ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
12,321 Commits 6 Branches 233 Tags 88 MiB
Commit Graph

60 Commits

Author SHA1 Message Date
Tobias Brunner 409adef43c libtls: Move settings to <ns>.tls with fallback to libtls 2014-02-12 14:34:32 +01:00
Tobias Brunner 07f826af67 Fixed encoding of TLS extensions (elliptic_curves and signature_algorithms) 2012-11-28 10:20:14 +01:00
Tobias Brunner f05b427265 Moved debug.[ch] to utils folder 2012-10-24 16:00:51 +02:00
Tobias Brunner 1407a0026f Added missing break when building TLS cipher suites 2012-09-28 18:55:40 +02:00
Martin Willi ab2c989c32 Don't allow NULL encryption with PEAP 2012-09-12 13:19:52 +02:00
Martin Willi 87dd205b61 Add a return value to hasher_t.allocate_hash() 2012-07-16 14:55:06 +02:00
Martin Willi 8bd6a30af1 Add a return value to hasher_t.get_hash() 2012-07-16 14:55:06 +02:00
Martin Willi ce73fc19db Add a return value to crypter_t.set_key() 2012-07-16 14:53:38 +02:00
Martin Willi e7d98b8c99 Add a return value to tls_prf_t.set_key() 2012-07-16 14:53:33 +02:00
Martin Willi 97b30b93b0 Add a return value to tls_prf_t.get_bytes() 2012-07-16 14:53:33 +02:00
Martin Willi 2d56575d52 Add a return value to signer_t.set_key() 2012-07-16 14:53:33 +02:00
Martin Willi 9020f7d0b9 Add a return value to tls_crypto_t.derive_secrets() 2012-07-16 14:53:33 +02:00
Martin Willi ae10ee6d0b Double check if a cached suite is available, overwrite any old suite state 2012-02-07 11:42:57 +01:00
Martin Willi 06c150365d Fix TLS EAP-MSK derivation, uses different order of randoms than key expansion 2012-02-07 10:54:53 +01:00
Martin Willi 1dabf5bfc7 Filter TLS suite MAC by HMAC algorithm, as the hash is not necessarily the same 2012-02-07 10:54:53 +01:00
Martin Willi 6a5c86b7ad Implemented TLS session resumption both as client and as server 2011-12-31 13:14:49 +01:00
Martin Willi ed57dfca3f In TLS 1.2, PRF and HASH function use at least SHA-256, not the MAC hash function 2011-12-24 12:42:28 +01:00
Tobias Brunner f3bb1bd039 Fixed common misspellings. 
Mostly found by 'codespell'.
 2011-07-20 16:14:10 +02:00
Andreas Steffen 7e432eff6b renamed tls_reader|writer to bio_* and moved to libstrongswan 2011-05-31 15:46:51 +02:00
Martin Willi 5b0bcfb1fc Revert alloc_str changes 
This reverts commit fdead26ffe.
This reverts commit 3e2419ebe3.
This reverts commit 17ce69b47a.
 2011-04-21 13:35:31 +02:00
Martin Willi 3e2419ebe3 Use thread save settings alloc_str function where appropriate 2011-04-21 10:48:16 +02:00
Andreas Steffen 1bee89d339 added TLS_PURPOSE_EAP_PEAP 2011-04-05 18:16:28 +02:00
Andreas Steffen f10e72341c cast enumerated algorithm type as int 2010-12-18 20:24:53 +01:00
Andreas Steffen 5932f41fcc trace back crypto algorithms to the plugins that registered them 2010-12-18 16:31:12 +01:00
Andreas Steffen 99b0f633c2 handle TLS_PURPOSE_EAP_TNC 2010-09-08 12:58:45 +02:00
Martin Willi 02281c87a4 Added TLS specific EC point formats 2010-09-06 18:42:43 +02:00
Martin Willi ec7d4e70d3 Renamed ecp_format to ansi_format, as point formats in TLS use different identifiers 2010-09-06 18:37:24 +02:00
Martin Willi adb913adeb Added strongswan.conf option to filter for specific TLS suites 2010-09-06 16:51:11 +02:00
Martin Willi 24a5b935e7 Added strongswan.conf options to filter cipher suites by specific algorithms 2010-09-06 16:51:04 +02:00
Martin Willi a03eebdf93 Fixed key type in TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA 2010-09-06 16:50:54 +02:00
Martin Willi e6cce7ff0d Prepend point format to ECDH public key 2010-09-06 15:37:51 +02:00
Martin Willi 4e68c1cfdc Do not propose (EC)DHE suites if we do not support them 2010-09-03 18:24:03 +02:00
Martin Willi 4254257f9d Offer only algorithms/suites we have a registered public key backend for 2010-09-03 18:11:03 +02:00
Martin Willi f9c0cf862c Fixed key type of ECDHE_RSA groups 2010-09-03 17:24:39 +02:00
Martin Willi 3f7bb88ba3 Use a dynamic curve enumerator to list/convert TLS named curves 2010-09-03 17:24:23 +02:00
Martin Willi 2066918da2 Add ECDHE enabled cipher suites, including ECDSA variants 2010-09-03 14:54:43 +02:00
Martin Willi 4cdade5aae Select private key based on received cipher suites 2010-09-03 14:54:43 +02:00
Martin Willi 37a59a8fbf Support for EC curve Hello extension, EC curve fallback 2010-09-03 14:54:43 +02:00
Martin Willi 691ca54db5 Added TLS EC curve type and name identifiers 2010-09-03 14:54:43 +02:00
Martin Willi ef0a8e5892 Add DHE enabled RSA variants to the supported TLS suites 2010-09-02 19:33:08 +02:00
Martin Willi 35d9c15d5e Store a MODP group we use for each TLS suite 2010-09-02 19:33:08 +02:00
Martin Willi d29a82a9d4 Added generic TLS data sign/verify, hash/sig algorithm construction 2010-09-02 19:33:08 +02:00
Martin Willi dbb7c0306c Support different hash/sig algorithms in handshake signing, including ECDSA 2010-09-02 13:07:25 +02:00
Martin Willi 99dcaea9bd Added TLS ClientCertificateType identifiers 2010-09-02 13:07:24 +02:00
Martin Willi 9dd2ca924e Added TLS specific Hash and Signature Algorithm identifiers 2010-09-02 13:07:24 +02:00
Martin Willi 2bf0e74c38 Prefer AES/Camellia suites over 3DES/NULL encryption 2010-08-25 18:30:09 +02:00
Martin Willi 69e8bb2e8d Pass NULL peer identity to omit TLS peer authentication, added eap-ttls.request_peer_auth option 2010-08-24 11:34:43 +02:00
Martin Willi bda7d9d940 Added generic TLS purposes 2010-08-24 08:45:49 +02:00
Martin Willi c310881a11 Added a TLS purpose for EAP-TTLS with client authentication 2010-08-23 15:13:48 +02:00
Martin Willi 3c19b3461f Introducing a dedicated debug message group for libtls 2010-08-23 09:47:03 +02:00