Up to [local] / src / lib / libtls
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.12 / (download) - annotate - [select for diffs], Thu Mar 28 06:55:02 2024 UTC (2 months, 2 weeks ago) by joshua
Branch: MAIN
CVS Tags: HEAD
Changes since 1.11: +3 -3 lines
Diff to previous 1.11 (colored)
Use TLS_ERROR_INVALID_ARGUMENT for "too large" and "too small" errors ok beck tb
Revision 1.11 / (download) - annotate - [select for diffs], Thu Mar 28 02:08:24 2024 UTC (2 months, 2 weeks ago) by joshua
Branch: MAIN
Changes since 1.10: +7 -6 lines
Diff to previous 1.10 (colored)
Use TLS_ERROR_OUT_OF_MEMORY error code for calloc errors in libtls ok jsing
Revision 1.10 / (download) - annotate - [select for diffs], Tue Mar 26 06:24:52 2024 UTC (2 months, 2 weeks ago) by joshua
Branch: MAIN
Changes since 1.9: +34 -24 lines
Diff to previous 1.9 (colored)
Add error code support to libtls This adds tls_config_error_code() and tls_error_code(), which will become public API at a later date. Additional error codes will be added in follow-up commits. ok jsing@ beck@
Revision 1.9 / (download) - annotate - [select for diffs], Sun Jun 18 19:12:58 2023 UTC (11 months, 3 weeks ago) by tb
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4
Changes since 1.8: +3 -21 lines
Diff to previous 1.8 (colored)
Turns out EC_KEY_METHOD_new() has dup built in... ... because RSA_meth_new() doesn't. So we can fortunately lose a few lines added in the previous commit. Three cheers for the masters of inconsistency. ok jsing
Revision 1.8 / (download) - annotate - [select for diffs], Sun Jun 18 17:50:28 2023 UTC (11 months, 3 weeks ago) by tb
Branch: MAIN
Changes since 1.7: +29 -2 lines
Diff to previous 1.7 (colored)
tls_signer: reinstate the default EC_KEY methods Previously, we would set the ECDSA_METHOD on the EC_KEY, which, by way of lovely indirection in our three crypto/ec* directories ended up having no effect on the default methods. Now that we set a new EC_KEY_METHOD, we need to make sure we still have the other handlers that we might need. Like so many things that were made opaque in the 1.1 re"design", the accessors were written without actual application code in mind. In particular, EC_KEY_METHOD lacks a dup(). This means we get to fetch the default methods with getters and then set them again on the new method. This is particularly awesome because once someone adds a new method to the opaque struct, all applications will have to adapt and do a get/set dance. So far this is very reminiscent of PostgreSQL with BIO_meth_* https://github.com/postgres/postgres/blob/a14e75eb0b6a73821e0d66c0d407372ec8376105/src/interfaces/libpq/fe-secure-openssl.c#L1921-L1928 Only it's worse here because someone wanted to be smart and save a few public functions, so we have to use getters that get several functions at once. Which in turn means we need to have function pointers with the precise signatures which are part of the struct that was made opaque. We will add a EC_KEY_METHOD_dup() in the next bump, but for now this is the best fix we can have. Whenever you think you've seen the worst turds in this code base, you find another one that could serve as an exemplar. ok jsing op
Revision 1.7 / (download) - annotate - [select for diffs], Sun Jun 18 17:24:09 2023 UTC (11 months, 3 weeks ago) by tb
Branch: MAIN
Changes since 1.6: +3 -3 lines
Diff to previous 1.6 (colored)
Switch tls_ecdsa_do_sign() to EC_KEY_get_ex_data() Since libtls now sets the ex_data with EC_KEY_set_ex_data(), the do_sign() callback needs to have a matching change. ok jsing op
Revision 1.6 / (download) - annotate - [select for diffs], Sun Jun 18 11:43:03 2023 UTC (11 months, 3 weeks ago) by op
Branch: MAIN
Changes since 1.5: +5 -10 lines
Diff to previous 1.5 (colored)
libtls: switch ECDSA_METHOD usage to EC_KEY_METHOD smtpd and the bits it needs in libtls are the only consumer left of ECDSA_METHOD, which is long deprecated. This paves the way for the removal in libcrypto. The diff is from gilles' work on OpenSMTPD-portable, libretls had a similar diff. ok tb@, jsing@
Revision 1.5 / (download) - annotate - [select for diffs], Sun Apr 9 18:26:26 2023 UTC (14 months ago) by tb
Branch: MAIN
Changes since 1.4: +1 -5 lines
Diff to previous 1.4 (colored)
Drop X9.31 support from libtls The TLS signer isn't exposed in public API (we should finally fix it...) and it supports X9.31, a standard that has been retired and deprecated for a very long time. libcrypto will stop supporting it soon, this step is needed to prepare userland. ok jsing
Revision 1.4 / (download) - annotate - [select for diffs], Tue Feb 1 17:18:38 2022 UTC (2 years, 4 months ago) by jsing
Branch: MAIN
CVS Tags: OPENBSD_7_3_BASE,
OPENBSD_7_3,
OPENBSD_7_2_BASE,
OPENBSD_7_2,
OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.3: +33 -5 lines
Diff to previous 1.3 (colored)
Provide our own signature padding defines. Rather than leaking libcrypto defines through the tls_sign_cb and tls_signer_sign() interfaces, provide and use our own TLS_PADDING_* defines. ok inoguchi@ tb@
Revision 1.3 / (download) - annotate - [select for diffs], Tue Feb 1 17:13:10 2022 UTC (2 years, 4 months ago) by jsing
Branch: MAIN
Changes since 1.2: +120 -75 lines
Diff to previous 1.2 (colored)
Revise signer callback interface. The current design of tls_sign_cb provides a pointer to a buffer where the signature needs to be copied, however it fails to provide a length which could result in buffer overwrites. Furthermore, tls_signer_sign() is designed such that it allocates and returns ownership to the caller. Revise tls_sign_cb so that the called function is expected to allocate a buffer, returning ownership of the buffer (along with its length) to the caller of the callback. This makes it far easier (and safer) to implement a tls_sign_cb callback, plus tls_signer_sign can be directly plugged in (with an appropriate cast). While here, rename and reorder some arguments - while we will normally sign a digest, there is no requirement for this to be the case hence use 'input' and 'input_len'. Move padding (an input) before the outputs and add some additional bounds/return value checks. This is technically an API/ABI break that would need a libtls major bump, however since nothing is using the signer interface (outside of regress), we'll ride the original minor bump. With input from tb@ ok inoguchi@ tb@
Revision 1.2 / (download) - annotate - [select for diffs], Sat Jan 29 02:03:19 2022 UTC (2 years, 4 months ago) by inoguchi
Branch: MAIN
Changes since 1.1: +3 -1 lines
Diff to previous 1.1 (colored)
Add limits.h for INT_MAX in tls_signer.c ok jsing@ tb@
Revision 1.1 / (download) - annotate - [select for diffs], Tue Jan 25 21:51:24 2022 UTC (2 years, 4 months ago) by eric
Branch: MAIN
Introduce a signer interface intented to make TLS privsep simpler to implement. Add a tls_config_set_sign_cb() function that allows to register a callback for the signing operation on a tls_config. When used, the context installs fake pivate keys internally, and the callback receives the hash of the public key. Add a tls_signer_*() set of functions to manage tls_signer objects. A tls_signer is an opaque structure on which keys are added. It is used to compute signatures with private keys identified by their associated public key hash. Discussed with and ok jsing@ tb@