ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
17,815 Commits 6 Branches 233 Tags 88 MiB
Commit Graph

64 Commits

Author SHA1 Message Date
Josh Soref b3ab7a48cc Spelling fixes 
* accumulating
* acquire
* alignment
* appropriate
* argument
* assign
* attribute
* authenticate
* authentication
* authenticator
* authority
* auxiliary
* brackets
* callback
* camellia
* can't
* cancelability
* certificate
* choinyambuu
* chunk
* collector
* collision
* communicating
* compares
* compatibility
* compressed
* confidentiality
* configuration
* connection
* consistency
* constraint
* construction
* constructor
* database
* decapsulated
* declaration
* decrypt
* derivative
* destination
* destroyed
* details
* devised
* dynamic
* ecapsulation
* encoded
* encoding
* encrypted
* enforcing
* enumerator
* establishment
* excluded
* exclusively
* exited
* expecting
* expire
* extension
* filter
* firewall
* foundation
* fulfillment
* gateways
* hashing
* hashtable
* heartbeats
* identifier
* identifiers
* identities
* identity
* implementers
* indicating
* initialize
* initiate
* initiation
* initiator
* inner
* instantiate
* legitimate
* libraries
* libstrongswan
* logger
* malloc
* manager
* manually
* measurement
* mechanism
* message
* network
* nonexistent
* object
* occurrence
* optional
* outgoing
* packages
* packets
* padding
* particular
* passphrase
* payload
* periodically
* policies
* possible
* previously
* priority
* proposal
* protocol
* provide
* provider
* pseudo
* pseudonym
* public
* qualifier
* quantum
* quintuplets
* reached
* reading
* recommendation to
* recommendation
* recursive
* reestablish
* referencing
* registered
* rekeying
* reliable
* replacing
* representing
* represents
* request
* request
* resolver
* result
* resulting
* resynchronization
* retriable
* revocation
* right
* rollback
* rule
* rules
* runtime
* scenario
* scheduled
* security
* segment
* service
* setting
* signature
* specific
* specified
* speed
* started
* steffen
* strongswan
* subjectaltname
* supported
* threadsafe
* traffic
* tremendously
* treshold
* unique
* uniqueness
* unknown
* until
* upper
* using
* validator
* verification
* version
* version
* warrior

Closes strongswan/strongswan#164.
 2020-02-11 18:23:07 +01:00
Tobias Brunner b9949e98c2 Some whitespace fixes 
Didn't change some of the larger testing scripts that use an inconsistent
indentation style.
 2019-08-22 15:18:06 +02:00
Tobias Brunner 667e74d60a bliss: Fix compilation with non-GNU C libraries 
Not even the glibc man page mentions that type.

Fixes #2638.
 2018-05-14 15:51:42 +02:00
Tobias Brunner de280c2e03 private-key: Add optional parameters argument to sign() method 2017-11-08 16:48:10 +01:00
Tobias Brunner a413571f3b public-key: Add optional parameters argument to verify() method 2017-11-08 16:48:10 +01:00
Tobias Brunner 7e7800e0a3 bliss: Fix compile error of unit tests due to uninitialized variable 2017-09-18 12:16:54 +02:00
Tobias Brunner 56ffcdb166 configure: Enable coverage for all plugins via PLUGIN_CFLAGS 2017-06-20 13:52:16 +02:00
Tobias Brunner 1c27cf3bc8 bliss: Increase timeout for sampler unit test 
Fixes #2204.
 2017-01-16 11:28:10 +01:00
Andreas Steffen cb8f436112 added XOF dependencies of bliss and ntru plugins 2016-10-18 16:28:43 +02:00
Andreas Steffen c54d1ef12c bliss sampler unit-test: Fixed enumeration type 2016-09-22 10:46:39 +02:00
Andreas Steffen a3a8b4acae bliss: bliss_sampler expects XOF type 2016-09-22 09:23:47 +02:00
Andreas Steffen 188b190a70 mgf1: Refactored MGF1 as an XOF 2016-09-21 06:40:52 +02:00
Andreas Steffen 17e4ca6ac9 integrity-test: Added bliss_param_sets to read-only segment 2016-07-29 12:36:15 +02:00
Andreas Steffen 7256c68da0 integrity-test: check code and ro segments of libnttfft 2016-07-29 12:36:15 +02:00
Andreas Steffen d305f251a5 Created libnttfft 
This makes Number Theoretic Transforms (NTT) based on the efficient
Fast-Fourier-Transform (FFT) available to multiple plugins.
 2016-07-29 12:36:15 +02:00
Andreas Steffen 65f2ecb86d Share twiddle factors table between 512 and 1024 point FFT 2016-07-29 12:36:14 +02:00
Andreas Steffen 68075fb7a7 Implemented FFT with n = 1024 and q = 11289 using Montgomery arithmetic 2016-07-29 12:36:14 +02:00
Andreas Steffen a7d626118f bliss: Implemented FFT with fast Montgomery arithmetic 2016-07-29 12:36:14 +02:00
Andreas Steffen 5ce749bcfc unit-tests: Decreased loop count of FFT speed test to 10'000 2016-07-22 21:27:42 +02:00
Andreas Steffen 10ebb3c914 unit-tests: Added bliss_fft_speed test 2016-07-22 11:58:10 +02:00
Andreas Steffen a88d958933 Explicitly mention SHA2 algorithm in BLISS OIDs and signature schemes 2015-11-06 14:55:31 +01:00
Andreas Steffen f6fede934b Support BLISS signatures with SHA-3 hash 2015-11-03 21:35:09 +01:00
Andreas Steffen e57190c312 Use MGF1 with SHA-512 as BLISS random oracle 2015-07-27 22:09:08 +02:00
Markku-Juhani Olavi Saarinen 7b7c510eec Generalize c_indices generation using SHA-512 random oracle. 
This generalization allows the ring dimension n to be different
from the current n = 512 and allows kappa to be > 56. Also the
hash octets are consumed in a more consistent manner.
 2015-07-27 19:51:51 +02:00
Markku-Juhani Olavi Saarinen 68d8a16830 Fixed several bugs in the BLISS signature generation/verification step. 
The c_indices derived from the SHA-512 random oracle consist of
nine bits (0..511). The leftmost 8 bits of each index are taken
on an octet-by-octet basis from the 56 leftmost octets of the
SHA-512 hash. The 9th bit needed for the LSB is taken from the
extra_bits 64 bit unsigned integer which consists of the 8 rightmost
octets of the SHA-512 hash (in network order). If more than 56
indices must be derived then additional rounds of the random oracle
are executed until all kappa c_indices have been determined.

