gr1ffon/quic-go
1
0
Fork 0
forked from quic-go/quic-go
Code Pull Requests Activity
1,391 Commits 1 Branch 126 Tags
9e147714ac65c950301215ea422fa8f83cbb1e1e
Commit Graph

177 Commits

Author SHA1 Message Date
Marten Seemann
9e147714ac pack smaller packets as long as the encryption is not forward secure 2017-03-01 14:01:52 +07:00
Marten Seemann
599926e3cb add a method to force the encryption level when sealing a packet 2017-03-01 14:01:51 +07:00
Marten Seemann
6cb19e42a5 explicitly pass encryption level in the aeadChanges channel 2017-02-25 21:38:08 +07:00
Marten Seemann
0c20f5e9b3 return the encryption level used for Sealing 2017-02-25 08:27:14 +07:00
Marten Seemann
a972c7a21e return the encryption level of a packet when decrypting it 2017-02-25 08:27:08 +07:00
Marten Seemann
eb7a7f79f7 add tests for clientCryptoSetup Open and Seal methods 2017-02-24 11:42:41 +07:00
Marten Seemann
cd465ae0b5 move utils.Stream to quic.Stream 2017-02-22 23:03:09 +07:00
Marten Seemann
7fe2a37c76 use byte-slice instead of net.IP for generating source address tokens 2017-02-22 23:03:07 +07:00
Marten Seemann
268841f0cc add a TLSClientConfig to the QUIC RoundTripper 
fixes #407
 2017-02-04 10:28:00 +07:00
Marten Seemann
713df41c8b verify certificates using a client TLS config, if given 
ref #407
 2017-02-03 15:46:38 +07:00
Marten Seemann
90983470e8 fix logging of REJs and SHLOs 2017-02-02 14:16:46 +07:00
Marten Seemann
c71e8cfb25 log sent CHLOs 2017-01-14 19:00:24 +07:00
Marten Seemann
82f2298658 fix race condition in client crypto setup 2017-01-14 19:00:23 +07:00
Marten Seemann
db09de621c detect version downgrade attacks in the client crypto setup 2017-01-14 18:58:47 +07:00
Marten Seemann
53706049c7 read connection parameters when receiving a SHLO 2017-01-14 18:58:46 +07:00
Marten Seemann
a587af079d improve the connection parameters manager for the client 2017-01-14 18:58:46 +07:00
Marten Seemann
64c4bede3e remove unnecessary loop from connection parameters manager 2017-01-14 18:58:45 +07:00
Marten Seemann
a0bdf79b5b create an aeadChanged channel in the client crypto setup 2017-01-14 18:52:25 +07:00
Marten Seemann
9fc9522539 implement a HandshakeComplete method in the client crypto setup 2017-01-14 18:52:24 +07:00
Marten Seemann
f72fbc57a9 send connection parameters in CHLO 2017-01-14 18:52:24 +07:00
Marten Seemann
dde5ce465c enforce presence of version list in SHLO 2017-01-14 18:52:23 +07:00
Marten Seemann
2589a6eff9 reject unencrypted SHLOs 2017-01-14 18:52:23 +07:00
Marten Seemann
e19416a43b use server nonce in key derivation for initial encryption, if available 2017-01-14 18:52:23 +07:00
Marten Seemann
b8e11d6e67 improve tests for key derivation 2017-01-14 18:52:23 +07:00
Marten Seemann
fdd0fdf90d send KEXS and AEAD value in full client hello 2017-01-14 18:52:22 +07:00
Marten Seemann
63f2faec85 send common certificate sets in the client hello 2017-01-14 18:52:22 +07:00
Marten Seemann
86da7dce81 send leaf certificate hash (XLCT) in client hello 2017-01-14 18:52:22 +07:00
Marten Seemann
420f5abcd7 log when certificate or server proof verification fails 2017-01-14 18:52:21 +07:00
Marten Seemann
2131e8fa6d don’t send more than 3 CHLOs 
makes sure that the server allows the client to make progress in the handshake
 2017-01-14 18:52:20 +07:00
Marten Seemann
8161e1f4a1 simplify server proof verification function signature 2017-01-14 18:52:20 +07:00
Marten Seemann
865aed07d8 verify certificate chain when receiving it, return correct errors 2017-01-14 18:52:19 +07:00
Marten Seemann
014315d3c7 parse hostname from address and pass it to the client cryptoSetup 2017-01-14 18:52:19 +07:00
Marten Seemann
4b8508c017 verify certificate chain in certManager 2017-01-14 18:52:19 +07:00
Marten Seemann
bb1af0db1e move server proof verification to crypto package 2017-01-14 18:52:18 +07:00
Marten Seemann
0535491f30 rename crypto.Signer to crypto.CertChain 2017-01-14 18:52:18 +07:00
Marten Seemann
c8b3189caf validate server config signature, for ECDSA certificates 2017-01-14 18:52:18 +07:00
Marten Seemann
3063cab7cc only escalate crypto when the server config has been verified 2017-01-14 18:52:18 +07:00
Marten Seemann
58b905e636 validate server config signature, for RSA certificates 2017-01-14 18:52:17 +07:00
Marten Seemann
5aae3fbafe save the proof in client CryptoSetup 2017-01-14 18:52:17 +07:00
Marten Seemann
52ba2ce9f8 prevent int64 overflow when reading the expiry date of the server config 2017-01-14 18:52:17 +07:00
Marten Seemann
f9013edb77 check if the received server config is expired 2017-01-14 18:52:17 +07:00
Marten Seemann
0b736b2cce create forwardSecureAEAD after receiving all necessary values 2017-01-14 18:52:16 +07:00
Marten Seemann
2e0eae1a1d calculate required padding size in CHLOs 2017-01-14 18:52:16 +07:00
Marten Seemann
8bcad17297 create secureAEAD after receiving all necessary values 2017-01-14 18:52:16 +07:00
Marten Seemann
5a1c94ba7b send client nonce and public value after receiving the certificate chain 2017-01-14 18:52:16 +07:00
Marten Seemann
f6cef67c3d create interface for crypto.CertManager 2017-01-14 18:52:16 +07:00
Marten Seemann
992678b9d7 save last sent CHLO in client CryptoSetup 2017-01-14 18:52:16 +07:00
Marten Seemann
731dd87872 also keys for the client in AESGCM key derivation 2017-01-14 18:52:15 +07:00
Marten Seemann
4b67aefb83 generate a client nonce once, when reading a server config multiple times 2017-01-14 18:52:15 +07:00
Marten Seemann
f1810ae82d generate a client nonce after receiving a server config 2017-01-14 18:52:15 +07:00