| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2016-07-10 | libsec: add scrypt password based key derivation function | cinap_lenrek | |
| 2016-06-26 | chacha: calculate rounds in separate function (helps registerizer), get rid ↵ | cinap_lenrek | |
| of unrolled code | |||
| 2016-05-12 | auth/rsa2x509: generate x509v3 cert as extension field might not otherwise ↵ | cinap_lenrek | |
| not be expected | |||
| 2016-05-12 | auth/rsa2x509, auth/rsa2csr: allow appending SubjectAlternativeNames (SAN) ↵ | cinap_lenrek | |
| to multi-domain certificate generation | |||
| 2016-05-04 | retire the dec alpha port | cinap_lenrek | |
| 2016-04-22 | libsec: implement server side SCSV preventing silly client fallbacks | cinap_lenrek | |
| silly clients (web*) reconnect when the handshake failed with a lower protocol version, which allows downgrade attacks (POODLE). but instead of stopping this madness, they invented a new magic TLSID to indicate to the server that this connection attempt is a retry, and rely on the server to notice and stop them from sabotaging themselfs. | |||
| 2016-04-21 | libsec: order tlshand cipher suits by: keyexchange>=cipher>=hash, ignore ↵ | cinap_lenrek | |
| client preference client preference is usualy crazy, so just ignore it. we always want the diffie hellman suits before static rsa and prefer chacha over aes-gcm. | |||
| 2016-04-21 | libsec: remove affine coordinate point operations from ecc | cinap_lenrek | |
| we now just do point addtion in jacobian coordinate system, and convert the result to affine when s->z == nil. | |||
| 2016-04-20 | libsec: implement elliptic curve group operations in jacobian coordinate system | cinap_lenrek | |
| 2016-04-18 | libsec: implement server side ECDHE key exchange with secp256r1, move DH ↵ | cinap_lenrek | |
| state in TlsSec structure, simplify implement ECDHE key exchange with secp256r1 on the server side, providing perfect forward secrecy (tho slowly). it is easier to just keep the ECDH/DH state in the TlsSec structure, which fits better with the grouping of the functions. we do the cleanup in tlsConnectionFree() now, so a lot of error handling logic could go away. reinvestigated some error paths and removed the ones that cannot error. move functions to fit the logical grouping. combine the code for signing handshake hashes (for client certs) and DH parameters. provide digestDHparams() function to be shared between server and client code. | |||
| 2016-04-17 | libsec: massive cleanup of tlshand.c | cinap_lenrek | |
| don't pass or generate sessionID's. this was never used nor actually implemented and leaks the process pid. get rid of version and random field duplications, move TlsSec structure into TlsConnection. make msgRecv() clear the message first, get rid of unneccesary msgClear() calls. | |||
| 2016-04-16 | libsec: fix memory leak of RSApub, avoid parsing certificate twice to ↵ | cinap_lenrek | |
| extract rsa public key instead of letting factotum_rsa_open() parse the certificate, we pass in the rsa public key which is then matched against the factotum keyring. this avoids parsing the x509 certificate twice. the sec->rsapub was not freed, so free it in tlsSecClose() | |||
| 2016-04-16 | libsec: recognize and decode PKCS#8 wrapped RSA private keys for auth/asn12rsa | cinap_lenrek | |
| example usage: auth/pemdecode 'PRIVATE KEY' test.pem | auth/asn12rsa | |||
| 2016-04-15 | libsec: x509: convert to UTF8 from BMPString and UNIString, reject \0 bytes | cinap_lenrek | |
| 2016-04-10 | libsec: make #include headers consistent | cinap_lenrek | |
| 2016-04-10 | libsec: dont use mips assembly routines for spim, wrong endianess | cinap_lenrek | |
| 2016-03-28 | libsec: fix tlsid for TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, ↵ | cinap_lenrek | |
| TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 the previous cipher id's where fore TLS_ECDH_* not TLS_ECDHE_*... sorry :( | |||
| 2016-03-23 | add portable AES-GCM (Galois/Counter Mode) implementation to libsec and devtls | cinap_lenrek | |
| 2016-03-12 | libsec: remove weakCipher[] array check as we do not support any of these ↵ | cinap_lenrek | |
| weak ciphers | |||
| 2016-03-01 | libsec: fix verifyDHparams() for version <= TLS1.1 | cinap_lenrek | |
| for version <= TLS1.1, there is no sigalg field in the ServerKeyExchange message and the signature digest algorithm is fixed to md5+sha1 and we only support RSA signatures (TLS1.1 doesnt know about ECDSA). | |||
| 2016-02-19 | libsec: remove unused tlsSecKill() | cinap_lenrek | |
| 2016-02-18 | libsec: fix memset() size in tlsConnectionFree(), remove #include <bio.h> | cinap_lenrek | |
