rust/rustls
rust
/
rustls
mirror of https://github.com/ctz/rustls
1
0
Fork 0
Code Issues Releases Wiki Activity
3,008 Commits 46 Branches 72 Tags 36 MiB
Commit Graph

3008 Commits

Author SHA1 Message Date
Christian Poveda dc4cf38c03 make Decrypt trait use Borrowed{Opaque,Plain}Message 2024-01-09 17:53:17 +00:00
Christian Poveda 1b551e712e use BorrowedOpaqueMessage in MessageDeframer 2024-01-09 17:53:17 +00:00
Christian Poveda aa820d1e38 introduce and expose BorrowedOpaqueMessage 
Co-authored-by: Jorge Aparicio <jorge.aparicio@ferrous-systems.com>
 2024-01-09 17:53:17 +00:00
Christian Poveda e6dede5f5f introduce and expose BorrowedPayload 
Co-authored-by: Jorge Aparicio <jorge.aparicio@ferrous-systems.com>
 2024-01-09 17:53:17 +00:00
Christian Poveda ef41a6dbd6 introduce ReaderMut 
Co-authored-by: Jorge Aparicio <jorge.aparicio@ferrous-systems.com>
 2024-01-09 17:53:17 +00:00
Christian Poveda b068ca3643 maximize lifetimes in Reader API 
Co-authored-by: Jorge Aparicio <jorge.aparicio@ferrous-systems.com>
 2024-01-09 17:53:17 +00:00
Christian Poveda b1c0a29b6a Batch discard operations 2024-01-09 17:53:17 +00:00
Daniel McCarney ab774c73cd handshake: derive Clone on a few more messages 
To support implementing client-side ECH we'll need to clone a few
message types to make modifications. This commit adds derived `Clone`
implementations for `ClientHelloPayload`, `HelloRetryExtension` and
`ServerHelloPayload`.
 2024-01-09 16:26:58 +00:00
Daniel McCarney e521e94912 handshake: derive PartialEq on more types 
As part of implementing client-side ECH support we will want to be able
to return a `PeerIncompatible` error variant that includes ECH configs
to use for potential retry.

Since `PeerIncompatible` derives `PartialEq` we need to thread
derivations of this trait down through the `EchConfig` and associated
types.
 2024-01-09 16:26:58 +00:00
Daniel McCarney 1a2405a26e provider-example: clarify the hpke-rs backend 2024-01-09 15:29:07 +00:00
Daniel McCarney 166b598032 crypto: make EncapsulatedSecret derive Debug 2024-01-09 15:29:07 +00:00
Daniel McCarney e855192df6 crypto: tighten up HPKE lifetime bounds 
In practice we need `'static` here to be able to easily hold `Box<dyn
HpkeSender>` and friends. Our existing provider implementation already
matches this lifetime bound.
 2024-01-09 15:29:07 +00:00
Daniel McCarney 461c6936ce msgs: derive Copy for HpkeSymmetricCipherSuite 
This type holds simple numeric identifiers and can be cheaply copied.
 2024-01-09 15:29:07 +00:00
Daniel McCarney 9ab0139f5d crypto: add stateful HPKE interfaces 
Encrypted Client Hello support requires that clients maintain the HPKE
sealer context between sending an initial client hello, and processing
a hello retry request, such that the subsequent client hello can re-use
the HPKE state.

This commit updates the HPKE trait to add `setup_sealer` and
`setup_opener` fns in addition to the "one-shot" APIs. New
`HpkeSealer` and `HpkeOpener` traits are used to represent the
stateful sender/receiver contexts in a backend neutral way.

The existing hpke-rs provider example is updated to implement the new
required traits and fns.
 2024-01-09 15:29:07 +00:00
Daniel McCarney bd7122f150 hpke: reorder seal/open args, less terse arg names 
* Move the public key/secret key arguments to be last, since they are
  "long lived".
* Rename `pk_r` -> `pub_key` and `sk_r` to `secret_key`. Reference RFC
  9180's terse names.
 2024-01-09 15:29:07 +00:00
Daniel McCarney 962814eadb client: reorder ClientConfig fields by visibility 
`pub` fields should appear first, then `pub(super)` ones.
 2024-01-09 14:41:03 +00:00
Daniel McCarney be5a62294c client: order ClientConfig impls 
The inherit `ClientConfig` impl should appear first, and then the
`Clone` impl.
 2024-01-09 14:41:03 +00:00
Daniel McCarney 8285bf1b28 client: move TLs12Resumption enum down 
The `ClientConfig` parts should appear before the types it references.
The `Tls12Resumption` enum should appear after the `Resumption` type
that uses it.
 2024-01-09 14:41:03 +00:00
Benjamin Jurk 20ac87f64f examples: unbuffered-server: skip argv[0] 2024-01-08 12:09:04 +00:00
Benjamin Jurk 567d89227d examples: simpleserver: skip argv[0] & update doc comment 2024-01-08 12:09:04 +00:00
Joseph Birr-Pixton a3cc0bcb72 bogo: enable TLS13-Empty-Client-CA-List test 
This acts as a regression test for the previous commit.  This also enables:

