Martin Willi
|
5976e149eb
|
Don't allocate extra memory to MAC the TLS header
|
2011-09-28 17:32:23 +02:00 |
|
Martin Willi
|
b79bb79a66
|
Verify TLS MAC even if padding is invalid to prevent timing attacks
|
2011-09-28 17:16:09 +02:00 |
|
Martin Willi
|
18c4d010f4
|
Install and use libtls as dynamic library, as we have our private libdir now
|
2011-08-08 13:41:09 +02:00 |
|
Tobias Brunner
|
f3bb1bd039
|
Fixed common misspellings.
Mostly found by 'codespell'.
|
2011-07-20 16:14:10 +02:00 |
|
Andreas Steffen
|
7e432eff6b
|
renamed tls_reader|writer to bio_* and moved to libstrongswan
|
2011-05-31 15:46:51 +02:00 |
|
Andreas Steffen
|
7e82d26dd8
|
fixed type
|
2011-05-31 15:46:51 +02:00 |
|
Andreas Steffen
|
deed58393d
|
raw TLS debug output
|
2011-05-29 10:36:41 +02:00 |
|
Andreas Steffen
|
4b06f9f265
|
debug type is EAP_TLS
|
2011-04-21 21:04:11 +02:00 |
|
Andreas Steffen
|
2778b6644b
|
do not include length field in non-fragmented EAP-PEAP packets
|
2011-04-21 19:52:49 +02:00 |
|
Martin Willi
|
5b0bcfb1fc
|
Revert alloc_str changes
This reverts commit fdead26ffe.
This reverts commit 3e2419ebe3.
This reverts commit 17ce69b47a.
|
2011-04-21 13:35:31 +02:00 |
|
Martin Willi
|
3e2419ebe3
|
Use thread save settings alloc_str function where appropriate
|
2011-04-21 10:48:16 +02:00 |
|
Martin Willi
|
2db8b58f62
|
Continue without client authentication if no matching certificate found
|
2011-04-14 20:02:12 +02:00 |
|
Martin Willi
|
6a8f1a578f
|
Ignore TLS certificate requests as peer if peer authentication disabled
|
2011-04-14 20:02:12 +02:00 |
|
Martin Willi
|
1c21f47a06
|
Send TLS Server Name Indication as peer if server identity is a FQDN
|
2011-04-14 20:02:12 +02:00 |
|
Martin Willi
|
eea2bdb203
|
Fix tls_writer wrap functions
|
2011-04-14 20:02:11 +02:00 |
|
Andreas Steffen
|
a9ee43e96a
|
added TLS renegotiation_info extension
|
2011-04-14 16:54:46 +02:00 |
|
Andreas Steffen
|
1bee89d339
|
added TLS_PURPOSE_EAP_PEAP
|
2011-04-05 18:16:28 +02:00 |
|
Andreas Steffen
|
6f69fb0134
|
implemented get|set_identifier() for tls_eap_t
|
2011-04-05 18:14:58 +02:00 |
|
Tobias Brunner
|
84545f6e7c
|
Some typos fixed.
|
2011-02-07 11:39:41 +01:00 |
|
Martin Willi
|
8118707845
|
Increase tls_writer buffer by at least 4 bytes
|
2011-01-19 14:41:59 +01:00 |
|
Andreas Steffen
|
f10e72341c
|
cast enumerated algorithm type as int
|
2010-12-18 20:24:53 +01:00 |
|
Andreas Steffen
|
5932f41fcc
|
trace back crypto algorithms to the plugins that registered them
|
2010-12-18 16:31:12 +01:00 |
|
Andreas Steffen
|
58d73d38bc
|
output TLS-independent error messages
|
2010-12-05 14:55:18 +01:00 |
|
Andreas Steffen
|
4d178affbb
|
call is_complete() if tls protocol returns with SUCCESS
|
2010-11-16 11:52:06 +01:00 |
|
Andreas Steffen
|
0cfdbaff2c
|
set EAP-TTLS/TNC version also in acknowledgement packets
|
2010-10-04 14:39:49 +02:00 |
|
Martin Willi
|
89821331e0
|
Do not change cipherspec while we have buffered handshake fragments pending
|
2010-09-09 14:27:41 +02:00 |
|
Andreas Steffen
|
3b7eb3a9f4
|
added explanatory comments
|
2010-09-09 08:57:13 +02:00 |
|
Andreas Steffen
|
de29e3a683
|
max max_message_count configurable and move it into tls_eap_t
|
2010-09-08 12:58:45 +02:00 |
|
Andreas Steffen
|
99b0f633c2
|
handle TLS_PURPOSE_EAP_TNC
|
2010-09-08 12:58:45 +02:00 |
|
Andreas Steffen
|
51b385d44d
|
moved tls_t existance test into tls_eap_create() again
|
2010-09-08 11:09:11 +02:00 |
|
Andreas Steffen
|
d2b1d4378e
