aboutsummaryrefslogtreecommitdiffstats
path: root/doc/examples
Commit message (Collapse)AuthorAgeFilesLines
* Add a function for getting the version number of an active connection.lloyd2011-12-302-1/+33
| | | | | | | | Add a new callback that is called with the session info when a handshake completes. Currently only called on the server side as the client doesn't have session resumption yet. Rename CipherSuite to TLS_Cipher_Suite.
* New more interesting client, pipes stdin<->remote box via TLS alalloyd2011-12-301-74/+122
| | | | OpenSSL's s_client instead of just doing a one-shot request.
* Add support for sending server name indicator in client hellolloyd2011-12-292-5/+8
| | | | | | | | Add support for sending and reading the SRP identifier extension. Add some helper classes for managing TLS extensions Add ciphersuite codes for SRP key exchange.
* Just print printablelloyd2011-12-281-2/+0
|
* Don't stall on errorlloyd2011-12-281-3/+6
|
* Additional bits for SSLv3 client authlloyd2011-12-281-1/+4
|
* Working though hacking client verify (server side only). Only supportslloyd2011-12-282-3/+8
| | | | | TLS 1.0/1.1, SSLv3 uses a different hash format. Only RSA certs tested so far.
* Make the server example less fragile, write a class that emulates thelloyd2011-12-271-30/+118
| | | | old blocking interface and use that.
* Initial hooks for session resumptionlloyd2011-12-231-0/+3
|
* Centralize a lot of the handshaking and message parsing in TLS_Channellloyd2011-12-235-196/+36
| | | | Also delete the obsolete/never worked CMS examples
* First stab at an event driven TLS client.lloyd2011-12-232-37/+92
|
* Detect (though not using) the CPUID bit for the RDRAND instructionlloyd2011-06-161-0/+1
|
* Fix linking for exampleslloyd2011-06-061-1/+1
| | | | Update download links before I forget
* Fix the very basic operations for encoding and decoding alloyd2011-05-171-1/+1
| | | | | | | | | certificate policies extension, though it's really not supported at all. Remove test code from secmem.h Fix building the examples
* A few more WinSock fixes for TLS exampleslloyd2011-04-293-9/+12
|
* Calling &str[str.size()] is only valid if str is const; otherwise thelloyd2011-04-293-31/+82
| | | | | | | | | | | | | | results are undefined. This happens to work under GCC and most other compilers, but does not under Visual C++ 2010. This broke hex_encode when encoding an empty input, and this subsequently broke SSL handshaking. 2010 includes a TR1 that works fine for SSL, but it puts the headers in the main header space rather than under tr1/, so account for that. Hack the socket header into working under WinSock Tick version to 1.10.0
* Some doc updates, include the DSA examples in pubkey, remove outdatedlloyd2011-04-204-6/+7
| | | | | and probably useless threads section, also fix compilation of several examples.
* It's likely that other FPE methods will be desirable once they arelloyd2011-04-201-3/+3
| | | | | | | standardized by NIST; the FPE currently included is just a random one that was relatively easy to implement. Move the header to fpe_fe1.h, and rename the function. Update the example and add some documentation for it.
* More doc updateslloyd2011-04-083-29/+5
|
* ECC private keys had two different constructors, one taking a grouplloyd2011-04-0817-326/+85
| | | | | | | | | | | | | | | | and a random number generator, and the other taking a group and a preset private key value. The DL private keys instead have on constructor for this; if the x value is zero, then a new random key is created. For consistency, do this with ECC as well. ECDH actually didn't have one of these constructors, forcing you to either load from PKCS #8 or else use a random key. Rename EC_Domain_Params to EC_Group, with a typedef for compatability. More doc updates. Update mtn ignores for Sphinx output
* Drop the GTK example; it probably makes more sense to use threadslloyd2011-04-085-708/+0
| | | | | for things like this, and the User_Interface class is going to die as soon as I can manage it, anyway.
