Heiko Hund
0d59713dd9
Fixed ipsec pool --batch command
...
--batch mode has shown to be buggy in very obscure ways in the first real
life tests. For example a batch file
--del pool1
--replace pool2 --addresses file1
returned the error "/usr/libexec/ipsec/pool: unrecognized option '--lace'"
which was gone after moving the --del behind --replace. With the patch
from below applied everything works like a charm. From the info on the
man page it seem to be unrelated to this problem, though:
A program that scans multiple argument vectors, or
rescans the same vector more than once, and wants to
make use of GNU extensions such as '+' and '-' at the
start of optstring, or changes the value of
POSIXLY_CORRECT between scans, must reinitialize
getopt() by resetting optind to 0, rather than the
traditional value of 1. (Resetting to 0 forces the
invocation of an internal initialization routine that
rechecks POSIXLY_CORRECT and checks for GNU exten-
sions in optstring.)
Signed-off-by: Heiko Hund <hhund@astaro.com>
2010-03-24 08:21:36 +01:00
Martin Willi
7c11d10eb8
Removed strayed code fragment
2010-03-19 10:25:12 +01:00
Heiko Hund
437690f897
ipsec pool --batch command
...
Introduce the --batch command which reads several ipsec pool commands
and their arguments from a file or STDIN. Useful if you need to run
serveral commands atomically from a configuration daemon or likewise.
Signed-off-by: Heiko Hund <hhund@astaro.com>
2010-03-19 10:23:40 +01:00
Heiko Hund
a90ed06f8a
ipsec pool error return status
...
Fix the error return status of the ipsec pool command. Also make --del for
attributes succeed if no --server option was given.
Signed-off-by: Heiko Hund <hhund@astaro.com>
2010-03-19 10:23:35 +01:00
Heiko Hund
ef9f69a2b9
ipsec pool --replace command
...
Introduce the pool --replace command as an alternative to --add. Also change
the current behavior of allowing duplicate pool names so that, --add with
an existing name fails and --replace removes the existing pool before
adding the new one.
Signed-off-by: Heiko Hund <hhund@astaro.com>
2010-03-19 10:23:29 +01:00
Heiko Hund
49a452e3a2
--addresses option for ipsec pool --add command
...
Introduce the --addresses option for --add that can be used to add a pool
containing non-contiguous addresses. Additionally it allows to preclaim
certain addresses for certain roadwarrior IDs. See the second chunk of
the patch for a more detailed description.
Signed-off-by: Heiko Hund <hhund@astaro.com>
2010-03-19 10:23:26 +01:00
Andreas Steffen
a3316c2b9f
setting the two most significant bits assures an RSA modulus of maximum bit size
2010-03-15 15:13:26 +01:00
Andreas Steffen
d12ad4748a
fix 64bit issue with time_t from database
2010-03-10 10:46:49 +01:00
Tobias Brunner
908d571796
Provide the Diffie Hellman parameters from a central location, so that we do not have to replicate them in every plugin that implements the DH interface.
...
The main reason for this change is that Android's libcrypto does not
include the get_rfcX_prime_Y functions by default. Therefore we would
have had to replicate the primes a third time.
2010-03-09 17:15:16 +01:00
Tobias Brunner
d543d9cadf
Adding a helper function that translates single characters in a string.
2010-03-08 15:34:38 +01:00
Tobias Brunner
d14203b009
Replaced the deprecated RSA_generate_key with RSA_generate_key_ex.
2010-03-08 15:34:38 +01:00
Martin Willi
40f130dab3
Implemented the PRF_KEYED_SHA1 algorithm in the openssl plugin
2010-03-08 13:16:12 +01:00
Andreas Steffen
ceeb9bac8b
critical keyUsage extension must be parsed
2010-03-07 20:51:34 +01:00
Andreas Steffen
1ec8f22de2
set Certificate Sign and CRL Sign flags in keyUsage extension if CA is true
2010-03-07 17:27:53 +01:00
Tobias Brunner
afb364fff9
Reverting eba28948a5
which was only necessary when cross-compiling the plugins for Android 2.0.
...
With the coming monolithic build using Android.mk files this won't be
necessary anymore.
