Student projects: Difference between revisions

From Libreswan
Jump to navigation Jump to search
(Libreswan managing interface project added to wiki)
No edit summary
 
(23 intermediate revisions by 7 users not shown)
Line 1: Line 1:
= Introduction =
= Introduction =


The Libreswan Project invites students to work on the libreswan code base. It offers mentoring for students. Please contact Paul Wouters if you are a student or school that is interested. For ideas of items to work on, please see [[ GSoC2018 ]]
The Libreswan Project invites students to work on the libreswan code base. It offers to mentor the students. Please contact Sahana Prasad or Paul Wouters if you are a student or school that is interested. For ideas of items to work on, please see [[GSoC]].


Below is a list of completed student projects. If you are interesting in participating as a student, please contact us.
Below is a list of student projects. If you are interested in participating as a student, please contact us.


= Current Projects =


* No projects in progress right now, contact team@libreswan.org if you are interested in doing a project.


= RFC 7427 Signature Authentication in the Internet Key Exchange Version 2 (IKEv2) =


* Student: Sahana Prasad - sponsored by Google Summer of Code 2017
* Project page: [[ Compliance of RFC 7427 - Signature Authentication in IKEv2 ]]
* Status: Initial framework implemented to support RSA v1.5 with SHA-1 signatures and RSA-PKK with SHA-2 signatures
* Code: Merged and released in libreswan 3.22, extended for authby=rsa-sha2 and RSA-PKK in 3.23


=== Code and Testing commits ===
= Completed Projects =


* https://github.com/libreswan/libreswan/commit/14c76638612226ab87f8fe14cb8b94282f729651
== Extend RFC 7427 Signature Authentication support to IKEv2 with EDDSA ==
* https://github.com/libreswan/libreswan/commit/0f69bb7d2d33c64739e83388e8a9e4d914a8971a
* https://github.com/libreswan/libreswan/commit/272301a82178ea1a2c8afd39f26e2e024ef21853


=RSA-PSS Support in compliance with RFC 7427 and RFC 8247=
* Student: Rishabh Kumar - sponsored by Google Summer of Code 2021
* Student: Sahana Prasad - sponsored by Google summer of code
* Project page: [[ Extend RFC-7427 Signature Authentication support to IKEv2 with EDDSA]]
* Project page: [[ RSA-PSS Support in compliance with RFC 7427 and RFC 8247]]
* Status: Waiting on NSS Library support for EDDSA. Support for EDDSA has been added to Libreswan as per RFC-8420.
* Status : Merged and released in Libreswan 3.25


=Extend RFC 7427 Signature Authentication support to IKEv2 with ECDSA=
== draft-ietf-ipsecme-ikev2-intermediate-04 Intermediate Exchange for IKEv2 ==


* Student: Sahana Prasad - sponsored by Google Summer of Code 2018
* Student: Yulia Kuzovkova - sponsored by Google Summer of Code 2020
* Project page: [[ Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA]]
* Project Page: [[ Intermediate Exchange ]]
* Status : Initial framework is implemented and is found to be partly working. Yet to overcome some issues to fully implement ECDSA.
* Status: merged in libreswan 4.0


== Interop testing using OpenBSD ==


= RFC 8229 TCP Encapsulation of IKE and IPsec Packets =
* Student: Ravi Teja - sponsored by Google Summer of Code 2020
* Project Page: [[ IKEv2_Interop_testing_with_OpenBSD ]]
* Status: merged and released in libreswan 4.0


* Student: Mayank Totale - sponsored by Google Summer of Code 2017
== IKEv2 Session Resumption ==
* Project Page: [[ GSOC 2017: Implementing RFC 8229 "TCP Encapsulation of IKE and IPsec Packets" for Libreswan ]]
* Status: Waiting on Linux kernel support for ESPinTCP. IKEinTCP code has been implemented in libreswan


=== Code and Testing commits ===
* Student: Nupur Agrawal - sponsored by Google Summer of Code 2020
* Project Page:  [[ Session Resumption ]]
* Status:: not yet merged


* https://github.com/mtotale/libreswan/commit/45ab9e00d76dad5950433c06ea9f5bb817e646fc
== Libreswan Opportunistic IPsec using LetsEncrypt ==


* Student: Rishabh - sponsored by Google Summer of Code 2019
* Project Page: [[ Libreswan Opportunistic IPsec using LetsEncrypt ]]
* Documentation page: [[ Documentation: Libreswan Opportunistic IPsec using LetsEncrypt ]]
* Status: Development Complete, Merged in [https://libreswan.org/wiki/Libreswan_Opportunistic_IPsec_using_LetsEncrypt#Source_code master branch]. Released in Libreswan [https://github.com/libreswan/libreswan/releases/tag/v3.30 v3.30].


