gr1ffon/quic-go
1
0
Fork 0
forked from quic-go/quic-go
Code Pull Requests Activity
839 Commits 1 Branch 126 Tags
6868d70710af449c451dfb8f4a797534509dbca6
Commit Graph

48 Commits

Author SHA1 Message Date
Lucas Clemente
6868d70710 improve handshake package coverage 
ref #241
 2016-08-02 12:04:25 +02:00
Lucas Clemente
1712a7388f drop support for v30 
fixes #213
 2016-07-29 15:22:56 +02:00
Lucas Clemente
c03e9448a1 don't send certificate chains to client requests without STK 
fixes #141
 2016-07-29 11:35:02 +02:00
Lucas Clemente
af56ff2aca cache the ephermal key for up to 1 min 
fixes #136
 2016-07-28 19:07:57 +02:00
Lucas Clemente
769655c43e delay server nonce generation until after the CHLO 
fixes the second part of #136
 2016-07-28 18:25:29 +02:00
Lucas Clemente
5c4a7a9ec1 delay diversification nonce generation until after the CHLO 
fixes the first part of #136
 2016-07-28 17:21:39 +02:00
Lucas Clemente
d5255a4075 update AEADs to allow in-place encryption and decryption 
ref #217
 2016-07-26 15:13:15 +02:00
Lucas Clemente
705da8fd00 switch to AES-GCM as symmetric cipher 
fixes #200
 2016-07-05 12:13:41 +02:00
Lucas Clemente
240946dfde replace version number literals with constants to make grepping easier 2016-06-03 11:09:48 +02:00
Lucas Clemente
5ed0182b67 fix a race condition in CryptoSetup 
CryptoSetup's AEADs were changed between calls to
DiversificationNonce() and Seal()
 2016-06-02 16:13:06 +02:00
Lucas Clemente
21db6f9270 move CHLO log to debug 2016-06-02 13:33:19 +02:00
Lucas Clemente
fa2e34d360 require and generate source address tokens in crypto setup 
fixes #121
 2016-05-24 11:20:16 +02:00
Lucas Clemente
241c9f3a3c add support for diversification to key derivation 
ref #51
 2016-05-21 00:04:28 +02:00
Lucas Clemente
2606b891e2 add diversification to AEADs and conditionally include in public header 
ref #51
 2016-05-20 23:41:04 +02:00
Lucas Clemente
52d734f644 fix 0-RTT handshakes by not requiring SNOs for initial encryption 
fixes #118, fixes #119
 2016-05-20 13:05:51 +02:00
Lucas Clemente
f86875f746 reject small CHLOs to prevent amplification attacks 
fixes #1
 2016-05-19 16:20:22 +02:00
Lucas Clemente
7a97f34fac don't panic 🤓 
fixes #93
 2016-05-18 18:29:42 +02:00
Lucas Clemente
d0e6b993bb use new error codes throughout the server 
fixes #86
 2016-05-17 12:49:59 +02:00
Lucas Clemente
c7126137d1 queue undecryptable packets for later decryption & possibly send PRST 
fixes #38, fixes #69, fixes #73
 2016-05-12 16:46:18 +02:00
Lucas Clemente
ea83ca8950 implement cert compression with cached certificates 2016-05-11 16:30:04 +02:00
Lucas Clemente
7c1e1cde56 rename GetCertCompressed to GetCertsCompressed 2016-05-11 11:41:44 +02:00
Lucas Clemente
20655bac5a rename GetCertUncompressed to GetLeafCert 2016-05-11 11:40:20 +02:00
Lucas Clemente
7609246b45 re-add support for version 30 
fixes #72
 2016-05-10 11:05:52 +02:00
Lucas Clemente
f4ac8ff949 read SNI from crypto handshake 
fixes #48
 2016-05-08 23:06:18 +02:00
Lucas Clemente
85c39721ec change Signer interface to return errors 2016-05-08 22:46:59 +02:00
Lucas Clemente
6738f0eadf add sni to crypto.Signer interface 2016-05-08 22:23:36 +02:00
Lucas Clemente
c6fb85be22 add handshake message logging 2016-05-08 22:09:02 +02:00
Lucas Clemente
40ee20c02b use a ephermal curve25519 for forward secure key exchange 
fixes #17
 2016-05-04 12:45:25 +02:00
Marten Seemann
d07baef91b manage connection parameters in a separate class 2016-05-04 17:20:36 +07:00
Lucas Clemente
daf4e4a867 remove support for version 30, since we don't implement FEC at all 2016-05-02 20:56:02 +02:00
Lucas Clemente
623bf065fd accept null-encrypted pckts until an encrypted pckt has ben received 
this should fix issue #33
 2016-05-02 14:38:05 +02:00
Lucas Clemente
607ab843d6 close session when crypto stream errors 2016-04-27 12:49:55 +02:00
Lucas Clemente
9fc874be53 add newline to crypto error messages 2016-04-26 15:37:52 +02:00
Lucas Clemente
bb3c8b707b fix randomness 2016-04-21 13:48:42 +02:00
Lucas Clemente
7efc7f79d2 validate that CryptoSetup is an AEAD 2016-04-21 13:48:42 +02:00
Lucas Clemente
4e1942a76e improve inchoate CHLO recognition 2016-04-19 13:37:59 +02:00
Lucas Clemente
9cbeb49d49 change AEAD interface to use byte slices, simplifying its usage 2016-04-18 14:37:34 +02:00
Lucas Clemente
f5ec5262d1 stop crypto thread after handshake is complete or errors 2016-04-18 11:10:00 +02:00
Lucas Clemente
758fdeb3d3 change CryptoSetup to use streams 2016-04-18 11:03:49 +02:00
Lucas Clemente
bc736feada add an rw mutex to crypto setup in preparation for using the new streams 2016-04-17 19:14:47 +02:00
Lucas Clemente
d32a1b8a2b add tests for crypto escalation 2016-04-17 17:11:54 +02:00
Lucas Clemente
b5c7bcda18 extract SHLO into separate method and test it 2016-04-17 00:31:30 +02:00
Lucas Clemente
cbbf29e3d5 add some cryptosetup tests 2016-04-17 00:22:41 +02:00
Lucas Clemente
ac0eed61f2 introduce crypto.Signer interface and hide RSA implementation 2016-04-17 00:22:26 +02:00
Lucas Clemente
aa5d2be491 implement forward secure encryption 2016-04-16 22:08:57 +02:00
Lucas Clemente
88f404c19e initial server hello implementation 2016-04-16 00:27:30 +02:00
Lucas Clemente
13c0445bb4 randomly generate the server config ID and check whether it matches 2016-04-16 00:09:50 +02:00
Lucas Clemente
14d3b03b44 more consistent filenames 2016-04-15 22:28:45 +02:00