boringssl/ssl
David Benjamin 69522117a6 Support Ed25519 in TLS.
This only works at TLS 1.2 and above as, before TLS 1.2, there is no way
to advertise support for Ed25519 or negotiate the correct signature
algorithm. Add tests for this accordingly.

For now, this is disabled by default on the verifying side but may be
enabled per SSL_CTX. Notably, projects like Chromium which use an
external verifier may need changes elsewhere before they can enable it.
(On the signing side, we can assume that if the caller gave us an
Ed25519 certificate, they mean for us to use it.)

BUG=187

Change-Id: Id25b0a677dcbe205ddd26d8dbba11c04bb520756
Reviewed-on: https://boringssl-review.googlesource.com/14450
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
2017-04-06 15:30:17 +00:00
..
test Support Ed25519 in TLS. 2017-04-06 15:30:17 +00:00
bio_ssl.c Move the SSL BIO into ssl/ from decrepit/. 2017-02-03 21:08:10 +00:00
CMakeLists.txt Convert bio_test to GTest. 2017-03-21 17:39:57 +00:00
custom_extensions.c Support enabling early data on SSL 2017-04-03 20:25:29 +00:00
d1_both.c Trim x509.h includes. 2017-03-07 23:13:49 +00:00
d1_lib.c Don't use long for timestamps. 2017-03-01 21:58:38 +00:00
d1_pkt.c Remove support for blocking DTLS timeout handling. 2017-03-01 19:59:28 +00:00
d1_srtp.c Fix ssl_ctx_make_profiles error handling. 2016-09-27 13:27:06 +00:00
dtls_method.c Adding support for receiving early data on the server. 2017-03-26 19:30:27 +00:00
dtls_record.c Don't use the buffer BIO in DTLS. 2017-01-25 23:35:32 +00:00
handshake_client.c Stop pretending RSA and ECDSA sigalgs are configurable. 2017-04-05 22:54:02 +00:00
handshake_server.c Support Ed25519 in TLS. 2017-04-06 15:30:17 +00:00
internal.h Support Ed25519 in TLS. 2017-04-06 15:30:17 +00:00
s3_both.c Deprecate SSL_PRIVATE_KEY_METHOD type and max_signature_len. 2017-04-05 22:43:20 +00:00
s3_lib.c Move new_cipher and new_session to SSL_HANDSHAKE. 2017-02-17 20:48:31 +00:00
s3_pkt.c Add cipher asserts for read/write app data. 2017-03-28 21:02:56 +00:00
ssl_aead_ctx.c Adding version to AEAD. 2017-03-08 19:12:39 +00:00
ssl_asn1.c Don't use long for timestamps. 2017-03-01 21:58:38 +00:00
ssl_buffer.c Just allocate what's needed for SSL write buffers. 2017-03-27 16:37:53 +00:00
ssl_cert.c Support Ed25519 in TLS. 2017-04-06 15:30:17 +00:00
ssl_cipher.c Support Ed25519 in TLS. 2017-04-06 15:30:17 +00:00
ssl_ecdh.c Support and test P-224 certificates. 2017-03-29 17:50:36 +00:00
ssl_file.c Remove |X509| things from SSL_SESSION. 2017-02-10 19:12:04 +00:00
ssl_lib.c Add an option to allow unknown ALPN protocols. 2017-04-05 00:33:57 +00:00
ssl_privkey_cc.cc Rename ssl_rsa.c to ssl_privkey.c. 2017-02-09 18:45:11 +00:00
ssl_privkey.c Support Ed25519 in TLS. 2017-04-06 15:30:17 +00:00
ssl_session.c Support asynchronous ticket decryption with TLS 1.0–1.2. 2017-03-11 00:04:18 +00:00
ssl_stat.c Unexport the handshake's internal state. 2017-02-13 19:44:30 +00:00
ssl_test.cc Name |select_certificate_cb| return values 2017-03-22 01:27:00 +00:00
ssl_transcript.c Moving transcript and PRF functions to SSL_TRANSCRIPT. 2017-02-10 16:33:42 +00:00
ssl_x509.c Move ssl_verify_alarm_type into ssl_x509.c. 2017-03-07 23:14:16 +00:00
t1_enc.c Move tmp.extended_master_secret to SSL_HANDSHAKE. 2017-02-17 21:36:37 +00:00
t1_lib.c Support Ed25519 in TLS. 2017-04-06 15:30:17 +00:00
tls13_both.c Deprecate SSL_PRIVATE_KEY_METHOD type and max_signature_len. 2017-04-05 22:43:20 +00:00
tls13_client.c Deprecate SSL_PRIVATE_KEY_METHOD type and max_signature_len. 2017-04-05 22:43:20 +00:00
tls13_enc.c Send half-RTT tickets when negotiating 0-RTT. 2017-03-26 18:10:07 +00:00
tls13_server.c Support Ed25519 in TLS. 2017-04-06 15:30:17 +00:00
tls_method.c Adding support for receiving early data on the server. 2017-03-26 19:30:27 +00:00
tls_record.c Add Data-less Zero-RTT support. 2017-03-25 21:00:18 +00:00