1806ba0890
travis: Add a workaround for a bug regarding libtool installed via Homebrew
2016-08-25 17:21:02 +02:00
8456d6f5a8
ikev1: Don't require AH mapping for integrity algorithm when generating proposal
...
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
2016-08-25 13:34:36 +02:00
d125941802
libtpmtss: TCTI finalization call changed
2016-08-25 13:22:51 +02:00
36bf2b1bc5
conf: aikpub2.opt added to Makefile.am
2016-08-25 13:22:51 +02:00
09d8215d3f
pki: Allow to load CRLs from files in --verify
2016-08-25 11:07:35 +02:00
17ecc104fb
ikev1: Ignore the last two bytes of the Cisco Unity vendor ID
...
These seem to indicate the major and minor version of the protocol, like
e.g. for the DPD vendor ID. Some implementations seem to send versions
other than 1.0 so we just ignore these for now when checking for known
vendor IDs.
Fixes #2088 .
2016-08-24 17:46:05 +02:00
603a1d3c8f
utils: Fix definition of BYTE_ORDER with MinGW
2016-08-24 10:40:57 +02:00
22b839e6e9
ikev1: Accept more than one certificate payload in aggressive mode
...
Fixes #2085 .
2016-08-17 10:30:39 +02:00
ce20979ce2
testing: Virtual IPs went missing
2016-08-16 17:18:17 +02:00
3bca51e430
unit-tests: Removed unused variable
2016-08-11 17:01:33 +02:00
5afaf0dba2
Version bump to 5.5.1dr1
2016-08-10 18:11:53 +02:00
53332c9390
Merge branch 'newhope'
2016-08-10 16:23:04 +02:00
c1a1f9f548
testing: Added swanctl/rw-newhope-bliss scenario
2016-08-10 15:14:26 +02:00
1e0dc2c329
testing: Add chapoly, ntru and newhope plugins to crypto and integrity tests
2016-08-10 14:34:27 +02:00
277ef8c2fa
testing: Added ikev2/rw-newhope-bliss scenario
2016-08-10 14:22:00 +02:00
1342bd3386
unit-tests: Created newhope unit-tests
2016-08-10 14:22:00 +02:00
393688aea0
Created newhope plugin implementing the New Hope key exchange algorithm
2016-08-10 14:22:00 +02:00
1fddb0b92e
xof: Added ChaCha20 stream as XOF
2016-08-06 12:09:05 +02:00
8993cb556e
utils: Defined uletoh16() and htole16()
2016-08-06 12:09:05 +02:00
b8070e2c85
integrity-test: Added ntru_param_sets to read-only segment
2016-07-29 12:36:15 +02:00
17e4ca6ac9
integrity-test: Added bliss_param_sets to read-only segment
2016-07-29 12:36:15 +02:00
7256c68da0
integrity-test: check code and ro segments of libnttfft
2016-07-29 12:36:15 +02:00
d305f251a5
Created libnttfft
...
This makes Number Theoretic Transforms (NTT) based on the efficient
Fast-Fourier-Transform (FFT) available to multiple plugins.
2016-07-29 12:36:15 +02:00
65f2ecb86d
Share twiddle factors table between 512 and 1024 point FFT
2016-07-29 12:36:14 +02:00
68075fb7a7
Implemented FFT with n = 1024 and q = 11289 using Montgomery arithmetic
2016-07-29 12:36:14 +02:00
a7d626118f
bliss: Implemented FFT with fast Montgomery arithmetic
2016-07-29 12:36:14 +02:00
5ff88c9622
xof: Implemented SHAKE128 and SHAKE256 Extended Output Functions
2016-07-29 12:36:14 +02:00
04208ac5d4
xof: Defined Extended Output Functions
2016-07-29 12:36:14 +02:00
7f65a8c271
vici: Increased various string buffers to BUF_LEN (512 bytes)
2016-07-29 12:34:40 +02:00
fa1865094d
integrity-test: Added charon-systemd
2016-07-29 12:33:32 +02:00
eda8907b90
Added SHA-3 signature OIDs
2016-07-26 13:34:45 +02:00
a6d7aed78a
libcharon: Add exchange_tests to .gitignore
2016-07-25 14:01:26 +02:00
5ce749bcfc
unit-tests: Decreased loop count of FFT speed test to 10'000
2016-07-22 21:27:42 +02:00
10ebb3c914
unit-tests: Added bliss_fft_speed test
2016-07-22 11:58:10 +02:00
6f4b73615b
Merge branch 'tss2-sapi'
2016-07-20 11:26:45 +02:00
0274163674
libtpmtss: Use pkconfig to configure TSS 2.0 includes and libraries
2016-07-20 11:26:07 +02:00
60d0f52fd6
ike1: Flush active queue when queueing a delete of the IKE_SA
...
By aborting the active task we don't have to wait for potential
retransmits if the other peer does not respond to the current task.
Since IKEv1 has no sequential message IDs and INFORMATIONALs are no real
exchanges this should not be a problem.
Fixes #1537
References #429 , #1410
Closes strongswan/strongswan#48
2016-07-19 11:48:17 +02:00
74de8c3727
Version bump to 5.5.0
2016-07-13 13:26:16 +02:00
b977ef8ec9
NEWS: Some updates for the 5.5.0 release
2016-07-11 15:42:51 +02:00
1fafc56b95
Fixed some typos, courtesy of codespell
2016-07-04 12:18:51 +02:00
5e5dee36b6
testing: Remove obsolete openssl-fips recipe
...
This was only required when we initially started and OpenSSL was built
from sources, which was changed with b97dd59ba8
2016-07-04 12:18:51 +02:00
7b879874d7
Revert "testing: Only load selected plugins in swanctl"
...
This reverts commit dee01d019b505c318701
2016-07-01 17:35:52 +02:00
8fafbffdb7
Version bump to 5.5.0rc1
2016-06-30 16:28:28 +02:00
37ffa99cf2
imcv: Added EFI HCRTM event
2016-06-30 16:20:10 +02:00
ee2644dd3f
testing: Version bump to 4.6.3 kernel and strongSwan 5.5.0
2016-06-30 16:20:10 +02:00
a8d6501036
aikgen: Fix computation of key ID of the AIK public key
...
We don't have direct access to the modulus and exponent of the key anymore.
2016-06-30 12:56:41 +02:00
c05d49632f
libtpmtss: Define missing Doxygen group and fix some comments
2016-06-30 12:12:31 +02:00
a23bde26bd
libimcv: Fix Doxygen comment
2016-06-30 12:12:26 +02:00
c3e5109c37
testing: Add ikev1/net2net-esn scenario
2016-06-29 11:16:48 +02:00
40bb4677f7
ikev1: Add support for extended sequence numbers
...
Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
2016-06-29 11:16:48 +02:00
Tobias Brunner