strongswan.git
11 years agoinstanciate first registered kernel interface immediately
Martin Willi [Tue, 2 Jun 2009 07:59:40 +0000 (09:59 +0200)]
instanciate first registered kernel interface immediately

11 years agoreformatted crypto_test output
Andreas Steffen [Tue, 16 Jun 2009 12:58:44 +0000 (14:58 +0200)]
reformatted crypto_test output

11 years agocalculating plugin dependencies for eap-sim/aka
Martin Willi [Tue, 16 Jun 2009 12:53:16 +0000 (14:53 +0200)]
calculating plugin dependencies for eap-sim/aka

11 years agopluto does not depend on gmp anymore
Martin Willi [Tue, 16 Jun 2009 12:47:07 +0000 (14:47 +0200)]
pluto does not depend on gmp anymore

11 years agosupport older gcrypt libraries not defining the CAMELLIA cipher
Martin Willi [Tue, 16 Jun 2009 12:23:32 +0000 (14:23 +0200)]
support older gcrypt libraries not defining the CAMELLIA cipher

11 years agofixed compiler warning
Martin Willi [Tue, 16 Jun 2009 12:21:55 +0000 (14:21 +0200)]
fixed compiler warning

11 years agoload hmac/xcbc plugins after hash/crypter plugins to pass crypto tests
Martin Willi [Tue, 16 Jun 2009 11:04:50 +0000 (13:04 +0200)]
load hmac/xcbc plugins after hash/crypter plugins to pass crypto tests

11 years agopluto supports ECP DH groups and ECDSA authentication
Andreas Steffen [Tue, 16 Jun 2009 09:23:40 +0000 (11:23 +0200)]
pluto supports ECP DH groups and ECDSA authentication

11 years agoincreased verbosity of successful crypto tests
Martin Willi [Tue, 16 Jun 2009 07:54:28 +0000 (09:54 +0200)]
increased verbosity of successful crypto tests

11 years agoremoved one hierarchy level for crypto test options
Martin Willi [Tue, 16 Jun 2009 07:48:45 +0000 (09:48 +0200)]
removed one hierarchy level for crypto test options

11 years agoadded NEWS for 4.3.2
Martin Willi [Tue, 16 Jun 2009 07:39:56 +0000 (09:39 +0200)]
added NEWS for 4.3.2

11 years agoinitiator now checks for private key much earlier
Andreas Steffen [Tue, 16 Jun 2009 05:59:31 +0000 (07:59 +0200)]
initiator now checks for private key much earlier

11 years agoadaptations of UML scenarios to 4.3.2
Andreas Steffen [Tue, 16 Jun 2009 05:33:22 +0000 (07:33 +0200)]
adaptations of UML scenarios to 4.3.2

11 years agoremove whitespace
Andreas Steffen [Mon, 15 Jun 2009 17:30:44 +0000 (19:30 +0200)]
remove whitespace

11 years agogcrypt actually does not implement IDEA
Martin Willi [Mon, 15 Jun 2009 16:18:04 +0000 (18:18 +0200)]
gcrypt actually does not implement IDEA

11 years agoimplemented gcrypt RSA encrypt/decrypt operations
Martin Willi [Mon, 15 Jun 2009 16:07:57 +0000 (18:07 +0200)]
implemented gcrypt RSA encrypt/decrypt operations

11 years agoadded a gcrypt.quick_random option to generate weak testing keys faster
Martin Willi [Mon, 15 Jun 2009 16:06:16 +0000 (18:06 +0200)]
added a gcrypt.quick_random option to generate weak testing keys faster

11 years agoextended RSA tests by encrypt/decrypt operations
Martin Willi [Mon, 15 Jun 2009 16:05:34 +0000 (18:05 +0200)]
extended RSA tests by encrypt/decrypt operations

11 years agoimplemented IKEv1 specific SIGN_RSA_EMSA_PKCS1_NULL scheme in gcrypt
Martin Willi [Mon, 15 Jun 2009 12:47:39 +0000 (14:47 +0200)]
implemented IKEv1 specific SIGN_RSA_EMSA_PKCS1_NULL scheme in gcrypt

11 years agocheck if RSA key is large enough to sign a chunk of data
Martin Willi [Mon, 15 Jun 2009 11:49:30 +0000 (13:49 +0200)]
check if RSA key is large enough to sign a chunk of data

