aboutsummaryrefslogtreecommitdiffstats
path: root/src/libtls/tls_crypto.c
Commit message (Collapse)AuthorAgeFilesLines
* private-key: Add optional parameters argument to sign() methodTobias Brunner2017-11-081-3/+4
|
* public-key: Add optional parameters argument to verify() methodTobias Brunner2017-11-081-3/+5
|
* Change interface for enumerator_create_filter() callbackTobias Brunner2017-05-261-17/+21
| | | | | This avoids the unportable 5 pointer hack, but requires enumerating in the callback.
* gmp: Support of SHA-3 RSA signaturesAndreas Steffen2016-09-221-10/+10
|
* Use standard unsigned integer typesAndreas Steffen2016-03-241-3/+3
|
* enum: Return boolean result for enum_from_name() lookupMartin Willi2014-05-161-2/+2
| | | | | | | | | | | Handling the result for enum_from_name() is difficult, as checking for negative return values requires a cast if the enum type is unsigned. The new signature clearly differentiates lookup result from lookup value. Further, this actually allows to convert real -1 enum values, which could not be distinguished from "not-found" and the -1 return value. This also fixes several clang warnings where enums are unsigned.
* tls: Introduce a generic TLS purpose that accepts NULL encryption ciphersMartin Willi2014-04-011-0/+3
|
* tls: Export a function to list supported TLS cipher suitesMartin Willi2014-04-011-18/+57
|
* tls: Fix some TLS cipher suite enum namesMartin Willi2014-03-311-3/+3
| | | | | It is important to have them mapped correctly, as we use these official TLS identifiers to configure specific TLS suites.
* tls: Fix AEAD algorithm filtering, avoid filtering all suites if no AEAD foundMartin Willi2014-03-311-19/+52
|
* tls: Offer TLS signature schemes in ClientHello in order of preferenceMartin Willi2014-03-311-90/+59
| | | | | Additionally, we now query plugin features to find out what schemes we exactly support.
* tls: Define AES-GCM cipher suites from RFC 5288/5289Martin Willi2014-03-311-0/+54
|
* tls: Implement the TLS AEAD abstraction for real AEAD modesMartin Willi2014-03-311-7/+34
|
* tls: Separate TLS protection to abstracted AEAD modesMartin Willi2014-03-311-122/+105
| | | | | | To better separate the code path for different TLS versions and modes of operation, we introduce a TLS AEAD abstraction. We provide three implementations using traditional transforms, and get prepared for TLS AEAD modes.
* libtls: Move settings to <ns>.tls with fallback to libtlsTobias Brunner2014-02-121-4/+8
|
* Fixed encoding of TLS extensions (elliptic_curves and signature_algorithms)Tobias Brunner2012-11-281-0/+1
|
* Moved debug.[ch] to utils folderTobias Brunner2012-10-241-1/+1
|
* Added missing break when building TLS cipher suitesTobias Brunner2012-09-281-0/+1
|
* Don't allow NULL encryption with PEAPMartin Willi2012-09-121-1/+3
|
* Add a return value to hasher_t.allocate_hash()Martin Willi2012-07-161-2/+2
|
* Add a return value to hasher_t.get_hash()Martin Willi2012-07-161-4/+4
|
* Add a return value to crypter_t.set_key()Martin Willi2012-07-161-4/+10
|
* Add a return value to tls_prf_t.set_key()Martin Willi2012-07-161-6/+7
|
* Add a return value to tls_prf_t.get_bytes()Martin Willi2012-07-161-10/+26
|
* Add a return value to signer_t.set_key()Martin Willi2012-07-161-4/+10
|
* Add a return value to tls_crypto_t.derive_secrets()Martin Willi2012-07-161-4/+8
|
* Double check if a cached suite is available, overwrite any old suite stateMartin Willi2012-02-071-2/+3
|
* Fix TLS EAP-MSK derivation, uses different order of randoms than key expansionMartin Willi2012-02-071-0/+1
|
* Filter TLS suite MAC by HMAC algorithm, as the hash is not necessarily the sameMartin Willi2012-02-071-4/+4
|
* Implemented TLS session resumption both as client and as serverMartin Willi2011-12-311-23/+81
|
* In TLS 1.2, PRF and HASH function use at least SHA-256, not the MAC hash ↵Martin Willi2011-12-241-20/+20
| | | | function
* Fixed common misspellings.Tobias Brunner2011-07-201-1/+1
| | | | Mostly found by 'codespell'.
* renamed tls_reader|writer to bio_* and moved to libstrongswanAndreas Steffen2011-05-311-9/+9
|
* Revert alloc_str changesMartin Willi2011-04-211-8/+4
| | | | | | This reverts commit fdead26ffe1da8501a6ff5e0639a6f44c723e763. This reverts commit 3e2419ebe32de72d824864eb2e0e677a7c197af1. This reverts commit 17ce69b47a1efd6234960cf7d1f50712aee61db5.
* Use thread save settings alloc_str function where appropriateMartin Willi2011-04-211-4/+8
|
* added TLS_PURPOSE_EAP_PEAPAndreas Steffen2011-04-051-0/+1
|
* cast enumerated algorithm type as intAndreas Steffen2010-12-181-3/+4
|
* trace back crypto algorithms to the plugins that registered themAndreas Steffen2010-12-181-2/+5
|
* handle TLS_PURPOSE_EAP_TNCAndreas Steffen2010-09-081-0/+2
|
* Added TLS specific EC point formatsMartin Willi2010-09-061-0/+7
|
* Renamed ecp_format to ansi_format, as point formats in TLS use different ↵Martin Willi2010-09-061-1/+1
| | | | identifiers
* Added strongswan.conf option to filter for specific TLS suitesMartin Willi2010-09-061-0/+32
|
* Added strongswan.conf options to filter cipher suites by specific algorithmsMartin Willi2010-09-061-0/+173
|
* Fixed key type in TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHAMartin Willi2010-09-061-1/+1
|
* Prepend point format to ECDH public keyMartin Willi2010-09-061-0/+8
|
* Do not propose (EC)DHE suites if we do not support themMartin Willi2010-09-031-1/+5
|
* Offer only algorithms/suites we have a registered public key backend forMartin Willi2010-09-031-3/+68
|
* Fixed key type of ECDHE_RSA groupsMartin Willi2010-09-031-4/+4
|
* Use a dynamic curve enumerator to list/convert TLS named curvesMartin Willi2010-09-031-11/+47
|
* Add ECDHE enabled cipher suites, including ECDSA variantsMartin Willi2010-09-031-0/+60
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-26 20:45:29 +0000