gr1ffon/quic-go
1
0
Fork 0
forked from quic-go/quic-go
Code Pull Requests Activity
1,126 Commits 1 Branch 126 Tags
863467f3444acabcef236e7e9135abcc60092f4f
Commit Graph

65 Commits

Author SHA1 Message Date
Marten Seemann
863467f344 validate XLCT tag in client hello 
fixes #363
 2017-01-04 11:41:43 +07:00
Marten Seemann
98ff7ccb50 use FNV1a hash for cached certificates 
fixes #383
 2017-01-04 10:56:36 +07:00
Lucas Clemente
5d0399bfe3 use LRU cache for cached certificates 
fixes #268
 2016-09-08 23:08:57 +02:00
Lucas Clemente
5dda3b8e69 remove support for version 32 from crypto 2016-09-01 12:20:19 +02:00
Lucas Clemente
6239d80492 remove leftover code from v30 2016-08-18 10:31:28 +02:00
Lucas Clemente
3bf525ed16 update common certificate sets from chrome 2016-08-17 23:53:10 +02:00
Lucas Clemente
fe531dd65e cache compressed certificate chains 
fixes #227
 2016-08-09 14:34:49 +02:00
Lucas Clemente
4eb9077f1b simplify crypto/rand reading 2016-08-09 13:08:42 +02:00
Lucas Clemente
125842d80d simplify key derivation 2016-08-06 17:54:11 +02:00
Lucas Clemente
ed15c18387 disable chacha20 build until we have solved the dependency situation 2016-08-01 16:28:22 +02:00
Lucas Clemente
8a08171322 move nonce generation to separate file 2016-08-01 16:27:38 +02:00
Lucas Clemente
d5255a4075 update AEADs to allow in-place encryption and decryption 
ref #217
 2016-07-26 15:13:15 +02:00
Andreas Auernhammer
c5be7d0d62 Replace ChaCha20Poly1305 implementation 
Improve AEAD speed with slightly faster poly1305 implementation.
Avoid memory allocations whenever possible. (AEAD)
But currently missing AVX2 support.

