Branch: Tag:

2019-07-12

2019-07-12 09:46:06 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher.KeyExchangeRSA: Even more paranoia in got_client_key_exchange().

Caveat: connection->ke is now always valid after got_client_key_exchange(),
this change is due to there being a slight time difference between
assigning an object (due to refcounting) and assigning UNDEFINED.
Use the message_was_bad flag instead of checking connection->ke.

Reduces the exposure to Bleichenbacher some more.

2019-07-11

2019-07-11 10:36:41 by Henrik Grubbström (Grubba) <grubba@grubba.org>

Merge branch 'grubba/ssl-rsa-bleichenbacher'

* grubba/ssl-rsa-bleichenbacher:
SSL.Cipher.KeyExchangeRSA: Increased paranoia of premaster check.

2019-07-11 10:34:04 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher.KeyExchangeRSA: Increased paranoia of premaster check.

Survive RSA decryption returning a string shorter than 2 bytes.

2019-07-11 10:00:08 by Henrik Grubbström (Grubba) <grubba@grubba.org>

Revert "SSL.Cipher: short-circuit premaster-secret check."

This code intentionally does NOT use short-circuiting.

READ the associated comments!

This reverts commit 91bde162afb6683da54cb46845eca875a1c75174.

2019-07-11 08:44:20 by Mateusz Krawczuk <krawczukmat@gmail.com>

SSL.Cipher: short-circuit premaster-secret check.

The `+() lfun evaluates all its parameters and the program crashes
here in case premaster-check is empty or only has one element.

Now the whole logical statement evaluates to true if its leftmost
expression evaluates to true, not evaluating the following
expressions.

2019-05-28

2019-05-28 11:38:50 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Use SignatureScheme instead of array({Hash,Signature}Algorithm).

2019-05-28 09:25:54 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Renumbered HASH_* in preparation for using SignatureScheme.

2019-03-19

2019-03-19 12:33:55 by Henrik Grubbström (Grubba) <grubba@grubba.org>

Merge commit '722771973bd' into patches/lyslyskom22891031

* commit '722771973bd': (6177 commits)
Verify that callablep responses are aligned with reality.
...

2019-03-14

2019-03-14 10:39:03 by Henrik Grubbström (Grubba) <grubba@grubba.org>

Merge commit '2470270f500c728d10b8895314d8d8b07016e37b' into grubba/typechecker-automap

* commit '2470270f500c728d10b8895314d8d8b07016e37b': (18681 commits)
Removed the old typechecker.
...

2018-11-04

2018-11-04 16:11:11 by Arne Goedeke <el@laramies.com>

Merge remote-tracking branch 'origin/master' into new_utf8

2018-11-03

2018-11-03 14:21:37 by Marcus Comstedt <marcus@mc.pp.se>

Merge remote-tracking branch 'origin/8.1' into gobject-introspection

2018-02-15

2018-02-15 15:54:26 by Henrik Grubbström (Grubba) <grubba@grubba.org>

Merge commit '75c9d1806f1a69ca21c27a2c2fe1b4a6ea38e77e' into patches/pike63

* commit '75c9d1806f1a69ca21c27a2c2fe1b4a6ea38e77e': (19587 commits)
...

2017-09-30

2017-09-30 11:02:02 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Use get_x_str() for the ECC secrets.

Improves support for curves where the native point representation
isn't an integer, but a string of bytes (like eg Crypto.ECC.Curve25519).

2016-12-12

2016-12-12 19:40:10 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: More ECC-related fixes.

2016-12-12 19:38:23 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: More ECC-related fixes.

2016-12-12 17:29:27 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Fixed debug output.

2016-12-12 17:25:45 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Fixed debug output.

2016-12-12 11:06:59 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL [Client]: Support disabling of some ECC curves via Context.

Fixes remainder of [bug 7825].

2016-12-12 11:04:56 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Survive Context()->ecc_curves being empty.

Fixes some more of [bug 7825].

2016-12-12 10:59:35 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL [Client]: Support disabling of some ECC curves via Context.

Fixes remainder of [bug 7825].

2016-12-12 10:55:41 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Survive Context()->ecc_curves being empty.

Fixes some more of [bug 7825].

2016-09-05

2016-09-05 10:51:48 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Fixed max_bytes calculation for DES, DES3 and RC2.

Fixes multiple "Indexing the NULL value with "block_size".".

2016-08-28

2016-08-28 13:45:10 by Martin Nilsson <nilsson@fastmail.com>

Use sprintf %x some more.

2016-08-28 11:10:19 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher.CipherSpec: Fixed max_bytes for CIPHER_block.

2016-08-26

2016-08-26 15:07:39 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher.CipherSpec: Added max_bytes.

This value is intended to be used as a threshold for automatic key
renegotiation (and make us proof against eg Sweet32).

cf https://sweet32.info/

2016-04-14

2016-04-14 21:56:05 by Martin Nilsson <nilsson@fastmail.com>

Null ciphers are still allowed, just not SSL_null_with_null_null.

2016-01-17

2016-01-17 00:42:11 by Martin Nilsson <nilsson@fastmail.com>

Spruce up ECDHE KEX init_client. Remove redundant check and call overloaded function.

2016-01-16

2016-01-16 21:50:08 by Martin Nilsson <nilsson@fastmail.com>

Fix an issue where EC client certificate would overwrite EC KE on server side.

2015-12-18

2015-12-18 14:37:26 by Martin Nilsson <nilsson@fastmail.com>

Fixed DH validation performance bugs.

2015-12-18 14:35:58 by Martin Nilsson <nilsson@fastmail.com>

Fixed DH validation performance bugs.

2015-11-02

2015-11-02 13:39:50 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Don't enforce our hash preferences.

It is up to the peer to select a suitable hash algorithm when
signing. We shouldn't fail the connection due to the peer
selecting a different hash from what we would have selected.

2015-11-01

2015-11-01 17:56:56 by Martin Nilsson <nilsson@fastmail.com>

Rename HASH_sha to HASH_sha1.

2015-11-01 17:44:19 by Martin Nilsson <nilsson@fastmail.com>

NSA IA now only recommends AES-256, P-384, SHA-384, 3072+ bit DH, 3072+ bit RSA

2015-10-31

2015-10-31 16:03:25 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Added some more SSL3_DEBUG_CRYPT.

2015-10-26

2015-10-26 15:58:02 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Use Crypto.DH for Diffie-Hellman KEX.

Now that Crypto.DH.DHParameters exists, there's no need for
a custom copy in SSL.Cipher.

2015-10-26 15:18:41 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Reduced DH overhead by a factor ~8.

The DH secret was generated ~8 times larger than needed and
then reduced to the required size. This provided for an
excellent distribution at a cost of quite a bit of overhead.

As this wasn't the intended behaviour of the code, it has
now been changed to just generate the required number of bits
plus a fixed overhead of 128 bits, which ought to be enough to
reduce the bias to a minimum.

2015-10-26 11:16:45 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Protocol version handling cleanup.

The protocol version is now represented the same way everywhere;
a 16-bit integer with the major (ie 3) in the high 8 bits, and
the minor in the low 8 bits.

Previously there was a mix between having a two element array,
and just keeping track of the minor.

Also strengthens the types of version variables in a few places.

2015-10-23

2015-10-23 09:45:10 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Support KeyExchange using ECDHE.

2015-10-23 09:39:04 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Added some constants from RFC 4492.

Also adds some related low-level support for ECC key exchanges.

2015-10-23 09:38:07 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: KeyExchange protocols may need the connection object.

Information from protocol extensions are often connection
specific, and thus stored in the connection object.

Note that this introduces a circularity that needs to be broken.
We break the circularity on error and when a master key has
been successfully negotiated.

2015-10-22

2015-10-22 13:07:58 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Improved TLS 1.2 compatibility.

The TLS 1.2 prf is now derived from the hash function used for
the MAC for the suite, as this seems to be the convention for
all the suites that have been defined after TLS 1.2.

This simplifies implementation of the prf selection behaviour
specified eg for the suites defined in RFC 6367 3.3:

When used with TLS versions prior to 1.2 (TLS 1.0 and TLS 1.1),
the PRF is calculated as specified in the appropriate version
of the TLS specification.

2015-10-22 13:03:41 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Altering the prf also alters the hash.

Fixes support for cipher suites using prf_sha384.

2015-10-22 13:01:20 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Added prf_sha384().

This prf is needed for ciphers with key sizes that are on the order
of 256 bits (since prf_tls_1_2() only has 256 bits of state).

Also updates the P_hash() API to support hashes with blocksizes other
than 64.

2015-10-21

2015-10-21 15:18:44 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Add support for AEAD ciphers.

Implements the TLS 1.2 protocol-level support for AEAD cipher suites.

No AEAD cipher suites have been added yet.

2015-10-20

2015-10-20 12:35:19 by Martin Nilsson <nilsson@opera.com>

Change CAMELLIA to Camellia to be consistent with other non-acronym ciphers.

2015-10-20 09:58:08 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Added HMAC SHA384 and HMAC SHA512.

These aren't used by any of Pikes cipher suites yet, but will be
useful when support for eg the GCM-suites is implemented.

2015-10-19

2015-10-19 15:38:18 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Renamed variable to match reality.

The first argument to verify() is the SSL.Session; NOT the SSL.Context.

2015-10-19 15:38:12 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Filter suites obsoleted in TLS 1.1 and 1.2.

For compliance with TLS 1.1 and 1.2 certain obsolete cipher
suites MUST NOT be negotiated in the TLS 1.1 and 1.2 modes.

2015-10-19 15:30:41 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Support HMAC using SHA256.

Also adds a few cipher suites using this HMAC.

2015-10-19 09:55:52 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Get rid of a few warnings.

2015-10-19 09:54:24 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Changed the verify API again.

The verifier now reads the signature data itself.

Also fixes broken DSA verifier and inverted test
in the client cert verifier.

SSL.session()->has_required_certificates() now knows
about SSL.Cipher.TLSSigner.

Fixes client side TLS 1.2 support.

2015-10-19 09:52:40 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.handshake: Support EXTENSION_signature_algorithms.

2015-10-16

2015-10-16 15:03:55 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Enable support for TLS 1.2.

This mainly adds some minimal support for TLS 1.2 signatures,
with which all the requirements for TLS are fulfilled.

Seems to interoperate with gnutls:
- Description: (TLS1.2-PKIX)-(DHE-RSA-1024)-(CAMELLIA-256-CBC)-(SHA1)
- Session ID: 52:93:96:96:50:69:6B:65:53:53:4C:33:00:00:00:1F
- Ephemeral Diffie-Hellman parameters
- Using prime: 1024 bits
- Secret key: 1020 bits
- Peer's public key: 1024 bits
- Version: TLS1.2
- Key Exchange: DHE-RSA
- Server Signature: RSA-SHA1
- Cipher: CAMELLIA-256-CBC
- MAC: SHA1
- Compression: NULL
- Handshake was completed

2015-10-16 15:03:54 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Added verification of DSA signatures.

