aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan/plugins
Commit message (Collapse)AuthorAgeFilesLines
...
* Fixed bad bit shift and sign extension errorsAndreas Steffen2014-12-233-4/+14
|
* bliss: Remove unnecessary cast to doubleTobias Brunner2014-12-231-1/+1
| | | | | | Coverity is still not happy when the result of an integer division is assigned to a double (without e.g. casting the result to an int first to indicate the intent). The shift should avoid this issue.
* bliss: Log type if unsupportedTobias Brunner2014-12-231-1/+1
|
* bliss: Make sure sampler exists after checking for it earlierTobias Brunner2014-12-231-2/+2
|
* crypto: Define MODP_CUSTOM outside of IKE DH rangeTobias Brunner2014-12-236-6/+6
| | | | | | | | | Before this fix it was possible to crash charon with an IKE_SA_INIT message containing a KE payload with DH group MODP_CUSTOM(1025). Defining MODP_CUSTOM outside of the two byte IKE DH identifier range prevents it from getting negotiated. Fixes CVE-2014-9221.
* bliss: Fix Doxygen commentsTobias Brunner2014-12-152-6/+6
|
* Also initialize s_signAndreas Steffen2014-12-121-1/+1
|
* pem: Handle BER indefinite length encoding as binary ASN.1Martin Willi2014-12-121-1/+24
| | | | | | While our ASN.1 parser can't handle BER indefinite length encoding, the OpenSSL backend can. Some PKCS#12 containers get encoded this way, so we should support loading such files in the pem plugin.
* Cache only support fingerprint typesAndreas Steffen2014-12-121-2/+4
|
* Fix ambiguities and gcc compiler warningAndreas Steffen2014-12-121-3/+3
|
* Use bitspender->get_bytes() method in ntru_tritsAndreas Steffen2014-12-121-26/+14
|
* Use Huffman code in BLISS signatureAndreas Steffen2014-12-127-38/+296
|
* Include design parameters in generated Huffman code filesAndreas Steffen2014-12-121-20/+31
|
* bliss: Fix monolithic buildTobias Brunner2014-12-1211-93/+114
| | | | | | | | | | | This requires moving test files so that the Makefile for the tests can be included after building libstrongswan, which requires the plugin when building monolithically. Due to this a static helper library is required as directly referring to object files (or source files) is not possible. It's also necessary to avoid any link-time dependency on libstrongswan in bliss_huffman, to avoid circular dependencies (bliss_huffman -> libstrongswan -> bliss -> bliss_huffman).
* bliss: Fix compilation warning with certain GCC versionsTobias Brunner2014-12-121-1/+2
| | | | | | Theoretically, n could be zero and these variables are then used uninitialized. Older GCC versions warn about this and on Travis where we compile with -Werror this causes the tests to fail.
* Pack private key arraysAndreas Steffen2014-12-101-17/+75
|
* Automatic generation of optimized Huffman codesAndreas Steffen2014-12-097-0/+559
|
* unit-tests: added bliss_sampler testAndreas Steffen2014-12-093-0/+99
|
* Expanded bliss_bitpacker to 32 bitsAndreas Steffen2014-12-095-41/+39
|
* Implemented full BLISS support for IKEv2 public key authentication and the ↵Andreas Steffen2014-11-296-7/+15
| | | | pki tool
* Applied bit packing to BLISS public keyAndreas Steffen2014-11-295-55/+68
|
* Wipe BLISS private key memoryAndreas Steffen2014-11-291-2/+8
|
* Created bliss_bitpacker class to encode BLISS signaturesAndreas Steffen2014-11-298-46/+464
|
* Skip the unused bits field of the ASN.1 BIT STRING encodingAndreas Steffen2014-11-291-1/+1
|
* Store NTT A of BLISS public key aAndreas Steffen2014-11-292-28/+24
|
* unit-tests: created bliss_sign test suiteAndreas Steffen2014-11-295-1/+91
|
* Finished BLISS signature generationAndreas Steffen2014-11-2912-157/+1170
|
* Implemented Gaussian rejection samplerAndreas Steffen2014-11-296-16/+496
| | | | | The bliss_sampler class uses the mgf1_bitspender as a pseudo-random source.
* Implemented get_byte() method for mgf1_bitspender classAndreas Steffen2014-11-291-2/+1
| | | | | | The new get_byte() method returns a pseudo-random byte at a time. Changed the get_bits() interface to the same interface as get_byte(). Updated the mgf1 unit-tests accordingly.
