#
1.18 |
|
26-Nov-2022 |
tb |
Make internal header file names consistent
Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special.
Adjust all .c files in libcrypto, libssl and regress.
The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually.
discussed with jsing, no objection bcook
|
#
1.17 |
|
07-Nov-2022 |
jsing |
Move tls13_exporter() code.
It makes more sense to have tls13_exporter() in tls13_key_schedule.c, rather than tls13_lib.c
ok tb@
|
#
1.16 |
|
14-Oct-2022 |
tb |
Error out if the out secret wasn't properly initialized
Calling HKDF_expand() with a length of 0 happens to succeed due to a quirk in the API inherited from BoringSSL. This hides caller-side errors during development. Error out to catch such mistakes early on.
ok jsing
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.15 |
|
07-Jul-2022 |
tb |
Initialize hkdf_label to NULL.
Needed for an upcoming diff adding a NULL check to CBB_finish().
ok jsing
|
Revision tags: OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE
|
#
1.14 |
|
05-Jan-2021 |
tb |
Avoid local variable in tls13_secret_init().
suggested by jsing
|
#
1.13 |
|
05-Jan-2021 |
tb |
Use KNF for licence comment
ok jsing
|
#
1.12 |
|
05-Jan-2021 |
tb |
Move tls13_secrets_destroy() below _create()
ok jsing
|
#
1.11 |
|
05-Jan-2021 |
tb |
Convert tls13_secrets_{create,destroy}() to tls13_secret_{init,cleanup}()
ok jsing
|
#
1.10 |
|
05-Jan-2021 |
tb |
Add tls13_secret_{init,cleanup}()
These are two functions that will help streamlining various functions in the TLSv1.3 code that do not need to know about the interna of this struct.
input/ok jsing
|
#
1.9 |
|
16-Nov-2020 |
jsing |
Implement exporter for TLSv1.3.
This implements the key material exporter for TLSv1.3, as defined in RFC8446 section 7.5.
Issue reported by nmathewson on github.
ok inoguchi@ tb@
|
Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE
|
#
1.8 |
|
17-Nov-2019 |
beck |
branches: 1.8.6; Correct update of application traffic secrets to use an empty context rather than the hash of an empty context
ok jsing@
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.7 |
|
13-Nov-2018 |
beck |
NULL out mdctx to prevent possible double free introduced in version 1.4 Spotted by maestre@, ok tb@
|
#
1.6 |
|
10-Nov-2018 |
jsing |
Avoid a double allocation and memory leak.
Reported by Ben L <bobsayshilol at live dot co dot uk>
|
#
1.5 |
|
10-Nov-2018 |
beck |
Fix last of the empty hash nonsense ok jsing@
|
#
1.4 |
|
09-Nov-2018 |
jsing |
Fix the TLSv1.3 key schedule implementation.
When the RFC refers to ("") for key derivation, it is referring to the transcript hash of an empty string, not an empty string. Rename tls13_secrets_new() to tls13_secrets_create(), make it take an EVP_MD * and calculate the hash of an empty string so that we have it available for the "derived" and other steps. Merge tls13_secrets_init() into the same function, remove the EVP_MD * from other functions and use the empty string hash at the appropriate places.
ok beck@ tb@
|
#
1.3 |
|
08-Nov-2018 |
beck |
KNF
|
#
1.2 |
|
08-Nov-2018 |
tb |
Move #include <openssl/evp.h> to the header.
discussed with beck and jsing
|
#
1.1 |
|
07-Nov-2018 |
beck |
Add initial TLS 1.3 key schedule support with basic regress tests ok jsing@ tb@
|
#
1.17 |
|
07-Nov-2022 |
jsing |
Move tls13_exporter() code.
It makes more sense to have tls13_exporter() in tls13_key_schedule.c, rather than tls13_lib.c
ok tb@
|
#
1.16 |
|
14-Oct-2022 |
tb |
Error out if the out secret wasn't properly initialized
Calling HKDF_expand() with a length of 0 happens to succeed due to a quirk in the API inherited from BoringSSL. This hides caller-side errors during development. Error out to catch such mistakes early on.
ok jsing
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.15 |
|
07-Jul-2022 |
tb |
Initialize hkdf_label to NULL.
