aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan/crypto
Commit message (Collapse)AuthorAgeFilesLines
* hashers: Change names of SHA2 hash algorithmsTobias Brunner2017-11-171-8/+8
| | | | | Keep the lower case names as they are as we use them internally (parsing and e.g. in OpenSSL as identifier).
* hasher: Add uppercase short names for hash algorithmsTobias Brunner2017-11-172-0/+23
|
* auth-cfg: Store signature schemes as signature_params_t objectsTobias Brunner2017-11-082-2/+12
| | | | | Due to circular references the hasher_from_signature_scheme() helper does not take a signature_params_t object.
* certificate: Return signature scheme and parameters from issued_by() methodTobias Brunner2017-11-083-3/+4
| | | | | This also required some include restructuring (avoid including library.h in headers) to avoid unresolvable circular dependencies.
* xof: Add identifiers for MGF1 XOFs based on SHA-224/384Tobias Brunner2017-11-082-5/+13
|
* xof: Add helper to determine MGF1 XOF type from hash algorithmTobias Brunner2017-11-082-0/+38
|
* hasher: Add function to determine length of hashesTobias Brunner2017-11-082-0/+46
|
* public-key: Add RSASSA-PSS signature scheme identifierTobias Brunner2017-11-081-0/+1
|
* ikev2: Don't use SHA-1 for RFC 7427 signature authenticationTobias Brunner2017-11-081-1/+1
| | | | | | RFC 8247 demoted it to MUST NOT. References #2427.
* configure: Fix gperf length parameter determinationTobias Brunner2017-10-021-1/+1
| | | | | | | | | | gperf is not actually a build dependency as the generated files are shipped in the tarball. So the type depends on the gperf version on the host that ran gperf and created the tarball, which might not be the same as that on the actual build host, and gperf might not even be installed there, leaving the type undetermined. Fixes: e0e43229736a ("configure: Detect type of length parameter for gperf generated function")
* configure: Detect type of length parameter for gperf generated functionTobias Brunner2017-09-191-1/+1
| | | | | Since 3.1 gperf uses size_t for the length parameter instead of an unsigned int.
* Fixed some typos, courtesy of codespellTobias Brunner2017-08-071-1/+1
|
* prf-plus: Wipe seed and internal bufferTobias Brunner2017-08-071-2/+2
| | | | | | | The buffer contains key material we handed out last and the seed can contain the DH secret. References #2388.
* linked-list: Change return value of find_first() and signature of its callbackTobias Brunner2017-05-261-5/+6
| | | | This avoids the unportable five pointer hack.
* Change interface for enumerator_create_filter() callbackTobias Brunner2017-05-262-77/+149
| | | | | This avoids the unportable 5 pointer hack, but requires enumerating in the callback.
* Migrate all enumerators to venumerate() interface changeTobias Brunner2017-05-261-2/+8
|
* Allow x25519 as an alias of the curve25519 KE algorithmAndreas Steffen2017-03-201-0/+1
|
* Reference Edwards-curve signature RFCsAndreas Steffen2017-03-202-12/+14
|
* Added support of EdDSA signaturesAndreas Steffen2016-12-142-3/+31
|
* proposal: Add a curve25519 proposal keywordMartin Willi2016-11-141-0/+1
|
* diffie-hellman: Add DH group identifiers for Curve25519 and Curve448Martin Willi2016-11-142-3/+14
|
* gmp: Support of SHA-3 RSA signaturesAndreas Steffen2016-09-221-5/+22
|
* mgf1: Refactored MGF1 as an XOFAndreas Steffen2016-09-218-490/+294
|
* proposal: Use proper list to get function pointer when adding custom parserThomas Egerer2016-08-291-1/+1
| | | | Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
* Created newhope plugin implementing the New Hope key exchange algorithmAndreas Steffen2016-08-103-1/+6
|
* xof: Added ChaCha20 stream as XOFAndreas Steffen2016-08-062-2/+5
|
* xof: Defined Extended Output FunctionsAndreas Steffen2016-07-298-5/+476
|
* proposal: Parse modpnone as MODP_NONE(0)Tobias Brunner2016-06-171-0/+1
|
* crypto-factory: Stop after successfully creating one nonce generatorTobias Brunner2016-06-171-0/+4
| | | | Fixes: e2fc09c186c3 ("Add nonce generator interface")
* proposal: Use standard integer types for static keywordsTobias Brunner2016-03-311-2/+2
|
* Use standard unsigned integer typesAndreas Steffen2016-03-2419-50/+50
|
* iv-gen: Use NULL IV generator for NULL encryptionTobias Brunner2015-11-091-0/+5
| | | | | | | | | | | | We don't need an IV for NULL encryption, so we wouldn't technically need an IV generator. But some of the code currently relies on an IV generator to be present. So we don't have to change that code and handle IV size == 0 specially we use the new NULL IV generator, which handles this transparently to the existing code. Before 3c81cb6fc322 ("aead: Create AEAD using traditional transforms with an explicit IV generator") iv_gen_rand_t was used for NULL encryption, which would work too but this way it's clearer.
