[prev in list] [next in list] [prev in thread] [next in thread]
List: botan-devel
Subject: [botan-devel] New TLS implementation
From: Jack Lloyd <lloyd () randombit ! net>
Date: 2012-01-28 3:33:58
Message-ID: 20120128033358.GF3424 () randombit ! net
[Download RAW message or body]
I've been spending a bit of time working on botan's TLS implementation
in a branch. It seems like the higher level APIs have settled in at
this point, though there are number of new features I still want to
add and a lot of refactoring before I'd consider it stable. But at
this point it adds (vs the version in 1.10.1):
* Event driven I/O. A TLS server using ASIO and a select-driven TLS
client are included in the examples. The interface is a bit unusual;
I think it works well, but I'd love some feedback.
* Client certificate authentication
* Renegotiation support (including the secure renegotiation extension)
* TLS 1.2 including SHA-256/SHA-384 ciphersuites and SHA-2 signing
* ECDH key exchange
* Session resumption for clients and servers. Currently the only
implemented session manager is one that stores in-memory but a
version using flat files or sqlite would be easy to write and plug in.
* PSK key exchange (including DHE_PSK and ECDHE_PSK)
* About half of SRP key exchange (not working yet but will be there soon)
* Support for multiple certificates in servers (application can choose
based on hostname or other logic)
* Maximum fragment length extension
* Next protocol negotiation extension
You can find the work in the net.randombit.botan.tls-state-machine branch.
I've put up a tarball of a recent version at
http://botan.randombit.net/files/misc/botan-tls-2.0-20120127.tgz
Be warned that all APIs in this release are subject to change in
future versions.
Comments/bug reports most welcome.
Jack
_______________________________________________
botan-devel mailing list
botan-devel@randombit.net
http://lists.randombit.net/mailman/listinfo/botan-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic