]> git.ipfire.org Git - thirdparty/strongswan.git/commit
projects / thirdparty / strongswan.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 519bc22) | patch
openssl: PRF_KEYED_SHA1 might not be supported
authorTobias Brunner <tobias@strongswan.org>
Thu, 24 Feb 2022 13:50:25 +0000 (14:50 +0100)
committerTobias Brunner <tobias@strongswan.org>
Thu, 14 Apr 2022 17:05:44 +0000 (19:05 +0200)
commit13efce489e594e5a781ad9ad9b92235c92270745
tree4fa52b384248b6ee6c0755f2dc91cdeb9181de96tree
parent519bc22091b6bb56abed86f86013a527250fe9eecommit | diff
openssl: PRF_KEYED_SHA1 might not be supported

The old API has been deprecated with OpenSSL 3 and direct access to the
state isn't possible via EVP API.  In the future we might just remove this
implementation but we'd probably have to implement EAP-AKA' first, which
uses HMAC-SHA-256 with IKEv2's prf+ construct to derive keys instead
of this weird construct (plus what fips-prf builds around it) that's used
by EAP-AKA.
src/libstrongswan/plugins/openssl/openssl_plugin.c diff | blob | blame | history
src/libstrongswan/plugins/openssl/openssl_sha1_prf.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.