diff options
author | Alfredo Pironti <alfredo@pironti.eu> | 2013-01-22 20:05:08 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-01-23 20:31:17 +0100 |
commit | 4968dd090ecf9c88a105a2c805cf97638bcca75d (patch) | |
tree | c30b8e7516dfa5dffe16912abd4e9f2217258307 /tests/mini-record.c | |
parent | e5b8398af0361b7803e7c97cf43a45044bd68414 (diff) | |
download | gnutls-4968dd090ecf9c88a105a2c805cf97638bcca75d.tar.gz |
GnuTLS Length Hiding patch.
- Remove random padding; use minimal padding with legacy interface
- With new interface, use LH when possible, that is in CBC mode or with the new padding extension
- Rename priority to "NEW_PADDING"
- gnutls-cli: add command line switch --ranges using LH when possible.
- Update documentation
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Diffstat (limited to 'tests/mini-record.c')
-rw-r--r-- | tests/mini-record.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/tests/mini-record.c b/tests/mini-record.c index 48cd5ebfb7..8843f37932 100644 --- a/tests/mini-record.c +++ b/tests/mini-record.c @@ -397,9 +397,9 @@ static void start (const char* prio) #define AES_CBC_SHA256 "NONE:+VERS-DTLS1.0:-CIPHER-ALL:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA256:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" #define AES_GCM "NONE:+VERS-DTLS1.0:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL" -#define NEW_AES_CBC "NONE:+VERS-DTLS1.0:-CIPHER-ALL:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL:%RANDOM_PADDING" -#define NEW_AES_CBC_SHA256 "NONE:+VERS-DTLS1.0:-CIPHER-ALL:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA256:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL:%RANDOM_PADDING" -#define NEW_AES_GCM "NONE:+VERS-DTLS1.0:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL:%RANDOM_PADDING" +#define NEW_AES_CBC "NONE:+VERS-DTLS1.0:-CIPHER-ALL:+AES-128-CBC:+SHA1:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL:%NEW_PADDING" +#define NEW_AES_CBC_SHA256 "NONE:+VERS-DTLS1.0:-CIPHER-ALL:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA256:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL:%NEW_PADDING" +#define NEW_AES_GCM "NONE:+VERS-DTLS1.0:-CIPHER-ALL:+RSA:+AES-128-GCM:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL:%NEW_PADDING" static void ch_handler(int sig) { |