Needed for an upcoming diff adding a NULL check to CBB_finish().
ok jsing
|
Revision tags: OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE
|
#
1.14 |
|
05-Jan-2021 |
tb |
Avoid local variable in tls13_secret_init().
suggested by jsing
|
#
1.13 |
|
05-Jan-2021 |
tb |
Use KNF for licence comment
ok jsing
|
#
1.12 |
|
05-Jan-2021 |
tb |
Move tls13_secrets_destroy() below _create()
ok jsing
|
#
1.11 |
|
05-Jan-2021 |
tb |
Convert tls13_secrets_{create,destroy}() to tls13_secret_{init,cleanup}()
ok jsing
|
#
1.10 |
|
05-Jan-2021 |
tb |
Add tls13_secret_{init,cleanup}()
These are two functions that will help streamlining various functions in the TLSv1.3 code that do not need to know about the interna of this struct.
input/ok jsing
|
#
1.9 |
|
16-Nov-2020 |
jsing |
Implement exporter for TLSv1.3.
This implements the key material exporter for TLSv1.3, as defined in RFC8446 section 7.5.
Issue reported by nmathewson on github.
ok inoguchi@ tb@
|
Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE
|
#
1.8 |
|
17-Nov-2019 |
beck |
branches: 1.8.6; Correct update of application traffic secrets to use an empty context rather than the hash of an empty context
ok jsing@
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.7 |
|
13-Nov-2018 |
beck |
NULL out mdctx to prevent possible double free introduced in version 1.4 Spotted by maestre@, ok tb@
|
#
1.6 |
|
10-Nov-2018 |
jsing |
Avoid a double allocation and memory leak.
Reported by Ben L <bobsayshilol at live dot co dot uk>
|
#
1.5 |
|
10-Nov-2018 |
beck |
Fix last of the empty hash nonsense ok jsing@
|
#
1.4 |
|
09-Nov-2018 |
jsing |
Fix the TLSv1.3 key schedule implementation.
When the RFC refers to ("") for key derivation, it is referring to the transcript hash of an empty string, not an empty string. Rename tls13_secrets_new() to tls13_secrets_create(), make it take an EVP_MD * and calculate the hash of an empty string so that we have it available for the "derived" and other steps. Merge tls13_secrets_init() into the same function, remove the EVP_MD * from other functions and use the empty string hash at the appropriate places.
ok beck@ tb@
|
#
1.3 |
|
08-Nov-2018 |
beck |
KNF
|
#
1.2 |
|
08-Nov-2018 |
tb |
Move #include <openssl/evp.h> to the header.
discussed with beck and jsing
|
#
1.1 |
|
07-Nov-2018 |
beck |
Add initial TLS 1.3 key schedule support with basic regress tests ok jsing@ tb@
|
#
1.16 |
|
14-Oct-2022 |
tb |
Error out if the out secret wasn't properly initialized
Calling HKDF_expand() with a length of 0 happens to succeed due to a quirk in the API inherited from BoringSSL. This hides caller-side errors during development. Error out to catch such mistakes early on.
ok jsing
|
Revision tags: OPENBSD_7_2_BASE
|
#
1.15 |
|
07-Jul-2022 |
tb |
Initialize hkdf_label to NULL.
Needed for an upcoming diff adding a NULL check to CBB_finish().
ok jsing
|
Revision tags: OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE
|
#
1.14 |
|
05-Jan-2021 |
tb |
Avoid local variable in tls13_secret_init().
suggested by jsing
|
#
1.13 |
|
05-Jan-2021 |
tb |
Use KNF for licence comment
ok jsing
|
#
1.12 |
|
05-Jan-2021 |
tb |
Move tls13_secrets_destroy() below _create()
ok jsing
|
#
1.11 |
|
05-Jan-2021 |
tb |
Convert tls13_secrets_{create,destroy}() to tls13_secret_{init,cleanup}()
ok jsing
|
#
1.10 |
|
05-Jan-2021 |
tb |
Add tls13_secret_{init,cleanup}()
These are two functions that will help streamlining various functions in the TLSv1.3 code that do not need to know about the interna of this struct.
input/ok jsing
|
#
1.9 |
|
16-Nov-2020 |
jsing |
Implement exporter for TLSv1.3.
This implements the key material exporter for TLSv1.3, as defined in RFC8446 section 7.5.
Issue reported by nmathewson on github.
ok inoguchi@ tb@
|
Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE
|
#
1.8 |
|
17-Nov-2019 |
beck |
branches: 1.8.6; Correct update of application traffic secrets to use an empty context rather than the hash of an empty context
ok jsing@
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.7 |
|
13-Nov-2018 |
beck |
NULL out mdctx to prevent possible double free introduced in version 1.4 Spotted by maestre@, ok tb@
|
#
1.6 |
|
10-Nov-2018 |
jsing |
Avoid a double allocation and memory leak.
