ff47cbd464
implement ECDHE key exchange with secp256r1 on the server side, providing perfect forward secrecy (tho slowly). it is easier to just keep the ECDH/DH state in the TlsSec structure, which fits better with the grouping of the functions. we do the cleanup in tlsConnectionFree() now, so a lot of error handling logic could go away. reinvestigated some error paths and removed the ones that cannot error. move functions to fit the logical grouping. combine the code for signing handshake hashes (for client certs) and DH parameters. provide digestDHparams() function to be shared between server and client code. |
||
|---|---|---|
| .. | ||
| 386 | ||
| alpha | ||
| amd64 | ||
| arm | ||
| mips | ||
| port | ||
| power | ||
| spim | ||
| mkfile | ||