aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/tls/msg_client_kex.cpp
Commit message (Collapse)AuthorAgeFilesLines
* Export tls_messages.h as a public headerRené Korthaus2016-12-231-2/+4
| | | | | | | TLS::Callbacks::inspect_handshake_message() allows applications to inspect all handshake messages, but this requires access to the types in tls_messages.h. As a matter of fact, this also exports tls_extensions.h as a public header.
* Convert to using standard uintN_t integer typesJack Lloyd2016-12-181-29/+29
| | | | | | Renames a couple of functions for somewhat better name consistency, eg make_u32bit becomes make_uint32. The old typedefs remain for now since probably lots of application code uses them.
* Add CECPQ1 TLS ciphersuitesJack Lloyd2016-11-171-10/+39
| | | | | | | | | | | | | Tested against BoringSSL (as client + server) and google.com (as client). Fix a stupid crashing bug in NewHope's BoringSSL mode. Remove unneeded error return from curve25519_donna - always returned 0. Default policy prefers ChaChaPoly1305 over GCM and CECPQ1 over ECDH/DH, which means the default no-extra-configuration ciphersuite (for Botan client speaking to Botan server) is a ciphersuite which is both implemented in constant time on all platforms and (hopefully) provides post quantum security. Good Things.
* Fixes for build without 25519Jack Lloyd2016-10-241-3/+3
|
* X25519 key exchange for TLSJack Lloyd2016-10-211-19/+42
| | | | | Client interops with google.com, server not tested against an independent client yet.
* Remove Algo_Registry usage from public key code.Jack Lloyd2016-10-071-5/+5
| | | | | | | | Instead the key types exposes operations like `create_encryption_op` which will return the relevant operation if the algorithm supports it. Changes pubkey.h interface, now RNG is passed at init time. Blinder previous created its own RNG, now it takes it from app.
* Minor improvementsRené Korthaus2016-10-031-8/+3
|
* Support encoding of supported point formats extensionRené Korthaus2016-10-031-1/+9
|
* Address some issues with PR 492Jack Lloyd2016-08-131-0/+4
| | | | | | | | | | | | | | | | Adds copyright notices for Juraj Somorovsky and Christian Mainka of Hackmanit for the changes in 7c7fcecbe6a and 6d327f879c Add Policy::check_peer_key_acceptable which lets the app set an arbitrary callback for examining keys - both the end entity signature keys from certificates and the peer PFS public keys. Default impl checks that the algorithm size matches the min keylength. This centralizes this logic and lets the application do interesting things. Adds a policy for ECDSA group size checks. Increases default policy minimums to 2048 RSA and 256 ECC. (Maybe I'm an optimist after all.)
* Encrypt-then-MAC extension (RFC 7366)Juraj Somorovsky2016-05-111-7/+0
| | | | | | Introduced a countermeasure against the logjam attack Short TLS records (AES-CBC) now return BAD_RECORD_MAC Fixed a compatibility problem with OpenSSL and TLS 1.0 (BEAST countermeasure)
* Add PK_Decryptor::decrypt_or_randomJack Lloyd2016-03-201-30/+22
| | | | | Performs content checks on the value (expected length, expected bytes) and in constant time returns either the decrypted value or a random value.
* Client must verify that the server sent an ECC curve which policy accepts.Jack Lloyd2016-03-171-0/+6
| | | | | Otherwise a MITM who can in real time break any supported ECC curve can downgrade us.
* Make SRP6 support optional in TLSJack Lloyd2016-02-071-3/+12
| | | | | | | | Remove SRP_SHA from the default policy, since normal applications do not need it. Removes nullptr initializers of unique_ptrs in the Server_Key_Exchange constructor, that's the default unique_ptr already.
* some trivial compiler/PVS-Studio warning fixesDaniel Neus2015-12-221-1/+1
|
* Drop the DH group check to a weaker version of the checksJack Lloyd2015-11-131-2/+3
| | | | since the primality tests are expensive in CPU time.
* Asan fix - referencing &vec[vec.size()] instead of vec.end()Jack Lloyd2015-10-261-22/+3
| | | | Convert to a const time algo
* Remove SSLv3 and handling of SSLv2 client hellos.lloyd2015-01-111-14/+4
|
* Ensure all files have copyright and license info.lloyd2015-01-101-1/+1
| | | | | Update license header line to specify the terms and refer to the file, neither of which it included before.
* Fix a couple things pointed out by VC++ warnings.lloyd2014-12-221-4/+0
|
* Have TLS_Data_Reader decoding errors include the actual msg type namelloyd2014-04-121-4/+4
|
* Guess I won't be needing theselloyd2014-01-181-1/+0
|
* Move lib into srclloyd2014-01-101-0/+419