mirror/zig
1
0
Fork 0
mirror of https://github.com/ziglang/zig.git synced 2025-12-07 14:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
24,224 Commits 43 Branches 24 Tags
Commit Graph

16 Commits

Author SHA1 Message Date
Bas Westerbaan
7cb3a67507
crypto/tls: switch X25519Kyber768Draft00 to new codepoint (#15821) 
The tls wg preferred a codepoint outside of the reserved range. This new
codepoint has been assigned by IANA.

See

 - https://datatracker.ietf.org/doc/draft-tls-westerbaan-xyber768d00-02/
 - https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#table-tls-parameters-8
 2023-05-23 11:07:07 +00:00
Andrew Kelley
125221cce9 std: update to use @memcpy directly 2023-04-28 13:24:43 -07:00
Bas Westerbaan
2089b3f193
tls: use post-quantum secure key exchange (#14920) 2023-03-17 17:51:24 +01:00
Andrew Kelley
aeaef8c0ff update std lib and compiler sources to new for loop syntax 2023-02-18 19:17:21 -07:00
Andrew Kelley
611a1fdd6d std.crypto.tls: add API for sending close_notify 
This commit adds `writeEnd` and `writeAllEnd` in order to send data and
also notify the server that there will be no more data written.

Unfortunately, it seems most TLS implementations in the wild get this
wrong and immediately close the socket when they see a close_notify,
rather than only ending the data stream on the application layer.
 2023-01-02 16:57:16 -07:00
Andrew Kelley
0fb78b15aa std.crypto.tls: use a Decoder abstraction 
This commit introduces tls.Decoder and then uses it in tls.Client. The
purpose is to make it difficult to introduce vulnerabilities in the
parsing code. With this abstraction in place, bugs in the TLS
implementation will trip checks in the decoder, regardless of the actual
length of packets sent by the other party, so that we can have
confidence when using ReleaseFast builds.
 2023-01-02 16:57:16 -07:00
Andrew Kelley
21ab99174e std.crypto.tls.Client: use enums more 2023-01-02 16:57:16 -07:00
Andrew Kelley
ceb211e65f std.crypto.tls.Client: handle key_update message 2023-01-02 16:57:15 -07:00
Andrew Kelley
4f9f4575bd std.crypto.tls: rename HandshakeCipher 2023-01-02 16:57:15 -07:00
Andrew Kelley
bbc074252c introduce std.crypto.CertificateBundle 
for reading root certificate authority bundles from standard
installation locations on the file system. So far only Linux logic is
added.
 2023-01-02 16:57:15 -07:00
Andrew Kelley
3237000d95 std.crypto.tls: rudimentary certificate parsing 2023-01-02 16:57:15 -07:00
Andrew Kelley
5d7eca6669 std.crypto.tls.Client: fix verify_data for batched handshakes 2023-01-02 16:57:15 -07:00
Andrew Kelley
e2efba76aa std.crypto.tls: refactor to remove mutations 
build up the hello message with array concatenation and helper functions
rather than hard-coded offsets and lengths.
 2023-01-02 16:57:15 -07:00
Andrew Kelley
41f4461cda std.crypto.tls.Client: verify the server's Finished message 2023-01-02 16:57:15 -07:00
Andrew Kelley
942b5b468f std.crypto.tls: implement the rest of the cipher suites 
Also:
 * Use KeyPair.create() function
 * Don't bother with CCM
 2023-01-02 16:57:15 -07:00
Andrew Kelley
93ab8be8d8 extract std.crypto.tls.Client into separate namespace 2023-01-02 16:57:15 -07:00