aboutsummaryrefslogtreecommitdiffstats
path: root/src/libtls/tls_peer.c
Commit message (Collapse)AuthorAgeFilesLines
* Use standard unsigned integer typesAndreas Steffen2016-03-241-5/+5
|
* credential-manager: Make online revocation checks optional for public key ↵Tobias Brunner2016-03-101-1/+2
| | | | enumerator
* libtls: As client, reject DH exchanges using primes smaller than 1024 bitMartin Willi2015-05-261-0/+7
| | | | | | | | | | | | | | | | | | While the server signs the ephemeral DH parameters, it can be tricked to its lowest supported DH group by a man-in-the-middle: https://weakdh.org/imperfect-forward-secrecy.pdf While we at least use 2048-bit DH groups as server, the client accepts any DH prime the server sends. If it supports export ciphers, only a 512-bit prime may be used. As TLS does not define nor negotiate a DH group for cipher suites, the client actually must accept what the server offers. To avoid downgrades to weak DH groups, we must reject what we consider insecure. We set this limit to 1024-bit primes. While this breaks compatibility with TLS servers using weaker primes, this is what we expect servers at least use. Most browser vendors use the same limit in a similar fix.
* utils: Use chunk_equals_const() for all cryptographic purposesMartin Willi2015-04-141-1/+1
|
* diffie-hellman: Add a bool return value to set_other_public_value()Martin Willi2015-03-231-2/+12
|
* diffie-hellman: Add a bool return value to get_my_public_value()Martin Willi2015-03-231-1/+5
|
* diffie-hellman: Use bool instead of status_t as get_shared_secret() return valueMartin Willi2015-03-231-1/+1
| | | | | While such a change is not unproblematic, keeping status_t makes the API inconsistent once we introduce return values for the public value operations.
* tls-peer: Make sure to use the right trusted public key for peerTobias Brunner2015-03-091-4/+8
| | | | | | | | | In case a CA certificate uses the same subject DN as the server the previous code could end up trying to verify the server's signature with the CA certificate's public key. By comparing the certificate with the one sent by the peer we make sure to use the right one. Fixes #849.
* libtls: Add getters for TLS handshake authentication detailsMartin Willi2015-03-031-0/+7
|
* libtls: Merge trustchain auth verification details done during TLS handhsakeMartin Willi2015-03-031-0/+1
|
* tls: Include TLS version announced in Client Hello in encrypted premasterMartin Willi2014-03-311-1/+7
| | | | | | While a hardcoded 1.2 version is fine when we offer that in Client Hello, we should include the actually offered version if it has been reduced before starting the exchange.
* Delegate tls_t.get_{peer,server}_id to handshake layerMartin Willi2013-02-281-2/+21
| | | | | This allows to get updated peer identities if the peer can't authenticate, or does when it is optional.
* Fixed encoding of TLS extensions (elliptic_curves and signature_algorithms)Tobias Brunner2012-11-281-0/+1
|
* Moved debug.[ch] to utils folderTobias Brunner2012-10-241-1/+1
|
* Check rng return value when generating secrets and IVs in libtlsTobias Brunner2012-07-161-6/+8
|
* Add a return value to tls_crypto_t.derive_secrets()Martin Willi2012-07-161-8/+17
|
* Implemented TLS session resumption both as client and as serverMartin Willi2011-12-311-17/+60
|
* Separated cipherspec checking and switching, allowing us to defer the secondMartin Willi2011-12-311-13/+19
|
* renamed tls_reader|writer to bio_* and moved to libstrongswanAndreas Steffen2011-05-311-30/+30
|
* Continue without client authentication if no matching certificate foundMartin Willi2011-04-141-19/+22
|
* Ignore TLS certificate requests as peer if peer authentication disabledMartin Willi2011-04-141-13/+14
|
* Send TLS Server Name Indication as peer if server identity is a FQDNMartin Willi2011-04-141-0/+14
|
* Include ec_point_format extension in ClientHelloMartin Willi2010-09-061-0/+6
|
* Renamed ecp_format to ansi_format, as point formats in TLS use different ↵Martin Willi2010-09-061-3/+3
| | | | identifiers
* Prepend point format to ECDH public keyMartin Willi2010-09-061-4/+14
|
* Use a dynamic curve enumerator to list/convert TLS named curvesMartin Willi2010-09-031-24/+49
|
* Use ECDH group check where appropriateMartin Willi2010-09-031-27/+10
|
* Select private key based on received cipher suitesMartin Willi2010-09-031-1/+1
|
* Support for EC curve Hello extension, EC curve fallbackMartin Willi2010-09-031-1/+5
|
* Added client support for ECDHE key exchangeMartin Willi2010-09-031-2/+103
|
* Added TLS client side support for DHE suitesMartin Willi2010-09-021-25/+187
|
* Implemented "signature algorithm" hello extensionMartin Willi2010-09-021-0/+8
|
* Support different hash/sig algorithms in handshake signing, including ECDSAMartin Willi2010-09-021-7/+56
|
* Strictly check if the server certificate matches the TLS server identityMartin Willi2010-08-311-0/+44
|
* Send TLS alerts for errors in TLS handshake buildingMartin Willi2010-08-251-0/+6
|
* Pass NULL peer identity to omit TLS peer authentication, added ↵Martin Willi2010-08-241-15/+19
| | | | eap-ttls.request_peer_auth option
* removed some redundant debug outputAndreas Steffen2010-08-241-2/+0
|
* Implemented TLS Alert handlingMartin Willi2010-08-231-17/+47
|
* Verify negotiated TLS versionMartin Willi2010-08-231-2/+4
|
* Introducing a dedicated debug message group for libtlsMartin Willi2010-08-231-23/+23
|
* Streamlined TLS debugging outputMartin Willi2010-08-231-7/+6
|
* Use a seperate section for each nested struct member in INIT macroMartin Willi2010-08-181-8/+9
|
* added generic TLS application data handler and specific EAP-TTLS instantiationAndreas Steffen2010-08-121-0/+7
|
* Added support for different encryption schemes to private/public keysMartin Willi2010-08-101-1/+2
|
* support server authentication only for EAP-TTLSAndreas Steffen2010-08-071-5/+23
|
* Use certificate subject to get a public key of the TLS serverMartin Willi2010-08-051-7/+11
|
* added some more TLS debug outputAndreas Steffen2010-08-051-7/+14
|
* log selected TLS version and cipher suiteAndreas Steffen2010-08-051-1/+6
|
* Moved TLS stack to its own libraryMartin Willi2010-08-031-0/+625
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-24 01:20:18 +0000