aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* certificate: Return signature scheme and parameters from issued_by() methodTobias Brunner2017-11-0829-72/+124
| | | | | This also required some include restructuring (avoid including library.h in headers) to avoid unresolvable circular dependencies.
* signature-params: Add helper struct for signature scheme and parametersTobias Brunner2017-11-083-18/+319
|
* android: Add support for creating RSASSA-PSS signatures via JNITobias Brunner2017-11-081-2/+142
|
* unit-tests: Add RSA-PSS signature tests with specific saltsTobias Brunner2017-11-081-92/+818
|
* gcrypt: Add support for static salts when signing with RSA-PSSTobias Brunner2017-11-081-6/+17
|
* gmp: Add support for static salts when signing with RSA-PSSTobias Brunner2017-11-081-2/+6
|
* signature-params: Optionally pass a specific salt value when signingTobias Brunner2017-11-081-0/+2
|
* unit-tests: Warn if we skip RSA tests due to dependenciesTobias Brunner2017-11-081-0/+11
|
* unit-tests: Add ability to issue a warning message for a test caseTobias Brunner2017-11-083-6/+116
| | | | | This way we can warn if we e.g. skipped actually doing something due to dependencies (otherwise the test case would just appear to have succeeded).
* mgf1: Add support for SHA-224/384 based MGF1Tobias Brunner2017-11-082-1/+11
|
* xof: Add identifiers for MGF1 XOFs based on SHA-224/384Tobias Brunner2017-11-082-5/+13
|
* gmp: Use helper to determine XOF typeTobias Brunner2017-11-082-28/+10
|
* xof: Add helper to determine MGF1 XOF type from hash algorithmTobias Brunner2017-11-082-0/+38
|
* gcrypt: Add support for RSA-PSS signaturesTobias Brunner2017-11-083-31/+127
| | | | | | | | For salt lengths other than 20 this requires 0bd8137e68c2 ("cipher: Add option to specify salt length for PSS verification."), which was included in libgcrypt 1.7.0 (for Ubuntu requires 17.04). As that makes it pretty much useless for us (SHA-1 is a MUST NOT), we require that version to even provide the feature.
* gcrypt: Register supported RSA signature/verification schemesTobias Brunner2017-11-081-0/+16
|
* gmp: Add support for RSASSA-PSS signature verificationTobias Brunner2017-11-082-2/+140
|
* gmp: Add support for RSASSA-PSS signature creationTobias Brunner2017-11-082-0/+130
|
* unit-tests: Add FIPS 186-4 RSASSA-PSS test vectorsTobias Brunner2017-11-081-0/+1629
| | | | | | | | Since not all implementations allow setting a specific salt value when generating signatures (e.g. OpenSSL doesn't), we are often limited to only using the test vectors with salt length of 0. We also exclude test vectors with SHA-1, SHA-224 and SHA-384.
* unit-tests: Create and verify some RSA PSS signaturesTobias Brunner2017-11-081-3/+25
|
* openssl: Add support for verifying RSASSA-PSS signaturesTobias Brunner2017-11-082-3/+142
|
* openssl: Add support for creating RSASSA-PSS signaturesTobias Brunner2017-11-082-5/+132
|
* openssl: Add helper to determine EVP_MD from hash_algorithm_tTobias Brunner2017-11-082-9/+27
|
* unit-tests: Add FIPS 186-4 RSA test vectorsTobias Brunner2017-11-081-5/+2428
| | | | Excluding SHA-224 and the stuff from FIPS 186-2 (SHA-1, 1024 bit keys).
* gcrypt: Determine missing RSA private key parametersTobias Brunner2017-11-081-4/+133
| | | | | We only need n, e, and d. The primes p and q and the coefficient for the Chinese remainder algorithm can be determined from these.
* gmp: Determine missing RSA private key parametersTobias Brunner2017-11-081-4/+109
| | | | | We only need n, e, and d. The parameters for the Chinese remainder algorithm and even p and q can be determined from these.
* openssl: Add functions to determine missing RSA private key parametersTobias Brunner2017-11-081-9/+223
| | | | | We only need n, e, and d. The parameters for the Chinese remainder algorithm and even p and q can be determined from these.
