aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/sa/ikev2/keymat_v2.c
Commit message (Collapse)AuthorAgeFilesLines
* ikev2: AES-CMAC-PRF-128 only uses the first 64 bits of each nonceTobias Brunner2017-07-271-2/+5
| | | | References #2377.
* keymat: Allow keymat to modify signature scheme(s)Thomas Egerer2017-02-081-2/+4
| | | | Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
* ikev2: Send derived IKE_SA keys to busTobias Brunner2016-10-041-26/+30
|
* Use standard unsigned integer typesAndreas Steffen2016-03-241-10/+10
|
* ikev2: Fix size of key material for CAMELLIA-CTRTobias Brunner2015-10-301-0/+1
| | | | Like AES in CTR mode it includes a 4 byte nonce.
* ikev2: Derive additional 4 byte CHILD_SA nonce keymat for ChaCha20-Poly1305Martin Willi2015-06-291-0/+1
|
* ikev2: Use four byte salt for ChaCha20-Poly1305 AEADMartin Willi2015-06-291-0/+1
|
* aead: Create AEAD using traditional transforms with an explicit IV generatorMartin Willi2015-04-131-4/+11
| | | | | | Real AEADs directly provide a suitable IV generator, but traditional crypters do not. For some (stream) ciphers, we should use sequential IVs, for which we pass an appropriate generator to the AEAD wrapper.
* diffie-hellman: Use bool instead of status_t as get_shared_secret() return valueMartin Willi2015-03-231-2/+2
| | | | | While such a change is not unproblematic, keeping status_t makes the API inconsistent once we introduce return values for the public value operations.
* keymat: Use hash algorithm setTobias Brunner2015-03-041-29/+7
|
* keymat: Add facility to store supported hash algorithmsTobias Brunner2015-03-041-0/+53
|
* aead: Support custom AEAD salt sizesMartin Willi2014-03-311-2/+27
| | | | | | | | | The salt, or often called implicit nonce, varies between AEAD algorithms and their use in protocols. For IKE and ESP, GCM uses 4 bytes, while CCM uses 3 bytes. With TLS, however, AEAD mode uses 4 bytes for both GCM and CCM. Our GCM backends currently support 4 bytes and CCM 3 bytes only. This is fine until we go for CCM mode support in TLS, which requires 4 byte nonces.
* ikev2: Wipe (optional) shared secret during CHILD_SA key derivationTobias Brunner2014-01-231-11/+14
|
* ike: Log SK_p consistently on level 4Tobias Brunner2013-11-281-1/+1
|
* ikev2: Properly free DH secret in case of errors during IKE key derivationTobias Brunner2013-11-061-0/+3
| | | | Fixes #437.
* Clean up error handling in keymat_v2_tMartin Willi2012-07-161-87/+65
|
* Add a return value to crypter_t.set_key()Martin Willi2012-07-161-2/+16
|
* Add a return value to prf_t.set_key()Martin Willi2012-07-161-13/+16
|
* Add a return value to prf_t.allocate_bytes()Martin Willi2012-07-161-11/+26
|
* Add a return value to keymat_v2_t.get_auth_octets()Martin Willi2012-07-161-7/+10
|
* Add a return value to keymat_v2_t.get_psk_sig()Martin Willi2012-07-161-7/+7
|
* prf_plus_create() can return NULL on failureMartin Willi2012-07-161-0/+10
|
* Add a return value to prf_plus_t.allocate_bytes()Martin Willi2012-07-161-13/+62
|
* Add a return value to signer_t.set_key()Martin Willi2012-07-161-2/+14
|
* Add a return value to aead_t.set_key()Martin Willi2012-07-161-2/+10
|
* Add create_nonce_gen function to keymat interfaceAdrian-Ken Rueegsegger2012-05-181-0/+7
| | | | This function returns a nonce generator object.
* Added a keymat_t version to cast it safelyMartin Willi2012-03-201-0/+7
|
* Separated libcharon/sa directory with ikev1 and ikev2 subfoldersMartin Willi2012-03-201-0/+581
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-11 17:13:01 +0000