11 years agouse save chunk advancing, check signature length
Martin Willi [Mon, 15 Jun 2009 11:37:52 +0000 (13:37 +0200)]
use save chunk advancing, check signature length

11 years agoconsistent display of strongSwan version
Andreas Steffen [Sat, 13 Jun 2009 14:03:08 +0000 (16:03 +0200)]
consistent display of strongSwan version

11 years agotest_vectors.h is part of the distribution
Andreas Steffen [Sat, 13 Jun 2009 13:17:24 +0000 (15:17 +0200)]
test_vectors.h is part of the distribution

11 years agorenamed OAKLEY_ECDSA_512 to OAKLEY_ECDSA_512
Andreas Steffen [Sat, 13 Jun 2009 13:16:49 +0000 (15:16 +0200)]
renamed OAKLEY_ECDSA_512 to OAKLEY_ECDSA_512

11 years agoupdated pluto.load configuration in ikev1 scenarios
Andreas Steffen [Sat, 13 Jun 2009 06:56:05 +0000 (08:56 +0200)]
updated pluto.load configuration in ikev1 scenarios

11 years agofixed evaltest.dat
Andreas Steffen [Sat, 13 Jun 2009 06:49:03 +0000 (08:49 +0200)]
fixed evaltest.dat

11 years agoreduced debug level in ikev2/alg-blowfish scenario
Andreas Steffen [Sat, 13 Jun 2009 06:44:50 +0000 (08:44 +0200)]
reduced debug level in ikev2/alg-blowfish scenario

11 years agoadded openssl-ikev1/ecdsa-certs scenario
Andreas Steffen [Sat, 13 Jun 2009 06:43:34 +0000 (08:43 +0200)]
added openssl-ikev1/ecdsa-certs scenario

11 years agoECDSA 256 and 384 certificates for moon
Andreas Steffen [Sat, 13 Jun 2009 05:28:47 +0000 (07:28 +0200)]
ECDSA 256 and 384 certificates for moon

11 years agofixed broken XAUTH authentication
Andreas Steffen [Fri, 12 Jun 2009 19:04:48 +0000 (21:04 +0200)]
fixed broken XAUTH authentication

11 years agonot restricted to RSA public keys
Andreas Steffen [Fri, 12 Jun 2009 18:17:02 +0000 (20:17 +0200)]
not restricted to RSA public keys

11 years agoload_private_key() loads all kinds of keys
Andreas Steffen [Fri, 12 Jun 2009 18:09:00 +0000 (20:09 +0200)]
load_private_key() loads all kinds of keys

11 years agoASN.1 parsing of RSA public key not needed anymore
Andreas Steffen [Fri, 12 Jun 2009 18:06:39 +0000 (20:06 +0200)]
ASN.1 parsing of RSA public key not needed anymore

11 years agopluto supports ECDSA authentication
Andreas Steffen [Fri, 12 Jun 2009 17:59:35 +0000 (19:59 +0200)]
pluto supports ECDSA authentication

11 years agosplit openssl scenarios into openssl-ikev1 and openssl-ikev2
Andreas Steffen [Thu, 11 Jun 2009 09:37:21 +0000 (11:37 +0200)]
split openssl scenarios into openssl-ikev1 and openssl-ikev2

11 years agoadded SHA2 HMAC signer test vectors
Martin Willi [Fri, 12 Jun 2009 09:09:09 +0000 (11:09 +0200)]
added SHA2 HMAC signer test vectors

11 years agoremoved crypto tests form unit tester, all gone to test-vector plugin
Martin Willi [Fri, 12 Jun 2009 08:43:25 +0000 (10:43 +0200)]
removed crypto tests form unit tester, all gone to test-vector plugin

11 years agoTypo in configure script fixed.
Tobias Brunner [Fri, 12 Jun 2009 08:42:07 +0000 (10:42 +0200)]
Typo in configure script fixed.

