aboutsummaryrefslogtreecommitdiffstats
path: root/doc/manual/tls.rst
Commit message (Collapse)AuthorAgeFilesLines
* Reorg documentation layout. Rename manual to handbook.Jack Lloyd2019-05-311-1844/+0
|
* Fix some Sphinx warningsJack Lloyd2019-05-231-2/+2
|
* Add TLS::Stream code exampleHannes Rantzsch2019-05-231-0/+133
|
* Manual section for TLS::StreamHannes Rantzsch2019-05-231-0/+109
|
* doc: Fix up another broken code example in tls.rst刘群2019-05-071-1/+1
| | | | | class Server_Credentials is not defined in namespace Botan either. Signed-off-by: Liu Qun <[email protected]>
* doc: Fix up the broken code example tls_client.cpp刘群2019-05-071-1/+1
| | | | | class Client_Credentials is not defined in namespace Botan Signed-off-by: Liu Qun <[email protected]>
* added documentation for acceptable_ciphersuite() and ciphersuite_list()Sergii Cherkavskyi2019-03-271-0/+15
|
* Fix some ReST format errorsJack Lloyd2018-10-301-9/+9
| | | | Diagnosed by Sphinx 1.8.0
* Spell check the documentationJack Lloyd2018-09-281-8/+8
|
* Default disable support for TLS v1.0/v1.1 and all CBC and CCM suitesJack Lloyd2018-08-221-3/+20
|
* Document need for IMPLICIT to enable static RSA ciphersuitesJack Lloyd2018-07-041-7/+20
| | | | Fixes #1558
* Fix some document formatting bugsJack Lloyd2018-07-031-1/+1
|
* Fix ReST formattingJack Lloyd2018-04-041-2/+4
|
* Remove duplicate doc for tls_decode_group_paramJack Lloyd2018-03-281-5/+0
|
* Merge GH #1513 Update TLS docs re custom curvesJack Lloyd2018-03-281-11/+399
|\
| * updated tls client/server docsNever2018-03-271-5/+5
| |
| * add tls-custom-curve documentation + examplesNever2018-03-271-6/+394
| |
* | Update TLS docs re new APIs for 2.5 [ci skip]Jack Lloyd2018-03-281-0/+16
|/
* Remove vestigial support for TLS compressionJack Lloyd2018-01-211-9/+0
| | | | | It was never supported and never will be. Removing negotiation entirely simplifies the code a bit.
* Update manual to avoid use of old integer typedefs.Jack Lloyd2017-11-141-15/+15
|
* Add support for ARIA GCM ciphersuitesJack Lloyd2017-11-031-1/+2
| | | | Tested against OpenSSL master
* Merge GH #872 Add ability for TLS servers to prohibit renegotiationJack Lloyd2017-09-191-0/+8
|\
| * Add TLS::Policy::allow_client_initiated_renegotiationJack Lloyd2017-02-191-0/+8
| | | | | | | | Parallel of the server policy flag.
* | Add documentation that SNI must be FQDN.Alexander Bluhm2017-03-271-0/+4
| | | | | | | | server_info parameter of TLS::Client must not be an IP address.
* | Fix the default value (2048) of minimum_dh_group_size in the documentationlouiz’2017-03-071-1/+1
|/
* Add minimal example code to tls handbookRené Korthaus2017-02-131-2/+237
|
* Add note about CECPQ1 in TLS manualJack Lloyd2016-12-281-0/+16
| | | | [ci skip]
* Update tls_verify_cert_chain docs to reflect OCSP stapling changesJack Lloyd2016-12-041-5/+19
| | | | | | GH #755 [ci skip]
* Document TLS::Policy::require_cert_revocation_infoJack Lloyd2016-11-281-0/+20
|
* Address review comments from @cordneyJack Lloyd2016-11-251-2/+2
| | | | | | | | | | | | Primarily doc updates but also expose some more logic in PKIX namespace, overall_status and merge_revocation_status. This allows calling more or less all of the logic used by the monolitic x509_path_validate in any way needed by an application. Add Certificate_Store_In_Memory::add_crl variant taking shared_ptr Add optional Certificate_Store_In_Memory* pointer to check_crl_online, valid CRLs are saved there.
* Move TLS cert verification callback from Credentials_Manager to TLS::CallbacksJack Lloyd2016-11-231-2/+28
| | | | | | It is the only function in C_M which is called on to process session-specific (and adversarially provided) inputs, rather than passively returning some credential which is typically not session specific.
* Order default TLS ECC curve preferences by performanceJack Lloyd2016-11-191-2/+3
| | | | | | | | | | | | Moves x25519 to the front for best by-default side channel resistance, and orders remaining NIST/BP curves by performance rather than size. That means putting P-521 before P-384, since P-521 is much faster at least in Botan (due to much simpler modular reduction for P-521 prime), and Brainpools to the end due to being quite slow (no fast reductions). All of the supported curves seem strong enough, and if someone can break P-256 they can probably break P-384 as well so there doesn't seem much advantage in preferring slower curves by default.
