Martin Willi
60c9b5da8d
Don't store additional encoding for each PKCS#9 attribute
2012-12-19 10:32:07 +01:00
Martin Willi
7f9fedc9bd
Unify PKCS#9 set_attribute* methods to a single add_attribute
...
This way the PKCS#9 implementation does not have to know
the encoding types for values
2012-12-19 10:32:07 +01:00
Martin Willi
c1005c120c
PKCS#9 coding style cleanups
2012-12-19 10:32:07 +01:00
Martin Willi
f0c02e27c4
Remove external build_encoding method in PKCS#9
2012-12-19 10:32:07 +01:00
Tobias Brunner
f9625952ad
Moved settings_t to utils folder
2012-10-24 16:00:51 +02:00
Tobias Brunner
f05b427265
Moved debug.[ch] to utils folder
2012-10-24 16:00:51 +02:00
Tobias Brunner
d5c143e5be
Moved enum_name_t to utils folder
2012-10-24 16:00:50 +02:00
Tobias Brunner
12642a6831
Moved data structures to new collections subfolder
2012-10-24 16:00:49 +02:00
Martin Willi
60e59b7e7f
Add proposal keywords to explicitly specify PRF algorithms
2012-10-24 11:49:36 +02:00
Tobias Brunner
91a8dc2dec
Fixed RNG crypto tester
2012-09-28 19:13:40 +02:00
Tobias Brunner
24aa55867e
Initialize g and p in create_dh factory method
2012-09-28 15:48:09 +02:00
Tobias Brunner
4e16d2e864
Fix Doxygen comment for proposal_keywords_t
...
Two dots seem to mark the end of a list.
2012-09-18 16:13:23 +02:00
Tobias Brunner
08ad639f32
Added algorithm lookup via kernel_interface_t to the various kernel interfaces
2012-09-13 15:48:49 +02:00
Tobias Brunner
4c57c63062
Added possibility to register custom proposal keywords
...
Keyword lookup and registration are handled via the new lib->proposal object.
2012-09-13 15:44:46 +02:00
Tobias Brunner
995875210a
Removed len argument from proposal_get_token()
...
Also use enumerators instead of lexparser.h to parse proposal strings.
2012-09-13 15:44:01 +02:00
Francois ten Krooden
8c2ec47149
Moved proposal_keywords to proposal_keywords_static
...
Added new proposal keywords with function to reference the static keywords.
2012-09-13 15:42:38 +02:00
Tobias Brunner
3b891b9e5b
Avoid problems with Doxygen by adding warn_unused_result attribute at the end of method signatures
2012-08-11 16:48:09 +02:00
Tobias Brunner
2c93a214aa
Add warn_unused_result attributes to rng_(get|allocate)_bytes_not_zero
...
Also fixed Doxygen comments.
2012-08-11 16:30:27 +02:00
Martin Willi
11d6bc3eb0
Move MODP_CUSTOM va_arg fetching out of loop
...
It seems problematic at least on PPC with gcc 4.3, fixes #208 .
2012-08-02 12:08:27 +02:00
Martin Willi
4b96000833
Add short names for hasher algorithms
2012-07-17 17:31:55 +02:00
Martin Willi
44fc169579
Test reset() of hasher in crypto tester
2012-07-16 14:55:07 +02:00
Martin Willi
67ea663d7c
Refactored error handling in crypto tester
2012-07-16 14:55:07 +02:00
Martin Willi
73264a81b8
Set a key before benching PRFs
2012-07-16 14:55:07 +02:00
Martin Willi
e3b2e900e6
Add a return value to hasher_t.reset()
2012-07-16 14:55:06 +02:00
Martin Willi
87dd205b61
Add a return value to hasher_t.allocate_hash()
2012-07-16 14:55:06 +02:00
Martin Willi
8bd6a30af1
Add a return value to hasher_t.get_hash()
2012-07-16 14:55:06 +02:00
Martin Willi
ce73fc19db
Add a return value to crypter_t.set_key()
2012-07-16 14:53:38 +02:00
Martin Willi
3b96189a2a
Add a return value to crypter_t.decrypt()
2012-07-16 14:53:38 +02:00
Martin Willi
e35abbe588
Add a return value to crypter_t.encrypt
2012-07-16 14:53:37 +02:00
Martin Willi
c3858662d2
Identation fixes, warn about unused nonce_gen return values
2012-07-16 14:53:37 +02:00
Martin Willi
6ac8d861d9
Add a return value to mac_t.set_key()
2012-07-16 14:53:37 +02:00
Martin Willi
27e1eabbb5
Add a return value to mac_t.get_bytes()
2012-07-16 14:53:37 +02:00
Tobias Brunner
5668a99a12
Wrapper functions added to generate non-zero random bytes
2012-07-16 14:53:35 +02:00
Tobias Brunner
3c73911174
Check rng return value when generating key and IV in PKCS#7 wrapper
2012-07-16 14:53:35 +02:00
Tobias Brunner
8a8364f26e
Check rng return value in crypto tester
2012-07-16 14:53:34 +02:00
Tobias Brunner
39e807728e
RNGs' get_bytes and allocate_bytes return boolean
2012-07-16 14:53:34 +02:00
Reto Buerki
605985d122
Nonce: Let get_nonce, allocate_nonce return boolean
2012-07-16 14:53:34 +02:00
Martin Willi
f3ca96b2bf
Add a return value to prf_t.set_key()
2012-07-16 14:53:34 +02:00
Martin Willi
ecc080b393
Add a return value to prf_t.allocate_bytes()
2012-07-16 14:53:34 +02:00
Martin Willi
bc47488323
Add a return value to prf_t.get_bytes()
2012-07-16 14:53:33 +02:00
Martin Willi
edd54734c8
prf_plus_create() can return NULL on failure
2012-07-16 14:53:33 +02:00
Martin Willi
8207fe3eb3
Add a return value to prf_plus_t.get_bytes()
2012-07-16 14:53:33 +02:00
Martin Willi
5d79e6c6b4
Add a return value to prf_plus_t.allocate_bytes()
2012-07-16 14:53:33 +02:00
Martin Willi
2d56575d52
Add a return value to signer_t.set_key()
2012-07-16 14:53:33 +02:00
Martin Willi
2e96de60a8
Add a return value to signer_t.get_signature()
2012-07-16 14:53:33 +02:00
Martin Willi
cbfbba7d86
Add a return value to signer_t.allocate_signature()
2012-07-16 14:53:32 +02:00
Martin Willi
ad08730a4b
Add a return value to aead_t.set_key()
2012-07-16 14:53:32 +02:00
Martin Willi
e2ed7bfd22
Add a return value to aead_t.encrypt()
2012-07-16 14:53:32 +02:00
Tobias Brunner
c4a3c9672a
Make the hmac_t interface a generic interface for message authentication codes
2012-06-25 16:35:06 +02:00
Tobias Brunner
01850f5d55
Function to convert PRFs to hash algorithms added
2012-06-25 16:35:06 +02:00
Tobias Brunner
903093d439
hasher_algorithm_from_integrity() optionally returns truncation length
2012-06-25 16:35:06 +02:00
Tobias Brunner
57ff4be874
Simple wrappers for HMAC based prf_t and signer_t implementations added
2012-06-25 16:35:06 +02:00
Tobias Brunner
5d227c79a9
Doxygen fix in PKCS#7 wrapper
2012-06-19 13:32:59 +02:00
Tobias Brunner
cc55783f36
Added function to convert integrity algorithms to hash algorithms (if based on one).
2012-06-11 17:33:28 +02:00
Tobias Brunner
6e6d78a561
Changed memory management and call logic in PKCS#7 parser/generator.
2012-06-11 17:09:20 +02:00
Tobias Brunner
2bf125f0ed
Changed memory management and attribute handling in PKCS#9 wrapper.
2012-06-11 17:09:20 +02:00
Tobias Brunner
ea92d4f305
Added get_attributes() method to pkcs7_t.
2012-06-11 17:09:19 +02:00
Tobias Brunner
07f0abd7ac
Updated PKCS#7 parser/generator in libstrongswan.
...
Added some functionality from pluto's version, updated usage of asn1
and crypto primitives. It does compile but is not really tested yet.
2012-06-11 17:09:19 +02:00
Martin Willi
75d4e01c4a
Enumerate correct list while removing nonce_gens, fix deregistration
2012-05-21 12:28:01 +02:00
Tobias Brunner
b826b192ba
Add enumerator for registered nonce generators.
2012-05-18 08:15:41 +02:00
Adrian-Ken Rueegsegger
e2fc09c186
Add nonce generator interface
...
Nonce generators (nonce_gen_t) can be used to get or allocate nonces.
Users can request nonce generators from the crypto factory while nonce
plugins register/remove themselves to/from the crypto factory.
2012-05-18 08:15:40 +02:00
Martin Willi
1b82fdb2e5
Use correct integrity_algorithm_t enum type in bench_signer()
2012-05-14 14:11:22 +02:00
Martin Willi
b24be29646
Merge branch 'ikev1'
...
Conflicts:
configure.in
man/ipsec.conf.5.in
src/libcharon/encoding/generator.c
src/libcharon/encoding/payloads/notify_payload.c
src/libcharon/encoding/payloads/notify_payload.h
src/libcharon/encoding/payloads/payload.c
src/libcharon/network/receiver.c
src/libcharon/sa/authenticator.c
src/libcharon/sa/authenticator.h
src/libcharon/sa/ikev2/tasks/ike_init.c
src/libcharon/sa/task_manager.c
src/libstrongswan/credentials/auth_cfg.c
2012-05-02 11:12:31 +02:00
Tobias Brunner
bad192069f
Make AES-CMAC actually usable for IKEv2.
2012-04-04 10:51:46 +02:00
Andreas Steffen
d1391b8fdb
fixed typo
2012-04-03 12:07:13 +02:00
Martin Willi
b1f2f05c92
Merge branch 'ikev1-clean' into ikev1-master
...
Conflicts:
configure.in
man/ipsec.conf.5.in
src/libcharon/daemon.c
src/libcharon/plugins/eap_ttls/eap_ttls_peer.c
src/libcharon/plugins/eap_radius/eap_radius_accounting.c
src/libcharon/plugins/eap_radius/eap_radius_forward.c
src/libcharon/plugins/farp/farp_listener.c
src/libcharon/sa/ike_sa.c
src/libcharon/sa/keymat.c
src/libcharon/sa/task_manager.c
src/libcharon/sa/trap_manager.c
src/libstrongswan/plugins/x509/x509_cert.c
src/libstrongswan/utils.h
Applied lost changes of moved files keymat.c and task_manager.c.
Updated listener_t.message hook signature in new plugins.
2012-03-20 17:57:53 +01:00
Martin Willi
7b1e15ac4e
Fixed IKEv1 prf+ keymat expansion beyond 320 bits
2012-03-20 17:31:22 +01:00
Tobias Brunner
38d189eee9
Compiler warning fixed in prf_plus_t.
2012-03-20 17:31:07 +01:00
Martin Willi
d4f6686c69
Extended PRF+ by a non-counting variant as used by IKEv1
2012-03-20 17:30:48 +01:00
Tobias Brunner
686cfd4e34
Added support for untruncated MD5 and SHA1 HMACs in ESP as used in RFC 4595.
...
This requires a Linux kernel >= 2.6.33.
2012-02-27 14:31:19 +01:00
Tobias Brunner
7171d8765e
Disable crypto benchmarking if CLOCK_THREAD_CPUTIME_ID is not available.
2012-01-30 11:04:55 +01:00
Adrian-Ken Rueegsegger
5ed3e3a7e6
Various style, typo and whitespace corrections
2012-01-13 16:27:35 +01:00
Tobias Brunner
e86b685da5
Allow callers to force ASN.1 date encoding as GENERALIZEDTIME.
2011-12-23 18:07:39 +01:00
Tobias Brunner
1267127c11
Properly ASN.1 encode dates in certificates depending on the year.
2011-12-23 16:29:41 +01:00
Tobias Brunner
5ddeaf2884
Fixed compiler warnings for DH groups that define no subgroup.
2011-11-25 10:18:03 +01:00
Tobias Brunner
10b82be61f
pkcs11: Merged the ECDH into the DH implementation.
2011-10-31 18:45:37 +01:00
Andreas Steffen
6a9642e466
Migrated crypto/prf_plus to INIT/METHOD macros
2011-10-02 11:27:38 +02:00
Andreas Steffen
1c55141001
Migrated crypto/pkcs9 to INIT/METHOD macros
2011-10-02 11:21:23 +02:00
Andreas Steffen
ae84beff76
Migrated crypto/pkcs7 to INIT/METHOD macros
2011-10-02 11:11:46 +02:00
Tobias Brunner
f3bb1bd039
Fixed common misspellings.
...
Mostly found by 'codespell'.