11 years agoadded a FIPS_PRF test vector
Martin Willi [Fri, 12 Jun 2009 08:40:38 +0000 (10:40 +0200)]
added a FIPS_PRF test vector

11 years agoadded support for stateful PRFs (such as the FIPS_PRF)
Martin Willi [Fri, 12 Jun 2009 08:39:47 +0000 (10:39 +0200)]
added support for stateful PRFs (such as the FIPS_PRF)

11 years agoremoved pluto test vectors, --disable-self-test option
Martin Willi [Thu, 11 Jun 2009 18:27:32 +0000 (20:27 +0200)]
removed pluto test vectors, --disable-self-test option

11 years agoadded SHA2 HMAC PRF test vectors
Martin Willi [Thu, 11 Jun 2009 18:25:32 +0000 (20:25 +0200)]
added SHA2 HMAC PRF test vectors

11 years agoadded SHA2 test vectors
Martin Willi [Thu, 11 Jun 2009 16:14:30 +0000 (18:14 +0200)]
added SHA2 test vectors

11 years agoadded SHA1 test vectors
Martin Willi [Thu, 11 Jun 2009 15:17:33 +0000 (17:17 +0200)]
added SHA1 test vectors

11 years agoadded HMAC SHA1 test vectors
Martin Willi [Thu, 11 Jun 2009 15:05:56 +0000 (17:05 +0200)]
added HMAC SHA1 test vectors

11 years agoadded HMAC MD5 test vectors
Martin Willi [Thu, 11 Jun 2009 14:44:20 +0000 (16:44 +0200)]
added HMAC MD5 test vectors

11 years agoadded RNG test vectors
Martin Willi [Thu, 11 Jun 2009 13:49:05 +0000 (15:49 +0200)]
added RNG test vectors

11 years agoadded MD5 test vectors
Martin Willi [Thu, 11 Jun 2009 12:57:14 +0000 (14:57 +0200)]
added MD5 test vectors

11 years agoadded AES-XCBC test vectors for signer/prf
Martin Willi [Thu, 11 Jun 2009 11:59:38 +0000 (13:59 +0200)]
added AES-XCBC test vectors for signer/prf

11 years agoadded test vectors for AES128 CBC
Martin Willi [Thu, 11 Jun 2009 09:42:30 +0000 (11:42 +0200)]
added test vectors for AES128 CBC

11 years agoadded blowfish test vectors from pluto
Martin Willi [Thu, 11 Jun 2009 09:10:33 +0000 (11:10 +0200)]
added blowfish test vectors from pluto

11 years agoadded a plugin providing crypto test vectors
Martin Willi [Thu, 11 Jun 2009 09:09:33 +0000 (11:09 +0200)]
added a plugin providing crypto test vectors

11 years agomake use of the crypto_tester in the crypto_factory
Martin Willi [Wed, 10 Jun 2009 09:22:43 +0000 (11:22 +0200)]
make use of the crypto_tester in the crypto_factory

libstrongswan.crypto.test.on_add to test algorithms during initialization
libstrongswan.crypto.test.on_create to test algorithms on each instantiation

11 years agoimplemented a crypto_tester class to test crypto algorithms
Martin Willi [Wed, 10 Jun 2009 09:22:02 +0000 (11:22 +0200)]
implemented a crypto_tester class to test crypto algorithms

libstrongswan.crypto.test.required to require at least one test vector to use an algorithm
libstrongswan.crypto.test.rng_true to run RNG tests on RNG_TRUE quality

11 years agohandling hashers and rngs as transform types (in private range)
Martin Willi [Tue, 9 Jun 2009 15:12:44 +0000 (17:12 +0200)]
handling hashers and rngs as transform types (in private range)

11 years agogcrypt blowfish supports 128 bit key size only
Martin Willi [Thu, 11 Jun 2009 09:05:00 +0000 (11:05 +0200)]
gcrypt blowfish supports 128 bit key size only

11 years agoremove obsolete scripts
Martin Willi [Wed, 10 Jun 2009 16:31:15 +0000 (18:31 +0200)]
remove obsolete scripts

11 years agofixed ecp521 test
Martin Willi [Wed, 10 Jun 2009 16:07:19 +0000 (18:07 +0200)]
fixed ecp521 test

11 years agoadded missing RSA 768 test
Martin Willi [Wed, 10 Jun 2009 15:26:56 +0000 (17:26 +0200)]
added missing RSA 768 test

11 years agoadded convenience scripts for pubkey/dh speed tests
Martin Willi [Wed, 10 Jun 2009 14:24:53 +0000 (16:24 +0200)]
added convenience scripts for pubkey/dh speed tests

11 years agomoved publickey speed test to a standalone program
Martin Willi [Wed, 10 Jun 2009 14:10:46 +0000 (16:10 +0200)]
moved publickey speed test to a standalone program

This reverts commit 08874d6ae29745de264f269b15afbbf6cd5acaad.