2010-03-02 12:03:44 +01:00
Tobias Brunner
4e657051f7
Streamlined the source file list formatting in plugin makefiles.
2010-03-02 10:40:50 +01:00
Tobias Brunner
6ec60bb92b
Link all enabled libstrongswan plugins into the library, link all enabled charon plugins into libcharon.
2010-03-02 10:38:52 +01:00
Tobias Brunner
3724668b3d
Enabling the plugin loader to be able to load plugins without explicitly loading a shared object file first.
2010-03-02 09:10:32 +01:00
Tobias Brunner
9ce567f895
Changed plugin constructors from plugin_create to plugin_name_plugin_create.
2010-03-02 09:10:26 +01:00
Tobias Brunner
6cc13cd9c5
Removing the plugin constructor declarations from the header files.
2010-03-02 09:10:19 +01:00
Tobias Brunner
eba28948a5
Link all plugins to libstrongswan.
2010-02-25 13:51:05 +01:00
Martin Willi
3e35a6e7a1
Use side-channel secured mpz_powm_sec of libgmp 5, if available
2010-02-18 17:38:59 +01:00
Andreas Steffen
b917f49684
initialize variables to avoid compiler warning
2010-02-05 12:34:37 +01:00
Martin Willi
7eab4a1be6
Support TLS client authentication Extended Key Usage in x509 generation
2010-01-14 12:00:43 +01:00
Andreas Steffen
3e33ae1004
ipsec pki --self|issue supports --pathlen option setting a path length constraint
2009-12-31 15:13:35 +01:00
Tobias Brunner
4a5a5dd290
Using the thread wrapper in charon, libstrongswan and their plugins.
2009-12-23 17:03:41 +01:00
Tobias Brunner
eba64cef41
Separated the public interfaces of the threading primitives.
2009-12-23 17:01:53 +01:00
Tobias Brunner
14f7091280
Moved mutex.c to a separate folder in order to cleanly wrap other threading primitives (and utils/mutex.h is now threading.h).
2009-12-23 17:00:58 +01:00
Andreas Steffen
e16a01a5e6
X509_IP_ADDR_BLOCKS flag signals the presence of an ipAddrBlock certificate extension
2009-12-22 13:18:27 +01:00
Andreas Steffen
91e35b7c9e
added create_ipAddrBlock_enumerator() method to x509_t
2009-12-22 11:58:30 +01:00
Andreas Steffen
157125e4c9
traffic_selector supports RFC 3779 address range format
2009-12-21 21:29:01 +01:00
Andreas Steffen
513eb95e60
parse RFC 3779 addressFamily
2009-12-20 19:26:28 +01:00
Andreas Steffen
7d379a786c
plugin name is x509
2009-12-20 16:01:35 +01:00
Andreas Steffen
28c25485ba
discard certificate with unknown critical extensions
2009-12-20 15:53:39 +01:00
Andreas Steffen
f3e366a9a0
use traffic_selector_t object to represent ipAddrBlocks
2009-12-20 15:15:02 +01:00
Andreas Steffen
ad858aee15
parse ipAddrBlocks
2009-12-17 17:32:55 +01:00
Martin Willi
83b760cb42
Migrated curl_fetcher to INIT/METHOD macros
2009-12-17 13:53:25 +01:00
Andreas Steffen
645f3865b2
ipsec pool manages dns and nbns servers
2009-12-16 18:11:57 +01:00
Andreas Steffen
3747f0f2e7
cosmetics
2009-12-16 13:33:09 +01:00
Andreas Steffen
a461e20dd8
provide attributes from SQL database
2009-12-16 12:31:41 +01:00
Martin Willi
4e90d9de9f
Removed obsolete curl interface specific destructor
2009-12-08 16:21:58 +01:00
Martin Willi
b5a2055fb1
Give plugins more control of which configuration attributes to request, and pass received attributes back to the requesting handler
2009-11-17 14:51:50 +01:00
Martin Willi
ee3d4ef801
Prefer MODP2048/1536 over ECP Diffie-Hellman groups
