Features
Cryptography
- Unsigned multi-precision integers
- Signed multi-precision integers
- Unsigend integer multi-precision modular arithmetic
TLS 1.3
Handshake Protocol
Client
- ✔️ Send ClientHello
- ✔️ Parse ServerHello
- ❌ Parse HelloRetryRequest
- ✔️ Ignore ChangeCipherSpec
- ✔️ Parse EncryptedExtensions
- ❌ Parse Certificate Request
- ❌ Parse Certificate
- ❌ Parse CertificateVerify
- ❌ Parse Finished
- ❌ Send ClientCertificate
- ❌ Send ClientCertificateVerify
- ❌ Send Finished
Server
- ❌ Parse ClientHello
- ❌ Send ServerHello
- ❌ Send HelloRetryRequest
- ❌ Send EncryptedExtensions
- ❌ Send Certificate Request
- ❌ Send Certificate
- ❌ Send CertificateVerify
- ❌ Send Finished
- ❌ Parse ClientCertificate
- ❌ Parse ClientCertificateVerify
- ❌ Parse Finished
Record Protocol
- ✔️ Send plaintext records
- ✔️ Parse plaintext records
- ✔️ Send encrypted records
- ✔️ Parse encrypted records
Alert Protocol
- ✔️ Send alerts
- ✔️ Parse and handle alerts
Extensions
- ✔️ server_name
- ❌ max_fragment_length
- ❌ status_request
- ✔️ supported_groups
- ✔️ signature_algoritms
- ❌ use_srtp
- ❌ heartbeat
- ✔️ application_layer_protocol_negotiation
- ❌ signed_certificate_timestamp
- ❌ client_certificate_type
- ❌ server_certificate_type
- ❌ padding
- ✔️ key_share
- ❌ pre_shared_key
- ❌ psk_key_exchange_modes
- ❌ early_data
- ❌ cookie
- ✔️ supported_versions
- ❌ certificate_authorities
- ❌ oid_filters
- ❌ post_handshake_auth
- ❌ signature_algoritms_cert
Compliance Requirements
Mandatory Cipher Suites
- ✔️ TLS_AES_128_GCM_SHA_256
Mandatory Signature Algorithms
- ❌ rsa_pkcs1_sha256
- ❌ rsa_pss_rsae_sha256
- ✔️ ecdsa_secp256r1_sha256
Mandatory Extensions
- ✔️ server_name
- ✔️ supported_groups
- ✔️ signature_algoritms
- ✔️ key_share
- ❌ cookie
- ✔️ supported_versions
- ❌ signature_algoritms_cert