2011-07-20 16:14:10 +02:00
Tobias Brunner
4f9c691adb
Replaced pkcs7_t.create_certificate_iterator with enumerator.
...
The method is currently not used.
2011-07-06 09:43:45 +02:00
Tobias Brunner
e26304348c
Replaced simple iterator usages.
2011-07-06 09:43:45 +02:00
Tobias Brunner
28623fc538
"this" removed from comments.
2011-07-06 09:43:45 +02:00
Martin Willi
e35727c14d
Fix algorithm type for signers, fixes warning with gcc 4.5
2011-05-03 11:33:40 +02:00
Martin Willi
f8b26c452a
Added proposal keywords for ESN support
2011-04-20 12:26:58 +02:00
Martin Willi
6dc36a73e2
Fixed debug statement if algorithm benchmarking enabled
2011-04-08 14:55:10 +02:00
Andreas Steffen
27a66f9393
implemented wrap around of registered IKEv1 algorithm names
2010-12-26 17:11:02 +01:00
Andreas Steffen
690d5aed59
disable AEAD crypto algorithm if no key size is supported
2010-12-25 16:14:55 +01:00
Andreas Steffen
d733a3babb
disable crypto algorithm if no key size is supported
2010-12-25 16:11:50 +01:00
Andreas Steffen
c6a043fad0
log if an AEAD algorithm does not support a given key size
2010-12-25 15:53:15 +01:00
Andreas Steffen
90288c76f8
log if a crypto algorithm does not support a given key size
2010-12-25 15:49:29 +01:00
Andreas Steffen
5932f41fcc
trace back crypto algorithms to the plugins that registered them
2010-12-18 16:31:12 +01:00
Martin Willi
7d7711aba4
Added a generic function to check if a DH group is an EC group
2010-09-03 16:22:10 +02:00
Martin Willi
033fe95f0b
Added support for a non-truncated SHA384 HMAC variant, as used by TLS
2010-09-03 14:54:43 +02:00
Martin Willi
0abd558a65
Added a MODP_CUSTOM DH group which takes g and p as constructor arguments
2010-09-02 19:33:08 +02:00
Martin Willi
9d3e174a1e
Give a benchmark point for each operation to compare different transforms
2010-08-19 19:05:14 +02:00
Martin Willi
3f6a2d3343
Added proposal strings for Camellia CCM algorithm identifiers
2010-08-19 19:02:34 +02:00
Martin Willi
77b55e8a96
Added support for AEAD algorithms to crypto factory
2010-08-19 19:02:34 +02:00
Martin Willi
e09a87d652
Added AEAD support to crypto tester
2010-08-19 19:02:33 +02:00
Martin Willi
7fc4b0814f
Make function to test if an encryption algorithm is an AEAD alg public
2010-08-19 19:02:16 +02:00
Martin Willi
df8d0d8703
Implemented an AEAD wrapper for traditional crypter/signer transforms
2010-08-19 12:35:54 +02:00
Martin Willi
6c620d5ee0
Test append mode for signers verify_signature
2010-08-19 12:35:53 +02:00
Martin Willi
a369a5ece9
Do not free registered algorithms, plugins are responsible for unregistering
2010-08-16 17:06:28 +02:00
Martin Willi
1b0eff58e0
Implemented algorithm benchmarking during registration
2010-08-16 17:06:28 +02:00
Martin Willi
e8bf9d6e16
Migrated crypto_factory to INIT/METHOD macros
2010-08-16 17:06:27 +02:00
Martin Willi
aed2bf0bd9
Migrated crypto_tester to INIT/METHOD macros
2010-08-16 17:06:27 +02:00
Martin Willi
c7776e0aa8
Support Camellia XCBC algorithms in proposal
2010-08-13 17:11:54 +02:00
Martin Willi
5a2dbd5c37
Added private Camellia XCBC identifiers for PRFs and signers
2010-08-13 17:11:53 +02:00
Martin Willi
42cbe87fc7
Implemented AES/Camellia counter mode in gcrypt
2010-08-13 17:11:53 +02:00
Martin Willi
1ee98dbb4a
Added Camellia CTR mode proposal keywords
2010-08-13 17:11:53 +02:00
Martin Willi
3102d8669d
Use IV length of a crypter instead of block size for IV calculations
2010-08-13 17:11:53 +02:00
Martin Willi
f7c04c5b37
Add dedicated getter for the IV size to the crypter_t interface
2010-08-13 17:11:53 +02:00
Martin Willi
bfe4d08c20
Report the symbol name of a failed test vector
2010-08-13 17:11:53 +02:00
Martin Willi
9dc73cd21c
Added support for AUTH_HMAC_SHA2_256_256, used in TLS
2010-08-03 15:39:24 +02:00
Martin Willi
4590260b2d
Added support for DH groups 22, 23 and 24, patch contributed by Joy Latten
2010-04-19 14:41:20 +02:00
Martin Willi
b34b93dbf7
Store DH generator in a chunk, hide non-public data in a private struct
2010-04-08 15:08:35 +02:00
Tobias Brunner
8b0e09103b
Adding DBG_LIB to all calls of libstrongswan's version of DBG*.
