Martin Willi
a5e3153a36
updated x509/CRL/AC API to align with public key, authKeyIdentifier is a chunk
2009-08-26 11:23:52 +02:00
Martin Willi
e35c3e2a03
updated openssl plugin to new private/public key API, use encoder framework
2009-08-26 11:23:52 +02:00
Martin Willi
cbd5138948
updated gcrypt plugin to new private/public key API, use encoder framework
2009-08-26 11:23:52 +02:00
Martin Willi
741680d179
updated gmp plugin to new private/public key API, use encoder framework
2009-08-26 11:23:52 +02:00
Martin Willi
1384a42e1b
changed get_id/get_encoding API of private/public key to use new encoding framework
2009-08-26 11:23:52 +02:00
Martin Willi
1ef69b01ab
removed obsolete fingerprint identification types
2009-08-26 11:23:52 +02:00
Martin Willi
edd354db6f
added generic implementation helpers for private_key_t.equals/belongs_to, public_key_t.equals
2009-08-26 11:23:52 +02:00
Martin Willi
0dd2defc5a
added a seperate chache lookup, as encode() requires arguments expensive to build
2009-08-26 11:23:52 +02:00
Martin Willi
64e77e8fbb
use credential builder API to parse trusted public keys
2009-08-26 11:23:52 +02:00
Martin Willi
d1b3e8607e
implemented PGP fingerprinting
2009-08-26 11:23:51 +02:00
Martin Willi
e773fe4cab
implemented pkcs1 private/public key encoding and fingerprinting
2009-08-26 11:23:51 +02:00
Martin Willi
934d49a4f9
chunk_cat/cata/create_cat/length accept the sensitive data clearing mode 's'
2009-08-26 11:23:51 +02:00
Martin Willi
957d116328
in addition to 'm'/'c' mode, asn1_wrap accepts a 's' mode clearing sensitive information
2009-08-26 11:23:51 +02:00
Martin Willi
d9b24887a4
added a facility to hand out fingerprinting/key encoding to the pkcs1/pgp/... plugins
2009-08-26 11:23:51 +02:00
Martin Willi
831520d895
gmp uses component builder to build public- from private-key
2009-08-26 11:23:51 +02:00
Martin Willi
8380503168
gcrypt uses component builder to build public- from private-key
2009-08-26 11:23:51 +02:00
Martin Willi
b457e08fca
moved PGP code to pluto and gpg plugin
2009-08-26 11:23:51 +02:00
Martin Willi
7033a70fd0
gmp plugin makes use of pkcs1/pgp/dnskey plugins
2009-08-26 11:23:51 +02:00
Martin Willi
cbfafc1125
enforce RSA_PRIME1 > RSA_PRIME2 (p > q) in PGP
2009-08-26 11:23:51 +02:00
Martin Willi
5ef478aaee
implemented RFC3110 key builder in a plugin, added generic DNSKEY RR parsing
2009-08-26 11:23:51 +02:00
Martin Willi
3addf4e937
renamed BUILD_BLOB_RFC_3110 to BUILD_BLOB_DNSKEY, we potentially support other key types
2009-08-26 11:23:51 +02:00
Martin Willi
9493dd2ce0
implemented a pgp plugin providing PGP key parsing builders
2009-08-26 11:23:50 +02:00
Martin Willi
4e3d1e804e
make use of the pkcs1 plugin in gcrypt rsa key parsing
2009-08-26 11:23:50 +02:00
Martin Willi
3044774323
removed subjectPublicKeyInfo parsing, provided by pkcs1 plugin
2009-08-26 11:23:50 +02:00
Martin Willi
1e0f69373a
implemented a pkcs1 plugin providing PKCS#1 key parsing builders
2009-08-26 11:23:50 +02:00
Martin Willi
7c2d883af7
show more information if building a credential fails
2009-08-26 11:23:50 +02:00
Martin Willi
3f9ec06f6f
added getnetbyname/gethostbyname2 to leak detective whitelist, used by pluto
2009-08-26 11:23:50 +02:00
Martin Willi
ddf7c6ac7b
do not enumerate builders returning NULL
2009-08-26 11:23:50 +02:00
Martin Willi
cbb62e8f4c