2009-11-12 13:10:30 +00:00
Andreas Steffen
bb7ae382fd
added some debugging to pgp certificate parsing
2009-11-10 10:04:55 +01:00
Andreas Steffen
262af16179
accept PGP v3 or v4 fingerprint as alternative to PGP user_id
2009-11-09 23:15:17 +01:00
Andreas Steffen
ab5762e32a
list v3 or v4 fingerprint
2009-11-08 23:21:03 +01:00
Andreas Steffen
9f0327e652
define TIME_32_BITS_SIGNED_MAX in utils.h
2009-11-08 18:55:52 +01:00
Andreas Steffen
4c68a85a75
implemented path length constraint checkinf for IKEv2
2009-11-04 23:37:15 +01:00
Andreas Steffen
fae322219f
output optional pathLenConstraint in ipsec listcacerts
2009-11-04 07:30:07 +01:00
Andreas Steffen
00aa027503
implemented parsing of pathLenConstraint
2009-11-04 00:03:10 +01:00
Martin Willi
4952dc11da
Fixed all doxygen warnings
2009-10-22 14:34:10 +02:00
Andreas Steffen
38031878dd
moved .gitignore for pool
2009-10-15 14:58:09 +02:00
Martin Willi
d38eb3355e
Migrated the lease_history option to the new libstrongswan plugin namespace
2009-10-15 10:14:10 +02:00
Andreas Steffen
668870be47
pool should be in th gitignore list
2009-10-14 14:37:03 +02:00
Andreas Steffen
270bb348e3
pluto now supports SQL-based virtual IP pools
2009-10-14 14:30:14 +02:00
Andreas Steffen
247794827e
move SQL-based pool functionality to new attr-sql libstrongswan plugin
2009-10-13 17:02:29 +02:00
Andreas Steffen
cf85e1319b
streamlined output from get_validity()
2009-10-06 14:22:27 +02:00
Andreas Steffen
408e46a324
ipsec pki --issue suports --flag authServer option
2009-10-05 22:44:01 +02:00
Andreas Steffen
ce40bf5def
ipsec pki --issue supports --flag ocspSigning option
2009-10-05 21:20:42 +02:00
Andreas Steffen
fc12e3cd2e
pluto now uses x509 plugin for attribute certificate handling
2009-10-05 07:24:28 +02:00
Andreas Steffen
0aa5cea248
mark embedded parsing in debug mode
2009-10-02 20:54:15 +02:00
Andreas Steffen
ec0abe4ab5
added some notBefore/notAfter debugging info
2009-10-02 20:14:09 +02:00
Andreas Steffen
daaedcb9c2
verify correctness of X.509 versions
2009-10-02 17:49:51 +02:00
Andreas Steffen
70e81857f9
generate known OIDs dynamically
2009-09-30 11:49:32 +02:00
Andreas Steffen
8ad23ba346
added get_subjectKeyIdentifier() to x509_t
2009-09-26 22:10:36 +02:00
Martin Willi
840743479a
Use mysql_config to query MySQL LIBS and CFLAGS
2009-09-23 12:45:03 +02:00
Andreas Steffen
a28334720c
adding additional flags to loaded X.509 certificates
2009-09-22 12:55:25 +02:00
Martin Willi
640ed4d5a5
Public/Private keys implement a has_fingerprint() method
2009-09-21 16:47:25 +02:00
Andreas Steffen
af784261f5
all arguments must be read
2009-09-20 21:56:22 +02:00
Martin Willi
4e1cade52f
Fixed loading of DER encoded certificate files
2009-09-16 11:24:35 +02:00
Andreas Steffen
edf30136b0
implemented ASN.1 encoding of PKCS#10 attributes
2009-09-15 21:55:44 +02:00
Martin Willi
012f62a820
Exponents of a RSA key in openssl are optional (for PGP)
2009-09-15 09:33:00 +02:00
Martin Willi
9f45b19fe7
Use ID_KEY_ID as PGP user id, as it can contain any string
2009-09-15 08:45:08 +02:00
Martin Willi
79c6f16212
Implemented support for preinstalled PGP certificates in charon
2009-09-15 08:23:48 +02:00
Martin Willi
4cb0e1bb76
Added basic support for PGP certificates (no trust relationships yet)
