aboutsummaryrefslogtreecommitdiffstats
path: root/doc/examples
Commit message (Collapse)AuthorAgeFilesLines
* Add makefile dependency on credentials.h. Use 1024 bit keys forlloyd2012-02-273-11/+19
| | | | RSA/DSA. Add function for choosing thread count.
* Create and save certs on the fly for hostnames as they are asked forlloyd2012-02-031-17/+89
|
* Split up the psk function as the server also wants to be able to looklloyd2012-01-271-0/+14
| | | | up a PSK from an identity.
* Use boost::asio instead of standalone asio as it's more commonlylloyd2012-01-273-44/+49
| | | | | available. If an error occurs in loading a certificate, etc then simply ignore it.
* Change callback interface to pass the Alert object itself insteadlloyd2012-01-263-14/+14
| | | | | | of just the type code. Implement Alert::type_string
* Need boost_thread for asio example nowlloyd2012-01-261-0/+3
|
* Use multiple threads in asio example serverlloyd2012-01-261-13/+74
|
* We can now actually handle multiple certificate types in the serverlloyd2012-01-241-5/+25
| | | | | and will choose one depending on which ciphersuites the client offered.
* The credentials manager interface seems a much better place for certlloyd2012-01-234-157/+61
| | | | | | | | | checking, allowed client auth CAs, etc than the policy class. With this change, most users won't ever need to modify the default policy which is likely a good thing. Remove copy and paste of the credentials manager implemenation in the examples.
* Update examples with new ciphersuite string printerlloyd2012-01-232-5/+4
|
* Since this branch is hugely API breaking already, go ahead and putlloyd2012-01-233-26/+27
| | | | | everything into a new namespace (Botan::TLS), removing the TLS_ prefixes on everything.
* Cast to int, cout gets confused by unsigned charlloyd2012-01-201-3/+3
|
* Kinda maybe working TLS 1.2 for clients. Not well tested at all, but alloyd2012-01-191-1/+1
| | | | | | | | basic connection with a GnuTLS server does work. Currently we don't respect the signature_algorithms extension at all, and using SHA-256 with a 12-byte finished value is hardcoded though the spec is that it can depend on the ciphersuite (likely relevant for GOST ciphersuites in particular).
* Some cleanups, use cout instead of printflloyd2012-01-191-21/+53
|
* s/queue_for_sending/sendlloyd2012-01-181-2/+2
|
* Small fixeslloyd2012-01-162-15/+4
|
* Avoid overlapping writes. Pretend to be an HTTP serverlloyd2012-01-071-19/+79
|
* Various example updates. Add a new TLS server example that uses asiolloyd2012-01-064-26/+296
|
* Add support for next protocol negotiation. Client only currently;lloyd2012-01-041-2/+15
| | | | tested with google.com:443
* Example fixeslloyd2012-01-032-3/+9
|
* Add Credentials_Manager which is an interface to something that knowslloyd2012-01-031-18/+48
| | | | | what certs, keys, etc are available to the app. Needs polishing but it seems like it should be sound.
* Add support for client-side session resumptionlloyd2011-12-311-66/+77
|
* Rename the session type to 'TLS_Session'. Split the manager out intolloyd2011-12-302-2/+4
| | | | its own file. Rename tls_state to tls_handshake_state.
* Add a function for getting the version number of an active connection.lloyd2011-12-302-1/+33
| | | | | | | | Add a new callback that is called with the session info when a handshake completes. Currently only called on the server side as the client doesn't have session resumption yet. Rename CipherSuite to TLS_Cipher_Suite.
* New more interesting client, pipes stdin<->remote box via TLS alalloyd2011-12-301-74/+122
| | | | OpenSSL's s_client instead of just doing a one-shot request.
* Add support for sending server name indicator in client hellolloyd2011-12-292-5/+8
| | | | | | | | Add support for sending and reading the SRP identifier extension. Add some helper classes for managing TLS extensions Add ciphersuite codes for SRP key exchange.
