Opened 3 years ago

Closed 3 years ago

Last modified 3 years ago

#1975 closed enhancement (fixed)

Add support to select elliptic curve and signature algorithm for TLS

Reported by: ming Owned by: bennylp
Priority: normal Milestone: release-2.6
Component: pjsip Version: trunk
Keywords: Cc:
Backport to 1.x milestone: Backported: no

Description

This ticket will add the following enhancements to TLS:

  1. selection of elliptic curve
  2. selection of signature algorithm
  3. reseeding of random with other entropy sources.

which may be useful to conform to NIAP protection profile.

Change History (3)

comment:1 Changed 3 years ago by ming

  • Resolution set to fixed
  • Status changed from new to closed

In 5472:

Fixed #1975: Add support to select elliptic curve and signature algorithm for TLS

comment:2 Changed 3 years ago by ming

In 5483:

Re #1975: Add autoconf detection of OpenSSL elliptic curve and sigalg support

comment:3 Changed 3 years ago by riza

In 5517:

Re #1975:

  • Change autoconf detection in r5483 to compile time check.
  • Don't use tls1_ec_nid2curve_id()/tls1_ec_curve_id2nid() since they are not public API.

Thanks to Alexander Traud for the suggestions.

Note: See TracTickets for help on using tickets.