11 years agoadditional check in case of non-positive months
Andreas Steffen [Wed, 10 Jun 2009 13:33:39 +0000 (15:33 +0200)]
additional check in case of non-positive months

11 years agoimplemented IKEv1 RSA signing in openssl_rsa_private_key.c
Andreas Steffen [Wed, 10 Jun 2009 13:29:52 +0000 (15:29 +0200)]
implemented IKEv1 RSA signing in openssl_rsa_private_key.c

11 years agomoved Diffie-Hellman speed test to a standalone program
Martin Willi [Wed, 10 Jun 2009 12:53:23 +0000 (14:53 +0200)]
moved Diffie-Hellman speed test to a standalone program

This reverts commit 1e6050bfaeadd66e921b3cd8d2128e4235ee6a29.

11 years agoimplemented IKEv1 signature verification in openssl_rsa_public_key.c
Andreas Steffen [Wed, 10 Jun 2009 11:43:51 +0000 (13:43 +0200)]
implemented IKEv1 signature verification in openssl_rsa_public_key.c

11 years agofixed typo in asn1.c
Andreas Steffen [Wed, 10 Jun 2009 10:00:26 +0000 (12:00 +0200)]
fixed typo in asn1.c

11 years agofixed DoS vulnerability in the parsing of ASN.1 time strings
Andreas Steffen [Wed, 10 Jun 2009 09:39:17 +0000 (11:39 +0200)]
fixed DoS vulnerability in the parsing of ASN.1 time strings

11 years agofixed DoS vulnerability in the parsing of distinguished names
Andreas Steffen [Tue, 9 Jun 2009 20:03:33 +0000 (22:03 +0200)]
fixed DoS vulnerability in the parsing of distinguished names

11 years agoproperly shut down and unref nm mainloop, fixes crash at shutdown
Martin Willi [Tue, 9 Jun 2009 13:13:10 +0000 (15:13 +0200)]
properly shut down and unref nm mainloop, fixes crash at shutdown

11 years agoremove stale pidfile if no such process found
Martin Willi [Tue, 9 Jun 2009 12:56:31 +0000 (14:56 +0200)]
remove stale pidfile if no such process found

11 years agofix inclusion of private_key_t in nm plugin
Martin Willi [Tue, 9 Jun 2009 12:02:35 +0000 (14:02 +0200)]
fix inclusion of private_key_t in nm plugin

11 years agoasn1_integer() ensures correct DER encoding of ASN1_INTEGER (two's complement)
Andreas Steffen [Tue, 9 Jun 2009 11:27:59 +0000 (13:27 +0200)]
asn1_integer() ensures correct DER encoding of ASN1_INTEGER (two's complement)

11 years agorenamed listing of IKEv1 authentication algorithms
Andreas Steffen [Tue, 9 Jun 2009 09:42:52 +0000 (11:42 +0200)]
renamed listing of IKEv1 authentication algorithms

11 years agoimplemented a speed test for diffie-hellman
Martin Willi [Mon, 8 Jun 2009 18:36:30 +0000 (20:36 +0200)]
implemented a speed test for diffie-hellman

11 years agoimplemented a speed test for public key algorithms
Martin Willi [Mon, 8 Jun 2009 17:02:31 +0000 (19:02 +0200)]
implemented a speed test for public key algorithms

11 years agogcrypt RSA public key implementation
Martin Willi [Mon, 8 Jun 2009 09:45:32 +0000 (11:45 +0200)]
gcrypt RSA public key implementation

11 years agogcrypt RSA private key implementation
Martin Willi [Mon, 8 Jun 2009 09:01:24 +0000 (11:01 +0200)]
gcrypt RSA private key implementation

11 years agouse autoconf macro provided by libgcrypt
Martin Willi [Fri, 5 Jun 2009 09:59:46 +0000 (11:59 +0200)]
use autoconf macro provided by libgcrypt

11 years agogcrypt mpi based Diffie-Hellman implementation
Martin Willi [Fri, 5 Jun 2009 09:43:57 +0000 (11:43 +0200)]
gcrypt mpi based Diffie-Hellman implementation

11 years agogcrypt rng implementation
Martin Willi [Thu, 4 Jun 2009 19:27:31 +0000 (21:27 +0200)]
gcrypt rng implementation