* signature-params: Add functions to parse/build ASN.1 RSASSA-PSS paramsTobias Brunner2017-11-087-1/+421
|
* hasher: Add function to determine length of hashesTobias Brunner2017-11-082-0/+46
|
* asn1: Add function to generate an ASN.1 integer from an uint64_tTobias Brunner2017-11-083-6/+63
|
* asn1: Add OID for MGF1Tobias Brunner2017-11-081-1/+1
|
* signature-params: Add struct for RSASSA-PSS parametersTobias Brunner2017-11-082-0/+42
|
* private-key: Add optional parameters argument to sign() methodTobias Brunner2017-11-0828-49/+49
|
* public-key: Add optional parameters argument to verify() methodTobias Brunner2017-11-0827-45/+59
|
* public-key: Add RSASSA-PSS signature scheme identifierTobias Brunner2017-11-083-0/+9
|
* asn1: Add OID for RSASSA-PSSTobias Brunner2017-11-081-0/+1
|
* ikev2: Don't use SHA-1 for RFC 7427 signature authenticationTobias Brunner2017-11-083-7/+5
| | | | | | RFC 8247 demoted it to MUST NOT. References #2427.
* proposal: Remove MODP-1024 from default IKE proposalTobias Brunner2017-11-081-2/+2
| | | | | | | | RFC 8247 demoted it to SHOULD NOT. This might break connections with Windows clients unless they are configured to use a stronger group or matching weak proposals are configured explicitly on the server. References #2427.
* proposal: Remove MD5 from default IKE proposalTobias Brunner2017-11-081-2/+5
| | | | | | RFC 8247 demoted MD5 to MUST NOT. References #2427.
* proposal: Remove deprecated algorithms from default ESP and AH proposalsTobias Brunner2017-11-081-4/+0
| | | | | | | This removes algorithms that were deprecated by RFC 8221 (3DES, BF, MD5) from the default proposals for ESP and AH. References #8247.
* pool: Destroy enumerator before deleting existing poolTobias Brunner2017-11-081-4/+6
| | | | | | The MySQL client doesn't like overlapping queries on the same connection, so we make sure to destroy the enumerator used to check for an existing pool before deleting it when --replace is used.
* kernel-pfkey: Support anti-replay windows > 2kTobias Brunner2017-11-081-1/+14
| | | | | | | FreeBSD 11.1 supports a new extension to configure larger anti-replay windows, now configured as number of packets. Fixes #2461.
* kernel-pfkey: Don't include keys in SADB_UPDATE message to update IPs on FreeBSDTobias Brunner2017-11-081-0/+3
| | | | | | The FreeBSD kernel explicitly rejects messages containing keys for mature SAs. Fixes #2457.
* swanctl: Add --counters commandTobias Brunner2017-11-083-1/+156
|
* vici: Add 'get|reset-counters' commandsTobias Brunner2017-11-084-1/+191
|
* counters: Move IKE event counter collection from stroke to a separate pluginTobias Brunner2017-11-0812-387/+856
|
* systime-fix: Add timeout option to stop waiting for valid system timeTobias Brunner2017-11-081-10/+42
| | | | | A certificate check is forced once the timeout is reached even if the system time appears to be invalid.
* android: Add log message if failed to retrieve user certificate encodingTobias Brunner2017-11-021-0/+1
|
* shunt-mananger: Make outbound FWD shunt policies optionalTobias Brunner2017-11-021-6/+15
|
* ike: Do not send initial contact only for UNIQUE_NEVERThomas Egerer2017-11-023-4/+2
| | | | Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
* pkcs11: Call C_Finalize() to cancel jobs waiting in C_WaitForSlotEvent()Tobias Brunner2017-11-021-9/+14
| | | | | | | | | | | | | | | | This is not ideal as the call to C_Finalize() should be the last one via the PKCS#11 API. Since the order in which jobs are canceled is undefined we can't be sure there is no other thread still using the library (it could even be the canceled job that still handles a previous slot event). According to PKCS#11 the behavior of C_Finalize() is undefined while other threads still make calls over the API. However, canceling the thread, as done previously, could also be problematic as PKCS#11 libraries could hold locks while in the C_WaitForSlotEvent() call, which might not get released properly when the thread is just canceled, and which then might cause later calls to other API functions to block. Fixes #2437.
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-14 20:49:55 +0000