aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/tls
Commit message (Expand)AuthorAgeFilesLines
* Use constant_time_compare instead of same_memJack Lloyd2017-09-162-3/+3
* Correct TLS::Policy::latest_supported_versionJack Lloyd2017-09-041-2/+16
* De-inline accessor functions in Client_Hello typeJack Lloyd2017-09-012-93/+130
* Don't try enforcing the hash policy for PSK ciphersuitesJack Lloyd2017-09-011-1/+1
* Enforce signature hash policy properlyJack Lloyd2017-08-314-17/+61
* More MSVC warnings fixesJack Lloyd2017-08-312-6/+6
* Fix various MSVC warningsJack Lloyd2017-08-312-4/+7
* Avoid false positive valgrind in TLS CBC decryptionJack Lloyd2017-08-291-2/+2
* Add support for ECDHE_PSK AEAD ciphersuitesJack Lloyd2017-08-221-2/+6
* Initialize member var in Certificate_Status_RequestJack Lloyd2017-08-031-1/+2
* Correct failure when renegotiating with old serverJack Lloyd2017-06-041-1/+1
* Make it easier to customize Text_Policy when inheriting from itlouiz’2017-04-271-1/+1
* Add some missing function overrides in TLS::Text_Policylouiz’2017-04-251-0/+12
* Use 3 arg BOTAN_UNUSED in a codepath that is compiled oftenSimon Warta2017-04-171-3/+1
* Content:Tomasz Frydrych2017-04-0314-68/+60
* Remove "Dirty hack" for multiple defines in lex_me_harder()Simon Warta2017-04-024-4/+12
* Add static_cast in uint8_t vs enum comparison.Jack Lloyd2017-01-281-2/+2
* Merge GH #814 Avoid negotiating CECPQ1 if x25519 ECC is disabledJack Lloyd2017-01-061-0/+10
|\
| * Avoid negotiating CECPQ1 if x25519 ECC is disabledJack Lloyd2017-01-051-0/+10
* | Add tests for certificate status messageJack Lloyd2017-01-041-8/+8
|/
* Increase default TLS DH min to 2048 bits, and add BSI policy class.Jack Lloyd2016-12-302-2/+56
* Add CECPQ1 OCB ciphersuitesJack Lloyd2016-12-301-1/+3
* Prohibit SHA256/SHA384 ciphersuites in TLS 1.0/1.1 (GH #496)Jack Lloyd2016-12-281-3/+10
* Export tls_messages.h as a public headerRené Korthaus2016-12-2320-30/+43
* Convert to using standard uintN_t integer typesJack Lloyd2016-12-1855-880/+881
* Disable TLS signature and finished message checks in fuzzer modeJack Lloyd2016-12-173-3/+23
* Fix bad deref when ciphersuite value is larger than largest known idJack Lloyd2016-12-051-1/+1
* Add TLS::Policy::require_cert_revocation_infoJack Lloyd2016-11-283-1/+14
* Merge GH #738 Add OCSP stapling to TLS clientJack Lloyd2016-11-2812-44/+291
|\
| * Add OCSP stapling support to TLS clientJack Lloyd2016-11-2612-44/+291
* | No reason to deprecate this (only internally called) constructorJack Lloyd2016-11-261-1/+2
* | Add TLS::Policy::to_stringJack Lloyd2016-11-262-0/+13
|/
* Merge GH #653 OCSP and X.509 path validation refactorJack Lloyd2016-11-259-86/+149
|\
| * Add missing Doxygen param [ci skip]Jack Lloyd2016-11-251-0/+2
| * Add minimum_signature_strenght to Text_PolicyJack Lloyd2016-11-252-3/+9
| * Add TLS::Policy::minimum_signature_strengthJack Lloyd2016-11-256-5/+25
| * Address review comments from @cordneyJack Lloyd2016-11-251-0/+1
| * Add the documented function for OCSP timeoutsJack Lloyd2016-11-232-3/+10
| * Move TLS cert verification callback from Credentials_Manager to TLS::CallbacksJack Lloyd2016-11-237-83/+110
* | Simplify TLS::Ciphersuite::cbc_ciphersuiteJack Lloyd2016-11-251-3/+1
* | Simplify TLS::Handshake_Hash::updateJack Lloyd2016-11-251-9/+5
|/
* TLS CBC functionality now exposed to the library developer. Useful for direct...Juraj Somorovsky2016-11-191-1/+1
* Order default TLS ECC curve preferences by performanceJack Lloyd2016-11-191-4/+6
* Add CECPQ1 TLS ciphersuitesJack Lloyd2016-11-176-14/+92
* Fix incompatability with (some) common TLS stackJack Lloyd2016-11-164-15/+26
* Add new TLS callback for when session is activatedJack Lloyd2016-11-162-0/+8
* Pubkey cleanupsJack Lloyd2016-11-121-3/+1
* Cipher_Mode and AEAD_Mode improvementsDaniel Neus2016-11-082-2/+13
* Add an in-house EC curve for TLS at compile-timeRené Korthaus2016-11-031-0/+10
* Simplify some code by using T::create_or_throwJack Lloyd2016-11-032-12/+3