2010-04-06 12:47:40 +02:00
Tobias Brunner
908d571796
Provide the Diffie Hellman parameters from a central location, so that we do not have to replicate them in every plugin that implements the DH interface.
...
The main reason for this change is that Android's libcrypto does not
include the get_rfcX_prime_Y functions by default. Therefore we would
have had to replicate the primes a third time.
2010-03-09 17:15:16 +01:00
Tobias Brunner
71baf5a8f0
Adding support for AES GMAC (RFC4543).
2010-02-12 10:57:39 +01:00
Tobias Brunner
eba64cef41
Separated the public interfaces of the threading primitives.
2009-12-23 17:01:53 +01:00
Tobias Brunner
14f7091280
Moved mutex.c to a separate folder in order to cleanly wrap other threading primitives (and utils/mutex.h is now threading.h).
2009-12-23 17:00:58 +01:00
Andreas Steffen
de962d6e7d
add IKEv1 support for the Camellia cipher
2009-12-15 19:13:06 +01:00
Martin Willi
6546482a68
Support the Linux specific SHA256 96 bit truncation HMAC via "sha256_96" keyword
2009-11-26 10:39:25 +01:00
Martin Willi
4952dc11da
Fixed all doxygen warnings
2009-10-22 14:34:10 +02:00
Andreas Steffen
210d287368
extended hasher_signature_algorithm_to_oid() function
2009-09-13 21:41:51 +02:00
Martin Willi
3b878dae7e
Removed chunk_from_buf() in favor of a simpler chunk_from_chars() macro
2009-09-11 15:39:35 +02:00
Martin Willi
7b3814f75d
remove spaces before tabs at the beginning of lines (^( )+\t)
2009-09-04 15:02:11 +02:00
Martin Willi
b9b8a98f47
remove spaces within tabs (\t( )+\t)
2009-09-04 15:00:19 +02:00
Martin Willi
323f9f990f
replaces four spaces by tabs, where appropriate
2009-09-04 14:50:23 +02:00
Martin Willi
7daf5226b7
removed trailing spaces ([[:space:]]+$)
2009-09-04 13:46:09 +02:00
Martin Willi
eb73685dac
create algorithmIdentifier dynamically from OID database
2009-08-27 13:59:30 +02:00
Martin Willi
280469923d
make use of the pem helper plugin to load credentials
2009-08-26 11:23:49 +02:00
Tobias Brunner
3901937d14
OpenSolaris defines MUTEX_DEFAULT therefore we rename the members of the enums mutex/condvar/rwlock_type_t.
2009-08-14 13:30:59 +02:00
Andreas Steffen
b6f739c13b
support of SHA224-based certificate signatures
2009-08-05 22:01:44 +02:00
Andreas Steffen
e3f3b004e2
fix test vector error output
2009-07-17 20:36:21 +02:00
Andreas Steffen
521aa00fb1
shortened cypto test output
2009-07-17 16:36:01 +02:00
Andreas Steffen
bfab805898
removed superfluous print argument
2009-06-17 22:54:57 +02:00
Andreas Steffen
53095480af
conversion from CAMELLIA OIDs to encryption_algorithm
2009-06-17 13:12:48 +02:00
Andreas Steffen
b07ffa2490
reformatted crypto_test output
2009-06-16 14:58:49 +02:00
Martin Willi
26999f2511
increased verbosity of successful crypto tests
2009-06-16 09:54:28 +02:00
Martin Willi
72e174f966
removed one hierarchy level for crypto test options
2009-06-16 09:48:45 +02:00
Martin Willi
371a54c7a9
added support for stateful PRFs (such as the FIPS_PRF)
2009-06-12 10:39:47 +02:00
Martin Willi
28a0728b67
make use of the crypto_tester in the crypto_factory
...
