Amazing-Mirror/fragattacks
1
0
Fork 0
mirror of https://github.com/vanhoefm/fragattacks.git synced 2024-12-11 08:38:19 -05:00
Code Issues Projects Releases Wiki Activity
7,434 Commits 1 Branch 29 Tags 27 MiB
92b5b371b6
Commit Graph

16 Commits

Author SHA1 Message Date
Jouni Malinen
2049a3c874 TLS: Use os_memcmp_const() for hash/password comparisons 
This makes the implementation less likely to provide useful timing
information to potential attackers from comparisons of information
received from a remote device and private material known only by the
authorized devices.

Signed-off-by: Jouni Malinen <j@w1.fi>
 2014-07-02 12:38:47 +03:00
Jouni Malinen
f5bbb2f284 TLS client: Reject RSA-DHE prime if it shorter than 768 bits 
Such short primes cannot really be considered secure enough for
authentication purposes.

Signed-off-by: Jouni Malinen <j@w1.fi>
 2014-03-16 12:43:37 +02:00
Jouni Malinen
f3ef7a2640 TLS client: Send decrypt_error on verify_data validation error 
Previously, this was silently dropped which left the connection waiting
for timeout. decrypt_error alert can be used here to avoid that.

Signed-off-by: Jouni Malinen <j@w1.fi>
 2014-03-09 18:21:13 +02:00
Jouni Malinen
129b9b991a TLS: Share a helper function for verifying Signature 
This same design is used in both the server and the client roles in the
internal TLS implementation. Instead of duplicated implementation, use a
helper function.

Signed-off-by: Jouni Malinen <j@w1.fi>
 2014-03-09 17:11:58 +02:00
Jouni Malinen
6531963584 TLS: Use a helper function for calculating ServerKeyExchange hash 
Instead of separate server and client side implementations, use a common
set of helper functions for calculating the ServerParams hash for
ServerKeyExchange.

Signed-off-by: Jouni Malinen <j@w1.fi>
 2014-03-09 16:26:27 +02:00
Jouni Malinen
65074a2a7c TLS: Add support for DHE-RSA cipher suites 
This extends the internal TLS implementation to support DHE-RSA
cipher suites in both server and client roles.

Signed-off-by: Jouni Malinen <j@w1.fi>
 2014-03-09 15:43:50 +02:00
Jouni Malinen
0f3d578efc Remove the GPL notification from files contributed by Jouni Malinen 
Remove the GPL notification text from the files that were
initially contributed by myself.

Signed-hostap: Jouni Malinen <j@w1.fi>
 2012-02-11 19:39:36 +02:00
Jouni Malinen
1622b331f6 TLS: Update file headers to include TLS v1.2 support 
Signed-hostap: Jouni Malinen <j@w1.fi>
 2011-11-27 22:13:52 +02:00
Jouni Malinen
949b2e1f61 TLS: Add SHA256-based verify_data derivation for TLS v1.2 
Signed-hostap: Jouni Malinen <j@w1.fi>
 2011-11-27 22:08:28 +02:00
Jouni Malinen
d0485a6208 TLS: Pass version to tls_prf() in preparation for new PRFs 
Signed-hostap: Jouni Malinen <j@w1.fi>
 2011-11-27 21:35:11 +02:00
Jouni Malinen
ebe4e8f814 TLS: Add helper functions for version number handling 
Signed-hostap: Jouni Malinen <j@w1.fi>
 2011-11-27 21:20:18 +02:00
Jouni Malinen
5c47af9a7a TLS: Add support for TLS v1.1 (RFC 4346) with internal TLS 
This is disabled by defautl and can be enabled with CONFIG_TLSV11=y
build configuration parameter.
 2011-09-25 17:24:46 +03:00
Jouni Malinen
235279e777 TLS: Add support for tls_disable_time_checks=1 in client mode 
This phase1 parameter for TLS-based EAP methods was already supported
with GnuTLS and this commit extends that support for OpenSSL and the
internal TLS implementation.
 2011-07-05 11:29:42 +03:00
Jouni Malinen
03da66bd59 Remove src/crypto from default include path 
In addition, start ordering header file includes to be in more
consistent order: system header files, src/utils, src/*, same
directory as the *.c file.
 2009-11-29 23:04:43 +02:00
Jouni Malinen
fa2ec7eb63 Silenced compiler warnings on size_t printf format and shadowed variables 2008-09-27 10:46:06 +03:00
Jouni Malinen
6fc6879bd5 Re-initialize hostapd/wpa_supplicant git repository based on 0.6.3 release 2008-02-27 17:34:43 -08:00