boringssl

History

David Benjamin 69522117a6 Support Ed25519 in TLS. This only works at TLS 1.2 and above as, before TLS 1.2, there is no way to advertise support for Ed25519 or negotiate the correct signature algorithm. Add tests for this accordingly. For now, this is disabled by default on the verifying side but may be enabled per SSL_CTX. Notably, projects like Chromium which use an external verifier may need changes elsewhere before they can enable it. (On the signing side, we can assume that if the caller gave us an Ed25519 certificate, they mean for us to use it.) BUG=187 Change-Id: Id25b0a677dcbe205ddd26d8dbba11c04bb520756 Reviewed-on: https://boringssl-review.googlesource.com/14450 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: Adam Langley <agl@google.com>	2017-04-06 15:30:17 +00:00
..
openssl	Support Ed25519 in TLS.	2017-04-06 15:30:17 +00:00

David Benjamin 69522117a6 Support Ed25519 in TLS.

This only works at TLS 1.2 and above as, before TLS 1.2, there is no way
to advertise support for Ed25519 or negotiate the correct signature
algorithm. Add tests for this accordingly.

For now, this is disabled by default on the verifying side but may be
enabled per SSL_CTX. Notably, projects like Chromium which use an
external verifier may need changes elsewhere before they can enable it.
(On the signing side, we can assume that if the caller gave us an
Ed25519 certificate, they mean for us to use it.)

BUG=187

Change-Id: Id25b0a677dcbe205ddd26d8dbba11c04bb520756
Reviewed-on: https://boringssl-review.googlesource.com/14450
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>

2017-04-06 15:30:17 +00:00

openssl

Support Ed25519 in TLS.

2017-04-06 15:30:17 +00:00