| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
So it can be easily enabled if someone wants it.
|
| |
|
|
| |
Not enabled due to inability to test
|
| |
|
|
| |
From draft-ietf-tls-ecdhe-psk-aead-05, now with official codepoints.
|
| |
|
|
|
|
| |
Clean up the ciphersuite generation script a bit.
[ci skip]
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Tested against BoringSSL (as client + server) and google.com (as client).
Fix a stupid crashing bug in NewHope's BoringSSL mode.
Remove unneeded error return from curve25519_donna - always returned 0.
Default policy prefers ChaChaPoly1305 over GCM and CECPQ1 over ECDH/DH, which
means the default no-extra-configuration ciphersuite (for Botan client speaking
to Botan server) is a ciphersuite which is both implemented in constant time
on all platforms and (hopefully) provides post quantum security. Good Things.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Stores ciphersuites in a sorted std::vector, then lookups are done
by binary search instead of a switch lookup.
The loop that explicitly gathered all the ciphersuites out of the switch
statement can then be removed, as can Ciphersuite::all_known_ciphersuite_ids
which only existed to make the scan loop faster by avoiding having to
call by_id on the entire 0x0000-0xFFFF range.
Precomputes the result of Ciphersuite::valid at construction time.
|
| |
|
|
|
|
| |
instead of trying (badly) to reconstruct it in to_string
Save all strings in Ciphersuite as const char*
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
This avoids a scan over the entire 0 - 0xFFFF space which is mostly
empty, by instead keeping a second list in tls_suite_info which is
exactly the keys for which the switch statement has values.
This scan is only ever done once (when first needed) but removing it
is sufficient to increase AFL's throuhput by 4x since it goes through
a full startup on each test.
|
| |
|
|
|
|
|
|
|
|
|
| |
Fix a bug which rejected any short server key exchanges. These can
occur with a plain PSK with short or empty identity hints.
Disable SHA-224 by default.
Remove some vestigal RC4 cruft.
Push more on the TLS corruption tests.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Transforms and BlockCiphers. Registration for all types is done at
startup but is very cheap as just a std::function and a std::map entry
are created, no actual objects are created until needed. This is a
huge improvement over Algorithm_Factory which used T::clone() as the
function and thus kept a prototype object of each type in memory.
Replace existing lookup mechanisms for ciphers, AEADs, and compression
to use the transform lookup. The existing Engine framework remains in
place for BlockCipher, but the engines now just call to the registry
instead of having hardcoded lookups.
s/Transformation/Transform/ with typedefs for compatability.
Remove lib/selftest code (for runtime selftesting): not the right approach.
|
| |
|
|
|
| |
and enable them in the default build, though still not enabled in the
runtime policy.
|
| | |
|
| |
|
|
|
| |
Update license header line to specify the terms and refer to the file,
neither of which it included before.
|
| | |
|
| |
|
|
| |
the nonce sizes should be down to the ciphersuite generating script.
|
| | |
|
| | |
|
| | |
|
| |
|