handle pluto specific certificates under CRED_CERTIFICATE, not as own credential kind
2009-08-26 11:23:49 +02:00
Martin Willi
94463a33b4
removed obsolete PEM code in pluto/libstrongswan
2009-08-26 11:23:49 +02:00
Martin Willi
11aa7e7869
use a pluto specific credential builder to build pluto cert_t's
2009-08-26 11:23:49 +02:00
Martin Willi
4d15129160
pass along X509 flags when loading PEM encoded data
2009-08-26 11:23:49 +02:00
Martin Willi
280469923d
make use of the pem helper plugin to load credentials
2009-08-26 11:23:49 +02:00
Martin Willi
c9db16b7dd
added file loading support to pem plugin, using mmap()
2009-08-26 11:23:48 +02:00
Martin Willi
160f4c225d
moved PEM parsing functionality to its own plugin
2009-08-26 11:23:48 +02:00
Andreas Steffen
fc0ed07c1f
pruned OID tree
2009-08-18 18:24:26 +02:00
Andreas Steffen
c8b543a6fc
fixed wrong emailAddress OID introduced by revision c31687da
2009-08-18 17:52:00 +02:00
Tobias Brunner
f1777dff59
Replacing gethostbyname, gethostbyname2 and their _r variants with getaddrinfo to increase portability.
2009-08-14 16:14:32 +02:00
Tobias Brunner
26965b4ef3
OpenSolaris needs libsocket and libnsl for socket().
2009-08-14 14:50:53 +02:00
Tobias Brunner
cc396286e8
Defined some missing fixed-width int types on OpenSolaris.
2009-08-14 14:50:22 +02:00
Tobias Brunner
3901937d14
OpenSolaris defines MUTEX_DEFAULT therefore we rename the members of the enums mutex/condvar/rwlock_type_t.
2009-08-14 13:30:59 +02:00
Tobias Brunner
8b6a5ce5ba
We need to include alloca.h on OpenSolaris.
2009-08-14 13:25:22 +02:00
Tobias Brunner
3974b2fb07
FreeBSD's libc does not support backtrace(), but libexecinfo optionally replicates this function (and the other defined in execinfo.h).
2009-08-07 18:46:25 +02:00
Andreas Steffen
5d8306de68
use SS_RC_FIRST and SS_RC_LAST
2009-08-06 16:42:44 +02:00
Andreas Steffen
3646c8a159
abort pluto or charon if initialization fails
2009-08-06 16:32:52 +02:00
Andreas Steffen
994b80b513
activated CAMELLIA_CBC cipher in openssl plugin
2009-08-05 22:46:53 +02:00
Andreas Steffen
b6f739c13b
support of SHA224-based certificate signatures
2009-08-05 22:01:44 +02:00
Martin Willi
3d2f73b92f
parse RDNs in multiple SEQUENCEs in all SETs of a DN
2009-08-03 15:24:48 +02:00
Tobias Brunner
b2117eee20
Make accept(2) and recvfrom(2) cancellation points on Mac OS X.
2009-07-30 14:06:26 +02:00
Andreas Steffen
e1089f5906
added file and segment lengths to checksum.c
2009-07-21 22:23:51 +02:00
Martin Willi
fcac8f6571
filter objects for segment checksumming by dlpi_name, excludes rare false positives
2009-07-21 15:10:24 +02:00
Martin Willi
7655843ab5
enumerate executable sections only to build checksum
2009-07-21 15:00:18 +02:00
Martin Willi
acd4afc997
announce integrity testing only once
2009-07-21 14:58:14 +02:00
Andreas Steffen
def1777eca
streamlined integrity test output some more
2009-07-18 11:23:27 +02:00
Andreas Steffen
e3f3b004e2
fix test vector error output
2009-07-17 20:36:21 +02:00
Andreas Steffen
eab241fb56
stop strongswan if integrity check of libstrongswan or daemon fails
2009-07-17 20:33:19 +02:00
Andreas Steffen
6b04ba288d
streamlined debug output of integrity tests
2009-07-17 17:00:17 +02:00
Andreas Steffen
521aa00fb1
shortened cypto test output
2009-07-17 16:36:01 +02:00
Tobias Brunner
599d2bcea8
Revert "gperf under FreeBSD does not know the -m option."
