Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/mono/boringssl.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/ssl/s3_enc.c
AgeCommit message (Collapse)Author
2014-12-18Reformat s3_{enc|lib}.c.Adam Langley
Change-Id: I4f2a241ef996952195b9bcdd9ee305e28b2aff5d
2014-12-16Fix EVP_Cipher error-handling.David Benjamin
Turns out the EVP_CIPH_FLAG_CUSTOM_CIPHER ciphers (i.e. legacy EVP_CIPHER AES-GCM) have a completely different return value setup than the normal ones which are the standard one/zero. (Except that they never return zero; see TODO.) Fix checks in ssl/ and remove remnants of EVP_CIPH_FLAG_CUSTOM_CIPHER in ssl/ as we're using EVP_AEAD now. See CHANGES entry added in upstream's 3da0ca796cae6625bd26418afe0a1dc47bf5a77f. Change-Id: Ia4d0ff59b03c35fab3a08141c60b9534cb7172e2 Reviewed-on: https://boringssl-review.googlesource.com/2606 Reviewed-by: Adam Langley <agl@google.com>
2014-12-05Check EVP_Cipher return values.David Benjamin
PR#1767 (Imported from upstream's fe78f08d1541211566a5656395186bfbdc61b6f8) Not sure this is reachable (upstream's PR references custom engines), but better be tidy. Note this is slightly different from upstream's: EVP_Cipher is documented to return -1 on failure, not 0. Change-Id: I836f12b73c6912a8ae8cbd37cfd3d33466acbc9e Reviewed-on: https://boringssl-review.googlesource.com/2478 Reviewed-by: Adam Langley <agl@google.com>
2014-11-20Fix a couple more malloc test crashes.David Benjamin
The ex_data index may fail to be allocated. Also don't leave a dangling pointer in handshake_dgst if EVP_DigestInit_ex fails and check a few more init function failures. Change-Id: I2e99a89b2171c9d73ccc925a2f35651af34ac5fb Reviewed-on: https://boringssl-review.googlesource.com/2342 Reviewed-by: Adam Langley <agl@google.com>
2014-11-19Add malloc failure tests.Adam Langley
This commit fixes a number of crashes caused by malloc failures. They were found using the -malloc-test=0 option to runner.go which runs tests many times, causing a different allocation call to fail in each case. (This test only works on Linux and only looks for crashes caused by allocation failures, not memory leaks or other errors.) This is not the complete set of crashes! More can be found by collecting core dumps from running with -malloc-test=0. Change-Id: Ia61d19f51e373bccb7bc604642c51e043a74bd83 Reviewed-on: https://boringssl-review.googlesource.com/2320 Reviewed-by: Adam Langley <agl@google.com>
2014-10-25Extended master secret support.Adam Langley
This change implements support for the extended master secret. See https://tools.ietf.org/html/draft-ietf-tls-session-hash-01 https://secure-resumption.com/ Change-Id: Ifc7327763149ab0894b4f1d48cdc35e0f1093b93 Reviewed-on: https://boringssl-review.googlesource.com/1930 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
2014-10-21Remove key_arg and key_arg_length from SSL_SESSION.David Benjamin
Remnants of SSLv2 support. Change-Id: If45035f1727f235e122121418770f75257b18026 Reviewed-on: https://boringssl-review.googlesource.com/1991 Reviewed-by: Adam Langley <agl@google.com>
2014-08-28unifdef a bunch of OPENSSL_NO_* ifdefs.David Benjamin
Get all this stuff out of the way. - OPENSSL_NO_MD5 - OPENSSL_NO_SHA - OPENSSL_NO_EC - OPENSSL_NO_ECDSA - OPENSSL_NO_ECDH - OPENSSL_NO_NEXTPROTONEG - OPENSSL_NO_DH - OPENSSL_NO_SSL3 - OPENSSL_NO_RC4 - OPENSSL_NO_RSA Also manually removed a couple instances of OPENSSL_NO_DSA that seemed to be confused anyway. Did some minor manual cleanup. (Removed a few now-pointless 'if (0)'s.) Change-Id: Id540ba97ee22ff2309ab20ceb24c7eabe766d4c4 Reviewed-on: https://boringssl-review.googlesource.com/1662 Reviewed-by: Adam Langley <agl@google.com>
2014-08-27Refactor server-side CertificateVerify handling.David Benjamin
