strongswan.git
2021-02-12 Pascal Knechttls-crypto: Add signature scheme config file filter
2021-02-12 Pascal Knechttls-crypto: Rename DH group/key exchange method config...
2021-02-12 Tobias Brunnerlibtls: Increase default min version to 1.2
2021-02-12 Tobias Brunnertls-peer: Verify server selects the same cipher suite...
2021-02-12 Tobias Brunnertls-server: Select cipher suite also when handling...
2021-02-12 Tobias Brunnertls-server: Remove unused variable
2021-02-12 Pascal Knechtlibtls: Add downgrade protection for TLS 1.3 and TLS 1.2
2021-02-12 Shmulik Ladkanitls-server: Optionally omit CAs in CertificateRequest...
2021-02-12 Tobias Brunnertls-eap: Conclude EAP method also after processing...
2021-02-12 Tobias Brunnerlibtls: Only run socket tests with EdDSA keys if they...
2021-02-12 Tobias Brunnertls-peer: Don't log anything if we are not sending...
2021-02-12 Tobias Brunnertls-crypto: Only log modified TLS versions if successfu...
2021-02-12 Tobias Brunnerlibtls: Reduce default max version to 1.2
2021-02-12 Tobias Brunnerlibtls: Make min/max TLS version configurable
2021-02-12 Pascal Knechttest-hkdf: Add two test cases and restructure all tests
2021-02-12 Pascal Knechttls-hkdf: Implement binder PSK generation
2021-02-12 Pascal Knechttls-hkdf: Implement resumption key generation
2021-02-12 Pascal Knechttls-peer: Mutual authentication support for TLS 1.3
2021-02-12 Pascal Knechttls-peer: Derive application traffic keys after server...
2021-02-12 Pascal Knechttls-peer: Use private key enumeration also in TLS versi...
2021-02-12 Pascal Knechttls-crypto: Share private key search between client...
2021-02-12 Pascal Knechttls-test: Add support to require/verify client certificates
2021-02-12 Pascal Knechttls-server: Mutual authentication support for TLS 1.3
2021-02-12 Pascal Knechttls-server: Terminate connection if peer certificate...
2021-02-12 Pascal Knechttls-server: Make CertificateRequest conditional in...
2021-02-12 Pascal Knechttls-server: Share trusted public key search between...
2021-02-12 Pascal Knechttls-crypto: Move AEAD ownership to the protection layer
2021-02-12 Pascal Knechttls-hkdf: Always use correct base key to derive finishe...
2021-02-12 Pascal Knechtlibtls: Add unit tests for Ed25519 and Ed448 keys
2021-02-12 Pascal Knechttls-test: Load keys of any type
2021-02-12 Pascal Knechttls-crypto: Support EdDSA keys with ECDSA cipher suites
2021-02-12 Pascal Knechttls-server: Consider supported signature algorithms...
2021-02-12 Pascal Knechttls-crypto: Distinguish between signing and verifying...
2021-02-12 Pascal Knechttls-server: Check if peer sent hash and signature algor...
2021-02-12 Pascal Knechttls-crypto: Add missing signature scheme constants
2021-02-12 Pascal Knechttls-server: Fix invalid signature algorithm and support...
2021-02-12 Pascal Knechttls-server: Support multiple client key shares
2021-02-12 Pascal Knechtlibtls: Add TLS version negotiation test cases
2021-02-12 Pascal Knechttls-server: Support HelloRetryRequest (HRR)
2021-02-12 Pascal Knechttls-crypto: Add support to configure DH groups to use
2021-02-12 Tobias Brunnerdiffie-hellman: Add enum names that match proposal...
2021-02-12 Pascal Knechttls-crypto: Generalizing DH group to TLS group mapping
2021-02-12 Pascal Knechttls-server: Support KeyUpdate requests and answers
2021-02-12 Pascal Knechttls-server: Refactor writing of key share extensions
2021-02-12 Pascal Knechttls-server: TLS 1.3 support for TLS server implementation
2021-02-12 Pascal Knechttls-crypto: Rename parameter to be more consistent
2021-02-12 Pascal Knechttls-crypto: Fix invalid signature algorithm list building
2021-02-12 Pascal Knechtlibtls: Add missing cipher suite and TLS extension...
2021-02-12 Pascal Knechttls-crypto: Rework cipher suite preference order
2021-02-12 Tobias Brunnertls-server: Determine supported/configured suites and...
2021-02-12 Pascal Knechttls-crypto: Check if TLS versions and cipher suites...
