aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/tls
Commit message (Collapse)AuthorAgeFilesLines
* Add wrappers for reinterpret_cast between char* and uint8_t*Jack Lloyd2017-10-033-8/+6
| | | | | | | Generally speaking reinterpret_cast is sketchy stuff. But the special case of char*/uint8_t* is both common and safe. By isolating those, the remaining (likely sketchy) cases are easier to grep for.
* Remove redundant parensJack Lloyd2017-10-031-1/+1
| | | | Sonar
* Remove various unused variablesJack Lloyd2017-10-021-2/+0
| | | | Sonar finds
* Make TLS::Blocking_Client non-finalJack Lloyd2017-10-021-1/+1
| | | | It is intended for derivation! Just not tested...
* Make kv in TLS_Text_Policy private, add protected setterJack Lloyd2017-10-022-0/+14
|
* Use class instead of struct for objects with member functionsJack Lloyd2017-09-301-3/+4
| | | | Flagged by Sonar and quite reasonable
* In TLS CBC padding check, only need to verify last 256 bytesJack Lloyd2017-09-291-8/+16
| | | | | No reason to scan the entire record since it's assured at most 256 bytes of padding are used. Inspired by GH #1227
* Add a test of TLS CBC padding verificationJack Lloyd2017-09-292-9/+12
| | | | See also GH #1227
* Fixes for MSVCJack Lloyd2017-09-281-2/+1
| | | | BOTAN_UNUSED "uses" the RNG :/
* Further header cleanupsJack Lloyd2017-09-282-0/+3
|
* More build fixesJack Lloyd2017-09-241-1/+2
|
* Avoid deprecated warning in tls_blocking.cppJack Lloyd2017-09-221-0/+6
| | | | We don't care because the whole file is itself deprecated.
* Apply final annotations to the library alsoJack Lloyd2017-09-2218-25/+25
| | | | | Done by a perl script which converted all classes to final, followed by selective reversion where it caused compilation failures.
* De-inline TLS::Text_PolicyJack Lloyd2017-09-214-122/+302
| | | | | Getting a little large to be all defined in a header, and sticking it in a source file allows removing several includes from tls_policy.h
* More include header cleanupsJack Lloyd2017-09-2132-30/+19
|
* Header file cleanupsJack Lloyd2017-09-214-0/+4
| | | | Some help from include-what-you-use
* Change header guard format to BOTAN_FOO_H_Jack Lloyd2017-09-2028-56/+56
| | | | | | ISO C++ reserves names with double underscores in them Closes #512
* More annotationsJack Lloyd2017-09-192-9/+9
|
* Add API stability annotations.Jack Lloyd2017-09-1920-35/+35
| | | | | Defined in build.h, all equal to BOTAN_DLL so ties into existing system for exporting symbols.
* Merge GH #872 Add ability for TLS servers to prohibit renegotiationJack Lloyd2017-09-193-2/+16
|\
| * Fix logic of renegotiation checkJack Lloyd2017-02-203-4/+6
| | | | | | | | | | | | Turning the policy off broke the server entirely. Expose the new flag to Text_Policy
| * Add TLS::Policy::allow_client_initiated_renegotiationJack Lloyd2017-02-193-2/+14
| | | | | | | | Parallel of the server policy flag.
* | Use constant_time_compare instead of same_memJack Lloyd2017-09-162-3/+3
| | | | | | | | New name, same great operation
* | Correct TLS::Policy::latest_supported_versionJack Lloyd2017-09-041-2/+16
| | | | | | | | | | This would do the wrong thing if TLS v1.2 was disabled but v1.0/v1.1 allowed.
* | De-inline accessor functions in Client_Hello typeJack Lloyd2017-09-012-93/+130
| | | | | | | | | | This class is exposed but the extension types aren't, so calls to these functions from outside the library would not link.
* | Don't try enforcing the hash policy for PSK ciphersuitesJack Lloyd2017-09-011-1/+1
| | | | | | | | Since we don't end up signing anything in any case.
* | Enforce signature hash policy properlyJack Lloyd2017-08-314-17/+61
| | | | | | | | | | | | | | | | Previously if the client did not send signature_algorithms, or if it only included algos not in the policy, we would just fallback to the hardcoded SHA-1 default of TLS v1.2 Instead check the policy before accepting anything.
* | More MSVC warnings fixesJack Lloyd2017-08-312-6/+6
| |
* | Fix various MSVC warningsJack Lloyd2017-08-312-4/+7
| | | | | | | | Based on VC2017 output
* | Avoid false positive valgrind in TLS CBC decryptionJack Lloyd2017-08-291-2/+2
| | | | | | | | | | | | We poisoned the record before decrypting it, which caused failures with Camellia ciphersuites (or AES, on platforms that use T-tables). Instead poison it right after decrypting.