2009-09-15 08:23:48 +02:00
Martin Willi
88f3ffa1b1
Moved generic PGP parsing functions to pgp_utils.[ch]
2009-09-15 08:23:47 +02:00
Andreas Steffen
0001db115d
check if PKCS#10 version is 1
2009-09-14 19:38:57 +02:00
Andreas Steffen
29662a9b73
cosmetics
2009-09-14 19:29:05 +02:00
Martin Willi
b9fbd66587
Added support to build RSA keys from components in openssl
2009-09-14 14:29:10 +02:00
Andreas Steffen
341af94dc6
support of PKCS#10 certificate request generation without attributes
2009-09-14 00:45:51 +02:00
Andreas Steffen
210d287368
extended hasher_signature_algorithm_to_oid() function
2009-09-13 21:41:51 +02:00
Andreas Steffen
f03e0e9147
support of PKCS#10 certificate request parsing
2009-09-13 21:00:15 +02:00
Andreas Steffen
4c51c6be01
parsing error caused segfault in destroy()
2009-09-13 20:56:12 +02:00
Andreas Steffen
beace4af14
corrected captions
2009-09-12 17:39:15 +02:00
Martin Willi
6dc57cd02e
x509 plugin supports encoding of OCSP AuthorityInfo AccessLocations
2009-09-11 17:16:22 +02:00
Martin Willi
3b878dae7e
Removed chunk_from_buf() in favor of a simpler chunk_from_chars() macro
2009-09-11 15:39:35 +02:00
Martin Willi
881b259943
x509 plugin supports encoding of CRL distribution points
2009-09-11 15:36:22 +02:00
Martin Willi
5b03a350fc
use NULL to load plugins from default plugin directory
2009-09-10 18:52:42 +02:00
Martin Willi
d73f453c29
Updated x509 plugin to the new builder API
2009-09-10 16:20:21 +02:00
Martin Willi
91ef5c66ab
Updated pubkey plugin to the new builder API
2009-09-10 16:20:20 +02:00
Martin Willi
872176d350
Updated pkcs1 plugin to the new builder API
2009-09-10 16:20:20 +02:00
Martin Willi
43224e9527
Updated pgp plugin to the new builder API
2009-09-10 16:20:20 +02:00
Martin Willi
de408caf93
Updated pem plugin to the new builder API
2009-09-10 16:20:19 +02:00
Martin Willi
30c06407c6
Updated openssl plugin to the new builder API
2009-09-10 16:20:19 +02:00
Martin Willi
1086d00e41
Updated gmp plugin to the new builder API
2009-09-10 16:20:19 +02:00
Martin Willi
a94acb58a2
Updated gcrypt plugin to the new builder API
2009-09-10 16:20:18 +02:00
Martin Willi
26135ed9bb
Updated dnskey plugin to the new builder API
2009-09-10 16:20:18 +02:00
Martin Willi
0a139eeac9
Updated agent plugin to the new builder API
2009-09-10 16:20:18 +02:00
Martin Willi
7631aac20c
x509 certificates support encoding of email, DNS and IP subjectAltNames
2009-09-08 13:17:41 +02:00
Martin Willi
d7be290643
non self-signed x509 certificates are encoded with authorityKeyIdentifier
2009-09-08 11:26:05 +02:00
Martin Willi
5c92524449
x509 CA certificates are encoded with a subjectKeyIdentifier
2009-09-08 11:02:49 +02:00
Martin Willi
8ab900dee9
x509 plugin supports encoding of CA basicConstraint extension
2009-09-08 10:38:02 +02:00
Martin Willi
b7b5653386
Use macros to define --with options
2009-09-07 15:00:45 +02:00
Martin Willi
8b3b4a244e
Removed trailing whitespaces in configure.in/Makefile.am
2009-09-07 11:48:03 +02:00
Martin Willi
7b3814f75d
remove spaces before tabs at the beginning of lines (^( )+\t)
2009-09-04 15:02:11 +02:00
Martin Willi
b9b8a98f47
remove spaces within tabs (\t( )+\t)
2009-09-04 15:00:19 +02:00
Martin Willi
