aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan/plugins
Commit message (Collapse)AuthorAgeFilesLines
...
* x509: Replace the comma separated string AC group builder with a list based oneMartin Willi2014-03-311-5/+5
|
* x509: Integrate IETF attribute handling, and obsolete ietf_attributes_tMartin Willi2014-03-311-9/+184
| | | | | The ietf_attributes_t class is used for attribute certificates only these days, and integrating them to x509_ac_t simplifies things significantly.
* x509: Replace fixed acert group string getter by a more dynamic group enumeratorMartin Willi2014-03-311-3/+3
|
* x509: Skip parsing of acert chargingIdentity, as we don't use it anywayMartin Willi2014-03-311-9/+1
|
* x509: Fix some whitespaces and do some minor style cleanups in acertMartin Willi2014-03-311-72/+76
|
* openssl: Add default fallback when calculating fingerprints of RSA keysTobias Brunner2014-03-221-1/+15
| | | | | | We still try to calculate these directly as it can avoid a dependency on the pkcs1 or other plugins. But for e.g. PGPv3 keys we need to delegate the actual fingerprint calculation to the pgp plugin.
* Completed integration of ntru_crypto library into ntru pluginAndreas Steffen2014-03-2220-1707/+1165
|
* plugin-feature: Hash only the actually used feature argumentTobias Brunner2014-03-201-1/+31
| | | | | | | | Clang does not initialize padding in union members so hashing the complete "arg" union could lead to different hashes if the hashed plugin_feature_t does not have static storage duration. Fixes #549.
* plugin-loader: Properly initialize modular plugin list if no plugins are enabledTobias Brunner2014-03-181-0/+1
|
* Implemented ntru_private_key classAndreas Steffen2014-03-1814-1341/+1085
|
* 11 bits are needed to encode a maximum index of 1086Andreas Steffen2014-03-151-1/+1
|
* Refactored NTRU parameter set selectionAndreas Steffen2014-03-073-40/+47
|
* Refactored ntru_param_setsAndreas Steffen2014-03-079-246/+175
|
* Optimize ntru_poly constructors some more5.1.2Andreas Steffen2014-02-271-26/+24
|
* Optimized initialisation of indicesAndreas Steffen2014-02-271-50/+39
|
* Added get_array() method to ntru_poly_t classAndreas Steffen2014-02-275-156/+57
|
* Defined ntru_poly_create_from_seed() and ntru_poly_create_from_data() ↵Andreas Steffen2014-02-275-131/+100
| | | | constructors and built some unit tests for the latter)
* Optimized use of temporary arrays in polynomial multiplicationAndreas Steffen2014-02-272-24/+24
|
* Implement ring multiplication methodAndreas Steffen2014-02-273-99/+228
|
* index limit can be easily computedAndreas Steffen2014-02-195-42/+18
|
* uclibc only defines strndup(3) if _GNU_SOURCE is definedTobias Brunner2014-02-191-2/+2
| | | | References #516.
* sshkey: uclibc only defines fmemopen(3) if _GNU_SOURCE is definedTobias Brunner2014-02-191-0/+1
| | | | Fixes #516.
* Created ntru_poly class for sparse trinary polynomialsAndreas Steffen2014-02-188-434/+455
|
* plugin-loader: Escape <ns> in comment as Doxygen sees this as XML tagTobias Brunner2014-02-181-2/+2
|
* plugin-loader: Optionally use load option in each plugin section to load pluginsTobias Brunner2014-02-122-4/+144
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This now works because all plugins use the same config namespace. If <ns>.load_modular is true, the list of plugins to load is determined via the value of the <ns>.plugins.<name>.load options. Using includes the following is possible: charon { load_modular = yes plugins { include strongswan.d/charon/*.conf } } charon-cmd { load_modular = yes plugins { include strongswan.d/charon-cmd/*.conf } } Where each .conf file would contain something like: <name> { load = yes <option> = <value> } To increase the priority of individual plugins load = <priority> can be used (the default is 1). For instance, to use openssl instead of the built-in crypto plugins set in strongswan.d/charon/openssl.conf: openssl { load = 10 } If two plugins have the same priority their order in the default plugin list is preserved. Plugins not found in that list are ordered alphabetically before other plugins with the same priority.
