strongswan.git
9 years agoRebuild library.lo after changing ./configure options
Martin Willi [Mon, 23 Aug 2010 10:01:48 +0000 (12:01 +0200)]
Rebuild library.lo after changing ./configure options

9 years agoBuild a trustchain even if no trust anchor is given
Martin Willi [Mon, 23 Aug 2010 09:57:40 +0000 (11:57 +0200)]
Build a trustchain even if no trust anchor is given

9 years agoAccept encryption payloads with no wrapped payloads
Martin Willi [Mon, 23 Aug 2010 09:30:36 +0000 (11:30 +0200)]
Accept encryption payloads with no wrapped payloads

9 years agoFall back to shifting with 32-bit words if 64-bit byte order conversion function...
Martin Willi [Mon, 23 Aug 2010 08:10:36 +0000 (10:10 +0200)]
Fall back to shifting with 32-bit words if 64-bit byte order conversion function missing

9 years agoUse enum mappings to resolve debug group
Martin Willi [Fri, 20 Aug 2010 18:45:31 +0000 (20:45 +0200)]
Use enum mappings to resolve debug group

9 years agoImplemented generic enum name to enum value mapping
Martin Willi [Fri, 20 Aug 2010 18:45:05 +0000 (20:45 +0200)]
Implemented generic enum name to enum value mapping

9 years agoVerify negotiated TLS version
Martin Willi [Fri, 20 Aug 2010 14:08:59 +0000 (16:08 +0200)]
Verify negotiated TLS version

9 years agoIntroducing a dedicated debug message group for libtls
Martin Willi [Fri, 20 Aug 2010 13:57:47 +0000 (15:57 +0200)]
Introducing a dedicated debug message group for libtls

9 years agoStreamlined TLS debugging output
Martin Willi [Fri, 20 Aug 2010 13:52:06 +0000 (15:52 +0200)]
Streamlined TLS debugging output

9 years agofixed build_cipher_suite_list()
Andreas Steffen [Sat, 21 Aug 2010 10:51:54 +0000 (12:51 +0200)]
fixed build_cipher_suite_list()

9 years agoIntroducing simple purposes for the TLS stack, switches various options
Martin Willi [Fri, 20 Aug 2010 13:02:25 +0000 (15:02 +0200)]
Introducing simple purposes for the TLS stack, switches various options

9 years agoFixed compiler warning
Martin Willi [Fri, 20 Aug 2010 12:57:14 +0000 (14:57 +0200)]
Fixed compiler warning

9 years agoenable the ccm and gcm plugins in the UML scenarios
Andreas Steffen [Fri, 20 Aug 2010 10:47:15 +0000 (12:47 +0200)]
enable the ccm and gcm plugins in the UML scenarios

9 years agoRegister missing SHA256 authenticator with no truncation, as used by TLS
Martin Willi [Fri, 20 Aug 2010 09:59:49 +0000 (11:59 +0200)]
Register missing SHA256 authenticator with no truncation, as used by TLS

9 years agoAdded more TLS cipher suites we already support
Martin Willi [Fri, 20 Aug 2010 09:01:57 +0000 (11:01 +0200)]
Added more TLS cipher suites we already support

9 years agoBuild TLS cipher suite list in a generic fashion
Martin Willi [Fri, 20 Aug 2010 10:10:21 +0000 (12:10 +0200)]
Build TLS cipher suite list in a generic fashion

9 years agoFixed crypter keymat derivation bug
Martin Willi [Thu, 19 Aug 2010 17:28:08 +0000 (19:28 +0200)]
Fixed crypter keymat derivation bug

9 years agoAdded ctr, ccm, gcm plugin NEWS
Martin Willi [Thu, 19 Aug 2010 17:01:03 +0000 (19:01 +0200)]
Added ctr, ccm, gcm plugin NEWS

9 years agoImprove GCM performance by factor 2-3 by shifting full 32/64 bit words
Martin Willi [Thu, 19 Aug 2010 16:49:35 +0000 (18:49 +0200)]
Improve GCM performance by factor 2-3 by shifting full 32/64 bit words

9 years agoImplemented a gcm plugin providing GCM mode based on CBC crypters
Martin Willi [Thu, 19 Aug 2010 15:58:30 +0000 (17:58 +0200)]
Implemented a gcm plugin providing GCM mode based on CBC crypters

