aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/tls
Commit message (Collapse)AuthorAgeFilesLines
...
* Make this comment easier to readJack Lloyd2020-11-301-1/+2
|
* Merge GH #2517 Allow custom RSA private keys during TLSJack Lloyd2020-11-281-1/+1
|\
| * Allow custom RSA Private_Key in Client_Key_Exchange messageClaudius Hauptmann2020-11-271-1/+1
| |
* | Remove support for DHE_PSKJack Lloyd2020-11-248-38/+9
|/ | | | Retains PSK and ECDHE_PSK
* Merge GH #2511 Remove support for AES-128 OCB ciphersuitesJack Lloyd2020-11-243-11/+1
|\
| * Remove support for AES-128 OCB ciphersuitesJack Lloyd2020-11-243-11/+1
| |
* | Merge GH #2510 Fix some C++17 todosJack Lloyd2020-11-241-33/+30
|\ \ | |/ |/|
| * try to calm gcc 9Hannes Rantzsch2020-11-241-0/+2
| |
| * use if constexpr rather than sfinaeHannes Rantzsch2020-11-241-33/+28
| | | | | | | | to disable asio_stream setup_native_handle setup in test code
* | Remove Camellia CBC TLS ciphersuitesJack Lloyd2020-11-233-39/+15
| |
* | Remove support for SEED TLS ciphersuitesJack Lloyd2020-11-233-5/+1
| |
* | Remove outer shared_ptr from Certificate in certstore interfaceJack Lloyd2020-11-234-6/+6
| | | | | | | | | | | | Since 2.4.0 X509_Certificate and X509_CRL have been internally shared so an other shared_ptr is just overhead and API complexity. Use std::optional for APIs where the object was optional.
* | Remove SRP support from TLSJack Lloyd2020-11-2321-376/+26
|/
* Remove TLS support for DSA certificates/ciphersuitesJack Lloyd2020-11-218-88/+2
|
* Improvements to TLS suite generation scriptJack Lloyd2020-11-211-6/+2
| | | | | | | | Port to Python 3 Use SHA-256 instead of SHA-1 for the content hash Use C++17 nested namespace syntax
* Remove support for TLS anonymous DH/ECDH suitesJack Lloyd2020-11-217-30/+4
|
* Remove some unused includes of rounding.hJack Lloyd2020-11-112-2/+0
|
* Remove deprecated TLS interfacesJack Lloyd2020-11-087-371/+5
|
* Remove deprecated headers, make more headers internalJack Lloyd2020-11-0617-214/+21
| | | | | | | | | Now modules default to internal headers instead of defaulting to public; making a new public API should be a visible and intentional choice. Brings the public header count from over 300 to around 150. Also removes the deprecated tls_blocking interface
* Merge X.509 header filesJack Lloyd2020-10-312-1/+2
|
* Merge some of the ASN.1 headersJack Lloyd2020-10-311-1/+1
| | | | | Deprecate asn1_str.h asn1_time.h asn1_oid.h and alg_id.h with all contents moved to existing asn1_obj.h
* Resolve Doxygen warningsJack Lloyd2020-10-281-2/+2
|
* Fix LGTM warningJack Lloyd2020-06-181-1/+1
| | | | Large object being passed by value instead of &
* Enforce TLS server certificate key usage constraintsJack Lloyd2020-06-091-0/+24
|
* Prohibit a TLS peer from using a v1/v2 leaf certificateJack Lloyd2020-06-091-1/+16
| | | | | | This appears to be prohibited by all versions of TLS specification. Bug reported by Mario Korth of Ruhr-Universität Bochum.
* Fix cppcheck findingsRené Fischer2020-06-051-2/+4
|
* Small refactorings of TLS record layerJack Lloyd2020-04-243-32/+67
| | | | Reduces some code duplication in #2320
* Fix an undefined shift operation when DTLS reconnection occursJack Lloyd2020-04-051-1/+13
|
* Fix for ASanJack Lloyd2020-04-011-1/+1
|
* Make CBC padding constant timeJack Lloyd2020-03-292-30/+49
| | | | | | | Maximilian Blochberger points out that while unpadding was constant time, padding operation leaked the length of the plaintext. This is probably not too serious in most circumstances but is not desirable behavior.
