3 years agoMerge branch 'testing-stretch'
Tobias Brunner [Wed, 21 Nov 2018 13:34:57 +0000 (14:34 +0100)]
Merge branch 'testing-stretch'

Use Debian stretch as base image for the testing environment.

3 years agotesting: Switch to Debian stretch base images
Tobias Brunner [Wed, 21 Nov 2018 13:22:47 +0000 (14:22 +0100)]
testing: Switch to Debian stretch base images

3 years agotesting: Install a package via apt-get to get a second SWIMA software event
Tobias Brunner [Fri, 5 Oct 2018 16:14:31 +0000 (18:14 +0200)]
testing: Install a package via apt-get to get a second SWIMA software event

This installs tmux and its two dependencies libevent-2.0-5 and libutempter0.
For the tnc/tnccs-20-ev-pt-tls test scenario older, apparently replaced
versions of these packages are entered to the collector.db database, so that
dummy SWID tags for these packages can be requested via SWIMA.

3 years agotesting: Add additional memory to alice
Tobias Brunner [Fri, 5 Oct 2018 16:56:09 +0000 (18:56 +0200)]
testing: Add additional memory to alice

strongTNC seems to require a lot more memory than we assign by default,
not sure this increase is enough.

3 years agotesting: Generate some UTF-8 locales
Tobias Brunner [Fri, 5 Oct 2018 15:44:55 +0000 (17:44 +0200)]
testing: Generate some UTF-8 locales

3 years agotesting: Disable systemd's NTP service
Tobias Brunner [Tue, 2 Oct 2018 10:38:04 +0000 (12:38 +0200)]
testing: Disable systemd's NTP service

This produces a lot of useless traffic as no NTP servers are reachable (or
even resolvable via winnetou).

3 years agotesting: Allow enabling only timestamps without verbose command output
Tobias Brunner [Mon, 1 Oct 2018 17:25:52 +0000 (19:25 +0200)]
testing: Allow enabling only timestamps without verbose command output

-t enables only the timestamps, -v additionally logs command output
(includes -t).

3 years agotesting: Show config files of FreeRADIUS 3.0 in test results
Tobias Brunner [Thu, 27 Sep 2018 13:39:33 +0000 (15:39 +0200)]
testing: Show config files of FreeRADIUS 3.0 in test results

3 years agotesting: Config changes for FreeRADIUS 3.0
Tobias Brunner [Tue, 25 Sep 2018 15:08:32 +0000 (17:08 +0200)]
testing: Config changes for FreeRADIUS 3.0

Also includes some changes for jessie's version of FreeRADIUS 2 (was
previously a custom version).

Besides the move to a subdir the config files were adapted for 3.0.

The rlm_sim_files module was removed with FreeRADIUS 3 and Debian's
package of FreeRADIUS 2 does not ship it, so we now replicate it using
the files module (via users file, which is actually a symlink to
mods-config/files/authorize in the default installation of FreeRADIUS 3).
Another approach was tried using rlm_passwd, however, that module does
not read binary/hex data, only printable strings, which would require
changing the triplets.
For 2.x a hack in the site config is necessary to make the attributes
available to the EAP-SIM module.

3 years agotesting: Use freeradius instead of the removed radiusd to start FreeRADIUS
Tobias Brunner [Thu, 20 Sep 2018 14:35:22 +0000 (16:35 +0200)]
testing: Use freeradius instead of the removed radiusd to start FreeRADIUS

3 years agotesting: Remove unused/inexistent DSA key from sshd config
Tobias Brunner [Thu, 20 Sep 2018 14:16:49 +0000 (16:16 +0200)]
testing: Remove unused/inexistent DSA key from sshd config

3 years agotesting: Only run DHCPv4 by setting an listening interface explicitly
Tobias Brunner [Thu, 20 Sep 2018 14:02:37 +0000 (16:02 +0200)]
testing: Only run DHCPv4 by setting an listening interface explicitly

Debian stretch's init script for isc-dhcp-server uses the INTERFACESv4|6
variables to decide whether to start the v4 and/or v6 DHCP server.

If they are not empty, the daemon is started for the respective version,
however, if both are empty (the default), to listen on all interfaces, the
daemon is started for both versions.  The latter would require a subnet
config for IPv6 as the daemon otherwise exits, letting the init script fail,
while keeping the successfully started v4 version running, which, in turn,
can't be stopped anymore with the init script because it thinks the daemon
is not running.

So it's not possible with this init script to start DHCPv4 on all interfaces
without having to configure and run DHCPv6 also.