...
This reverts commit 0ead254919
.
2009-07-16 15:15:09 +02:00
Tobias Brunner
233a132634
Removed an unnecessary include of a header that is not available on Mac OS X.
2009-07-15 22:42:22 +02:00
Andreas Steffen
225bb2b810
conversion from ECDSA_WITH_SHAxxx OIDs to signature schemes
2009-07-15 18:12:40 +02:00
Martin Willi
74b14b4008
cast pointers to uintptr_t for alignement check
2009-07-15 10:39:45 +02:00
Tobias Brunner
0ead254919
gperf under FreeBSD does not know the -m option.
...
We could use AC_PATH_PROGS_FEATURE_CHECK (added in Autoconf 2.62) to check for this option.
2009-07-14 12:09:22 +02:00
Tobias Brunner
fd0df7ec75
Corrected check for valid ASN1 types in rdn_enumerate.
...
Because of the range of u_char the comparison was always TRUE before.
2009-07-14 12:09:22 +02:00
Andreas Steffen
75682462fc
added SHA224_WITH_RSA and ECDSA_WITH_SHAxxx OIDs
2009-07-14 05:35:01 +02:00
Andreas Steffen
d44b03563a
double free caused strange side effects
2009-07-13 20:28:36 +02:00
Andreas Steffen
5c49289e27
great, I got my comma back
2009-07-12 21:08:37 +02:00
Martin Willi
01e43e3183
memxor does not access unaligned words anymore, but still uses words if possible
2009-07-08 17:19:49 +02:00
Martin Willi
751a65f9da
fixed doxygen section pgp
2009-07-08 10:29:12 +02:00
Martin Willi
d7b965e931
fixed two doxygen warnings
2009-07-08 10:28:54 +02:00
Martin Willi
2d00984d73
added missing equals() method assignment for ID_ANY identities
2009-07-07 13:42:22 +02:00
Martin Willi
92a65c506a
use architecture specific Elf header
2009-07-06 16:36:01 +02:00
Martin Willi
0c31b9db84
centralized ID type specific method assignement in generic constructor
2009-07-06 13:15:29 +02:00
Martin Willi
bbf6a4c0ff
removed obsolete init_rdn()/get_next_rdn() functions
2009-07-06 13:15:29 +02:00
Martin Willi
8309798fae
reimplemented dnota() using RDN enumerator
2009-07-06 13:15:29 +02:00
Martin Willi
f48c3c72f4
added a chunk_printable() function (replaces sanitize_chunk)
2009-07-06 13:15:29 +02:00
Martin Willi
d692557298
replaced {same,match}_dn() by compare_dn(), using the RDN enumerator
2009-07-06 13:15:29 +02:00
Martin Willi
ed680e33c0
fixed memleak if RND parsing fails
2009-07-06 13:15:29 +02:00
Martin Willi
01da687f78
contains_wildcard() for DNs uses RDN enumerator
2009-07-06 13:15:28 +02:00
Martin Willi
2147da40a5
simplified identification_t.clone() using memcpy
2009-07-06 13:15:28 +02:00
Martin Willi
6bdd79d86c
use an enumerator to parse RDNs, based on asn1_unwrap() function
2009-07-06 13:15:28 +02:00
Martin Willi
5dd492efff
make filter enumerator methods static
2009-07-06 13:15:28 +02:00
Martin Willi
596e0540a5
asn1_unwrap() function to parse ASN.1 objects with length/type
2009-07-06 13:15:28 +02:00
Andreas Steffen
eebecebead
make ecp_x_coordinate_only = yes the default
2009-07-06 11:47:38 +02:00
Andreas Steffen
21863d6361
ecp_x_coordinate only option allows ECP interoperability with MS Windows
2009-07-06 08:47:18 +02:00
Andreas Steffen
876a6d737f
corrected comment
2009-07-04 09:26:36 +02:00
Martin Willi
90855e965a
added additional sanity checks to asn1_length() parsing
2009-07-03 09:26:48 +02:00
Martin Willi
00fcc0f8f3
added -avoid-version to LDFLAGS, plugins are not versioned
2009-07-03 08:57:11 +02:00
Martin Willi
a2f1bb238e
enforce correct RSA signature lenght in gcrypt
2009-06-30 12:10:30 +02:00
Martin Willi
cfe508d911
indicate use if integrity testing at startup
2009-06-22 15:47:18 +02:00
Martin Willi
67a7bb02ef
moved checksum_builder/libchechsum to top srcdir to respect build order
2009-06-22 15:47:18 +02:00
Martin Willi
bef508755b
build integrity_checker.c only if --enable-integrity-test set
2009-06-22 15:47:17 +02:00
Martin Willi
6a8c8815fe
check on-disk and loaded segment integrity of libstrongswan
2009-06-22 15:47:17 +02:00
Martin Willi
d88bcee079
reduced verbosity of integrity checker
2009-06-22 15:47:17 +02:00
Martin Willi
e3b7be91e1
removed obsolete INTEGRITY_TEST and fips signer code
...
