New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add HMAC SHA2-256, HMAC SHA2-384, HMAC SHA2-512 support #294

Merged
merged 5 commits into from Oct 18, 2017

Conversation

Projects
None yet
3 participants
@moatazelmasry2
Member

moatazelmasry2 commented Jan 23, 2017

Implements RFC 4868 for the mentioned HMAC SHA2.
Further, IKEv1 and OpenVPN now support those Hash algorithms

@moatazelmasry2

This comment has been minimized.

Show comment
Hide comment
@moatazelmasry2

moatazelmasry2 Feb 2, 2017

Member

I choose option 1
Thanks

Member

moatazelmasry2 commented Feb 2, 2017

I choose option 1
Thanks

@dnobori dnobori merged commit c323102 into SoftEtherVPN:master Oct 18, 2017

@dnobori

This comment has been minimized.

Show comment
Hide comment
@dnobori

dnobori Oct 18, 2017

Member

Thank you so much for your contribution to enrich the SoftEther VPN source code.

Your patch has been merged on the main source-tree of SoftEther VPN.

As a token of our gratitude, your GitHub username will be added on the AUTHORS.TXT file and on the header of the related source file.
(It will be done within a few days.)
https://github.com/SoftEtherVPN/SoftEtherVPN/blob/master/AUTHORS.TXT

Thanks again for your contribution.

Member

dnobori commented Oct 18, 2017

Thank you so much for your contribution to enrich the SoftEther VPN source code.

Your patch has been merged on the main source-tree of SoftEther VPN.

As a token of our gratitude, your GitHub username will be added on the AUTHORS.TXT file and on the header of the related source file.
(It will be done within a few days.)
https://github.com/SoftEtherVPN/SoftEtherVPN/blob/master/AUTHORS.TXT

Thanks again for your contribution.

@r4j4h

This comment has been minimized.

Show comment
Hide comment
@r4j4h

r4j4h Jun 30, 2018

@dnobori @moatazelmasry2 @zulzardi @GildedHonour I think this awesome change and #309 and #343 ought to be reflected on the public website's features page section 3.3:

https://www.softether.org/1-features/3._Security_and_Reliability#3.3._Supporting_Many_Cipher_Standards

and also

http://www.softether.org/4-docs/1-manual/2._SoftEther_VPN_Essential_Architecture/2.1_VPN_Communication_Protocol#2.1.4_Encrypted_Communication_Security

I do not see where the site's code is maintained otherwise I would love to submit a patch, so I figured the least I could do was throw out the idea in hopes that someone can do it or raise discussion about it. I think it would help raise user awareness to help trend towards stronger security everywhere, and perhaps help convince someone to choose SoftEther by seeing the up-to-date support.

r4j4h commented Jun 30, 2018

@dnobori @moatazelmasry2 @zulzardi @GildedHonour I think this awesome change and #309 and #343 ought to be reflected on the public website's features page section 3.3:

https://www.softether.org/1-features/3._Security_and_Reliability#3.3._Supporting_Many_Cipher_Standards

and also

http://www.softether.org/4-docs/1-manual/2._SoftEther_VPN_Essential_Architecture/2.1_VPN_Communication_Protocol#2.1.4_Encrypted_Communication_Security

I do not see where the site's code is maintained otherwise I would love to submit a patch, so I figured the least I could do was throw out the idea in hopes that someone can do it or raise discussion about it. I think it would help raise user awareness to help trend towards stronger security everywhere, and perhaps help convince someone to choose SoftEther by seeing the up-to-date support.

davidebeatrici added a commit to davidebeatrici/SoftEtherVPN that referenced this pull request Sep 10, 2018

Proto_IkePacket.c: fix SHA-256, SHA-384 and SHA-512 implementation
Pull request SoftEtherVPN#294 added SHA-256, SHA-384, and SHA-512 support to the protocol, but part of it was removed in faee11f, presumably because it broke C89 compatibility.

This commit fixes and improves the IkeHMac() function.

davidebeatrici added a commit to davidebeatrici/SoftEtherVPN that referenced this pull request Sep 11, 2018

Proto_IkePacket.c: fix and improve IkeHMac() function
Pull request SoftEtherVPN#294 added SHA-256, SHA-384, and SHA-512 support to the protocol, but part of it was removed in faee11f, because it caused a buffer over-read crash.

It also broke the MD5 implementation because the switch-case block didn't handle the type anymore.

This pull request fixes all the implementations and improves the IkeHMac() function by using the dedicated hashing functions.

davidebeatrici added a commit to davidebeatrici/SoftEtherVPN that referenced this pull request Sep 11, 2018

Proto_IkePacket.c: fix and improve IkeHMac() function
Pull request SoftEtherVPN#294 added SHA-256, SHA-384, and SHA-512 support to the protocol, but part of it was removed in faee11f, because it caused a buffer over-read crash.

It also broke the MD5 implementation because the switch-case block didn't handle the type anymore.

This pull request fixes all the implementations and improves the IkeHMac() function by using the dedicated hashing functions.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment