On Fri Sep 18 06:01:44 PDT 2015, cinap_len...@felloff.net wrote:
> so you need server side support for what cipher suits and protocol
> versions exactly?
>
> the work has been done in 9front libsec and devtls to support ecdhe
> and dhe and tls 1.2 on the *client* side at least. so you can start
> from there. whats missing is the signing and signature verification
> of the dh parameters.
quite a bit of work that looks good. thanks.
here are some current differences i've got. the - is your version.
* i think aes_xts should take u32ints as this is defined in the standard.
the assumption that ulong is 32 bits is suspect.
* sorry for the ignorance, but why do we need ripemd160?
../../../include/libsec.h:396,403 - /mnt/term/sys/include/libsec.h:407,414
PEMChain*readcertchain(char *filename);
/* aes_xts.c */
- int aes_xts_encrypt(ulong tweak[], ulong ecb[], vlong sectorNumber, uchar
*input, uchar *output, ulong len) ;
- int aes_xts_decrypt(ulong tweak[], ulong ecb[], vlong sectorNumber, uchar
*input, uchar *output, ulong len);
+ int aes_xts_encrypt(u32int tweak[], u32int ecb[], vlong sectorNumber, uchar
*input, uchar *output, usize len) ;
+ int aes_xts_decrypt(u32int tweak[], u32int ecb[], vlong sectorNumber, uchar
*input, uchar *output, usize len);
typedef struct ECpoint{
int inf;
../../../include/libsec.h:432,439 - /mnt/term/sys/include/libsec.h:443,448
void base58enc(uchar *, char *, int);
int base58dec(char *, uchar *, int);
- DigestState* ripemd160(uchar *, ulong, uchar *, DigestState *);
-
/*
* Diffie-Hellman key exchange
*/
- erik
