Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | We weren't handling DTLS handshake fragments at all. Now reject them | lloyd | 2012-08-08 | 2 | -24/+35 |
| | | | | | while continuing to work with unfragmented records and add the framework for defragmentation. | ||||
* | Clean up DTLS handshake formatting | lloyd | 2012-08-08 | 2 | -19/+21 |
| | |||||
* | Make Handshake_IO::format const | lloyd | 2012-08-08 | 2 | -5/+5 |
| | |||||
* | Fix DTLS handshake encoding. Handle multiple messages in a packet. | lloyd | 2012-08-08 | 2 | -31/+72 |
| | | | | Handle DTLS CCS correctly. | ||||
* | DTLS needs some help with ChangeCipherSpec because it is not included | lloyd | 2012-08-08 | 5 | -11/+51 |
| | | | | | | | | in the message_seq count. When we are asking for the next handshake msg, tell the handshake IO layer if we are expecting a CCS or not. Then DTLS just needs to track which epoch(s) it has seen the CCS for, and which epoch it is currently in. This is all ignored by the stream IO layer. | ||||
* | Move check of plaintext size to after MAC check. Use assign instead of | lloyd | 2012-08-07 | 1 | -8/+8 |
| | | | | resize+copy_mem. | ||||
* | Remove Handshake_IO::have_full_record and Handshake_IO::empty | lloyd | 2012-08-07 | 3 | -50/+14 |
| | | | | | Have get_next_record return NONE+empty vector if no record availabe. IO::empty was completely unused. | ||||
* | This was in an awkward place | lloyd | 2012-08-07 | 1 | -2/+1 |
| | |||||
* | Track the sequence number and return it from the record reader. Take | lloyd | 2012-08-07 | 5 | -15/+33 |
| | | | | | | | the sequence number into the handshake parser. This is ignored entirely by the stream handshake reader which does not need it, but is needed for DTLS. Track which epoch(s) we have seen a change cipher spec for. | ||||
* | Wrap lines | lloyd | 2012-08-06 | 2 | -2/+7 |
| | |||||
* | Fix parens | lloyd | 2012-08-06 | 1 | -1/+1 |
| | |||||
* | Add a Policy item for if a client will accept a server-initiated | lloyd | 2012-08-06 | 2 | -1/+7 |
| | | | | | renegotiation request. Defaults to true. If false, the client will send a non-fatal no_renegotiation alert. | ||||
* | Expose Handshake_Message as an API type. | lloyd | 2012-08-06 | 9 | -66/+117 |
| | | | | | | | | | | | Use override as appropriate in tls_messages.h Add a callback to Handshake_State which, if set, is called for each Handshake_Message& as it is received or sent. Not yet exposed at the application level. Use default values in client and server hellos to minimize the need for explicit settings in constructors. | ||||
* | Don't need to make these private | lloyd | 2012-08-06 | 1 | -5/+3 |
| | |||||
* | The client wasn't sending a next protocol message on a session | lloyd | 2012-08-06 | 1 | -0/+11 |
| | | | | resumption. | ||||
* | A heartbeat request send by the counterparty during a handshake would | lloyd | 2012-08-06 | 1 | -5/+8 |
| | | | | be passed to the application callback as a heartbeat response. | ||||
* | Move server-specific parts of the handshake state to a server subclass. | lloyd | 2012-08-06 | 4 | -21/+29 |
| | |||||
* | Move things that are client specific in the handshake state to a | lloyd | 2012-08-06 | 2 | -16/+28 |
| | | | | subclass created by Client::new_handshake_state | ||||
* | Make the handshake hash private | lloyd | 2012-08-06 | 7 | -33/+36 |
| | |||||
* | Make handshake session keys private with get/set | lloyd | 2012-08-06 | 6 | -24/+33 |
| | |||||
* | Make the handshake Ciphersuite only available by const reference. | lloyd | 2012-08-06 | 8 | -36/+35 |
| | | | | Derive it when the server hello is set. | ||||
* | Const Handshake_State args where possible | lloyd | 2012-08-06 | 3 | -5/+5 |
| | |||||
* | Move Certificate message to it's own file. | lloyd | 2012-08-06 | 4 | -68/+89 |
| | | | | Remove ~Extensions declaration, not used anymore. | ||||
* | Use unique_ptr in Server_Kex_Exchange and Extensions | lloyd | 2012-08-06 | 4 | -37/+19 |
| | |||||
* | Store record MAC objects in unique_ptr | lloyd | 2012-08-06 | 3 | -21/+12 |
| | |||||
* | Have all the TLS handshake messages stored in unique_ptrs with only | lloyd | 2012-08-06 | 15 | -294/+436 |
