aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan
Commit message (Collapse)AuthorAgeFilesLines
...
* test-vectors: Add some self-made additional AES-GCM test vectorsMartin Willi2015-04-152-0/+157
| | | | | We missed test vectors for 192/256-bit key vectors for ICV8/12, and should also have some for larger associated data chunk.
* test-vectors: Define some additional CCM test vectorsMartin Willi2015-04-152-1/+84
| | | | | | We don't have any where plain or associated data is not a multiple of the block size, but it is likely to find bugs here. Also, we miss some ICV12 test vectors using 128- and 192-bit key sizes.
* crypto-tester: Use the plugin feature key size to benchmark crypters/aeadsMartin Willi2015-04-154-21/+29
| | | | | | We previously didn't pass the key size during algorithm registration, but this resulted in benchmarking with the "default" key size the crypter uses when passing 0 as key size.
* utils: Define MAX_(U)INT_TYPE to the maximum size integer type availableMartin Willi2015-04-141-0/+6
|
* utils: Typedef int128_t and u_int128_t types if supportedMartin Willi2015-04-141-0/+11
|
* utils: Use chunk_equals_const() for all cryptographic purposesMartin Willi2015-04-144-4/+4
|
* utils: Add a constant time chunk_equals() variant for cryptographic purposesMartin Willi2015-04-142-0/+40
|
* utils: Use memeq_const() for all cryptographic purposesMartin Willi2015-04-145-8/+6
|
* utils: Add a constant time memeq() variant for cryptographic purposesMartin Willi2015-04-143-0/+71
|
* rdrand: Reuse CPU feature detection to check for RDRAND instructionsMartin Willi2015-04-131-51/+4
|
* padlock: Reuse common CPU feature detection to check for Padlock featuresMartin Willi2015-04-131-80/+17
|
* cpu-feature: Support Via Padlock security featuresMartin Willi2015-04-132-0/+56
|
* cpu-feature: Add a common class to query available CPU featuresMartin Willi2015-04-134-3/+167
| | | | Currently supported is x86/x64 via cpuid() for some common features.
* sqlite: Use our locking mechanism also when sqlite3_threadsafe() returns 0Martin Willi2015-04-131-7/+20
| | | | | | We previously checked for older library versions without locking support at all. But newer libraries can be built in single-threading mode as well, where we have to care about the locking.
* sqlite: Show SQLite library version and thread safety flag during startupMartin Willi2015-04-131-1/+8
|
* aead: Create AEAD using traditional transforms with an explicit IV generatorMartin Willi2015-04-132-3/+4
| | | | | | Real AEADs directly provide a suitable IV generator, but traditional crypters do not. For some (stream) ciphers, we should use sequential IVs, for which we pass an appropriate generator to the AEAD wrapper.
* iv-gen: Add a generic constructor to create an IV gen from an algorithmMartin Willi2015-04-134-2/+71
|
* openssl: Don't pre-initialize OpenSSL HMAC with an empty keyMartin Willi2015-04-131-6/+16
| | | | | | | | | | With OpenSSL commit 929b0d70c19f60227f89fac63f22a21f21950823 setting an empty key fails if no previous key has been set on that HMAC. In 9138f49e we explicitly added the check we remove now, as HMAC_Update() might crash if HMAC_Init_ex() has not been called yet. To avoid that, we set and check a flag locally to let any get_mac() call fail if set_key() has not yet been called.
* thread: Remove unneeded thread startup synchronizationMartin Willi2015-04-131-13/+4
| | | | | | | | | | | sem_init() is deprecated on OS X, and it actually fails with ENOSYS. Using our wrapped semaphore object is not an option, as it relies on the thread cleanup that we can't rely on at this stage. It is unclear why startup synchronization is required, as we can allocate the thread ID just before creating the pthread. There is a chance that we allocate a thread ID for a thread that fails to create, but the risk and consequences are negligible.
* fips-prf: Remove superfluous <arpa/inet.h> includeMartin Willi2015-04-131-2/+0
| | | | | As we make no use of htonl() and friends, this is unneeded, but actually prevents a Windows build.
* asn1: Undefine TIME_UTC, which is used by C11Martin Willi2015-04-081-0/+4
| | | | | When building with C11 support, TIME_UTC is used for timespec_get() and defined in <time.h>. Undefine TIME_UTC for our own internal use in asn1.c.
* Wipe auxiliary key store5.3.0Andreas Steffen2015-03-281-1/+1
|
* crypto-tester: Explicitly exclude FIPS-PRF from append mode testsMartin Willi2015-03-281-8/+11
| | | | | This was implicitly done by the seed length check before 58dda5d6, but we now require an explicit check to avoid that unsupported use.