|
generalized tls_eap_t to support EAP_TNC wrapping the TNC_IF_TNCCS protocol
|
2010-09-08 11:01:53 +02:00 |
|
Martin Willi
|
7b3c01845f
|
Read the compression type byte for EC groups, only
|
2010-09-08 10:35:29 +02:00 |
|
Martin Willi
|
31c65eb362
|
Include ec_point_format extension in ClientHello
|
2010-09-06 18:51:38 +02:00 |
|
Martin Willi
|
02281c87a4
|
Added TLS specific EC point formats
|
2010-09-06 18:42:43 +02:00 |
|
Martin Willi
|
ec7d4e70d3
|
Renamed ecp_format to ansi_format, as point formats in TLS use different identifiers
|
2010-09-06 18:37:24 +02:00 |
|
Martin Willi
|
fe559b5156
|
Accept TLS records with zero-length plaintext
|
2010-09-06 17:04:59 +02:00 |
|
Martin Willi
|
adb913adeb
|
Added strongswan.conf option to filter for specific TLS suites
|
2010-09-06 16:51:11 +02:00 |
|
Martin Willi
|
24a5b935e7
|
Added strongswan.conf options to filter cipher suites by specific algorithms
|
2010-09-06 16:51:04 +02:00 |
|
Martin Willi
|
a03eebdf93
|
Fixed key type in TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
|
2010-09-06 16:50:54 +02:00 |
|
Martin Willi
|
e6cce7ff0d
|
Prepend point format to ECDH public key
|
2010-09-06 15:37:51 +02:00 |
|
Martin Willi
|
e4fd2bb428
|
Log the selected (EC)DH group
|
2010-09-06 15:37:51 +02:00 |
|
Martin Willi
|
0f89143b84
|
Parse unsupported TLS Hello extensions properly
|
2010-09-06 15:37:51 +02:00 |
|
Martin Willi
|
6cf85b35a4
|
Added TLS extension identifiers from RFC 3546
|
2010-09-06 15:37:51 +02:00 |
|
Martin Willi
|
4e68c1cfdc
|
Do not propose (EC)DHE suites if we do not support them
|
2010-09-03 18:24:03 +02:00 |
|
Martin Willi
|
4254257f9d
|
Offer only algorithms/suites we have a registered public key backend for
|
2010-09-03 18:11:03 +02:00 |
|
Martin Willi
|
f9c0cf862c
|
Fixed key type of ECDHE_RSA groups
|
2010-09-03 17:24:39 +02:00 |
|
Martin Willi
|
3f7bb88ba3
|
Use a dynamic curve enumerator to list/convert TLS named curves
|
2010-09-03 17:24:23 +02:00 |
|
Martin Willi
|
f4c98ae664
|
Use ECDH group check where appropriate
|
2010-09-03 16:53:36 +02:00 |
|
Martin Willi
|
2066918da2
|
Add ECDHE enabled cipher suites, including ECDSA variants
|
2010-09-03 14:54:43 +02:00 |
|
Martin Willi
|
4cdade5aae
|
Select private key based on received cipher suites
|
2010-09-03 14:54:43 +02:00 |
|
Martin Willi
|
37a59a8fbf
|
Support for EC curve Hello extension, EC curve fallback
|
2010-09-03 14:54:43 +02:00 |
|
Martin Willi
|
141d7f7abd
|
Added server support for ECDHE key exchange
|
2010-09-03 14:54:43 +02:00 |
|
Martin Willi
|
5fc7297e38
|
Added client support for ECDHE key exchange
|
2010-09-03 14:54:43 +02:00 |
|
Martin Willi
|
691ca54db5
|
Added TLS EC curve type and name identifiers
|
2010-09-03 14:54:43 +02:00 |
|
Andreas Steffen
|
1972102e1e
|
fixed typo
|
2010-09-03 13:30:40 +02:00 |
|
Martin Willi
|
ccb65463e7
|
Check for queued TLS alerts after each handshake part
|
2010-09-03 09:33:15 +02:00 |
|
Andreas Steffen
|
c0071bde73
|
removed redundant debug output
|
2010-09-02 22:19:37 +02:00 |
|
Martin Willi
|
ef0a8e5892
|
Add DHE enabled RSA variants to the supported TLS suites
|
2010-09-02 19:33:08 +02:00 |
|
Martin Willi
|
f14358a9b5
|
Added TLS server side support for DHE suites
|
2010-09-02 19:33:08 +02:00 |
|
Martin Willi
|
da3f4a9fd0
|
Added TLS client side support for DHE suites
|
2010-09-02 19:33:08 +02:00 |
|
Martin Willi
|
35d9c15d5e
|
Store a MODP group we use for each TLS suite
|
2010-09-02 19:33:08 +02:00 |