| 2016-02-17 | libsec: add libc.h include for aes_xts.c (drawterm) | cinap_lenrek | |
| 2016-02-11 | libsec: simplify pkcs1_decrypt() | cinap_lenrek | |
| 2016-02-11 | libsec: fix double free in pkcs1_decrypt(), handle bad epm length in ↵ | cinap_lenrek | |
| tlsSecRSAs(), cleanup | |||
| 2016-02-07 | libsec: fix missing error case unlock() in tlshands initCiphers() | cinap_lenrek | |
| 2016-02-06 | libsec: mpconv -> mpfmt | cinap_lenrek | |
| 2016-02-03 | libsec: refactor asn1 encoding of digest for rsa signatures, fix memory leak ↵ | cinap_lenrek | |
| in ecverify | |||
| 2016-02-01 | libsec: ecdsa client support for tlshand, cleanups | cinap_lenrek | |
| 2016-01-19 | libsec: add salsa20 stream cipher | cinap_lenrek | |
| 2016-01-06 | libsec: make sure theres no garbage after the asn.1 decode, cleanup | cinap_lenrek | |
| 2015-12-25 | libsec: implement TLS-PSK for tlsClient()/tlsServer() | cinap_lenrek | |
| 2015-12-21 | tls: implement chacha20/poly1305 aead cipher suits | cinap_lenrek | |
| 2015-12-16 | libsec: use tsmemcmp() when comparing hashes, use mpfield() for ecc, use ↵ | cinap_lenrek | |
| mptober() when right adjusting mpint to bytes | |||
| 2015-12-01 | libsec: fix genprime() to produce normalized result | cinap_lenrek | |
| this fixed bug "assert_failed_m-flags__mpnorm_since_283cc2200e34". | |||
| 2015-11-26 | libsec: add chacha20 poly1305 aead, allow 64 bit iv's for chacha, add tsmemcmp() | cinap_lenrek | |
| chacha20 comes in two variants: ietf rfc7539, using 96 bit iv and 32 bit counter and draft-agl-tls-chacha20poly1305 using 64 bit iv and a 64 bit counter. so setupChachastate() now takes a ivlen argument which sets the mode. add ccpoly_encrypt()/ccpoly_decrypt() routines. to implement timing safe ccpoly_decrypt(), a constant time memcmp was needed, so adding tsmemcmp() to libsec. | |||
| 2015-10-22 | libsec: add chacha cipher (from charles forsyth) | cinap_lenrek | |
| 2015-10-22 | libsec: add poly1305 | cinap_lenrek | |
| 2015-10-10 | libsec: remove rc4 cipher suits for tls | cinap_lenrek | |
| 2015-10-09 | libsec: clarify the code by declaring constant for DirectoryString and ↵ | cinap_lenrek | |
| handle conversion in mkstring() | |||
| 2015-10-09 | libsec: use the right string encoding for various x509 fields | cinap_lenrek | |
| C= has to be PrintableString, E= and DC= are IA5String, everything else is DirectoryString which can be PrintableString or UTF8String. | |||
| 2015-09-24 | libsec: cleanup newbytes()/newints()/newbits() and get rid of OFFSETOF() macro | cinap_lenrek | |
| 2015-09-23 | libsec: fix memory leaks in X509req() and X509gen() and return malloced pointer | cinap_lenrek | |
| X509req() and X509gen() used to leak memory, and had no way for the caller to free the allocated certificate/certificate request buffer returned. this is not critical as these functions are only used in short lived rsa(2) helper programs. but i prefer to have library routines not leak memory as one does not know in advance where the code is going to be used. | |||
| 2015-09-23 | libsec: implement client certificate authentication for tls1.2 | cinap_lenrek | |
| we used to negotiate tls1.1 for client cert authentication because the signature generation was not implemented for tls1.2. this is now fixed and tls1.2 can be negotiated with client certs. | |||
| 2015-09-22 | libsec: handle missing signature case; can happen because some ciphers make ↵ | cinap_lenrek | |
| it optional | |||
| 2015-09-22 | libsec: make sure Elem is zero initialized so freevalfields() wont cause ↵ | cinap_lenrek | |
| accidents | |||
| 2015-09-22 | libsec: implement dh parameter signature verification, stop lying about ↵ | cinap_lenrek | |
| non-rsa ciphers, fix memory leaks in X509 code actually verify the diffie hellman parameter signature, this comes in two flavours. TLS1.2 uses X509 signature with a single hash specified by the signature algorithm field in the signature itself and pre TLS1.2 where md5+sha1 hashes of the signed blob are pkcs1 padded and encrypted with the rsa private key. stop advertizing non-rsa cipher suits (DSS and ECDSA), as we have not implmenented them. fix some memory leaks in X509 code while we'r at it. | |||
| 2015-09-22 | libsec: fix memory leak in ecmul() | cinap_lenrek | |
| 2015-09-14 | libsec: save some space making weakCipher bitamp of type char[] instead of int[] | cinap_lenrek | |
| 2015-09-14 | libsec: add TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 and ↵ | cinap_lenrek | |
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 cipher suits | |||
 |
index : plan9front.git | |
| Unnamed repository; edit this file 'description' to name the repository. |
| summaryrefslogtreecommitdiff |