Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Don't need to make these private | lloyd | 2012-08-06 | 1 | -5/+3 |
| | |||||
* | Turn on NPN | lloyd | 2012-08-06 | 1 | -1/+2 |
| | |||||
* | The client wasn't sending a next protocol message on a session | lloyd | 2012-08-06 | 1 | -0/+11 |
| | | | | resumption. | ||||
* | A heartbeat request send by the counterparty during a handshake would | lloyd | 2012-08-06 | 1 | -5/+8 |
| | | | | be passed to the application callback as a heartbeat response. | ||||
* | Move server-specific parts of the handshake state to a server subclass. | lloyd | 2012-08-06 | 4 | -21/+29 |
| | |||||
* | Move things that are client specific in the handshake state to a | lloyd | 2012-08-06 | 2 | -16/+28 |
| | | | | subclass created by Client::new_handshake_state | ||||
* | Make the handshake hash private | lloyd | 2012-08-06 | 7 | -33/+36 |
| | |||||
* | Make handshake session keys private with get/set | lloyd | 2012-08-06 | 6 | -24/+33 |
| | |||||
* | Make the handshake Ciphersuite only available by const reference. | lloyd | 2012-08-06 | 8 | -36/+35 |
| | | | | Derive it when the server hello is set. | ||||
* | Const Handshake_State args where possible | lloyd | 2012-08-06 | 3 | -5/+5 |
| | |||||
* | Move Certificate message to it's own file. | lloyd | 2012-08-06 | 4 | -68/+89 |
| | | | | Remove ~Extensions declaration, not used anymore. | ||||
* | Use unique_ptr in Server_Kex_Exchange and Extensions | lloyd | 2012-08-06 | 4 | -37/+19 |
| | |||||
* | Store record MAC objects in unique_ptr | lloyd | 2012-08-06 | 3 | -21/+12 |
| | |||||
* | Have all the TLS handshake messages stored in unique_ptrs with only | lloyd | 2012-08-06 | 15 | -294/+436 |
| | | | | const access after setting them. Fix some const issues. | ||||
* | m_ namespace remaining TLS messages | lloyd | 2012-08-06 | 5 | -78/+78 |
| | |||||
* | In the in-memory session manager, choose a random key at startup and | lloyd | 2012-08-05 | 3 | -10/+28 |
| | | | | | | | | encrypt all of the sessions, decrypting before return. This minimizes load on the locked memory (48 bytes master secret per session, vs 32 bytes for a single master key). It might also make recovering session data from memory dumps a little bit harder though this isn't worth counting on IMO | ||||
* | Remove Channel::read_handshake. Have the server set expected next msg | lloyd | 2012-08-05 | 4 | -43/+15 |
| | | | | in new_handshake_state. | ||||
* | If we're negotiating a datagram protocol, allow a hello verify | lloyd | 2012-08-03 | 1 | -2/+20 |
| | | | | message. Add client-side hello verify handling. | ||||
* | Take the initial record version from the Handshake_IO instance instead | lloyd | 2012-08-03 | 5 | -3/+24 |
| | | | | of hardcoding it to SSLv3. | ||||
* | Add Handshake_Hash::reset | lloyd | 2012-08-03 | 3 | -3/+24 |
| | | | | Add cookie support in Client_Hello. | ||||
* | Add preliminary IO handler for datagram handshakes. Does not fragment | lloyd | 2012-08-03 | 2 | -0/+184 |
| | | | | | outbound messages to MTU. Reassembly likely doesn't work, and is very vulnerable to DoS attacks. | ||||
* | Rename all the message source files to msg_ | lloyd | 2012-08-03 | 11 | -10/+10 |
| | |||||
* | Combine Handshake_Writer and Handshake_Reader into Handshake_IO. | lloyd | 2012-08-03 | 20 | -245/+170 |
| | | | | | | | | This is mostly just a minor code savings for TLS, but it actually seems important for DTLS because getting a handshake message can be a trigger for retransmitting previously sent handshake messages in some circumstances. Having the reading and writing all in one layer makes it a bit easier to accomplish that. | ||||
* | Move the code that pretends a CCS message is a handshake message from | lloyd | 2012-08-02 | 3 | -40/+32 |
