Martin Willi
|
e4fd2bb428
|
Log the selected (EC)DH group
|
2010-09-06 15:37:51 +02:00 |
Martin Willi
|
0f89143b84
|
Parse unsupported TLS Hello extensions properly
|
2010-09-06 15:37:51 +02:00 |
Martin Willi
|
3f7bb88ba3
|
Use a dynamic curve enumerator to list/convert TLS named curves
|
2010-09-03 17:24:23 +02:00 |
Martin Willi
|
f4c98ae664
|
Use ECDH group check where appropriate
|
2010-09-03 16:53:36 +02:00 |
Martin Willi
|
4cdade5aae
|
Select private key based on received cipher suites
|
2010-09-03 14:54:43 +02:00 |
Martin Willi
|
37a59a8fbf
|
Support for EC curve Hello extension, EC curve fallback
|
2010-09-03 14:54:43 +02:00 |
Martin Willi
|
141d7f7abd
|
Added server support for ECDHE key exchange
|
2010-09-03 14:54:43 +02:00 |
Andreas Steffen
|
1972102e1e
|
fixed typo
|
2010-09-03 13:30:40 +02:00 |
Martin Willi
|
f14358a9b5
|
Added TLS server side support for DHE suites
|
2010-09-02 19:33:08 +02:00 |
Martin Willi
|
06109c4717
|
Implemented "signature algorithm" hello extension
|
2010-09-02 19:33:08 +02:00 |
Martin Willi
|
d29a82a9d4
|
Added generic TLS data sign/verify, hash/sig algorithm construction
|
2010-09-02 19:33:08 +02:00 |
Martin Willi
|
60c4b3b545
|
Continue with a randomized premaster if decryption failed / version mismatches
|
2010-09-02 19:33:08 +02:00 |
Martin Willi
|
dbb7c0306c
|
Support different hash/sig algorithms in handshake signing, including ECDSA
|
2010-09-02 13:07:25 +02:00 |
Martin Willi
|
a596006e3f
|
Send TLS alerts for errors in TLS handshake building
|
2010-08-25 18:24:27 +02:00 |
Martin Willi
|
69e8bb2e8d
|
Pass NULL peer identity to omit TLS peer authentication, added eap-ttls.request_peer_auth option
|
2010-08-24 11:34:43 +02:00 |
Andreas Steffen
|
c1a929daa7
|
removed some redundant debug output
|
2010-08-24 09:02:51 +02:00 |
Martin Willi
|
bda7d9d940
|
Added generic TLS purposes
|
2010-08-24 08:45:49 +02:00 |
Martin Willi
|
c310881a11
|
Added a TLS purpose for EAP-TTLS with client authentication
|
2010-08-23 15:13:48 +02:00 |
Martin Willi
|
e6f3ef1330
|
Implemented TLS Alert handling
|
2010-08-23 15:13:37 +02:00 |
Martin Willi
|
f154e30431
|
Verify negotiated TLS version
|
2010-08-23 09:47:03 +02:00 |
Martin Willi
|
3c19b3461f
|
Introducing a dedicated debug message group for libtls
|
2010-08-23 09:47:03 +02:00 |
Martin Willi
|
0bcef5fe7a
|
Streamlined TLS debugging output
|
2010-08-23 09:45:33 +02:00 |
Martin Willi
|
96b2fbcc2c
|
Introducing simple purposes for the TLS stack, switches various options
|
2010-08-20 15:09:08 +02:00 |
Martin Willi
|
ba31fe1fd6
|
Use a seperate section for each nested struct member in INIT macro
|
2010-08-18 12:15:03 +02:00 |
Martin Willi
|
714d0bfd37
|
Only include certificates with CA flag in TLS cert request
|
2010-08-16 09:20:19 +02:00 |
Andreas Steffen
|
b51ac45c48
|
optional certificate-based peer authentication on TLS server side
|
2010-08-15 13:02:57 +02:00 |
Andreas Steffen
|
1327839da8
|
added generic TLS application data handler and specific EAP-TTLS instantiation
|
2010-08-12 23:58:54 +02:00 |
Martin Willi
|
33ddaaabec
|
Added support for different encryption schemes to private/public keys
|
2010-08-10 18:46:30 +02:00 |
Andreas Steffen
|
7ea87db00d
|
added some more TLS debug output
|
2010-08-05 09:51:05 +02:00 |
Martin Willi
|
0f82a47063
|
Moved TLS stack to its own library
|
2010-08-03 15:39:26 +02:00 |