Skip to content

Releases: tlsfuzzer/tlslite-ng

v0.8.0

17 Dec 16:28
@tomato42 tomato42
v0.8.0
9342e5e
Compare
Choose a tag to compare
v0.8.0 Latest
Latest
  • DEPRECATION NOTICE: camelCase method and argument names are considered now
    deprecated, ones that use underscore_separator are now the primary ones
    (the procedure to support it is not yet finished, but any new code must
    follow this new style and new deprecations will be introduced as time goes
    on. Please run your test suite with -Wd to see where the depracated calls
    are being made, the python standard DeprecationWarning will be emited there)
  • Python 3.2, 3.3, and 3.4 is not supported any more (dropped by python-ecdsa)
  • fix compatibility issue with 8192 bit SRP group from RFC 5054
  • fix CVE-2018-1000159 - incorrect verification of MAC in MAC then Encrypt
    mode
  • workaround CVE-2020-26263 - Bleichenbacher oracle in RSA decryption.
    Please note that while the code was fortified, because of peculiarities of
    python, it's not possible to fully fix it. If you require resistance against
    side-channel attacks please use a different library.
  • fix Python_RSAKey multithreading support - performing private key operation
    in two threads at the same time could make all future calls return incorrect
    results
  • Python 3.7 support (async is now a keyword) (Pierre Ståhl)
  • Python 3.8 test suite compatibility
  • Python 3.9 support (slight changes in imaplib caused our wrapper to stop
    working)
  • Compatibility with M2Crypto on Python 3
  • fix Python 2 comaptibility issue with X.509 DER parsing (Erkki Vahala)
  • TLS 1.3
    • final RFC 8446 support
    • TLS 1.3 specific ciphers (AES-GCM, AES-CCM, AES-CCM8 and Chacha20)
    • TLS 1.3 specific extensions and extension code points
    • 1-RTT handshake mode
    • HelloRetryRequest support
    • PSK with (EC)DH key exchange
    • pure PSK
    • session resumption in TLS 1.3 using PSK tickets
    • padding support (Stanislav Zidek)
    • 0-RTT handshake tolerance (the early data will be ignored but handshake
      will succeed)
    • cookie extension
    • downgrade sentinels in ServerHello.random
    • TLS Keying Material Exporter support in TLS 1.3 (Simo Sorce)
    • client certificate support (Simo Sorce)
    • KeyUpdate support
    • post-handshake key authentication
  • fix minor compatibility issue with Jython2.7 (Filip Goldefus)
  • higher precision of throughput measurement on non-Linux platforms
    (Efthimis Iosifidis)
  • refactor keyexchange.py module to make (EC)DH key exchange standalone
  • more human readable errors upon receiving unexpected messages
  • __eq__ supported on all Handshake messages
  • fix minor bugs in message objects, extend test coverage for tlslite.messages
  • repr() for Certificate and few extensions
  • OCSP response parsing (Anna Khaitovich)
  • OCSP signature verification (Anna Khaitovich)
  • matching OCSP response to EE and CA certificate (Anna Khaitovich)
  • fix HTTP header length leak in the test server (tls.py) (Róbert Kolcún)
  • minor fixes with sent alerts when encountering error conditions
  • fix lack of checking if the padding in SSLv3 is minimal
  • Pure Python 3DES implementation (Adam Varga)
  • heartbeat (RFC 6520) (Milan Lysonek)
  • support chain of certificates in the tls.py script
  • fix sending of RSA-PSS certificate when the client didn't advertise support
    for rsa_pss_pss_* signature methods
  • clearly state in documentation that inputs to signature and verification
    methods of RSA keys need to be bytes-like objects
  • support for setting maximum supported version in tls.py server and client
  • support for record_size_limit extension from RFC 8449
  • make the number of session tickets sent to client configurable (TLS 1.3
    specific)
  • reimplement HMAC in pure python to work-around platforms that disable MD5
    HMAC in python (this goes against FIPS requirements)
  • fix few minor bugs in handling heartbeat messages
  • support for ECDSA certificates (server and client, all versions of TLS)
  • support for multiple certificates on the server (RSA, RSA-PSS, ECDSA
    can be configured together, including multiple instances of the same type,
    server will select automatically the one that matches requirements from
    ClientHello)
  • support for HelloRequest messages (only for encoding/decoding, renegotiation
    is still unsupported)
  • nicer error messages when parsing malformed exceptions, TLS messages in
    general
  • AES-CCM and AES-CCM8 support (in TLS 1.2 and TLS 1.3) (Ivan Nikolchev)
  • added support for configuring enabled ciphers in tls.py (Ivan Nikolchev)
  • two times faster 3DES when using m2crypto (Alexander Sosedkin)
  • correct handling of malformed X.509 certificates (Ivan Nikolchev)
  • speed up AES-CCM and AES-GCM when m2crypto is installed (Ivan Nikolchev)
  • client side checks for downgrade protection from TLS 1.3 (Ivan Nikolchev)
  • use TLS 1.3 test vectors to verify the implementation (Ivan Nikolchev)
  • unify master secret and finished calculation (Ivan Nikolchev)
  • detect pycryptodome, disable pycrypto code if it's present
  • add multiple well-known DH groups from RFC 2409, RFC 5114 and RFC 3526,
    unify formatting of the existing DH group (use exactly the formatting used
    in the RFC's)
  • add benchmarking tool for RSA (scripts/speed.py)
  • add support for gmpy2, use it and gmpy in more places for RSA calculations
    (minor speed up for RSA operations)
  • refactor certificate selection, make server select certificate based on
    curves and signature algorithms advertised by client (Ivan Nikolchev)
  • basic support for DSA certificates; verification of DSA signatures
    in ServerKeyExchange (Frantisek Krenzelok)
  • support for DSA client certificates
  • small optimisations to PRF methods, speeds to handshake
  • support for MD5 signatures in X.509 certificates (Jean-Romain Garnier)
  • add support for Brainpool curves in TLS 1.2 and earlier (pytz)
  • fix wrong error message in AES implementation (Bernt Røskar Brenna)
  • migrate to Github Action for CI
  • fix API break caused by the workaround for Bleichenbacher; RSA keys generated
    in-memory with m2crypto wouldn't work for decryption/encryption
  • handle too short RSA ciphertexts for the key size consistently between
    backends
  • strict handling of CCS in TLS 1.3 (don't allow it post handshake)
  • detect and reject multi-byte CCS messages
  • improved RSA key generation - don't generate biased primes
  • support for both encodings of RSA-PSS algorithm identifier in X.509
  • Support for EdDSA (Ed25519 and Ed448) in TLS 1.2 and TLS 1.3, both
    for server and client certificates
  • Support for echo server in the example tls.py script
  • Better handling of HMACs in FIPS mode
  • Generate RSA keys with 65537 as public exponent with m2crypto (as with
    other backends)
  • Ticket based session resumption in TLS 1.2 and earlier
  • strict size checking of session_id field in ClientHello
  • use python-ecdsa code for parsing ECDH key shares, speed up calculation
    of shared secrets (Ganna Starovoytova)
  • fix sending of session ticket extension from the server without
    a ticket (George Pantelakis)
  • add support for Brainpool curves in TLS 1.3 from RFC 8734
  • add support for compress_certificate extension from RFC 8879
    (George Pantelakis)
  • Fix int_to_bytes and numberToByteArray encoding of 0 with length not
    specified, and thus also ClientKeyExchange handling for DHE with missing
    key share
  • (Experimental) Support for hybrid KEM key exchange groups from
    draft-kwiatkowski-tls-ecdhe-mlkem-02. To work, kyber-py v1.0 library must
    be installed.
  • support for setting a list of supported key exchange groups in the
    tls.py server
  • support for ec_point_format extension (Ganna Starovoytova)
Assets 2
Loading

