Closed bytinbit closed 4 years ago
It's actually RFC 8446 :)
SignatureScheme
is currently not explicitly represented. The signature schemes are mapped via tls_crypto_t::get_signature_algorithms()
.
NamedGroup
is tls_named_curve_t
in tls_crypto.h
. There is also a map (called curves
) in tls_crypto.c
that maps these to DH group identifiers used otherwise in strongSwan.
CertificateType
isn't really necessary as only X.509 (0) is supported.
If I may, a quick note about #2 and the associated commit. Please start the first line of the commit message with libtls:
(given it changes code in src/libtls
, for the test script use tls-test:
) followed by a short description that starts with an upper case letter (for instance, in this case it would be something like libtls: Add TLS 1.3 constants
). Also, for pretty much every enum there is one or more enum_name_t
, which contain strings for logging these constants (they are defined in the *.c
files of the same name). Please update them too if you add values to the enums.
Aufwandschätzung: soll=5 Stunden ist=
Three enums are specified in rfc 8446:
SignatureScheme
,NamedGroup
,CertificateType
. However, their location couldn't be found in the existing code and must be verified with the project maintainers. They haven't been implemented so far.edit: corrected rfc name