2015-10-16 13:44:57 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Changed the API for rsa_verify().

This is in preparation for TLS 1.2 where the signature format has
changed.

2015-10-16 13:41:03 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Centralize PRF handling.

Some preparations for TLS 1.2.

CipherSpec now contains the PRF to use for the session (as per TLS 1.2).

Renamed SSL.Cipher.prf() SSL.Cipher.prf_tls_1_0().

Added PRFs with similar naming for SSL 3.0 and TLS 1.2.

Selection of the PRF to use is now done by SSL.Cipher.lookup().

2015-10-16 13:36:29 by Martin Nilsson <nilsson@opera.com>

Comment fixes.

2015-10-16 13:30:08 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher.KeyExchange: Some clenups in derive_master_secret().

Also adds P_sha256 from TLS 1.2 so that stuff compiles again.

2015-10-16 13:27:51 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher.KeyExchange: Added some Autodoc markup.

2015-10-16 13:24:28 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher.KeyExchange: Improve argument order consistency.

The arguments client_random and server_random now come in
this order everywhere.

2015-10-16 13:20:48 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Added KeyExchangeNULL.

The SSL_null_with_null_null cipher suite now works (when enabled).

Removes KeyExchangeGeneric, since it is no longer in use.

2015-10-16 13:20:46 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Added KeyExchangeDH and KeyExchangeDHE.

The only thing KeyExchangeGeneric is used for now is KE_none (when
enabled)...

2015-10-16 13:20:45 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher.KeyExchange: Reduced amount of duplicated code a bit more.

2015-10-16 13:20:33 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Added KeyExchangeRSA and KeyExchangeGeneric.

KeyExchangeRSA is a key exchanger that only handles KE_rsa.

Also changed server_derive_master_secret() to use derive_master_secret()
to avoid code duplication.

2015-10-16 12:13:43 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Added KeyExchangeRSA and KeyExchangeGeneric.

KeyExchangeRSA is a key exchanger that only handles KE_rsa.

Also changed server_derive_master_secret() to use derive_master_secret()
to avoid code duplication.

2015-10-16 12:11:17 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Renamed flag rsa_message_was_bad to message_was_bad.

2015-10-16 12:10:01 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher.KeyExchange: Split out from SSL.handshake.

First step in cleaning up the key exchange code.
This mainly moves code (essentially unmodified) from SSL.handshake to
the new SSL.Cipher.KeyExchange.

2015-10-15

2015-10-15 14:32:59 by Arne Goedeke <el@laramies.com>

Crypto: compatibility with older nettle versions

SALSA20, CAMELLIA, SHA384 and SHA512 are not available in older nettle versions

2015-10-15 14:32:57 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Add support for some CAMELLIA cipher suites.

2015-10-15 14:04:27 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Fixed multiple bugs in the DHE handshakes.

The server support for the DHE_RSA handshake now seems to work.

2015-10-15 10:17:02 by Martin Nilsson <nilsson@opera.com>

Simplified some debug.

2015-10-14

2015-10-14 15:31:37 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Fixed some strict-types warnings.

2015-10-14 15:15:34 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Added support for specifying the minimum and maximum versions of SSL.

The minimum and maximum accepted SSL/TLS versions are
configured by setting the corresponding variables in the
context object.

This is in line with how other SSL parameters are configured.

2015-10-14 12:59:27 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Added symbolic constants for the SSL versions.

2015-10-14 12:30:15 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Protected some more LFUNs.

2015-10-14 12:23:26 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Prepare for versions newer than TLS 1.0 (aka SSL 3.1).

2015-09-03

2015-09-03 05:43:09 by Martin Nilsson <nilsson@fastmail.com>

Fixed a debug message.

2015-08-21

2015-08-21 23:56:32 by Martin Nilsson <nilsson@fastmail.com>

Use @rfc{@} autodoc syntax.

2015-07-07

2015-07-07 10:05:25 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Minor documentation changes.

2015-07-07 09:50:30 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: It is possible to have ChaCha20 without ChaCha20.POLY1305.

2015-05-19

2015-05-19 18:05:25 by Martin Nilsson <nilsson@opera.com>

POLY1305 required for ChaCha20

2015-04-06

2015-04-06 08:54:19 by Chris Angelico <rosuav@gmail.com>

Guard KeyExchangeECDHEPSK inside ECC.Curve check

2015-04-05

2015-04-05 22:44:33 by Martin Nilsson <nilsson@opera.com>

Fix a comment.

2015-04-05 22:27:35 by Martin Nilsson <nilsson@opera.com>

Added the final defined PSK suites, ECDHE. The suite lookup table test broke as always, but all the defined ciphers appears to work.

2015-04-04

2015-04-04 17:00:19 by Martin Nilsson <nilsson@opera.com>

Simplify RSA signature and at the same time fix a bug preventing non-byte RSA key sizes.

2015-04-04 04:29:46 by Martin Nilsson <nilsson@opera.com>

Simplify RSA signature and at the same time fix a bug preventing non-byte RSA key sizes.

2015-04-04 00:58:47 by Martin Nilsson <nilsson@opera.com>

Verify that the negotiated hash and signature algorithm is actually used.

2015-04-04 00:02:47 by Martin Nilsson <nilsson@opera.com>

Streamline the KE verification a bit.

2015-03-31

2015-03-31 03:41:36 by Martin Nilsson <nilsson@opera.com>

Optimize export crypto a bit for the testsuite.

2015-03-30

2015-03-30 00:35:57 by Martin Nilsson <nilsson@opera.com>

Fixed typo that caused exception on emprty ffdhe_groups in session object.

2015-03-23

2015-03-23 23:36:04 by Martin Nilsson <nilsson@opera.com>

No one is seriously using export ciphers, so stop optimizing them and throw out some code. (My desktop is doing 710 keys per second)

2015-03-08

2015-03-08 21:55:52 by Martin Nilsson <nilsson@opera.com>

Fix debug messages.

2015-03-07

2015-03-07 13:42:51 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Context: Added support for private FFDHE-groups.

2015-03-04

2015-03-04 19:57:31 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Added KeyExchangeExportRSA.

This breaks out the handling of export-RSA from KeyExchangeRSA in
order to reduce the attack surface for attacks like FREAK.

2015-03-04 19:54:38 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Constants: Added KE_rsa_export.

This is in preparation for breaking out the export-RSA handshaking
from KeyExchangeRSA.

2015-02-27

2015-02-27 14:29:22 by Martin Nilsson <nilsson@opera.com>

Remove trailing white spaces.

2015-02-26

2015-02-26 14:51:52 by Martin Nilsson <nilsson@opera.com>

Properly handle curve points formatted with the wrong encoding (as in first sending an fatal alert before closing).

2015-02-25

2015-02-25 18:05:59 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Fixed debug message.

2015-02-25 00:53:49 by Martin Nilsson <nilsson@opera.com>

Moved common preprocesor defines to tls.h

2015-02-23

2015-02-23 16:50:52 by Martin Nilsson <nilsson@opera.com>

Null ciphers are still allowed in TLS 1.1, it's just null_with_null_null that is forbidden.

2015-02-20

2015-02-20 13:13:05 by Martin Nilsson <nilsson@opera.com>

Fix for the RSA padding check.

2015-02-20 02:33:09 by Martin Nilsson <nilsson@opera.com>

Implemented RSA PSK key exchange. select_cipher_suite() in Session however requires a rewrite to work with these suites.

2015-02-19

2015-02-19 16:17:17 by Martin Nilsson <nilsson@opera.com>

Added support for DHE PSK.

2015-02-19 15:24:49 by Martin Nilsson <nilsson@opera.com>

Return appropriate alert if key id or hint was not recognized.

2015-02-19 14:53:32 by Martin Nilsson <nilsson@opera.com>

Removed stray debug.

2015-02-18

2015-02-18 17:37:15 by Martin Nilsson <nilsson@opera.com>

Support for plain PSK.

2015-02-09

2015-02-09 13:18:12 by Martin Nilsson <nilsson@opera.com>

Use side channel silent powm.

2015-02-04

2015-02-04 17:01:27 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: KeyExchangeECDH now uses init_{server,client}().

Reverses the inheritance order for KeyExchangeECDH and KeyExchangeECDHE
to reduce the code complexity a bit.

2015-02-03

2015-02-03 18:14:29 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Merged DHKeyExchange into KeyExchangeDHE.

This removes one layer of indirection, and reduces name confusion.

2015-02-01

2015-02-01 12:07:09 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: KeyExchangeDH now uses init_{server,client}().

Reverses the inheritance order for KeyExchangeDH and KeyExchangeDHE
to reduce the code complexity a bit.

2015-02-01 09:26:38 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher.KeyExchange: Added init_{client,server}().

Added separate initialization functions for key exchange on
client and server. These will later be used for certificate-
based key exchanges.

2015-01-31

2015-01-31 16:13:24 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Fixed some debug messages.

2015-01-28

2015-01-28 17:30:21 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher.KeyExchange: Require server_key_exchange for {EC,}DHE.

Inspired by similar bug in LibreSSL.

2015-01-28 17:27:33 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher.KeyExchange: Require server_key_exchange for {EC,}DHE.

Inspired by similar bug in LibreSSL.

2015-01-27

2015-01-27 15:56:09 by Martin Nilsson <nilsson@opera.com>

Fix for SSL 3

2015-01-27 15:41:47 by Martin Nilsson <nilsson@opera.com>

Send Buffer objects to got_client_key_exchange.

2015-01-27 15:09:15 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher.KeyExchange: Renamed function.

Renames server_key_exchange() to got_server_key_exchange()
to have a more consistent naming scheme.

2015-01-26

2015-01-26 19:24:39 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher.KeyExchange: Removed obsolete derive_master_secret().

This function is no longer used (SSL.Connection::derive_master_secret()
is used instead).

2015-01-25

2015-01-25 19:18:21 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Fixed debug message.

2015-01-25 19:10:54 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher.KeyExchange: Changed API for client_key_exchange_packet().

It now returns the premaster secret, and fills in the
packet data in the provided buffer. This change allows
the corresponding function in SSL.ClientConnection to
use SSL.Connection.derive_master_secret().

2015-01-25 01:17:14 by Martin Nilsson <nilsson@opera.com>

Move from pubx/puby to point.

2015-01-24

2015-01-24 14:31:11 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Updated ECDH(E) key exchanges to new ECC API.

