aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/tls
Commit message (Collapse)AuthorAgeFilesLines
* Remove redundant checkJack Lloyd2017-10-201-3/+0
| | | | | | CBC mode already has this same size check. [ci skip]
* Use base CBC modes to implement TLS CBC ciphersuitesJack Lloyd2017-10-193-49/+36
| | | | | This reduces code and also lets TLS make use of parallel decryption which it was not doing before.
* Additional final annotationsJack Lloyd2017-10-151-2/+2
|
* Add comments explaining why its ok to rely on deprecated features here.Jack Lloyd2017-10-092-0/+8
| | | | [ci skip]
* Add a special Compat_Callbacks constructor to silence deprecation warnings.Jack Lloyd2017-10-093-7/+24
| | | | | | That way we avoid the warning internally even in amalgamation mode. GH #1243
* Address various GCC warningsJack Lloyd2017-10-062-5/+5
| | | | | Things like -Wconversion and -Wuseless-cast that are noisy and not on by default.
* Avoid empty methods, use =default or add a commentJack Lloyd2017-10-033-3/+3
| | | | Sonar
* Add wrappers for reinterpret_cast between char* and uint8_t*Jack Lloyd2017-10-033-8/+6
| | | | | | | Generally speaking reinterpret_cast is sketchy stuff. But the special case of char*/uint8_t* is both common and safe. By isolating those, the remaining (likely sketchy) cases are easier to grep for.
* Remove redundant parensJack Lloyd2017-10-031-1/+1
| | | | Sonar
* Remove various unused variablesJack Lloyd2017-10-021-2/+0
| | | | Sonar finds
* Make TLS::Blocking_Client non-finalJack Lloyd2017-10-021-1/+1
| | | | It is intended for derivation! Just not tested...
* Make kv in TLS_Text_Policy private, add protected setterJack Lloyd2017-10-022-0/+14
|
* Use class instead of struct for objects with member functionsJack Lloyd2017-09-301-3/+4
| | | | Flagged by Sonar and quite reasonable
* In TLS CBC padding check, only need to verify last 256 bytesJack Lloyd2017-09-291-8/+16
| | | | | No reason to scan the entire record since it's assured at most 256 bytes of padding are used. Inspired by GH #1227
* Add a test of TLS CBC padding verificationJack Lloyd2017-09-292-9/+12
| | | | See also GH #1227
* Fixes for MSVCJack Lloyd2017-09-281-2/+1
| | | | BOTAN_UNUSED "uses" the RNG :/
* Further header cleanupsJack Lloyd2017-09-282-0/+3
|
* More build fixesJack Lloyd2017-09-241-1/+2
|
* Avoid deprecated warning in tls_blocking.cppJack Lloyd2017-09-221-0/+6
| | | | We don't care because the whole file is itself deprecated.
* Apply final annotations to the library alsoJack Lloyd2017-09-2218-25/+25
| | | | | Done by a perl script which converted all classes to final, followed by selective reversion where it caused compilation failures.
* De-inline TLS::Text_PolicyJack Lloyd2017-09-214-122/+302
| | | | | Getting a little large to be all defined in a header, and sticking it in a source file allows removing several includes from tls_policy.h
* More include header cleanupsJack Lloyd2017-09-2132-30/+19
|
* Header file cleanupsJack Lloyd2017-09-214-0/+4
| | | | Some help from include-what-you-use
* Change header guard format to BOTAN_FOO_H_Jack Lloyd2017-09-2028-56/+56
| | | | | | ISO C++ reserves names with double underscores in them Closes #512
* More annotationsJack Lloyd2017-09-192-9/+9
|
* Add API stability annotations.Jack Lloyd2017-09-1920-35/+35
| | | | | Defined in build.h, all equal to BOTAN_DLL so ties into existing system for exporting symbols.
* Merge GH #872 Add ability for TLS servers to prohibit renegotiationJack Lloyd2017-09-193-2/+16
|\
| * Fix logic of renegotiation checkJack Lloyd2017-02-203-4/+6
| | | | | | | | | | | | Turning the policy off broke the server entirely. Expose the new flag to Text_Policy
| * Add TLS::Policy::allow_client_initiated_renegotiationJack Lloyd2017-02-193-2/+14
| | | | | | | | Parallel of the server policy flag.