BenchmarkSeal64B-8     1561 ns/op       40.97 MB/s
BenchmarkSeal1K-8      5570 ns/op      183.82 MB/s
BenchmarkSeal64K-8     161271 ns/op    406.37 MB/s
BenchmarkOpen64B-8     1747 ns/op       45.79 MB/s
BenchmarkOpen1K-8      5741 ns/op      181.14 MB/s
BenchmarkOpen64K-8     157116 ns/op    417.22 MB/s
 2016-07-17 23:23:30 +02:00
Lucas Clemente
705da8fd00 switch to AES-GCM as symmetric cipher 
fixes #200
 2016-07-05 12:13:41 +02:00
Lucas Clemente
240946dfde replace version number literals with constants to make grepping easier 2016-06-03 11:09:48 +02:00
Lucas Clemente
d87e20efc9 remove DiversificationNonce() from the AEAD interface 2016-06-02 16:13:48 +02:00
Lucas Clemente
981d4e7fb8 add support for ECDSA private keys 
fixes #158
 2016-05-31 23:06:38 +02:00
Lucas Clemente
b0bc84c5aa improve crypto test coverage 2016-05-30 10:16:25 +02:00
Lucas Clemente
fa2e34d360 require and generate source address tokens in crypto setup 
fixes #121
 2016-05-24 11:20:16 +02:00
Lucas Clemente
9539169fa4 implement source address token generation and validation 
ref #121
 2016-05-23 18:13:39 +02:00
Lucas Clemente
241c9f3a3c add support for diversification to key derivation 
ref #51
 2016-05-21 00:04:28 +02:00
Lucas Clemente
2606b891e2 add diversification to AEADs and conditionally include in public header 
ref #51
 2016-05-20 23:41:04 +02:00
Lucas Clemente
224524c8d3 move to a faster chacha20poly1305 implementation 
refs #125
 2016-05-20 00:43:08 +02:00
Lucas Clemente
7a97f34fac don't panic 🤓 
fixes #93
 2016-05-18 18:29:42 +02:00
Lucas Clemente
283cab4e0d improve crypto tests 2016-05-15 15:23:46 +02:00
Lucas Clemente
c12a12518e run gofmt -s on tests 2016-05-15 14:42:34 +02:00
Lucas Clemente
d17d597ebe implement certificate compression using common certificate sets 
fixes #47
 2016-05-11 16:30:04 +02:00
Lucas Clemente
ea83ca8950 implement cert compression with cached certificates 2016-05-11 16:30:04 +02:00
Lucas Clemente
8cdf832aa0 add support for sending intermediate certificate 
fixes #76
 2016-05-11 12:23:09 +02:00
Lucas Clemente
7c1e1cde56 rename GetCertCompressed to GetCertsCompressed 2016-05-11 11:41:44 +02:00
Lucas Clemente
20655bac5a rename GetCertUncompressed to GetLeafCert 2016-05-11 11:40:20 +02:00
Lucas Clemente
88c6311ab8 read tls.Config data properly in RSA proof implementation 
ref #48
 2016-05-08 22:57:53 +02:00
Lucas Clemente
85c39721ec change Signer interface to return errors 2016-05-08 22:46:59 +02:00
Lucas Clemente
32cf5e4129 read tls.Config properly in RSA signer 2016-05-08 22:42:11 +02:00
Lucas Clemente
6738f0eadf add sni to crypto.Signer interface 2016-05-08 22:23:36 +02:00
Lucas Clemente
b5a27d3aa2 move to chacha20poly1305 fork 2016-05-05 15:19:54 +02:00
Lucas Clemente
df2e6e32eb move fnv128a implementation to separate package 2016-05-04 17:26:44 +02:00
Lucas Clemente
c068cbcb8f replace certificate path with tls.Config instance throughout the server 
The example server now reads the certificate and key data itself. Tests
use the new testdata package, where the sample key & cert are stored.

Fixes #24
 2016-05-03 16:41:25 +02:00
Lucas Clemente
bb3c8b707b fix randomness 2016-04-21 13:48:42 +02:00
Lucas Clemente
9cbeb49d49 change AEAD interface to use byte slices, simplifying its usage 2016-04-18 14:37:34 +02:00
Lucas Clemente
ac0eed61f2 introduce crypto.Signer interface and hide RSA implementation 2016-04-17 00:22:26 +02:00
Lucas Clemente
717e4e0ecd fix key derivation test 2016-04-16 22:22:33 +02:00
Lucas Clemente
aa5d2be491 implement forward secure encryption 2016-04-16 22:08:57 +02:00
Lucas Clemente
7aec145d52 adopt chacha20 implementation to upstream changes 2016-04-16 20:46:33 +02:00
Lucas Clemente
14d3b03b44 more consistent filenames 2016-04-15 22:28:45 +02:00
Lucas Clemente
7acb3365d5 use dictionary to compress certificates 2016-04-15 20:40:43 +02:00
Lucas Clemente
495bb0ef92 handle version Q030 properly 2016-04-15 19:01:14 +02:00
Lucas Clemente
ec509fb98f add key derivation test 2016-04-15 12:44:31 +02:00
Lucas Clemente
35a40ac6d8 rename GetCERTData to GetCertCompressed 2016-04-15 12:37:23 +02:00
Lucas Clemente
86b4ffdaaf use chacha20poly1305 instead of AES and include cert in key derivation 
Unfortunately QUIC uses non-standard tag sizes with both AES-GCM and
Poly1305. Adopting AES-GCM seems much harder, so I changed it to
Chacha20Poly1305 and only made some slight changes to an existing algo.
This should probably be double-checked at some point.
 2016-04-14 23:44:31 +02:00