2015-01-24 14:19:59 by Martin Nilsson <nilsson@opera.com>

A surgical introduction of the ECC Point object. What really should happen is that ECC Curve operations generate Point objects instead of gmp arrays. Then all x/y variables should be replaced with Point objects in Cipher.

2015-01-24 10:59:03 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher.KeyExchange: Introduced got_client_key_exchange().

Renames ke->server_derive_master_secret() to
ke->got_client_key_exchange(), and changes it
to return the premaster secret.

This will reduce the amount of code duplication soon.

2015-01-23

2015-01-23 15:35:17 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Updated ECDH(E) key exchanges to new ECC API.

2015-01-20

2015-01-20 15:10:40 by Martin Nilsson <nilsson@opera.com>

A surgical introduction of the ECC Point object. What really should happen is that ECC Curve operations generate Point objects instead of gmp arrays. Then all x/y variables should be replaced with Point objects in Cipher.

2015-01-03

2015-01-03 13:48:47 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: lookup() now knows about TLS 1.3.

2015-01-02

2015-01-02 14:28:00 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Some more KeyShare-related API changes.

The API now seems to be usable for TLS 1.3.

2015-01-01

2015-01-01 21:46:12 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Added FIXME.

2014-12-28

2014-12-28 13:53:34 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: More KeyShare{EC,}DHE fixes for TLS 1.3.

2014-12-27

2014-12-27 15:15:05 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Added KeyShare{EC,}DHE in preparation for TLS 0.3.

2014-12-16

2014-12-16 16:47:13 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: validate_dh() now knows about the FFDHE groups.

Also adds the MODP groups of equivalent strength.

2014-12-15

2014-12-15 21:10:53 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Support the Negotiated FF-DHE Parameters draft.

NB: This draft has been incorporated into the TLS 1.3 draft.

2014-12-14

2014-12-14 14:46:31 by Henrik Grubbström (Grubba) <grubba@grubba.org>

Crypto.DH: Renamed the DLDHE constants to FFDHE for clairity.

The DLDHE draft has been renamed FFDHE. As these constants aren't yet
used anywhere, rename them accordingly.

Also updates the references for the constants to the latest drafts
where they are defined.

2014-12-13

2014-12-13 21:59:15 by Martin Nilsson <nilsson@opera.com>

These catches are intended to catch buffer underflow. That is however already done in the caller in Connection.

2014-12-13 12:11:52 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL [DHE]: Validate the Ys received from the peer.

This is required by the current FFDHE draft, and is needed to protect
the connection from MITM attacks.

Also changes some alerts from unexpected_message to handshake_failure
as required by the same draft.

2014-12-13 11:58:48 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL [DHE]: Validate the Ys received from the peer.

This is required by the current FFDHE draft, and is needed to protect
the connection from MITM attacks.

Also changes some alerts from unexpected_message to handshake_failure
as required by the same draft.

2014-12-04

2014-12-04 17:40:14 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Minor code cleanup.

2014-11-27

2014-11-27 14:56:16 by Martin Nilsson <nilsson@opera.com>

Update comments.

2014-11-24

2014-11-24 17:40:17 by Martin Nilsson <nilsson@opera.com>

Mark key exchange packets as 8bit.

2014-11-20

2014-11-20 14:51:59 by Martin Nilsson <nilsson@opera.com>

Even better looking.

2014-11-20 14:38:01 by Martin Nilsson <nilsson@opera.com>

Small cleanup of point decoding using Stdio.Buffer features.

2014-11-15

2014-11-15 23:07:02 by Martin Nilsson <nilsson@opera.com>

Use read_hint. It has to go through Gmp.mpz until all relevant interfaces are converted into int.

2014-11-15 23:07:02 by Martin Nilsson <nilsson@opera.com>

Use add_hint

2014-11-15 10:55:35 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher [ecdh]: Added note about point validation.

There are attacks against ECDH/ECDHE that are based on providing
points that aren't on the negotiated curve, so add an explicit
note that the received points are validated in point_mul().

2014-11-15 10:50:42 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher [ecdh]: Added note about point validation.

There are attacks against ECDH/ECDHE that are based on providing
points that aren't on the negotiated curve, so add an explicit
note that the received points are validated in point_mul().

2014-11-15 05:01:57 by Martin Nilsson <nilsson@opera.com>

Compile fix. I don't have GSSAPI

2014-11-15 04:50:39 by Martin Nilsson <nilsson@opera.com>

Some additional cleanup. Mostly renaming things.

2014-11-15 04:12:25 by Martin Nilsson <nilsson@opera.com>

ADT.struct -> Stdio.Buffer

2014-11-08

2014-11-08 11:00:56 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Added KeyExchangeKRB (experimental).

This is a tentative implementation of the RFC 2712
Kerberos-based key exchange.

No interoperation tests have been performed, and the
corresponding suites are not enabled.

2014-10-13

2014-10-13 17:02:42 by Martin Nilsson <nilsson@opera.com>

Some trivial TLS 1.3 changes.

2014-10-13 16:36:21 by Martin Nilsson <nilsson@opera.com>

TLS 1.3 renames NamedCurve into NamedGroup

2014-09-29

2014-09-29 00:08:09 by Martin Nilsson <nilsson@opera.com>

Corrected comment.

2014-09-28

2014-09-28 22:37:36 by Martin Nilsson <nilsson@opera.com>

Tidy up the signature verification a little.

2014-09-28 22:37:36 by Martin Nilsson <nilsson@opera.com>

Verify DH parameters.

2014-09-25

2014-09-25 20:46:16 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Improved debug message.

2014-09-23

2014-09-23 17:41:22 by Martin Nilsson <nilsson@opera.com>

Pad non-pkcs signatures to key size.

2014-09-07

2014-09-07 19:59:23 by Martin Nilsson <nilsson@opera.com>

Make the code a bit smaller.

2014-09-04

2014-09-04 15:57:43 by Arne Goedeke <el@laramies.com>

Merge remote-tracking branch 'origin/8.0' into string_alloc

Conflicts:
src/stralloc.c

2014-09-01

2014-09-01 13:37:19 by Martin Nilsson <nilsson@opera.com>

Subgroup order is calculated in Parameters if left out as an argument.

2014-09-01 13:31:00 by Martin Nilsson <nilsson@opera.com>

Reference .Cipher without prefix.

2014-09-01 13:04:14 by Martin Nilsson <nilsson@opera.com>

Select DH group based on symmetric key strength.

2014-08-06

2014-08-06 16:20:32 by Per Hedbor <ph@opera.com>

Fixed typo in autodoc

2014-08-06 15:04:55 by Martin Nilsson <nilsson@opera.com>

Move ke_factory to CipherSpec.

2014-08-06 14:48:31 by Martin Nilsson <nilsson@opera.com>

Set ke_method before it is used.

2014-08-04

2014-08-04 14:07:40 by Martin Nilsson <nilsson@opera.com>

Fixed time invariance issues when decoding the premaster secret.

2014-08-04 14:01:55 by Martin Nilsson <nilsson@opera.com>

Stop creating RSA objects we don't use in RSA key exchange. Some code style changes.

2014-07-31

2014-07-31 23:02:29 by Martin Nilsson <nilsson@opera.com>

Added standards cross references.

2014-07-31 22:11:41 by Martin Nilsson <nilsson@opera.com>

We are typically only calling sign/verify once a connection, so just do the implementation selection during that call.

2014-07-31 14:00:18 by Martin Nilsson <nilsson@opera.com>

Make default signature hash more explicit.

2014-07-31 09:59:30 by Martin Nilsson <nilsson@opera.com>

Moved hash selection to the signer object.

2014-07-29

2014-07-29 17:17:31 by Martin Nilsson <nilsson@opera.com>

Decomplex the lookup function a bit.

2014-07-07

2014-07-07 15:21:05 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Fixed Autodoc markup typo.

2014-07-07 15:20:32 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Context: Added get_signature_algorithms().

Also extends the documentation for the signature_algorithms
variable a bit.

2014-06-29

2014-06-29 14:20:58 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Extended hash_packet() with length adjustment.

This is needed to support the current draft of encrypt-then-mac.

2014-05-29

2014-05-29 14:36:25 by Martin Nilsson <nilsson@opera.com>

Removed #if 0 code.

2014-05-20

2014-05-20 20:48:55 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.State: Allow for AEAD suites with implicit iv/nonce.

The ChaCha20-Poly1305 suites use a fully implicit nonce, so make sure
to support this.

Fixes ChaCha20-Poly1305 TLS interoperability with Google's GFE/2.0.

2014-05-16

2014-05-16 21:01:17 by Martin Nilsson <nilsson@opera.com>

Documentation and debug updates.

2014-05-16 18:10:39 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Added support for the ChaCha20-Poly1305 suites.

2014-05-16 18:06:17 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Improved Suite B compliance.

Now selects the hash and curve required by Suite B if available,
and otherwise the strongest available.

2014-05-16 12:06:08 by Martin Nilsson <nilsson@opera.com>

Tidy up curve debug messages.

2014-05-15

2014-05-15 23:20:23 by Martin Nilsson <nilsson@opera.com>

0..255 -> 8bit

2014-05-10

2014-05-10 22:38:20 by Martin Nilsson <nilsson@opera.com>

Change \!s->is_empty() to sizeof(s).

2014-05-04

2014-05-04 17:03:59 by Martin Nilsson <nilsson@opera.com>

Improved types.

2014-05-01

2014-05-01 13:21:15 by Henrik Grubbström (Grubba) <grubba@grubba.org>

Nettle: Moved modes CTR and CCM to submodules.

CTR is now a submodule to Nettle.BlockCipher, and
CCM and CCM8 are submodules to Nettle.BlockCipher16.

Added fallback C-implementation of CTR if the Nettle library lacks one.

All common modes should now be submodules.

2014-04-30

2014-04-30 22:34:49 by Martin Nilsson <nilsson@opera.com>

Less random data in the debug output...

2014-04-30 16:28:28 by Henrik Grubbström (Grubba) <grubba@grubba.org>

Nettle: Moved Buffer from a class to a submodule of BufferedCipher.

This adds things like Crypto.AES.Buffer and Crypto.AES.CBC.Buffer
analogous to Crypto.AES.GCM.

2014-04-30 15:44:59 by Henrik Grubbström (Grubba) <grubba@grubba.org>

Nettle: Moved CBC from a class to a submodule of BlockCipher.

This adds things like Crypto.AES.CBC analogous to Crypto.AES.GCM.

2014-04-26

2014-04-26 12:20:24 by Henrik Grubbström (Grubba) <grubba@grubba.org>

Nettle: Moved GCM to a Cipher submodule.

The various tastes of GCM now follow the AEAD API properly.