323f9f990f
replaces four spaces by tabs, where appropriate
2009-09-04 14:50:23 +02:00
Martin Willi
7daf5226b7
removed trailing spaces ([[:space:]]+$)
2009-09-04 13:46:09 +02:00
Martin Willi
d6a45127dc
plugins marked with a '!' are handled as critical: cancel if loading fails
2009-09-01 16:08:28 +02:00
Andreas Steffen
f561d6f2e9
changed prefix of crl_reason_t values from CRL_ to CRL_REASON_
2009-08-31 23:21:50 +02:00
Martin Willi
1d39663f7a
do not depend on gcrypt autoconf macros
2009-08-31 13:14:54 +02:00
Andreas Steffen
735628f3e3
removed position debug output
2009-08-30 17:37:27 +02:00
Martin Willi
bf3b8c90d0
added workaround to parse PEM encoded PGP key with KEY_RSA
2009-08-28 17:25:07 +02:00
Martin Willi
4593ef51fd
implemented PGP Secret-Key Packet parsing
2009-08-28 17:23:58 +02:00
Martin Willi
caf1af1d9f
fixed memleak
2009-08-28 16:16:39 +02:00
Andreas Steffen
2aa67d2636
.., but a comment might be helpful
2009-08-28 09:28:39 +02:00
Andreas Steffen
6be3f0f1d0
removed TODO reminder
2009-08-28 09:26:46 +02:00
Andreas Steffen
be04eef270
allow choice of digest algorithm in certificate generation
2009-08-28 09:08:03 +02:00
Andreas Steffen
e201f53e93
build_curve_signature() processes hash not data
2009-08-27 20:41:29 +02:00
Andreas Steffen
1dbaec2177
NID_hash and NID_ec_curve were interchanged
2009-08-27 20:28:41 +02:00
Andreas Steffen
ac6a0d5038
verify_signature() now processes hash not data
2009-08-27 20:18:22 +02:00
Andreas Steffen
c812802482
NID_hash and NID_ec_curver were interchanged
2009-08-27 20:11:49 +02:00
Martin Willi
10b2898d3c
verify that the ECDSA auth signature was done with the correct curve
2009-08-27 17:58:02 +02:00
Martin Willi
472cb4ce77
distinguish between RFC 4754 (concatenated) and RFC 3279 (DER encoded) ECDSA signatures
2009-08-27 17:37:42 +02:00
Martin Willi
8b10355c84
support generation of EC certificates
2009-08-27 13:59:30 +02:00
Martin Willi
82749537e2
added support for SIGN_ECDSA_WITH_SHA1 signature scheme in openssl
2009-08-27 13:59:30 +02:00
Martin Willi
eb73685dac
create algorithmIdentifier dynamically from OID database
2009-08-27 13:59:30 +02:00
Martin Willi
09fe3c7e4c
pkcs1 encoder supports subjectPublicKeyInfo encoding
2009-08-27 13:59:30 +02:00
Martin Willi
1a8ef8aabc
fixed memleak in openssl fingerprinting
2009-08-27 10:40:49 +02:00
Martin Willi
b12c6d163d
do openssl fingerprinting/encoding directly, openssl provides all functions
2009-08-27 09:58:38 +02:00
Martin Willi
083142c4a0
encoding public EC keys is not really possible without subjectPublicKeyInfo
2009-08-26 16:15:38 +02:00
Martin Willi
df5c60bc5d
added a BUILD_FROM_FD option, supporting credential parsing from stdin
2009-08-26 13:03:23 +02:00
Martin Willi
08ed551ce0
implemented openssl EC key generation
2009-08-26 11:23:55 +02:00
Martin Willi
a0b850450f
fixed openssl RSA private key encoding
2009-08-26 11:23:55 +02:00
Martin Willi
cb4f09eff3
updated agent plugin to new fingerprint/encoding API
2009-08-26 11:23:53 +02:00
Martin Willi
8d09681559
updated pubkey plugin to new fingerprinting API
2009-08-26 11:23:52 +02:00
Martin Willi
6b6ece636c
updated x509 plugin to public key/x509 API changes
2009-08-26 11:23:52 +02:00
Martin Willi
e35c3e2a03