--enable-integrity-test now conditionally builds libchecksum
2009-06-22 15:47:17 +02:00
Martin Willi
f1f51395d5
build checksums for charon plugins
2009-06-22 15:47:17 +02:00
Martin Willi
a0fc89798a
library initialization fails if libstrongswan checksum is invalid
2009-06-22 15:47:17 +02:00
Martin Willi
70f59fab9b
checksum.c depends on all libraries
2009-06-22 15:47:17 +02:00
Martin Willi
12c68f1b3a
implemented a checksum_builder tool to build the checksum library
2009-06-22 15:47:17 +02:00
Martin Willi
0179d4684a
integrity checker accepts an option checksum library on construction
2009-06-22 15:47:17 +02:00
Martin Willi
059c479a2f
check integrity of libstrongswan
2009-06-22 15:47:17 +02:00
Martin Willi
960e0c1040
check integrity of plugins before loading
2009-06-22 15:47:17 +02:00
Martin Willi
20d4fc97cf
implemented an integrity checker class to build and check code integrity
2009-06-22 15:47:16 +02:00
Martin Willi
31b9c10800
removed unneeded newline
2009-06-22 15:35:18 +02:00
Andreas Steffen
1ea31180a0
HASH_MD2 is not implemented yet in gcrypt
2009-06-18 10:03:05 +02:00
Andreas Steffen
3d7250d472
added test vector for NULL encryption
2009-06-18 09:59:24 +02:00
Andreas Steffen
c233bb932a
added test vector for NULL encryption
2009-06-18 09:42:05 +02:00
Andreas Steffen
21142d40d1
added md2 and md4 test vectors
2009-06-18 09:32:57 +02:00
Andreas Steffen
6561694796
added 2 des test vectors
2009-06-18 08:23:51 +02:00
Andreas Steffen
0e9ded6838
removed serpent and twofish plugins - use gcrypt instead
2009-06-18 07:27:40 +02:00
Andreas Steffen
bfab805898
removed superfluous print argument
2009-06-17 22:54:57 +02:00
Andreas Steffen
e1101d5994
added 2 RC5 test vectors
2009-06-17 22:34:03 +02:00
Andreas Steffen
ed65740846
added 2 IDEA test vectors
2009-06-17 21:53:30 +02:00
Andreas Steffen
364786b69f
added 6 serpent test vectors
2009-06-17 21:37:26 +02:00
Andreas Steffen
142b7326a6
added 3 Twofish test vectors
2009-06-17 15:50:27 +02:00
Andreas Steffen
a36c082da6
added one CAST-128 test vector
2009-06-17 15:24:20 +02:00
Andreas Steffen
1db85f2cc7
corrected ASN.1 encoding of OID node
2009-06-17 15:08:03 +02:00
Andreas Steffen
61bfc3acae
added 6 Camellia test vectors
2009-06-17 14:22:00 +02:00
Andreas Steffen
22511bbd34
added 6 Camellia test vectors
2009-06-17 14:21:34 +02:00
Andreas Steffen
53095480af
conversion from CAMELLIA OIDs to encryption_algorithm
2009-06-17 13:12:48 +02:00
Andreas Steffen
7417d35ee0
fixed tabs
2009-06-17 13:08:19 +02:00
Andreas Steffen
688705eec2
added camellia-cbc OIDs
2009-06-17 13:07:07 +02:00
Andreas Steffen
942127a602
fixed 64 bit warning
2009-06-17 12:32:28 +02:00
Andreas Steffen
c3fcdd9322
added 2 3DES-CBC and 3 AES-CBC test vectors
2009-06-17 00:08:44 +02:00
Andreas Steffen
b07ffa2490
reformatted crypto_test output
2009-06-16 14:58:49 +02:00