Crypto.GCM is no more, instead there are Crypto.AES.GCM,
Crypto.Camellia.GCM etc.

Also updates the SSL code accordingly.

2014-04-25

2014-04-25 18:59:38 by Henrik Grubbström (Grubba) <grubba@grubba.org>

Crypto.*.HMAC: HMAC now follows the Crypto.MAC API.

The main change is that Crypto.*.HMAC now is a module object and
not just a class. This means that the return type of eg
Crypto.SHA1.HMAC() now is a Crypto.SHA1.HMAC.State (or weaker a
Crypto.MAC.State), rather than a plain Crypto.SHA1.HMAC.

2014-04-24

2014-04-24 17:57:37 by Martin Nilsson <nilsson@opera.com>

Turn seq_num into an integer.

2014-04-21

2014-04-21 20:19:03 by Martin Nilsson <nilsson@opera.com>

Rename DHParameters to Parameters to avoid name redundancy.

2014-04-21 18:52:32 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Use Crypto.DH for Diffie-Hellman KEX.

Now that Crypto.DH.DHParameters exists, there's no need for
a custom copy in SSL.Cipher.

2014-04-19

2014-04-19 10:51:25 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Reduced DH overhead by a factor ~8.

The DH secret was generated ~8 times larger than needed and
then reduced to the required size. This provided for an
excellent distribution at a cost of quite a bit of overhead.

As this wasn't the intended behaviour of the code, it has
now been changed to just generate the required number of bits
plus a fixed overhead of 128 bits, which ought to be enough to
reduce the bias to a minimum.

2014-04-18

2014-04-18 21:33:18 by Martin Nilsson <nilsson@opera.com>

30% faster insignificant handshake detail.

2014-04-18 13:18:58 by Martin Nilsson <nilsson@opera.com>

Ops. Lost the comment.

2014-04-18 13:17:58 by Martin Nilsson <nilsson@opera.com>

Timing stuff.

2014-04-17

2014-04-17 14:37:17 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Support KE_rsa_fips.

This seems to have been a key exchange method used to test the TLS 1.0 PRF
during SSL 3.0.

SSL_rsa_fips_with_3des_ede_cbc_sha interoperates with Firefox 24.4.0.

2014-04-16

2014-04-16 17:17:17 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Use a larger group for Diffie-Hellman.

Added MODP groups 5, 14, 15, 16, 17 and 18 from RFC 3526.

Added MODP groups 22, 23 and 24 from RFC 5114.

Now defaults to using MODP group 24 (ie a 2048-bit group with
a 256-bit prime order subgroup).

2014-04-10

2014-04-10 21:33:27 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Constants: Changed argument order for fmt_constant().

The new order allows fmt_constant() to be used directly in eg map().

Also gets rid of fmt_curve().

2014-04-05

2014-04-05 11:07:34 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Protocol version handling cleanup.

The protocol version is now represented the same way everywhere;
a 16-bit integer with the major (ie 3) in the high 8 bits, and
the minor in the low 8 bits.

Previously there was a mix between having a two element array,
and just keeping track of the minor.

Also strengthens the types of version variables in a few places.

2014-03-29

2014-03-29 19:49:38 by Martin Nilsson <nilsson@opera.com>

Made the code hash block size independent.

2014-03-29 01:18:45 by Martin Nilsson <nilsson@opera.com>

Some more renaming. Now all MAC objects have the same API. hash does HMAC, hash_packet does HMAC with header and hash_raw does hash with the underlying hash algorithm.

2014-03-29 00:57:35 by Martin Nilsson <nilsson@opera.com>

Name changes. hash to hash_packet and hash_raw to hash.

2014-03-29 00:34:59 by Martin Nilsson <nilsson@opera.com>

Don't add the packet data to the hmac header, to avoid creating an intermediate string.

2014-03-26

2014-03-26 23:23:23 by Martin Nilsson <nilsson@opera.com>

Use C version of unpad as well.

2014-03-26 22:59:27 by Martin Nilsson <nilsson@opera.com>

Make the pad type explicit. Removed unused tls_pad function.

2014-03-26 19:02:58 by Per Hedbor <ph@opera.com>

Significantly faster HMAC_sha calculation.

2014-03-23

2014-03-23 16:42:02 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Rotate export RSA keys.

The export RSA key is now regenerated after 5 uses.

2014-03-23 15:14:29 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: RSA server params are export mode only.

RFC 2246 7.4.3:
It is not legal to send the server key exchange message for the
following key exchange methods:

RSA
RSA_EXPORT (when the public key in the server certificate is
less than or equal to 512 bits in length)

2014-03-18

2014-03-18 21:46:41 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Added the CCM cipher suites from RFC 6655.

2014-03-18 14:23:23 by Martin Nilsson <nilsson@opera.com>

Improved debug output.

2014-03-13

2014-03-13 18:37:33 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Added support for some DH cipher suites.

This adds support for the DH_DSS and DH_RSA key exchange
methods, and adds the corresponding cipher suites.

Note that the only difference between the two is whether the
server certificate is signed with DSS or RSA.

2014-03-12

2014-03-12 18:09:56 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Added support for some ECDH cipher suites.

This adds support for the ECDH_ECDSA and ECDH_RSA key exchange
methods, and adds the corresponding cipher suites.

Note that the only difference between the two is whether the
server certificate is signed with ECDSA or RSA.

2014-02-14

2014-02-14 21:09:25 by Martin Nilsson <nilsson@opera.com>

Simplified dependencies.

2014-02-02

2014-02-02 14:34:05 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Moved storage for several extensions to the session.

This is simplify later API changes.

2014-02-01

2014-02-01 14:39:20 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: The ECDH_RSA key exchange uses ECDSA signing.

The "RSA" part of the name only refers to the certificate being signed
with RSA, otherwise it is identical to the ECDH_ECDSA key exchange.

2014-01-19

2014-01-19 19:29:06 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.session: Refactored handling of signature keys.

The local (typically server-side) key is now session->private_key,
and the remote (typically client-side) validation key is now
session->peer_public_key. These two variables replace the now
removed session->rsa, session->dsa and session->ecdsa.

This change is needed to avoid confusion when also having client
certificates which need validation.

Preparation for supporting selecting server certificate based on
multiple criteria.

2014-01-19 16:02:43 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Argument naming fix.

The argument named "context" in the signers and verifiers is
always an SSL.session. Rename the argument to reflect this.

2014-01-14

2014-01-14 13:08:22 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Added support for ECDSA certificates.

This implements low-level support for RFC 4492 (TLSECC) suites.

2014-01-05

2014-01-05 15:14:13 by Marcus Comstedt <marcus@mc.pp.se>

Merge branch '8.0' into gobject-introspection

2014-01-05 14:55:50 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Survive without Crypto.Arctwo and Crypto.IDEA.

Arctwo isn't available in old releases of Nettle,
and IDEA may be disabled in some versions of Nettle.

2014-01-04

2014-01-04 14:22:20 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Fixed some client-side issues.

The client now supports ECDHE and anonyous key exchange.

2014-01-02

2014-01-02 16:24:44 by Martin Nilsson <nilsson@opera.com>

Cleaned up HMAC code a bit.

2014-01-02 14:32:25 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Added support for some anonymous cipher suites.

Implements support for the ecdh_anon key exchange, and
adds cipher suites using dh_anon and ecdh_anon.

2014-01-01

2014-01-01 11:50:23 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Improved TLS 1.2 compatibility.

The TLS 1.2 prf is now derived from the hash function used for
the MAC for the suite, as this seems to be the convention for
all the suites that have been defined after TLS 1.2.

This simplifies implementation of the prf selection behaviour
specified eg for the suites defined in RFC 6367 3.3:

When used with TLS versions prior to 1.2 (TLS 1.0 and TLS 1.1),
the PRF is calculated as specified in the appropriate version
of the TLS specification.

2013-12-31

2013-12-31 11:29:40 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Support KeyExchange using ECDHE.

2013-12-29

2013-12-29 12:31:13 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Added some constants from RFC 4492.

Also adds some related low-level support for ECC key exchanges.

2013-12-29 12:19:25 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: KeyExchange protocols may need the connection object.

Information from protocol extensions are often connection
specific, and thus stored in the connection object.

Note that this introduces a circularity that needs to be broken.
We break the circularity on error and when a master key has
been successfully negotiated.

2013-12-09

2013-12-09 21:37:04 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Added support for Camellia/GCM cipher suites.

2013-12-08

2013-12-08 14:36:00 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Stricter string types.

This should fix all the strict types warnings in SSL about string
types that were introduced by the recent stricter string types in
the crypto-related modules.

2013-12-07

2013-12-07 22:01:37 by Henrik Grubbström (Grubba) <grubba@grubba.org>

Nettle & SSL: Fixed a few Autodoc markup typos.

2013-12-07 16:27:15 by Henrik Grubbström (Grubba) <grubba@grubba.org>

Nettle.GCM: Now follows the same conventions as other ciphers.

Also adds a new base class for AEAD ciphers: __builtin.Nettle.AEAD.

2013-12-06

2013-12-06 14:15:17 by Per Hedbor <ph@opera.com>

SHA384 is not always available in Nettle.

2013-12-06 13:36:19 by Per Hedbor <ph@opera.com>

Nettle.GCM is not always available.

2013-12-04

2013-12-04 22:28:39 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Altering the prf also alters the hash.

Fixes support for cipher suites using prf_sha384.

2013-12-04 21:56:17 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Added prf_sha384().

This prf is needed for ciphers with key sizes that are on the order
of 256 bits (since prf_tls_1_2() only has 256 bits of state).

2013-12-04 21:53:32 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Add support for AEAD ciphers.

Implements the TLS 1.2 protocol-level support for AEAD cipher suites.

No AEAD cipher suites have been added yet.

2013-12-02

2013-12-02 01:28:10 by Martin Nilsson <nilsson@opera.com>

Change CAMELLIA to Camellia to be consistent with other non-acronym ciphers.

2013-11-29

2013-11-29 20:25:06 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Added HMAC SHA384 and HMAC SHA512.

These aren't used by any of Pikes cipher suites yet, but will be
useful when support for eg the GCM-suites is implemented.

2013-11-28

2013-11-28 16:02:15 by Henrik Grubbström (Grubba) <grubba@grubba.org>

Cipher: Implement the RC2 CBC 40 cipher suite.

Also renames CIPHER_rc2 to CIPHER_rc2_40 for consistency.

2013-11-26

2013-11-26 22:39:01 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Filter suites obsoleted in TLS 1.1 and 1.2.

For compliance with TLS 1.1 and 1.2 certain obsolete cipher
suites MUST NOT be negotiated in the TLS 1.1 and 1.2 modes.

