aboutsummaryrefslogtreecommitdiffstats
path: root/src/tls/tlsv1_common.c
diff options
context:
space:
mode:
authorJouni Malinen <j@w1.fi>2011-11-27 19:45:07 (GMT)
committerJouni Malinen <j@w1.fi>2011-11-27 19:45:07 (GMT)
commitca84eed7ad13dc23bd5363aaa1fd5ed34b3bb5e3 (patch)
tree3f0d4132c27e57830805da0d12f7a4323eb3599d /src/tls/tlsv1_common.c
parentbcf03f52099e0b306e4c8f747958b0f929861b49 (diff)
downloadhostap-ca84eed7ad13dc23bd5363aaa1fd5ed34b3bb5e3.zip
hostap-ca84eed7ad13dc23bd5363aaa1fd5ed34b3bb5e3.tar.gz
hostap-ca84eed7ad13dc23bd5363aaa1fd5ed34b3bb5e3.tar.bz2
TLS: Add build configuration for TLS v1.2 support
This allows the internal TLS implementation to be built for TLS v1.2 support. In addition to the build option, this changes the TLS PRF based on the negotiated version number. Though, this commit does not yet complete support for TLS v1.2. Signed-hostap: Jouni Malinen <j@w1.fi>
Diffstat (limited to 'src/tls/tlsv1_common.c')
-rw-r--r--src/tls/tlsv1_common.c15
1 files changed, 15 insertions, 0 deletions
diff --git a/src/tls/tlsv1_common.c b/src/tls/tlsv1_common.c
index a9ffc10..19c50c2 100644
--- a/src/tls/tlsv1_common.c
+++ b/src/tls/tlsv1_common.c
@@ -16,6 +16,7 @@
#include "common.h"
#include "crypto/sha1.h"
+#include "crypto/sha256.h"
#include "x509v3.h"
#include "tlsv1_common.h"
@@ -250,6 +251,10 @@ int tls_version_ok(u16 ver)
if (ver == TLS_VERSION_1_1)
return 1;
#endif /* CONFIG_TLSV11 */
+#ifdef CONFIG_TLSV12
+ if (ver == TLS_VERSION_1_2)
+ return 1;
+#endif /* CONFIG_TLSV12 */
return 0;
}
@@ -262,6 +267,8 @@ const char * tls_version_str(u16 ver)
return "1.0";
case TLS_VERSION_1_1:
return "1.1";
+ case TLS_VERSION_1_2:
+ return "1.2";
}
return "?";
@@ -271,6 +278,14 @@ const char * tls_version_str(u16 ver)
int tls_prf(u16 ver, const u8 *secret, size_t secret_len, const char *label,
const u8 *seed, size_t seed_len, u8 *out, size_t outlen)
{
+#ifdef CONFIG_TLSV12
+ if (ver >= TLS_VERSION_1_2) {
+ tls_prf_sha256(secret, secret_len, label, seed, seed_len,
+ out, outlen);
+ return 0;
+ }
+#endif /* CONFIG_TLSV12 */
+
return tls_prf_sha1_md5(secret, secret_len, label, seed, seed_len, out,
outlen);
}