11 years agouse abstract mutex_t for gcrypt locking callbacks
Martin Willi [Thu, 4 Jun 2009 15:15:35 +0000 (17:15 +0200)]
use abstract mutex_t for gcrypt locking callbacks

11 years agogcrypt crypter implementation
Martin Willi [Thu, 4 Jun 2009 15:06:43 +0000 (17:06 +0200)]
gcrypt crypter implementation

11 years agogcrypt hasher implementation
Martin Willi [Thu, 4 Jun 2009 13:51:20 +0000 (15:51 +0200)]
gcrypt hasher implementation

11 years agoinitialize gcrypt threadsave, currently for pthread only
Martin Willi [Thu, 4 Jun 2009 13:49:19 +0000 (15:49 +0200)]
initialize gcrypt threadsave, currently for pthread only

11 years agoadded skeleton for libgcrypt based crypto plugin
Martin Willi [Thu, 4 Jun 2009 12:23:39 +0000 (14:23 +0200)]
added skeleton for libgcrypt based crypto plugin

11 years agofixed crash in openssl private_key->get_public_key(), using encode/load workaround
Martin Willi [Mon, 8 Jun 2009 16:59:04 +0000 (18:59 +0200)]
fixed crash in openssl private_key->get_public_key(), using encode/load workaround

11 years agomore concise listing of ESP algorithms
Andreas Steffen [Mon, 8 Jun 2009 15:42:26 +0000 (17:42 +0200)]
more concise listing of ESP algorithms

11 years agoactivated INTEGRITY_TEST option in pluto
Andreas Steffen [Mon, 8 Jun 2009 14:55:54 +0000 (16:55 +0200)]
activated INTEGRITY_TEST option in pluto

11 years agoimplement gmp_rsa_private_key.decrypt()
Andreas Steffen [Mon, 8 Jun 2009 13:59:33 +0000 (15:59 +0200)]
implement gmp_rsa_private_key.decrypt()

11 years agoimplemented gmp_rsa_public_key.encrypt() method
Andreas Steffen [Sun, 7 Jun 2009 23:43:06 +0000 (01:43 +0200)]
implemented gmp_rsa_public_key.encrypt() method

11 years agosome fixes in pkcs7.c
Andreas Steffen [Sun, 7 Jun 2009 23:28:43 +0000 (01:28 +0200)]
some fixes in pkcs7.c

11 years agohooray, pluto and scepclient do not depend on libgmp anymore
Andreas Steffen [Sun, 7 Jun 2009 17:48:46 +0000 (19:48 +0200)]
hooray, pluto and scepclient do not depend on libgmp anymore

11 years agoupdate strongswan.conf for pluto and scepclient
Andreas Steffen [Sun, 7 Jun 2009 10:44:02 +0000 (12:44 +0200)]
update strongswan.conf for pluto and scepclient

11 years agopkcs7.c also uses signature_scheme_from_oid()
Andreas Steffen [Sun, 7 Jun 2009 10:18:06 +0000 (12:18 +0200)]
pkcs7.c also uses signature_scheme_from_oid()

11 years agocreated signature_scheme_from_oid() helper function
Andreas Steffen [Sun, 7 Jun 2009 09:52:03 +0000 (11:52 +0200)]
created signature_scheme_from_oid() helper function

11 years agohardened OpenPGP parser
Andreas Steffen [Sat, 6 Jun 2009 14:46:59 +0000 (16:46 +0200)]
hardened OpenPGP parser

11 years agopluto now requires pubkey plugin
Andreas Steffen [Sat, 6 Jun 2009 14:25:52 +0000 (16:25 +0200)]
pluto now requires pubkey plugin

11 years agoupdated documentation on leftsendcert
Andreas Steffen [Sat, 6 Jun 2009 14:23:42 +0000 (16:23 +0200)]
updated documentation on leftsendcert

11 years agoused rsa coeff field in OpenPGP secret key payload
Andreas Steffen [Sat, 6 Jun 2009 12:54:14 +0000 (14:54 +0200)]
used rsa coeff field in OpenPGP secret key payload

11 years agofixed OpenPGPv3 fingerprint computation
Andreas Steffen [Sat, 6 Jun 2009 12:41:26 +0000 (14:41 +0200)]
fixed OpenPGPv3 fingerprint computation