9 years agoAdded AES-GCM test vectors
Martin Willi [Thu, 19 Aug 2010 15:57:03 +0000 (17:57 +0200)]
Added AES-GCM test vectors

9 years agoAdded a crypto transform stress test for profiling
Martin Willi [Thu, 19 Aug 2010 10:18:11 +0000 (12:18 +0200)]
Added a crypto transform stress test for profiling

9 years agoGive a benchmark point for each operation to compare different transforms
Martin Willi [Thu, 19 Aug 2010 10:17:03 +0000 (12:17 +0200)]
Give a benchmark point for each operation to compare different transforms

9 years agoImplemented a ccm plugin providing CCM mode based on CBC crypters
Martin Willi [Wed, 18 Aug 2010 18:38:02 +0000 (20:38 +0200)]
Implemented a ccm plugin providing CCM mode based on CBC crypters

9 years agoAdded helper macros to define portable bitfields with gcc
Martin Willi [Thu, 19 Aug 2010 09:23:07 +0000 (11:23 +0200)]
Added helper macros to define portable bitfields with gcc

9 years agoAdded AES-CCM test vectors
Martin Willi [Thu, 19 Aug 2010 09:24:34 +0000 (11:24 +0200)]
Added AES-CCM test vectors

9 years agoAdded support for AEAD test vectors to test-vectors plugin
Martin Willi [Thu, 19 Aug 2010 08:08:18 +0000 (10:08 +0200)]
Added support for AEAD test vectors to test-vectors plugin

9 years agoInclude CCM/GCM algorithms in IKEv2 proposals, if supported
Martin Willi [Wed, 18 Aug 2010 18:32:57 +0000 (20:32 +0200)]
Include CCM/GCM algorithms in IKEv2 proposals, if supported

9 years agoAdded proposal strings for Camellia CCM algorithm identifiers
Martin Willi [Wed, 18 Aug 2010 18:32:13 +0000 (20:32 +0200)]
Added proposal strings for Camellia CCM algorithm identifiers

9 years agoImplemented IKEv2 keymat derivation for AEAD algorithms
Martin Willi [Wed, 18 Aug 2010 18:18:20 +0000 (20:18 +0200)]
Implemented IKEv2 keymat derivation for AEAD algorithms

9 years agoList registered AEAD algorithms in listalgs
Martin Willi [Wed, 18 Aug 2010 18:17:09 +0000 (20:17 +0200)]
List registered AEAD algorithms in listalgs

9 years agoAdded support for AEAD algorithms to crypto factory
Martin Willi [Wed, 18 Aug 2010 18:16:03 +0000 (20:16 +0200)]
Added support for AEAD algorithms to crypto factory

9 years agoAdded AEAD support to crypto tester
Martin Willi [Wed, 18 Aug 2010 18:15:18 +0000 (20:15 +0200)]
Added AEAD support to crypto tester

9 years agoUse AEAD wrapper for encryption payload encryption/decryption
Martin Willi [Tue, 17 Aug 2010 15:36:09 +0000 (17:36 +0200)]
Use AEAD wrapper for encryption payload encryption/decryption

9 years agoMake function to test if an encryption algorithm is an AEAD alg public
Martin Willi [Tue, 17 Aug 2010 15:27:21 +0000 (17:27 +0200)]
Make function to test if an encryption algorithm is an AEAD alg public

9 years agoImplemented an AEAD wrapper for traditional crypter/signer transforms
Martin Willi [Tue, 17 Aug 2010 15:26:15 +0000 (17:26 +0200)]
Implemented an AEAD wrapper for traditional crypter/signer transforms

9 years agoMigrated generator_t to INIT/METHOD macros
Martin Willi [Tue, 17 Aug 2010 10:54:16 +0000 (12:54 +0200)]
Migrated generator_t to INIT/METHOD macros

9 years agoMigrated encryption_payload to INIT/METHOD macros
Martin Willi [Tue, 17 Aug 2010 10:05:51 +0000 (12:05 +0200)]
Migrated encryption_payload to INIT/METHOD macros

9 years agoMigrated message_t to INIT/METHOD macros
Martin Willi [Tue, 17 Aug 2010 09:10:38 +0000 (11:10 +0200)]
Migrated message_t to INIT/METHOD macros

9 years agoMigrated keymat to INIT/METHOD macros
Martin Willi [Tue, 17 Aug 2010 08:42:56 +0000 (10:42 +0200)]
Migrated keymat to INIT/METHOD macros

