aboutsummaryrefslogtreecommitdiffstats
path: root/src/net/tls.c
Commit message (Expand)AuthorAgeFilesLines
* [crypto] Remove the concept of a public-key algorithm reusable contextMichael Brown2024-08-211-33/+12
* [tls] Group client and server state in TLS connection structureMichael Brown2024-08-211-102/+111
* [tls] Group transmit and receive state in TLS connection structureMichael Brown2024-08-211-81/+77
* [crypto] Pass asymmetric keys as ASN.1 cursorsMichael Brown2024-08-181-3/+2
* [crypto] Allow passing a NULL certificate store to x509_find() et alMichael Brown2024-08-131-1/+1
* [crypto] Centralise mechanisms for identifying X.509 certificatesMichael Brown2024-08-121-1/+1
* [tls] Tidy up error handling flow in tls_send_plaintext()Michael Brown2024-01-311-10/+20
* [tls] Add support for Ephemeral Elliptic Curve Diffie-Hellman key exchangeMichael Brown2024-01-301-0/+169
* [tls] Split out Diffie-Hellman parameter signature verificationMichael Brown2024-01-301-39/+62
* [tls] Generate key material after sending ClientKeyExchangeMichael Brown2024-01-301-16/+15
* [tls] Restructure construction of ClientHello messageMichael Brown2024-01-301-72/+99
* [tls] Handle fragmented handshake recordsMichael Brown2023-03-301-18/+24
* [tls] Pass I/O buffer to received record handlersMichael Brown2023-03-301-58/+98
* [tls] Clean up change cipher spec record handlingMichael Brown2023-03-301-4/+15
* [tls] Allow handshake digest algorithm to be specified by cipher suiteMichael Brown2022-11-091-63/+114
* [tls] Always send maximum supported version in ClientHelloMichael Brown2022-11-091-1/+1
* [tls] Add support for AEAD ciphersMichael Brown2022-11-081-2/+39
* [tls] Treat invalid block padding as zero length paddingMichael Brown2022-11-081-2/+2
* [tls] Allow for arbitrary-length initialisation vectorsMichael Brown2022-11-081-186/+144
* [tls] Add MAC length as a cipher suite parameterMichael Brown2022-11-081-16/+18
* [tls] Abstract out concept of a TLS authentication headerMichael Brown2022-11-081-21/+19
* [tls] Ensure cipher alignment size is respectedMichael Brown2022-11-071-0/+18
* [tls] Formalise notions of fixed and record initialisation vectorsMichael Brown2022-11-071-3/+24
* [tls] Remove support for TLSv1.0Michael Brown2022-11-071-31/+6
* [crypto] Allow initialisation vector length to vary from cipher blocksizeMichael Brown2022-10-251-2/+2
* [tls] Add support for Ephemeral Diffie-Hellman key exchangeMichael Brown2022-10-111-0/+246
* [tls] Add key exchange mechanism to definition of cipher suiteMichael Brown2022-10-111-3/+25
* [tls] Record ServerKeyExchange record, if providedMichael Brown2022-10-111-0/+36
* [tls] Generate pre-master secret at point of sending ClientKeyExchangeMichael Brown2022-10-111-16/+24
* [tls] Generate master secret at point of sending ClientKeyExchangeMichael Brown2022-10-111-8/+13
* [crypto] Simplify internal HMAC APIMichael Brown2022-10-101-29/+22
* [crypto] Allow private key to be specified as a TLS connection parameterMichael Brown2020-12-151-5/+11
* [tls] Include root of trust within definition of TLS sessionMichael Brown2020-12-151-3/+7
* [x509] Make root of trust a reference-counted structureMichael Brown2020-12-091-1/+2
* [x509] Record root of trust used when validating a certificateMichael Brown2020-12-081-2/+6
* [tls] Allow provision of a client certificate chainMichael Brown2020-12-071-30/+77
* [tls] Use intf_insert() to add TLS to an interfaceMichael Brown2020-12-071-4/+9
* [tls] Allow a minimum TLS protocol version to be specifiedMichael Brown2020-06-121-6/+24
* [tls] Add missing call to tls_tx_resume() when restarting negotiationMichael Brown2019-08-161-22/+24
* [tls] Display validator messages only while validation is in progressMichael Brown2019-03-101-3/+9
* [tls] Display cross-certificate and OCSP status messagesMichael Brown2019-03-071-0/+20
* [tls] Support stateless session resumptionMichael Brown2019-03-061-19/+110
* [tls] Fix incorrectly duplicated error numberMichael Brown2019-03-061-1/+1
* [tls] Support stateful session resumptionMichael Brown2019-02-211-8/+191
* [tls] Ensure that window change is propagated to plainstream interfaceMichael Brown2018-03-241-2/+7
* [tls] Rename tls_session to tls_connectionMichael Brown2018-03-241-119/+123
* [tls] Ensure received data list is initialised before calling tls_free()Michael Brown2018-03-231-3/+3
* [tls] Support RFC5746 secure renegotiationMichael Brown2017-07-041-19/+188
* [tls] Keep cipherstream window open until TLS negotiation is completeMichael Brown2017-05-221-0/+16
* [tls] Avoid potential out-of-bound reads in length fieldsMichael Brown2016-03-111-44/+67
generated by cgit (git 2.34.1) at 2025-02-23 06:44:32 +0000