* More pubkey doc updateslloyd2011-04-0867-0/+6852
|
* Convert most of the documentation to reStructured Text, addinglloyd2011-04-0460-6381/+0
| | | | | | | | | | | | | | | | | | | a makefile to build it with Sphinx (http://sphinx.pocoo.org/). Previously credits.txt listed public domain code sources; instead directly credit the authors in the relevant files and delete that file. Drop the draft FIPS 140 security policy; I can't imagine FIPS 140 validation will ever happen, and if it does, I don't want anything to do with it. Also drop the internals doc, which was so out of date (and incomplete) as to be worthless. Move the tutorials and InSiTo pdfs into old/ for the time being, until anything relevant from them can be filtered out and converted into RST.
* Add bcrypt and keywrap exampleslloyd2011-02-232-0/+83
|
* Fix tls_server example compilationlloyd2010-11-301-2/+8
|
* Remove incorrect commentlloyd2010-11-291-16/+4
|
* Inherit policy and override check_certlloyd2010-11-292-2/+33
|
* Add X509_Certificate::to_stringlloyd2010-11-291-122/+1
| | | | The x509info example now just calls that
* MemoryRegion::set was removedlloyd2010-11-291-1/+2
|
* New way of specifying key lengthslloyd2010-10-291-1/+6
|
* Remove use of lookupslloyd2010-10-292-6/+10
|
* Make TLS_Client entirely via callbacks, not talking to Socket directlylloyd2010-10-191-1/+3
|
* Use binary I/O where neededlloyd2010-10-1510-11/+11
|
* Fix exampleslloyd2010-10-134-7/+11
|
* Fix compilation of examples; benchmarking and RNG changes mostlylloyd2010-10-125-35/+13
|
* Fix examples for destroy being renamed clearlloyd2010-09-132-2/+2
|
* Remove more uses of vector to pointer implicit conversionslloyd2010-09-131-1/+5
|
* Read input as binarylloyd2010-09-081-1/+1
|
* Specify the target host and port for tls_client on the command linelloyd2010-09-081-3/+18
|
* Big, invasive but mostly automated change, with a further attempt atlloyd2010-09-071-1/+1
| | | | | | | | | | | | | | harmonising MemoryRegion with std::vector: The MemoryRegion::clear() function would zeroise the buffer, but keep the memory allocated and the size unchanged. This is very different from STL's clear(), which is basically the equivalent to what is called destroy() in MemoryRegion. So to be able to replace MemoryRegion with a std::vector, we have to rename destroy() to clear() and we have to expose the current functionality of clear() in some other way, since vector doesn't support this operation. Do so by adding a global function named zeroise() which takes a MemoryRegion which is zeroed. Remove clear() to ensure all callers are updated.
* Oops... renamed this quite a while ago, never updated examplelloyd2010-09-071-6/+6
|
* Allow generating larger keys in rsa_kgen example (up to 16K bits)lloyd2010-08-181-1/+1
|
* Missing include, VC++ complainedlloyd2010-08-121-0/+1
|
* Organize CPUID output a little more nicelylloyd2010-07-281-4/+10
|
* Add support in CPUID for detecting PCMULUDQ and MOVBE instructions.lloyd2010-07-271-5/+4
| | | | Rename CPUID::has_aes_intel to has_aes_ni.
* Modify CPUID so all the check functions are purely inline. Add a newlloyd2010-07-261-2/+4
| | | | | initialize() call which must be called prior to use of any other functions.
* Removed UI herelloyd2010-07-121-3/+1
|
* Rename S2K to PBKDF, because that is by far the most common name - S2Klloyd2010-07-094-35/+37
| | | | | | | | | | | | | really is only used by OpenPGP, and largely it was named S2K here because the OpenPGP S2K was implemented years before the ones in PKCS #5. We have a typedef of PBKDF to S2K, and an inlined get_s2k that calls get_pbkdf for source compatability. There doesn't seem to be any reason to have a forward for the renamed s2k.h header - to actually use a PBKDF, you'd have to either include lookup.h and call get_s2k / get_pbkdf, or else include an algorithm-specific header and use it directly. In either case, including s2k.h is neither necessary nor sufficient.
* Read and save the files in binary mode to avoid weird EOF problemslloyd2010-07-072-2/+2
| | | | on Windows.
* Add detection support for upcoming AVXlloyd2010-06-251-0/+1
|