8dc6e71632
lib: All settings use configured namespace
2014-02-12 14:34:32 +01:00
568e302260
proposal: Add possibility to register custom proposal keyword parser
...
If a proposal string cannot be matched to a token using strcmp (e.g. if
you want to register a whole class of algorithms containing their ID,
like my_alg_2342), you can use the provided function to register a
parser that transforms the given string into a proposal token.
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
2014-01-20 16:40:34 +01:00
146ad86be5
Prototype implementation of IKE key exchange via NTRU encryption
2013-11-27 20:21:40 +01:00
cca372465d
ecc: Added ECC Brainpool ECDH groups as registered with IANA
2013-10-17 11:57:04 +02:00
6623dfa84d
Revert refactoring which broke CentOS build
2013-10-13 19:56:04 +02:00
0c6f6c4e34
iv_gen: Mask sequential IVs with a random salt
...
This makes it harder to attack a HA setup, even if the sequence numbers were
not fully in sync.
2013-10-11 15:55:40 +02:00
e8229ad558
iv_gen: Provide external sequence number (IKE, ESP)
...
This prevents duplicate sequential IVs in case of a HA failover.
2013-10-11 15:55:40 +02:00
50bd28d549
iv_gen: aead_t implementations provide an IV generator
2013-10-11 15:55:40 +02:00
b3e1eb2afe
iv_gen: Add IV generator that allocates IVs sequentially
2013-10-11 15:55:40 +02:00
53d1f2dbfd
iv_gen: Add IV generator that allocates IVs randomly
...
Uses RNG_WEAK as the code currently does elsewhere to allocate IVs.
2013-10-11 15:55:40 +02:00
403057aa5a
crypto: Add generic interface for IV generators
2013-10-11 15:55:40 +02:00
b38f7f703b
apidoc: Move mac_prf to prf Doxygen group
2013-10-11 15:55:40 +02:00
ec91f15e3b
crypto-factory: Try next available RNG implementation if constructor fails
2013-10-11 15:13:25 +02:00
2e22333fbc
crypto-factory: Order entries by algorithm identifier and (optionally) speed
2013-10-11 15:13:25 +02:00
e2c9a03d15
Remove HASH_PREFERRED, usages are replaced with HASH_SHA1, which is required for IKEv2 anyway
2013-10-11 15:13:25 +02:00
cfca183d55
pkcs5: Add missing break statements when checking crypto primitives
2013-07-24 16:17:22 +02:00
0ceb288815
Fix various API doc issues and typos
...
Partially based on an old patch by Adrian-Ken Rueegsegger.
2013-07-18 18:30:36 +02:00
e9e4759733
crypto-factory: count the number of test vector failures during registration
2013-06-21 10:53:20 +02:00
5d52087b54
Added missing string for full-length HMAC-SHA512 signer
2013-06-10 11:48:18 +02:00
1f2a34d6d8
Add support for untruncated HMAC-SHA-512
2013-05-08 15:02:39 +02:00
d8be7d38bf
Also support 128-bit RC2
2013-05-08 15:02:39 +02:00
199fdcadae
Function added to convert a hash algorithm to an HMAC integrity algorithm
2013-05-08 15:02:39 +02:00
047fca1169
Support the PKCS#5/PKCS#12 encryption scheme used by OpenSSL for private keys
2013-05-08 15:02:39 +02:00
d41e54c68d
Move PKCS#12 key derivation to a separate file
2013-05-08 15:02:39 +02:00
594d847f79
PKCS#5 wrapper can decrypt PKCS#12-like schemes
2013-05-08 15:02:38 +02:00
162c06f2f5
Fix cleanup in crypto_tester if a crypter fails
2013-05-08 15:02:38 +02:00
9d4fc8677f
Add implementation of the RC2 block cipher (RFC 2268)
2013-05-08 15:02:34 +02:00
c734c2d875
Extract function to convert ASN.1 INTEGER object to u_int64_t
2013-05-08 14:53:08 +02:00
4076e3ee91
Extract PKCS#5 handling from pkcs8 plugin to separate helper class
2013-05-08 14:53:08 +02:00
a89ebab62e
Fix cleanup in crypto_tester if AEAD implementation fails
2013-02-28 18:17:42 +01:00
ef33a4ab82
Fixed some typos, courtesy of codespell
2012-12-20 09:35:26 +01:00
03ba8f9e8c
Move PKCS#9 attribute lists to pkcs7 plugin, as we currently use it there only
2012-12-19 10:32:08 +01:00
1865fb929a
Remove unused monolithic PKCS#7 code
2012-12-19 10:32:08 +01:00
67ca44ccbd
Rebuild PKCS#9 encoding after adding new attributes
2012-12-19 10:32:07 +01:00
60c9b5da8d
Don't store additional encoding for each PKCS#9 attribute
2012-12-19 10:32:07 +01:00
7f9fedc9bd
Unify PKCS#9 set_attribute* methods to a single add_attribute
...
This way the PKCS#9 implementation does not have to know
the encoding types for values
2012-12-19 10:32:07 +01:00
c1005c120c
PKCS#9 coding style cleanups
2012-12-19 10:32:07 +01:00
f0c02e27c4
Remove external build_encoding method in PKCS#9
2012-12-19 10:32:07 +01:00
f9625952ad
Moved settings_t to utils folder
2012-10-24 16:00:51 +02:00
f05b427265
Moved debug.[ch] to utils folder
2012-10-24 16:00:51 +02:00
d5c143e5be
Moved enum_name_t to utils folder
2012-10-24 16:00:50 +02:00
12642a6831
Moved data structures to new collections subfolder
2012-10-24 16:00:49 +02:00
60e59b7e7f
Add proposal keywords to explicitly specify PRF algorithms
2012-10-24 11:49:36 +02:00
91a8dc2dec
Fixed RNG crypto tester
2012-09-28 19:13:40 +02:00
24aa55867e
Initialize g and p in create_dh factory method
2012-09-28 15:48:09 +02:00
4e16d2e864
Fix Doxygen comment for proposal_keywords_t
...
Two dots seem to mark the end of a list.
2012-09-18 16:13:23 +02:00
08ad639f32
Added algorithm lookup via kernel_interface_t to the various kernel interfaces
2012-09-13 15:48:49 +02:00
4c57c63062
Added possibility to register custom proposal keywords
...
Keyword lookup and registration are handled via the new lib->proposal object.
2012-09-13 15:44:46 +02:00
995875210a
Removed len argument from proposal_get_token()
...
Also use enumerators instead of lexparser.h to parse proposal strings.
2012-09-13 15:44:01 +02:00
8c2ec47149
Moved proposal_keywords to proposal_keywords_static
...
Added new proposal keywords with function to reference the static keywords.
2012-09-13 15:42:38 +02:00
Tobias Brunner