Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for ECDHE key exchange #38

Merged
merged 21 commits into from
Nov 27, 2015
Merged

Support for ECDHE key exchange #38

merged 21 commits into from
Nov 27, 2015

Conversation

tomato42
Copy link
Member

  • support for ECDHE key exchange (including automatic negotiation of curve used)
  • support for AECDH on client side
  • refactoring of key exchange code to make supporting other key exchange methods easier, both to add and to test
  • test coverage for all key exchange methods
  • extension of support for TLSv1.2 signature algorithms on ServerKeyExchange and CertificateVerify - now all signature hashes are supported and are negotiated according to spec
  • more test coverage, cleanups and documentation for assorted methods

will fix #37

@landscape-bot
Copy link

Code Health
Repository health decreased by 0.81% when pulling 7b55f96 on ecdh into 741f9f8 on master.

@tomato42 tomato42 changed the title [WIP] preliminary support for ECDHE [WIP] Support for ECDHE key exchange Oct 18, 2015
@tomato42 tomato42 added this to the v0.6.0 milestone Oct 18, 2015
@tomato42
Copy link
Member Author

I'll probably move AECDH support to 0.7.0, please speak up if you'd like to see it earlier

@tomato42
test coverage for numberToByteArray
2c32fe5
@tomato42
fix definition of KeyExchange methods
3dc3cba
@tomato42
SHA2 algorithm identifiers in PKCS#1 v1.5 signatures
3a9aed1 
TLSv1.2 allows us to select different hash algorithms, but
we need to encode them differently
@tomato42
add rsaSigHashes to HandshakeSettings
4c29678
@tomato42
Support for remaining handshake hash types
50f4d93 
For CertificateVerify message to be signed with other hash types, we
need to keep all types that we support.
@tomato42
support for SHA-2 hashes
8cbc01a
@tomato42
make DHE key exchange use generic methods for sigs
c3f9ff0
@tomato42
move client RSA key exchange to KeyExchange
ceec3b3
@tomato42
move client DHE key exchange to KeyExchange
097269e
@tomato42
make SRP use the KeyExchange class
c316377
@tomato42
move client SRP key exchange to KeyExchange
10290cd
@tomato42
make all client key exchanges use common code
ebb8035
@tomato42
implement ECDHE key exchange
59afa67
@tomato42
ECDH_anon suites in clients
a210ba5
@tomato42
use a common constructor for ClientKeyExchange
28ecfee
@tomato42
break up HandshakeSettings validate method
20fcb50 
the method become rather large, group the methods
and put them into separate methods
@tomato42
small clean up in CipherSuite class
75e3573 
since all staticmethods are standalone, accessing
_filterSuites from within them accesses "external"
class private method. Remake them to class methods
so that the dependency is explicit
@tomato42
small clean up in RSAKey
b376aa8 
since all staticmethods are standalone, accessing
_pkcs1Prefixes from within them accesses "external"
class field. Remake them to class methods so that
the dependency is explicit rather than implicit
@tomato42
don't use len(x) to check if x is empty
7bb95ea 
since all collections have a boolean representation
use it to avoid optical clutter
@tomato42
remove excessive if statements
d04fbe0 
no point in using multiple if statements if one will do
@tomato42
move KeyExchange to separate module
14b38f3
@tomato42 tomato42 added the review request PR finished, ready for review label Nov 26, 2015
@tomato42 tomato42 changed the title [WIP] Support for ECDHE key exchange Support for ECDHE key exchange Nov 26, 2015
tomato42 added a commit that referenced this pull request Nov 27, 2015
@tomato42
Merge pull request #38 from tomato42/ecdh
bc101ff 
Support for ECDHE key exchange
@tomato42 tomato42 merged commit bc101ff into master Nov 27, 2015
@tomato42 tomato42 deleted the ecdh branch November 27, 2015 12:53
@jbremer
Copy link

jbremer commented Dec 1, 2015

Awesome!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
review request PR finished, ready for review
Projects
None yet
Milestone
v0.6.0
Development

Successfully merging this pull request may close these issues.

Add support for ECDHE key exchange
4 participants
@tomato42 @landscape-bot @jbremer @joshbressers