11a4687930
libtls: Add control flags and replace GENERIC_NULLOK purpose with one
2021-02-18 15:10:29 +01:00
a60e248b0d
libtls: Increase default min version to 1.2
...
The older versions are generally considered deprecated (there is an
Internet-Draft that aims to do that formally).
2021-02-12 14:35:23 +01:00
dc9f6c68df
libtls: Add downgrade protection for TLS 1.3 and TLS 1.2
...
Section 4.1.3 in RFC 8446 defines a new downgrade protection mechanism
that also affects TLS 1.2.
2021-02-12 14:35:23 +01:00
92aef122c3
libtls: Reduce default max version to 1.2
...
Using TLS 1.3 with various EAP methods is not yet fully standardized, so we
don't enable it by default yet.
2021-02-12 14:35:23 +01:00
663969ddf7
libtls: Make min/max TLS version configurable
...
Except for the tls_test tool, the versions now default to those
configured in strongswan.conf.
2021-02-12 14:35:23 +01:00
f81c04e9e3
libtls: Add missing cipher suite and TLS extension constants
...
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
- TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
- Encrypt then MAC
- Extended master secret
- Session ticket
and also add missing suites in the unit test.
2021-02-12 14:35:23 +01:00
c4576a1f57
tls: Allow setting both minimum and maximum TLS versions
...
This allows to increase the initial minimum version and also prevents
sending a list of versions during retries when 1.3 was already
negotiated.
2021-02-12 11:45:44 +01:00
2b6565c236
tls-peer: Handle HelloRetryRequest
...
Adds support to handle retries with different DH group and/or a cookie
extension.
2021-02-12 11:45:44 +01:00
7a2b02667c
libtls: Implement TLS 1.3 handshake on client-side
...
The code is a minimal handshake with the HelloRetryRequest message
implementation missing.
Can be tested with an OpenSSL server running TLS 1.3. The server must
be at least version 1.1.1 (September 2018).
Co-authored-by: ryru <pascal.knecht@hsr.ch>
2021-02-12 11:45:44 +01:00
b12c53ce77
Use standard unsigned integer types
2016-03-24 18:52:48 +01:00
666c552381
libtls: Add getters for TLS handshake authentication details
2015-03-03 14:08:00 +01:00
970378c557
libtls: Don't send TLS close notifies in EAP after application succeeds
...
With the introduction of PT-TLS, we started sending TLS close notifies after
the application layer completes (7bbf7aa9Fixes #556 .
2015-02-19 11:29:07 +01:00
e2bf45a491
tls: Move variable sized tls_record_t struct to end of tls_t data
...
clang complains about the the non-last variable length member.
2014-05-16 15:42:07 +02:00
ddf5222096
tls: Introduce a generic TLS purpose that accepts NULL encryption ciphers
2014-04-01 14:28:55 +02:00
f93497507f
tls: Check for minimal TLS record length before each record iteration
...
Fixes fragment reassembling if a buffer contains more than one record, but
the last record contains a partial TLS record header. Thanks to Nick Saunders
and Jamil Nimeh for identifying this issue and providing a fix for it.
2014-03-31 15:56:12 +02:00
409adef43c
libtls: Move settings to <ns>.tls with fallback to libtls
2014-02-12 14:34:32 +01:00
2de481e32b
Delegate tls_t.get_{peer,server}_id to handshake layer
...
This allows to get updated peer identities if the peer can't authenticate,
or does when it is optional.
2013-02-28 16:46:08 +01:00
bd1ee5bdc4
make AR identities available to IMVs via IF-IMV 1.4 draft
2013-02-11 15:30:44 +01:00
f05b427265
Moved debug.[ch] to utils folder
2012-10-24 16:00:51 +02:00
6a5c86b7ad
Implemented TLS session resumption both as client and as server
2011-12-31 13:14:49 +01:00
e7cb8f9b37
added dummy libtls_init() function needed for integrity testing
2011-11-08 20:27:17 +01:00
a9ee43e96a
added TLS renegotiation_info extension
2011-04-14 16:54:46 +02:00
1bee89d339
added TLS_PURPOSE_EAP_PEAP
2011-04-05 18:16:28 +02:00
6cf85b35a4
Added TLS extension identifiers from RFC 3546
2010-09-06 15:37:51 +02:00
37a59a8fbf
Support for EC curve Hello extension, EC curve fallback
2010-09-03 14:54:43 +02:00
c0071bde73
removed redundant debug output
2010-09-02 22:19:37 +02:00
731611c525
Added TLS extension identifiers
2010-09-02 19:33:08 +02:00
5fb1311b2a
clarified debug output
2010-08-31 23:22:39 +02:00
743f94067e
Support processing of partial TLS record headers
2010-08-31 16:17:01 +02:00
ecd98efa9d
Support output fragmentation of TLS records
2010-08-31 15:54:37 +02:00
ce1af73907
Implemented buffering of partial records in TLS stack
2010-08-31 15:35:29 +02:00
17102f7b58
Added a simple high level TLS wrapper for sockets
2010-08-25 12:52:53 +02:00
bd23b9086e
Initialize output chunk before appending data to it
2010-08-25 12:43:21 +02:00
69e8bb2e8d
Pass NULL peer identity to omit TLS peer authentication, added eap-ttls.request_peer_auth option
2010-08-24 11:34:43 +02:00
c5142f110e
Check if the application layer has completed successfully
2010-08-24 08:45:49 +02:00
1475800080
Moved TLS record parsing/generation to tls.c
2010-08-24 08:45:49 +02:00
e6f3ef1330
Implemented TLS Alert handling
2010-08-23 15:13:37 +02:00
f154e30431
Verify negotiated TLS version
2010-08-23 09:47:03 +02:00
96b2fbcc2c
Introducing simple purposes for the TLS stack, switches various options
2010-08-20 15:09:08 +02:00
b51ac45c48
optional certificate-based peer authentication on TLS server side
2010-08-15 13:02:57 +02:00
1327839da8
added generic TLS application data handler and specific EAP-TTLS instantiation
2010-08-12 23:58:54 +02:00
a6444fcdd4
EAP-TLS and EAP-TTLS use different constant MSK PRF label
2010-08-07 11:26:04 +02:00
0f82a47063
Moved TLS stack to its own library
2010-08-03 15:39:26 +02:00
Tobias Brunner