Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | aead: Support custom AEAD salt sizes | Martin Willi | 2014-03-31 | 15 | -41/+129 |
| | | | | | | | | | The salt, or often called implicit nonce, varies between AEAD algorithms and their use in protocols. For IKE and ESP, GCM uses 4 bytes, while CCM uses 3 bytes. With TLS, however, AEAD mode uses 4 bytes for both GCM and CCM. Our GCM backends currently support 4 bytes and CCM 3 bytes only. This is fine until we go for CCM mode support in TLS, which requires 4 byte nonces. | ||||
* | ikev2: Recreate a CHILD_SA that got a hard lifetime expire without rekeying | Martin Willi | 2014-03-31 | 1 | -0/+12 |
| | | | | | Works around issues related to system time changes and kernel backends using that system time, such as Linux XFRM. | ||||
* | revocation: Log error if no OCSP signer candidate found | Martin Willi | 2014-03-31 | 1 | -1/+1 |
| | | | | Fixes evaluation of ikev2/ocsp-untrusted-cert. | ||||
* | revocation: Restrict OCSP signing to specific certificates | Martin Willi | 2014-03-31 | 1 | -7/+63 |
| | | | | | | | | | | | | | To avoid considering each cached OCSP response and evaluating its trustchain, we limit the certificates considered for OCSP signing to: - The issuing CA of the checked certificate - A directly delegated signer by the same CA, having the OCSP signer constraint - Any locally installed (trusted) certificate having the OCSP signer constraint The first two options cover the requirements from RFC 6960 2.6. For compatibility with non-conforming CAs, we allow the third option as exception, but require the installation of such certificates locally. | ||||
* | revocation: Don't merge auth config of CLR/OCSP trustchain validation | Martin Willi | 2014-03-31 | 1 | -39/+24 |
| | | | | | | | | | | This behavior was introduced with 6840a6fb to avoid key/signature strength checking for the revocation trustchain as we do it for end entity certificates. Unfortunately this breaks CA constraint checking under certain conditions, as we merge additional intermediate/CA certificates to the auth config. As key/signature strength checking of the revocation trustchain is a rather exotic requirement we drop support for that to properly enforce CA constraints. | ||||
* | hashtable: Make key arguments const | Tobias Brunner | 2014-03-31 | 2 | -22/+23 |
| | | | | | This allows using const strings etc. for lookups without cast. And keys are not modifiable anyway. | ||||
* | Properly hash pointers for hash tables where appropriate | Tobias Brunner | 2014-03-31 | 4 | -71/+7 |
| | | | | | Simply using the pointer is not optimal for our hash table implementation, which simply masks the key to determine the bucket. | ||||
* | kernel-pfroute: Let get_nexthop() default to destination address | Tobias Brunner | 2014-03-31 | 1 | -3/+7 |
| | |||||
* | x509: CERT_DECODE actually requires KEY_ANY | Tobias Brunner | 2014-03-31 | 1 | -3/+1 |
| | | | | | More specific decoders might still be needed, but the x509 plugin should not care which ones. | ||||
* | pkcs1: KEY_ANY public key decoder soft depends on specific decoders | Tobias Brunner | 2014-03-31 | 1 | -0/+3 |
| | |||||
* | eap-radius: Add option to not close IKE_SAs on timeouts during interim ↵ | Tobias Brunner | 2014-03-31 | 1 | -1/+6 |
| | | | | | | accouting updates Fixes #528. | ||||
* | ikev1: Accept SPI size of any length <= 16 in ISAKMP proposal | Tobias Brunner | 2014-03-31 | 1 | -4/+12 |
| | | | | Fixes #533. | ||||
* | proposal: Don't fail DH proposal matching if peer includes NONE | Tobias Brunner | 2014-03-31 | 1 | -4/+19 |
| | | | | | | | | The DH transform is optional for ESP/AH proposals. The initiator can include NONE (0) in its proposal to indicate that while it prefers to do a DH exchange, the responder may still decide to not do so. Fixes #532. | ||||
* | openac: Remove obsolete openac utility | Martin Willi | 2014-03-31 | 7 | -744/+1 |
| | | | | The same functionality is now provided by the pki --acert subcommand. | ||||
* | pki: Document --not-before/after and --dateform options in manpages | Martin Willi | 2014-03-31 | 4 | -7/+99 |
| | |||||
* | pki: Support absolute --this/next-update CRL lifetimes | Martin Willi | 2014-03-31 | 1 | -6/+22 |
| | |||||
* | pki: Support absolute --not-before/after issued certificate lifetimes | Martin Willi | 2014-03-31 | 2 | -7/+22 |
| | |||||
* | pki: Support absolute --not-before/after self-signed certificate lifetimes | Martin Willi | 2014-03-31 | 1 | -5/+22 |
| | |||||
* | pki: Support absolute --not-before/after acert lifetimes | Martin Willi | 2014-03-31 | 1 | -7/+26 |
| | |||||
* | pki: Add a certificate lifetime calculation helper function | Martin Willi | 2014-03-31 | 2 | -1/+69 |
| | |||||
* | ikev2: Cache all received attribute certificates to auth config | Martin Willi | 2014-03-31 | 1 | -1/+27 |
| | |||||
* | ikev2: Send all known and valid attribute certificates for subject cert | Martin Willi | 2014-03-31 | 1 | -0/+46 |
| | |||||
* | ikev2: Slightly refactor certificate payload construction to separate functions | Martin Willi | 2014-03-31 | 1 | -37/+56 |
| | |||||
* | ike: Support encoding of attribute certificates in CERT payloads | Martin Willi | 2014-03-31 | 1 | -1/+6 |
| | |||||
