boringssl/ssl
David Benjamin 48891ad07c Simplify BoGo's TLS 1.3 key derivation.
finishedHash should keep a running secret and incorporate entropy as is
available.

Change-Id: I2d245897e7520b2317bc0051fa4d821c32eeaa10
Reviewed-on: https://boringssl-review.googlesource.com/12586
Reviewed-by: Nick Harper <nharper@chromium.org>
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2016-12-05 18:45:09 +00:00
..
test Simplify BoGo's TLS 1.3 key derivation. 2016-12-05 18:45:09 +00:00
CMakeLists.txt
custom_extensions.c Don't put a colon in the extra error message. 2016-11-17 21:46:34 +00:00
d1_both.c Replace hash_current_message with get_current_message. 2016-11-15 06:52:10 +00:00
d1_lib.c Remove RC4 from TLS for real. 2016-09-16 03:06:36 +00:00
d1_pkt.c Expose SSL_max_seal_overhead. 2016-11-09 16:51:46 +00:00
d1_srtp.c Fix ssl_ctx_make_profiles error handling. 2016-09-27 13:27:06 +00:00
dtls_method.c Replace hash_current_message with get_current_message. 2016-11-15 06:52:10 +00:00
dtls_record.c Take the version parameter out of ssl_do_msg_callback. 2016-09-21 18:55:27 +00:00
handshake_client.c Add tests for failing cert_cb. 2016-11-15 07:15:54 +00:00
handshake_server.c Add |SSL_set_retain_only_sha256_of_client_certs|. 2016-11-17 02:49:19 +00:00
internal.h Skipping early data on 0RTT rejection. 2016-12-01 20:16:08 +00:00
s3_both.c Parse ClientHello extensions before deciding on resumption. 2016-11-16 23:58:02 +00:00
s3_enc.c Move key_block into SSL_HANDSHAKE. 2016-11-09 17:02:33 +00:00
s3_lib.c Negotiate ciphers before resumption. 2016-11-17 01:02:42 +00:00
s3_pkt.c Expose SSL_max_seal_overhead. 2016-11-09 16:51:46 +00:00
ssl_aead_ctx.c Validate input iv/mac sizes in SSL_AEAD_CTX_new. 2016-10-28 21:25:35 +00:00
ssl_asn1.c Update to TLS 1.3 draft 18. 2016-11-15 06:57:21 +00:00
ssl_buffer.c Add SSL_is_dtls. 2016-08-02 20:43:58 +00:00
ssl_cert.c Update to TLS 1.3 draft 18. 2016-11-15 06:57:21 +00:00
ssl_cipher.c Trim ssl_create_cipher_list slightly. 2016-11-03 22:19:53 +00:00
ssl_ecdh.c Implement SSL_CTX_set1_curves_list() 2016-09-30 00:45:19 +00:00
ssl_file.c Check for sk_X509_NAME_push failures. 2016-09-27 13:18:37 +00:00
ssl_lib.c Support setting per-connection default session lifetime value 2016-12-01 21:01:30 +00:00
ssl_rsa.c Rename X.509 members in |SSL_SESSION| and |CERT|. 2016-11-09 20:07:57 +00:00
ssl_session.c Support setting per-connection default session lifetime value 2016-12-01 21:01:30 +00:00
ssl_stat.c Add the certificate_required alert. 2016-10-10 15:48:06 +00:00
ssl_test.cc Support setting per-connection default session lifetime value 2016-12-01 21:01:30 +00:00
t1_enc.c Make tls1_setup_key_block static. 2016-11-18 03:58:26 +00:00
t1_lib.c Parse the entire PSK extension. 2016-12-01 21:53:13 +00:00
tls13_both.c Flush TLS 1.3 certificate extensions. 2016-11-18 22:01:38 +00:00
tls13_client.c Clean up resumption secret "derivation" step. 2016-12-01 19:26:14 +00:00
tls13_enc.c Add missing bounds check in tls13_derive_resumption_secret. 2016-11-28 20:36:32 +00:00
tls13_server.c Clean up resumption secret "derivation" step. 2016-12-01 19:26:14 +00:00
tls_method.c Replace hash_current_message with get_current_message. 2016-11-15 06:52:10 +00:00
tls_record.c Skipping early data on 0RTT rejection. 2016-12-01 20:16:08 +00:00