|
Martin Willi
|
06109c4717
|
Implemented "signature algorithm" hello extension
|
2010-09-02 19:33:08 +02:00 |
|
Martin Willi
|
731611c525
|
Added TLS extension identifiers
|
2010-09-02 19:33:08 +02:00 |
|
Martin Willi
|
d29a82a9d4
|
Added generic TLS data sign/verify, hash/sig algorithm construction
|
2010-09-02 19:33:08 +02:00 |
|
Martin Willi
|
60c4b3b545
|
Continue with a randomized premaster if decryption failed / version mismatches
|
2010-09-02 19:33:08 +02:00 |
|
Martin Willi
|
dbb7c0306c
|
Support different hash/sig algorithms in handshake signing, including ECDSA
|
2010-09-02 13:07:25 +02:00 |
|
Martin Willi
|
99dcaea9bd
|
Added TLS ClientCertificateType identifiers
|
2010-09-02 13:07:24 +02:00 |
|
Martin Willi
|
9dd2ca924e
|
Added TLS specific Hash and Signature Algorithm identifiers
|
2010-09-02 13:07:24 +02:00 |
|
Martin Willi
|
ea6d7cb4be
|
Fixed typos in tls_writer method descriptions
|
2010-09-02 13:07:24 +02:00 |
|
Andreas Steffen
|
54cba78573
|
cosmetics in debug output
|
2010-09-01 14:30:14 +02:00 |
|
Andreas Steffen
|
5fb1311b2a
|
clarified debug output
|
2010-08-31 23:22:39 +02:00 |
|
Andreas Steffen
|
c3024a0848
|
fixed typo
|
2010-08-31 21:42:14 +02:00 |
|
Martin Willi
|
93709d1093
|
Do not process any more TLS handshake messages on fatal alerts
|
2010-08-31 18:10:24 +02:00 |
|
Martin Willi
|
c811479986
|
Strictly check if the server certificate matches the TLS server identity
|
2010-08-31 18:10:23 +02:00 |
|
Martin Willi
|
f9fc5f2045
|
Added strongswan.conf options for EAP-TLS/TTLS fragment size
|
2010-08-31 16:17:01 +02:00 |
|
Martin Willi
|
743f94067e
|
Support processing of partial TLS record headers
|
2010-08-31 16:17:01 +02:00 |
|
Martin Willi
|
877c910f04
|
Implemented a generic TLS EAP helper to implement EAP-TLS, TTLS and other variants
|
2010-08-31 16:16:58 +02:00 |
|
Martin Willi
|
ecd98efa9d
|
Support output fragmentation of TLS records
|
2010-08-31 15:54:37 +02:00 |
|
Martin Willi
|
ce1af73907
|
Implemented buffering of partial records in TLS stack
|
2010-08-31 15:35:29 +02:00 |
|
Martin Willi
|
d169aab35e
|
Log TLS handshake subtypes as handshakes
|
2010-08-31 15:35:29 +02:00 |
|
Tobias Brunner
|
0433b4172b
|
Typo in doxygen comment fixed.
|
2010-08-30 10:49:32 +02:00 |
|
Martin Willi
|
2bf0e74c38
|
Prefer AES/Camellia suites over 3DES/NULL encryption
|
2010-08-25 18:30:09 +02:00 |
|
Martin Willi
|
a596006e3f
|
Send TLS alerts for errors in TLS handshake building
|
2010-08-25 18:24:27 +02:00 |
|
Martin Willi
|
ee88ddd6aa
|
Refactored fragment building, use correct TLS content type for non-first fragments
|
2010-08-25 18:04:59 +02:00 |
|
Martin Willi
|
17102f7b58
|
Added a simple high level TLS wrapper for sockets
|
2010-08-25 12:52:53 +02:00 |
|
Martin Willi
|
bd23b9086e
|
Initialize output chunk before appending data to it
|
2010-08-25 12:43:21 +02:00 |
|
Martin Willi
|
69e8bb2e8d
|
Pass NULL peer identity to omit TLS peer authentication, added eap-ttls.request_peer_auth option
|
2010-08-24 11:34:43 +02:00 |
|
Martin Willi
|
a2c1235969
|
Skip the close notify if application layer completes successfully
|
2010-08-24 10:30:24 +02:00 |
|
Andreas Steffen
|
c1a929daa7
|
removed some redundant debug output
|
2010-08-24 09:02:51 +02:00 |
|
Martin Willi
|
bda7d9d940
|
Added generic TLS purposes
|
2010-08-24 08:45:49 +02:00 |
|
Martin Willi
|
c5142f110e
|
Check if the application layer has completed successfully
|
2010-08-24 08:45:49 +02:00 |
|
