aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/tls
Commit message (Collapse)AuthorAgeFilesLines
* improve async opsHannes Rantzsch2019-04-166-66/+149
|
* do not use make_error_code and smaller PR review issuesTim Oesterreich2019-04-165-62/+63
|
* review: use specific buffer type where applicableTim Oesterreich2019-04-165-25/+26
|
* catch std::exception rather than (...) and exceptions as constHannes Rantzsch2019-04-164-32/+32
|
* review: c'tors and handler type deduction in async opsHannes Rantzsch2019-04-164-114/+73
|
* fix #6: write_some to buffer_sequenceHannes Rantzsch2019-04-161-15/+25
|
* FIX: reference to temporaryHannes Rantzsch2019-04-161-1/+1
|
* add documentationRené Meusel2019-04-162-10/+22
|
* cleanup asio::ssl::stream compatibility interfacesHannes Rantzsch2019-04-162-77/+81
|
* cleanup async opsHannes Rantzsch2019-04-163-9/+7
|
* don't call async_write handler directlyHannes Rantzsch2019-04-162-7/+8
|
* FIX: add legal informationRené Meusel2019-04-169-0/+72
|
* rename member variables like 'm_***'René Meusel2019-04-166-107/+108
|
* move stream implemention into TLS namespaceRené Meusel2019-04-168-54/+96
|
* move stream implementation to tls subdirRené Meusel2019-04-1610-0/+1139
|
* Rename Integrity_Failure to Invalid_Authentication_TagJack Lloyd2019-01-181-1/+1
| | | | | | | | | This makes the meaning and usage more clear. Add a specific error type so invalid tags can be distinguished without having to catch that specific type. See also #1813
* Fix some warnings from PVS-StudioJack Lloyd2019-01-171-0/+3
| | | | No real bugs, but pointed out some odd constructs and duplicated logic
* Remove trailing whitespaceJack Lloyd2019-01-132-17/+17
|
* Fix more MSVC warningsJack Lloyd2018-12-101-3/+4
|
* Fix some MSVC warningsJack Lloyd2018-12-102-5/+11
|
* Silence MSVC warningsJack Lloyd2018-12-041-2/+4
| | | | static_casts for the compiler god
* Fix bug in TLS CBC unpaddingJack Lloyd2018-12-031-1/+1
| | | | | | Regression introduced in 007314c5 Found by OSS-Fuzz (bug id 11693)
* Add CT::Mask typeJack Lloyd2018-11-281-10/+10
|
* Make exceptions easier to translate to error codesJack Lloyd2018-11-2310-19/+28
| | | | | | | | | | | Avoid throwing base Botan::Exception type, as it is difficult to determine what the error is in that case. Add Exception::error_code and Exception::error_type which allows (for error code) more information about the error and (for error type) allows knowing the error type without requiring a sequence of catches. See GH #1742
* Fix TLS version intolerance bugJack Lloyd2018-10-171-10/+10
| | | | Fixes #1710
* Fix TLS signature algorithm intoleranceJack Lloyd2018-10-163-17/+23
| | | | GH #1708
* move instead of copyrumcajs2018-10-141-2/+2
|
* Fix more MSVC warningsJack Lloyd2018-10-011-2/+2
|
* Remove unneeded load_on autoJack Lloyd2018-09-041-2/+0
| | | | It is the default...
* Default disable support for TLS v1.0/v1.1 and all CBC and CCM suitesJack Lloyd2018-08-221-6/+6
|
* Accept PKCS1v15 as an alias for EMSA3Jack Lloyd2018-08-021-2/+2
| | | | Not sure why it didn't have this already
* Correct Doxygen errorsJack Lloyd2018-07-021-2/+2
|
* TLS would try to negotiate x25519 even if disabledJack Lloyd2018-06-151-2/+6
| | | | | | | | Also reorder ECC groups to actually match performance characteristics. I'm not sure when P-384 was slower than P-521 but it certainly isn't anymore. Fixes #1607
* Add 192-bit Suite B policyJack Lloyd2018-06-141-0/+36
| | | | Since 128-bit policy is actually not even allowed since 2015.
* Add message to BOTAN_ARG_CHECK and use it more widelyJack Lloyd2018-05-131-0/+1
|
* Slight refactoring to avoid GCC signed overflow warnings. [ci skip]Jack Lloyd2018-05-081-4/+4
| | | | Couldn't occur since length is 24 bits but GCC couldn't figure that out.
* Fix some warnings new in GCC 8.1Jack Lloyd2018-05-076-43/+49
| | | | | It thinks the typedefs are "locals" that are being conflicted with, which seems wrong to me but whatever.
* Use bad_record_mac instead of decode_error for short TLS packetsJack Lloyd2018-04-161-1/+8
| | | | | Decode error seems more appropriate but it confuses some automated tools including older versions of TLS-Attacker.
* Fix bug that broke session decryption (and thus resumption)Jack Lloyd2018-04-091-1/+1
| | | | Introduced in 3657639ab. Add a test that would have caught this
* Fix off by one when decoding TLS-CBC ciphertextsJack Lloyd2018-04-093-27/+30
|
* Fix interop bug in TLS serverJack Lloyd2018-04-083-0/+33
| | | | | The connection would fail if the client advertised any signature algorithm we did not support (eg RSA/SHA-224)
* Add RAII versions of get_cipher_mode and get_aeadJack Lloyd2018-04-072-4/+3
| | | | See also #1526
* Export TLS::ExtensionJack Lloyd2018-03-311-1/+1
| | | | Needed to avoid UbSan issue
* Catch exceptions by reference not valueJack Lloyd2018-03-161-1/+1
| | | | Fixes a new warning in GCC 8
* Avoid std::bind in Channel::received_dataJack Lloyd2018-03-051-2/+1
| | | | | | Lambda works just as well here. GH #493
* Add missing overrides [ci skip]Jack Lloyd2018-02-191-1/+1
|
* Fix server use of EC point format extensionJack Lloyd2018-02-131-1/+1
| | | | | In the resumption case it would use that extension for any ECC ciphersuite, but is only allowed to do so if the client sent the extension.
* Remove house curve supportJack Lloyd2018-02-132-9/+0
|
* Add a test of TLS handshake with custom curve (secp112r1 in this case)Jack Lloyd2018-02-131-4/+21
|
* Add callback for decoding TLS group paramsJack Lloyd2018-02-134-3/+20
|
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-23 17:12:33 +0000