3 years agotesting: Remove unused dhcpd config on moon
Tobias Brunner [Thu, 20 Sep 2018 13:54:55 +0000 (15:54 +0200)]
testing: Remove unused dhcpd config on moon

3 years agotesting: Accept ping6 output with IP address after hostname
Tobias Brunner [Tue, 18 Sep 2018 15:26:26 +0000 (17:26 +0200)]
testing: Accept ping6 output with IP address after hostname

Newer versions of ping6 add the IP address after the FQDN in the output.

3 years agotesting: Install traceroute utility in base image
Tobias Brunner [Tue, 18 Sep 2018 15:17:27 +0000 (17:17 +0200)]
testing: Install traceroute utility in base image

It seems this was previously installed automatically.

3 years agotesting: Only attempt to copy patches if there are any
Tobias Brunner [Tue, 18 Sep 2018 13:13:23 +0000 (15:13 +0200)]
testing: Only attempt to copy patches if there are any

3 years agotesting: Remove TNC@FHH dependencies and scenarios that rely on them
Tobias Brunner [Fri, 14 Sep 2018 12:41:36 +0000 (14:41 +0200)]
testing: Remove TNC@FHH dependencies and scenarios that rely on them

While we could continue to use FreeRADIUS 2.x that branch is officially EOL.
So instead of investing time and effort in updating/migrating the patches to
FreeRADIUS 3.x (the module changed quite significantly as it relies solely on
the naeap library in that release), for a protocol that is superseded anyway,
we just remove these scenarios and the dependencies.  Actually, the
complete rlm_eap_tnc module will be removed with FreeRADIUS 4.0.

3 years agolibimcv: Add Debian 9.5 and 9.6 to IMV database
Tobias Brunner [Fri, 28 Sep 2018 08:45:59 +0000 (10:45 +0200)]
libimcv: Add Debian 9.5 and 9.6 to IMV database

3 years agotesting: Remove Apache config hacks for Debian wheezy
Tobias Brunner [Mon, 1 Oct 2018 15:50:40 +0000 (17:50 +0200)]
testing: Remove Apache config hacks for Debian wheezy

3 years agotesting: Support build with Debian stretch base image
Tobias Brunner [Fri, 14 Sep 2018 11:43:51 +0000 (13:43 +0200)]
testing: Support build with Debian stretch base image

Remove support for wheezy.

3 years agocharon-systemd: Don't use atexit() to deinitialize the daemon
Tobias Brunner [Fri, 28 Sep 2018 17:55:52 +0000 (19:55 +0200)]
charon-systemd: Don't use atexit() to deinitialize the daemon

This is because OpenSSL 1.1 started to use atexit()-handlers of its own
to clean up.  Since the plugin is loaded and initialized after libcharon,
OpenSSL's cleanup functions ran before the daemon was properly
deinitialized (i.e. worker threads were still running and OpenSSL might
still be used during the deinit).  So several of OpenSSL's internal
structures were already destroyed when libcharon_deinit() was eventually
called via our own atexit()-handler.

The observed behavior was that the daemon couldn't be terminated properly
anymore for some test scenarios (only three TNC scenarios were affected
actually).  When the daemon tried to send the DELETE for the established
IKE_SA during its termination it got stuck in OpenSSL's RNG_WEAK
implementation (used to allocate random padding), which apparently tries
to acquire an rwlock that was already destroyed.  The main thread then
just busy-waited indefinitely on the lock, i.e. until systemd killed
it eventually after a rather long timeout.

We'll probably have to apply similar changes to other apps/scripts that
load plugins and currently use atexit() to clean up.  Although some
scripts (e.g. dh_speed or hash_burn) are not affected because they
register the deinitialization after loading the plugins.

3 years agoikev1: Ensure DPD_ACK is sent in time
Afschin Hormozdiary [Wed, 10 Oct 2018 08:01:05 +0000 (10:01 +0200)]
ikev1: Ensure DPD_ACK is sent in time

If a lot of QUICK_MODE tasks are queued and the other side
sends a DPD request, there is a good chance for timeouts.

Observed this in cases where other side is quite slow in responding
QUICK_MODE requests (e.g. Cisco ASA v8.x) and about 100 CHILD_SAs
are to be spawned.

Closes strongswan/strongswan#115.

