Ticket #1975 (closed enhancement: fixed)

Opened 11 months ago

Last modified 9 months ago

Add support to select elliptic curve and signature algorithm for TLS

Reported by: ming Owned by: bennylp
Priority: normal Milestone: release-2.6
Component: pjsip Version: trunk
Keywords: Cc:
Backport to 1.x milestone: Backported: no

Description

This ticket will add the following enhancements to TLS:

  1. selection of elliptic curve
  2. selection of signature algorithm
  3. reseeding of random with other entropy sources.

which may be useful to conform to NIAP protection profile.

Change History

comment:1 Changed 11 months ago by ming

  • Status changed from new to closed
  • Resolution set to fixed

In 5472:

Fixed #1975: Add support to select elliptic curve and signature algorithm for TLS

comment:2 Changed 10 months ago by ming

In 5483:

Re #1975: Add autoconf detection of OpenSSL elliptic curve and sigalg support

comment:3 Changed 9 months ago by riza

In 5517:

Re #1975:

  • Change autoconf detection in r5483 to compile time check.
  • Don't use tls1_ec_nid2curve_id()/tls1_ec_curve_id2nid() since they are not public API.

Thanks to Alexander Traud for the suggestions.

Note: See TracTickets for help on using tickets.