Martin Willi
62d6da67dd
support older gcrypt libraries not defining the CAMELLIA cipher
2009-06-16 14:23:32 +02:00
Martin Willi
24d7b25d21
fixed compiler warning
2009-06-16 14:21:55 +02:00
Martin Willi
26999f2511
increased verbosity of successful crypto tests
2009-06-16 09:54:28 +02:00
Martin Willi
72e174f966
removed one hierarchy level for crypto test options
2009-06-16 09:48:45 +02:00
Andreas Steffen
cd312fcc43
remove whitespace
2009-06-15 19:30:44 +02:00
Martin Willi
25ecb8dafa
gcrypt actually does not implement IDEA
2009-06-15 18:18:04 +02:00
Martin Willi
d32b14db5e
implemented gcrypt RSA encrypt/decrypt operations
2009-06-15 18:07:57 +02:00
Martin Willi
810ce1f336
added a gcrypt.quick_random option to generate weak testing keys faster
2009-06-15 18:06:16 +02:00
Martin Willi
04b348f61a
implemented IKEv1 specific SIGN_RSA_EMSA_PKCS1_NULL scheme in gcrypt
2009-06-15 14:47:39 +02:00
Martin Willi
3176e4421f
check if RSA key is large enough to sign a chunk of data
2009-06-15 13:49:30 +02:00
Martin Willi
e7227f0ba0
use save chunk advancing, check signature length
2009-06-15 13:37:52 +02:00
Andreas Steffen
2b92fc9880
test_vectors.h is part of the distribution
2009-06-13 15:17:24 +02:00
Andreas Steffen
11e6d28533
pluto supports ECDSA authentication
2009-06-12 19:59:49 +02:00
Martin Willi
b59e239335
added SHA2 HMAC signer test vectors
2009-06-12 11:09:09 +02:00
Martin Willi
095f971c10
added a FIPS_PRF test vector
2009-06-12 10:40:38 +02:00
Martin Willi
371a54c7a9
added support for stateful PRFs (such as the FIPS_PRF)
2009-06-12 10:39:47 +02:00
Martin Willi
701381ceb8
added SHA2 HMAC PRF test vectors
2009-06-11 20:26:01 +02:00
Martin Willi
d94d68e404
added SHA2 test vectors
2009-06-11 18:14:30 +02:00
Martin Willi
f02d144095
added SHA1 test vectors
2009-06-11 17:17:33 +02:00
Martin Willi
2df93f467b
added HMAC SHA1 test vectors
2009-06-11 17:05:56 +02:00
Martin Willi
764708b4e0
added HMAC MD5 test vectors
2009-06-11 16:44:20 +02:00
Martin Willi
c698da8cb4
added RNG test vectors
2009-06-11 15:56:00 +02:00
Martin Willi
e091d5100f
added MD5 test vectors
2009-06-11 15:56:00 +02:00
Martin Willi
54916d79d6
added AES-XCBC test vectors for signer/prf
2009-06-11 15:56:00 +02:00
Martin Willi
005163805d
added test vectors for AES128 CBC
2009-06-11 15:56:00 +02:00
Martin Willi
6f4f83e333
added blowfish test vectors from pluto
2009-06-11 15:56:00 +02:00
Martin Willi
81811a9d8b
added a plugin providing crypto test vectors
2009-06-11 15:55:59 +02:00
Martin Willi
28a0728b67
make use of the crypto_tester in the crypto_factory
...
libstrongswan.crypto.test.on_add to test algorithms during initialization
libstrongswan.crypto.test.on_create to test algorithms on each instantiation
2009-06-11 15:55:48 +02:00
Martin Willi
3e8891667b
implemented a crypto_tester class to test crypto algorithms
...
