[Openvpn-devel] [PATCH] Keying Material Exporter [RFC 5705]

TLS keying material exporters allow additional keying material to be derived from existing TLS channel. This exported keying material can then be used for a variety of purposes. - Changes in the patch are made on to of crypto layer and that's reason why they should work for both crypto backends

[Openvpn-devel] [PATCH] Channel Binding Key based on Keying Material Exporters [RFC 5705]

Channel Binding Key based on TLS Keying Material Exporters [RFC 5705 ] allow additional keying material to be derived from existing TLS channel. This exported keying material can then be used for a variety of purposes. TLS allows client and server to establish keying material for use in the upper

[Openvpn-devel] [PATCH] Keying Material Exporters [RFC 5705]

TLS Keying Material Exporters [RFC 5705 ] allow additional keying material to be derived from existing TLS channel. This exported keying material can then be used for a variety of purposes. TLS allows client and server to establish keying material for use in the upper layers between the TLS

Re: [Openvpn-devel] [PATCH] Keying Material Exporter [RFC 5705]

gs, * packet encryption, packet authentication, and * packet compression. * * Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sa...@openvpn.net> * Copyright (C) 2010 Fox Crypto B.V. <open...@fox-it.com> * Copyright (C) 2008-2013 David Sommerseth <d...@use

Re: [Openvpn-devel] [PATCH] Keying Material Exporter [RFC 5705]

pto B.V. <open...@fox-it.com> * Copyright (C) 2008-2013 David Sommerseth <d...@users.sourceforge.net> + * Copyright (C) 2014 Daniel Kubec <n...@rtfm.cz> * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU Gene

Re: [Openvpn-devel] [PATCH] Keying Material Exporters [RFC 5705]

ved when crypto backend support ( currently openssl >= 1.0.2 ) >From b577afe5c076b9f93ff6112c9efb7966f32f86a3 Mon Sep 17 00:00:00 2001 From: Daniel Kubec <n...@rtfm.cz> List-Post: openvpn-devel@lists.sourceforge.net Date: Thu, 24 Apr 2014 18:17:17 +0200 Subject: [PATCH 1/1] Channel

[Openvpn-devel] [PATCH] Keying Material Exporters [RFC 5705]

rom d6c231cae830e1045c2debdb04a166e4b81f363e Mon Sep 17 00:00:00 2001 From: Daniel Kubec <n...@rtfm.cz> List-Post: openvpn-devel@lists.sourceforge.net Date: Wed, 14 May 2014 12:37:30 +0200 Subject: [PATCH 1/2] TLS Keying Material Exporters [RFC 5705] allows additional keying material to be derived from existing TL

[Openvpn-devel] [PATCH] Add support for Keying Material Exporter [RFC 5705]

:00:00 2001 From: Daniel Kubec <n...@rtfm.cz> List-Post: openvpn-devel@lists.sourceforge.net Date: Mon, 26 May 2014 14:55:32 +0200 Subject: [PATCH] Added support for TLS Keying Material Exporters [RFC 5705]. Keying Material Exporter allow additional keying material to be derived from exi

Re: [Openvpn-devel] [PATCH] Add support for Keying Material Exporter [RFC 5705]

ORTER". This option requires OpenSSL 1.0.1 or newer. Regards Daniel On Thu, Jun 05, 2014 at 11:28:16PM +0200, David Sommerseth wrote: > On 26/05/14 15:25, Daniel Kubec wrote: > > Add support for TLS Keying Material Exporters [RFC 5705]. > > > > Keying Material Exporter a

Re: [Openvpn-devel] Add support for Keying Material Exporter [RFC 5705]

n Mon, Feb 23, 2015 at 04:51:34PM +0100, Daniel Kubec wrote: >>>> Keying Material Exporter [RFC 5705] Patch rebased to actual >>>> master branch. >> >>> There definitely needs to be much(!) more documentation about >>> this, maybe an extra .txt file

Re: [Openvpn-devel] Add support for Keying Material Exporter [RFC 5705]

melig.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On 02/03/15 01:03, daniel kubec wrote: >> Greetings Steffan, David and Gert >> >> Thank you very much for your comments. >> >> 1) log level switched to D_TLS_DEBUG_MED 2) ekm_size re

Re: [Openvpn-devel] Add support for Keying Material Exporter [RFC 5705]

or "crypto/authentication" plugin developers and they should know what they are doing. Maybe Let's try to discuss that using IRC. Daniel On 6 March 2015 at 19:45, Gert Doering <g...@greenie.muc.de> wrote: > Hi, > > On Mon, Mar 02, 2015 at 01:03:38AM +0100, daniel kubec wrote:

Re: [Openvpn-devel] Add support for Keying Material Exporter [RFC 5705]

ought (D)TLS channel and/or app layer. Daniel On 9 March 2015 at 20:02, Gert Doering <g...@greenie.muc.de> wrote: > Hi, > > On Mon, Mar 09, 2015 at 07:26:28PM +0100, daniel kubec wrote: >> It is actually well defines mechanism for "crypto/authentication" >> p

Re: [Openvpn-devel] Add support for Keying Material Exporter [RFC 5705]

about some real example with doc/specs based on existing general mechanism and references in doc/keying-material-exporter.txt Best Regards Daniel On 10 March 2015 at 09:08, Gert Doering <g...@greenie.muc.de> wrote: > Hi, > > On Mon, Mar 09, 2015 at 08:46:10PM +0100, daniel kubec wro

Re: [Openvpn-devel] Add support for Keying Material Exporter [RFC 5705]

Hi Gert, Steffan and David ! There is Sample HTTP (SSO) OpenVPN Plugin with http.client.py and http-server.py scripts based on OpenVPN's RFC-5705 support. OpenVPN plugin examples.Daniel Kubec <n...@rtfm.cz> Examples provided: sso.c -- HTTP (SSO) Example

Re: [Openvpn-devel] Fwd: Add support for Keying Material Exporter [RFC 5705]

Hi David, Thank You for your comments. It makes sense to me. Can you apply your fixes into patches or it's up to me ? King Regards Daniel On 9 October 2015 at 17:27, David Sommerseth <openvpn.l...@topphemmelig.net> wrote: > On 23/02/15 17:02, daniel kubec wrote: >> -

Re: [Openvpn-devel] Fwd: Add support for Keying Material Exporter [RFC 5705]

Ok, Thank You for these changes :) Daniel On 9 October 2015 at 18:09, David Sommerseth <openvpn.l...@topphemmelig.net> wrote: > On 09/10/15 17:54, daniel kubec wrote: >> Hi David, >> >> Thank You for your comments. It makes sense to me. >> Can you apply your fi

[Openvpn-devel] Exported keying material is always sizeof(unsigned char*)

rom 65c273f4d2eb63a26d270b870e303d5eff99cd0a Mon Sep 17 00:00:00 2001 From: Daniel Kubec <n...@rtfm.cz> List-Post: openvpn-devel@lists.sourceforge.net Date: Wed, 27 Apr 2016 07:40:31 +0200 Subject: [PATCH 1/1] Exported keying material is always sizeof(unsigned char *) There is patch

Re: [Openvpn-devel] travis-ci (smoke testing)

I am very fascinated - Travis is super cool :-) I building and even running / testing (qemu userland emulation) quite complex build matrix. clang/gcc several OSX/Version + multiple sdk version, Win32/64, Linux + sdk on many architectures. Actually building my kbuild build system fork on x86_32,