* Improve error category namesHannes Rantzsch2020-03-171-5/+17
|
* use boost::beast provided lowest_layer utilitiesHannes Rantzsch2020-03-171-6/+19
| | | | | This allows using the TLS::Stream with a boost::beast::tcp_stream as its next layer.
* implement server-side of TLS::StreamHannes Rantzsch2020-03-172-29/+38
| | | | | Allows the TLS::Stream to perform the handshake as the server-side. Also adds a client-server integration test for the stream.
* implement async_shutdownHannes Rantzsch2020-03-171-5/+47
|
* FIX: Detect stream truncation errorsHannes Rantzsch2020-03-173-121/+191
| | | | | | TLS::Stream now detects connections that have been improperly closed by the peer without sending a close_notify alert first. This is indicated by a StreamTruncated error code.
* fail gracefully when using Stream w/o handshakeHannes Rantzsch2020-03-161-1/+6
|
* Remove support for splitting the amalgamation by ABIJack Lloyd2020-01-221-5/+3
| | | | | | | | | | This is as if --single-file-amalgamation was always used, except also now botan_all_internal.h is not created. This effectively drops support for very old GCC/Clang in the amalgamation (only). GCC 5+ and Clang 3.8+ support the target attribute and work fine. MSVC not affected since it doesn't need such attributes in the first place.
* New TLS session encryption formatJack Lloyd2019-12-152-27/+94
| | | | | | | | | | | | | | | | | | | | | | | Changes: - Adds magic number/versioning to make future extensions possible - Adds key identifier to avoid needless decryption attempts, makes supporting ticket key rotation easier in the future - Avoids key collision; in current format if the seed is duplicated the same key + nonce are generated. This does not leak the master ticket key but is still bad. Now nonce is random, and key is generated via a distinct 128-bit long input. Chances of a duplicated key/nonce are now about 2^-112. - Include the whole header incl nonce as associated data - Use SHA-512-256 instead of SHA-256 This breaks all saved encrypted sessions as well as saved session tickets. But the cost then is just a full renegotiation. The session ticket format is not guaranteed to be stable even across minor releases.
* Prefer CCM over CBC ciphersuitesRené Korthaus2019-11-151-1/+1
|
* Remove non-ephemeral PSK ciphersuites from BSI TLS policyRené Korthaus2019-11-141-1/+1
|
* Add SHA-512 to BSI TLS policy's allowed sigatures hashesRené Korthaus2019-11-141-1/+1
|
* Add AES-128/CCM and AES-256/CCM ciphersuites to BSI TLS policyRené Korthaus2019-11-141-1/+1
| | | | | BSI TR-02102-1 version 2019-01 added CCM ciphersuites as recommended, so we add them to the BSI TLS policy.
* Remove some FFDHE groups from BSI TLS policyRené Korthaus2019-11-141-2/+0
| | | | | | | BSI TR-02102-2 version 2019-01 explicitly lists the FFDHE groups recommended now. ffdhe6144 and ffdhe8192 are not listed, so we remove them from the BSI TLS policy.
* Allow disabling TLS 1.0/1.1 and DTLS 1.0 at build timeJack Lloyd2019-11-105-14/+40
|
* Try to appease MSVCJack Lloyd2019-10-251-4/+3
|
* Fix various Doxygen warningsJack Lloyd2019-10-252-17/+16
| | | | Some due to missing comments, others due to various misparsing of the code.
* Avoid situation where is_active and is_closed could both return trueJack Lloyd2019-10-221-0/+2
| | | | GH #2171
* silence trivial warningsNuno Goncalves2019-10-203-0/+3
| | | | Signed-off-by: Nuno Goncalves <[email protected]>
* Fix some MSVC warningsJack Lloyd2019-10-181-1/+3
|
* Add a variant of RandomNumberGenerator::random_vecJack Lloyd2019-09-133-9/+10
| | | | | This avoids the unlock(rng.random_vec(...)) pattern which is pretty wasteful in terms of heap overhead.
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-04 12:18:54 +0000