- TLS12-Server-CertReq-CA-List
- TLS13-Server-CertReq-CA-List
- Null-Client-CA-List
 2024-01-05 16:31:50 +00:00
Joseph Birr-Pixton 9f79bac621 Don't add empty `certificate_authorities` extension 2024-01-05 16:31:50 +00:00
Daniel McCarney f1cfaec555 manual: add pointer to rustls-cng 
This commit adds a small pointer to rustls-cng in the manual's section
on customizing private key usage.
 2024-01-05 14:22:13 +00:00
Daniel McCarney fccff80241 crypto: KeyProvider pointer to customizing private key usage 
The `KeyProvider` trait associted with the `CryptoProvider` struct is
specific to private key material that can be loaded from a DER
representation. For users that want to use private keys used through
a handle, or PKCS11 style interface an alternative integration approach
is needed.

This commit adds a doc string update to the `KeyProvider` to guide such
users to look at the Rustls manual's section on customizing private key
usage.
 2024-01-05 14:22:13 +00:00
Daniel McCarney acdb721546 msgs: HandshakeMessagePayload::get_encoding_for_binder_signing -> encoding_for_binder_signing 2024-01-05 14:21:50 +00:00
Daniel McCarney 923c6e215b msgs: NewSessionTicketPayloadTls13::get_max_early_data_size -> max_early_data_size 2024-01-05 14:21:50 +00:00
Daniel McCarney 13dc47af0c msgs: NewSessionTicketExtension::get_type -> ext_type 2024-01-05 14:21:50 +00:00
Daniel McCarney 334a3258f8 msgs: CertificateRequestPayloadTls13::get_authorities_extension -> authorities_extension 2024-01-05 14:21:50 +00:00
Daniel McCarney 6bfb8e4dba msgs: CertificateRequestPayloadTls13::get_sigalgs_extension -> sigalgs_extension 2024-01-05 14:21:50 +00:00
Daniel McCarney d03c8ea19a msgs: CertReqExtension::get_type -> ext_type 2024-01-05 14:21:50 +00:00
Daniel McCarney ffc0a205e8 msgs: HasServerExtensions::get_quic_params_extension -> quic_params_extension 2024-01-05 14:21:50 +00:00
Daniel McCarney 7eead60457 msgs: HasServerExtensions::get_alpn_protocol -> alpn_protocol 2024-01-05 14:21:50 +00:00
Daniel McCarney f675ae14af msgs: CertificatePayloadTls13::get_end_entity_ocsp -> end_entity_ocsp 2024-01-05 14:21:50 +00:00
Daniel McCarney ad9692d5e8 msgs: CertificateEntry::get_ocsp_response -> ocsp_response 2024-01-05 14:21:50 +00:00
Daniel McCarney 5e49006079 msgs: CertificateExtension::get_cert_status -> cert_status 2024-01-05 14:21:50 +00:00
Daniel McCarney 8e88a65670 msgs: CertificateExtension::get_type -> ext_type 2024-01-05 14:21:50 +00:00
Daniel McCarney 4ab13e2fff msgs: ServerHelloPayload::get_supported_versions -> supported_versions 2024-01-05 14:21:50 +00:00
Daniel McCarney ee1c779921 msgs: ServerHelloPayload::get_ecpoints_extension -> ecpoints_extension 2024-01-05 14:21:50 +00:00
Daniel McCarney 5119e52b9c msgs: ServerHelloPayload::get_psk_index -> psk_index 2024-01-05 14:21:50 +00:00
Daniel McCarney 4f3d60e790 msgs: ServerHelloPayload::get_key_share -> key_share 2024-01-05 14:21:50 +00:00
Daniel McCarney cbace374b1 msgs: ServerHelloPayload::get_extensions -> extensions 2024-01-05 14:21:50 +00:00
Daniel McCarney 71a639f75a msgs: HelloRetryRequest::get_supported_versions -> supported_versions 2024-01-05 14:21:50 +00:00
Daniel McCarney e8f1ad6ccf msgs: HelloRetryRequest::get_cookie -> cookie 2024-01-05 14:21:50 +00:00
Daniel McCarney 2d7a39c102 msgs: HelloRetryRequest::get_requested_key_share_group -> requested_key_share_group 2024-01-05 14:21:50 +00:00
Daniel McCarney 0a35407264 msgs: HelloRetryExtension::get_type -> ext_type 2024-01-05 14:21:50 +00:00
Daniel McCarney 7042da585a msgs: ClientHelloPayload::get_psk_modes -> psk_modes 2024-01-05 14:21:50 +00:00
Daniel McCarney 1b2bc1cd3a msgs: ClientHelloPayload::get_psk -> psk 2024-01-05 14:21:50 +00:00
Daniel McCarney 3345415e52 msgs: ClientHelloPayload::get_keyshare_extension -> keyshare_extension 2024-01-05 14:21:50 +00:00
Daniel McCarney 03e33ae220 msgs: ClientHelloPayload::get_versions_extension -> versions_extension 2024-01-05 14:21:50 +00:00
Daniel McCarney b2e472aae0 msgs: ClientHelloPayload::get_ticket_extension -> ticket_extension 2024-01-05 14:21:50 +00:00