updated openssl plugin to new private/public key API, use encoder framework
2009-08-26 11:23:52 +02:00
Martin Willi
cbd5138948
updated gcrypt plugin to new private/public key API, use encoder framework
2009-08-26 11:23:52 +02:00
Martin Willi
741680d179
updated gmp plugin to new private/public key API, use encoder framework
2009-08-26 11:23:52 +02:00
Martin Willi
64e77e8fbb
use credential builder API to parse trusted public keys
2009-08-26 11:23:52 +02:00
Martin Willi
d1b3e8607e
implemented PGP fingerprinting
2009-08-26 11:23:51 +02:00
Martin Willi
e773fe4cab
implemented pkcs1 private/public key encoding and fingerprinting
2009-08-26 11:23:51 +02:00
Martin Willi
831520d895
gmp uses component builder to build public- from private-key
2009-08-26 11:23:51 +02:00
Martin Willi
8380503168
gcrypt uses component builder to build public- from private-key
2009-08-26 11:23:51 +02:00
Martin Willi
b457e08fca
moved PGP code to pluto and gpg plugin
2009-08-26 11:23:51 +02:00
Martin Willi
7033a70fd0
gmp plugin makes use of pkcs1/pgp/dnskey plugins
2009-08-26 11:23:51 +02:00
Martin Willi
cbfafc1125
enforce RSA_PRIME1 > RSA_PRIME2 (p > q) in PGP
2009-08-26 11:23:51 +02:00
Martin Willi
5ef478aaee
implemented RFC3110 key builder in a plugin, added generic DNSKEY RR parsing
2009-08-26 11:23:51 +02:00
Martin Willi
3addf4e937
renamed BUILD_BLOB_RFC_3110 to BUILD_BLOB_DNSKEY, we potentially support other key types
2009-08-26 11:23:51 +02:00
Martin Willi
9493dd2ce0
implemented a pgp plugin providing PGP key parsing builders
2009-08-26 11:23:50 +02:00
Martin Willi
4e3d1e804e
make use of the pkcs1 plugin in gcrypt rsa key parsing
2009-08-26 11:23:50 +02:00
Martin Willi
3044774323
removed subjectPublicKeyInfo parsing, provided by pkcs1 plugin
2009-08-26 11:23:50 +02:00
Martin Willi
1e0f69373a
implemented a pkcs1 plugin providing PKCS#1 key parsing builders
2009-08-26 11:23:50 +02:00
Martin Willi
cbb62e8f4c
handle pluto specific certificates under CRED_CERTIFICATE, not as own credential kind
2009-08-26 11:23:49 +02:00
Martin Willi
11aa7e7869
use a pluto specific credential builder to build pluto cert_t's
2009-08-26 11:23:49 +02:00
Martin Willi
4d15129160
pass along X509 flags when loading PEM encoded data
2009-08-26 11:23:49 +02:00
Martin Willi
280469923d
make use of the pem helper plugin to load credentials
2009-08-26 11:23:49 +02:00
Martin Willi
c9db16b7dd
added file loading support to pem plugin, using mmap()
2009-08-26 11:23:48 +02:00
Martin Willi
160f4c225d
moved PEM parsing functionality to its own plugin
2009-08-26 11:23:48 +02:00
Tobias Brunner
3901937d14
OpenSolaris defines MUTEX_DEFAULT therefore we rename the members of the enums mutex/condvar/rwlock_type_t.
2009-08-14 13:30:59 +02:00
Andreas Steffen
994b80b513
activated CAMELLIA_CBC cipher in openssl plugin
2009-08-05 22:46:53 +02:00
Andreas Steffen
b6f739c13b
support of SHA224-based certificate signatures
2009-08-05 22:01:44 +02:00
Andreas Steffen
def1777eca
streamlined integrity test output some more
2009-07-18 11:23:27 +02:00
Andreas Steffen
6b04ba288d
streamlined debug output of integrity tests
2009-07-17 17:00:17 +02:00
Tobias Brunner
233a132634
Removed an unnecessary include of a header that is not available on Mac OS X.
