Matt Caswell
d24c6a34ce
Always use TLSv1.0 for record layer version in TLSv1.3
...
TLSv1.3 freezes the record layer version and ensures that it is always set
to TLSv1.0. Some implementations check this.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2157 )
2017-01-10 23:02:50 +00:00
Matt Caswell
710eb47fdd
Add a TLS1.3 TODO for setting of sig algs
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2157 )
2017-01-10 23:02:50 +00:00
Matt Caswell
6f68a52ebf
Add some sig algs tests
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2157 )
2017-01-10 23:02:50 +00:00
Matt Caswell
523fb3233a
Ignore PKCS1 based sig algs in TLSv1.3
...
In TLSv1.3 we must use PSS based sig algs for RSA signing. Ignore any
shared sig algs which are PKCS1 based.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2157 )
2017-01-10 23:02:50 +00:00
Matt Caswell
0490431272
Verify that the sig algs extension has been sent for TLSv1.3
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2157 )
2017-01-10 23:02:50 +00:00
Matt Caswell
ace081c1ed
Fix client application traffic secret
...
A misreading of the TLS1.3 spec meant we were using the handshake hashes
up to and including the Client Finished to calculate the client
application traffic secret. We should be only use up until the Server
Finished.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2157 )
2017-01-10 23:02:50 +00:00
Matt Caswell
4954fd13b3
Temporarily ignore NewSessionTickets for TLS1.3
...
We can't handle these messages yet, so ignore them for now.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2157 )
2017-01-10 23:02:50 +00:00
Matt Caswell
6612d87b89
Use the correct size for TLSv1.3 finished keys
...
We need to use the length of the handshake hash for the length of the
finished key.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2157 )
2017-01-10 23:02:50 +00:00
Matt Caswell
ac77aa9a1c
Ensure the record sequence number gets incremented
...
We were not incrementing the sequence number every time we sent/received
a record.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2157 )
2017-01-10 23:02:50 +00:00
Matt Caswell
63c1df0983
Remove some unneeded functions
...
The sigalgs work has made some old lookup tables and functions redundant
so remove them.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2157 )
2017-01-10 23:02:50 +00:00
Matt Caswell
536199ece0
Use NIDs instead of the old TLSv1.2 sigalgs hash and sig ids
...
We had an extra layer of indirection in looking up hashes and sigs based
on sigalgs which is now no longer necessary. This removes it.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2157 )
2017-01-10 23:02:50 +00:00
Matt Caswell
2ec6cb3385
Remove a redundant function
...
The extensions refactor made this function redundant so we can remove it.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2157 )
2017-01-10 23:02:50 +00:00
Matt Caswell
703bcee021
Convert Sigalgs processing to use ints
...
In TLSv1.2 an individual sig alg is represented by 1 byte for the hash
and 1 byte for the signature. In TLSv1.3 each sig alg is represented by
two bytes, where the two bytes together represent a single hash and
signature combination. This converts the internal representation of sigalgs
to use a single int for the pair, rather than a pair of bytes.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2157 )
2017-01-10 23:02:50 +00:00
Matt Caswell
5f9b64a2fd
Sign CertificateVerify messages using PSS padding
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2157 )
2017-01-10 23:02:50 +00:00
Matt Caswell
2c5dfdc357
Make CertificateVerify TLS1.3 aware
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2157 )
2017-01-10 23:02:50 +00:00
Matt Caswell
d8bc139978
Move Certificate Verify construction and processing into statem_lib.c
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2157 )
2017-01-10 23:02:50 +00:00
Matt Caswell
3f305a80e9
Add a TODO(TLS1.3) around certificate selection
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2157 )
2017-01-10 23:02:50 +00:00
Rich Salz
684b16953b
Fix typo in Blake2 function names
...
Fixes GitHub issue 2169.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2207 )
2017-01-10 16:36:03 -05:00
Kurt Roeckx
676befbeb7
Print the X509 version signed, and convert to unsigned for the hex version.
...
Found by tis-interpreter
Reviewed-by: Rich Salz <rsalz@openssl.org>
GH: #1754
2017-01-10 22:27:37 +01:00
Richard Levitte
d95743047e
Only enable CRYPTO_3DES_ECB if that name is an existing macro
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2203 )
2017-01-10 14:59:39 +01:00
Richard Levitte
374d543f29
Small fixes of cryptodev engine
...
- guard CRYPTO_3DES_CBC
- add a missing cast
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2203 )
2017-01-10 14:59:39 +01:00
Matt Caswell
290a0419f0
Mark a HelloRequest record as read if we ignore it
...
