68 Commits (64b4452bca04af433f1c98ab782c0e93cd5c88c0)

Author SHA1 Message Date
  Michael Brown 1e4a3f5bab [tls] Support RFC5746 secure renegotiation 7 years ago
  Michael Brown 2f12690455 [tls] Keep cipherstream window open until TLS negotiation is complete 7 years ago
  Michael Brown 05dcb07cb2 [tls] Avoid potential out-of-bound reads in length fields 8 years ago
  Michael Brown b1caa48e4b [crypto] Support SHA-{224,384,512} in X.509 certificates 9 years ago
  Michael Brown fc7885ed9e [tls] Report supported signature algorithms in ClientHello 9 years ago
  Michael Brown 1ac7434111 [tls] Do not access beyond the end of a 24-bit integer 9 years ago
  Christian Hesse bf40b79734 [build] Add missing "const" qualifiers 9 years ago
  Michael Brown bc8ca6b8ce [crypto] Generalise X.509 cache to a full certificate store 10 years ago
  Michael Brown 01fa7efa38 [crypto] Remove dynamically-allocated storage for certificate name 10 years ago
  Michael Brown 0acc52519d [tls] Concatenate received non-data records before processing 11 years ago
  Michael Brown d23db28488 [tls] Fix potential memory leak 12 years ago
  Michael Brown 1e199c8260 [tls] Fix uninitialised variable 12 years ago
  Michael Brown 72db14640c [tls] Split received records over multiple I/O buffers 12 years ago
  Michael Brown 79300e2ddf [tls] Disambiguate most error causes 12 years ago
  Michael Brown c3b4860ce3 [legal] Update FSF mailing address in GPL licence texts 12 years ago
  Michael Brown 9a8c6b00d4 [tls] Request a maximum fragment length of 2048 bytes 12 years ago
  Michael Brown af47789ef2 [tls] Mark security negotiation as a pending operation 12 years ago
  Michael Brown f19565f58f [tls] Use asynchronous certificate validator 12 years ago
  Michael Brown 99c798d87a [crypto] Add x509_append_raw() 12 years ago
  Michael Brown 0ad8b601dd [crypto] Allow for X.509 certificates with no common name 12 years ago
  Michael Brown 557f467bab [crypto] Allow certificate chains to be long-lived data structures 12 years ago
  Michael Brown 601cb3610f [crypto] Parse OCSP responder URI from X.509 certificate 12 years ago
  Stefan Weil dcccb1fb7b [tls] Fix wrong memset in function tls_clear_cipher 12 years ago
  Michael Brown f2af64aba5 [crypto] Differentiate "untrusted root" and "incomplete chain" error cases 12 years ago
  Michael Brown 2d9d0adc4e [crypto] Add previous certificate in chain as a parameter to parse_next() 12 years ago
  Michael Brown cf78afa5c5 [tls] Support sending a client certificate 12 years ago
  Michael Brown 7869f71ae7 [tls] Treat handshake digest algorithm as a session parameter 12 years ago
  Michael Brown a156c15746 [tls] Use hybrid MD5+SHA1 algorithm 12 years ago
  Michael Brown 8583c323a2 [tls] Check certificate validity period against current date and time 12 years ago
  Michael Brown 5da712385e [tls] Include current time within the client random bytes 12 years ago
  Michael Brown f3a791c6de [tls] Validate server certificate 12 years ago
  Michael Brown 4d3b5473f8 [tls] Add full X.509 certificate parsing 12 years ago
  Michael Brown dc87161c30 [tls] Use iPXE native RSA algorithm 12 years ago
  Michael Brown b63bcd73a0 [tls] Use const to mark incoming data being processed 12 years ago
  Michael Brown 1c29b4d979 [crypto] Upgrade AES and RSA code to upstream axTLS version 1.4.5 12 years ago
  Michael Brown c8f52cccfb [tls] Formalise the definition of a TLS cipher suite 12 years ago
  Michael Brown 6069b09bfc [tls] Support (and prefer) SHA-256 variants of existing cipher suites 12 years ago
  Michael Brown 015c936791 [tls] Support TLS version 1.2 12 years ago
  Michael Brown 281f9aa7a6 [tls] Send empty Certificate record if requested by server 12 years ago
  Michael Brown a42f6cab14 [tls] Verify the contents of the Finished record 12 years ago
  Michael Brown 56a7981d58 [tls] Allow transmitted records to be scheduled independently 12 years ago
  Michael Brown b7f8d1bbfd [tls] Add support for Server Name Indication (SNI) 12 years ago
  Michael Brown d9ce3bfe4c [tls] Support TLS version 1.1 12 years ago
  Michael Brown 75090f2abf [tls] Use ANS X9.82 Approved RBG as source of random data for TLS 12 years ago
  Michael Brown 5eb60f4883 [tls] Eliminate polling while TX state machine is idle 13 years ago
  Michael Brown e01ec74601 [process] Pass containing object pointer to process step() methods 13 years ago
  Michael Brown 0cc03ac76a [tls] Send xfer_window_changed() when TLS session is established 13 years ago
  Michael Brown 21682afe69 [tls] Handle multiple handshake records 14 years ago
  Michael Brown 4327d5d39f [interface] Convert all data-xfer interfaces to generic interfaces 14 years ago
  Michael Brown 4bfd5b52c1 [refcnt] Add ref_init() wrapper function 14 years ago