Martin Willi
|
1475800080
|
Moved TLS record parsing/generation to tls.c
|
2010-08-24 08:45:49 +02:00 |
|
Martin Willi
|
c310881a11
|
Added a TLS purpose for EAP-TTLS with client authentication
|
2010-08-23 15:13:48 +02:00 |
|
Martin Willi
|
e6f3ef1330
|
Implemented TLS Alert handling
|
2010-08-23 15:13:37 +02:00 |
|
Martin Willi
|
f154e30431
|
Verify negotiated TLS version
|
2010-08-23 09:47:03 +02:00 |
|
Martin Willi
|
3c19b3461f
|
Introducing a dedicated debug message group for libtls
|
2010-08-23 09:47:03 +02:00 |
|
Martin Willi
|
0bcef5fe7a
|
Streamlined TLS debugging output
|
2010-08-23 09:45:33 +02:00 |
|
Andreas Steffen
|
56a1167b07
|
fixed build_cipher_suite_list()
|
2010-08-21 12:52:55 +02:00 |
|
Martin Willi
|
96b2fbcc2c
|
Introducing simple purposes for the TLS stack, switches various options
|
2010-08-20 15:09:08 +02:00 |
|
Martin Willi
|
6e413d9ce9
|
Added more TLS cipher suites we already support
|
2010-08-20 12:11:21 +02:00 |
|
Martin Willi
|
a2bfc45bfd
|
Build TLS cipher suite list in a generic fashion
|
2010-08-20 12:11:21 +02:00 |
|
Andreas Steffen
|
fd86fb5183
|
removed debug output for TLS application data
|
2010-08-19 07:27:30 +02:00 |
|
Andreas Steffen
|
ee346b54c1
|
add TLS handshake packet size to debug output
|
2010-08-18 22:07:27 +02:00 |
|
Martin Willi
|
ba31fe1fd6
|
Use a seperate section for each nested struct member in INIT macro
|
2010-08-18 12:15:03 +02:00 |
|
Martin Willi
|
714d0bfd37
|
Only include certificates with CA flag in TLS cert request
|
2010-08-16 09:20:19 +02:00 |
|
Andreas Steffen
|
b51ac45c48
|
optional certificate-based peer authentication on TLS server side
|
2010-08-15 13:02:57 +02:00 |
|
Andreas Steffen
|
c4347aa86e
|
do not dump tls application data any more
|
2010-08-13 21:21:49 +02:00 |
|
Martin Willi
|
3102d8669d
|
Use IV length of a crypter instead of block size for IV calculations
|
2010-08-13 17:11:53 +02:00 |
|
Andreas Steffen
|
3a15a02a58
|
set TLS record type before state change to STATE_FINISHED_SENT
|
2010-08-13 00:31:45 +02:00 |
|
Andreas Steffen
|
b62e9a30ce
|
fixed sequence numbering and iv of TLS protection layer
|
2010-08-12 23:58:54 +02:00 |
|
Andreas Steffen
|
1327839da8
|
added generic TLS application data handler and specific EAP-TTLS instantiation
|
2010-08-12 23:58:54 +02:00 |
|
Martin Willi
|
33ddaaabec
|
Added support for different encryption schemes to private/public keys
|
2010-08-10 18:46:30 +02:00 |
|
Andreas Steffen
|
a6444fcdd4
|
EAP-TLS and EAP-TTLS use different constant MSK PRF label
|
2010-08-07 11:26:04 +02:00 |
|
Andreas Steffen
|
b4d30a425e
|
support server authentication only for EAP-TTLS
|
2010-08-07 11:26:04 +02:00 |
|
Martin Willi
|
37d2d7e158
|
Whitespace cleanups
|
2010-08-05 13:58:49 +02:00 |
|
Martin Willi
|
e85bca7f22
|
Use certificate subject to get a public key of the TLS server
|
2010-08-05 13:13:45 +02:00 |
|
Tobias Brunner
|
edb82ab8ae
|
Some Doxygen fixes.
|
2010-08-05 11:53:53 +02:00 |
|
Andreas Steffen
|
7ea87db00d
|
added some more TLS debug output
|
2010-08-05 09:51:05 +02:00 |
|
Andreas Steffen
|
7030e3950a
|
fixed type in cipher suite list build
|
2010-08-05 01:26:10 +02:00 |
|
Andreas Steffen
|
4657b3a42a
|
log selected TLS version and cipher suite
|
2010-08-05 01:21:59 +02:00 |
|
Andreas Steffen
|
289c9ac3d7
|
log TLS handshake messages in debug level 2
|
2010-08-04 16:55:55 +02:00 |
|
Martin Willi
|
0f82a47063
|
Moved TLS stack to its own library
|
2010-08-03 15:39:26 +02:00 |