kris/boringssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
520e1220bb
boringssl/ssl
History
Steven Valdez 520e1220bb Implement experimental alternate encoding of TLS 1.3. 
TLS 1.3 deployment is currently blocked by buggy middleboxes
throughout the ecosystem. As an experiment to better understand these bugs
and the problems they are causing, implement TLS 1.3 variants with
alternate encodings. These are still the same protocol, only encoded
slightly differently. We will use what we learn from these experiments to
guide the TLS 1.3 deployment strategy and proposals to the IETF, if any.

These experiments only target the basic 1-RTT TLS 1.3 handshake. Based on
what we learn from this experiment, we may try future variations to
explore 0-RTT and HelloRetryRequest.

When enabled, the server supports all TLS 1.3 variants while the client
is configured to use a particular variant.

Change-Id: I532411d1abc41314dc76acce0246879b754b4c61
Reviewed-on: https://boringssl-review.googlesource.com/17327
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-07-10 18:15:08 +00:00
..
test Implement experimental alternate encoding of TLS 1.3. 2017-07-10 18:15:08 +00:00
bio_ssl.c Move the SSL BIO into ssl/ from decrepit/. 2017-02-03 21:08:10 +00:00
CMakeLists.txt Revise version negotiation logic on the C side. 2017-07-05 19:13:17 +00:00
custom_extensions.c Support enabling early data on SSL 2017-04-03 20:25:29 +00:00
d1_both.c Trim x509.h includes. 2017-03-07 23:13:49 +00:00
d1_lib.c Don't use long for timestamps. 2017-03-01 21:58:38 +00:00
d1_pkt.c Adding support for sending early data on the client. 2017-06-15 19:34:59 +00:00
d1_srtp.c
dtls_method.c Revise version negotiation logic on the C side. 2017-07-05 19:13:17 +00:00
dtls_record.c Don't use the buffer BIO in DTLS. 2017-01-25 23:35:32 +00:00
handshake_client.c Implement experimental alternate encoding of TLS 1.3. 2017-07-10 18:15:08 +00:00
handshake_server.c Remove some unnecessary error codes. 2017-07-05 23:50:47 +00:00
internal.h Implement experimental alternate encoding of TLS 1.3. 2017-07-10 18:15:08 +00:00
s3_both.c Unwind V2ClientHello counters. 2017-06-16 20:24:00 +00:00
s3_lib.c Really remove DHE ciphersuites from TLS. 2017-04-11 23:41:31 +00:00
s3_pkt.c Detect WatchGuard's TLS 1.3 interference failure mode. 2017-06-22 19:49:23 +00:00
ssl_aead_ctx.c Enforce incrementing counter for TLS 1.2 AES-GCM. 2017-05-26 20:06:36 +00:00
ssl_asn1.c Revise version negotiation logic on the C side. 2017-07-05 19:13:17 +00:00
ssl_buffer.c Size TLS read buffers based on the size requested. 2017-06-23 23:08:35 +00:00
ssl_cert.c Really remove DHE ciphersuites from TLS. 2017-04-11 23:41:31 +00:00
ssl_cipher.c Add some addition tests for the cipher parsing code and tidy. 2017-07-05 23:52:05 +00:00
ssl_ecdh.c Fix some malloc failure handling. 2017-06-15 19:38:59 +00:00
ssl_file.c Remove |X509| things from SSL_SESSION. 2017-02-10 19:12:04 +00:00
ssl_lib.c Implement experimental alternate encoding of TLS 1.3. 2017-07-10 18:15:08 +00:00
ssl_privkey_cc.cc Rename ssl_rsa.c to ssl_privkey.c. 2017-02-09 18:45:11 +00:00
ssl_privkey.c Simplify ssl_private_key_* state machine points. 2017-06-20 19:37:05 +00:00
ssl_session.c Never set not_resumable on an immutable session. 2017-07-05 20:32:47 +00:00
ssl_stat.c Simplify ssl_private_key_* state machine points. 2017-06-20 19:37:05 +00:00
ssl_test.cc Add some addition tests for the cipher parsing code and tidy. 2017-07-05 23:52:05 +00:00
ssl_transcript.c Moving transcript and PRF functions to SSL_TRANSCRIPT. 2017-02-10 16:33:42 +00:00
ssl_versions.c Implement experimental alternate encoding of TLS 1.3. 2017-07-10 18:15:08 +00:00
ssl_x509.c Move ssl_verify_alarm_type into ssl_x509.c. 2017-03-07 23:14:16 +00:00
t1_enc.c Enforce incrementing counter for TLS 1.2 AES-GCM. 2017-05-26 20:06:36 +00:00
t1_lib.c Don't check renegotiation_info in fuzzer mode. 2017-07-05 23:48:42 +00:00
tls13_both.c Implement experimental alternate encoding of TLS 1.3. 2017-07-10 18:15:08 +00:00
tls13_client.c Implement experimental alternate encoding of TLS 1.3. 2017-07-10 18:15:08 +00:00
tls13_enc.c Revise version negotiation logic on the C side. 2017-07-05 19:13:17 +00:00
tls13_server.c Implement experimental alternate encoding of TLS 1.3. 2017-07-10 18:15:08 +00:00
tls_method.c Revise version negotiation logic on the C side. 2017-07-05 19:13:17 +00:00
tls_record.c Revise version negotiation logic on the C side. 2017-07-05 19:13:17 +00:00