SupportedKxGroup, SupportedCipherSuite, and EnabledVersions have derived
Debug implementations, but these implementations wind up being
excessively noisy. Instead, delegate their Debug implementations to
their underlying enums.
Stores the parsed data for a handshake message payload alongside
the encoded version to avoid having to re-encode the message when
updating the transcript hash. Also avoids encoding outgoing handshake
message payloads twice.
Dynamically load the FFI Library of trust using flutter in Android system. `Connection Failed: tls connection init failed: Interrupted system call (os error 4)`.
`require_handshake_msg` is designed to express message type
requirements: failures of those checks are expensive because
they involve logging output and allocations in the error value.
Introduce `is_handshake_msg` which does the same validation, but
just calculates a bool so is cheap.
Updates the documentation on TLS vulnerabilities to specify that both
TLSv1.1 and TLSv1.2 offered support for compression.
Signed-off-by: hasheddan <georgedanielmangum@gmail.com>
These were:
- bugs::partial_chain: better tested in webpki, but also has never
not worked and is the most common configuration of TLS servers.
- features::recv_low_mtu: can we as a client deal with a very
fragmenty server? New test test_server_mtu_reduction added.
- features::send_small_fragments bogo tests MaxSendFragment-* cover this
- features::send_sni: does the client send SNI? Large numbers of sni
tests in api.rs cover this, plus bogo ServerNameExtensionClient-*
- features::do_not_send_sni: already covered by client_with_sni_disabled_does_not_send_sni
The Bogo test suite tests resumption a lot more thoroughly, and these
seem to be redundant with it.
The resumption tests were the last to use `TlsServer`, so remove it.
The badssl tests attempt to do some rate limiting. But, it is assuming the tests
are executed serially. Actually, all the tests run concurrently, sleep
concurrently for 1 second, and then wake up and go at the same time. Thus, the
effect is basically just to slow down `cargo test` by 1 second.
I doubt the rate limiting would be useful if it worked, as badssl is probably
not getting a lot of traffic.
`client_auth_by_client` is covered by multiple Bogo tests, in
particular the RSA signature scheme tests for client authentication.
The scenerios in `client_auth_by_server_required` and
`client_auth_required_but_unsupported` is covered by the Bogo
`NoClientCertificate-*`, `RequireAnyClientCertificate-*`,
`SkipClientCertificate`, etc.
I retained `client_auth_requested_but_unsupported` because I didn't
see a Bogo test for it.
Bogo tests all the signature algorithms for client auth already, both
in client and server. Bogo tests TLS 1.3 and TLS 1.2 individually, which
is an important improvement over the redundant tests.
Regarding Ed25519 specifically, BoringSSL doesn't enable it by default,
but it does still test it, e.g.:
```
"Server-Verify-Ed25519-TLS12": {
"actual": "PASS",
"expected": "PASS",
"is_unexpected": false
},
"Server-Verify-Ed25519-TLS13": {
"actual": "PASS",
"expected": "PASS",
"is_unexpected": false
},
```
The implementation of `client_auth_mandatory()` is redundant with the
default implementation. By removing this redundant implementation, we
add test coverage of the default implementation, which is currently
uncovered.