| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | diffie-hellman: Add DH group identifiers for Curve25519 and Curve448 | Martin Willi | 2016-11-14 | 1 | -3/+11 |
| | | |||||
| * | Created newhope plugin implementing the New Hope key exchange algorithm | Andreas Steffen | 2016-08-10 | 1 | -1/+4 |
| | | |||||
| * | diffie-hellman: Verify public DH values in backends | Martin Willi | 2015-03-23 | 1 | -0/+72 |
| | | |||||
| * | crypto: Define MODP_CUSTOM outside of IKE DH range | Tobias Brunner | 2014-12-23 | 1 | -5/+6 |
| | | | | | | | | | | Before this fix it was possible to crash charon with an IKE_SA_INIT message containing a KE payload with DH group MODP_CUSTOM(1025). Defining MODP_CUSTOM outside of the two byte IKE DH identifier range prevents it from getting negotiated. Fixes CVE-2014-9221. | ||||
| * | diffie-hellman: Handle dh_exponent_ansi_x9_42 as a boolean setting | Martin Willi | 2014-12-05 | 1 | -2/+2 |
| | | | | | | | | | | | | | | While it was always documented as boolean setting, the option is currently handled as integer value, for which yes/no values do not work. Instead the default of TRUE is used for a no value. The option has been moved a lot during the last years, and in some locations was handled as bool, in some as integer. In the latest codebase it congruently used integer, which is actually not what is documented and used in testing. Fixes #781. | ||||
| * | diffie-hellman: Explicitly initialize DH exponent sizes during initialization | Martin Willi | 2014-08-25 | 1 | -8/+28 |
| | | | | | | | | | To avoid any race conditions when multiple threads call and initialize diffie_hellman_get_params(), explicitly examine the optimum DH exponent size during library initialization. Fixes #655. | ||||
| * | lib: All settings use configured namespace | Tobias Brunner | 2014-02-12 | 1 | -1/+1 |
| | | |||||
| * | Prototype implementation of IKE key exchange via NTRU encryption | Andreas Steffen | 2013-11-27 | 1 | -1/+6 |
| | | |||||
| * | ecc: Added ECC Brainpool ECDH groups as registered with IANA | Andreas Steffen | 2013-10-17 | 1 | -3/+11 |
| | | |||||
| * | Fixed compiler warnings for DH groups that define no subgroup. | Tobias Brunner | 2011-11-25 | 1 | -8/+16 |
| | | |||||
| * | Added a generic function to check if a DH group is an EC group | Martin Willi | 2010-09-03 | 1 | -0/+17 |
| | | |||||
| * | Added a MODP_CUSTOM DH group which takes g and p as constructor arguments | Martin Willi | 2010-09-02 | 1 | -3/+4 |
| | | |||||
| * | Added support for DH groups 22, 23 and 24, patch contributed by Joy Latten | Martin Willi | 2010-04-19 | 1 | -2/+110 |
| | | |||||
| * | Store DH generator in a chunk, hide non-public data in a private struct | Martin Willi | 2010-04-08 | 1 | -275/+273 |
| | | |||||
| * | Provide the Diffie Hellman parameters from a central location, so that we do ↵ | Tobias Brunner | 2010-03-09 | 1 | -0/+297 |
| | | | | | | | | | not have to replicate them in every plugin that implements the DH interface. The main reason for this change is that Android's libcrypto does not include the get_rfcX_prime_Y functions by default. Therefore we would have had to replicate the primes a third time. | ||||
| * | shortened DH group names | Andreas Steffen | 2009-05-15 | 1 | -13/+13 |
| | | |||||
| * | removing svn keyword $Id$ from all files | Tobias Brunner | 2009-04-30 | 1 | -2/+0 |
| | | |||||
| * | added a MODP_NULL Diffie Hellman group to avoid calculation overhead in ↵ | Martin Willi | 2008-11-22 | 1 | -1/+3 |
| | | | | | load-testing | ||||
| * | added missing comma in enumeration | Andreas Steffen | 2008-05-29 | 1 | -1/+1 |
| | | |||||
| * | added the ECP groups from RFC 5114 | Tobias Brunner | 2008-05-22 | 1 | -1/+4 |
| | | |||||
| * | added ECDH with OpenSSL (see RFC 4753) | Tobias Brunner | 2008-05-22 | 1 | -3/+6 |
| | | |||||
| * | merged the modularization branch (credentials) back to trunk | Martin Willi | 2008-03-13 | 1 | -558/+3 |
| | | |||||
| * | fixed memory leak | Martin Willi | 2007-10-04 | 1 | -0/+1 |
| | | |||||
| * | implemented an optional DH public value test | Martin Willi | 2007-10-04 | 1 | -89/+92 |
| | | | | | some other cleanups, using RFC2631 variable names | ||||
| * | cleanups, fixes and simplification of diffie hellman code | Martin Willi | 2007-10-04 | 1 | -123/+96 |
| | | |||||
| * | introduced new logging subsystem using bus: | Martin Willi | 2006-10-18 | 1 | -18/+15 |
| | | | | | | | | passive listeners can register on the bus active listeners wait for signals actively multiplexing allows multiple listeners to receive debug signals a lot more... | ||||
| * | updated copyright information | Martin Willi | 2006-07-07 | 1 | -1/+2 |
| | | |||||
| * | workaround for peers rekeying at the same time | Martin Willi | 2006-06-12 | 1 | -1/+1 |
| | | | | | | loading lifetime policies from ipsec.conf | ||||
| * | (no commit message) | Martin Willi | 2006-05-10 | 1 | -1/+0 |
| | | |||||
| * | (no commit message) | Martin Willi | 2006-05-10 | 1 | -0/+615 |
 |
index : tteras/strongswan | |
| tteras' strongSwan tree | gitolite |
| aboutsummaryrefslogtreecommitdiffstats |