aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan
Commit message (Collapse)AuthorAgeFilesLines
...
* xof: Add header to dev headersTobias Brunner2016-08-291-1/+2
|
* utils: Fix definition of BYTE_ORDER with MinGWTobias Brunner2016-08-241-1/+5
|
* unit-tests: Removed unused variableAndreas Steffen2016-08-111-2/+0
|
* unit-tests: Created newhope unit-testsAndreas Steffen2016-08-109-7/+1338
|
* Created newhope plugin implementing the New Hope key exchange algorithmAndreas Steffen2016-08-1013-1/+1347
|
* xof: Added ChaCha20 stream as XOFAndreas Steffen2016-08-069-3/+311
|
* utils: Defined uletoh16() and htole16()Andreas Steffen2016-08-061-0/+42
|
* integrity-test: Added ntru_param_sets to read-only segmentAndreas Steffen2016-07-297-36/+96
|
* integrity-test: Added bliss_param_sets to read-only segmentAndreas Steffen2016-07-2914-63/+68
|
* integrity-test: check code and ro segments of libnttfftAndreas Steffen2016-07-297-32/+46
|
* Created libnttfftAndreas Steffen2016-07-2919-121/+258
| | | | | This makes Number Theoretic Transforms (NTT) based on the efficient Fast-Fourier-Transform (FFT) available to multiple plugins.
* Share twiddle factors table between 512 and 1024 point FFTAndreas Steffen2016-07-293-134/+14
|
* Implemented FFT with n = 1024 and q = 11289 using Montgomery arithmeticAndreas Steffen2016-07-293-8/+495
|
* bliss: Implemented FFT with fast Montgomery arithmeticAndreas Steffen2016-07-298-102/+294
|
* xof: Implemented SHAKE128 and SHAKE256 Extended Output FunctionsAndreas Steffen2016-07-2911-415/+1293
|
* xof: Defined Extended Output FunctionsAndreas Steffen2016-07-2912-5/+520
|
* Added SHA-3 signature OIDsAndreas Steffen2016-07-261-1/+10
|
* unit-tests: Decreased loop count of FFT speed test to 10'000Andreas Steffen2016-07-221-1/+1
|
* unit-tests: Added bliss_fft_speed testAndreas Steffen2016-07-221-1/+42
|
* Fixed some typos, courtesy of codespellTobias Brunner2016-07-041-1/+1
|
* plugin-loader: Allow selective modification of the default plugin listTobias Brunner2016-06-291-10/+24
| | | | | | | This change allows selectively modifying the default plugin list by setting the `load` setting of individual plugins (e.g. to disable them or to change their priority) without enabling charon.load_modular and having to configure a section and a load statement for every plugin.
* leak-detective: Try to properly free allocations after deinitializationTobias Brunner2016-06-291-0/+13
| | | | | | | | If a function we whitelist allocates memory while leak detective is enabled but only frees it after LD has already been disabled, free() will get called with invalid pointers (not pointing to the actually allocated memory by LD), which will cause checks in the C library to fail and the program to crash. This tries to detect such cases and calling free with the correct pointer.
* openssl: Whitelist OPENSSL_init_crypto() and others in leak detectiveTobias Brunner2016-06-291-0/+4
| | | | | | | | | Lots of static data is allocated in this function, which isn't freed until the library is unloaded (we can't call OPENSSL_cleanup() as initialization would fail when calling it again later). When enabling the leak detective the test runner eventually crashes as all the data allocated during initialization has an invalid size when freed after leak detective has been unloaded.
* openssl: Update GCM/crypter API to OpenSSL 1.1.0Tobias Brunner2016-06-291-13/+13
|
* openssl: Update HMAC API to OpenSSL 1.1.0Tobias Brunner2016-06-291-9/+25
|
* openssl: Don't use deprecated RAND_pseudo_bytes()Tobias Brunner2016-06-291-7/+0
|
* openssl: Update PKCS#12 API to OpenSSL 1.1.0Tobias Brunner2016-06-291-1/+5
|
* openssl: Update PKCS#7 API to OpenSSL 1.1.0Tobias Brunner2016-06-291-3/+7
|
* openssl: Update CRL API to OpenSSL 1.1.0Tobias Brunner2016-06-291-7/+42
| | | | | | There is currently no way to compare the outer and inner algorithms encoded in a parsed CRL. X509_CRL_verify() does not seem to check that either, though (unlike X509_verify()).
