All notable changes to the "dtls" package will be documented in this file.
- Update binary-data@0.6.0
- Added PSK key exchange, RFC4279, RFC5487. Ciphers:
- TLS_PSK_WITH_AES_128_GCM_SHA256
- TLS_PSK_WITH_AES_256_GCM_SHA384
- Added CHACHA20-POLY1305 ciphers:
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (nodejs v11+ only)
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (nodejs v11+ only)
- TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 (nodejs v11+ only)
- Users may change ciphers list sent to the server using
options.cipherSuites
- Security fixes
- Added ECDHE_PSK key exchange #16. Ciphers:
- TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256
- Drop AES-CCM block cipher
- Added
timeout
event to detect inactive connections - Added
ALPN
(RFC 7301) extension - Update dependencies
- Bug fixes
- Added ECDHE_ECDSA key exchange. Ciphers:
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_AES_128_CCM
- TLS_ECDHE_ECDSA_WITH_AES_256_CCM
- Support for message reordering.
- Added ability to verify server (incoming) certificate.
- Added support for client-side certificate.
- [bug] retransmitted messages don't ignore it's epoch.
- Added AES CCM cipers
- TLS_RSA_WITH_AES_128_CCM
- TLS_RSA_WITH_AES_256_CCM
- Added Extended Master Secret tls extension
- Added ECDHE_RSA key exchange.
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- support set / get MTU, 1200 bytes by default.
- handshake retransmission, follow RFC's rules.
- merge outgoing handshakes to speed up handshake process.
- First release. Client-side implementation only with limited ciphers:
- TLS_RSA_WITH_AES_128_GCM_SHA256
- TLS_RSA_WITH_AES_256_GCM_SHA384