| Commit message (Expand) | Author | Age | Files | Lines |
* | Get the list of supported ECC curves out of the client hello, and | lloyd | 2012-01-24 | 5 | -4/+17 |
* | Forgot to check in server side ECDH key gen | lloyd | 2012-01-24 | 1 | -3/+11 |
* | Allow ECDH negotiation by default | lloyd | 2012-01-24 | 1 | -4/+1 |
* | For ECDH you don't strip leading zeros. Bikeshedding: 1 Consistency: 0 | lloyd | 2012-01-24 | 1 | -3/+5 |
* | Read ECDH client key exchange messages | lloyd | 2012-01-24 | 1 | -25/+26 |
* | Working ECDH key exchange. Only tested on client side but seems good | lloyd | 2012-01-24 | 3 | -37/+95 |
* | Cleanup | lloyd | 2012-01-24 | 1 | -10/+10 |
* | Expose the named curve ID/string conversion functions, needed for server key ... | lloyd | 2012-01-24 | 2 | -9/+8 |
* | Convert Internal_Error exceptions into the cooresponding alert. | lloyd | 2012-01-24 | 2 | -4/+7 |
* | Formatting and comment fix | lloyd | 2012-01-24 | 1 | -5/+5 |
* | Don't assume the server key exchange consists of a series of BigInts. | lloyd | 2012-01-24 | 3 | -31/+25 |
* | Add comments for the Policy class. Make the allowed_* calls virtual so | lloyd | 2012-01-24 | 1 | -16/+42 |
* | PEM encoding. Fix BER decoding. Encode the entire cert chain in the | lloyd | 2012-01-24 | 2 | -23/+68 |
* | New helpers taking a string | lloyd | 2012-01-24 | 2 | -0/+28 |
* | This should always have reported what it saw and expected | lloyd | 2012-01-24 | 1 | -1/+5 |
* | Better documentation in this header | lloyd | 2012-01-24 | 1 | -11/+34 |
* | The credentials manager interface seems a much better place for cert | lloyd | 2012-01-23 | 5 | -16/+76 |
* | Add Ciphersuite::to_string | lloyd | 2012-01-23 | 7 | -20/+110 |
* | Make the version number a proper class, makes many things much easier | lloyd | 2012-01-23 | 26 | -168/+304 |
* | Since this branch is hugely API breaking already, go ahead and put | lloyd | 2012-01-23 | 38 | -277/+429 |
* | Remove the key() method on server key exchange - instead leave it to | lloyd | 2012-01-23 | 3 | -21/+18 |
* | Have the client key exchange examine the server key exchange message | lloyd | 2012-01-23 | 6 | -52/+59 |
* | Basic outline of the supported curves extension from RFC 4492 | lloyd | 2012-01-22 | 2 | -14/+167 |
* | Reorder for readability | lloyd | 2012-01-22 | 1 | -46/+48 |
* | When generating a signature in TLS 1.2, respect the request of the | lloyd | 2012-01-20 | 8 | -57/+73 |
* | Report the length of the pre master secret. Who knows if when this | lloyd | 2012-01-20 | 1 | -1/+2 |
* | Missing a space | lloyd | 2012-01-20 | 1 | -1/+1 |
* | Increase the max key length of HMAC to 512 bytes. Previously we would | lloyd | 2012-01-20 | 2 | -2/+9 |
* | A change to Finished in 687c3c7dccdd2f5e4825bdb60155c7bfba22339f broke | lloyd | 2012-01-20 | 1 | -3/+5 |
* | Helps if you return the right type | lloyd | 2012-01-20 | 1 | -1/+1 |
* | Support lookup of the SSLv3 PRF | lloyd | 2012-01-20 | 1 | -0/+5 |
* | Ignore ECDH suites in replying | lloyd | 2012-01-20 | 1 | -0/+3 |
* | Fix decoding of signature_algorithms if we say something we don't recognize | lloyd | 2012-01-20 | 1 | -4/+4 |
* | Strangely you can negotiate using only MD5 in TLS 1.2. Just ignore it | lloyd | 2012-01-20 | 1 | -5/+2 |
* | Instead of using a hardcoded value for signature_algothms, go with | lloyd | 2012-01-20 | 7 | -20/+32 |
* | New policy methods. User provides lists of ciphers, hashes, etc they | lloyd | 2012-01-20 | 5 | -144/+231 |
* | Convert to using a switch statement here. It's faster, and offers | lloyd | 2012-01-20 | 1 | -83/+88 |
* | If the client sent something > TLS 1.2, we sould respond as TLS 1.1 | lloyd | 2012-01-20 | 1 | -16/+10 |
* | Somewhat contorted, but fixes the issue with sending hash/sig ids with | lloyd | 2012-01-20 | 5 | -18/+40 |
* | TLS_Ciphersuite_Algos was just a strange level of indirection between | lloyd | 2012-01-20 | 18 | -506/+254 |
* | Basic processing for signature_algorithms extension in client hello | lloyd | 2012-01-20 | 2 | -1/+35 |
* | Initialize values once in constructor instead of in each branch | lloyd | 2012-01-20 | 2 | -14/+13 |
* | Many fixes for TLS 1.2 though some things in particular client auth | lloyd | 2012-01-20 | 13 | -150/+251 |
* | Various and sundry bug fixes | lloyd | 2012-01-19 | 9 | -11/+31 |
* | Add the AES/SHA-256 suites to the standard lists. Works under TLS 1.2 | lloyd | 2012-01-19 | 1 | -0/+13 |
* | Kinda maybe working TLS 1.2 for clients. Not well tested at all, but a | lloyd | 2012-01-19 | 21 | -88/+172 |
* | Remove Handshake_Message::deserialize which was an unnecessary hook. | lloyd | 2012-01-19 | 10 | -153/+132 |
* | I'm not sure if I like this asthetically, but passing around the | lloyd | 2012-01-19 | 15 | -311/+219 |
* | Fix RSA client cert verification for SSLv3 | lloyd | 2012-01-19 | 1 | -3/+14 |
* | Support SSLv3 client auth on the client side. | lloyd | 2012-01-19 | 6 | -15/+53 |