libstrongswan.crypto.test.required to require at least one test vector to use an algorithm
libstrongswan.crypto.test.rng_true to run RNG tests on RNG_TRUE quality
2009-06-11 15:54:44 +02:00
Martin Willi
6f299040fb
handling hashers and rngs as transform types (in private range)
2009-06-11 14:17:16 +02:00
Martin Willi
e51f607221
gcrypt blowfish supports 128 bit key size only
2009-06-11 14:13:17 +02:00
Andreas Steffen
355bab380c
additional check in case of non-positive months
2009-06-10 15:33:39 +02:00
Andreas Steffen
dfa5fb0358
implemented IKEv1 RSA signing in openssl_rsa_private_key.c
2009-06-10 15:29:57 +02:00
Andreas Steffen
29bbfc11ee
implemented IKEv1 signature verification in openssl_rsa_public_key.c
2009-06-10 13:43:51 +02:00
Andreas Steffen
c04bf43363
fixed typo in asn1.c
2009-06-10 12:00:26 +02:00
Andreas Steffen
95c00dfcf9
fixed DoS vulnerability in the parsing of ASN.1 time strings
2009-06-10 11:39:17 +02:00
Andreas Steffen
b29832c74f
fixed DoS vulnerability in the parsing of distinguished names
2009-06-09 22:03:33 +02:00
Andreas Steffen
2d870072fa
asn1_integer() ensures correct DER encoding of ASN1_INTEGER (two's complement)
2009-06-09 13:27:59 +02:00
Martin Willi
3240cab978
gcrypt RSA public key implementation
2009-06-09 11:27:26 +02:00
Martin Willi
ff8d3ba355
gcrypt RSA private key implementation
2009-06-09 11:27:11 +02:00
Martin Willi
ccd1464586
use autoconf macro provided by libgcrypt
2009-06-09 11:18:57 +02:00
Martin Willi
1111088aa7
gcrypt mpi based Diffie-Hellman implementation
2009-06-09 11:18:57 +02:00
Martin Willi
a41d0932c2
gcrypt rng implementation
2009-06-09 11:18:57 +02:00
Martin Willi
8e97e32705
use abstract mutex_t for gcrypt locking callbacks
2009-06-09 11:18:56 +02:00
Martin Willi
80862c4637
gcrypt crypter implementation
2009-06-09 11:18:56 +02:00
Martin Willi
f908ff9f91
gcrypt hasher implementation
2009-06-09 11:18:56 +02:00
Martin Willi
513a1a2835
initialize gcrypt threadsave, currently for pthread only
2009-06-09 11:18:56 +02:00
Martin Willi
4977018c23
added skeleton for libgcrypt based crypto plugin
2009-06-09 11:18:56 +02:00
Martin Willi
86ab0bb65e
fixed crash in openssl private_key->get_public_key(), using encode/load workaround
2009-06-09 11:03:35 +02:00
Andreas Steffen
d615ffdcf3
implement gmp_rsa_private_key.decrypt()
2009-06-09 11:03:35 +02:00
Andreas Steffen
c50ff68d0c
implemented gmp_rsa_public_key.encrypt() method
2009-06-09 11:03:35 +02:00
Andreas Steffen
f3e87f5935
created signature_scheme_from_oid() helper function
2009-06-09 11:03:34 +02:00
Andreas Steffen
9410aa262a
hardened OpenPGP parser
2009-06-09 11:03:34 +02:00
Andreas Steffen
b6f19a6ab4
used rsa coeff field in OpenPGP secret key payload
2009-06-09 11:03:33 +02:00
Andreas Steffen
1bb4d7dd79
fixed OpenPGPv3 fingerprint computation
2009-06-09 11:03:33 +02:00
Andreas Steffen
d17a120598
fixed OpenPGP parsing
2009-06-09 11:03:33 +02:00
Andreas Steffen
ca062e48ee
moved PGP types to pgp/pgp.h
2009-06-09 11:03:33 +02:00
Andreas Steffen
8b799d55ce
pluto and scepclient use private and public key plugins of libstrongswan
2009-06-09 11:03:32 +02:00
Martin Willi
c4f59ccec0
fixed ENUM naming of XCBC prf
2009-06-02 14:41:53 +02:00
Andreas Steffen
