boringssl

History

David Benjamin c0f763b080 Simplify server-side ECDH curve selection. There's multiple sets of APIs for selecting the curve. Fold away SSL_OP_SINGLE_ECDH_USE as failing to set it is either a no-op or a bug. With that gone, the consumer only needs to control the selection of a curve, with key generation from then on being uniform. Also clean up the interaction between the three API modes in s3_srvr.c; they were already mutually exclusive due to tls1_check_ec_tmp_key. This also removes all callers of EC_KEY_dup (and thus CRYPTO_dup_ex_data) within the library. Change-Id: I477b13bd9e77eb03d944ef631dd521639968dc8c Reviewed-on: https://boringssl-review.googlesource.com/4200 Reviewed-by: Adam Langley <agl@google.com>	2015-04-02 18:37:06 +00:00
..
openssl	Simplify server-side ECDH curve selection.	2015-04-02 18:37:06 +00:00

David Benjamin c0f763b080 Simplify server-side ECDH curve selection.

There's multiple sets of APIs for selecting the curve. Fold away
SSL_OP_SINGLE_ECDH_USE as failing to set it is either a no-op or a bug. With
that gone, the consumer only needs to control the selection of a curve, with
key generation from then on being uniform. Also clean up the interaction
between the three API modes in s3_srvr.c; they were already mutually exclusive
due to tls1_check_ec_tmp_key.

This also removes all callers of EC_KEY_dup (and thus CRYPTO_dup_ex_data)
within the library.

Change-Id: I477b13bd9e77eb03d944ef631dd521639968dc8c
Reviewed-on: https://boringssl-review.googlesource.com/4200
Reviewed-by: Adam Langley <agl@google.com>

2015-04-02 18:37:06 +00:00

openssl

Simplify server-side ECDH curve selection.

2015-04-02 18:37:06 +00:00