9 years agoTest append mode for signers verify_signature
Martin Willi [Tue, 17 Aug 2010 08:12:20 +0000 (10:12 +0200)]
Test append mode for signers verify_signature

9 years agoremoved debug output for TLS application data
Andreas Steffen [Thu, 19 Aug 2010 05:27:30 +0000 (07:27 +0200)]
removed debug output for TLS application data

9 years agoadded EAP-TTLS debug output
Andreas Steffen [Wed, 18 Aug 2010 21:21:00 +0000 (23:21 +0200)]
added EAP-TTLS debug output

9 years agoadded TLS record debug output
Andreas Steffen [Wed, 18 Aug 2010 20:52:42 +0000 (22:52 +0200)]
added TLS record debug output

9 years agoadd TLS handshake packet size to debug output
Andreas Steffen [Wed, 18 Aug 2010 20:07:27 +0000 (22:07 +0200)]
add TLS handshake packet size to debug output

9 years agoUse a seperate section for each nested struct member in INIT macro
Martin Willi [Wed, 18 Aug 2010 10:15:03 +0000 (12:15 +0200)]
Use a seperate section for each nested struct member in INIT macro

9 years agosome simplifications using the INIT macro
Andreas Steffen [Tue, 17 Aug 2010 18:09:32 +0000 (20:09 +0200)]
some simplifications using the INIT macro

9 years agodescribe EAP-TTLS phase2 start options using the phase2_piggyback parameter
Andreas Steffen [Mon, 16 Aug 2010 17:29:39 +0000 (19:29 +0200)]
describe EAP-TTLS phase2 start options using the phase2_piggyback parameter

9 years agoadded ikev2/rw-eap-ttls-phase2-piggyback scenario
Andreas Steffen [Mon, 16 Aug 2010 16:32:00 +0000 (18:32 +0200)]
added ikev2/rw-eap-ttls-phase2-piggyback scenario

9 years agoimplemented server-initiated phase2 of EAP-TTLS authentication
Andreas Steffen [Mon, 16 Aug 2010 16:30:29 +0000 (18:30 +0200)]
implemented server-initiated phase2 of EAP-TTLS authentication

9 years agochanged ikev2/rw-eap-ttls-only description
Andreas Steffen [Mon, 16 Aug 2010 15:29:20 +0000 (17:29 +0200)]
changed ikev2/rw-eap-ttls-only description

9 years agoDo not free registered algorithms, plugins are responsible for unregistering
Martin Willi [Mon, 16 Aug 2010 14:28:35 +0000 (16:28 +0200)]
Do not free registered algorithms, plugins are responsible for unregistering

9 years agoImplemented algorithm benchmarking during registration
Martin Willi [Mon, 16 Aug 2010 13:21:22 +0000 (15:21 +0200)]
Implemented algorithm benchmarking during registration

9 years agoVariable key length crypters use default key length if zero given
Martin Willi [Mon, 16 Aug 2010 13:12:49 +0000 (15:12 +0200)]
Variable key length crypters use default key length if zero given

9 years agoProperly handle zero length in chunk_alloc[a]/chunk_clone[a]
Martin Willi [Mon, 16 Aug 2010 13:11:51 +0000 (15:11 +0200)]
Properly handle zero length in chunk_alloc[a]/chunk_clone[a]

9 years agoMigrated crypto_factory to INIT/METHOD macros
Martin Willi [Mon, 16 Aug 2010 12:13:59 +0000 (14:13 +0200)]
Migrated crypto_factory to INIT/METHOD macros

9 years agoMigrated crypto_tester to INIT/METHOD macros
Martin Willi [Mon, 16 Aug 2010 07:34:54 +0000 (09:34 +0200)]
Migrated crypto_tester to INIT/METHOD macros

9 years agoadded ikev2/rw-eap-ttls-only scenario
Andreas Steffen [Mon, 16 Aug 2010 14:44:00 +0000 (16:44 +0200)]
added ikev2/rw-eap-ttls-only scenario

9 years agoimplemented server side support for EAP-TTLS
Andreas Steffen [Mon, 16 Aug 2010 14:40:24 +0000 (16:40 +0200)]
implemented server side support for EAP-TTLS

9 years agofixed typo in eap-mschapv2 plugin
Andreas Steffen [Mon, 16 Aug 2010 14:27:00 +0000 (16:27 +0200)]
fixed typo in eap-mschapv2 plugin

