commit | ae03711892e26c3bb11f17a70a95db50703e7612 | [log] [tgz] |
---|---|---|
author | Kazuho Oku <kazuhooku@gmail.com> | Mon Jun 15 10:29:38 2020 +0900 |
committer | Kazuho Oku <kazuhooku@gmail.com> | Mon Jun 15 10:29:38 2020 +0900 |
tree | 86c13a998ae05e8b2b97705070bb771ab9e03f93 | |
parent | 50f73fc867e32b2bc9b4dee90c9b16ef0e8581c1 [diff] |
the only plausible case that an endpoint would receive an encrypted record no larger than 256 bytes is when the conveyed message is Finished or when resumption succeeds. However, in both of these cases, crypto is going to be a lot heavier, dwarfing this optimization
Picotls is a TLS 1.3 (RFC 8446) protocol stack written in C, with the following features:
Primary goal of the project is to create a fast, tiny, low-latency TLS 1.3 implementation that can be used with the HTTP/2 protocol stack and the upcoming QUIC stack of the H2O HTTP/2 server.
The TLS protocol implementation of picotls is licensed under the MIT license.
License and the cryptographic algorithms supported by the crypto bindings are as follows:
Binding | License | Key Exchange | Certificate | AEAD cipher |
---|---|---|---|---|
minicrypto | CC0 / 2-clause BSD | secp256r1, x25519 | ECDSA (P256)1 | AES-128-GCM, chacha20-poly1305 |
OpenSSL | OpenSSL | secp256r1, secp384r1, secp521r1, x25519 | RSA, ECDSA (P256) | AES-128-GCM, AES-256-GCM, chacha20-poly1305 |
Note 1: Minicrypto binding is capable of signing a handshake using the certificate's key, but cannot verify a signature sent by the peer.
If you have cloned picotls from git then ensure that you have initialised the submodules:
% git submodule init % git submodule update
Build using cmake:
% cmake . % make % make check
A dedicated documentation for using picotls with Visual Studio can be found in WindowsPort.md.
Developer documentation should be available on the wiki.
Run the test server (at 127.0.0.1:8443):
% ./cli -c /path/to/certificate.pem -k /path/to/private-key.pem 127.0.0.1 8443
Connect to the test server:
% ./cli 127.0.0.1 8443
Using resumption:
% ./cli -s session-file 127.0.0.1 8443
The session-file is read-write. The cli server implements a single-entry session cache. The cli server sends NewSessionTicket when it first sends application data after receiving ClientFinished.
Using early-data:
% ./cli -s session-file -e 127.0.0.1 8443
When -e
option is used, client first waits for user input, and then sends CLIENT_HELLO along with the early-data.
The software is provided under the MIT license. Note that additional licences apply if you use the minicrypto binding (see above).