* | Use constant_time_compare instead of same_memJack Lloyd2017-09-162-3/+3
| | | | | | | | New name, same great operation
* | Correct TLS::Policy::latest_supported_versionJack Lloyd2017-09-041-2/+16
| | | | | | | | | | This would do the wrong thing if TLS v1.2 was disabled but v1.0/v1.1 allowed.
* | De-inline accessor functions in Client_Hello typeJack Lloyd2017-09-012-93/+130
| | | | | | | | | | This class is exposed but the extension types aren't, so calls to these functions from outside the library would not link.
* | Don't try enforcing the hash policy for PSK ciphersuitesJack Lloyd2017-09-011-1/+1
| | | | | | | | Since we don't end up signing anything in any case.
* | Enforce signature hash policy properlyJack Lloyd2017-08-314-17/+61
| | | | | | | | | | | | | | | | Previously if the client did not send signature_algorithms, or if it only included algos not in the policy, we would just fallback to the hardcoded SHA-1 default of TLS v1.2 Instead check the policy before accepting anything.
* | More MSVC warnings fixesJack Lloyd2017-08-312-6/+6
| |
* | Fix various MSVC warningsJack Lloyd2017-08-312-4/+7
| | | | | | | | Based on VC2017 output
* | Avoid false positive valgrind in TLS CBC decryptionJack Lloyd2017-08-291-2/+2
| | | | | | | | | | | | We poisoned the record before decrypting it, which caused failures with Camellia ciphersuites (or AES, on platforms that use T-tables). Instead poison it right after decrypting.
* | Add support for ECDHE_PSK AEAD ciphersuitesJack Lloyd2017-08-221-2/+6
| | | | | | | | From draft-ietf-tls-ecdhe-psk-aead-05, now with official codepoints.
* | Initialize member var in Certificate_Status_RequestJack Lloyd2017-08-031-1/+2
| | | | | | | | | | This var is only used when encoding so was never read from, but leaving it uninitialized is bad news. Flagged by Coverity.
* | Correct failure when renegotiating with old serverJack Lloyd2017-06-041-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When renegotiating the client checks that the server hasn't changed its mind about supporting the renegotiation extension (this is a likely indicator of an attack). However due to a typo the client was actually comparing the value in the client hello of the first handshake against the server hello in the renegotiation handshake. Since Botan always sends the renegotiation extension, this would cause the check to fail when renegotiating with an old server that doesn't support the renegotiation extension. Reported on mailing list by Falko Strenzke. Tested patch against OpenSSL 0.9.8k
* | Make it easier to customize Text_Policy when inheriting from itlouiz’2017-04-271-1/+1
| | | | | | | | | | | | This way, the library user can improve the class by adding missing functions or some other tweak they may find useful. Without any access to m_kv this is impossible.
* | Add some missing function overrides in TLS::Text_Policylouiz’2017-04-251-0/+12
| |
* | Use 3 arg BOTAN_UNUSED in a codepath that is compiled oftenSimon Warta2017-04-171-3/+1
| | | | | | | | | | just to verify the implementation works fine across platforms and compilers
* | Content:Tomasz Frydrych2017-04-0314-68/+60
| | | | | | | | | | | | | | | | | | * fixes for deprecated constructions in c++11 and later (explicit rule of 3/5 or implicit rule of 0 and other violations) * `default` specifier instead of `{}` in some places(probably all) * removal of unreachable code (for example `return` after `throw`) * removal of compilation unit only visible, but not used functions * fix for `throw()` specifier - used instead `BOTAN_NOEXCEPT` * removed not needed semicolons
* | Remove "Dirty hack" for multiple defines in lex_me_harder()Simon Warta2017-04-024-4/+12
|/
* Add static_cast in uint8_t vs enum comparison.Jack Lloyd2017-01-281-2/+2
| | | | Sun CC for whatever reason becomes very confused by this.
* Merge GH #814 Avoid negotiating CECPQ1 if x25519 ECC is disabledJack Lloyd2017-01-061-0/+10
|\
| * Avoid negotiating CECPQ1 if x25519 ECC is disabledJack Lloyd2017-01-051-0/+10
| |
* | Add tests for certificate status messageJack Lloyd2017-01-041-8/+8
|/ | | | | | | Currently untested by TLS crosstalk tests because it is not supported on the server side. Exposes the rest of TLS message types to application.
* Increase default TLS DH min to 2048 bits, and add BSI policy class.Jack Lloyd2016-12-302-2/+56
| | | | | Moves BSI policy file to test data dir where it can be compared with what the hardcoded class outputs.