2013-11-26 21:13:31 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Support HMAC using SHA256.

Also adds a few cipher suites using this HMAC.

2013-11-25

2013-11-25 20:45:44 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Get rid of a few warnings.

2013-11-25 20:30:07 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Changed the verify API again.

The verifier now reads the signature data itself.

Also fixes broken DSA verifier and inverted test
in the client cert verifier.

SSL.session()->has_required_certificates() now knows
about SSL.Cipher.TLSSigner.

Fixes client side TLS 1.2 support.

2013-11-25 18:48:10 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.handshake: Support EXTENSION_signature_algorithms.

2013-11-25 18:29:53 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Enable support for TLS 1.2.

This mainly adds some minimal support for TLS 1.2 signatures,
with which all the requirements for TLS are fulfilled.

Seems to interoperate with gnutls:
- Description: (TLS1.2-PKIX)-(DHE-RSA-1024)-(CAMELLIA-256-CBC)-(SHA1)
- Session ID: 52:93:96:96:50:69:6B:65:53:53:4C:33:00:00:00:1F
- Ephemeral Diffie-Hellman parameters
- Using prime: 1024 bits
- Secret key: 1020 bits
- Peer's public key: 1024 bits
- Version: TLS1.2
- Key Exchange: DHE-RSA
- Server Signature: RSA-SHA1
- Cipher: CAMELLIA-256-CBC
- MAC: SHA1
- Compression: NULL
- Handshake was completed

2013-11-24

2013-11-24 18:20:00 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Added verification of DSA signatures.

2013-11-24 18:13:03 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Changed the API for rsa_verify().

This is in preparation for TLS 1.2 where the signature format has
changed.

2013-11-24 16:08:18 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Centralize PRF handling.

Some preparations for TLS 1.2.

CipherSpec now contains the PRF to use for the session (as per TLS 1.2).

Renamed SSL.Cipher.prf() SSL.Cipher.prf_tls_1_0().

Added PRFs with similar naming for SSL 3.0 and TLS 1.2.

Selection of the PRF to use is now done by SSL.Cipher.lookup().

2013-11-24 15:00:30 by Martin Nilsson <nilsson@opera.com>

Comment fixes.

2013-11-24 14:39:31 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher.KeyExchange: Some clenups in derive_master_secret().

Also adds P_sha256 from TLS 1.2 so that stuff compiles again.

2013-11-24 13:15:14 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher.KeyExchange: Added some Autodoc markup.

2013-11-24 12:47:54 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher.KeyExchange: Improve argument order consistency.

The arguments client_random and server_random now come in
this order everywhere.

2013-11-24 12:07:57 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Added KeyExchangeNULL.

The SSL_null_with_null_null cipher suite now works (when enabled).

Removes KeyExchangeGeneric, since it is no longer in use.

2013-11-23

2013-11-23 22:37:54 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Added KeyExchangeDH and KeyExchangeDHE.

The only thing KeyExchangeGeneric is used for now is KE_none (when
enabled)...

2013-11-23 15:11:14 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher.KeyExchange: Reduced amount of duplicated code a bit more.

2013-11-23 14:01:17 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Added KeyExchangeRSA and KeyExchangeGeneric.

KeyExchangeRSA is a key exchanger that only handles KE_rsa.

Also changed server_derive_master_secret() to use derive_master_secret()
to avoid code duplication.

2013-11-23 13:37:50 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Renamed flag rsa_message_was_bad to message_was_bad.

2013-11-23 13:23:52 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher.KeyExchange: Split out from SSL.handshake.

First step in cleaning up the key exchange code.
This mainly moves code (essentially unmodified) from SSL.handshake to
the new SSL.Cipher.KeyExchange.

2013-11-21

2013-11-21 22:39:19 by Martin Nilsson <nilsson@opera.com>

Unified signature and verification methods with RSA.

2013-11-18

2013-11-18 14:01:48 by Arne Goedeke <el@laramies.com>

Crypto: compatibility with older nettle versions

SALSA20, CAMELLIA, SHA384 and SHA512 are not available in older nettle versions

2013-11-02

2013-11-02 15:57:45 by Martin Nilsson <nilsson@opera.com>

Removed the WEAK_CRYPTO_40BIT ifdefs. (take 2)

2013-10-26

2013-10-26 11:09:38 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Add support for some CAMELLIA cipher suites.

2013-10-25

2013-10-25 21:06:29 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Fixed multiple bugs in the DHE handshakes.

The server support for the DHE_RSA handshake now seems to work.

2013-10-24

2013-10-24 08:58:33 by Arne Goedeke <el@laramies.com>

SSL: two places escaped the Nettle.*_State renaming

2013-10-12

2013-10-12 09:35:00 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Revert "Removed traces of the crypto export restrictions."

This reverts commit c759daa7539cf03bd9e69cc994b2544dfc02f8a1.

SSL got broken with at least Firefox and Chrome.

2013-08-01

2013-08-01 12:54:54 by Martin Nilsson <nilsson@opera.com>

Simplified some debug.

2013-08-01 12:24:03 by Martin Nilsson <nilsson@opera.com>

Removed traces of the crypto export restrictions.

2013-06-21

2013-06-21 09:18:55 by Arne Goedeke <el@laramies.com>

Merge remote-tracking branch 'origin/7.9' into pdf

2013-02-08

2013-02-08 10:42:21 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Attempt to protect against some timing attacks.

Move around some code and attempt to get it to execute in constant time.
This is in an attempt to alleviate the "Lucky Thirteen" TLS attack.

2013-02-08 10:04:55 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Attempt to protect against some timing attacks.

Move around some code and attempt to get it to execute in constant time.
This is in an attempt to alleviate the "Lucky Thirteen" TLS attack.

2012-10-06

2012-10-06 11:38:03 by Marcus Comstedt <marcus@mc.pp.se>

Merge branch '7.9' into gobject-introspection

2012-06-15

2012-06-15 09:54:06 by Arne Goedeke <el@laramies.com>

Merge remote branch 'origin/7.9' into rblock_alloc

Conflicts:
src/post_modules/CritBit/floattree.cmod
src/post_modules/CritBit/inttree.cmod
src/post_modules/CritBit/stringtree.cmod

2012-05-12

2012-05-12 19:43:21 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Added some minimal documentation of some create() functions.

2012-04-01

2012-04-01 16:15:04 by Arne Goedeke <el@laramies.com>

Merge remote branch 'origin/7.9' into breaking_into_pieces

2012-02-17

2012-02-17 15:09:28 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Fixed some strict-types warnings.

2011-12-15

2011-12-15 13:42:02 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Added symbolic constants for the SSL versions.

2011-11-05

2011-11-05 15:02:44 by Martin Nilsson <nilsson@opera.com>

Removed $Id$.

2011-04-25

2011-04-25 16:12:40 by Martin Stjernholm <mast@lysator.liu.se>

No more foreign_idents.

2011-01-09

2011-01-09 15:20:25 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Added some more Autodoc mk II markup.

2010-12-27

2010-12-27 11:19:48 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL.Cipher: Protected some more LFUNs.

2010-12-22

2010-12-22 21:41:09 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Prepare for versions newer than TLS 1.0 (aka SSL 3.1).

2010-12-22 21:05:49 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL: Added some Autodoc mk II markup.

2010-12-21

2010-12-21 15:10:22 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL3: Support AES.

2010-12-21 15:09:15 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL3: Support AES.

2010-12-21 14:57:56 by Henrik Grubbström (Grubba) <grubba@grubba.org>

SSL3: Support AES.

2008-06-28

2008-06-28 16:53:13 by Martin Nilsson <mani@lysator.liu.se>

Fixed trailing newlines.

