terribletls

Go 1.13's TLS library butchered to include terrible ciphers. Do not use.

I needed a TLS library with TLS_RSA_EXPORT_WITH_RC4_40_MD5 and TLS_RSA_WITH_RC4_128_MD5, so that's what this is.

MD5 doesn't have a ConstantTimeSum(), but TLS1.0+ require it, so that's butchered in too. Is it O(1)? I have no idea.

Finally, I had to rip out some internal calls. The result is that unlike with the normal library, a terribletls.Config{} structure cannot have a nil CipherSuites list. You must specify the suites you want.

Thank you @stephen-fox for working through this with me.

Name		Name	Last commit message	Last commit date
Latest commit History 6 Commits
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
alert.go		alert.go
auth.go		auth.go
cipher_suites.go		cipher_suites.go
common.go		common.go
conn.go		conn.go
generate_cert.go		generate_cert.go
handshake_client.go		handshake_client.go
handshake_client_tls13.go		handshake_client_tls13.go
handshake_messages.go		handshake_messages.go
handshake_server.go		handshake_server.go
handshake_server_tls13.go		handshake_server_tls13.go
key_agreement.go		key_agreement.go
key_schedule.go		key_schedule.go
prf.go		prf.go
ticket.go		ticket.go
tls.go		tls.go

License

chrismarget/terribletls

Folders and files

Latest commit

History

Repository files navigation

terribletls

About

Resources

License

Stars

Watchers

Forks

Languages