* Add CECPQ1 TLS ciphersuitesJack Lloyd2016-11-171-2/+2
| | | | | | | | | | | | | Tested against BoringSSL (as client + server) and google.com (as client). Fix a stupid crashing bug in NewHope's BoringSSL mode. Remove unneeded error return from curve25519_donna - always returned 0. Default policy prefers ChaChaPoly1305 over GCM and CECPQ1 over ECDH/DH, which means the default no-extra-configuration ciphersuite (for Botan client speaking to Botan server) is a ciphersuite which is both implemented in constant time on all platforms and (hopefully) provides post quantum security. Good Things.
* Change TLS default policy to disable DSA, CCM-8, and static RSAJack Lloyd2016-11-021-18/+60
| | | | | | | | | | | | | | | Disables static RSA by default. The advantage here is twofold: enforcing forward security and protecting TLS servers from oracle attacks since by default they will never negotiate a suite which forces them to act as a decryption oracle. Some applications/users may be forced to enable RSA in order to speak with old or misconfigured peers, but these can be the exception not the default. Disable DSA and CCM-8 by default: if you need to enable these things, you know it. Adds TLS policy hooks to enforce DSA key sizes, default 2048 bits. Remove an incorrect warning about DTLS in the manual; the sequence number window check prevents this scenario from occuring.
* Merge GH #673 X25519 TLS key exchangeJack Lloyd2016-10-241-1/+1
|\
| * X25519 key exchange for TLSJack Lloyd2016-10-211-1/+1
| | | | | | | | | | Client interops with google.com, server not tested against an independent client yet.
* | Build the docs during CIJack Lloyd2016-10-221-3/+3
|/ | | | Fix various doc building problems/warnings.
* Update manualRené Korthaus2016-10-031-0/+13
|
* Add a Callbacks function for ALPNJack Lloyd2016-08-161-14/+30
|
* Changes to TLS::Callbacks for GH PR #457Jack Lloyd2016-08-161-76/+68
| | | | | | | | | | | | | | | | | | | | | | | | | | Make TLS::Channel::m_callbacks a reference, so deriving from TLS::Callbacks works Split out the compat (std::function) based interface to Compat_Callbacks. This avoids the overhead of empty std::functions when using the virtual interface, and ensures the virtual interface works since there is no callback path that does not involve a vtable lookup. Rename the TLS::Callback functions. Since the idea is that often an owning class will pass *this as the callbacks argument, it is good to namespace the virtual functions so as not to conflict with other names chosen by the class. Specifically, prefixes all cb functions with tls_ Revert changes to use the old style alert callback (with no longer used data/len params) so no API changes are required for old code. The new Callbacks interface continues to just receive the alert code itself. Switch to virtual function interface in CLI tls_client for testing. Inline tls_server_handshake_state.h - only used in tls_server.cpp Fix tests - test looked like it was creating a new client object but it was not actually being used. And when enabled, it failed because the queues were not being emptied in between. So, fix that.
* Fix formatting bugs in TLS docJack Lloyd2016-04-131-11/+6
| | | | | | | Fixes GH #460 Closes GH #474 [ci skip]
* Remove support for TLS v1.2 MD5 and SHA-224 signatures.Jack Lloyd2016-03-171-7/+4
| | | | | | | | | Remove support for weak ECC curves (anything under P-256) from TLS. This includes secp256k1 since we don't take advantage of the special form for any performance advantage; might as well use P-256. The manual still mentioned that it was possible to use MD5 in Policy::allowed_macs, but all HMAC-MD5 suites are already removed.
* Misc doc updatesJack Lloyd2016-01-041-0/+7
| | | | [ci skip]
* Replace path src/cmd/ by new src/cli/ in documentationSimon Warta2015-12-111-4/+2
| | | | | | Closes #356. [ci skip]
* Add TLS_PSK testsJack Lloyd2015-11-131-1/+2
| | | | | | | | | | | Fix a bug which rejected any short server key exchanges. These can occur with a plain PSK with short or empty identity hints. Disable SHA-224 by default. Remove some vestigal RC4 cruft. Push more on the TLS corruption tests.
* Merge pull request #314 from randombit/ct-tls-cbc-paddingJack Lloyd2015-10-261-2/+4
|\ | | | | TLS improvements
| * TLS improvementsJack Lloyd2015-10-251-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Use constant time operations when checking CBC padding in TLS decryption Fix a bug in decoding ClientHellos that prevented DTLS rehandshakes from working: on decode the session id and hello cookie would be swapped, causing confusion between client and server. Various changes in the service of finding the above DTLS bug that should have been done before now anyway - better control of handshake timeouts (via TLS::Policy), better reporting of handshake state in the case of an error, and finally expose the facility for per-message application callbacks.
* | Remove redundant function definitions from docsSimon Warta2015-10-201-10/+0
| | | | | | | | [ci skip]
* | Make Version_Code an enum type for documentationSimon Warta2015-10-201-1/+1
| | | | | | | | | | | | Confirm http://sphinx-doc.org/domains.html#directive-cpp:enum-struct [ci skip]
* | Update TLC::Client constructor documentationSimon Warta2015-10-201-13/+14
| | | | | | | | [ci skip]