- 347a32e add API for encoding ECHConfig by Kazuho Oku · 1 year, 5 months ago
- 04dfe46 reflect the fact that the supported set of HPKE cipher-suites can be different between ECHConfigs by Kazuho Oku · 1 year, 5 months ago
- 62c4bca Merge branch 'master' into kazuho/ech by Kazuho Oku · 1 year, 5 months ago
- 27fff01 Merge pull request #451 from h2o/kazuho/openssl-async-default-off by Kazuho Oku · 1 year, 5 months ago
- d1905bd follow the convention of libssl setting the feature off by default by Kazuho Oku · 1 year, 5 months ago
- 8758ee3 Merge branch 'kazuho/ech-msvc' into kazuho/ech (reorganize & merge #449) by Kazuho Oku · 1 year, 5 months ago
- bf81477 use bogus blob rather than adding one byte to only one of the variables, as the latter could be confusing by Kazuho Oku · 1 year, 5 months ago
- ae30a2c use sprintf instead by Kazuho Oku · 1 year, 5 months ago
- 5bbd77b fix stuff that MSVC does not like by Christian Huitema · 1 year, 5 months ago
- 398d39c explicit cast to suppress warning by Christian Huitema · 1 year, 5 months ago
- 7470a50 [msvc] remove picotls-esni by Christian Huitema · 1 year, 5 months ago
- e8fe79e Merge branch 'master' into kazuho/ech by Kazuho Oku · 1 year, 5 months ago
- a4c3e53 Merge pull request #422 from h2o/kazuho/async-sign by Kazuho Oku · 1 year, 5 months ago
- c6d52f3 Merge branch 'master' into kazuho/ech by Kazuho Oku · 1 year, 5 months ago
- 6656a3a Merge branch 'master' into kazuho/async-sign by Kazuho Oku · 1 year, 5 months ago
- 7e97d3e Merge pull request #445 from h2o/kazuho/ptlslog-u32-warning by Kazuho Oku · 1 year, 5 months ago
- df35659 encrypted_client_hello extension cannot be referred to by ech_outer_extensions by Kazuho Oku · 1 year, 5 months ago
- a3cfa2f rebuild error is ILLEGAL_PARAMETER by Kazuho Oku · 1 year, 5 months ago
- f0360b4 add test for rebuilding inner CH by Kazuho Oku · 1 year, 5 months ago
- 48c7a92 no need to write after duplicate by Kazuho Oku · 1 year, 5 months ago
- 21cf7c2 when ECH exchange is complete reduce the number of hashes too by Kazuho Oku · 1 year, 5 months ago
- 80e1c4f clear remaining ECH state even when HRR is used by Kazuho Oku · 1 year, 5 months ago
- 89cfbe2 Merge branch 'master' into kazuho/ech by Kazuho Oku · 1 year, 5 months ago
- 67fa009 Merge pull request #444 from h2o/kazuho/newextmap-compressedcert by Kazuho Oku · 1 year, 5 months ago
- 4666ab2 suppress warning on Xcode by Kazuho Oku · 1 year, 5 months ago
- 16e46d5 we support one more extension by Kazuho Oku · 1 year, 5 months ago
- e3666d4 track known extensions rather than the smallest 64 (otherwise we cannot track the draft codepoints of ECH extensions) by Kazuho Oku · 1 year, 5 months ago
- 5aa73f3 use the existing function to discard ECH state after Hello exchange by Kazuho Oku · 1 year, 5 months ago
- 6648158 dispose of ECH AEAD context during handshake, decryption failure of inner CH in 2nd CH is fatal by Kazuho Oku · 1 year, 5 months ago
- cab1a37 add new extensions to the table, rely on that by Kazuho Oku · 1 year, 5 months ago
- 7208a7e Merge branch 'master' into kazuho/ech by Kazuho Oku · 1 year, 5 months ago
- 6c829ef Merge pull request #443 from h2o/kazuho/newextmap by Kazuho Oku · 1 year, 5 months ago
- dbdee07 split SH and HRR of the table, so as to align with that of RFC 8446 by Kazuho Oku · 1 year, 5 months ago
- 3d0efeb switch to a table by Kazuho Oku · 1 year, 5 months ago
- cd4aaa4 use constant, state check in `decode_server_hello` by Kazuho Oku · 1 year, 5 months ago
- a374e42 rely on the decode function by Kazuho Oku · 1 year, 5 months ago
- 449bbec reorder and clarify the logic by Kazuho Oku · 1 year, 5 months ago
- 901be76 payload is at least one byte by Kazuho Oku · 1 year, 5 months ago
- 65f4c7a oops by Kazuho Oku · 1 year, 5 months ago
- 3ad9194 ignore ECHConfig that have IP address as public name by Kazuho Oku · 1 year, 5 months ago
- 486e6f6 use `ptls_decode8` by Kazuho Oku · 1 year, 5 months ago
- 4e01405 Merge branch 'master' into kazuho/ech by Kazuho Oku · 1 year, 5 months ago
- efb310f Merge pull request #442 from h2o/kazuho/decode8 by Kazuho Oku · 1 year, 5 months ago
- 3836d8d here also by Kazuho Oku · 1 year, 5 months ago
- 1e791df `ptls_decode8` for consistency by Kazuho Oku · 1 year, 5 months ago
- 9a95d7f enc is at least one byte by Kazuho Oku · 1 year, 5 months ago
- 89779c4 create helper by Kazuho Oku · 1 year, 5 months ago
- 04b67ad report error code by Kazuho Oku · 1 year, 5 months ago
- a6672c0 public_name is at least one byte by Kazuho Oku · 1 year, 5 months ago
- 054db85 pass server-name as argument as it can be ECH.public_name by Kazuho Oku · 1 year, 5 months ago
- 92479ba merge the struct by Kazuho Oku · 1 year, 5 months ago