* lib: All settings use configured namespaceTobias Brunner2014-02-1215-35/+35
|
* rdrand: Provide get_features() regardless of RDRAND availabilityMartin Willi2014-02-101-6/+6
| | | | | As having no get_features() raises a deprecated warning, we return no features instead.
* rdrand: Move RDRAND detection log to level 2Martin Willi2014-02-101-2/+2
| | | | | When having RDRAND support, these log messages might be confusing when using pki or other tools.
* pem: Use chunk_map() instead of non-portable mmap()Martin Willi2014-01-231-29/+6
|
* curl: Replace spaces in URIs with %20Tobias Brunner2014-01-231-3/+14
| | | | | | | cURL requires the URIs to be URL-encoded. Apparently, some CAs encode CRL URIs with spaces in them. Fixes #454.
* agent: Keep CAP_DAC_OVERRIDE to connect to ssh-agent socketTobias Brunner2014-01-232-2/+7
| | | | This is also required if charon-cmd is used with capability dropping.
* min_MGF_hash_calls parameter is not needed anymoreAndreas Steffen2013-12-072-18/+0
|
* Optimized MGF1 implementationAndreas Steffen2013-12-071-8/+13
|
* Implemented ntru_trits classAndreas Steffen2013-12-078-291/+292
|
* Streamlined DRBG and MGF1 debug outputAndreas Steffen2013-12-073-14/+20
|
* Added own MGF1 mask generating functionAndreas Steffen2013-12-0510-436/+536
|
* unit-tests: Export ntru_drbg_create as testable function so no linking is ↵Tobias Brunner2013-12-041-5/+7
| | | | | | | | required This way the plugin does not have to be linked explicitly to the test runner, which otherwise would require that the plugin is either always enabled to build the tests or that ifdefs are added to the Makefile.
* unit-tests: Move ntru_test_rng_t to a utility class in libtestTobias Brunner2013-12-043-137/+0
|
* ntru: Fix compiler warning caused by ++/-- on righthand side of an assignmentTobias Brunner2013-12-041-4/+4
| | | | The behavior of stuff like x = --x; (or x++) is not defined.
* Added DRBG automatic reseeding testsAndreas Steffen2013-11-271-2/+2
|
* Use strongSwan hash plugins for SHA-1 and SHA-256Andreas Steffen2013-11-2720-2764/+178
|
* Cleaned up ntru-crypto libraryAndreas Steffen2013-11-2711-474/+8
|
* Implemented NIST SP 800-90A DRBG_HMAC with SHA-256Andreas Steffen2013-11-2714-1533/+550
|
* unit-tests: Added ntru wrong ciphertext testAndreas Steffen2013-11-271-0/+1
|
* unit-tests: Added ntru entropy, retransmission and ciphertext testsAndreas Steffen2013-11-271-0/+5
|
* Any of the four NTRU parameter sets can be selectedAndreas Steffen2013-11-272-45/+76
|
* Make the NTRU parameter set configurableAndreas Steffen2013-11-271-14/+47
|
* unit-tests: first NTRU test caseAndreas Steffen2013-11-271-1/+1
|
* Prototype implementation of IKE key exchange via NTRU encryptionAndreas Steffen2013-11-2735-0/+9332
|
* openssl: Verify that a peer's ECDH public value is a point on the elliptic curveTobias Brunner2013-11-191-0/+5
| | | | | This check is mandated by RFC 6989. Since we don't reuse DH secrets, it is mostly a sanity check.
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-01 22:36:28 +0000