Rev: lib/0.6/modules/Array.pmod:1.3
Rev: lib/0.6/modules/Regexp.pike:1.3
Rev: lib/7.0/modules/Stack.pmod:1.2
Rev: lib/7.0/modules/Stdio.pmod/module.pmod:1.2
Rev: lib/7.2/modules/Gmp.pmod:1.2
Rev: lib/7.2/modules/LR.pmod/rule.pike:1.3
Rev: lib/7.4/modules/SSL.pmod/constants.pike:1.2
Rev: lib/7.4/modules/_Crypto.pmod:1.2
Rev: lib/7.6/modules/Debug.pmod/module.pmod:1.2
Rev: lib/modules/Audio.pmod/Codec.pmod:1.12
Rev: lib/modules/Audio.pmod/Format.pmod/MP3.pike:1.5
Rev: lib/modules/Cache.pmod/Policy.pmod/Base.pike:1.7
Rev: lib/modules/Cache.pmod/Storage.pmod/Memory.pike:1.7
Rev: lib/modules/Calendar.pmod/Calendar.pike:1.8
Rev: lib/modules/Calendar.pmod/Events.pmod:1.19
Rev: lib/modules/Calendar.pmod/Language.pmod:1.26
Rev: lib/modules/Calendar.pmod/TZnames.pmod:1.17
Rev: lib/modules/Calendar.pmod/YMD.pike:1.34
Rev: lib/modules/Calendar.pmod/module.pmod:1.17
Rev: lib/modules/Calendar_I.pmod/ISO.pmod:1.13
Rev: lib/modules/Crypto.pmod/DSA.pike:1.9
Rev: lib/modules/Crypto.pmod/HMAC.pike:1.6
Rev: lib/modules/Crypto.pmod/PGP.pmod:1.15
Rev: lib/modules/Crypto.pmod/Pipe.pike:1.10
Rev: lib/modules/Crypto.pmod/RSA.pike:1.12
Rev: lib/modules/Crypto.pmod/Random.pmod:1.20
Rev: lib/modules/Filesystem.pmod/Tar.pmod:1.31
Rev: lib/modules/GLU.pmod:1.17
Rev: lib/modules/GLUE.pmod/Driver.pmod/GTK.pike:1.7
Rev: lib/modules/GLUE.pmod/Driver.pmod/Interface.pike:1.4
Rev: lib/modules/GLUE.pmod/Driver.pmod/SDL.pike:1.7
Rev: lib/modules/GLUE.pmod/module.pmod:1.16
Rev: lib/modules/GTKSupport.pmod/Util.pmod:1.12
Rev: lib/modules/Graphics.pmod/Graph.pmod/create_bars.pike:1.13
Rev: lib/modules/Graphics.pmod/Graph.pmod/module.pmod:1.10
Rev: lib/modules/Locale.pmod/Charset.pmod/Tables.pmod/iso88591.pmod:1.4
Rev: lib/modules/Multiset.pmod:1.3
Rev: lib/modules/Parser.pmod/XML.pmod/Validating.pike:1.15
Rev: lib/modules/Pike.pmod/module.pmod:1.20
Rev: lib/modules/Process.pmod:1.55
Rev: lib/modules/Program.pmod:1.6
Rev: lib/modules/Protocols.pmod/Bittorrent.pmod/Peer.pike:1.22
Rev: lib/modules/Protocols.pmod/Bittorrent.pmod/Port.pike:1.8
Rev: lib/modules/Protocols.pmod/Bittorrent.pmod/Torrent.pike:1.37
Rev: lib/modules/Protocols.pmod/Bittorrent.pmod/module.pmod:1.5
Rev: lib/modules/Protocols.pmod/DNS_SD.pmod:1.3
Rev: lib/modules/Protocols.pmod/HTTP.pmod/Server.pmod/Chained.pike:1.3
Rev: lib/modules/Protocols.pmod/HTTP.pmod/Server.pmod/SSLPort.pike:1.15
Rev: lib/modules/Protocols.pmod/HTTP.pmod/Server.pmod/module.pmod:1.14
Rev: lib/modules/Protocols.pmod/IMAP.pmod/requests.pmod:1.93
Rev: lib/modules/Protocols.pmod/IMAP.pmod/types.pmod:1.31
Rev: lib/modules/Protocols.pmod/IRC.pmod/Requests.pmod:1.7
Rev: lib/modules/Protocols.pmod/IRC.pmod/module.pmod:1.5
Rev: lib/modules/Protocols.pmod/LDAP.pmod/client.pike:1.114
Rev: lib/modules/Protocols.pmod/LDAP.pmod/ldap_privates.pmod:1.16
Rev: lib/modules/Protocols.pmod/LDAP.pmod/protocol.pike:1.22
Rev: lib/modules/Protocols.pmod/LPD.pmod:1.11
Rev: lib/modules/Protocols.pmod/LysKOM.pmod/Request.pmod:1.12
Rev: lib/modules/Protocols.pmod/SNMP.pmod/module.pmod:1.4
Rev: lib/modules/Protocols.pmod/TELNET.pmod:1.29
Rev: lib/modules/Protocols.pmod/X.pmod/KeySyms.pmod:1.4
Rev: lib/modules/Protocols.pmod/X.pmod/XImage.pmod:1.23
Rev: lib/modules/Protocols.pmod/X.pmod/_Xlib.pmod:1.19
Rev: lib/modules/SSL.pmod/Cipher.pmod:1.17
Rev: lib/modules/SSL.pmod/Constants.pmod:1.3
Rev: lib/modules/SSL.pmod/alert.pike:1.12
Rev: lib/modules/SSL.pmod/connection.pike:1.43
Rev: lib/modules/SSL.pmod/context.pike:1.38
Rev: lib/modules/SSL.pmod/packet.pike:1.17
Rev: lib/modules/SSL.pmod/session.pike:1.38
Rev: lib/modules/SSL.pmod/sslfile.pike:1.111
Rev: lib/modules/Sql.pmod/mysql.pike:1.42
Rev: lib/modules/Sql.pmod/mysql_result.pike:1.7
Rev: lib/modules/Sql.pmod/postgres.pike:1.29
Rev: lib/modules/Sql.pmod/sql_util.pmod:1.22
Rev: lib/modules/Standards.pmod/ASN1.pmod/Decode.pmod:1.25
Rev: lib/modules/Standards.pmod/ASN1.pmod/Types.pmod:1.46
Rev: lib/modules/Standards.pmod/CIFF.pmod/File.pike:1.4
Rev: lib/modules/Standards.pmod/FIPS10_4.pmod:1.5
Rev: lib/modules/Standards.pmod/IIM.pmod:1.9
Rev: lib/modules/Standards.pmod/URI.pike:1.29
Rev: lib/modules/Standards.pmod/UUID.pmod:1.18
Rev: lib/modules/Standards.pmod/XML.pmod/Wix.pmod:1.28
Rev: lib/modules/Thread.pmod:1.46
Rev: lib/modules/Tools.pmod/Shoot.pmod/GC.pike:1.3
Rev: lib/modules/Tools.pmod/Standalone.pmod/pmar_install.pike:1.9
Rev: lib/modules/Web.pmod/RSS.pmod:1.8
Rev: lib/modules/_Image_XCF.pmod:1.26
Rev: lib/modules/__builtin_dirnode.pmod:1.3

