Brian Smith
Brian Smith
I notice that it has been almost two years since this repo had a commit added to it. Is it possible that there might be a non-public version of this...
These unusual combinations of P-256 + {SHA-384, SHA-512} and P-384 + SHA-256 are supported in some crypto libraries, for backward compatibility with some TLS implementations. However, there are no test...
In the README.md of this action, the documented way of using codecov-action is to run it as a step of the same job that collects the coverage info. However, I...
In each place where we emit a particular kind of message (e.g. `Certificate`, `CertificateVerify`) for a protocol version, for both client and server, factor out that commonality into a shared...
In server/tls13.rs we have this: https://github.com/rustls/rustls/blob/5bda754ac18f37eb39132f89fb5522494b6202eb/rustls/src/server/tls13.rs#L530-L544 I find this code confusing for a few reasons: 1. The comment "If 0-RTT should be rejected, this will be clobbered by ExtensionProcessing before...
How can we test the QUIC API, especially for cases where the peer is doing something wrong/bad? We use BoringSSL's BoGo test framework to test many aspects of Rustls. In...
The TLS 1.3 spec says in https://datatracker.ietf.org/doc/html/rfc8446#appendix-E.1.4: > [B]ecause these secrets can be used to compute any exporter value, they SHOULD be erased as soon as possible. If the total...
Right now certificate validation errors have to be formatted into `String` to fit into these variants: ``` /// We received a certificate which includes invalid data. InvalidCertificateData(String), ``` When implementing...
Clarify what happens when we receive `close_notify` before verifying Finished and/or peer identity
We currently have this documentation: ``` /// True if the peer has sent us a close_notify alert. This is /// the TLS mechanism to securely half-close a TLS connection, ///...
I was reading the code and was struck by this: ```rust pub fn reader(&mut self) -> Reader { Reader { received_plaintext: &mut self.common_state.received_plaintext, /// Are we done? i.e., have we...