| | | | | const access after setting them. Fix some const issues. | ||||
* | m_ namespace remaining TLS messages | lloyd | 2012-08-06 | 5 | -78/+78 |
| | |||||
* | In the in-memory session manager, choose a random key at startup and | lloyd | 2012-08-05 | 3 | -10/+28 |
| | | | | | | | | encrypt all of the sessions, decrypting before return. This minimizes load on the locked memory (48 bytes master secret per session, vs 32 bytes for a single master key). It might also make recovering session data from memory dumps a little bit harder though this isn't worth counting on IMO | ||||
* | Remove Channel::read_handshake. Have the server set expected next msg | lloyd | 2012-08-05 | 4 | -43/+15 |
| | | | | in new_handshake_state. | ||||
* | If we're negotiating a datagram protocol, allow a hello verify | lloyd | 2012-08-03 | 1 | -2/+20 |
| | | | | message. Add client-side hello verify handling. | ||||
* | Take the initial record version from the Handshake_IO instance instead | lloyd | 2012-08-03 | 5 | -3/+24 |
| | | | | of hardcoding it to SSLv3. | ||||
* | Add Handshake_Hash::reset | lloyd | 2012-08-03 | 3 | -3/+24 |
| | | | | Add cookie support in Client_Hello. | ||||
* | Add preliminary IO handler for datagram handshakes. Does not fragment | lloyd | 2012-08-03 | 2 | -0/+184 |
| | | | | | outbound messages to MTU. Reassembly likely doesn't work, and is very vulnerable to DoS attacks. | ||||
* | Rename all the message source files to msg_ | lloyd | 2012-08-03 | 11 | -10/+10 |
| | |||||
* | Combine Handshake_Writer and Handshake_Reader into Handshake_IO. | lloyd | 2012-08-03 | 20 | -245/+170 |
| | | | | | | | | This is mostly just a minor code savings for TLS, but it actually seems important for DTLS because getting a handshake message can be a trigger for retransmitting previously sent handshake messages in some circumstances. Having the reading and writing all in one layer makes it a bit easier to accomplish that. | ||||
* | Move the code that pretends a CCS message is a handshake message from | lloyd | 2012-08-02 | 3 | -40/+32 |
| | | | | Channel to the handshake reader. | ||||
* | Use TLS v1.0 PRF unless the version supports a ciphersuite specific PRF | lloyd | 2012-08-02 | 1 | -4/+5 |
| | |||||
* | Add TLS::Protocol_Version::supports_ciphersuite_specific_prf | lloyd | 2012-08-02 | 4 | -14/+16 |
| | |||||
* | Fix DTLS HelloVerify message decoding | lloyd | 2012-08-02 | 1 | -3/+12 |
| | |||||
* | Use m_ namespace member vars in CurveGFp | lloyd | 2012-08-01 | 1 | -35/+36 |
| | |||||
* | Move monty_invert to numthry.h and use it in CurveGFp as well | lloyd | 2012-08-01 | 4 | -51/+48 |
| | |||||
* | Remove z_size parameter to bigint_monty_redc because it should always | lloyd | 2012-08-01 | 4 | -26/+12 |
| | | | | | | | | | | | be 2*(p_size+1). Document that it clears the high part of z. Don't clear the workspace before calling Karatsuba in bigint_mul or bigint_sqr - they clear it every time anyway. Don't bother masking words in the Montgomery_Exponentiator as redc zeros those words. Also don't bother calling z.clear() as the multiply operation does that already. | ||||
* | Cleanup BigInt::cmp | lloyd | 2012-08-01 | 4 | -41/+43 |
| | | | | | | Move bigint_divcore to divide.cpp which is the only place it is used. Probably not computationally intensive enough to really be worth optimizing in asm. | ||||
* | Move all BigInt constructors to the top of the decl | lloyd | 2012-08-01 | 1 | -81/+82 |
| | |||||
* | Remove BigInt::assign | lloyd | 2012-08-01 | 2 | -25/+24 |
| | |||||
* | Remove BigInt(NumberType type, size_t n) and replace it with a static | lloyd | 2012-08-01 | 9 | -37/+24 |
| | | | | BigInt function power_of_2. (Power2 was the only available NumberType) | ||||
* | Remove all support for octal BigInt conversions. | lloyd | 2012-08-01 | 4 | -39/+25 |
| | |||||
* | Remove BigInt::get_reg | lloyd | 2012-08-01 | 3 | -13/+6 |
| | |||||
* | Remove BigInt::operator[]. Use BigInt::word_at, which checks sizes | lloyd | 2012-08-01 | 4 | -14/+12 |
| | |||||
* | Remove BigInt::operator[] returning a mutable word reference | lloyd | 2012-08-01 | 3 | -13/+9 |
| |