Commit Graph

12 Commits

Author SHA1 Message Date
Johannes Bauer
3e5c7d541c Implement actual lookup of luksrku entry
Now with a proper UUID the PSK is looked up from the key database.
2019-10-23 15:28:38 +02:00
Johannes Bauer
d70bd1f672 TLS-PSK connection is working in TLSv1.3
Apparently, I need to spell out "-ciphersuites
TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384" in the openssl
s_client command, or it simply will not work.
2019-10-23 14:28:42 +02:00
Johannes Bauer
969eae12c7 Started with server implementation
Running into issues with TLSv1.3-PSK. Connection establishment does not
work at the moment.
2019-10-23 13:18:51 +02:00
Johannes Bauer
667ff55af1 Integrate editor properly from command line
Now have a way to invoke the editor functionality from the command line
and also provisions to include the server and client parsers.
2019-10-23 11:34:40 +02:00
Johannes Bauer
ecbf3827ca Integrate current state-of-affairs into luksrku
Now integrated into the official Makefile. All functionality is broken
(was for a while), but it's progress nevertheless.
2019-10-23 09:39:40 +02:00
Johannes Bauer
73ab437fc9 Include tags in released version number
We want the displayed version number to contain tags, so add it to the
Makefile option.
2019-10-19 15:06:39 +02:00
Johannes Bauer
363fc70f1c Use pkg-config and have git-based version number
Use pkg-config to find OpenSSL headers and library. Use "git describe"
to determine current version.
2019-10-19 14:47:54 +02:00
Johannes Bauer
781b10c0c9 Assume system-wide installed OpenSSL v1.1
After Debian has pretty much migrated to v1.1, we now assume that
OpenSSL is preinstalled system-wide -- it's not experimental anymore.
Currently we assume it's preinstalled in /usr/local.
2018-01-16 18:59:50 +01:00
Johannes Bauer
8b892e3347 Update OpenSSL version and change sig algs
While the PSK cipher suites do not use any ECDHE/RSA signatures, in the
future someone may change the code. In that case, as a robustness
measure, already set the acceptable signature algorithms now.
Additionally upgrade to OpenSSL v1.1.0e and include the comment to
include X448 once it becomes available for TLS ECDHE (it's not yet,
unfortunately).
2017-03-07 21:40:21 +01:00
Johannes Bauer
8f2dabc053 Change to build against OpenSSL 1.1.0b
Critical CVE in 1.1.0a, upgrade immediately.
2016-09-27 21:18:25 +02:00
Johannes Bauer
f2f6d091e1 Have a fairly decent help page
Reused the help page generator from luksipc.
2016-09-24 11:16:58 +02:00
Johannes Bauer
2df69508aa Initial import 2016-09-22 20:40:58 +02:00