mint
mint copied to clipboard
bifurcation
A Minimal TLS 1.3 Implementation in Go
my server use tls1.3 draft 18, i change `supportedVersion` to `0x7f12` , then test ,always get `AEAD decrypt failed` error , when i watch [cloudflare/tls-tris](https://github.com/cloudflare/tls-tris), i found some difference: when...
Got this connecting with Firefox.. 2017/01/24 12:58:51 Listening on port 4430 panic: runtime error: invalid memory address or nil pointer dereference [signal 0xb code=0x1 addr=0x8 pc=0x1171e4] goroutine 1 [running]: panic(0x3e4260,...
When the client doesn't send a key share from a supported group, the server should send a HelloRetryRequest message. If the client hasn't generated key shares for all supported groups,...
* Don't send PSKKeyExchangeModes when there's no PSK * Add tests for correct behavior by offered mode
Apparently, if the server sends a signature_algorithms extension, a mint client will not object. This can probably be systematic: check extensions by message and object if they are not allowed.
Now that `golang.org/x/crypto/chacha20poly1305` exists.
In order to use a session ticket for 0-RTT it has to have the [ticket_early_data_info](https://tlswg.github.io/tls13-spec/#rfc.section.4.5.1) set accordingly. This currently prevents mint from doing 0-RTT with NSS.
As a FYI for newbies like me: With GOPATH set to `~/gocode` ``` go get github.com/bifurcation/mint cd ~/gocode/src/github.com/bifurcation/mint/bin/mint-client-https ``` Then `go run main.go -url https://tls13.cloudflare.com/` or let lynx parse that...
Some code was merged without thorough testing, add full test coverage for these commits.