= draft-ietf-ipsecme-qr-ikev2 Postquantum Preshared Keys for IKEv2 =
== RSA-PSS Support in compliance with RFC 7427 and RFC 8247 ==


* Student: Vukasin Karadzic - sponsored by The Libreswan Project in 2017
* Student: Sahana Prasad - sponsored by Google summer of code 2018
* Project Page: [[ Postquantum Preshared Keys ]]
* Project page: [[ RSA-PSS Support in compliance with RFC 7427 and RFC 8247]]
* Status: Passed vendor interop testing
* Status: Merged and released in Libreswan 3.25
* Code: Merged and released in libreswan 3.23


=== Code and Testing commits ===
== Extend RFC 7427 Signature Authentication support to IKEv2 with ECDSA ==


* https://github.com/libreswan/libreswan/commit/d8e0c68c0dc19d95dfcf19fec934e9dc69c293ac
* Student: Sahana Prasad - sponsored by Google Summer of Code 2017
* https://github.com/libreswan/libreswan/commit/b02c9d18b56c38abfe15bc4bc8b806ef3f758002
* Project page: [[ Extend RFC-7427 Signature Authentication support to IKEv2 with ECDSA]]
* Status: Merged and released in libreswan 3.27


 
== RFC 5685 IKEv2 Redirect Mechanism ==
= RFC 5685 IKEv2 Redirect Mechanism =


* Student: Vukasin Karadzic - sponsored by Google Summer of Code 2018
* Student: Vukasin Karadzic - sponsored by Google Summer of Code 2018
* Project Page: [[ RFC 5685 - Redirect Mechanism ]]
* Project Page: [[ RFC 5685 - Redirect Mechanism ]]
* Status: Code pending review
* Status: Merged and released in libreswan 3.28
 
== Libreswan Managing Interface ==


* Student: Rishabh - sponsored by Google Summer of Code 2018
* Project Page: [[ Libreswan Managing Interface ]]
* Status: Development complete, waiting for the release.


= Libreswan Managing Interface =
== RFC 7427 Signature Authentication in the Internet Key Exchange Version 2 (IKEv2) ==


* Student: Rishabh Chaudhary - sponsored by Google Summer of Code 2018
* Student: Sahana Prasad - sponsored by Google Summer of Code 2017
* Project page: [[ Libreswan Managing Interface ]]
* Project page: [[ Compliance of RFC 7427 - Signature Authentication in IKEv2 ]]
* Status: Development complete, waiting for release
* Status: Initial framework implemented to support RSA v1.5 with SHA-1 signatures and RSA-PKK with SHA-2 signatures
* Code: Merged and released in libreswan 3.22, extended for authby=rsa-sha2 and RSA-PKK in 3.23


=== Code and Testing commits ===
== RFC 8229 TCP Encapsulation of IKE and IPsec Packets ==


* https://github.com/Rishabh04-02/Libreswan-managing-interface
* Student: Mayank Totale - sponsored by Google Summer of Code 2017
* Project Page: [[ GSOC 2017: Implementing RFC 8229 "TCP Encapsulation of IKE and IPsec Packets" for Libreswan ]]
* Status: Waiting on Linux kernel support for ESPinTCP. IKEinTCP code has been implemented in libreswan
 
==  RFC 8784  Postquantum Preshared Keys for IKEv2 ==
 
* Student: Vukasin Karadzic - sponsored by The Libreswan Project in 2017
* Project Page: [[ Postquantum Preshared Keys ]]
* Status: Passed vendor interop testing
* Code: Merged and released in libreswan 3.23

Latest revision as of 20:56, 10 February 2022

Introduction

The Libreswan Project invites students to work on the libreswan code base. It offers to mentor the students. Please contact Sahana Prasad or Paul Wouters if you are a student or school that is interested. For ideas of items to work on, please see GSoC.

Below is a list of student projects. If you are interested in participating as a student, please contact us.

Current Projects

  • No projects in progress right now, contact team@libreswan.org if you are interested in doing a project.


Completed Projects

Extend RFC 7427 Signature Authentication support to IKEv2 with EDDSA

draft-ietf-ipsecme-ikev2-intermediate-04 Intermediate Exchange for IKEv2

  • Student: Yulia Kuzovkova - sponsored by Google Summer of Code 2020
  • Project Page: Intermediate Exchange
  • Status: merged in libreswan 4.0

Interop testing using OpenBSD

IKEv2 Session Resumption

  • Student: Nupur Agrawal - sponsored by Google Summer of Code 2020
  • Project Page: Session Resumption
  • Status:: not yet merged

Libreswan Opportunistic IPsec using LetsEncrypt

RSA-PSS Support in compliance with RFC 7427 and RFC 8247

Extend RFC 7427 Signature Authentication support to IKEv2 with ECDSA

RFC 5685 IKEv2 Redirect Mechanism

  • Student: Vukasin Karadzic - sponsored by Google Summer of Code 2018
  • Project Page: RFC 5685 - Redirect Mechanism
  • Status: Merged and released in libreswan 3.28

Libreswan Managing Interface

  • Student: Rishabh - sponsored by Google Summer of Code 2018
  • Project Page: Libreswan Managing Interface
  • Status: Development complete, waiting for the release.

RFC 7427 Signature Authentication in the Internet Key Exchange Version 2 (IKEv2)

  • Student: Sahana Prasad - sponsored by Google Summer of Code 2017
  • Project page: Compliance of RFC 7427 - Signature Authentication in IKEv2
  • Status: Initial framework implemented to support RSA v1.5 with SHA-1 signatures and RSA-PKK with SHA-2 signatures
  • Code: Merged and released in libreswan 3.22, extended for authby=rsa-sha2 and RSA-PKK in 3.23

RFC 8229 TCP Encapsulation of IKE and IPsec Packets

RFC 8784 Postquantum Preshared Keys for IKEv2

  • Student: Vukasin Karadzic - sponsored by The Libreswan Project in 2017
  • Project Page: Postquantum Preshared Keys
  • Status: Passed vendor interop testing
  • Code: Merged and released in libreswan 3.23