Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

rats-tls/crypto_wrappers: support minimal set of hash functions #147

Merged
merged 1 commit into from
Feb 1, 2023
Merged

rats-tls/crypto_wrappers: support minimal set of hash functions #147

merged 1 commit into from
Feb 1, 2023

Conversation

imlk0
Copy link
Collaborator

@imlk0 imlk0 commented Jan 28, 2023

In previous implements of Interoperable RA-TLS, we can only generate & verify pubkey-hash in sha-256 format. This commit brings support for verifying pubkey-hash minimal set of hash functions: sha-256 (ID 1), sha-384 (ID 7) and sha-512 (ID 8). Note that we are still only able to generate pubkey-hash in sha-256 format in RATS-TLS.

In addition, in this commit, we moved part of the code from openssl/un_negotiate.c to tls_wrapper_verify_certificate_extension.c to reduce coupling.

Signed-off-by: Kun Lai me@imlk.top

@imlk0

This comment was marked as resolved.

Sign in to view
@imlk0 imlk0 force-pushed the interoperable-ra-tls-update-2 branch from 499c188 to 5d44584 Compare January 28, 2023 08:39
@imlk0 imlk0 mentioned this pull request Jan 28, 2023
Open
6 tasks
@imlk0 imlk0 force-pushed the interoperable-ra-tls-update-2 branch 3 times, most recently from 42a16e8 to 6441a7c Compare January 31, 2023 07:19
YangLiang3
YangLiang3 reviewed Feb 1, 2023
View reviewed changes
Copy link
Collaborator

@YangLiang3 YangLiang3 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

others, LGTM

src/tls_wrappers/nulltls/negotiate.c Outdated Show resolved Hide resolved
@imlk0
rats-tls/crypto_wrappers: support minimal set of hash functions
70e557f 
In previous implements of Interoperable RA-TLS, we can only generate &
verify pubkey-hash in sha-256 format. This commit brings support for
verifying pubkey-hash minimal set of hash functions: sha-256 (ID 1),
sha-384 (ID 7) and sha-512 (ID 8). Note that we are still only able to
generate pubkey-hash in sha-256 format in RATS-TLS.

In addition, in this commit, we moved part of the code from
openssl/un_negotiate.c to tls_wrapper_verify_certificate_extension.c
to reduce coupling.

Signed-off-by: Kun Lai <me@imlk.top>
@imlk0 imlk0 force-pushed the interoperable-ra-tls-update-2 branch from 6441a7c to 70e557f Compare February 1, 2023 06:54
@haosanzi haosanzi merged commit 888c337 into inclavare-containers:master Feb 1, 2023
@imlk0 imlk0 mentioned this pull request Feb 1, 2023
Closed
15 tasks
@imlk0 imlk0 mentioned this pull request Mar 10, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@haosanzi haosanzi haosanzi approved these changes

@YangLiang3 YangLiang3 YangLiang3 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@imlk0 @haosanzi @YangLiang3