Otherwise the client will try to process it again. The second time around
it will try and move the record data into handshake fragment storage and
realise that there is no data left. At that point it marks it as read
anyway. However, it is a bug that we go around the loop a second time, so
we prevent that.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2200 )
2017-01-10 12:30:15 +00:00
Iaroslav Gridin
f61c5ca6ca
use EVP_CIPHER_CTX_ functions instead of accessing EVP_CIPHER_CTX internals
...
by levitte
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1784 )
2017-01-10 08:21:45 +01:00
Iaroslav Gridin
349b653a99
fix for BSD cryptodev
...
by levitte
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1784 )
2017-01-10 08:21:45 +01:00
Iaroslav Gridin
2c5998dde6
Remove commented-out HMAC code
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1784 )
2017-01-10 08:21:45 +01:00
Iaroslav Gridin
098eb1a7b7
Style the code
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1784 )
2017-01-10 08:21:45 +01:00
Iaroslav Gridin
807d21066f
Remove unused ret variable
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1784 )
2017-01-10 08:21:45 +01:00
Iaroslav Gridin
60cd1196a2
Remove non-functional CRYPTO_AES_CTR ifdef disabling AES-CTR in cryptodev
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1784 )
2017-01-10 08:21:45 +01:00
Iaroslav Gridin
f53e067451
Add AES-ECB and 3DES-ECB to cryptodev
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1784 )
2017-01-10 08:21:45 +01:00
Nikos Mavrogiannopoulos
f8e7fbd53f
cryptodev: allow copying EVP contexts
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1784 )
2017-01-10 08:21:45 +01:00
Nikos Mavrogiannopoulos
efcad82bb8
cryptodev: Fix issue with signature generation
...
That patch also enables support for SHA2 hashes, and
removes support for hashes that were never supported by
cryptodev.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1784 )
2017-01-10 08:21:45 +01:00
Rich Salz
1ed327f7df
Review comments
...
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2052 )
2017-01-09 22:26:47 -05:00
Rich Salz
8cbfcc70bf
Use typedefs for PSK, NPN, ALPN callback functions
...
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2052 )
2017-01-09 22:26:47 -05:00
Rich Salz
aff8c126fd
Move extension data into sub-structs
...
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2052 )
2017-01-09 22:26:47 -05:00
Richard Levitte
18e3ab7bc4
Fix build issues with no-dh, no-dsa and no-ec
...
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2192 )
2017-01-09 22:45:47 +01:00
Bernd Edlinger
c6d215e0d2
Fix a memory leak in RSA_padding_add_PKCS1_OAEP_mgf1
...
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Matt Caswell <matt@openssl.org>
GH: #2140
2017-01-09 22:23:31 +01:00
Rich Salz
3adc41dd22
Rename "verify_cb" to SSL_verify_cb
...
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2151 )
2017-01-09 16:09:50 -05:00
Rich Salz
121677b487
Doc nits: callback function typedefs
...
Enhance find-doc-nits to be better about finding typedefs for
callback functions. Fix all nits it now finds. Added some new
typedef names to ssl.h some of which were documented but did not
exist
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2151 )
2017-01-09 16:09:50 -05:00
Dr. Stephen Henson
9c4319bd03
Add server temp key type checks
...
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2191 )
2017-01-08 19:36:59 +00:00
Dr. Stephen Henson
b93ad05dba
Add new ssl_test option.
...
Add option ExpectedTmpKeyType to test the temporary key the server
sends is of the correct type.
Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2191 )
2017-01-08 19:36:59 +00:00
Dr. Stephen Henson
c82bafc52e
fix a few more style issues
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2177 )
2017-01-08 01:42:52 +00:00
Dr. Stephen Henson
76951372af
Documentation clarification and fixes.
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2177 )
2017-01-08 01:42:52 +00:00
Dr. Stephen Henson
f291138bbe
Remove unnecessary frees and style fixes.
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2177 )
2017-01-08 01:42:52 +00:00
Dr. Stephen Henson
f488976ccf
fix typo and remove duplicate macro
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2177 )
2017-01-08 01:42:51 +00:00
Dr. Stephen Henson
c916505092
Add documentation for PSS control operations.
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2177 )
2017-01-08 01:42:51 +00:00
Dr. Stephen Henson
bc1ea030ef
Use more desciptive macro name rsa_pss_restricted()
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2177 )
2017-01-08 01:42:51 +00:00
Dr. Stephen Henson
b6b885c6b9
style issues
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2177 )
2017-01-08 01:42:51 +00:00
Dr. Stephen Henson
285c7d9cdf
free str on error
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2177 )
2017-01-08 01:42:51 +00:00
Dr. Stephen Henson
568b9cdc64
clarify comment
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2177 )
2017-01-08 01:42:51 +00:00
Dr. Stephen Henson
52ad523c0e
fix various style issues
...
Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2177 )
2017-01-08 01:42:50 +00:00