libstrongswan.crypto.test.on_add to test algorithms during initialization
libstrongswan.crypto.test.on_create to test algorithms on each instantiation
2009-06-11 15:55:48 +02:00
Martin Willi
3e8891667b
implemented a crypto_tester class to test crypto algorithms
...
libstrongswan.crypto.test.required to require at least one test vector to use an algorithm
libstrongswan.crypto.test.rng_true to run RNG tests on RNG_TRUE quality
2009-06-11 15:54:44 +02:00
Martin Willi
6f299040fb
handling hashers and rngs as transform types (in private range)
2009-06-11 14:17:16 +02:00
Martin Willi
c4f59ccec0
fixed ENUM naming of XCBC prf
2009-06-02 14:41:53 +02:00
Andreas Steffen
80cbbfed36
make signer names consistent
2009-05-19 22:56:14 +02:00
Andreas Steffen
4dc4c11efd
added des and default length cbc encryption algorithms
2009-05-19 15:45:01 +02:00
Andreas Steffen
4491d66692
add _CBC to all encryption algorithms in CBC mode
2009-05-19 10:02:24 +02:00
Andreas Steffen
5908478527
moved definition of proposal_token from proposal.c to proposal_keywords.h
2009-05-19 10:02:24 +02:00
Andreas Steffen
5e3b318c69
didn't want to commit that
2009-05-15 22:47:36 +02:00
Andreas Steffen
433cb51bb9
moved IKEv2 proposals and transforms to libstrongswan
2009-05-15 22:43:48 +02:00
Andreas Steffen
dcf47581a8
shortened DH group names
2009-05-15 20:58:04 +02:00
Martin Willi
9caceb6ed5
updated prf identifiers
2009-05-15 13:49:05 +02:00
Martin Willi
b79ca7858b
updated integrity algorithm identifiers
2009-05-15 13:48:44 +02:00
Andreas Steffen
b5fd65e95c
cleaned up pluto's crypto framework
2009-05-14 22:56:10 +02:00
Andreas Steffen
0a8ad227d4
renamed ENCR_TWOFISH and ENCR_SERPENT to ENCR_TWOFISH_CBC and ENCR_SERPENT_CBC, respectively
2009-05-14 13:55:56 +02:00
Andreas Steffen
d36ae9e305
started migration to encryption plugins
2009-05-09 00:04:28 +02:00
Andreas Steffen
c42d1469e6
defined ENCR_TWOFISH and ENCR_SERPENT
2009-05-08 07:51:24 +02:00
Andreas Steffen
e43b1e4a5b
inserted HASH_MD4 in increasing order
2009-05-07 23:19:19 +02:00
Andreas Steffen
ebe01cae0f
use prfs for IKEv1 hmacs
2009-05-04 23:38:57 +02:00
Andreas Steffen
78e6e0a33c
fixed typo
2009-05-04 23:08:29 +02:00
Andreas Steffen
8c45f0f102
added support for AUTH_HMAC_SHA1_160
2009-05-04 23:01:40 +02:00
Martin Willi
2c36ebb58e
moved hasher to the correct doxygen group
2009-05-04 16:10:13 +02:00
Tobias Brunner
8c5d72cd0b
removing svn keyword $Id$ from all files
2009-04-30 13:19:35 +00:00
Tobias Brunner
d24a74c5b4
merging changes from portability branch back to trunk
...
important change for developers: %Y replaces %D to print identities!
2009-04-30 11:37:54 +00:00
Andreas Steffen
f67eebccc8
changed RNG_REAL to RNG_TRUE
2009-04-29 09:13:20 +00:00
Martin Willi
090ba9453c
fixed compiler warnings on 64bit
2009-04-22 08:26:54 +00:00
Andreas Steffen
247e665a44
support of the ESP CAMELLIA-CBC cipher by charon
2009-04-17 09:15:15 +00:00
Martin Willi
15e247922d
moved AUTH_HMAC_MD5_128 to IANA defined number
2009-04-02 13:53:20 +00:00
Martin Willi
1490ff4d9b
updated Doxyfile
...
