summaryrefslogtreecommitdiffstats
path: root/src/net/tls.c
Commit message (Expand)AuthorAgeFilesLines
* [tls] Tidy up error handling flow in tls_send_plaintext()Michael Brown2024-01-311-10/+20
* [tls] Add support for Ephemeral Elliptic Curve Diffie-Hellman key exchangeMichael Brown2024-01-301-0/+169
* [tls] Split out Diffie-Hellman parameter signature verificationMichael Brown2024-01-301-39/+62
* [tls] Generate key material after sending ClientKeyExchangeMichael Brown2024-01-301-16/+15Star
* [tls] Restructure construction of ClientHello messageMichael Brown2024-01-301-72/+99
* [tls] Handle fragmented handshake recordsMichael Brown2023-03-311-18/+24
* [tls] Pass I/O buffer to received record handlersMichael Brown2023-03-311-58/+98
* [tls] Clean up change cipher spec record handlingMichael Brown2023-03-301-4/+15
* [tls] Allow handshake digest algorithm to be specified by cipher suiteMichael Brown2022-11-091-63/+114
* [tls] Always send maximum supported version in ClientHelloMichael Brown2022-11-091-1/+1
* [tls] Add support for AEAD ciphersMichael Brown2022-11-081-2/+39
* [tls] Treat invalid block padding as zero length paddingMichael Brown2022-11-081-2/+2
* [tls] Allow for arbitrary-length initialisation vectorsMichael Brown2022-11-081-186/+144Star
* [tls] Add MAC length as a cipher suite parameterMichael Brown2022-11-081-16/+18
* [tls] Abstract out concept of a TLS authentication headerMichael Brown2022-11-081-21/+19Star
* [tls] Ensure cipher alignment size is respectedMichael Brown2022-11-071-0/+18
* [tls] Formalise notions of fixed and record initialisation vectorsMichael Brown2022-11-071-3/+24
* [tls] Remove support for TLSv1.0Michael Brown2022-11-071-31/+6Star
* [crypto] Allow initialisation vector length to vary from cipher blocksizeMichael Brown2022-10-251-2/+2
* [tls] Add support for Ephemeral Diffie-Hellman key exchangeMichael Brown2022-10-111-0/+246
* [tls] Add key exchange mechanism to definition of cipher suiteMichael Brown2022-10-111-3/+25
* [tls] Record ServerKeyExchange record, if providedMichael Brown2022-10-111-0/+36
* [tls] Generate pre-master secret at point of sending ClientKeyExchangeMichael Brown2022-10-111-16/+24
* [tls] Generate master secret at point of sending ClientKeyExchangeMichael Brown2022-10-111-8/+13
* [crypto] Simplify internal HMAC APIMichael Brown2022-10-101-29/+22Star
* [crypto] Allow private key to be specified as a TLS connection parameterMichael Brown2020-12-151-5/+11
* [tls] Include root of trust within definition of TLS sessionMichael Brown2020-12-151-3/+7
* [x509] Make root of trust a reference-counted structureMichael Brown2020-12-091-1/+2
* [x509] Record root of trust used when validating a certificateMichael Brown2020-12-081-2/+6
* [tls] Allow provision of a client certificate chainMichael Brown2020-12-071-30/+77
* [tls] Use intf_insert() to add TLS to an interfaceMichael Brown2020-12-071-4/+9
* [tls] Allow a minimum TLS protocol version to be specifiedMichael Brown2020-06-121-6/+24
* [tls] Add missing call to tls_tx_resume() when restarting negotiationMichael Brown2019-08-161-22/+24
* [tls] Display validator messages only while validation is in progressMichael Brown2019-03-101-3/+9
* [tls] Display cross-certificate and OCSP status messagesMichael Brown2019-03-071-0/+20
* [tls] Support stateless session resumptionMichael Brown2019-03-061-19/+110
* [tls] Fix incorrectly duplicated error numberMichael Brown2019-03-061-1/+1
* [tls] Support stateful session resumptionMichael Brown2019-02-211-8/+191
* [tls] Ensure that window change is propagated to plainstream interfaceMichael Brown2018-03-241-2/+7
* [tls] Rename tls_session to tls_connectionMichael Brown2018-03-241-119/+123
* [tls] Ensure received data list is initialised before calling tls_free()Michael Brown2018-03-231-3/+3
* [tls] Support RFC5746 secure renegotiationMichael Brown2017-07-041-19/+188
* [tls] Keep cipherstream window open until TLS negotiation is completeMichael Brown2017-05-221-0/+16
* [tls] Avoid potential out-of-bound reads in length fieldsMichael Brown2016-03-111-44/+67
* [crypto] Support SHA-{224,384,512} in X.509 certificatesMichael Brown2015-08-021-73/+17Star
* [tls] Report supported signature algorithms in ClientHelloMichael Brown2015-08-021-0/+25
* [tls] Do not access beyond the end of a 24-bit integerMichael Brown2015-08-011-22/+29
* [build] Add missing "const" qualifiersChristian Hesse2015-04-241-2/+2
* [crypto] Generalise X.509 cache to a full certificate storeMichael Brown2014-03-281-40/+34Star
* [crypto] Remove dynamically-allocated storage for certificate nameMichael Brown2014-03-251-10/+4Star
generated by cgit v1.2.3-55-g7522 (git 2.39.0) at 2024-06-01 04:25:30 +0200