Commit Graph

8 Commits

Author SHA1 Message Date
David Cooper 714933d607 Add X448 support in TLS 1.3
Support for X448 was recently added to the development branch of OpenSSL 1.1.1. This PR adds an X448 key pair to etc/tls_data.txt (that was generated using OpenSSL 1.1.1) and adds X448 to the supported_groups extension for TLS 1.3 ClientHello messages.
2018-03-12 13:40:22 -04:00
David Cooper dd58fbb9aa
Add public keys
Add the public keys corresponding to the key pairs in TLS13_KEY_SHARES.
2017-11-02 11:44:29 -04:00
David Cooper cd6c84bfd3
Add a secp224r1 key pair 2017-11-02 11:30:24 -04:00
David Cooper ca7c8200eb Add TLSv1.3 support for run_server_preference()
This PR adds support for TLSv1.3 to run_server_preference(). It only provides partial support, as it only works if the support supports and earlier TLS protocol (in order to determine whether the server has a cipher order). It also will only show TLSv1.3 as the "Negotiated protocol" if $OPENSSL supports TLSv1.3.

This PR also fixes a bug in which the variable "proto" was defined as used as both a regular variable and as an array.
2017-10-20 11:40:19 -04:00
Dirk 9540224722 adding comments for David's PR #807 and pointing to the cipher list in #806 2017-07-31 12:59:36 +02:00
David Cooper ee40625d40 Fix typo in comment
$TLS12_CIPHER only includes 123 standard ciphers; 0x00,0xFF doesn't count as a "standard cipher."
2017-07-28 12:23:21 -04:00
David Cooper 7ccb611d13 Update TLS12_CIPHER
Update `$TLS12_CIPHER` to contain only 128 ciphers (so that it will work with servers that can't handle larger ClientHello messages), and also add some newer ciphers to `$TLS12_CIPHER`. Also define  a `$TLS12_CIPHER_2ND_TRY` containing a list of 127 ciphers that do not appear in `$TLS12_CIPHER`. `$TLS12_CIPHER_2ND_TRY` is used in `run_protocols()` in order to perform a second test against servers that do not establish a TLSv1.2 connection when offered `$TLS12_CIPHER`.
2017-07-28 12:14:44 -04:00
Dirk 8c0b0083d0 further separation of data / code 2017-03-21 09:15:30 +01:00