aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* Version bump to 5.5.1dr15.5.1dr1Andreas Steffen2016-08-103-4/+2464
|
* Merge branch 'newhope'Andreas Steffen2016-08-10137-925/+6559
|\
| * testing: Added swanctl/rw-newhope-bliss scenarioAndreas Steffen2016-08-1020-0/+212
| |
| * testing: Add chapoly, ntru and newhope plugins to crypto and integrity testsAndreas Steffen2016-08-103-3/+3
| |
| * testing: Added ikev2/rw-newhope-bliss scenarioAndreas Steffen2016-08-1024-1/+195
| |
| * unit-tests: Created newhope unit-testsAndreas Steffen2016-08-1010-7/+1339
| |
| * Created newhope plugin implementing the New Hope key exchange algorithmAndreas Steffen2016-08-1015-2/+1353
| |
| * xof: Added ChaCha20 stream as XOFAndreas Steffen2016-08-069-3/+311
| |
| * utils: Defined uletoh16() and htole16()Andreas Steffen2016-08-061-0/+42
| |
| * integrity-test: Added ntru_param_sets to read-only segmentAndreas Steffen2016-07-297-36/+96
| |
| * integrity-test: Added bliss_param_sets to read-only segmentAndreas Steffen2016-07-2914-63/+68
| |
| * integrity-test: check code and ro segments of libnttfftAndreas Steffen2016-07-298-32/+51
| |
| * Created libnttfftAndreas Steffen2016-07-2920-121/+261
| | | | | | | | | | This makes Number Theoretic Transforms (NTT) based on the efficient Fast-Fourier-Transform (FFT) available to multiple plugins.
| * Share twiddle factors table between 512 and 1024 point FFTAndreas Steffen2016-07-293-134/+14
| |
| * Implemented FFT with n = 1024 and q = 11289 using Montgomery arithmeticAndreas Steffen2016-07-293-8/+495
| |
| * bliss: Implemented FFT with fast Montgomery arithmeticAndreas Steffen2016-07-298-102/+294
| |
| * xof: Implemented SHAKE128 and SHAKE256 Extended Output FunctionsAndreas Steffen2016-07-2911-415/+1293
| |
| * xof: Defined Extended Output FunctionsAndreas Steffen2016-07-2914-5/+539
|/
* vici: Increased various string buffers to BUF_LEN (512 bytes)Andreas Steffen2016-07-292-5/+5
|
* integrity-test: Added charon-systemdAndreas Steffen2016-07-291-0/+4
|
* Added SHA-3 signature OIDsAndreas Steffen2016-07-261-1/+10
|
* libcharon: Add exchange_tests to .gitignoreTobias Brunner2016-07-251-0/+1
|
* unit-tests: Decreased loop count of FFT speed test to 10'000Andreas Steffen2016-07-221-1/+1
|
* unit-tests: Added bliss_fft_speed testAndreas Steffen2016-07-221-1/+42
|
* Merge branch 'tss2-sapi'Andreas Steffen2016-07-204-7/+11
|\
| * libtpmtss: Use pkconfig to configure TSS 2.0 includes and librariesAndreas Steffen2016-07-204-7/+11
|/
* ike1: Flush active queue when queueing a delete of the IKE_SATobias Brunner2016-07-191-0/+3
| | | | | | | | | | | By aborting the active task we don't have to wait for potential retransmits if the other peer does not respond to the current task. Since IKEv1 has no sequential message IDs and INFORMATIONALs are no real exchanges this should not be a problem. Fixes #1537 References #429, #1410 Closes strongswan/strongswan#48
* Version bump to 5.5.05.5.0Andreas Steffen2016-07-132-2/+2
|
* NEWS: Some updates for the 5.5.0 releaseTobias Brunner2016-07-111-4/+28
|
* Fixed some typos, courtesy of codespellTobias Brunner2016-07-045-5/+5
|
* testing: Remove obsolete openssl-fips recipeTobias Brunner2016-07-041-23/+0
| | | | | | This was only required when we initially started and OpenSSL was built from sources, which was changed with b97dd59ba841 ("install FIPS-aware OpenSSL Debian packages").