2009-07-15 22:42:22 +02:00
Andreas Steffen
eebecebead
make ecp_x_coordinate_only = yes the default
2009-07-06 11:47:38 +02:00
Andreas Steffen
21863d6361
ecp_x_coordinate only option allows ECP interoperability with MS Windows
2009-07-06 08:47:18 +02:00
Andreas Steffen
876a6d737f
corrected comment
2009-07-04 09:26:36 +02:00
Martin Willi
00fcc0f8f3
added -avoid-version to LDFLAGS, plugins are not versioned
2009-07-03 08:57:11 +02:00
Martin Willi
a2f1bb238e
enforce correct RSA signature lenght in gcrypt
2009-06-30 12:10:30 +02:00
Martin Willi
960e0c1040
check integrity of plugins before loading
2009-06-22 15:47:17 +02:00
Martin Willi
31b9c10800
removed unneeded newline
2009-06-22 15:35:18 +02:00
Andreas Steffen
1ea31180a0
HASH_MD2 is not implemented yet in gcrypt
2009-06-18 10:03:05 +02:00
Andreas Steffen
3d7250d472
added test vector for NULL encryption
2009-06-18 09:59:24 +02:00
Andreas Steffen
c233bb932a
added test vector for NULL encryption
2009-06-18 09:42:05 +02:00
Andreas Steffen
21142d40d1
added md2 and md4 test vectors
2009-06-18 09:32:57 +02:00
Andreas Steffen
6561694796
added 2 des test vectors
2009-06-18 08:23:51 +02:00
Andreas Steffen
0e9ded6838
removed serpent and twofish plugins - use gcrypt instead
2009-06-18 07:27:40 +02:00
Andreas Steffen
e1101d5994
added 2 RC5 test vectors
2009-06-17 22:34:03 +02:00
Andreas Steffen
ed65740846
added 2 IDEA test vectors
2009-06-17 21:53:30 +02:00
Andreas Steffen
364786b69f
added 6 serpent test vectors
2009-06-17 21:37:26 +02:00
Andreas Steffen
142b7326a6
added 3 Twofish test vectors
2009-06-17 15:50:27 +02:00
Andreas Steffen
a36c082da6
added one CAST-128 test vector
2009-06-17 15:24:20 +02:00
Andreas Steffen
61bfc3acae
added 6 Camellia test vectors
2009-06-17 14:22:00 +02:00
Andreas Steffen
22511bbd34
added 6 Camellia test vectors
2009-06-17 14:21:34 +02:00
Andreas Steffen
942127a602
fixed 64 bit warning
2009-06-17 12:32:28 +02:00
Andreas Steffen
c3fcdd9322
added 2 3DES-CBC and 3 AES-CBC test vectors
2009-06-17 00:08:44 +02:00
Martin Willi
62d6da67dd
support older gcrypt libraries not defining the CAMELLIA cipher
2009-06-16 14:23:32 +02:00
Martin Willi
24d7b25d21
fixed compiler warning
2009-06-16 14:21:55 +02:00
Andreas Steffen
cd312fcc43
remove whitespace
2009-06-15 19:30:44 +02:00
Martin Willi
25ecb8dafa
gcrypt actually does not implement IDEA
2009-06-15 18:18:04 +02:00
Martin Willi
d32b14db5e
implemented gcrypt RSA encrypt/decrypt operations
2009-06-15 18:07:57 +02:00
Martin Willi
810ce1f336
added a gcrypt.quick_random option to generate weak testing keys faster
2009-06-15 18:06:16 +02:00
Martin Willi
04b348f61a
implemented IKEv1 specific SIGN_RSA_EMSA_PKCS1_NULL scheme in gcrypt
2009-06-15 14:47:39 +02:00
Martin Willi
3176e4421f
check if RSA key is large enough to sign a chunk of data
2009-06-15 13:49:30 +02:00
Martin Willi
e7227f0ba0
use save chunk advancing, check signature length
2009-06-15 13:37:52 +02:00
Andreas Steffen
2b92fc9880
test_vectors.h is part of the distribution
2009-06-13 15:17:24 +02:00
Andreas Steffen
11e6d28533
pluto supports ECDSA authentication
2009-06-12 19:59:49 +02:00
Martin Willi
b59e239335
added SHA2 HMAC signer test vectors
2009-06-12 11:09:09 +02:00