e24aaddde0
hide credentials headers in credential_factory.h
2009-05-28 15:35:02 +02:00
Martin Willi
178bf4c5e9
register the already implemented AUTH_HMAC_SHA1_160 algorithm
2009-05-28 15:03:57 +02:00
Andreas Steffen
435e23e647
set parsed = TRUE before calling parse_certificate()
2009-05-27 09:52:53 +02:00
Andreas Steffen
ebb97511e6
dh_exponent_ansi_x9_42 is now a libstrongswan setting
2009-05-26 18:32:52 +02:00
Andreas Steffen
517895bd05
eliminated ipsec_policy.h
2009-05-26 17:19:26 +02:00
Andreas Steffen
80cbbfed36
make signer names consistent
2009-05-19 22:56:14 +02:00
Andreas Steffen
4dc4c11efd
added des and default length cbc encryption algorithms
2009-05-19 15:45:01 +02:00
Andreas Steffen
4491d66692
add _CBC to all encryption algorithms in CBC mode
2009-05-19 10:02:24 +02:00
Andreas Steffen
5908478527
moved definition of proposal_token from proposal.c to proposal_keywords.h
2009-05-19 10:02:24 +02:00
Martin Willi
24cd2ca6ee
moved very stroke specific x509 flag handling out of core library
2009-05-18 10:42:16 +02:00
Andreas Steffen
5e3b318c69
didn't want to commit that
2009-05-15 22:47:36 +02:00
Andreas Steffen
433cb51bb9
moved IKEv2 proposals and transforms to libstrongswan
2009-05-15 22:43:48 +02:00
Andreas Steffen
dcf47581a8
shortened DH group names
2009-05-15 20:58:04 +02:00
Andreas Steffen
deb73fee10
fixed fatal typo
2009-05-15 14:17:05 +02:00
Martin Willi
9caceb6ed5
updated prf identifiers
2009-05-15 13:49:05 +02:00
Martin Willi
b79ca7858b
updated integrity algorithm identifiers
2009-05-15 13:48:44 +02:00
Tobias Brunner
5020a456c0
more intuitive leap year check
2009-05-15 09:36:55 +02:00
Andreas Steffen
24bb9fdbf7
also support 192 bit keys for Twofish and Serpent
2009-05-15 01:48:56 +02:00
Andreas Steffen
315fd57225
fixed copy-and-paste caption error
2009-05-15 01:40:27 +02:00
Andreas Steffen
1bfb8007c2
got rid of libcrypto
2009-05-15 01:28:48 +02:00
Andreas Steffen
b5fd65e95c
cleaned up pluto's crypto framework
2009-05-14 22:56:10 +02:00
Andreas Steffen
9908e8785c
completed serpent plugin
2009-05-14 22:30:24 +02:00
Andreas Steffen
12eece1b27
cosmetics
2009-05-14 22:25:38 +02:00
Andreas Steffen
978c2df17a
completed twofish sources
2009-05-14 16:51:53 +02:00
Andreas Steffen
4a85e33ccc
ported twofish as a plugin
2009-05-14 15:39:31 +02:00
Andreas Steffen
13bb168485
fixed 32 bit overflow check
2009-05-14 15:39:31 +02:00
Andreas Steffen
0a8ad227d4
renamed ENCR_TWOFISH and ENCR_SERPENT to ENCR_TWOFISH_CBC and ENCR_SERPENT_CBC, respectively
2009-05-14 13:55:56 +02:00
Andreas Steffen
24400cf617
fixed setting of variable key length
2009-05-14 13:55:56 +02:00
Andreas Steffen
7eea232f44
clone iv before blowfish en|decryption
2009-05-14 13:55:56 +02:00
Andreas Steffen
910221c236
fixed indentation
2009-05-14 13:55:55 +02:00
Andreas Steffen
30a896173b
compute ASN.1 to UTC time without time functions
2009-05-14 13:55:55 +02:00
Andreas Steffen
3783980edb
changed TRUE/FALSE to 1/0
2009-05-14 13:55:55 +02:00
Andreas Steffen
3bc613d01d
blowfish block size is 8 bytes
2009-05-14 13:55:55 +02:00
Andreas Steffen
42dd330305
fixed caption
2009-05-14 13:55:55 +02:00
Andreas Steffen
28ef27bfda
implemented blowfish as a plugin