* fips-prf: Fail when trying to use append mode on FIPS-PRFMartin Willi2015-03-281-1/+6
| | | | | Append mode hardly makes sense for the special stateful FIPS-PRF, which is different to other PRFs.
* cmac: Reset state before doing set_key()Martin Willi2015-03-271-0/+3
|
* af-alg: Reset hmac/xcbc state before doing set_key()Martin Willi2015-03-272-0/+2
|
* xcbc: Reset XCBC state in set_key()Martin Willi2015-03-271-0/+4
| | | | | If some partial data has been appended, a truncated key gets invalid if it is calculated from the pending state.
* hmac: Reset the underlying hasher before doing set_key() with longer keysMartin Willi2015-03-271-1/+2
| | | | | | | The user might have done a non-complete append, having some state in the hasher. Fixes #909.
* crypto-tester: Test set_key() after a doing a partial append on prf/signersMartin Willi2015-03-271-2/+20
| | | | | While that use is uncommon in real-world use, nonetheless should HMAC set a correct key and reset any underlying hasher.
* android: Sync libstrongswan Makefile.am and Android.mkTobias Brunner2015-03-251-0/+1
|
* diffie-hellman: Verify public DH values in backendsMartin Willi2015-03-237-1/+107
|
* diffie-hellman: Add a bool return value to set_other_public_value()Martin Willi2015-03-238-36/+41
|
* diffie-hellman: Add a bool return value to get_my_public_value()Martin Willi2015-03-238-19/+27
|
* diffie-hellman: Use bool instead of status_t as get_shared_secret() return valueMartin Willi2015-03-238-28/+26
| | | | | While such a change is not unproblematic, keeping status_t makes the API inconsistent once we introduce return values for the public value operations.
* unit-tests: Fix settings test after merging multi-line stringsTobias Brunner2015-03-231-2/+2
|
* unit-tests: Depend on SHA1/SHA256 features for mgf1 test casesMartin Willi2015-03-232-5/+16
|
* settings: Merge quoted strings that span multiple linesTobias Brunner2015-03-201-3/+2
|
* utils: Fix enum_flags_to_string parameter name to match Doxygen descriptionMartin Willi2015-03-191-1/+1
|
* Fixed two BLISS key type identifier stringsAndreas Steffen2015-03-161-2/+2
|
* files: Add simple plugin to load files from file:// URIsTobias Brunner2015-03-096-0/+300
|
* scheduler: Add method to remove all scheduled jobsTobias Brunner2015-03-092-5/+21
| | | | References #840.
* plugin-loader: Increase log level for warning about plugin features that ↵Tobias Brunner2015-03-091-3/+3
| | | | | | | | | failed to load Since we can't get rid of all unmet dependencies (at least not in every possible plugin configuration) the message is more confusing than helpful. In particular because a detailed warning about plugin features that failed to load due to unmet dependencies is only logged on level 2.
* pkcs11: Convert RFC 3279 ECDSA signatures when verifyingTobias Brunner2015-03-091-4/+33
| | | | References #873.
* pkcs11: Properly encode RFC 3279 ECDSA signaturesTobias Brunner2015-03-091-2/+19
| | | | Fixes #873.
* pkcs11: Properly encode EC_POINTs created on a tokenTobias Brunner2015-03-091-5/+8
| | | | | | | Some tokens might not fail when creating EC public keys in the incorrect format, but they will later not be able to use them to verify signatures. References #872.
* pkcs11: Properly handle EC_POINTs returned as ASN.1 octet stringTobias Brunner2015-03-091-1/+43
| | | | | | | This is the correct encoding but we internally only use unwrapped keys and some tokens return them unwrapped. Fixes #872.
* x509: Use subjectKeyIdentifier provided by issuer cert when checking CRL issuerTobias Brunner2015-03-061-18/+15
| | | | | | | | | Some CAs don't use SHA-1 hashes of the public key as subjectKeyIdentifier and authorityKeyIdentifier. If that's the case we can't force the calculation of the hash to compare that to authorityKeyIdentifier in the CRL, instead we use the subjectKeyIdentifier stored in the issuer certificate, if available. Otherwise, we fall back to the SHA-1 hash (or comparing the DNs) as before.
* hash-algorithm-set: Add class to manage a set of hash algorithmsTobias Brunner2015-03-044-1/+193
|
* credential-manager: Store BLISS key strength in auth configTobias Brunner2015-03-041-0/+3
|
* auth-cfg: Add BLISS key strength constraintTobias Brunner2015-03-042-21/+43
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 04:21:33 +0000