aboutsummaryrefslogtreecommitdiff
path: root/src/net/tls.c
AgeCommit message (Expand)AuthorFilesLines
2022-11-09[tls] Allow handshake digest algorithm to be specified by cipher suiteMichael Brown1-63/+114
2022-11-09[tls] Always send maximum supported version in ClientHelloMichael Brown1-1/+1
2022-11-08[tls] Add support for AEAD ciphersMichael Brown1-2/+39
2022-11-08[tls] Treat invalid block padding as zero length paddingMichael Brown1-2/+2
2022-11-08[tls] Allow for arbitrary-length initialisation vectorsMichael Brown1-186/+144
2022-11-08[tls] Add MAC length as a cipher suite parameterMichael Brown1-16/+18
2022-11-08[tls] Abstract out concept of a TLS authentication headerMichael Brown1-21/+19
2022-11-07[tls] Ensure cipher alignment size is respectedMichael Brown1-0/+18
2022-11-07[tls] Formalise notions of fixed and record initialisation vectorsMichael Brown1-3/+24
2022-11-07[tls] Remove support for TLSv1.0Michael Brown1-31/+6
2022-10-25[crypto] Allow initialisation vector length to vary from cipher blocksizeMichael Brown1-2/+2
2022-10-11[tls] Add support for Ephemeral Diffie-Hellman key exchangeHEADMichael Brown1-0/+246
2022-10-11[tls] Add key exchange mechanism to definition of cipher suiteMichael Brown1-3/+25
2022-10-11[tls] Record ServerKeyExchange record, if providedMichael Brown1-0/+36
2022-10-11[tls] Generate pre-master secret at point of sending ClientKeyExchangeMichael Brown1-16/+24
2022-10-11[tls] Generate master secret at point of sending ClientKeyExchangeMichael Brown1-8/+13
2022-10-10[crypto] Simplify internal HMAC APIMichael Brown1-29/+22
2020-12-15[crypto] Allow private key to be specified as a TLS connection parameterMichael Brown1-5/+11
2020-12-15[tls] Include root of trust within definition of TLS sessionMichael Brown1-3/+7
2020-12-09[x509] Make root of trust a reference-counted structureMichael Brown1-1/+2
2020-12-08[x509] Record root of trust used when validating a certificateMichael Brown1-2/+6
2020-12-07[tls] Allow provision of a client certificate chainMichael Brown1-30/+77
2020-12-07[tls] Use intf_insert() to add TLS to an interfaceMichael Brown1-4/+9
2020-06-12[tls] Allow a minimum TLS protocol version to be specifiedMichael Brown1-6/+24
2019-08-16[tls] Add missing call to tls_tx_resume() when restarting negotiationMichael Brown1-22/+24
2019-03-10[tls] Display validator messages only while validation is in progressMichael Brown1-3/+9
2019-03-07[tls] Display cross-certificate and OCSP status messagesMichael Brown1-0/+20
2019-03-06[tls] Support stateless session resumptionMichael Brown1-19/+110
2019-03-06[tls] Fix incorrectly duplicated error numberMichael Brown1-1/+1
2019-02-21[tls] Support stateful session resumptionMichael Brown1-8/+191
2018-03-24[tls] Ensure that window change is propagated to plainstream interfaceMichael Brown1-2/+7
2018-03-24[tls] Rename tls_session to tls_connectionMichael Brown1-119/+123
2018-03-23[tls] Ensure received data list is initialised before calling tls_free()Michael Brown1-3/+3
2017-07-04[tls] Support RFC5746 secure renegotiationMichael Brown1-19/+188
2017-05-22[tls] Keep cipherstream window open until TLS negotiation is completeMichael Brown1-0/+16
2016-03-11[tls] Avoid potential out-of-bound reads in length fieldsMichael Brown1-44/+67
2015-08-02[crypto] Support SHA-{224,384,512} in X.509 certificatesMichael Brown1-73/+17
2015-08-02[tls] Report supported signature algorithms in ClientHelloMichael Brown1-0/+25
2015-08-01[tls] Do not access beyond the end of a 24-bit integerMichael Brown1-22/+29
2015-04-24[build] Add missing "const" qualifiersChristian Hesse1-2/+2
2014-03-28[crypto] Generalise X.509 cache to a full certificate storeMichael Brown1-40/+34
2014-03-25[crypto] Remove dynamically-allocated storage for certificate nameMichael Brown1-10/+4
2013-01-31[tls] Concatenate received non-data records before processingMichael Brown1-12/+10
2012-09-28[tls] Fix potential memory leakMichael Brown1-0/+1
2012-09-28[tls] Fix uninitialised variableMichael Brown1-2/+1
2012-09-27[tls] Split received records over multiple I/O buffersMichael Brown1-164/+278
2012-08-25[tls] Disambiguate most error causesMichael Brown1-32/+140
2012-07-20[legal] Update FSF mailing address in GPL licence textsMichael Brown1-1/+2
2012-06-29[tls] Request a maximum fragment length of 2048 bytesMichael Brown1-0/+11
2012-06-09[tls] Mark security negotiation as a pending operationMichael Brown1-3/+13
generated by cgit v1.1 at 2024-08-04 23:16:39 +0000