kris/th5
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Alternative TLS implementation in Go
327 Commits 3 Branches 0 Tags 2.6 MiB
Go 99.8%
Shell 0.2%
b5fd625da3
Go to file
Filippo Valsorda b5fd625da3 crypto/tls: disable CBC cipher suites with SHA-256 by default 
As is, they were fully vulnerable to the Lucky13 attack. The SHA1
variants implement limited countermeasures (see f28cf8346c4) but the
SHA256 ones are apparently used rarely enough (see 8741504888b) that
it's not worth the extra code.

Instead, disable them by default and update the warning.

Updates #13385
Updates #15487

Change-Id: I45b8b716001e2fa0811b17e25be76e2512e5abb2
Reviewed-on: https://go-review.googlesource.com/35290
Reviewed-by: Adam Langley <alangley@gmail.com>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Matt Layher <mdlayher@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
2017-01-17 16:41:09 +00:00
testdata crypto/tls: enable ChaCha20-Poly1305 cipher suites by default. 2016-10-18 06:54:30 +00:00
alert.go crypto/tls: switch to OpenSSL 1.1.0 for test data. 2016-10-12 17:03:46 +00:00
cipher_suites.go crypto/tls: disable CBC cipher suites with SHA-256 by default 2017-01-17 16:41:09 +00:00
common.go crypto/{cipher,tls,internal/cryptohw}: prioritise AES-GCM when hardware support is present. 2016-11-07 20:01:18 +00:00
conn_test.go crypto/tls: implement countermeasures against CBC padding oracles 2016-10-04 13:21:02 +00:00
conn.go crypto/tls: fix a typo 2016-12-19 06:01:04 +00:00
example_test.go crypto/tls: add example for Config KeyLogWriter 2016-11-17 03:24:31 +00:00
generate_cert.go crypto/tls: Support ECDSA keys in generate_cert.go 2014-07-28 14:46:34 -07:00
handshake_client_test.go cmd/gofmt, crypto/tls: fix typos 2016-11-11 16:42:40 +00:00
handshake_client.go cmd/gofmt, crypto/tls: fix typos 2016-11-11 16:42:40 +00:00
handshake_messages_test.go crypto/tls: reject zero-length SCTs. 2016-11-17 20:53:01 +00:00
handshake_messages.go crypto/tls: reject zero-length SCTs. 2016-11-17 20:53:01 +00:00
handshake_server_test.go all: don't call t.Fatal from a goroutine 2016-11-15 15:13:48 +00:00
handshake_server.go crypto/tls: add a SignatureScheme type. 2016-10-27 17:11:04 +00:00
handshake_test.go crypto/tls: switch to OpenSSL 1.1.0 for test data. 2016-10-12 17:03:46 +00:00
key_agreement.go crypto/tls: support X25519. 2016-10-12 17:04:28 +00:00
prf_test.go crypto/tls: decouple handshake signatures from the handshake hash. 2015-04-30 03:47:02 +00:00
prf.go all: standardize RFC mention format 2016-04-12 21:07:52 +00:00
ticket.go crypto/tls: minor refactors for readability 2016-03-14 21:17:37 +00:00
tls_test.go all: don't call t.Fatal from a goroutine 2016-11-15 15:13:48 +00:00
tls.go crypto/tls: disable CBC cipher suites with SHA-256 by default 2017-01-17 16:41:09 +00:00