2009-05-11 15:25:36 +02:00
Andreas Steffen
7d86641d6f
corrected debug output of passphrase
2009-05-11 13:54:30 +02:00
Andreas Steffen
d36ae9e305
started migration to encryption plugins
2009-05-09 00:04:28 +02:00
Tobias Brunner
bf45d6dd3b
added a configure option to enable the Vstr string library even if register_printf_function is available
2009-04-24 05:32:17 +02:00
Tobias Brunner
65ea37abcd
fixed timezone compensation when parsing ASN.1 dates
2009-05-08 15:23:50 +02:00
Andreas Steffen
c42d1469e6
defined ENCR_TWOFISH and ENCR_SERPENT
2009-05-08 07:51:24 +02:00
Andreas Steffen
e43b1e4a5b
inserted HASH_MD4 in increasing order
2009-05-07 23:19:19 +02:00
Martin Willi
84f1164c77
some additional .gitignore's
2009-05-07 10:33:30 +02:00
Tobias Brunner
e382d96f62
compiler warning fixed
2009-05-06 09:11:19 -04:00
Tobias Brunner
a9f56adb59
more portable handling of the bool data type (Mac OS X has stdbool.h)
2009-05-06 09:11:13 -04:00
Tobias Brunner
938b230fa7
renamed some conflicting function names
2009-05-06 09:11:07 -04:00
Tobias Brunner
f52e9c1aa8
gethostbyname_r is not supported on Mac OS X (but gethostbyname uses thread-local buffers)
2009-05-06 09:11:03 -04:00
Andreas Steffen
ebe01cae0f
use prfs for IKEv1 hmacs
2009-05-04 23:38:57 +02:00
Andreas Steffen
78e6e0a33c
fixed typo
2009-05-04 23:08:29 +02:00
Andreas Steffen
8c45f0f102
added support for AUTH_HMAC_SHA1_160
2009-05-04 23:01:40 +02:00
Martin Willi
2c36ebb58e
moved hasher to the correct doxygen group
2009-05-04 16:10:13 +02:00
Andreas Steffen
bc2e33ca96
pluto and scepclient use the random plugin from libstrongswan
2009-04-30 18:31:48 +00:00
Tobias Brunner
8c5d72cd0b
removing svn keyword $Id$ from all files
2009-04-30 13:19:35 +00:00
Tobias Brunner
d24a74c5b4
merging changes from portability branch back to trunk
...
important change for developers: %Y replaces %D to print identities!
2009-04-30 11:37:54 +00:00
Martin Willi
466f11bfaf
added .gitignore files, ready for the switch
2009-04-30 07:42:30 +00:00
Andreas Steffen
f67eebccc8
changed RNG_REAL to RNG_TRUE
2009-04-29 09:13:20 +00:00
Andreas Steffen
e67197a7f9
pluto and scepclient use the curl and ldap fetcher plugins
2009-04-29 08:09:35 +00:00
Martin Willi
be0a03be64
set default CFLAGS globally, including -Wno-format
2009-04-27 11:34:07 +00:00
Martin Willi
da17b0169a
added return_true/false() dummy functions
2009-04-24 14:08:42 +00:00
Martin Willi
090ba9453c
fixed compiler warnings on 64bit
2009-04-22 08:26:54 +00:00
Andreas Steffen
4985ad6e4a
pluto and scepclient use the regular libstrongswan library
2009-04-21 12:26:04 +00:00
Andreas Steffen
08b2d288a1
scepclient and pluto use asn1 from libstrongswan
2009-04-20 20:53:38 +00:00
Andreas Steffen
d41071802d
support of the enum printf_hook
2009-04-20 09:32:59 +00:00
Andreas Steffen
3eb5042e9c
migrated write_chunk() to chunk_write()
2009-04-20 06:58:00 +00:00
Andreas Steffen
54c4de63c0
scepclient uses the optionsfrom parser from libstrongswan
2009-04-18 17:43:28 +00:00
Andreas Steffen
a6e3ec1389
created pluto and scepclient now use libstrongswan-lite
2009-04-18 14:50:31 +00:00
Andreas Steffen
a376e44577
pluto and scepclient now use chunk_t from libstrongswan
2009-04-17 16:41:26 +00:00