* Revert "testing: Only load selected plugins in swanctl"Tobias Brunner2016-07-011-4/+0
| | | | | | | This reverts commit dee01d019ba9743b2784b417155601d10c173a66. Thanks to 505c31870162 ("leak-detective: Try to properly free allocations after deinitialization") this is not required anymore.
* Version bump to 5.5.0rc15.5.0rc1Andreas Steffen2016-06-302-1/+7
|
* imcv: Added EFI HCRTM eventAndreas Steffen2016-06-301-2/+7
|
* testing: Version bump to 4.6.3 kernel and strongSwan 5.5.0Andreas Steffen2016-06-302-3/+2435
|
* aikgen: Fix computation of key ID of the AIK public keyTobias Brunner2016-06-301-7/+8
| | | | We don't have direct access to the modulus and exponent of the key anymore.
* libtpmtss: Define missing Doxygen group and fix some commentsTobias Brunner2016-06-305-7/+9
|
* libimcv: Fix Doxygen commentTobias Brunner2016-06-301-1/+1
|
* testing: Add ikev1/net2net-esn scenarioTobias Brunner2016-06-299-0/+117
|
* ikev1: Add support for extended sequence numbersThomas Egerer2016-06-291-3/+17
| | | | Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
* plugin-loader: Allow selective modification of the default plugin listTobias Brunner2016-06-291-10/+24
| | | | | | | This change allows selectively modifying the default plugin list by setting the `load` setting of individual plugins (e.g. to disable them or to change their priority) without enabling charon.load_modular and having to configure a section and a load statement for every plugin.
* Merge branch 'openssl-1.1.0'Tobias Brunner2016-06-2917-108/+372
|\ | | | | | | | | | | This adds support for OpenSSL 1.1.0. Several APIs have changed and it makes all types opaque, which requires using new getter/setter functions. For older versions fallbacks are provided.
| * leak-detective: Try to properly free allocations after deinitializationTobias Brunner2016-06-291-0/+13
| | | | | | | | | | | | | | | | If a function we whitelist allocates memory while leak detective is enabled but only frees it after LD has already been disabled, free() will get called with invalid pointers (not pointing to the actually allocated memory by LD), which will cause checks in the C library to fail and the program to crash. This tries to detect such cases and calling free with the correct pointer.
| * openssl: Whitelist OPENSSL_init_crypto() and others in leak detectiveTobias Brunner2016-06-291-0/+4
| | | | | | | | | | | | | | | | | | Lots of static data is allocated in this function, which isn't freed until the library is unloaded (we can't call OPENSSL_cleanup() as initialization would fail when calling it again later). When enabling the leak detective the test runner eventually crashes as all the data allocated during initialization has an invalid size when freed after leak detective has been unloaded.
| * openssl: Update GCM/crypter API to OpenSSL 1.1.0Tobias Brunner2016-06-291-13/+13
| |
| * openssl: Update HMAC API to OpenSSL 1.1.0Tobias Brunner2016-06-291-9/+25
| |
| * openssl: Don't use deprecated RAND_pseudo_bytes()Tobias Brunner2016-06-291-7/+0
| |
| * openssl: Update PKCS#12 API to OpenSSL 1.1.0Tobias Brunner2016-06-291-1/+5
| |
| * openssl: Update PKCS#7 API to OpenSSL 1.1.0Tobias Brunner2016-06-291-3/+7
| |
| * openssl: Update CRL API to OpenSSL 1.1.0Tobias Brunner2016-06-291-7/+42
| | | | | | | | | | | | There is currently no way to compare the outer and inner algorithms encoded in a parsed CRL. X509_CRL_verify() does not seem to check that either, though (unlike X509_verify()).
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-03 16:01:41 +0000