On Thu, 2019-04-11 at 22:14 +0200, Nikos Mavrogiannopoulos wrote: > Do you really want to implement crypto in openconnect?
Hell no. I'm not *that* insane. This is the same core AES-CBC + SHA1 stitched implementation that is used in OpenSSL. It's generic enough to do what ESP needs; it's just that OpenSSL doesn't expose it in its generic form. It's providing basically the same CBC and SHA1 primitives that I'm using in the existing openssl-esp.c and gnutls-esp.c implementations; just that it does them both at once in the same function call.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ openconnect-devel mailing list [email protected] http://lists.infradead.org/mailman/listinfo/openconnect-devel
