cinap_lenrek
dd4de0b0fa
devtls: remove unused get32() function
2016-11-17 18:14:06 +01:00
cinap_lenrek
a121806126
kernel: replace various custom random iv buffer filling functions with calls to prng()
2016-09-11 01:54:06 +02:00
cinap_lenrek
2967f942ea
devtls: allocate cipher states in secret memory
2016-08-27 20:37:31 +02:00
cinap_lenrek
409babb990
devtls, devssl: make sure channel has ORDWR mode and is not a mount chan on fdtochan()
2016-07-24 03:24:42 +02:00
cinap_lenrek
cb4b187f10
devssl, devtls: fix permission checks
2016-05-11 02:10:05 +02:00
cinap_lenrek
89f9966aed
devtls: print the path of the underlying chan in status file
...
to figure out what network connection a particular tls
conversation refers to, we add the path of the underlying
we send the encrypted tls traffic over in the status file,
example:
term% grep -n '^Chan:' '#a'/tls/*/status
#a/tls/0/status:7: Chan: /net/tcp/6/data
#a/tls/1/status:7: Chan: /net/tcp/0/data
2016-03-28 20:12:54 +02:00
cinap_lenrek
e7bc98b057
devtls: zero secret information before freeing, cleanup
2016-03-23 13:50:58 +01:00
cinap_lenrek
aa6673fcfb
add portable AES-GCM (Galois/Counter Mode) implementation to libsec and devtls
2016-03-23 02:45:35 +01:00
cinap_lenrek
0aa5b01fab
devtls: fix wrong iounit
...
devtls writes are only atomic up to MaxRecLen as this is the
maximum payload size we put in a record application message.
2016-03-09 19:54:33 +01:00
cinap_lenrek
772afbe98c
format pointer subtraction results with %zd instead of %ld (for long -> intptr on amd64)
2016-01-07 04:44:13 +01:00
cinap_lenrek
9b0de7f9d6
tls: implement chacha20/poly1305 aead cipher suits
2015-12-21 04:55:54 +01:00
cinap_lenrek
cd3053a3cc
devtls: reject SHA2_256 mac for SSL, but TLS is fine
...
sha256 is only defined for TLS1.2, however, technically, theres
no reason not to use it in TLS1.0/TLS1.1. the choice is up to
tlshand and pushtls, not the kernel.
2015-10-28 17:09:22 +01:00
mischief
163a772124
devtls: add sha256 mac
2015-08-27 01:46:28 -07:00
glenda
c4fdc6bfdb
fix fuckup
2015-08-25 09:35:10 +00:00
mischief
6b402b83cf
import E script from bell labs
2015-08-25 02:07:46 -07:00
cinap_lenrek
74d1f67b05
devtls: TLS1.1 explicit iv support
...
using nrand() to fill the explicit iv, which isnt great but better
than no iv.
2015-08-15 17:50:44 +02:00
cinap_lenrek
5c6357de8b
devtls: ignore UnrecogniedName (112) alert message (for SNI)
2015-06-01 01:32:57 +02:00
cinap_lenrek
694597de3b
devtls: fix typo in debug print
2014-09-15 08:19:51 +02:00
mischief
774ccb19e4
devtls: spelling
2014-02-25 16:57:22 -08:00
cinap_lenrek
77438f99c8
devtls: fix hmac buffer size for SHA1 hashes (from erik)
...
the buffer isn't big enough for SHA1 hashes, which are larger than MD5
hashes.
2013-01-09 06:39:20 +01:00
cinap_lenrek
96cc3eb2ee
devtls: add support for aes_128_cbc and aes_256_cbc (import from sources)
2012-12-04 10:53:53 +01:00
Taru Karttunen
a9060cc06b
Import sources from 2011-03-30 iso image - lib
2011-03-30 19:35:09 +03:00
Taru Karttunen
e5888a1ffd
Import sources from 2011-03-30 iso image
2011-03-30 15:46:40 +03:00