* crypto: Add NULL IV generatorTobias Brunner2015-11-092-0/+95
| | | | | This does not actually allocate an IV and only accepts requests for size == 0.
* testing: Updated hasher testsAndreas Steffen2015-11-061-4/+8
|
* Explicitly mention SHA2 algorithm in BLISS OIDs and signature schemesAndreas Steffen2015-11-061-6/+6
|
* Support BLISS signatures with SHA-3 hashAndreas Steffen2015-11-031-0/+3
|
* Defined SHA-3 hashersAndreas Steffen2015-11-032-6/+52
|
* proposal: Add a chacha20poly1305 proposal keywordMartin Willi2015-06-291-0/+1
|
* crypter: Define a ChaCha20/Poly1305 AEAD algorithm identifierMartin Willi2015-06-293-3/+7
|
* ivgen: Allow reusing the same message ID twice in sequential IV genMartin Willi2015-06-051-7/+25
| | | | | | | | | | | | We use the message ID and fragment number as IV generator. As IKEv2 uses distinct message ID counters for actively and passively initiated exchanges, each IV would be used twice. As we explicitly reject such message IDs since d0ed1079, original-responder initiated exchanges fail with counter mode ciphers. This commit separates IV space in two halves for sequential IVs, and automatically assigns once reused sequence numbers to the second half. Fixes #980.
* iv-gen: Fail getting shorter IV values than the used counter sizeMartin Willi2015-06-011-0/+4
| | | | | While no algorithm actually uses such short IVs, we add a check here to ensure we won't return just the lower bits of the counter.
* iv-gen: Ensure external sequential IVs are actually sequentialMartin Willi2015-06-012-0/+23
| | | | We allow gaps in IVs, but ensure that an IV is never used more than once.
* crypto-factory: Remove obsolete transform testing functionsMartin Willi2015-04-152-54/+0
|
* transform: Add a getter for the enum_names for a specific transform typeMartin Willi2015-04-152-0/+40
|
* crypto-factory: Add enumerator method to support individual transform testingMartin Willi2015-04-152-0/+127
|
* crypto-tester: Support testing DH groups using DH test vectorsMartin Willi2015-04-153-2/+224
|
* diffie-hellman: Introduce an optional setter for the private valueMartin Willi2015-04-151-0/+12
| | | | This allows us to work with deterministic values for testing purposes.
* crypto-tester: Use the plugin feature key size to benchmark crypters/aeadsMartin Willi2015-04-153-21/+27
| | | | | | We previously didn't pass the key size during algorithm registration, but this resulted in benchmarking with the "default" key size the crypter uses when passing 0 as key size.
* utils: Use memeq_const() for all cryptographic purposesMartin Willi2015-04-141-2/+1
|
* aead: Create AEAD using traditional transforms with an explicit IV generatorMartin Willi2015-04-132-3/+4
| | | | | | Real AEADs directly provide a suitable IV generator, but traditional crypters do not. For some (stream) ciphers, we should use sequential IVs, for which we pass an appropriate generator to the AEAD wrapper.
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-24 13:21:20 +0000