Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Create and save certs on the fly for hostnames as they are asked for | lloyd | 2012-02-03 | 1 | -17/+89 |
| | |||||
* | Actually check CA signatures in Credentials_Manager. This area needs a | lloyd | 2012-02-01 | 6 | -18/+55 |
| | | | | lot more work before this can be deployed. | ||||
* | Support getting ciphersuites by name as well as suite ID | lloyd | 2012-01-28 | 6 | -10/+29 |
| | |||||
* | Add Camellia ciphersuites from RFC 4132. | lloyd | 2012-01-28 | 3 | -5/+40 |
| | | | | | | Fix Ciphersuite_Preference_Ordering which treated two ciphersuites with the same algos but different keylengths as equivalent, causing them to be lost. Always prefer the longer key. | ||||
* | propagate from branch 'net.randombit.botan' (head ↵ | lloyd | 2012-01-28 | 104 | -4792/+9200 |
|\ | | | | | | | | | | | 3f6b267bc00d2da1b5d36ca2215c3e1b6a40e796) to branch 'net.randombit.botan.tls-state-machine' (head 7df407e6678bd51328c348fd2a665f20fb22d62d) | ||||
| * | Add anon SRP ciphersuites to the list, add missing _CBC on the | lloyd | 2012-01-28 | 2 | -12/+27 |
| | | | | | | | | existing enum values. | ||||
| * | Support alternate PRF hashes in TLS 1.2. Add support for the SHA-384 | lloyd | 2012-01-28 | 8 | -74/+90 |
| | | | | | | | | ciphersuites. | ||||
| * | Fix inverted conditional | lloyd | 2012-01-27 | 1 | -2/+2 |
| | | |||||
| * | Change naming convention to match RFCs | lloyd | 2012-01-27 | 5 | -30/+26 |
| | | |||||
| * | Remove debug output | lloyd | 2012-01-27 | 1 | -11/+0 |
| | | |||||
| * | Server side PSK | lloyd | 2012-01-27 | 4 | -101/+124 |
| | | |||||
| * | Working though somewhat clumsy DHE_PSK and ECDHE_PSK. Tested against GnuTLS | lloyd | 2012-01-27 | 5 | -24/+100 |
| | | |||||
| * | Somewhat cleaner PSK handling | lloyd | 2012-01-27 | 3 | -27/+34 |
| | | |||||
| * | Server side PSK kex | lloyd | 2012-01-27 | 4 | -13/+37 |
| | | |||||
| * | Split up the psk function as the server also wants to be able to look | lloyd | 2012-01-27 | 4 | -22/+51 |
| | | | | | | | | up a PSK from an identity. | ||||
| * | Credentials hooks for PSK | lloyd | 2012-01-27 | 2 | -2/+27 |
| | | |||||
| * | Add client-side support for PSK kex. Tested against OpenSSL. | lloyd | 2012-01-27 | 8 | -14/+97 |
| | | |||||
| * | Use boost::asio instead of standalone asio as it's more commonly | lloyd | 2012-01-27 | 3 | -44/+49 |
| | | | | | | | | | | available. If an error occurs in loading a certificate, etc then simply ignore it. | ||||
| * | First attempt to get certificates matching the name the client sent in | lloyd | 2012-01-27 | 1 | -3/+27 |
| | | | | | | | | | | the SNI extension. If we can't find anything, send an unrecognized_name alert and then retry with the requested server name as "" (ie default). | ||||
| * | Remove Alert::Level enum, replace with bool | lloyd | 2012-01-26 | 5 | -14/+10 |
| | | |||||
| * | Change callback interface to pass the Alert object itself instead | lloyd | 2012-01-26 | 11 | -31/+100 |
| | | | | | | | | | | | | of just the type code. Implement Alert::type_string | ||||
| * | Make Alert a first class object ala Version. Move the alert codes into | lloyd | 2012-01-26 | 23 | -177/+224 |
| | | | | | | | | the Alert class for namespacing. | ||||
| * | Need boost_thread for asio example now | lloyd | 2012-01-26 | 1 | -0/+3 |
| | | |||||
| * | Use multiple threads in asio example server | lloyd | 2012-01-26 | 1 | -13/+74 |
| | | |||||
| * | Deleting the return of private_key_for in the TLS server forces the | lloyd | 2012-01-26 | 4 | -11/+11 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | credentials server to return a new copy each time which is slow and mostly pointless. Instead, specify that the key remains owned by the credentials manager. This is theoretically an issue if you have thousands of keys to manage; the credentials server doesn't actually know when they have gone out of scope until its destructor runs. So it could be forced to use a lot of memory in the meantime. I'm not sure that this is a case worth optimizing for, at least until someone comes along who actually has this as a problem. | ||||
| * | Clean up record writer a bit | lloyd | 2012-01-25 | 1 | -55/+60 |
| | | |||||
| * | Move around the order of arguments to activate() and add the | lloyd | 2012-01-25 | 5 | -14/+30 |
| | | | | | | | | | | compression method (currently we just ensure that no compression was negotiated) | ||||
| * | In earlier versions, key exchange == "RSA" meant export-style | lloyd | 2012-01-25 | 5 | -20/+22 |