9 years agoOnly include certificates with CA flag in TLS cert request
Martin Willi [Mon, 16 Aug 2010 07:19:29 +0000 (09:19 +0200)]
Only include certificates with CA flag in TLS cert request

9 years agooptional certificate-based peer authentication on TLS server side
Andreas Steffen [Sun, 15 Aug 2010 11:02:57 +0000 (13:02 +0200)]
optional certificate-based peer authentication on TLS server side

9 years agoused default ipsec.secrets
Andreas Steffen [Sun, 15 Aug 2010 10:49:14 +0000 (12:49 +0200)]
used default ipsec.secrets

9 years agoincluded bad case in ikev2/rw-eap-ttls-radius scenario
Andreas Steffen [Sun, 15 Aug 2010 09:13:41 +0000 (11:13 +0200)]
included bad case in ikev2/rw-eap-ttls-radius scenario

9 years agoversion bumps in testing.conf
Andreas Steffen [Sat, 14 Aug 2010 19:41:52 +0000 (21:41 +0200)]
version bumps in testing.conf

9 years agoenable the eap-ttls and ctr plugins in the uml scenarios
Andreas Steffen [Sat, 14 Aug 2010 19:40:05 +0000 (21:40 +0200)]
enable the eap-ttls and ctr plugins in the uml scenarios

9 years agoadded rw-eap-ttls-radius scenario
Andreas Steffen [Sat, 14 Aug 2010 18:05:21 +0000 (20:05 +0200)]
added rw-eap-ttls-radius scenario

9 years agoremoved some raw EAP debug output
Andreas Steffen [Sat, 14 Aug 2010 10:01:45 +0000 (12:01 +0200)]
removed some raw EAP debug output

9 years agouse EAP plugin for tunneled client authentication
Andreas Steffen [Fri, 13 Aug 2010 23:14:28 +0000 (01:14 +0200)]
use EAP plugin for tunneled client authentication

9 years agosend tunneled EAP Identity response using eap-identity plugin
Andreas Steffen [Fri, 13 Aug 2010 20:45:22 +0000 (22:45 +0200)]
send tunneled EAP Identity response using eap-identity plugin

9 years agoallow to send an EAP Identity response without matching request
Andreas Steffen [Fri, 13 Aug 2010 20:41:00 +0000 (22:41 +0200)]
allow to send an EAP Identity response without matching request

9 years agodo not dump tls application data any more
Andreas Steffen [Fri, 13 Aug 2010 19:21:44 +0000 (21:21 +0200)]
do not dump tls application data any more

9 years agoimplement AVP EAP message building and processing
Andreas Steffen [Fri, 13 Aug 2010 19:14:30 +0000 (21:14 +0200)]
implement AVP EAP message building and processing

9 years agoAdded a counter mode wrapper plugin operating on existing CBC crypters
Martin Willi [Fri, 13 Aug 2010 17:39:59 +0000 (19:39 +0200)]
Added a counter mode wrapper plugin operating on existing CBC crypters

9 years agoAdded support for Camellia cipher to xcbc
Martin Willi [Fri, 13 Aug 2010 14:08:25 +0000 (16:08 +0200)]
Added support for Camellia cipher to xcbc

9 years agoSupport Camellia XCBC algorithms in proposal
Martin Willi [Fri, 13 Aug 2010 14:06:05 +0000 (16:06 +0200)]
Support Camellia XCBC algorithms in proposal

9 years agoAdded private Camellia XCBC identifiers for PRFs and signers
Martin Willi [Fri, 13 Aug 2010 14:01:31 +0000 (16:01 +0200)]
Added private Camellia XCBC identifiers for PRFs and signers

9 years agoAdded Camellia XCBC test vectors
Martin Willi [Fri, 13 Aug 2010 15:10:45 +0000 (17:10 +0200)]
Added Camellia XCBC test vectors

9 years agoImplemented AES/Camellia counter mode in gcrypt
Martin Willi [Fri, 13 Aug 2010 12:11:38 +0000 (14:11 +0200)]
Implemented AES/Camellia counter mode in gcrypt

9 years agoAdded Camellia, AES-CTR to default IKE proposal, if supported
Martin Willi [Fri, 13 Aug 2010 12:25:14 +0000 (14:25 +0200)]
Added Camellia, AES-CTR to default IKE proposal, if supported

