boringssl/ssl
David Benjamin 19670949ca Align EVP_PKEY Ed25519 API with upstream.
Rather than adding a new mode to EVP_PKEY_CTX, upstream chose to tie
single-shot signing to EVP_MD_CTX, adding functions which combine
EVP_Digest*Update and EVP_Digest*Final. This adds a weird vestigial
EVP_MD_CTX and makes the signing digest parameter non-uniform, slightly
complicating things. But it means APIs like X509_sign_ctx can work
without modification.

Align with upstream's APIs. This required a bit of fiddling around
evp_test.cc. For consistency and to avoid baking details of parameter
input order, I made it eagerly read all inputs before calling
SetupContext. Otherwise which attributes are present depend a lot on the
shape of the API we use---notably the NO_DEFAULT_DIGEST tests for RSA
switch to failing before consuming an input, which is odd.

(This only matters because we have some tests which expect the operation
to abort the operation early with parameter errors and match against
Error. Those probably should not use FileTest to begin with, but I'll
tease that apart a later time.)

Upstream also named NID_Ed25519 as NID_ED25519, even though the
algorithm is normally stylized as "Ed25519". Switch it to match.

Change-Id: Id6c8f5715930038e754de50338924d044e908045
Reviewed-on: https://boringssl-review.googlesource.com/17044
Commit-Queue: Steven Valdez <svaldez@google.com>
Reviewed-by: Steven Valdez <svaldez@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-06-12 12:04:11 +00:00
..
test Align EVP_PKEY Ed25519 API with upstream. 2017-06-12 12:04:11 +00:00
bio_ssl.c
CMakeLists.txt
custom_extensions.c
d1_both.c Trim x509.h includes. 2017-03-07 23:13:49 +00:00
d1_lib.c
d1_pkt.c
d1_srtp.c
dtls_method.c
dtls_record.c
handshake_client.c Factor out the default signature algorithm logic. 2017-04-24 20:28:33 +00:00
handshake_server.c Factor out the default signature algorithm logic. 2017-04-24 20:28:33 +00:00
internal.h Enforce incrementing counter for TLS 1.2 AES-GCM. 2017-05-26 20:06:36 +00:00
s3_both.c Deprecate SSL_PRIVATE_KEY_METHOD type and max_signature_len. 2017-04-05 22:43:20 +00:00
s3_lib.c Really remove DHE ciphersuites from TLS. 2017-04-11 23:41:31 +00:00
s3_pkt.c Enforce max_early_data_size on the server. 2017-04-19 17:21:01 +00:00
ssl_aead_ctx.c Enforce incrementing counter for TLS 1.2 AES-GCM. 2017-05-26 20:06:36 +00:00
ssl_asn1.c Remove the last remnants of key_exchange_info. 2017-04-13 21:23:40 +00:00
ssl_buffer.c
ssl_cert.c Really remove DHE ciphersuites from TLS. 2017-04-11 23:41:31 +00:00
ssl_cipher.c Enforce incrementing counter for TLS 1.2 AES-GCM. 2017-05-26 20:06:36 +00:00
ssl_ecdh.c Really remove DHE ciphersuites from TLS. 2017-04-11 23:41:31 +00:00
ssl_file.c Remove |X509| things from SSL_SESSION. 2017-02-10 19:12:04 +00:00
ssl_lib.c Remove ex_data's dup hook. 2017-05-23 22:43:59 +00:00
ssl_privkey_cc.cc
ssl_privkey.c Align EVP_PKEY Ed25519 API with upstream. 2017-06-12 12:04:11 +00:00
ssl_session.c Remove ex_data's dup hook. 2017-05-23 22:43:59 +00:00
ssl_stat.c
ssl_test.cc Convert default version tests in ssl_test. 2017-04-24 20:51:05 +00:00
ssl_transcript.c
ssl_x509.c
t1_enc.c Enforce incrementing counter for TLS 1.2 AES-GCM. 2017-05-26 20:06:36 +00:00
t1_lib.c Factor out the default signature algorithm logic. 2017-04-24 20:28:33 +00:00
tls13_both.c Acknowledge KeyUpdate messages. 2017-04-10 17:49:58 +00:00
tls13_client.c Deprecate SSL_PRIVATE_KEY_METHOD type and max_signature_len. 2017-04-05 22:43:20 +00:00
tls13_enc.c Enforce incrementing counter for TLS 1.2 AES-GCM. 2017-05-26 20:06:36 +00:00
tls13_server.c Enforce max_early_data_size on the server. 2017-04-19 17:21:01 +00:00
tls_method.c
tls_record.c Enforce max_early_data_size on the server. 2017-04-19 17:21:01 +00:00