aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan/plugins
Commit message (Collapse)AuthorAgeFilesLines
...
* Optimized MGF1 implementationAndreas Steffen2013-12-071-8/+13
|
* Implemented ntru_trits classAndreas Steffen2013-12-078-291/+292
|
* Streamlined DRBG and MGF1 debug outputAndreas Steffen2013-12-073-14/+20
|
* Added own MGF1 mask generating functionAndreas Steffen2013-12-0510-436/+536
|
* unit-tests: Export ntru_drbg_create as testable function so no linking is ↵Tobias Brunner2013-12-041-5/+7
| | | | | | | | required This way the plugin does not have to be linked explicitly to the test runner, which otherwise would require that the plugin is either always enabled to build the tests or that ifdefs are added to the Makefile.
* unit-tests: Move ntru_test_rng_t to a utility class in libtestTobias Brunner2013-12-043-137/+0
|
* ntru: Fix compiler warning caused by ++/-- on righthand side of an assignmentTobias Brunner2013-12-041-4/+4
| | | | The behavior of stuff like x = --x; (or x++) is not defined.
* Added DRBG automatic reseeding testsAndreas Steffen2013-11-271-2/+2
|
* Use strongSwan hash plugins for SHA-1 and SHA-256Andreas Steffen2013-11-2720-2764/+178
|
* Cleaned up ntru-crypto libraryAndreas Steffen2013-11-2711-474/+8
|
* Implemented NIST SP 800-90A DRBG_HMAC with SHA-256Andreas Steffen2013-11-2714-1533/+550
|
* unit-tests: Added ntru wrong ciphertext testAndreas Steffen2013-11-271-0/+1
|
* unit-tests: Added ntru entropy, retransmission and ciphertext testsAndreas Steffen2013-11-271-0/+5
|
* Any of the four NTRU parameter sets can be selectedAndreas Steffen2013-11-272-45/+76
|
* Make the NTRU parameter set configurableAndreas Steffen2013-11-271-14/+47
|
* unit-tests: first NTRU test caseAndreas Steffen2013-11-271-1/+1
|
* Prototype implementation of IKE key exchange via NTRU encryptionAndreas Steffen2013-11-2735-0/+9332
|
* openssl: Verify that a peer's ECDH public value is a point on the elliptic curveTobias Brunner2013-11-191-0/+5
| | | | | This check is mandated by RFC 6989. Since we don't reuse DH secrets, it is mostly a sanity check.
* Implemented libstrongswan.plugins.random.strong_equals_true optionAndreas Steffen2013-11-163-0/+22
|
* plugin-loader: Convenience function added to add plugin dirs in build treeTobias Brunner2013-11-062-0/+28
|
* pki: Replace BUILD_FROM_FD with passing a chunk via BUILD_BLOBTobias Brunner2013-10-232-61/+12
| | | | This allows more than one builder to try parsing the data read from STDIN.
* openssl: Add workaround if ECC Brainpool curves are not definedTobias Brunner2013-10-171-11/+247
|
* openssl: Add support for ECC Brainpool curves for DH, if defined by OpenSSLTobias Brunner2013-10-172-6/+51
| | | | OpenSSL does not include them in releases before 1.0.2.
* ccm: Add missing comma in get_iv_gen method signatureTobias Brunner2013-10-111-1/+1
|
* iv_gen: aead_t implementations provide an IV generatorTobias Brunner2013-10-113-0/+46
|
* unbound: Add support for DLV (DNSSEC Lookaside Validation)Tobias Brunner2013-10-111-12/+23
| | | | Fixes #392.
* database: Add support for serializable transactionsTobias Brunner2013-10-112-3/+16
|
* sqlite: Implement transaction handlingTobias Brunner2013-10-111-6/+83
|
* mysql: Implement transaction handlingTobias Brunner2013-10-111-7/+119
|
* database: Add interface to handle transactionsTobias Brunner2013-10-112-0/+44
|
* mysql: Ensure connections are properly released in multi-threaded environmentsTobias Brunner2013-10-111-14/+23
|
* Remove HASH_PREFERRED, usages are replaced with HASH_SHA1, which is required ↵Tobias Brunner2013-10-113-6/+6
| | | | for IKEv2 anyway
* openssl: Properly log FIPS mode when enabled via openssl.confTobias Brunner2013-09-271-5/+13
| | | | | | | | | Enabling FIPS mode twice will fail, so if it is enabled in openssl.conf it should be disabled in strongswan.conf (or the other way around). Either way, we should log whether FIPS mode is enabled or not. References #412.
* sshkey: Add support for parsing keys from filesTobias Brunner2013-09-131-1/+92
|
* sshkey: Add encoding for ECDSA keysTobias Brunner2013-09-131-0/+72
|
* openssl: Add support for generic encoding of EC public keysTobias Brunner2013-09-131-23/+13
|
* sshkey: Add encoder for RSA keysTobias Brunner2013-09-135-2/+91
|
* openssl: Add generic RSA public key encodingTobias Brunner2013-09-131-3/+17
|
* openssl: Add helper function to convert BIGNUMs to chunksTobias Brunner2013-09-132-0/+27
|
* keychain: be less verbose when loading certificatesMartin Willi2013-07-311-2/+5
|
* keychain: Use AM_CPPFLAGS instead of INCLUDESTobias Brunner2013-07-191-1/+1
|
* credmgr: introduce a hook function to catch trust chain validation errorsMartin Willi2013-07-182-0/+14
|
* automake: replace INCLUDES by AM_CPPFLAGSMartin Willi2013-07-1844-138/+183
| | | | | | INCLUDES are now deprecated and throw warnings when using automake 1.13. We now also differentiate AM_CPPFLAGS and AM_CFLAGS, where includes and defines are passed to AM_CPPFLAGS only.
* soup: omit deprecated g_type_init() when using >= GLIB 2.36Martin Willi2013-07-181-0/+2
|
* keychain: flush certificate cache after reloading System keychainMartin Willi2013-07-181-0/+2
|
* keychain: monitor changes in the system keychain, reload when necessaryMartin Willi2013-07-181-0/+65
|
* keychain: use SearchCopyNext keychain enumeration for System certs as wellMartin Willi2013-07-181-71/+12
| | | | | | | SecItemCopyMatching seems to be problematic regarding memory management. And as there does not seem to be a good alternative to enumerate the System Roots keychain using the SecItemCopyMatching API, we stick to the deprecated enumeration functions for now.
* keychain: load certificates from System Roots KeychainMartin Willi2013-07-181-0/+65
|
* keychain: load certificates only once during startup, improving performanceMartin Willi2013-07-183-111/+78
|
* keychain: support on-the-fly enumeration of trusted/untrusted certificatesMartin Willi2013-07-182-1/+118
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 11:30:47 +0000