* Just print printablelloyd2011-12-281-2/+0
|
* Don't stall on errorlloyd2011-12-281-3/+6
|
* Additional bits for SSLv3 client authlloyd2011-12-281-1/+4
|
* Working though hacking client verify (server side only). Only supportslloyd2011-12-282-3/+8
| | | | | TLS 1.0/1.1, SSLv3 uses a different hash format. Only RSA certs tested so far.
* Make the server example less fragile, write a class that emulates thelloyd2011-12-271-30/+118
| | | | old blocking interface and use that.
* Initial hooks for session resumptionlloyd2011-12-231-0/+3
|
* Centralize a lot of the handshaking and message parsing in TLS_Channellloyd2011-12-235-196/+36
| | | | Also delete the obsolete/never worked CMS examples
* First stab at an event driven TLS client.lloyd2011-12-232-37/+92
|
* Detect (though not using) the CPUID bit for the RDRAND instructionlloyd2011-06-161-0/+1
|
* Fix linking for exampleslloyd2011-06-061-1/+1
| | | | Update download links before I forget
* Fix the very basic operations for encoding and decoding alloyd2011-05-171-1/+1
| | | | | | | | | certificate policies extension, though it's really not supported at all. Remove test code from secmem.h Fix building the examples
* A few more WinSock fixes for TLS exampleslloyd2011-04-293-9/+12
|
* Calling &str[str.size()] is only valid if str is const; otherwise thelloyd2011-04-293-31/+82
| | | | | | | | | | | | | | results are undefined. This happens to work under GCC and most other compilers, but does not under Visual C++ 2010. This broke hex_encode when encoding an empty input, and this subsequently broke SSL handshaking. 2010 includes a TR1 that works fine for SSL, but it puts the headers in the main header space rather than under tr1/, so account for that. Hack the socket header into working under WinSock Tick version to 1.10.0
* Some doc updates, include the DSA examples in pubkey, remove outdatedlloyd2011-04-204-6/+7
| | | | | and probably useless threads section, also fix compilation of several examples.
* It's likely that other FPE methods will be desirable once they arelloyd2011-04-201-3/+3
| | | | | | | standardized by NIST; the FPE currently included is just a random one that was relatively easy to implement. Move the header to fpe_fe1.h, and rename the function. Update the example and add some documentation for it.
* More doc updateslloyd2011-04-083-29/+5
|
* ECC private keys had two different constructors, one taking a grouplloyd2011-04-0817-326/+85
| | | | | | | | | | | | | | | | and a random number generator, and the other taking a group and a preset private key value. The DL private keys instead have on constructor for this; if the x value is zero, then a new random key is created. For consistency, do this with ECC as well. ECDH actually didn't have one of these constructors, forcing you to either load from PKCS #8 or else use a random key. Rename EC_Domain_Params to EC_Group, with a typedef for compatability. More doc updates. Update mtn ignores for Sphinx output
* Drop the GTK example; it probably makes more sense to use threadslloyd2011-04-085-708/+0
| | | | | for things like this, and the User_Interface class is going to die as soon as I can manage it, anyway.
* More pubkey doc updateslloyd2011-04-0867-0/+6852
|
* Convert most of the documentation to reStructured Text, addinglloyd2011-04-0460-6381/+0
| | | | | | | | | | | | | | | | | | | a makefile to build it with Sphinx (http://sphinx.pocoo.org/). Previously credits.txt listed public domain code sources; instead directly credit the authors in the relevant files and delete that file. Drop the draft FIPS 140 security policy; I can't imagine FIPS 140 validation will ever happen, and if it does, I don't want anything to do with it. Also drop the internals doc, which was so out of date (and incomplete) as to be worthless. Move the tutorials and InSiTo pdfs into old/ for the time being, until anything relevant from them can be filtered out and converted into RST.
* Add bcrypt and keywrap exampleslloyd2011-02-232-0/+83
|
* Fix tls_server example compilationlloyd2010-11-301-2/+8
|
* Remove incorrect commentlloyd2010-11-291-16/+4
|
* Inherit policy and override check_certlloyd2010-11-292-2/+33
|
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-23 22:42:26 +0000