DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

Suite B: Add tls_suiteb=1 parameter for RSA 3k key case

Browse source 
This adds phase1 parameter tls_suiteb=1 into wpa_supplicant
configuration to allow TLS library (only OpenSSL supported for now) to
use Suite B 192-bit level rules with RSA when using >= 3k (3072) keys.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Jouni Malinen 2017-09-17 00:09:47 +03:00 committed by Jouni Malinen
parent 5030d7d9fd
commit 60ed2f24eb
4 changed files with 52 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/eap_peer/eap_tls_common.c
View file

@ -84,6 +84,10 @@ static void eap_tls_params_flags(struct tls_connection_params *params,
params->flags |= TLS_CONN_EXT_CERT_CHECK;
if (os_strstr(txt, "tls_ext_cert_check=0"))
params->flags &= ~TLS_CONN_EXT_CERT_CHECK;
if (os_strstr(txt, "tls_suiteb=1"))
params->flags |= TLS_CONN_SUITEB;
if (os_strstr(txt, "tls_suiteb=0"))
params->flags &= ~TLS_CONN_SUITEB;
}