2008-06-28 16:37:03 by Martin Nilsson <mani@lysator.liu.se>

static -> protected

Rev: lib/modules/ADT.pmod/Heap.pike:1.12
Rev: lib/modules/ADT.pmod/Queue.pike:1.14
Rev: lib/modules/ADT.pmod/Relation.pmod/Binary.pike:1.15
Rev: lib/modules/ADT.pmod/Struct.pike:1.20
Rev: lib/modules/ADT.pmod/Table.pmod:1.29
Rev: lib/modules/ADT.pmod/Trie.pike:1.6
Rev: lib/modules/ADT.pmod/module.pmod:1.12
Rev: lib/modules/Arg.pmod:1.6
Rev: lib/modules/Array.pmod:1.110
Rev: lib/modules/Audio.pmod/Codec.pmod:1.11
Rev: lib/modules/Audio.pmod/Format.pmod/MP3.pike:1.4
Rev: lib/modules/Cache.pmod/Storage.pmod/Gdbm.pike:1.12
Rev: lib/modules/Cache.pmod/cache.pike:1.14
Rev: lib/modules/Calendar.pmod/Austrian.pmod:1.8
Rev: lib/modules/Calendar.pmod/Badi.pmod:1.8
Rev: lib/modules/Calendar.pmod/Coptic.pmod:1.8
Rev: lib/modules/Calendar.pmod/Discordian.pmod:1.12
Rev: lib/modules/Calendar.pmod/Event.pmod:1.24
Rev: lib/modules/Calendar.pmod/Gregorian.pmod:1.12
Rev: lib/modules/Calendar.pmod/ISO.pmod:1.11
Rev: lib/modules/Calendar.pmod/Islamic.pmod:1.11
Rev: lib/modules/Calendar.pmod/Julian.pmod:1.11
Rev: lib/modules/Calendar.pmod/Language.pmod:1.25
Rev: lib/modules/Calendar.pmod/Rule.pmod:1.3
Rev: lib/modules/Calendar.pmod/Stardate.pmod:1.17
Rev: lib/modules/Calendar.pmod/Swedish.pmod:1.9
Rev: lib/modules/Calendar.pmod/TZnames.pmod:1.16
Rev: lib/modules/Calendar.pmod/Time.pmod:1.42
Rev: lib/modules/Calendar.pmod/TimeRanges.pmod:1.35
Rev: lib/modules/Calendar.pmod/Timezone.pmod:1.44
Rev: lib/modules/Calendar.pmod/YMD.pike:1.33
Rev: lib/modules/Calendar.pmod/module.pmod:1.16
Rev: lib/modules/Calendar_I.pmod/ISO.pmod:1.12
Rev: lib/modules/Calendar_I.pmod/Stardate.pmod:1.5
Rev: lib/modules/Crypto.pmod/DSA.pike:1.8
Rev: lib/modules/Crypto.pmod/HMAC.pike:1.5
Rev: lib/modules/Crypto.pmod/Koremutake.pmod:1.4
Rev: lib/modules/Crypto.pmod/PGP.pmod:1.14
Rev: lib/modules/Crypto.pmod/Pipe.pike:1.9
Rev: lib/modules/Crypto.pmod/RSA.pike:1.11
Rev: lib/modules/Crypto.pmod/Random.pmod:1.19
Rev: lib/modules/Crypto.pmod/Substitution.pike:1.4
Rev: lib/modules/Debug.pmod/Subject.pike:1.9
Rev: lib/modules/Debug.pmod/Wrapper.pike:1.6
Rev: lib/modules/Filesystem.pmod/System.pike:1.20
Rev: lib/modules/Filesystem.pmod/Tar.pmod:1.30
Rev: lib/modules/Filesystem.pmod/module.pmod:1.26
Rev: lib/modules/GLU.pmod:1.16
Rev: lib/modules/GLUE.pmod/Driver.pmod/GTK.pike:1.6
Rev: lib/modules/GLUE.pmod/Driver.pmod/Interface.pike:1.3
Rev: lib/modules/GLUE.pmod/Driver.pmod/SDL.pike:1.6
Rev: lib/modules/GLUE.pmod/Events.pmod:1.4
Rev: lib/modules/GLUE.pmod/module.pmod:1.15
Rev: lib/modules/GTKSupport.pmod/pCtree.pike:1.8
Rev: lib/modules/GTKSupport.pmod/pDrawingArea.pike:1.9
Rev: lib/modules/Geography.pmod/Countries.pmod:1.20
Rev: lib/modules/Geography.pmod/Position.pike:1.18
Rev: lib/modules/Getopt.pmod:1.33
Rev: lib/modules/Graphics.pmod/Graph.pmod/create_graph.pike:1.20
Rev: lib/modules/Graphics.pmod/Graph.pmod/module.pmod:1.9
Rev: lib/modules/Graphics.pmod/Graph.pmod/polyline.pike:1.7
Rev: lib/modules/Int.pmod:1.10
Rev: lib/modules/Local.pmod:1.11
Rev: lib/modules/Locale.pmod/Charset.pmod/Tables.pmod/iso88591.pmod:1.3
Rev: lib/modules/Locale.pmod/Charset.pmod/module.pmod:1.57
Rev: lib/modules/Locale.pmod/Language.pmod/nld.pmod:1.2
Rev: lib/modules/Locale.pmod/module.pmod:1.25
Rev: lib/modules/MIME.pmod/ext_to_media_type.pmod:1.7
Rev: lib/modules/MIME.pmod/module.pmod:1.20
Rev: lib/modules/Mapping.pmod:1.10
Rev: lib/modules/Parser.pmod/C.pmod:1.50
Rev: lib/modules/Parser.pmod/LR.pmod/GrammarParser.pmod:1.6
Rev: lib/modules/Parser.pmod/LR.pmod/module.pmod:1.17
Rev: lib/modules/Parser.pmod/Pike.pmod:1.41
Rev: lib/modules/Parser.pmod/RCS.pike:1.39
Rev: lib/modules/Parser.pmod/SGML.pike:1.3
Rev: lib/modules/Parser.pmod/XML.pmod/DOM.pmod:1.14
Rev: lib/modules/Parser.pmod/XML.pmod/NSTree.pmod:1.20
Rev: lib/modules/Parser.pmod/XML.pmod/Tree.pmod:1.72
Rev: lib/modules/Parser.pmod/XML.pmod/Validating.pike:1.14
Rev: lib/modules/Parser.pmod/module.pmod:1.25
Rev: lib/modules/Pike.pmod/module.pmod:1.19
Rev: lib/modules/Process.pmod:1.54
Rev: lib/modules/Protocols.pmod/Bittorrent.pmod/Bencoding.pmod:1.5
Rev: lib/modules/Protocols.pmod/Bittorrent.pmod/Peer.pike:1.21
Rev: lib/modules/Protocols.pmod/Bittorrent.pmod/PeerID.pmod:1.8
Rev: lib/modules/Protocols.pmod/Bittorrent.pmod/Port.pike:1.7
Rev: lib/modules/Protocols.pmod/Bittorrent.pmod/Torrent.pike:1.36
Rev: lib/modules/Protocols.pmod/Bittorrent.pmod/module.pmod:1.4
Rev: lib/modules/Protocols.pmod/DNS.pmod:1.96
Rev: lib/modules/Protocols.pmod/DNS_SD.pmod:1.2
Rev: lib/modules/Protocols.pmod/HTTP.pmod/Query.pike:1.93
Rev: lib/modules/Protocols.pmod/HTTP.pmod/Server.pmod/Port.pike:1.9
Rev: lib/modules/Protocols.pmod/HTTP.pmod/Server.pmod/Request.pike:1.50
Rev: lib/modules/Protocols.pmod/HTTP.pmod/Server.pmod/SSLPort.pike:1.14
Rev: lib/modules/Protocols.pmod/HTTP.pmod/Session.pike:1.22
Rev: lib/modules/Protocols.pmod/HTTP.pmod/module.pmod:1.56
Rev: lib/modules/Protocols.pmod/Ident.pmod:1.12
Rev: lib/modules/Protocols.pmod/LDAP.pmod/client.pike:1.113
Rev: lib/modules/Protocols.pmod/LDAP.pmod/ldap_privates.pmod:1.15
Rev: lib/modules/Protocols.pmod/LDAP.pmod/module.pmod:1.32
Rev: lib/modules/Protocols.pmod/LDAP.pmod/protocol.pike:1.21
Rev: lib/modules/Protocols.pmod/LMTP.pmod:1.12
Rev: lib/modules/Protocols.pmod/Line.pmod:1.23
Rev: lib/modules/Protocols.pmod/LysKOM.pmod/Raw.pike:1.19
Rev: lib/modules/Protocols.pmod/OBEX.pmod:1.8
Rev: lib/modules/Protocols.pmod/SMTP.pmod/module.pmod:1.46
Rev: lib/modules/Protocols.pmod/SNMP.pmod/protocol.pike:1.19
Rev: lib/modules/Protocols.pmod/TELNET.pmod:1.28
Rev: lib/modules/Protocols.pmod/X.pmod/Extensions.pmod:1.16
Rev: lib/modules/Protocols.pmod/XMLRPC.pmod/module.pmod:1.30
Rev: lib/modules/Remote.pmod/module.pmod:1.8
Rev: lib/modules/SSL.pmod/Cipher.pmod:1.16
Rev: lib/modules/SSL.pmod/connection.pike:1.42
Rev: lib/modules/SSL.pmod/context.pike:1.37
Rev: lib/modules/SSL.pmod/session.pike:1.37
Rev: lib/modules/SSL.pmod/sslfile.pike:1.110
Rev: lib/modules/Sql.pmod/Sql.pike:1.92
Rev: lib/modules/Sql.pmod/mysql.pike:1.41
Rev: lib/modules/Sql.pmod/postgres.pike:1.28
Rev: lib/modules/Sql.pmod/rsql.pike:1.13
Rev: lib/modules/Sql.pmod/sql_result.pike:1.18
Rev: lib/modules/Sql.pmod/sql_util.pmod:1.21
Rev: lib/modules/Sql.pmod/tds.pike:1.24
Rev: lib/modules/Standards.pmod/ASN1.pmod/Decode.pmod:1.24
Rev: lib/modules/Standards.pmod/ASN1.pmod/Types.pmod:1.45
Rev: lib/modules/Standards.pmod/EXIF.pmod:1.29
Rev: lib/modules/Standards.pmod/FIPS10_4.pmod:1.4
Rev: lib/modules/Standards.pmod/ID3.pmod:1.24
Rev: lib/modules/Standards.pmod/IDNA.pmod:1.9
Rev: lib/modules/Standards.pmod/IIM.pmod:1.8
Rev: lib/modules/Standards.pmod/ISO639_2.pmod:1.19
Rev: lib/modules/Standards.pmod/URI.pike:1.28
Rev: lib/modules/Standards.pmod/UUID.pmod:1.17
Rev: lib/modules/Standards.pmod/XML.pmod/Wix.pmod:1.27
Rev: lib/modules/Stdio.pmod/FakeFile.pike:1.16
Rev: lib/modules/Stdio.pmod/Readline.pike:1.60
Rev: lib/modules/Stdio.pmod/Terminfo.pmod:1.27
Rev: lib/modules/Stdio.pmod/module.pmod:1.238
Rev: lib/modules/String.pmod/HTML.pmod:1.7
Rev: lib/modules/String.pmod/module.pmod:1.29
Rev: lib/modules/Thread.pmod:1.45
Rev: lib/modules/Tools.pmod/AutoDoc.pmod/CExtractor.pmod:1.28
Rev: lib/modules/Tools.pmod/AutoDoc.pmod/DocParser.pmod:1.62
Rev: lib/modules/Tools.pmod/AutoDoc.pmod/PikeExtractor.pmod:1.40
Rev: lib/modules/Tools.pmod/AutoDoc.pmod/PikeObjects.pmod:1.37
Rev: lib/modules/Tools.pmod/AutoDoc.pmod/PikeParser.pike:1.52
Rev: lib/modules/Tools.pmod/AutoDoc.pmod/ProcessXML.pmod:1.71
Rev: lib/modules/Tools.pmod/AutoDoc.pmod/module.pmod:1.10
Rev: lib/modules/Tools.pmod/Hilfe.pmod:1.156
Rev: lib/modules/Tools.pmod/Install.pmod:1.35
Rev: lib/modules/Tools.pmod/Legal.pmod/Copyright.pmod:1.12
Rev: lib/modules/Tools.pmod/Legal.pmod/License.pmod/GPL.pmod:1.3
Rev: lib/modules/Tools.pmod/Legal.pmod/License.pmod/LGPL.pmod:1.3
Rev: lib/modules/Tools.pmod/Legal.pmod/License.pmod/MPL.pmod:1.3
Rev: lib/modules/Tools.pmod/Monger.pmod/MongerDeveloper.pike:1.8
Rev: lib/modules/Tools.pmod/Monger.pmod/MongerUser.pike:1.8
Rev: lib/modules/Tools.pmod/Monger.pmod/module.pmod:1.3
Rev: lib/modules/Tools.pmod/PEM.pmod:1.14
Rev: lib/modules/Tools.pmod/PV.pike:1.10
Rev: lib/modules/Tools.pmod/Shoot.pmod/module.pmod:1.20
Rev: lib/modules/Tools.pmod/Standalone.pmod/assemble_autodoc.pike:1.35
Rev: lib/modules/Tools.pmod/Standalone.pmod/dump.pike:1.10
Rev: lib/modules/Tools.pmod/Standalone.pmod/join_autodoc.pike:1.19
Rev: lib/modules/Tools.pmod/Standalone.pmod/pmar_install.pike:1.8
Rev: lib/modules/Tools.pmod/Standalone.pmod/precompile.pike:1.2
Rev: lib/modules/Tools.pmod/Standalone.pmod/rsqld.pike:1.12
Rev: lib/modules/Tools.pmod/Standalone.pmod/test_pike.pike:1.136
Rev: lib/modules/Tools.pmod/Testsuite.pmod:1.9
Rev: lib/modules/Tools.pmod/sed.pmod:1.6
Rev: lib/modules/Web.pmod/CGI.pmod/Request.pike:1.4
Rev: lib/modules/Web.pmod/Crawler.pmod:1.26
Rev: lib/modules/Web.pmod/OWL.pike:1.7
Rev: lib/modules/Web.pmod/RDF.pike:1.47
Rev: lib/modules/Web.pmod/RSS.pmod:1.7
Rev: lib/modules/Yabu.pmod/module.pmod:1.30
Rev: lib/modules/_Image.pmod/Dims.pmod:1.10
Rev: lib/modules/_Image.pmod/Fonts.pmod:1.13
Rev: lib/modules/_Image.pmod/module.pmod:1.47
Rev: lib/modules/_Image_DWG.pmod:1.5
Rev: lib/modules/_Image_PS.pmod:1.15
Rev: lib/modules/_Image_XCF.pmod:1.25

2005-05-26

2005-05-26 12:07:02 by Martin Stjernholm <mast@lysator.liu.se>

Made SSL.Cipher and SSL.sslfile not exist rather than being dysfunctional if
there's no crypto support.

Rev: lib/modules/SSL.pmod/Cipher.pmod:1.15
Rev: lib/modules/SSL.pmod/sslfile.pike:1.93

2004-07-06

2004-07-06 15:42:47 by Henrik Grubbström (Grubba) <grubba@grubba.org>

Now DES{,3}()->set_{en,de}crypt_key() actually work.

Rev: lib/modules/SSL.pmod/Cipher.pmod:1.14

2004-07-06 15:41:47 by Henrik Grubbström (Grubba) <grubba@grubba.org>

Now DES{,3}()->set_{en,de}crypt_key() actually work.

Rev: lib/modules/SSL.pmod/Cipher.pmod:1.14

2004-02-29

2004-02-29 02:57:16 by Martin Nilsson <mani@lysator.liu.se>

Depend on Crypto.