properly close all doxygen groups
fixed remaining doxygen warnings
2009-03-24 17:43:01 +00:00
Martin Willi
4a6b84a934
reintegrated eap-radius branch into trunk
2009-03-24 10:24:58 +00:00
Tobias Brunner
5fa7aed491
des ecb enum value changed, ignores set for md4 plugin
2009-02-19 13:46:08 +00:00
Tobias Brunner
b250665f58
adding enum elements for MD4 and DES (ECB)
2009-02-18 19:45:46 +00:00
Martin Willi
a20abb81e9
added a MODP_NULL Diffie Hellman group to avoid calculation overhead in load-testing
2008-11-22 16:14:55 +00:00
Martin Willi
e76078e877
use read-write locks in crypto factory for parallelization
2008-11-05 16:21:57 +00:00
Martin Willi
d4f08fe324
removed superfluous get_other_public_value in diffie_hellman_t interface
2008-11-04 13:12:11 +00:00
Martin Willi
19aff61b19
reverted changeset 4529:
...
Camellia is 22 in IKEv1, but not-yet defined in IKEv2
in IKEv2, 22 is reserved for AES-XTS
2008-10-30 13:21:21 +00:00
Andreas Steffen
fdaed5289a
added Camellia CBC to list of encryption algorithms
2008-10-30 03:31:36 +00:00
Martin Willi
f65ba4e978
prf handles zero-length allocations graceful
2008-10-29 14:12:54 +00:00
Martin Willi
9482208633
crypto_factory algorithm enumeration API
...
implementation of "ipsec listalgs"
2008-08-28 09:24:42 +00:00
Andreas Steffen
0caf2b936e
added missing comma in enumeration
2008-05-29 06:55:03 +00:00
Tobias Brunner
346e9c5712
added the ECP groups from RFC 5114
2008-05-22 11:55:05 +00:00
Tobias Brunner
fc1a31d54b
added ECDH with OpenSSL (see RFC 4753)
2008-05-22 11:39:17 +00:00
Tobias Brunner
3f730ec1cd
Added support for AES-CCM and AES-GCM (authenticated encryption algorithms) in charon.
2008-05-16 13:27:21 +00:00
Martin Willi
240e727fde
renamed PRF_AES128_CBC to PRF_AES128_XCBC
2008-05-08 12:43:27 +00:00
Martin Willi
f5475fa440
crypter_t api supports in-place encryption using NULL as output parameter
2008-04-30 14:02:25 +00:00
Andreas Steffen
460025e253
introduced ASN1_EXIT command in ASN.1 object syntax definition
2008-04-28 16:00:52 +00:00
Andreas Steffen
c3628ebc35
optimized parser->success()
2008-04-26 11:08:36 +00:00
Andreas Steffen
df231f5488
ported ASN.1 changes to pkcs7
2008-04-26 10:20:51 +00:00
Andreas Steffen
d3d7e46b8c
refactoring of the ASN.1 parser
2008-04-26 09:24:14 +00:00
Martin Willi
4d18175997
removed status result from crypter interface to be consistent with other crypto interfaces
2008-04-22 07:14:24 +00:00
Martin Willi
6a365f0740
added API for random number generators, served through credential factory
...
ported randomizer_t to a rng_t on top of /dev/(u)random (plugin random)
2008-04-15 05:56:35 +00:00
Martin Willi
f6e7c0f785
removed stale ocsp header
2008-04-08 06:27:04 +00:00
Martin Willi
cfede7f6e2
The introduced SHA1_NOFINAL hasher was not sufficient for EAP-AKA,
...
as it requires to XOR the key into the hashers state.
A new SHA1 based keyed hash function, implemented as PRF, enables EAP-AKA
and the FIPS-PRF function to properly use the existing SHA1 implementation.
2008-03-19 14:02:52 +00:00
Martin Willi
552cc11b1f
merged the modularization branch (credentials) back to trunk
2008-03-13 14:14:44 +00:00
Andreas Steffen
9514d26c5c
parse signedData object with empty content
2008-02-02 00:29:03 +00:00
Andreas Steffen
f4a459473e
build_signedData() now computes messageDigest attribute
2008-02-01 22:26:01 +00:00
Andreas Steffen
7734c01677
added set_messageDigest() and get_messageDigest() methods
2008-02-01 22:24:51 +00:00
Andreas Steffen
e8bfe74289
extended and debugged PKCS#7 signedData support
2008-02-01 14:19:26 +00:00