Feature/tls 1.3 #13
Open
Feature/tls 1.3 #13
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This is a lot more of a change than you'd expect since TLS 1.3 Ciphers do not specify a Key Exchange. The Key Exchange has been moved to a message later in the protocol, so there is a new Key Exchange type which defined these ciphers as a special kind of key exchange which can be targeted with the keyExchange, and authentication, filters. The format of the TLS 1.3 cipher specs is also different which required special handling in the Cipher Spec Parser. The _WITH_ has been dropped since the key exchange no longer appears in the spec. Since there are so few the library list lists all the possible ciphers which are defined in the RFC directly now. I have also added the magic markers for the TLS 1.3 handshake to the fips, and forwardSecrecy, matchers since I believe they should be included in those sets.
danielhodder
force-pushed
the
feature/tls_1.3
branch
from
6354758 to
8b2a18f
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Firstly updates Grok to build with Java 1.8 (since I doubt anyone cares about anything newer).
Then add TLS 1.3 support to protocol and cipher filters (resolves #12)
This is a lot more of a change than you'd expect since TLS 1.3 Ciphers
do not specify a Key Exchange. The Key Exchange has been moved to a
message later in the protocol, so there is a new Key Exchange type which
defined these ciphers as a special kind of key exchange which can be
targeted with the keyExchange, and authentication, filters.
The format of the TLS 1.3 cipher specs is also different which required
special handling in the Cipher Spec Parser. The WITH has been dropped
since the key exchange no longer appears in the spec. Since there are so
few the library list lists all the possible ciphers which are defined in
the RFC directly now.
I have also added the magic markers for the TLS 1.3 handshake to the
fips, and forwardSecrecy, matchers since I believe they should be
included in those sets.
My editor's formatting seems to be arguing with that in this repo, so let me know if that offends you and I'll figure out how to make it match.