* | Add support for ECDHE_PSK AEAD ciphersuitesJack Lloyd2017-08-221-2/+6
| | | | | | | | From draft-ietf-tls-ecdhe-psk-aead-05, now with official codepoints.
* | Initialize member var in Certificate_Status_RequestJack Lloyd2017-08-031-1/+2
| | | | | | | | | | This var is only used when encoding so was never read from, but leaving it uninitialized is bad news. Flagged by Coverity.
* | Correct failure when renegotiating with old serverJack Lloyd2017-06-041-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When renegotiating the client checks that the server hasn't changed its mind about supporting the renegotiation extension (this is a likely indicator of an attack). However due to a typo the client was actually comparing the value in the client hello of the first handshake against the server hello in the renegotiation handshake. Since Botan always sends the renegotiation extension, this would cause the check to fail when renegotiating with an old server that doesn't support the renegotiation extension. Reported on mailing list by Falko Strenzke. Tested patch against OpenSSL 0.9.8k
* | Make it easier to customize Text_Policy when inheriting from itlouiz’2017-04-271-1/+1
| | | | | | | | | | | | This way, the library user can improve the class by adding missing functions or some other tweak they may find useful. Without any access to m_kv this is impossible.
* | Add some missing function overrides in TLS::Text_Policylouiz’2017-04-251-0/+12
| |
* | Use 3 arg BOTAN_UNUSED in a codepath that is compiled oftenSimon Warta2017-04-171-3/+1
| | | | | | | | | | just to verify the implementation works fine across platforms and compilers
* | Content:Tomasz Frydrych2017-04-0314-68/+60
| | | | | | | | | | | | | | | | | | * fixes for deprecated constructions in c++11 and later (explicit rule of 3/5 or implicit rule of 0 and other violations) * `default` specifier instead of `{}` in some places(probably all) * removal of unreachable code (for example `return` after `throw`) * removal of compilation unit only visible, but not used functions * fix for `throw()` specifier - used instead `BOTAN_NOEXCEPT` * removed not needed semicolons
* | Remove "Dirty hack" for multiple defines in lex_me_harder()Simon Warta2017-04-024-4/+12
|/
* Add static_cast in uint8_t vs enum comparison.Jack Lloyd2017-01-281-2/+2
| | | | Sun CC for whatever reason becomes very confused by this.
* Merge GH #814 Avoid negotiating CECPQ1 if x25519 ECC is disabledJack Lloyd2017-01-061-0/+10
|\
| * Avoid negotiating CECPQ1 if x25519 ECC is disabledJack Lloyd2017-01-051-0/+10
| |
* | Add tests for certificate status messageJack Lloyd2017-01-041-8/+8
|/ | | | | | | Currently untested by TLS crosstalk tests because it is not supported on the server side. Exposes the rest of TLS message types to application.
* Increase default TLS DH min to 2048 bits, and add BSI policy class.Jack Lloyd2016-12-302-2/+56
| | | | | Moves BSI policy file to test data dir where it can be compared with what the hardcoded class outputs.
* Add CECPQ1 OCB ciphersuitesJack Lloyd2016-12-301-1/+3
| | | | | | Clean up the ciphersuite generation script a bit. [ci skip]
* Prohibit SHA256/SHA384 ciphersuites in TLS 1.0/1.1 (GH #496)Jack Lloyd2016-12-281-3/+10
|
* Export tls_messages.h as a public headerRené Korthaus2016-12-2320-30/+43
| | | | | | | TLS::Callbacks::inspect_handshake_message() allows applications to inspect all handshake messages, but this requires access to the types in tls_messages.h. As a matter of fact, this also exports tls_extensions.h as a public header.
* Convert to using standard uintN_t integer typesJack Lloyd2016-12-1855-880/+881
| | | | | | Renames a couple of functions for somewhat better name consistency, eg make_u32bit becomes make_uint32. The old typedefs remain for now since probably lots of application code uses them.
* Disable TLS signature and finished message checks in fuzzer modeJack Lloyd2016-12-173-3/+23
| | | | | Also use a const time comparison for the finished message, though I don't see any real way of exploiting that timing channel.
* Fix bad deref when ciphersuite value is larger than largest known idJack Lloyd2016-12-051-1/+1
| | | | Reported by @neverhub in GH #758 found by libFuzzer
* Add TLS::Policy::require_cert_revocation_infoJack Lloyd2016-11-283-1/+14
|
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-26 02:17:03 +0000