* | auth-cfg: Declare an attribute certificate helper type to exchange acerts | Martin Willi | 2014-03-31 | 3 | -2/+15 |
| | |||||
* | acert: Implement a plugin finding, validating and evaluating attribute certs | Martin Willi | 2014-03-31 | 6 | -0/+363 |
| | | | | | | This validator checks for any attribute certificate it can find for validated end entity certificates and tries to extract group membership information used for connection authorization rules. | ||||
* | x509: Match acert has_subject() against entityName or holder serial | Martin Willi | 2014-03-31 | 1 | -5/+25 |
| | | | | | This allows us to find attribute certificates for a subject certificate in credential sets. | ||||
* | pki: Add acert and extend pki/print manpages | Martin Willi | 2014-03-31 | 4 | -2/+115 |
| | |||||
* | pki: Implement an acert command to issue attribute certificates | Martin Willi | 2014-03-31 | 3 | -1/+275 |
| | |||||
* | pki: Support printing attribute certificates | Martin Willi | 2014-03-31 | 1 | -1/+89 |
| | |||||
* | pki: Don't generate negative random serial numbers in X.509 certificates | Martin Willi | 2014-03-31 | 2 | -0/+2 |
| | | | | According to RFC 5280 4.1.2.2 we MUST force non-negative serial numbers. | ||||
* | pem: Support encoding of attribute certificates | Martin Willi | 2014-03-31 | 1 | -1/+6 |
| | | | | | | | While there is no widely used PEM header for attribute certificates, at least IAIK-JCE uses BEGIN ATTRIBUTE CERTIFICATE: http://javadoc.iaik.tugraz.at/iaik_jce/current/iaik/utils/Util.html#toPemString(iaik.x509.attr.AttributeCertificate) | ||||
* | x509: Replace the comma separated string AC group builder with a list based one | Martin Willi | 2014-03-31 | 4 | -10/+22 |
| | |||||
* | x509: Integrate IETF attribute handling, and obsolete ietf_attributes_t | Martin Willi | 2014-03-31 | 6 | -639/+186 |
| | | | | | The ietf_attributes_t class is used for attribute certificates only these days, and integrating them to x509_ac_t simplifies things significantly. | ||||
* | x509: Replace fixed acert group string getter by a more dynamic group enumerator | Martin Willi | 2014-03-31 | 5 | -69/+131 |
| | |||||
* | x509: Skip parsing of acert chargingIdentity, as we don't use it anyway | Martin Willi | 2014-03-31 | 1 | -9/+1 |
| | |||||
* | x509: Fix some whitespaces and do some minor style cleanups in acert | Martin Willi | 2014-03-31 | 1 | -72/+76 |
| | |||||
* | ac: Remove unimplemented equals_holder() method from ac_t | Martin Willi | 2014-03-31 | 1 | -8/+0 |
| | |||||
* | unit-tests: Fix filtered enumerator tests on 64-bit big-endian platforms | Tobias Brunner | 2014-03-27 | 1 | -12/+12 |
| | | | | | In case of sizeof(void*) == 8 and sizeof(int) == 4 on big-endian hosts the tests failed as the actual integer value got cut off. | ||||
* | unit-tests: Fix memory leak in ntru tests | Tobias Brunner | 2014-03-27 | 1 | -3/+5 |
| | |||||
* | unit-test: added missing TEST_FUNCTION macros | Andreas Steffen | 2014-03-22 | 1 | -8/+16 |
| | |||||
* | openssl: Add default fallback when calculating fingerprints of RSA keys | Tobias Brunner | 2014-03-22 | 1 | -1/+15 |
| | | | | | | We still try to calculate these directly as it can avoid a dependency on the pkcs1 or other plugins. But for e.g. PGPv3 keys we need to delegate the actual fingerprint calculation to the pgp plugin. | ||||
* | Completed integration of ntru_crypto library into ntru plugin | Andreas Steffen | 2014-03-22 | 21 | -1711/+1227 |
| | |||||
* | crypto-tester: Don't fail if key size is not supported | Tobias Brunner | 2014-03-20 | 1 | -6/+3 |
| | | | | | | | | The Blowfish and Twofish implementations provided by the gcrypt plugin only support specific key lengths, which we don't know when testing against vectors (either during unit tests or during algorithm registration). The on_create test with a specific key length will be skipped anyway, so there is no point in treating this failure differently. | ||||
* | unit-tests: Add an option to increase the verbosity when running tests | Tobias Brunner | 2014-03-20 | 1 | -1/+9 |
| | | | | | The TESTS_VERBOSITY option takes an integer from -1 to 4 that sets the default debug level. | ||||
* | unit-tests: Add an option to run only a subset of all test suites | Tobias Brunner | 2014-03-20 | 1 | -8/+54 |
| | | | | | The TESTS_SUITES environment variable can contain a comma separated list of names of test suites to run. | ||||
* | unit-tests: Actually verify registered algorithms against test vectors | Tobias Brunner | 2014-03-20 | 2 | -5/+47 |
| | | | | | | | | Previously, the {ns}.crypto_test.on_add option had to be enabled to actually test the algorithms, which we can't enforce for the tests in the test_runner as the option is already read when the crypto factory is initialized. Even so, we wouldn't want to do this for every unit test, which would be the result of enabling that option. | ||||
* | unit-tests: Use TEST_FUNCTION macro in ntru tests | Tobias Brunner | 2014-03-20 | 1 | -34/+44 |
| | |||||
* | unit-tests: Implement registered functions without __builtin_apply() | Tobias Brunner | 2014-03-20 | 1 | -17/+17 |
| | | | | | This makes the tests work with clang, which does not implement said builtin. | ||||
* | unit-tests: Call functions with TEST_ prefix in ntru test | Tobias Brunner | 2014-03-20 | 1 | -36/+38 |
| |