9 years agoAdded Camellia CTR mode proposal keywords
Martin Willi [Fri, 13 Aug 2010 13:03:48 +0000 (15:03 +0200)]
Added Camellia CTR mode proposal keywords

9 years agoUse IV length of a crypter instead of block size for IV calculations
Martin Willi [Fri, 13 Aug 2010 10:20:25 +0000 (12:20 +0200)]
Use IV length of a crypter instead of block size for IV calculations

9 years agoAdd dedicated getter for the IV size to the crypter_t interface
Martin Willi [Fri, 13 Aug 2010 09:49:42 +0000 (11:49 +0200)]
Add dedicated getter for the IV size to the crypter_t interface

9 years agoMigrated xcbc plugin to INIT/METHOD macros
Martin Willi [Fri, 13 Aug 2010 13:39:50 +0000 (15:39 +0200)]
Migrated xcbc plugin to INIT/METHOD macros

9 years agoMigrated hmac plugin to INIT/METHOD macros
Martin Willi [Fri, 13 Aug 2010 13:53:51 +0000 (15:53 +0200)]
Migrated hmac plugin to INIT/METHOD macros

9 years agoMigrated des plugin to INIT/METHOD macros
Martin Willi [Fri, 13 Aug 2010 09:46:19 +0000 (11:46 +0200)]
Migrated des plugin to INIT/METHOD macros

9 years agoMigrated blowfish plugin to INIT/METHOD macros
Martin Willi [Fri, 13 Aug 2010 09:40:13 +0000 (11:40 +0200)]
Migrated blowfish plugin to INIT/METHOD macros

9 years agoMigrated the aes plugin to INIT/METHOD macros
Martin Willi [Fri, 13 Aug 2010 09:35:47 +0000 (11:35 +0200)]
Migrated the aes plugin to INIT/METHOD macros

9 years agoMigrated padlock plugin to INIT/METHOD macros
Martin Willi [Fri, 13 Aug 2010 09:27:54 +0000 (11:27 +0200)]
Migrated padlock plugin to INIT/METHOD macros

9 years agoReport the symbol name of a failed test vector
Martin Willi [Thu, 12 Aug 2010 20:46:00 +0000 (22:46 +0200)]
Report the symbol name of a failed test vector

9 years agoAdded Camellia-CTR test vectors
Martin Willi [Fri, 13 Aug 2010 12:47:09 +0000 (14:47 +0200)]
Added Camellia-CTR test vectors

9 years agoAdded AES-CTR test vectors
Martin Willi [Thu, 12 Aug 2010 20:43:44 +0000 (22:43 +0200)]
Added AES-CTR test vectors

9 years agoMigrated eap_identity plugin to INIT/METHOD macros
Andreas Steffen [Fri, 13 Aug 2010 14:57:01 +0000 (16:57 +0200)]
Migrated eap_identity plugin to INIT/METHOD macros

9 years agoMigrated eap_md5 plugin to INIT/METHOD macros
Andreas Steffen [Fri, 13 Aug 2010 14:33:26 +0000 (16:33 +0200)]
Migrated eap_md5 plugin to INIT/METHOD macros

9 years agoMigrated eap_authenticator to INIT/METHOD macros
Andreas Steffen [Fri, 13 Aug 2010 13:58:53 +0000 (15:58 +0200)]
Migrated eap_authenticator to INIT/METHOD macros

9 years agoMigrated eap_manager to INIT/METHOD macros
Andreas Steffen [Fri, 13 Aug 2010 13:32:37 +0000 (15:32 +0200)]
Migrated eap_manager to INIT/METHOD macros

9 years agomoved eap_from_string() fomr libcharon to libstrongswan to make it available in starter
Andreas Steffen [Fri, 13 Aug 2010 13:07:53 +0000 (15:07 +0200)]
moved eap_from_string() fomr libcharon to libstrongswan to make it available in starter

9 years agofixed typo
Andreas Steffen [Fri, 13 Aug 2010 10:24:54 +0000 (12:24 +0200)]
fixed typo

9 years agoset TLS record type before state change to STATE_FINISHED_SENT
Andreas Steffen [Thu, 12 Aug 2010 22:31:45 +0000 (00:31 +0200)]
set TLS record type before state change to STATE_FINISHED_SENT

9 years agofixed sequence numbering and iv of TLS protection layer
Andreas Steffen [Thu, 12 Aug 2010 21:58:29 +0000 (23:58 +0200)]
fixed sequence numbering and iv of TLS protection layer