Rev: lib/modules/Protocols.pmod/HTTP.pmod/Server.pmod/SSLPort.pike:1.9
Rev: lib/modules/SSL.pmod/Cipher.pmod:1.13
Rev: lib/modules/SSL.pmod/client.pike:1.7
Rev: lib/modules/SSL.pmod/connection.pike:1.34
Rev: lib/modules/SSL.pmod/context.pike:1.31
Rev: lib/modules/SSL.pmod/handshake.pike:1.47
Rev: lib/modules/SSL.pmod/https.pike:1.17
Rev: lib/modules/SSL.pmod/session.pike:1.34
Rev: lib/modules/SSL.pmod/sslfile.pike:1.69
Rev: lib/modules/SSL.pmod/sslport.pike:1.14
Rev: lib/modules/SSL.pmod/state.pike:1.24

2004-02-05

2004-02-05 19:22:17 by Martin Nilsson <mani@lysator.liu.se>

SHA -> SHA1

Rev: lib/modules/Crypto.pmod/PGP.pmod:1.8
Rev: lib/modules/Crypto.pmod/RSA.pike:1.4
Rev: lib/modules/Crypto.pmod/dsa.pike:1.3
Rev: lib/modules/Crypto.pmod/randomness.pmod:1.5
Rev: lib/modules/Crypto.pmod/rsa.pike:1.8
Rev: lib/modules/Crypto.pmod/testsuite.in:1.28
Rev: lib/modules/SSL.pmod/Cipher.pmod:1.12
Rev: lib/modules/Tools.pmod/X509.pmod:1.28

2004-02-02

2004-02-02 23:01:37 by Martin Nilsson <mani@lysator.liu.se>

Use Nettle

Rev: lib/modules/Protocols.pmod/HTTP.pmod/Query.pike:1.65
Rev: lib/modules/Protocols.pmod/HTTP.pmod/Server.pmod/SSLPort.pike:1.7
Rev: lib/modules/Protocols.pmod/IRC.pmod/Client.pike:1.12
Rev: lib/modules/Protocols.pmod/LDAP.pmod/client.pike:1.52
Rev: lib/modules/SSL.pmod/Cipher.pmod:1.11
Rev: lib/modules/SSL.pmod/client.pike:1.6
Rev: lib/modules/SSL.pmod/session.pike:1.32
Rev: lib/modules/SSL.pmod/state.pike:1.22
Rev: lib/modules/Standards.pmod/PKCS.pmod/PFX.pmod:1.10
Rev: lib/modules/Standards.pmod/PKCS.pmod/Signature.pmod:1.8

2004-01-24

2004-01-24 23:52:18 by Martin Nilsson <mani@lysator.liu.se>

Added another optional to cipher

Rev: lib/modules/SSL.pmod/Cipher.pmod:1.10

2004-01-24 23:30:51 by Martin Nilsson <mani@lysator.liu.se>

More typing

Rev: lib/modules/SSL.pmod/Cipher.pmod:1.9
Rev: lib/modules/Tools.pmod/X509.pmod:1.22

2004-01-23

2004-01-23 22:37:33 by Martin Nilsson <mani@lysator.liu.se>

Stricter types

Rev: lib/modules/ADT.pmod/module.pmod:1.7
Rev: lib/modules/SSL.pmod/Cipher.pmod:1.8
Rev: lib/modules/SSL.pmod/handshake.pike:1.40

2004-01-11

2004-01-11 00:52:01 by Martin Nilsson <mani@lysator.liu.se>

this_object() -> this

Rev: lib/modules/ADT.pmod/Priority_queue.pike:1.6
Rev: lib/modules/ADT.pmod/Queue.pike:1.9
Rev: lib/modules/ADT.pmod/Relation.pmod/Binary.pike:1.10
Rev: lib/modules/ADT.pmod/Table.pmod:1.27
Rev: lib/modules/Audio.pmod/Codec.pmod:1.10
Rev: lib/modules/Audio.pmod/Format.pmod/module.pmod:1.7
Rev: lib/modules/Calendar.pmod/Event.pmod:1.22
Rev: lib/modules/Calendar.pmod/Stardate.pmod:1.15
Rev: lib/modules/Calendar.pmod/Time.pmod:1.30
Rev: lib/modules/Calendar.pmod/TimeRanges.pmod:1.27
Rev: lib/modules/Calendar.pmod/Timezone.pmod:1.32
Rev: lib/modules/Calendar.pmod/YMD.pike:1.9
Rev: lib/modules/Calendar.pmod/mkrules.pike:1.10
Rev: lib/modules/Calendar_I.pmod/Gregorian.pmod:1.31
Rev: lib/modules/Calendar_I.pmod/ISO.pmod:1.11
Rev: lib/modules/Calendar_I.pmod/module.pmod:1.15
Rev: lib/modules/Filesystem.pmod/System.pike:1.17
Rev: lib/modules/Filesystem.pmod/Tar.pmod:1.26
Rev: lib/modules/Filesystem.pmod/module.pmod:1.14
Rev: lib/modules/GTKSupport.pmod/Alert.pike:1.6
Rev: lib/modules/GTKSupport.pmod/Util.pmod:1.9
Rev: lib/modules/GTKSupport.pmod/pCtree.pike:1.7
Rev: lib/modules/GTKSupport.pmod/pDrawingArea.pike:1.6
Rev: lib/modules/Languages.pmod/PLIS.pmod:1.19
Rev: lib/modules/Locale.pmod/module.pmod:1.18
Rev: lib/modules/MIME.pmod/module.pmod:1.10
Rev: lib/modules/Parser.pmod/RCS.pike:1.31
Rev: lib/modules/Parser.pmod/XML.pmod/DOM.pmod:1.11
Rev: lib/modules/Parser.pmod/XML.pmod/NSTree.pmod:1.12
Rev: lib/modules/Parser.pmod/XML.pmod/Tree.pmod:1.38
Rev: lib/modules/Protocols.pmod/Bittorrent.pmod/Torrent.pike:1.21
Rev: lib/modules/Protocols.pmod/HTTP.pmod/Query.pike:1.64
Rev: lib/modules/Protocols.pmod/HTTP.pmod/Server.pmod/Port.pike:1.7
Rev: lib/modules/Protocols.pmod/HTTP.pmod/Server.pmod/Request.pike:1.17
Rev: lib/modules/Protocols.pmod/HTTP.pmod/Server.pmod/SSLPort.pike:1.4
Rev: lib/modules/Protocols.pmod/HTTP.pmod/Session.pike:1.14
Rev: lib/modules/Protocols.pmod/IMAP.pmod/types.pmod:1.30
Rev: lib/modules/Protocols.pmod/IRC.pmod/Client.pike:1.11
Rev: lib/modules/Protocols.pmod/LDAP.pmod/client.pike:1.51
Rev: lib/modules/Protocols.pmod/LDAP.pmod/ldap_privates.pmod:1.7
Rev: lib/modules/Protocols.pmod/LDAP.pmod/protocol.pike:1.11
Rev: lib/modules/Protocols.pmod/LysKOM.pmod/Connection.pike:1.11
Rev: lib/modules/Protocols.pmod/LysKOM.pmod/Session.pike:1.33
Rev: lib/modules/Protocols.pmod/LysKOM.pmod/Threads.pike:1.8
Rev: lib/modules/Protocols.pmod/SNMP.pmod/protocol.pike:1.13
Rev: lib/modules/Protocols.pmod/TELNET.pmod:1.23
Rev: lib/modules/Protocols.pmod/X.pmod/Atom.pmod:1.13
Rev: lib/modules/Protocols.pmod/X.pmod/Auth.pmod:1.13
Rev: lib/modules/Protocols.pmod/X.pmod/Extensions.pmod:1.15
Rev: lib/modules/Protocols.pmod/X.pmod/Types.pmod:1.39
Rev: lib/modules/Protocols.pmod/X.pmod/XImage.pmod:1.21
Rev: lib/modules/Protocols.pmod/X.pmod/XTools.pmod:1.9
Rev: lib/modules/Protocols.pmod/X.pmod/Xlib.pmod:1.49
Rev: lib/modules/Remote.pmod/module.pmod:1.3
Rev: lib/modules/SSL.pmod/Cipher.pmod:1.7
Rev: lib/modules/SSL.pmod/connection.pike:1.31
Rev: lib/modules/SSL.pmod/handshake.pike:1.36
Rev: lib/modules/SSL.pmod/session.pike:1.28
Rev: lib/modules/SSL.pmod/sslport.pike:1.12
Rev: lib/modules/Standards.pmod/ASN1.pmod/Types.pmod:1.28
Rev: lib/modules/Standards.pmod/PKCS.pmod/PFX.pmod:1.9
Rev: lib/modules/Standards.pmod/URI.pike:1.17
Rev: lib/modules/Stdio.pmod/FakeFile.pike:1.8
Rev: lib/modules/Tools.pmod/Hilfe.pmod:1.108
Rev: lib/modules/Tools.pmod/Standalone.pmod/rsqld.pike:1.10
Rev: lib/modules/Tools.pmod/X509.pmod:1.21
Rev: lib/modules/Web.pmod/Crawler.pmod:1.19
Rev: lib/modules/Web.pmod/RDF.pike:1.29
Rev: lib/modules/Yabu.pmod/module.pmod:1.28
Rev: lib/modules/_Image_XCF.pmod:1.22

2003-11-16

2003-11-16 15:57:53 by Henrik Grubbström (Grubba) <grubba@grubba.org>

Aded some more AutoDoc mk II markup.

Rev: lib/modules/SSL.pmod/Cipher.pmod:1.6

2003-10-24

2003-10-24 19:13:18 by Martin Stjernholm <mast@lysator.liu.se>

Small fix.

Rev: lib/modules/SSL.pmod/Cipher.pmod:1.5

2003-03-13

2003-03-13 22:48:40 by Martin Nilsson <mani@lysator.liu.se>

Autodoc fixes

Rev: lib/modules/Calendar.pmod/Event.pmod:1.20
Rev: lib/modules/Calendar.pmod/Ruleset.pike:1.13
Rev: lib/modules/Calendar.pmod/Stardate.pmod:1.11
Rev: lib/modules/Protocols.pmod/HTTP.pmod/Session.pike:1.8
Rev: lib/modules/SSL.pmod/Cipher.pmod:1.4

2003-03-08

2003-03-08 22:11:25 by Martin Nilsson <mani@lysator.liu.se>

Better types. Assume rc4 is arcfour

Rev: lib/modules/SSL.pmod/Cipher.pmod:1.3

2003-03-07

2003-03-07 17:43:32 by Martin Nilsson <mani@lysator.liu.se>

Made a few things static.

Rev: lib/modules/SSL.pmod/Cipher.pmod:1.2

2003-01-27

2003-01-27 15:03:00 by Martin Nilsson <mani@lysator.liu.se>

More types.

Rev: lib/modules/SSL.pmod/Cipher.pmod:1.1
Rev: lib/modules/SSL.pmod/Constants.pmod:1.1
Rev: lib/modules/SSL.pmod/alert.pike:1.9
Rev: lib/modules/SSL.pmod/client.pike:1.5
Rev: lib/modules/SSL.pmod/connection.pike:1.26
Rev: lib/modules/SSL.pmod/constants.pike:1.11(DEAD)
Rev: lib/modules/SSL.pmod/constants.pmod:1.1
Rev: lib/modules/SSL.pmod/context.pike:1.18
Rev: lib/modules/SSL.pmod/handshake.pike:1.32
Rev: lib/modules/SSL.pmod/packet.pike:1.14
Rev: lib/modules/SSL.pmod/session.pike:1.23
Rev: lib/modules/SSL.pmod/sslfile.pike:1.53
Rev: lib/modules/SSL.pmod/state.pike:1.17