yogsototh/hs-tls
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
911 commits 1 branch 11 tags 1.7 MiB
Commit graph

911 commits

This branch
This branch
All branches
Author SHA1 Message Date
Vincent Hanquez
ce4fb75531 update TODO. DHE RSA+DSS is now supported. 2013-12-28 15:30:53 +00:00
Vincent Hanquez
5a3422cbbc generate DSA certificate and RSA certificate with proper extensions for tests 2013-12-28 15:30:37 +00:00
Vincent Hanquez
fa0d01df0d update utility with new ciphers and new credentials system. 2013-12-28 15:29:44 +00:00
Vincent Hanquez
5c776b7fc4 add new DHE-DSS ciphers 2013-12-28 15:28:01 +00:00
Vincent Hanquez
323fb95fbe consistent style in record structure. 2013-12-28 15:26:33 +00:00
Vincent Hanquez
3297441e0b limit to crypto-pubkey > 0.2.4 2013-12-28 15:26:03 +00:00
Vincent Hanquez
56f89956d0 add tests related to DHE DSS 2013-12-28 15:25:54 +00:00
Vincent Hanquez
85f436afe6 add a system to filter cipher that we can't use because we don't have the right credentials loaded. 2013-12-28 15:25:13 +00:00
Vincent Hanquez
acf9708199 use the new credentials system to be able to handle RSA and DSS certificate at the same time. 2013-12-28 15:24:20 +00:00
Vincent Hanquez
9a05ac9553 limit the X509 import list of what we need 2013-12-28 15:20:07 +00:00
Vincent Hanquez
f72293d32f properly do DSS/RSA in DHE methods. 2013-12-28 15:19:39 +00:00
Vincent Hanquez
a111d703a4 simplify the handshake key state. 
we don't need to differentiate client/server, as a remote key will always be public and
the private key always local.
 2013-12-28 15:17:42 +00:00
Vincent Hanquez
64946c8fb8 error in serverKeyXchg with RSA. 2013-12-28 15:15:06 +00:00
Vincent Hanquez
761ba1ac5c add support for DSS signature. 2013-12-28 15:14:09 +00:00
Vincent Hanquez
b3068deec8 add support for DSA signing and verification. 2013-12-28 15:13:43 +00:00
Vincent Hanquez
8e6a6d9456 add a credentials module 2013-12-28 15:12:14 +00:00
Vincent Hanquez
08997c96f0 default the version if not set which allow to report very early error (e.g. no cipher in common) properly 2013-12-28 15:09:25 +00:00
Vincent Hanquez
891cf168ac add simple method to get the certificate leaf. 2013-12-28 15:07:20 +00:00
Vincent Hanquez
541d440a29 make README uptodate with the DHE-RSA support. 2013-12-14 07:12:49 +00:00
Vincent Hanquez
4bc8156372 add tests for DHE_RSA. 2013-12-11 16:40:24 +08:00
Vincent Hanquez
02dd7b8aa7 add support for DHE (only with RSA signing so far) 2013-12-11 16:39:25 +08:00
Vincent Hanquez
a223673eed make HandshakeM an instance of Applicative. 2013-12-11 16:36:35 +08:00
Vincent Hanquez
2a09d51ba5 cleanup imports 2013-12-11 16:36:16 +08:00
Vincent Hanquez
64d2ba9cd7 add better methods for making DigitallySigned data structure and veryfying them 2013-12-11 16:34:45 +08:00
Vincent Hanquez
6d63cde8cb change ServerDHParams to re-use the DH abstraction in Crypto.DH. 2013-12-11 16:01:55 +08:00
Vincent Hanquez
1e62ddd53f properly account for difference of methods in key exchange. 
still only RSA supported.
 2013-12-11 16:01:07 +08:00
Vincent Hanquez
6fb2108b63 add SHA512 as defined hash 2013-12-11 15:55:58 +08:00
Vincent Hanquez
798a4b5787 move logging and hooks into a Hooks module 2013-12-11 15:55:24 +08:00
Vincent Hanquez
b234f1377f automatically add Crypto.DH in Crypto. 2013-12-11 15:54:32 +08:00
Vincent Hanquez
0236445101 add some wrapper for DH operations. 2013-12-11 15:53:55 +08:00
Vincent Hanquez
c805734abd use the new Crypto.Random instead of the compat Crypto.Random.API 2013-12-11 15:53:11 +08:00
Vincent Hanquez
96ae52e4cd make clear what we're talking about in the header. 2013-12-11 15:50:35 +08:00
Vincent Hanquez
9ea497adf6 add a function to generate digitally signed structure for DHParams. 2013-12-07 17:51:57 +08:00
Vincent Hanquez
b43ef69988 rename ServerDHParams marshalling functions 2013-12-07 17:51:28 +08:00
Vincent Hanquez
692aaf01a5 add DHE-RSA ciphers and a suite. 2013-12-07 15:11:06 +08:00
Vincent Hanquez
f916fde296 add a test DHE cipher. 2013-12-07 15:10:53 +08:00
Vincent Hanquez
12c32816bc add HashSHA1 for DSS signature for < TLS12. 2013-12-07 14:50:07 +08:00
Vincent Hanquez
d05c7a4be1 comment the reason of the existence of hashUpdateSSL. 2013-12-07 14:49:34 +08:00
Vincent Hanquez
50b56ff2cf use the new digitallySigned structure for CertVerify. 2013-12-07 14:37:14 +08:00
Vincent Hanquez
f6b4ee34ac abstract signature creation/verification 2013-12-07 14:25:58 +08:00
Vincent Hanquez
ad37d02523 cleanup CertificateVerify signature data generation 2013-12-07 13:10:17 +08:00
Vincent Hanquez
0a032bbc27 factor some code in client certificate verify message generation. 2013-12-07 12:44:45 +08:00
Vincent Hanquez
14fe8102c8 marshall signature as digitally-signed 2013-12-07 12:10:01 +08:00
Vincent Hanquez
99608782dc misc: remove spaces 2013-12-07 12:09:36 +08:00
Vincent Hanquez
23f4377f31 add the DigitallySigned structure to the list. 
the structure is compatible with older "digitally-signed" constructions
of tls 1.1 and older.
 2013-12-07 12:09:13 +08:00
Vincent Hanquez
1ac0cc9485 add putSignatureHashAlgorithm 2013-12-07 12:07:21 +08:00
Vincent Hanquez
887c69b6e5 move getSignatureHashAlgorithm 2013-12-07 12:07:04 +08:00
Vincent Hanquez
7e3077d23c rewrite SKX methods to use getInteger16 and applicative style. 2013-12-07 12:06:34 +08:00
Vincent Hanquez
a03b22024b export getInteger16/putInteger16 to serialize Integer in opaque16. 2013-12-07 12:05:41 +08:00
Vincent Hanquez
dea7eb32cf separate some helpers and add new one. 2013-12-07 12:04:53 +08:00