- c58adc7 do not use ECH even when config is provided, unless server name is a DNS name by Kazuho Oku · 1 year, 5 months ago
- 761cc03 add note that we are not following the spec by Kazuho Oku · 1 year, 5 months ago
- 1c7b115 clang-format by Kazuho Oku · 1 year, 5 months ago
- 37d4c33 in PSK mode, CertificateRequest is rejected by the state machine (and when ECH is rejected, we send ECH_REQUIRED alert right above) by Kazuho Oku · 1 year, 5 months ago
- a91ae5f send retry_config only when we are capable of accepting ECH by Kazuho Oku · 1 year, 5 months ago
- 1672380 [ECH] add I/F to obtain kem/cipher being used by Kazuho Oku · 1 year, 5 months ago
- 909d974 retain innerCH.random separately by Kazuho Oku · 1 year, 5 months ago
- 6ff7ee6 outer- and inner-random have to be identical unless ECH is used by Kazuho Oku · 1 year, 5 months ago
- 697e7b4 unless the client offered ECH, reject EE.ECH by Kazuho Oku · 1 year, 5 months ago
- 3f07e64 move the condition out, add comment by Kazuho Oku · 1 year, 5 months ago
- 5038530 better to rename "select_one" now that we have `select_outer` that selects "one" of the CH by Kazuho Oku · 1 year, 5 months ago
- 7f59712 add comment by Kazuho Oku · 1 year, 5 months ago
- 54d10fa consistent naming convention by Kazuho Oku · 1 year, 5 months ago
- 50c428c make it simple by Kazuho Oku · 1 year, 5 months ago
- 2ea2080 clarify the contract by Kazuho Oku · 1 year, 5 months ago
- 35992d7 Merge pull request #439 from DavidKorczynski/cifuzz-int by Kazuho Oku · 1 year, 5 months ago
- 9669e49 dispose state when AEAD decryption fails, otherwise `ptls_is_ech_handshake` returns true by Kazuho Oku · 1 year, 5 months ago
- e2e6dc2 p256 might be the only algorithm that we support by Kazuho Oku · 1 year, 5 months ago
- 9edab68 it's a MISmatch by Kazuho Oku · 1 year, 5 months ago
- c461703 send ECH_REQUIRED alert if rejected, saving retry_configs correctly by Kazuho Oku · 1 year, 5 months ago
- 5875465 split ECH config applicability testing (ignore upon failure) vs. ECH instatiation error (reported) by Kazuho Oku · 1 year, 5 months ago
- 6d193a0 upon ech config mismatch, report retry_config to the application iff it is applicable by Kazuho Oku · 1 year, 5 months ago
- 4cfcc64 replay entire ECH extension when ECH is rejected via HRR by Kazuho Oku · 1 year, 5 months ago
- 36a6c79 remove ESNI stuff by Kazuho Oku · 1 year, 5 months ago
- 6068d6f [ECH] do not touch key_schedule when determining acceptance by Kazuho Oku · 1 year, 5 months ago
- bddb83a oops by Kazuho Oku · 1 year, 5 months ago
- ba1baf3 add FIXME by Kazuho Oku · 1 year, 5 months ago
- c385e1f send / receive retry_configs by Kazuho Oku · 1 year, 5 months ago
- f63838e test configuration mismatch by Kazuho Oku · 1 year, 5 months ago
- 23fcb39 [xcode] suppress build warning by Kazuho Oku · 1 year, 5 months ago
- c0f58ca ciphers given significance, as it is the only attribute used on both sides by Kazuho Oku · 1 year, 5 months ago
- 205e194 we can say that ECH is used whenever ECH AEAD context is available by Kazuho Oku · 1 year, 5 months ago
- 71479e4 use wrapper function so as to not miss setting fields by Kazuho Oku · 1 year, 5 months ago
- d7d4c46 [ECH] test variations, e.g., retry by Kazuho Oku · 1 year, 5 months ago
- df0891d CHinner MUST NOT offer tls 1.2 or below by Kazuho Oku · 1 year, 5 months ago
- a9ac007 Merge branch 'master' into kazuho/ech by Kazuho Oku · 1 year, 5 months ago
- 828eefc key-schedule uses the transcript with confirmation hash by Kazuho Oku · 1 year, 5 months ago
- 8310c09 use const-time op by Kazuho Oku · 1 year, 5 months ago
- d6cdb2c HKDF-Expand-Label being used is that of RFC 8446, hence uses the "tls13 " prefix by Kazuho Oku · 1 year, 5 months ago
- 6705508 fix the encoded order by Kazuho Oku · 1 year, 5 months ago
- 459e998 add I/F to obtain the type of the handshake by Kazuho Oku · 1 year, 5 months ago
- c9b6b9b ServerHello.ECH can exist unless when the server responds to inner CH by Kazuho Oku · 1 year, 5 months ago
- c417915 check ECH.type always (as well as concentrating the logic) by Kazuho Oku · 1 year, 5 months ago
- 2c6f84c [ECH] handle HRR correctly by Kazuho Oku · 1 year, 5 months ago
- 2b2318c Merge pull request #440 from h2o/kazuho/hpke-multishot-aead by Kazuho Oku · 1 year, 5 months ago
- fadb139 add test vectors for multi-shot AEAD by Kazuho Oku · 1 year, 5 months ago
- 3cb2d6e ci: add CIFuzz Github action by David Korczynski · 1 year, 5 months ago
- f77c13f "confirm" implies acceptance by Kazuho Oku · 1 year, 5 months ago
- 3f942d8 generate HRR.ECH (and we can roll the key schedule when sending stateless retry) by Kazuho Oku · 1 year, 5 months ago