Reported by Ben L <bobsayshilol at live dot co dot uk>
|
#
1.5 |
|
10-Nov-2018 |
beck |
Fix last of the empty hash nonsense ok jsing@
|
#
1.4 |
|
09-Nov-2018 |
jsing |
Fix the TLSv1.3 key schedule implementation.
When the RFC refers to ("") for key derivation, it is referring to the transcript hash of an empty string, not an empty string. Rename tls13_secrets_new() to tls13_secrets_create(), make it take an EVP_MD * and calculate the hash of an empty string so that we have it available for the "derived" and other steps. Merge tls13_secrets_init() into the same function, remove the EVP_MD * from other functions and use the empty string hash at the appropriate places.
ok beck@ tb@
|
#
1.3 |
|
08-Nov-2018 |
beck |
KNF
|
#
1.2 |
|
08-Nov-2018 |
tb |
Move #include <openssl/evp.h> to the header.
discussed with beck and jsing
|
#
1.1 |
|
07-Nov-2018 |
beck |
Add initial TLS 1.3 key schedule support with basic regress tests ok jsing@ tb@
|
#
1.15 |
|
07-Jul-2022 |
tb |
Initialize hkdf_label to NULL.
Needed for an upcoming diff adding a NULL check to CBB_finish().
ok jsing
|
Revision tags: OPENBSD_6_9_BASE OPENBSD_7_0_BASE OPENBSD_7_1_BASE
|
#
1.14 |
|
05-Jan-2021 |
tb |
Avoid local variable in tls13_secret_init().
suggested by jsing
|
#
1.13 |
|
05-Jan-2021 |
tb |
Use KNF for licence comment
ok jsing
|
#
1.12 |
|
05-Jan-2021 |
tb |
Move tls13_secrets_destroy() below _create()
ok jsing
|
#
1.11 |
|
05-Jan-2021 |
tb |
Convert tls13_secrets_{create,destroy}() to tls13_secret_{init,cleanup}()
ok jsing
|
#
1.10 |
|
05-Jan-2021 |
tb |
Add tls13_secret_{init,cleanup}()
These are two functions that will help streamlining various functions in the TLSv1.3 code that do not need to know about the interna of this struct.
input/ok jsing
|
#
1.9 |
|
16-Nov-2020 |
jsing |
Implement exporter for TLSv1.3.
This implements the key material exporter for TLSv1.3, as defined in RFC8446 section 7.5.
Issue reported by nmathewson on github.
ok inoguchi@ tb@
|
Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE
|
#
1.8 |
|
17-Nov-2019 |
beck |
branches: 1.8.6; Correct update of application traffic secrets to use an empty context rather than the hash of an empty context
ok jsing@
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.7 |
|
13-Nov-2018 |
beck |
NULL out mdctx to prevent possible double free introduced in version 1.4 Spotted by maestre@, ok tb@
|
#
1.6 |
|
10-Nov-2018 |
jsing |
Avoid a double allocation and memory leak.
Reported by Ben L <bobsayshilol at live dot co dot uk>
|
#
1.5 |
|
10-Nov-2018 |
beck |
Fix last of the empty hash nonsense ok jsing@
|
#
1.4 |
|
09-Nov-2018 |
jsing |
Fix the TLSv1.3 key schedule implementation.
When the RFC refers to ("") for key derivation, it is referring to the transcript hash of an empty string, not an empty string. Rename tls13_secrets_new() to tls13_secrets_create(), make it take an EVP_MD * and calculate the hash of an empty string so that we have it available for the "derived" and other steps. Merge tls13_secrets_init() into the same function, remove the EVP_MD * from other functions and use the empty string hash at the appropriate places.
ok beck@ tb@
|
#
1.3 |
|
08-Nov-2018 |
beck |
KNF
|
#
1.2 |
|
08-Nov-2018 |
tb |
Move #include <openssl/evp.h> to the header.
discussed with beck and jsing
|
#
1.1 |
|
07-Nov-2018 |
beck |
Add initial TLS 1.3 key schedule support with basic regress tests ok jsing@ tb@
|
#
1.14 |
|
05-Jan-2021 |
tb |
Avoid local variable in tls13_secret_init().