The bug fix shifts the extra_bits value by one bit in each loop
iteration so that the LSB of each index is random. Also iterate
through the hash array using the loop variable j not the c_indices
variable i.
 2015-07-27 19:51:50 +02:00
Tobias Brunner faafaf35f4 bliss: Add generated Huffman codes to the repository 
While these files are generated they don't really change and are not
architecture dependant.  The previous solution prevented cross-compilation
from the repository as `bliss_huffman` was built for the target system but
was then executed on the build host to create the source files, which
naturally was bound to fail.

The `recreate-bliss-huffman` make target can be used inside the bliss
directory to update the source files if needed.

Fixes #812.
 2015-03-02 12:05:07 +01:00
Andreas Steffen 03b4d11ace Fixed compiler warnings 2015-02-27 08:44:16 +01:00
Andreas Steffen 27bd0fed93 Allow SHA256 and SHA384 data hash for BLISS signatures. 
The default is SHA512 since this hash function is also
used for the c_indices random oracle.
 2015-02-26 08:56:12 +01:00
Andreas Steffen a7f0ab786d unit-tests: Completed BLISS tests 2015-02-25 21:45:34 +01:00
Andreas Steffen bfb708ea23 Check for null pointer before applying memwipe() 2015-02-25 21:45:34 +01:00
Andreas Steffen c2aca9eed2 Implemented improved BLISS-B signature algorithm 2015-02-25 21:45:34 +01:00
Andreas Steffen ee3b135687 unit-tests: Adapted to coverity fixes 2014-12-23 15:40:01 +01:00
Andreas Steffen 6139c8e524 Fixed bad bit shift and sign extension errors 2014-12-23 15:40:01 +01:00
Tobias Brunner fd19feefa4 bliss: Remove unnecessary cast to double 
Coverity is still not happy when the result of an integer division is
assigned to a double (without e.g. casting the result to an int first to
indicate the intent).  The shift should avoid this issue.
 2014-12-23 15:40:01 +01:00
Tobias Brunner 078fe7aae6 bliss: Log type if unsupported 2014-12-23 15:40:01 +01:00
Tobias Brunner a8e82ace8a bliss: Make sure sampler exists after checking for it earlier 2014-12-23 15:40:01 +01:00
Tobias Brunner a876018e3e bliss: Fix Doxygen comments 2014-12-15 17:19:57 +01:00
Andreas Steffen 9b4e411c50 Also initialize s_sign 2014-12-12 13:24:11 +01:00
Andreas Steffen 3e654a13ee Cache only support fingerprint types 2014-12-12 13:08:40 +01:00
Andreas Steffen 8aaf36c6e3 Fix ambiguities and gcc compiler warning 2014-12-12 12:48:31 +01:00
Andreas Steffen 83447555a6 Use Huffman code in BLISS signature 2014-12-12 12:00:20 +01:00
Andreas Steffen 9394e26426 Include design parameters in generated Huffman code files 2014-12-12 12:00:20 +01:00
Tobias Brunner 700df23886 bliss: Fix monolithic build 
This requires moving test files so that the Makefile for the tests can be
included after building libstrongswan, which requires the plugin when
building monolithically.  Due to this a static helper library is required
as directly referring to object files (or source files) is not possible.

It's also necessary to avoid any link-time dependency on libstrongswan in
bliss_huffman, to avoid circular dependencies (bliss_huffman -> libstrongswan
-> bliss -> bliss_huffman).
 2014-12-12 12:00:20 +01:00
Tobias Brunner f55a03a2de bliss: Fix compilation warning with certain GCC versions 
Theoretically, n could be zero and these variables are then used
uninitialized.  Older GCC versions warn about this and on Travis where we
compile with -Werror this causes the tests to fail.
 2014-12-12 12:00:20 +01:00
Andreas Steffen 443346f56a Pack private key arrays 2014-12-10 22:45:30 +01:00
Andreas Steffen df5b2ade59 Automatic generation of optimized Huffman codes 2014-12-09 11:58:18 +01:00
Andreas Steffen 7442d2a208 unit-tests: added bliss_sampler test 2014-12-09 11:58:17 +01:00
Andreas Steffen 03f2a52e9c Expanded bliss_bitpacker to 32 bits 2014-12-09 11:58:17 +01:00
Andreas Steffen b6bb32e658 Implemented full BLISS support for IKEv2 public key authentication and the pki tool 2014-11-29 14:51:18 +01:00
Andreas Steffen 0d8a3f5d01 Applied bit packing to BLISS public key 2014-11-29 14:51:18 +01:00