aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/tls
Commit message (Expand)AuthorAgeFilesLines
* Add static_cast in uint8_t vs enum comparison.Jack Lloyd2017-01-281-2/+2
* Merge GH #814 Avoid negotiating CECPQ1 if x25519 ECC is disabledJack Lloyd2017-01-061-0/+10
|\
| * Avoid negotiating CECPQ1 if x25519 ECC is disabledJack Lloyd2017-01-051-0/+10
* | Add tests for certificate status messageJack Lloyd2017-01-041-8/+8
|/
* Increase default TLS DH min to 2048 bits, and add BSI policy class.Jack Lloyd2016-12-302-2/+56
* Add CECPQ1 OCB ciphersuitesJack Lloyd2016-12-301-1/+3
* Prohibit SHA256/SHA384 ciphersuites in TLS 1.0/1.1 (GH #496)Jack Lloyd2016-12-281-3/+10
* Export tls_messages.h as a public headerRené Korthaus2016-12-2320-30/+43
* Convert to using standard uintN_t integer typesJack Lloyd2016-12-1855-880/+881
* Disable TLS signature and finished message checks in fuzzer modeJack Lloyd2016-12-173-3/+23
* Fix bad deref when ciphersuite value is larger than largest known idJack Lloyd2016-12-051-1/+1
* Add TLS::Policy::require_cert_revocation_infoJack Lloyd2016-11-283-1/+14
* Merge GH #738 Add OCSP stapling to TLS clientJack Lloyd2016-11-2812-44/+291
|\
| * Add OCSP stapling support to TLS clientJack Lloyd2016-11-2612-44/+291
* | No reason to deprecate this (only internally called) constructorJack Lloyd2016-11-261-1/+2
* | Add TLS::Policy::to_stringJack Lloyd2016-11-262-0/+13
|/
* Merge GH #653 OCSP and X.509 path validation refactorJack Lloyd2016-11-259-86/+149
|\
| * Add missing Doxygen param [ci skip]Jack Lloyd2016-11-251-0/+2
| * Add minimum_signature_strenght to Text_PolicyJack Lloyd2016-11-252-3/+9
| * Add TLS::Policy::minimum_signature_strengthJack Lloyd2016-11-256-5/+25
| * Address review comments from @cordneyJack Lloyd2016-11-251-0/+1
| * Add the documented function for OCSP timeoutsJack Lloyd2016-11-232-3/+10
| * Move TLS cert verification callback from Credentials_Manager to TLS::CallbacksJack Lloyd2016-11-237-83/+110
* | Simplify TLS::Ciphersuite::cbc_ciphersuiteJack Lloyd2016-11-251-3/+1
* | Simplify TLS::Handshake_Hash::updateJack Lloyd2016-11-251-9/+5
|/
* TLS CBC functionality now exposed to the library developer. Useful for direct...Juraj Somorovsky2016-11-191-1/+1
* Order default TLS ECC curve preferences by performanceJack Lloyd2016-11-191-4/+6
* Add CECPQ1 TLS ciphersuitesJack Lloyd2016-11-176-14/+92
* Fix incompatability with (some) common TLS stackJack Lloyd2016-11-164-15/+26
* Add new TLS callback for when session is activatedJack Lloyd2016-11-162-0/+8
* Pubkey cleanupsJack Lloyd2016-11-121-3/+1
* Cipher_Mode and AEAD_Mode improvementsDaniel Neus2016-11-082-2/+13
* Add an in-house EC curve for TLS at compile-timeRené Korthaus2016-11-031-0/+10
* Simplify some code by using T::create_or_throwJack Lloyd2016-11-032-12/+3
* Change TLS default policy to disable DSA, CCM-8, and static RSAJack Lloyd2016-11-022-11/+32
* Add TLS callbacks for debug and error logging.Jack Lloyd2016-10-281-2/+28
* Fix TLS resumption bugsJack Lloyd2016-10-272-20/+27
* Fixes for build without 25519Jack Lloyd2016-10-241-3/+3
* Merge GH #673 X25519 TLS key exchangeJack Lloyd2016-10-244-36/+92
|\
| * X25519 key exchange for TLSJack Lloyd2016-10-214-36/+92
* | Merge GH #675 Lucky13 countermeasuresJack Lloyd2016-10-242-0/+82
|\ \
| * | Final changes, now using the countermeasure from the Lucky 13 paper again (or...Juraj Somorovsky2016-10-231-36/+32
| * | SHA384 countermeasure (not perfect, but makes the attack harder)Juraj Somorovsky2016-10-221-19/+27
| * | Lucky 13 patch for SHA-1 and SHA-256Juraj Somorovsky2016-10-162-0/+78
* | | Address some Coverity warningsJack Lloyd2016-10-221-7/+7
| |/ |/|
* | Tighten up TLS server handshake logic.Jack Lloyd2016-10-201-20/+15
* | Fix doxygen warnings [ci skip]René Korthaus2016-10-197-19/+25
* | Improve tls doxygen [ci skip]René Korthaus2016-10-199-0/+99
* | Maintainer mode fixesJack Lloyd2016-10-172-11/+7
* | In TLS::Session_Keys return values by referenceJack Lloyd2016-10-171-6/+6