* Added support for BLISS-IIIAndreas Steffen2014-11-291-2/+17
|
* Started implementing BLISS signature generationAndreas Steffen2014-11-293-15/+9
|
* Store and parse BLISS private and public keys in DER and PEM formatAndreas Steffen2014-11-295-27/+419
| | | | | | | | Additionally generate SHA-1 fingerprints of raw BLISS subjectPublicKey and subjectPublicKeyInfo objects. Some basic functions used by the bliss_public_key class are shared with the bliss_private_key class.
* Use mgf1_bitspender in ntru_poly_create_from_seedAndreas Steffen2014-11-292-52/+16
|
* Use mgf1_bitspender to generate random secret keyAndreas Steffen2014-11-291-280/+226
|
* unit-tests: Added bliss_fft test suiteAndreas Steffen2014-11-295-0/+193
|
* Moved mgf1 class to libstrongswan/crypto/mgf1Andreas Steffen2014-11-295-267/+7
|
* Defined BLISS I and IV parameter setsAndreas Steffen2014-11-294-19/+365
|
* Implemented Number Theoretic Transform using the FFT algorithmAndreas Steffen2014-11-298-3/+869
| | | | | | By pre-multiplying the input arrays with a linear phase the fast multiplication via FFT and inverse FFT computes a negative wrapped convolution corresponding to a modulus of x^n+1.
* Created framework for BLISS post-quantum signature algorithmAndreas Steffen2014-11-297-0/+625
|
* constraints: Use a more specific FQDN/email name constraint matchingMartin Willi2014-10-301-22/+73
| | | | | | | While RFC 5280 is not very specific about the matching rules of subjectAltNames, it has some examples how to match email and FQDN constraints. We try to follow these examples, and restrict DNS names to subdomain matching and email to full email, host or domain matching.
* constraints: Don't reject certificates with invalid certificate policiesMartin Willi2014-10-301-25/+97
| | | | | | | | | | | | Instead of rejecting the certificate completely if a certificate has a policy OID that is actually not allowed by the issuer CA, we accept it. However, the certificate policy itself is still considered invalid, and is not returned in the auth config resulting from trust chain operations. A user must make sure to rely on the returned auth config certificate policies instead of the policies contained in the certificate; even if the certificate is valid, the policy OID itself in the certificate are not to be trusted anymore.
* curl: For SSL features, depend on thread-safety provided by our crypto pluginsMartin Willi2014-09-243-7/+57
| | | | | | | | | To use SSL in curl, we need to initialize the SSL library in a thread-safe manner and provide the appropriate callbacks. As we already do that in our crypto plugins using these libraries, we depend on these features. This implies that we need the same plugin enabled (openssl, gcrypt) as the curl backend is configured to use to fetch from HTTPS URIs.
* curl: Dynamically query supported protocols and register appropriate featuresMartin Willi2014-09-241-10/+64
|
* curl: Try to initialize with SSL support to handle https:// URIsMartin Willi2014-09-241-1/+6
| | | | If initialization fails, we fall back to the old behavior.
* plugin-loader: Support a reload() callback for static featuresMartin Willi2014-09-222-4/+35
|
* curl: Log error code tooTobias Brunner2014-09-091-2/+5
| | | | It seems libcurl does not always return an error message.
* openssl: Report correct key length for EC keys when not using NIST curvesTobias Brunner2014-09-022-22/+2
| | | | Fixes #688.
* winhttp: Do not use countof() on pointer argumentTobias Brunner2014-07-021-1/+1
|
* gcrypt: Use predefined pthread locking functions instead of custom hooksMartin Willi2014-07-011-50/+4
| | | | | | | | | | | | | Starting with libgcrypt 1.6, it seems that custom locking functions are not supported anymore. Instead, the user has to select from one of the pre-defined set of locking functions. Given that we have a proper threading abstraction API with optional profiling on all platforms, this is somewhat annoying. However, there does not seem to be a way to use custom functions, and we have no other choice than using the provided macro magic to support all libgcrypt versions. Fixes #630.
* charon: Set CLOEXEC flag on daemon PID file and /dev/(u)random source FDsMartin Willi2014-06-241-0/+5
| | | | | | | | | | | | | On Fedora, SELinux complains about these open file descriptors when the updown script invokes iptables. While it seems difficult to set the flag on all file descriptors, this at least fixes those covered by the SELinux policy. As these two cases are in code executed while the daemon is still single threaded, we avoid the use of atomic but not fully portable fdopen("e") or open(O_CLOEXEC) calls. Fixes #519.
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-15 13:58:44 +0000