers.	2017-10-24 17:50:05 +00:00
ssl_stat.cc	Use more scopers.	2017-10-24 17:50:05 +00:00
ssl_test.cc	Add tests for split handshakes.	2018-01-31 22:33:42 +00:00
ssl_transcript.cc	Adding support for draft 21 as a TLS 1.3 variant.	2017-11-01 21:32:36 +00:00
ssl_versions.cc	Remove draft22 and experiment2.	2018-01-31 18:07:53 +00:00
ssl_x509.cc	Map NOT_YET_VALID errors to \|certificate_expired\|.	2018-01-05 23:40:40 +00:00
t1_enc.cc	Add initial, experimental support for split handshakes.	2018-01-31 22:24:17 +00:00
t1_lib.cc	Remove draft22 and experiment2.	2018-01-31 18:07:53 +00:00
tls13_both.cc	Add a draft TLS 1.3 anti-downgrade signal.	2017-12-21 01:50:33 +00:00
tls13_client.cc	Remove draft22 and experiment2.	2018-01-31 18:07:53 +00:00
tls13_enc.cc	Remove draft22 and experiment2.	2018-01-31 18:07:53 +00:00
tls13_server.cc	Remove draft22 and experiment2.	2018-01-31 18:07:53 +00:00
tls_method.cc	Remove supports_cipher hook.	2017-11-01 16:44:46 +00:00
tls_record.cc	Remove draft22 and experiment2.	2018-01-31 18:07:53 +00:00