| Commit message (Expand) | Author | Age | Files | Lines |
* | Rewrite the TLS padding comparison to be constant time | lloyd | 2013-04-16 | 1 | -6/+6 |
* | Add a policy for Suite B 128-bit | lloyd | 2013-04-12 | 2 | -12/+33 |
* | Add datestamp to autogenerated tls_suite_info.cpp | lloyd | 2013-04-12 | 1 | -3/+2 |
* | Fix Ciphersuite::to_string when using non-GCM AEAD modes | lloyd | 2013-04-12 | 1 | -2/+2 |
* | Add support for AEAD modes in TLS. Add GCM ciphersuites. | lloyd | 2013-04-11 | 4 | -9/+239 |
* | In Channel, pre-size the IO buffers to 16K to avoid excess allocations. | lloyd | 2013-04-11 | 1 | -0/+7 |
* | Only negotiate an AEAD mode when using 1.2 | lloyd | 2013-04-11 | 3 | -0/+12 |
* | Mark Channel IO buffers for zeroing | lloyd | 2013-04-10 | 3 | -7/+7 |
* | Make the IV length and MAC keylength explicit in the ciphersuite | lloyd | 2013-04-10 | 6 | -124/+145 |
* | Make ciphersuite_list a virtual member of TLS::Policy | lloyd | 2013-04-10 | 4 | -21/+20 |
* | Add a param to Connection_Cipher_State so it knows which direction | lloyd | 2013-04-10 | 3 | -1/+5 |
* | Have tls_suite_info.py generate the entire source file | lloyd | 2013-03-28 | 1 | -6/+6 |
* | Add TLS::Policy::server_uses_own_ciphersuite_preferences() | lloyd | 2013-03-21 | 4 | -5/+33 |
* | Add the script that generates the switch in tls_suite_info.cpp | lloyd | 2013-03-16 | 1 | -1/+4 |
* | Move assert.h from internal to very public (included in types.h) | lloyd | 2013-03-13 | 9 | -9/+0 |
* | Pull the code doing TLS session crypto out to cryptobox for general | lloyd | 2013-03-04 | 1 | -101/+4 |
* | Correct Doxygen comments | lloyd | 2013-03-02 | 2 | -2/+1 |
* | Add sync handshake function to Blocking_Client | lloyd | 2013-03-01 | 2 | -8/+32 |
* | Blocking_Client fixes. Add relnote | lloyd | 2013-02-28 | 4 | -16/+7 |
* | Initial blocking client interface for simple uses and 1.10 compat | lloyd | 2013-02-28 | 2 | -0/+174 |
* | Move the major TLS record MAC check and decrypt routines to their own | lloyd | 2013-02-11 | 1 | -75/+112 |
* | Move record decrypt to its own function | lloyd | 2013-02-11 | 1 | -86/+104 |
* | Simplify this catch | lloyd | 2013-02-11 | 1 | -6/+1 |
* | Prefer RC4 over AES. Gak. | lloyd | 2013-02-06 | 1 | -3/+3 |
* | Don't need to pass the sequence numbers struct in here, all we need is | lloyd | 2012-12-14 | 3 | -5/+3 |
* | Re-add support for reading SSLv2 client hellos | lloyd | 2012-12-10 | 2 | -11/+22 |
* | Add a Record struct to combine the record contents, type, sequence #, | lloyd | 2012-12-10 | 5 | -82/+104 |
* | Change Credentials_Manager::trusted_certificate_authorities to return | lloyd | 2012-11-13 | 4 | -11/+17 |
* | Changes so DTLS handshake can send messages under different epochs, eg | lloyd | 2012-11-12 | 7 | -55/+85 |
* | Remove Channel::m_max_fragment. Instead derive it from the server | lloyd | 2012-11-07 | 4 | -29/+27 |
* | Store the maximum fragment value instead of the code, convert to the | lloyd | 2012-11-07 | 2 | -37/+31 |
* | Remove Channel::m_connection_closed, instead deriving it from other state | lloyd | 2012-11-07 | 2 | -8/+11 |
* | Pass read_record a callback mapping epoch to cipher state so it can | lloyd | 2012-11-06 | 4 | -53/+38 |
* | Add Channel::pending_state and Channel::active_state, use where possible | lloyd | 2012-11-06 | 2 | -73/+84 |
* | Store cipher states in Channel instead of Handshake_State. Keep all | lloyd | 2012-11-06 | 7 | -66/+145 |
* | Split asn1_obj.h into asn1_alt_name.h, asn1_attribute.h, and | lloyd | 2012-11-06 | 1 | -0/+6 |
* | Move Channel::is_{active,closed} to source file | lloyd | 2012-11-01 | 2 | -2/+12 |
* | Add TLS::Policy::negotiate_heartbeat_support which controls if the | lloyd | 2012-10-13 | 5 | -3/+20 |
* | Remove TLS::Policy::pref_version. Instead pass the version to offer to | lloyd | 2012-10-13 | 5 | -15/+19 |
* | Add TLS::Server_Information to encapsulate the hostname/port pair. | lloyd | 2012-10-13 | 13 | -103/+179 |
* | Generate the fake pre master needed if the RSA computation fails ahead | lloyd | 2012-10-02 | 1 | -4/+16 |
* | Missing return value | lloyd | 2012-09-19 | 1 | -0/+1 |
* | Inline Channel::{read,write}_cipher_state, only one caller each | lloyd | 2012-09-14 | 2 | -24/+11 |
* | Expose to public in TLS::Channel peer_supports_heartbeats, | lloyd | 2012-09-13 | 1 | -6/+16 |
* | Store the cipher states in the handshake state object as shared_ptrs. | lloyd | 2012-09-13 | 4 | -43/+94 |
* | Update creators of Session to new constructor | lloyd | 2012-09-12 | 2 | -2/+0 |
* | It seems other implementations define the secure renegotiation flag to | lloyd | 2012-09-12 | 3 | -16/+3 |
* | A quite different approach to extension handling, store both inbound | lloyd | 2012-09-12 | 8 | -282/+233 |
* | Spelling | lloyd | 2012-09-12 | 6 | -18/+17 |
* | Duplicated extension checks! | lloyd | 2012-09-12 | 1 | -12/+0 |