suggested by jsing
|
#
1.13 |
|
05-Jan-2021 |
tb |
Use KNF for licence comment
ok jsing
|
#
1.12 |
|
05-Jan-2021 |
tb |
Move tls13_secrets_destroy() below _create()
ok jsing
|
#
1.11 |
|
05-Jan-2021 |
tb |
Convert tls13_secrets_{create,destroy}() to tls13_secret_{init,cleanup}()
ok jsing
|
#
1.10 |
|
05-Jan-2021 |
tb |
Add tls13_secret_{init,cleanup}()
These are two functions that will help streamlining various functions in the TLSv1.3 code that do not need to know about the interna of this struct.
input/ok jsing
|
#
1.9 |
|
16-Nov-2020 |
jsing |
Implement exporter for TLSv1.3.
This implements the key material exporter for TLSv1.3, as defined in RFC8446 section 7.5.
Issue reported by nmathewson on github.
ok inoguchi@ tb@
|
Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE
|
#
1.8 |
|
17-Nov-2019 |
beck |
Correct update of application traffic secrets to use an empty context rather than the hash of an empty context
ok jsing@
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.7 |
|
13-Nov-2018 |
beck |
NULL out mdctx to prevent possible double free introduced in version 1.4 Spotted by maestre@, ok tb@
|
#
1.6 |
|
10-Nov-2018 |
jsing |
Avoid a double allocation and memory leak.
Reported by Ben L <bobsayshilol at live dot co dot uk>
|
#
1.5 |
|
10-Nov-2018 |
beck |
Fix last of the empty hash nonsense ok jsing@
|
#
1.4 |
|
09-Nov-2018 |
jsing |
Fix the TLSv1.3 key schedule implementation.
When the RFC refers to ("") for key derivation, it is referring to the transcript hash of an empty string, not an empty string. Rename tls13_secrets_new() to tls13_secrets_create(), make it take an EVP_MD * and calculate the hash of an empty string so that we have it available for the "derived" and other steps. Merge tls13_secrets_init() into the same function, remove the EVP_MD * from other functions and use the empty string hash at the appropriate places.
ok beck@ tb@
|
#
1.3 |
|
08-Nov-2018 |
beck |
KNF
|
#
1.2 |
|
08-Nov-2018 |
tb |
Move #include <openssl/evp.h> to the header.
discussed with beck and jsing
|
#
1.1 |
|
07-Nov-2018 |
beck |
Add initial TLS 1.3 key schedule support with basic regress tests ok jsing@ tb@
|
#
1.9 |
|
16-Nov-2020 |
jsing |
Implement exporter for TLSv1.3.
This implements the key material exporter for TLSv1.3, as defined in RFC8446 section 7.5.
Issue reported by nmathewson on github.
ok inoguchi@ tb@
|
Revision tags: OPENBSD_6_7_BASE OPENBSD_6_8_BASE
|
#
1.8 |
|
17-Nov-2019 |
beck |
Correct update of application traffic secrets to use an empty context rather than the hash of an empty context
ok jsing@
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.7 |
|
13-Nov-2018 |
beck |
NULL out mdctx to prevent possible double free introduced in version 1.4 Spotted by maestre@, ok tb@
|
#
1.6 |
|
10-Nov-2018 |
jsing |
Avoid a double allocation and memory leak.
Reported by Ben L <bobsayshilol at live dot co dot uk>
|
#
1.5 |
|
10-Nov-2018 |
beck |
Fix last of the empty hash nonsense ok jsing@
|
#
1.4 |
|
09-Nov-2018 |
jsing |
Fix the TLSv1.3 key schedule implementation.
When the RFC refers to ("") for key derivation, it is referring to the transcript hash of an empty string, not an empty string. Rename tls13_secrets_new() to tls13_secrets_create(), make it take an EVP_MD * and calculate the hash of an empty string so that we have it available for the "derived" and other steps. Merge tls13_secrets_init() into the same function, remove the EVP_MD * from other functions and use the empty string hash at the appropriate places.
ok beck@ tb@
|
#
1.3 |
|
08-Nov-2018 |
beck |
KNF
|
#
1.2 |
|
08-Nov-2018 |
tb |
Move #include <openssl/evp.h> to the header.
discussed with beck and jsing
|
#
1.1 |
|
07-Nov-2018 |
beck |
Add initial TLS 1.3 key schedule support with basic regress tests ok jsing@ tb@
|
#
1.8 |
|
17-Nov-2019 |
beck |
Correct update of application traffic secrets to use an empty context rather than the hash of an empty context
ok jsing@
|
Revision tags: OPENBSD_6_5_BASE OPENBSD_6_6_BASE
|
#
1.7 |
|
13-Nov-2018 |
beck |
NULL out mdctx to prevent possible double free introduced in version 1.4 Spotted by maestre@, ok tb@
|
#
1.6 |
|
10-Nov-2018 |
jsing |
Avoid a double allocation and memory leak.