This moves CertificateVerify digest processing to the new SSL_GET_MESSAGE_DONT_HASH_MESSAGE flag. It also refactors it similarly to ssl3_send_cert_verify and moves that logic to a common ssl3_cert_verify_hash function to compute the handshake hash. This removes a large chunk of duplicate (and divergent!) logic between TLS and DTLS. It also removes TLS1_FLAGS_KEEP_HANDSHAKE. Change-Id: Ia63c94f7d76d901bc9c4c33454fbfede411adf63 Reviewed-on: https://boringssl-review.googlesource.com/1633 Reviewed-by: Adam Langley <agl@google.com>
2014-08-20Mark some more globals as const.David Benjamin
Change-Id: Ie6f3a3713ce1482a787444678a65daa37bc0b273 Reviewed-on: https://boringssl-review.googlesource.com/1565 Reviewed-by: Adam Langley <agl@google.com>
2014-08-20Remove remnants of now-removed cipher suites.David Benjamin
NULL, SRP, CAMELLIA, export ciphers, SSLv2, IDEA, and SEED are gone. Unknown directives are silently ignored in the parser, so there is no need to retain their masks and entries in the cipher suite aliases. Change-Id: If43b9cbce56b3e1c401db764b88996940452a300 Reviewed-on: https://boringssl-review.googlesource.com/1561 Reviewed-by: Adam Langley <agl@google.com>
2014-08-19Remove rsa_md5, md5, and sha1 fields from SSL_CTX.David Benjamin
Just use the normal API for them. Change-Id: Ibb5988611a86e8d39abda1e02087523d98defb51 Reviewed-on: https://boringssl-review.googlesource.com/1555 Reviewed-by: Adam Langley <agl@google.com>
2014-07-25Remove support code for export cipher suites.David Benjamin
Now the only case where temporary RSA keys are used on the server end is non-signing keys. Change-Id: I55f6c206e798dd28548c386fdffd555ccc395477 Reviewed-on: https://boringssl-review.googlesource.com/1285 Reviewed-by: Adam Langley <agl@google.com>
2014-07-18Have BIO_get_mem_data return a size_t and uint8_t*Adam Langley
Change-Id: I883f9c3527b572a2140ae4899cf4409cdc25c6dc Reviewed-on: https://boringssl-review.googlesource.com/1261 Reviewed-by: Adam Langley <agl@google.com>
2014-07-07Remove CHARSET_EBCDICAlex Chernyakhovsky
Since crypto/ebcdic.{c,h} are not present in BoringSSL, remove the #ifdefs Changes were made by running find . -type f -name *.c | xargs unifdef -m -U CHARSET_EBCDIC find . -type f -name *.h | xargs unifdef -m -U CHARSET_EBCDIC using unifdef 2.10. An additional two ifdefs (CHARSET_EBCDIC_not) were removed manually. Change-Id: Ie174bb00782cc44c63b0f9fab69619b3a9f66d42 Reviewed-on: https://boringssl-review.googlesource.com/1093 Reviewed-by: Adam Langley <agl@google.com>
2014-06-25Remove more remnants of compression.David Benjamin
Change-Id: I721914594fc92a66d95c7ec2088f13b68e964103
2014-06-24Remove crypto/comp and SSL_COMP support code.David Benjamin
Now that the consuming code in ssl/ is removed, there is no need for this. Leave SSL_COMP and STACK_OF(SSL_COMP) for now so as not to break any code which manipulates the output of SSL_COMP_get_compression_methods to disable compression. Change-Id: Idf0a5debd96589ef6e7e56acf5d9259412b7d7a1
2014-06-21Fixed incorrect return code handling in ssl3_final_finish_mac.Adam Langley
Based on an original patch by Joel Sing (OpenBSD) who also originally identified the issue. (Imported from upstream's 728bd41a159ea16a60111e7c1120ec2a005507b3)
2014-06-21Fallback SCSV.Adam Langley
This patch adds server-side support for TLS_FALLBACK_SCSV (see http://tools.ietf.org/html/draft-bmoeller-tls-downgrade-scsv-01).
2014-06-21Implement ECDHE-PSK-WITH-AES-128-GCM-SHA256.Adam Langley
2014-06-21CBC record splitting.Adam Langley
This patch removes support for empty records (which is almost universally disabled via SSL_OP_ALL) and adds optional support for 1/n-1 record splitting. The latter is not enabled by default, since it's not typically used on servers, but it should be enabled in web browsers since there are known attacks in that case (see BEAST).
2014-06-21SSL AEAD support.Adam Langley
This change allows AEADs to be used in ssl/ to implement SSL/TLS ciphersuites.
2014-06-21Inital import.Adam Langley
Initial fork from f2d678e6e89b6508147086610e985d4e8416e867 (1.0.2 beta). (This change contains substantial changes from the original and effectively starts a new history.)
    generated by cgit v1.2.3 (git 2.25.1) at 2024-09-03 13:27:27 +0300