| #
b1a5c5c8 |
| 10-Nov-2022 |
jsing <jsing@openbsd.org> |
Use tls_buffer for alert and handshake fragments in the legacy stack.
This avoids a bunch of pointer munging and a handrolled memmove.
ok tb@
|
| #
f7e8f89f |
| 24-Jul-2022 |
jsing <jsing@openbsd.org> |
Provide record layer callbacks for QUIC.
QUIC uses TLS to complete the handshake, however unlike normal TLS it does
not use the TLS record layer, rather it provides its own transport. This
means tha
Provide record layer callbacks for QUIC.
QUIC uses TLS to complete the handshake, however unlike normal TLS it does
not use the TLS record layer, rather it provides its own transport. This
means that we need to intercept all communication between the TLS handshake
and the record layer. This allows TLS handshake message writes to be
directed to QUIC, likewise for TLS handshake message reads. Alerts also
need to be sent via QUIC, plus it needs to be provided with the traffic
keys that are derived by TLS.
ok tb@
show more ...
|
| #
24c399e9 |
| 22-Jul-2022 |
jsing <jsing@openbsd.org> |
Add read and write support to tls_buffer.
tls_buffer was original created for a specific use case, namely reading in
length prefixed messages. This adds read and write support, along with a
capacity
Add read and write support to tls_buffer.
tls_buffer was original created for a specific use case, namely reading in
length prefixed messages. This adds read and write support, along with a
capacity limit, allowing it to be used in additional use cases.
ok beck@ tb@
show more ...
|
| #
fc718d1d |
| 20-Jul-2022 |
jsing <jsing@openbsd.org> |
Remove tls_buffer_set_data() and remove/revise callers.
There is no way that tls_buffer_set_data() can currently work in
conjunction with tls_buffer_expand(). This fact is currently hidden by the
wa
Remove tls_buffer_set_data() and remove/revise callers.
There is no way that tls_buffer_set_data() can currently work in
conjunction with tls_buffer_expand(). This fact is currently hidden by the
way that PHH works, which reads the same data from the record layer (which
it needs to do anyway, since we may not have all of the handshake message
in a single record).
Since this is broken, mop it up and change the PHH callback to not provide
the record data.
ok beck@ tb@
show more ...
|
| #
2c1036d8 |
| 29-Jun-2022 |
tb <tb@openbsd.org> |
Check the security of DH key shares
ok beck, looks good to jsing
|
| #
7dd422f8 |
| 11-Jan-2022 |
jsing <jsing@openbsd.org> |
Plumb decode errors through key share parsing code.
Distinguish between decode errors and other errors, so that we can send
a SSL_AD_DECODE_ERROR alert when appropriate.
Fixes a tlsfuzzer failure,
Plumb decode errors through key share parsing code.
Distinguish between decode errors and other errors, so that we can send
a SSL_AD_DECODE_ERROR alert when appropriate.
Fixes a tlsfuzzer failure, due to it expecting a decode error alert and
not receiving one.
Prompted by anton@
ok tb@
show more ...
|
| #
aebe2672 |
| 07-Jan-2022 |
jsing <jsing@openbsd.org> |
Convert legacy server to tls_key_share.
This requires a few more additions to the DHE key share code - we need to
be able to either set the DHE parameters or specify the number of key bits
for use w
Convert legacy server to tls_key_share.
This requires a few more additions to the DHE key share code - we need to
be able to either set the DHE parameters or specify the number of key bits
for use with auto DHE parameters. Additionally, we need to be able to
serialise the DHE parameters to send to the client.
This removes the infamous 'tmp' struct from ssl3_state_internal_st.
ok inoguchi@ tb@
show more ...
|
| #
892af70e |
| 06-Jan-2022 |
jsing <jsing@openbsd.org> |
Convert legacy TLS client to tls_key_share.
This requires adding DHE support to tls_key_share. In doing so,
tls_key_share_peer_public() has to lose the group argument and gains
an invalid_key argume
Convert legacy TLS client to tls_key_share.
This requires adding DHE support to tls_key_share. In doing so,
tls_key_share_peer_public() has to lose the group argument and gains
an invalid_key argument. The one place that actually needs the group
check is tlsext_keyshare_client_parse(), so add code to do this.
ok inoguchi@ tb@
show more ...
|
| #
b8e3503d |
| 05-Jan-2022 |
jsing <jsing@openbsd.org> |
Rename tls13_key_share to tls_key_share.
In preparation to use the key share code in both the TLSv1.3 and legacy
stacks, rename tls13_key_share to tls_key_share, moving it into the shared
handshake
Rename tls13_key_share to tls_key_share.
In preparation to use the key share code in both the TLSv1.3 and legacy
stacks, rename tls13_key_share to tls_key_share, moving it into the shared
handshake struct. Further changes will then allow the legacy stack to make
use of the same code for ephemeral key exchange.
ok inoguchi@ tb@
show more ...
|
| #
f6184395 |
| 23-Oct-2021 |
jsing <jsing@openbsd.org> |
Rename tls13_buffer to tls_buffer.
This code will soon be used in the DTLSv1.2 and TLSv1.2 stack. Also
introduce tls_internal.h and move/rename the read/write/flush callbacks.
ok beck@ tb@
|