| | | | | | | | | | | | | | | | | | | | | | | | | ephemeral RSA, and key exchange == "" meant RSA via the key in the server certificate. However we don't support any of the export suites anymore (and in fact that code probably never worked), so use kex algo == "RSA" to represent the server cert case as it's much easier to read the code and to understand from a policy configuration perspective. Also fix the default policy, "TripleDES" != "3DES" so we would not offer (as a client) and would reject (as a server) any 3DES ciphersuites. | ||||
| * | Move all key exchange mechanism code (eg DH/ECDH/SRP) out of the | lloyd | 2012-01-25 | 6 | -95/+143 |
| | | | | | | | | | | server handshake flow and into the server and client key exchange message types. It already was hidden from the client handshake code. | ||||
| * | Fix printing PSK ciphersuites. Better assert msg. | lloyd | 2012-01-25 | 2 | -14/+17 |
| | | |||||
| * | Convenience method | lloyd | 2012-01-25 | 1 | -0/+2 |
| | | |||||
| * | Go back to choosing the ciphersuite based on the server's preferences. | lloyd | 2012-01-25 | 5 | -25/+57 |
| | | | | | | | | | | | | | | | | | | The client can constrain their offering if they want to. Add identifiers for PSK suites (not implemented) Rename hide_unknown_srp_users to hide_unknown_users as it can be used for PSK as well. | ||||
| * | Hiding SRP users or not is policy. Not sure what the default should be for this | lloyd | 2012-01-25 | 1 | -2/+10 |
| | | |||||
| * | Storing the version as a single u16bit makes compares simpler | lloyd | 2012-01-24 | 1 | -27/+14 |
| | | |||||
| * | Move extension type here, no need to make it visible to apps | lloyd | 2012-01-24 | 2 | -20/+20 |
| | | |||||
| * | s/tls_suites/tls_ciphersuite/ | lloyd | 2012-01-24 | 8 | -13/+14 |
| | | |||||
| * | Require ECDH and ECDSA modules for TLS. This is slightly non-optimal | lloyd | 2012-01-24 | 1 | -0/+2 |
| | | | | | | | | | | | | | | in that RedHat doesn't want to ship ECC of any kind, which would prevent shipping TLS as well, but actually IIRC they'll want to physically strip out the code anyway (just #if 0 wasn't good enough), so they can just patch the whole thing out if they want. | ||||
| * | Add support for the IDEA ciphersuite, though don't require it to be | lloyd | 2012-01-24 | 3 | -1/+13 |
| | | | | | | | | | | compiled in for TLS as IIRC it's still patented in Europe for another year or two. | ||||
| * | Fix ECC curve negotiation on the server side. | lloyd | 2012-01-24 | 2 | -35/+34 |
| | | | | | | | | | | | | | | | | | | | | Avoid accidentally negotiating SRP. Fix TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 which was marked as an ECDSA suite. Tested to work with OpenSSL 1.0.1 beta. Remove SHA-384 suites for now so we won't negotiate them as the right hooks for the PRF do not exist yet. | ||||
| * | We can now actually handle multiple certificate types in the server | lloyd | 2012-01-24 | 9 | -62/+112 |
| | | | | | | | | | | and will choose one depending on which ciphersuites the client offered. | ||||
| * | Remove Certificate_Type enum | lloyd | 2012-01-24 | 3 | -16/+52 |
| | | |||||
| * | ECDSA support. Only client side tested | lloyd | 2012-01-24 | 2 | -4/+4 |
| | | |||||
| * | Send the supported elliptic curves extension. Instead of hardcoding | lloyd | 2012-01-24 | 8 | -23/+66 |
| | | | | | | | | | | | | | | the values let policy specify them. Also choose an ECC curve for server kex from the client hello. Choice is via policy, default implementation is to choose the first curve the client supports out of the server's preference list. | ||||
| * | Get the list of supported ECC curves out of the client hello, and | lloyd | 2012-01-24 | 5 | -4/+17 |
| | | | | | | | | | | avoid negotiating an ECDH key exchange if the client didn't send any curves that we know about. | ||||
| * | Forgot to check in server side ECDH key gen | lloyd | 2012-01-24 | 1 | -3/+11 |
| | | |||||
| * | Allow ECDH negotiation by default | lloyd | 2012-01-24 | 1 | -4/+1 |
| | | |||||
| * | For ECDH you don't strip leading zeros. Bikeshedding: 1 Consistency: 0 | lloyd | 2012-01-24 | 1 | -3/+5 |
| | | |||||
| * | Read ECDH client key exchange messages | lloyd | 2012-01-24 | 1 | -25/+26 |
| | | |||||
| * | Working ECDH key exchange. Only tested on client side but seems good | lloyd | 2012-01-24 | 3 | -37/+95 |
| | | | | | | | | | | | | | | there. Only named curves supported, likely won't ever support explicit curves cause that's just asking for problems. | ||||
| * | Cleanup | lloyd | 2012-01-24 | 1 | -10/+10 |
| | |