v0.8.0-beta5

18 Oct 17:23
@tomato42 tomato42
v0.8.0-beta5
2fc7602
Compare
Choose a tag to compare
v0.8.0-beta5 Pre-release
Pre-release
  • support for hybrid ML-KEM based key exchange groups (draft-kwiatkowski-tls-ecdhe-mlkem-02)
Assets 2
Loading

v0.8.0-beta4

18 Oct 14:26
@tomato42 tomato42
v0.8.0-beta4
6057b37
Compare
Choose a tag to compare
v0.8.0-beta4 Pre-release
Pre-release
  • fix bug in handling of empty Compressed Certificate messages (George Pantelakis)
  • additional test coverage for the implicit rejection in RSA decryption
Assets 2
Loading

v0.8.0-beta3

30 Aug 14:30
@tomato42 tomato42
v0.8.0-beta3
7e3ff6a
Compare
Choose a tag to compare
v0.8.0-beta3 Pre-release
Pre-release
  • add support for compress_certificate extension from RFC 8879 (George Pantelakis)
  • Fix int_to_bytes and numberToByteArray encoding of 0 with length not specified, and thus also ClientKeyExchange handling for DHE with missing key share
Assets 2
Loading

v0.8.0-beta2

22 Aug 16:09
@tomato42 tomato42
v0.8.0-beta2
04c1e80
Compare
Choose a tag to compare
v0.8.0-beta2 Pre-release
Pre-release
  • faster ECDH operations
  • fix server-side bug with session ticket handling with them being only partially disabled
  • add Brainpool curve IDs for TLS 1.3 from RFC 8734
Assets 2
Loading

v0.8.0-beta1

24 Aug 16:55
@tomato42 tomato42
v0.8.0-beta1
1ff516b
Compare
Choose a tag to compare
v0.8.0-beta1 Pre-release
Pre-release

Add support for DSA certificates and ciphersuites

Assets 2
Loading

v0.8.0-alpha47

21 Aug 17:56
@tomato42 tomato42
v0.8.0-alpha47
c4873fe
Compare
Choose a tag to compare
v0.8.0-alpha47 Pre-release
Pre-release

Fix handling of unencrypted Alerts in TLS 1.3 handshakes

Assets 2
Loading

v0.8.0-alpha46

03 Aug 17:23
@tomato42 tomato42
v0.8.0-alpha46
46403b1
Compare
Choose a tag to compare
v0.8.0-alpha46 Pre-release
Pre-release 
release 0.8.0-alpha46
Assets 2
Loading

v0.8.0-alpha45

01 Aug 15:42
@tomato42 tomato42
v0.8.0-alpha45
19ac006
Compare
Choose a tag to compare
v0.8.0-alpha45 Pre-release
Pre-release
  • minor repr additions
  • detection of malformed CCS messages
Assets 2
Loading

v0.8.0-alpha44

09 Jun 15:30
@tomato42 tomato42
v0.8.0-alpha44
3e656ca
Compare
Choose a tag to compare
v0.8.0-alpha44 Pre-release
Pre-release

Better handling for HMACs in FIPS mode
Generate RSA keys with the same e independent of backend

Assets 2
Loading