kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
d7266ecc9b
boringssl/ssl/test/runner
History
Jesse Selover d7266ecc9b Enforce key usage for RSA keys in TLS 1.2. 
For now, this is off by default and controlled by SSL_set_enforce_rsa_key_usage.
This may be set as late as certificate verification so we may start by enforcing
it for known roots.

Generalizes ssl_cert_check_digital_signature_key_usage to check any part of the
key_usage, and adds a new error KEY_USAGE_BIT_INCORRECT for the generalized
method.

Bug: chromium:795089
Change-Id: Ifa504c321bec3263a4e74f2dc48513e3b895d3ee
Reviewed-on: https://boringssl-review.googlesource.com/c/34604
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
2019-01-30 21:28:34 +00:00
..
curve25519 Sync vendored copies of Go poly1305 and curve25519. 2017-03-30 20:04:23 +00:00
ed25519 Sync bundled bits of golang.org/x/crypto. 2018-09-17 23:14:35 +00:00
hrss Remove HRSS confirmation hash. 2018-12-13 18:42:02 +00:00
poly1305 Sync bundled bits of golang.org/x/crypto. 2018-09-17 23:14:35 +00:00
alert.go Implement legacy OCSP APIs for libssl. 2018-05-11 22:21:26 +00:00
cert.pem
chacha20_poly1305_test.go Work around a JDK 11 TLS 1.3 bug. 2018-11-21 18:22:57 +00:00
chacha20_poly1305.go Set up Go modules. 2018-09-17 21:04:17 +00:00
channel_id_key.pem
cipher_suites.go Implement server support for delegated credentials. 2019-01-24 20:06:58 +00:00
common.go Implement server support for delegated credentials. 2019-01-24 20:06:58 +00:00
conn.go Delete the variants/draft code. 2019-01-08 17:38:41 +00:00
deterministic.go
dtls.go Test DTLS record/packet packing more aggressively. 2017-10-13 17:32:55 +00:00
ecdsa_p224_cert.pem Support P-224 certificates as a server. 2017-02-27 21:27:39 +00:00
ecdsa_p224_key.pem Support P-224 certificates as a server. 2017-02-27 21:27:39 +00:00
ecdsa_p256_cert.pem
ecdsa_p256_key.pem
ecdsa_p384_cert.pem
ecdsa_p384_key.pem
ecdsa_p521_cert.pem
ecdsa_p521_key.pem
ed25519_cert.pem Support Ed25519 in TLS. 2017-04-06 15:30:17 +00:00
ed25519_key.pem Support Ed25519 in TLS. 2017-04-06 15:30:17 +00:00
fuzzer_mode.json In 0RTT mode, reverify the server certificate before sending early data. 2018-11-16 19:52:18 +00:00
handshake_client.go Implement server support for delegated credentials. 2019-01-24 20:06:58 +00:00
handshake_messages.go Implement server support for delegated credentials. 2019-01-24 20:06:58 +00:00
handshake_server.go Avoid SCT/OCSP extensions in SH on {Omit|Empty}Extensions 2019-01-29 00:51:31 +00:00
hkdf_test.go
hkdf.go
key_agreement.go Implement server support for delegated credentials. 2019-01-24 20:06:58 +00:00
key.pem
packet_adapter.go
prf.go Update TLS 1.3 citations for the final RFC. 2018-08-16 18:37:50 +00:00
recordingconn.go Add DTLS fuzzers. 2017-09-07 22:26:50 +00:00
rsa_1024_cert.pem
rsa_1024_key.pem
rsa_chain_cert.pem
rsa_chain_key.pem
runner_test.go
runner.go Enforce key usage for RSA keys in TLS 1.2. 2019-01-30 21:28:34 +00:00
shim_ticket.go
sign.go Set up Go modules. 2018-09-17 21:04:17 +00:00
ticket.go Add Data-less Zero-RTT support. 2017-03-25 21:00:18 +00:00
tls.go Sync bundled bits of golang.org/x/crypto. 2018-09-17 23:14:35 +00:00