2021-02-12 Pascal Knechttls-peer: Don't initiate TLS connection if no cipher...
2021-02-12 Tobias Brunnertls-test: Make plugin list configurable via environment...
2021-02-12 Tobias Brunnertls-peer: Return INVALID_STATE after changing TLS 1...
2021-02-12 Tobias Brunnertls-crypto: Generate MSK for TLS 1.3
2021-02-12 Tobias Brunnertls-hkdf: Add method that allows exporting key material
2021-02-12 Tobias Brunnertls-hkdf: Handle label expansion inside expand_label()
2021-02-12 Tobias Brunnertls-hkdf: Pass secret to derive_secret() explicitly
2021-02-12 Tobias Brunnertls-hkdf: Store OKM in local variables
2021-02-12 Tobias Brunnertls-crypto: Add support for RSA-PSS signatures
2021-02-12 Tobias Brunnertls-peer: Support answering KeyUpdate requests
2021-02-12 Tobias Brunnertls-socket: Change how EOF of the underlying socket...
2021-02-12 Tobias Brunnertls-peer: Add support to handle KeyUpdate message
2021-02-12 Tobias Brunnertls-crypto: Add method to update application traffic...
2021-02-12 Tobias Brunnertls-hkdf: Support updating client/server traffic secrets
2021-02-12 Tobias Brunnertls-socket: Don't fail reading if sending data failed
2021-02-12 Tobias Brunnertls-peer: Correctly handle classic ECDH key-share format
2021-02-12 Tobias Brunnertls-test: Add options to configure TLS versions
2021-02-12 Tobias Brunnertls-socket: Allow configuring both minimum and maximum...
2021-02-12 Tobias Brunnertls: Allow setting both minimum and maximum TLS versions
2021-02-12 Tobias Brunnertls-peer: Handle HelloRetryRequest
2021-02-12 Tobias Brunnertls-crypto: Add method to hash handshake data and use...
2021-02-12 Tobias Brunnertls-crypto: Destroy HKDF instance if keys are derived...
2021-02-12 Tobias Brunnertls-peer: Refactor writing of extensions and use less...
2021-02-12 Tobias Brunnertls-peer: Refactor sending/processing finished message
2021-02-12 Tobias Brunnertls-peer: Simply ignore certificate request context
2021-02-12 Tobias Brunnertls-peer: Use existing code to verify certificate and...
2021-02-12 Tobias Brunnertls-peer: Refactor parsing of TLS extensions
2021-02-12 Tobias Brunnertls-peer: Fix parsing of encrypted extensions
2021-02-12 Tobias Brunnertls-peer: Fix parsing of intermediate CA certificates
2021-02-12 Tobias Brunnertls-crypto: Rename methods to calculate finished message
2021-02-12 Tobias Brunnertls-crypto: Use internal PRF of tls-hkdf to generate...
2021-02-12 Tobias Brunnertls-hkdf: Add helper method to allocate data from the...
2021-02-12 Tobias Brunnertls-hkdf: Cleanups and refactorings
2021-02-12 Tobias Brunnertls-crypto: Simplify signature creation/verification
2021-02-12 Tobias Brunnertls-crypto: Simplify handshake/application key derivati...
2021-02-12 Tobias Brunnertls-hkdf: Make labels enum a proper type
2021-02-12 Tobias Brunnertls-peer: Support x25519/448 for TLS 1.2
2021-02-12 Tobias Brunnertls-crypto: Enumerate x25519/448 and rename constant...
2021-02-12 Tobias Brunnertls-crypto: Simplify hash algorithm handling
2021-02-12 Tobias Brunnertls-crypto: Delay instantiation of cipher suites
2021-02-12 Tobias Brunnertls-crypto: Filter TLS cipher suites by min/max version
2021-02-12 Tobias Brunnertls-crypto: Correctly filter cipher suites based on...
2021-02-12 Tobias Brunnertls-crypto: Use correct key length for ChaCha20/Poly1305
2021-02-12 Tobias Brunnerlibtls: Some code style fixes
2021-02-12 Tobias Brunnertls-test: Make address family configurable and simplify...
2021-02-12 bytinbitlibtls: Implement TLS 1.3 handshake on client-side
2021-02-12 Pascal Klibtls: Implement HKDF for TLS 1.3
2021-02-12 Tobias Brunnerlibtls: Add support to run unit tests with a custom...
2021-02-12 Tobias Brunnerlibtls: Add TLS 1.3 implementation of tls_aead_t
next