Reported by Ben L <bobsayshilol at live dot co dot uk>
|
#
1.5 |
|
10-Nov-2018 |
beck |
Fix last of the empty hash nonsense ok jsing@
|
#
1.4 |
|
09-Nov-2018 |
jsing |
Fix the TLSv1.3 key schedule implementation.
When the RFC refers to ("") for key derivation, it is referring to the transcript hash of an empty string, not an empty string. Rename tls13_secrets_new() to tls13_secrets_create(), make it take an EVP_MD * and calculate the hash of an empty string so that we have it available for the "derived" and other steps. Merge tls13_secrets_init() into the same function, remove the EVP_MD * from other functions and use the empty string hash at the appropriate places.
ok beck@ tb@
|
#
1.3 |
|
08-Nov-2018 |
beck |
KNF
|
#
1.2 |
|
08-Nov-2018 |
tb |
Move #include <openssl/evp.h> to the header.
discussed with beck and jsing
|
#
1.1 |
|
07-Nov-2018 |
beck |
Add initial TLS 1.3 key schedule support with basic regress tests ok jsing@ tb@
|
#
1.7 |
|
13-Nov-2018 |
beck |
NULL out mdctx to prevent possible double free introduced in version 1.4 Spotted by maestre@, ok tb@
|
#
1.6 |
|
10-Nov-2018 |
jsing |
Avoid a double allocation and memory leak.
Reported by Ben L <bobsayshilol at live dot co dot uk>
|
#
1.5 |
|
10-Nov-2018 |
beck |
Fix last of the empty hash nonsense ok jsing@
|
#
1.4 |
|
09-Nov-2018 |
jsing |
Fix the TLSv1.3 key schedule implementation.
When the RFC refers to ("") for key derivation, it is referring to the transcript hash of an empty string, not an empty string. Rename tls13_secrets_new() to tls13_secrets_create(), make it take an EVP_MD * and calculate the hash of an empty string so that we have it available for the "derived" and other steps. Merge tls13_secrets_init() into the same function, remove the EVP_MD * from other functions and use the empty string hash at the appropriate places.
ok beck@ tb@
|
#
1.3 |
|
08-Nov-2018 |
beck |
KNF
|
#
1.2 |
|
08-Nov-2018 |
tb |
Move #include <openssl/evp.h> to the header.
discussed with beck and jsing
|
#
1.1 |
|
07-Nov-2018 |
beck |
Add initial TLS 1.3 key schedule support with basic regress tests ok jsing@ tb@
|
#
1.6 |
|
10-Nov-2018 |
jsing |
Avoid a double allocation and memory leak.
Reported by Ben L <bobsayshilol at live dot co dot uk>
|
#
1.5 |
|
10-Nov-2018 |
beck |
Fix last of the empty hash nonsense ok jsing@
|
#
1.4 |
|
09-Nov-2018 |
jsing |
Fix the TLSv1.3 key schedule implementation.
When the RFC refers to ("") for key derivation, it is referring to the transcript hash of an empty string, not an empty string. Rename tls13_secrets_new() to tls13_secrets_create(), make it take an EVP_MD * and calculate the hash of an empty string so that we have it available for the "derived" and other steps. Merge tls13_secrets_init() into the same function, remove the EVP_MD * from other functions and use the empty string hash at the appropriate places.
ok beck@ tb@
|
#
1.3 |
|
08-Nov-2018 |
beck |
KNF
|
#
1.2 |
|
08-Nov-2018 |
tb |
Move #include <openssl/evp.h> to the header.
discussed with beck and jsing
|
#
1.1 |
|
07-Nov-2018 |
beck |
Add initial TLS 1.3 key schedule support with basic regress tests ok jsing@ tb@
|
#
1.3 |
|
08-Nov-2018 |
beck |
KNF
|
#
1.2 |
|
08-Nov-2018 |
tb |
Move #include <openssl/evp.h> to the header.
discussed with beck and jsing
|
#
1.1 |
|
07-Nov-2018 |
beck |
Add initial TLS 1.3 key schedule support with basic regress tests ok jsing@ tb@
|