Google Git
Sign in
pigweed / third_party / github / h2o / picotls / 6ea08110dc46a1f990879100adb73cc50e6b4ea2
commit6ea08110dc46a1f990879100adb73cc50e6b4ea2[log] [tgz]
authorFrank Denis <github@pureftpd.org>Sun Dec 03 00:26:18 2023 +0100
committerFrank Denis <github@pureftpd.org>Sun Dec 03 13:51:20 2023 +0100
tree06f063f2e60c524df698e3a0034de588f429d6eb
parentdfe607280f8aca29eb224eddbb10de83ec074b2c [diff]
Replace the TLS_AEGIS_256_SHA384 ciphersuite with TLS_AEGIS_256_SHA512

The latest AEGIS draft, as well as the IANA TLS registry [1] have been
updated to replace TLS_AEGIS_256_SHA384 with TLS_AEGIS_256_SHA512.

This follows the recommendations from [2] for new cipher suites.

[1] https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4
[2] https://eprint.iacr.org/2023/913.pdf
9 files changed
tree: 06f063f2e60c524df698e3a0034de588f429d6eb
  1. .github/
  2. cmake/
  3. deps/
  4. fuzz/
  5. include/
  6. lib/
  7. misc/
  8. picotls.xcodeproj/
  9. picotlsvs/
  10. t/
  11. .clang-format
  12. .gitignore
  13. .gitmodules
  14. appveyor.yml
  15. CMakeLists.txt
  16. picotls-probes.d
  17. README.md
  18. SECURITY.md
  19. WindowsPort.md
README.md

picotls

CI

Picotls is a TLS 1.3 (RFC 8446) protocol stack written in C, with the following features:

picotls is designed to be fast, tiny, and low-latency, with the primary user being the H2O HTTP/2 server for serving HTTP/1, HTTP/2, and HTTP/3 over QUIC.

The TLS protocol implementation of picotls is licensed under the MIT license.

License and the cryptographic algorithms supported by the crypto bindings are as follows:

BindingLicenseKey ExchangeCertificateAEAD cipher
minicryptoCC0 / 2-clause BSDsecp256r1, x25519ECDSA (secp256r1)1AES-128-GCM, chacha20-poly1305, AEGIS-128L (using libaegis), AEGIS-256 (using libaegis)
OpenSSLOpenSSLsecp256r1, secp384r1, secp521r1, x25519RSA, ECDSA (secp256r1, secp384r1, secp521r1), ed25519AES-128-GCM, AES-256-GCM, chacha20-poly1305, AEGIS-128L (using libaegis), AEGIS-256 (using libaegis)

Note 1: Minicrypto binding is capable of signing a handshake using the certificate's key, but cannot verify a signature sent by the peer.

Building picotls

If you have cloned picotls from git then ensure that you have initialised the submodules:

% git submodule init
% git submodule update

Build using cmake:

% cmake .
% make
% make check

A dedicated documentation for using picotls with Visual Studio can be found in WindowsPort.md.

Developer documentation

Developer documentation should be available on the wiki.

Using the cli command

Run the test server (at 127.0.0.1:8443):

% ./cli -c /path/to/certificate.pem -k /path/to/private-key.pem  127.0.0.1 8443

Connect to the test server:

% ./cli 127.0.0.1 8443

Using resumption:

% ./cli -s session-file 127.0.0.1 8443

The session-file is read-write. The cli server implements a single-entry session cache. The cli server sends NewSessionTicket when it first sends application data after receiving ClientFinished.

Using early-data:

% ./cli -s session-file -e 127.0.0.1 8443

When -e option is used, client first waits for user input, and then sends CLIENT_HELLO along with the early-data.

License

The software is provided under the MIT license. Note that additional licences apply if you use the minicrypto binding (see above).

Reporting Security Issues

Please report vulnerabilities to h2o-vuln@googlegroups.com. See SECURITY.md for more information.