* openssl: Update x509 API to OpenSSL 1.1.0Tobias Brunner2016-06-291-12/+48
|
* openssl: Update ECDSA API to OpenSSL 1.1.0Tobias Brunner2016-06-292-5/+24
|
* openssl: Update RSA API to OpenSSL 1.1.0Tobias Brunner2016-06-292-16/+52
|
* openssl: Make some utilities take const BIGNUM pointersTobias Brunner2016-06-292-4/+6
|
* openssl: Add macro to define fallback functions for non-opaque OpenSSL versionsTobias Brunner2016-06-291-0/+38
|
* openssl: Update DH API to OpenSSL 1.1.0Tobias Brunner2016-06-291-11/+41
|
* openssl: Update crypter API to OpenSSL 1.1.0Tobias Brunner2016-06-291-12/+17
| | | | | EVP_CIPHER and EVP_CIPHER_CTX are now opaque types, the getters already existed before.
* openssl: Fix mapping from ASN1 to chunk_t with OpenSSL 1.1.0Tobias Brunner2016-06-291-1/+7
| | | | ASN1_OBJECT is now opaque.
* openssl: Update initialization and cleanup for OpenSSL 1.1.0Tobias Brunner2016-06-291-7/+17
| | | | | | We can't call OPENSSL_cleanup() as that would prevent us from re-initializing the library again (which we use in the Android app, that loads/unloads plugins).
* openssl: OpenSSL 1.1.0 is thread-safe so we don't have to setup callbacksTobias Brunner2016-06-291-0/+13
|
* proposal: Parse modpnone as MODP_NONE(0)Tobias Brunner2016-06-171-0/+1
|
* crypto-factory: Stop after successfully creating one nonce generatorTobias Brunner2016-06-171-0/+4
| | | | Fixes: e2fc09c186c3 ("Add nonce generator interface")
* unit-tests: Defining TESTS_RUNNERS allows to only run specific test runnersTobias Brunner2016-06-172-1/+33
|
* leak-detective: Make sure to actually call malloc() from calloc() hookTobias Brunner2016-06-151-3/+4
| | | | | | | | Newer versions of GCC are too "smart" and replace a call to malloc(X) followed by a call to memset(0,X) with a call co calloc(), which obviously results in an infinite loop when it does that in our own calloc() implementation. Using `volatile` for the variable storing the total size prevents the optimization and we actually call malloc().
* leak-detective: Whitelist __fprintf_chk as seen on newer systemsTobias Brunner2016-06-151-0/+1
|
* configure: Check for and explicitly link against -latomicMartin Willi2016-06-142-2/+4
| | | | | Some C libraries, such as uClibc, require an explicit link for some atomic functions. Check for any libatomic, and explcily link it.
* android: Use non-aliased cipher identifiersTobias Brunner2016-06-131-12/+12
| | | | | | Some of these are also understood by BoringSSL. Fixes #1510.
* ipsec: Add function to compare two ipsec_sa_cfg_t instancesTobias Brunner2016-06-082-0/+25
| | | | | | memeq() is currently used to compare these but if there is padding that is not initialized the same for two instances the comparison fails. Using this function ensures the objects are compared correctly.
* identification: Compare identity types when comparing ID_FQDN/ID_RFC822_ADDR ↵Tobias Brunner2016-06-061-3/+4
| | | | | | identities References #1380.
* x509: Properly wrap keyid in authorityKeyIdentifier in attribute certificatesTobias Brunner2016-06-061-1/+2
| | | | | | | The correct encoding got lost in bdec2e4f5291 ("refactored openac and its attribute certificate factory"). Fixes #1370.
* af-alg: Silently skip probing algorithms if AF_ALG is not supportedMartin Willi2016-05-191-0/+19
| | | | | | If the af-alg plugin is enabled, but kernel support is missing, we get an error line during startup for each probed algorithm. This is way too verbose, so just skip probing if AF_ALG is unsupported.
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-15 13:49:33 +0000