TLS-N implementation for NSS
The main library file can be found inside nss/lib/ssl/tlsproof.c. Here the most important functions are:
This function adds a record to the evidence calculation.
The requester calls this function to trigger the evidence request.
The function used by the generator to finalize the evidence.
Uses the supplied evidence to create a proof according to the user's wishes.
Verifies a given proof.
We have also provided multiple test applications, such as:
- A standalone verifier that verifies proofs.
- A client and server application to test TLS-N with a specified amount of random traffic.
- A benchmarking app for TLS-N.
For testing purposes we provide a Test CA with a test certiface for
tls-n.testserver inside the ca folder. The certificate store has an empty password. You have to resolve this hostname accordingly in DNS.