libsec: implement server side ECDHE key exchange with secp256r1, move DH state in TlsSec structure, simplify

implement ECDHE key exchange with secp256r1 on the server side, providing
perfect forward secrecy (tho slowly).

it is easier to just keep the ECDH/DH state in the TlsSec structure,
which fits better with the grouping of the functions. we do the cleanup
in tlsConnectionFree() now, so a lot of error handling logic could go
away.

reinvestigated some error paths and removed the ones that cannot error.

move functions to fit the logical grouping.

combine the code for signing handshake hashes (for client certs) and
DH parameters. provide digestDHparams() function to be shared between
server and client code.

0 files changed, 0 insertions, 0 deletions