| | | | | Channel to the handshake reader. | ||||
* | Use TLS v1.0 PRF unless the version supports a ciphersuite specific PRF | lloyd | 2012-08-02 | 1 | -4/+5 |
| | |||||
* | Fix link | lloyd | 2012-08-02 | 1 | -2/+3 |
| | |||||
* | Fix emphasis | lloyd | 2012-08-02 | 1 | -3/+2 |
| | |||||
* | Add TLS::Protocol_Version::supports_ciphersuite_specific_prf | lloyd | 2012-08-02 | 4 | -14/+16 |
| | |||||
* | Fix DTLS HelloVerify message decoding | lloyd | 2012-08-02 | 1 | -3/+12 |
| | |||||
* | Use m_ namespace member vars in CurveGFp | lloyd | 2012-08-01 | 1 | -35/+36 |
| | |||||
* | Move monty_invert to numthry.h and use it in CurveGFp as well | lloyd | 2012-08-01 | 4 | -51/+48 |
| | |||||
* | Remove z_size parameter to bigint_monty_redc because it should always | lloyd | 2012-08-01 | 4 | -26/+12 |
| | | | | | | | | | | | be 2*(p_size+1). Document that it clears the high part of z. Don't clear the workspace before calling Karatsuba in bigint_mul or bigint_sqr - they clear it every time anyway. Don't bother masking words in the Montgomery_Exponentiator as redc zeros those words. Also don't bother calling z.clear() as the multiply operation does that already. | ||||
* | Cleanup BigInt::cmp | lloyd | 2012-08-01 | 4 | -41/+43 |
| | | | | | | Move bigint_divcore to divide.cpp which is the only place it is used. Probably not computationally intensive enough to really be worth optimizing in asm. | ||||
* | Move all BigInt constructors to the top of the decl | lloyd | 2012-08-01 | 1 | -81/+82 |
| | |||||
* | Remove BigInt::assign | lloyd | 2012-08-01 | 3 | -28/+27 |
| | |||||
* | Remove BigInt(NumberType type, size_t n) and replace it with a static | lloyd | 2012-08-01 | 10 | -37/+26 |
| | | | | BigInt function power_of_2. (Power2 was the only available NumberType) | ||||
* | Remove all support for octal BigInt conversions. | lloyd | 2012-08-01 | 5 | -39/+35 |
| | |||||
* | Remove BigInt::get_reg | lloyd | 2012-08-01 | 3 | -13/+6 |
| | |||||
* | Remove BigInt::operator[]. Use BigInt::word_at, which checks sizes | lloyd | 2012-08-01 | 4 | -14/+12 |
| | |||||
* | Remove BigInt::operator[] returning a mutable word reference | lloyd | 2012-08-01 | 3 | -13/+9 |
| | |||||
* | Rename the version of BigInt::data returning a mutable pointer | lloyd | 2012-08-01 | 5 | -38/+38 |
| | | | | to BigInt::mutable_data. Update callers. | ||||
* | Remove the mutable version of BigInt::get_reg | lloyd | 2012-07-31 | 5 | -22/+18 |
| | |||||
* | m_ namespace BigInt members | lloyd | 2012-07-31 | 3 | -40/+40 |
| | |||||
* | Remove BigInt::grow_reg which was only used by a few tests. | lloyd | 2012-07-31 | 3 | -18/+8 |
| | |||||
* | Rename activate to more descriptive change_cipher_spec | lloyd | 2012-07-29 | 5 | -28/+41 |
| | |||||
* | Use unique_ptr for handshake state, avoid lots of delete+nullptr assign | lloyd | 2012-07-29 | 4 | -48/+43 |
| | |||||
* | Clang warning about missing result type | lloyd | 2012-07-29 | 1 | -1/+1 |
| | |||||
* | If we're going to reject an insecure renegotiation, do it immediately, | lloyd | 2012-07-29 | 3 | -41/+63 |
| | | | | | | | | | | | | | even before parsing the client hello, since there is nothing the client can say in the hello that will change our mind about it. Call Policy::acceptable_protocol_version on the final negotiated version, not what the client offered! Clean up the server version choosing logic a bit. Add Protocol_Version::best_known_match which returns the 'best' version we know of matching a particular version. | ||||
* | Helper func for loading 24 bit value | lloyd | 2012-07-28 | 1 | -8/+15 |
| | |||||
* | Pass protocol to initiate_handshake | lloyd | 2012-07-28 | 2 | -5/+7 |
| |