3 years agopt-tls-client: Fixed man page
Andreas Steffen [Tue, 20 Nov 2018 08:53:18 +0000 (09:53 +0100)]
pt-tls-client: Fixed man page

3 years agoconftest: Sanity check for proposal number modifier
Tobias Brunner [Mon, 12 Nov 2018 16:15:26 +0000 (17:15 +0100)]
conftest: Sanity check for proposal number modifier

3 years agobotan: Initialize p and q before calling calculate_pq()
Tobias Brunner [Mon, 12 Nov 2018 15:55:52 +0000 (16:55 +0100)]
botan: Initialize p and q before calling calculate_pq()

3 years agoRemove useless break statements
Tobias Brunner [Mon, 12 Nov 2018 15:08:07 +0000 (16:08 +0100)]
Remove useless break statements

3 years agoVersion bump to 5.7.2dr3 5.7.2dr3
Andreas Steffen [Mon, 12 Nov 2018 15:24:53 +0000 (16:24 +0100)]
Version bump to 5.7.2dr3

3 years agotesting: Added botan/net2net-pkcs12 scenario
Andreas Steffen [Mon, 12 Nov 2018 12:51:01 +0000 (13:51 +0100)]
testing: Added botan/net2net-pkcs12 scenario

3 years agotesting: Migrated openssl-ikev2/net2net-pkcs12 scenario to swanctl
Andreas Steffen [Mon, 12 Nov 2018 12:46:16 +0000 (13:46 +0100)]
testing: Migrated openssl-ikev2/net2net-pkcs12 scenario to swanctl

3 years agotesting: Removed openssl-ikev2/rw-eap-tls-only scenario
Andreas Steffen [Mon, 12 Nov 2018 11:41:11 +0000 (12:41 +0100)]
testing: Removed openssl-ikev2/rw-eap-tls-only scenario

3 years agotesting: Removed openssl-ikev2/net2net-pgp-v3 scenario
Andreas Steffen [Mon, 12 Nov 2018 11:35:37 +0000 (12:35 +0100)]
testing: Removed openssl-ikev2/net2net-pgp-v3 scenario

3 years agotesting: migrated openssl-ikev2/critical-extension to swanctl
Andreas Steffen [Mon, 12 Nov 2018 10:50:05 +0000 (11:50 +0100)]
testing: migrated openssl-ikev2/critical-extension to swanctl

3 years agotesting: Migrated openssl/rw-cert scenario to swanctl
Andreas Steffen [Fri, 9 Nov 2018 20:45:12 +0000 (21:45 +0100)]
testing: Migrated openssl/rw-cert scenario to swanctl

3 years agotesting: Migrated openssl-ikev2/ecdsa-pkcs8 scenario to swanctl
Andreas Steffen [Fri, 9 Nov 2018 15:38:33 +0000 (16:38 +0100)]
testing: Migrated openssl-ikev2/ecdsa-pkcs8 scenario to swanctl

3 years agotesting: Migrated openssl brainpool scenarios to swanctl
Andreas Steffen [Fri, 9 Nov 2018 14:00:26 +0000 (15:00 +0100)]
testing: Migrated openssl brainpool scenarios to swanctl

3 years agotesting: Migrated openssl alg-ecp-low scenarios to swanctl
Andreas Steffen [Fri, 9 Nov 2018 11:42:14 +0000 (12:42 +0100)]
testing: Migrated openssl alg-ecp-low scenarios to swanctl

3 years agotesting: Migrated openssl alg-ecp-high scenarios
Andreas Steffen [Fri, 9 Nov 2018 10:52:59 +0000 (11:52 +0100)]
testing: Migrated openssl alg-ecp-high scenarios

3 years agotesting: Migrated openssl alg-camellia scenarios to swanctl
Andreas Steffen [Fri, 9 Nov 2018 09:02:26 +0000 (10:02 +0100)]
testing: Migrated openssl alg-camellia scenarios to swanctl

3 years agotesting: Removed openssl alg-aes-gcm and alg-blowfish scenarios
Andreas Steffen [Thu, 8 Nov 2018 20:28:19 +0000 (21:28 +0100)]
testing: Removed openssl alg-aes-gcm and alg-blowfish scenarios

3 years agotesting: Removed openssl suite B scenarios
Andreas Steffen [Thu, 8 Nov 2018 20:23:10 +0000 (21:23 +0100)]
testing: Removed openssl suite B scenarios

3 years agotesting: Moved openssl ecdsa-certs scenarios to swanctl
Andreas Steffen [Thu, 8 Nov 2018 20:16:32 +0000 (21:16 +0100)]
testing: Moved openssl ecdsa-certs scenarios to swanctl

3 years agoleak-detective: Use hashtable to cache ignored/whitelisted backtraces
Tobias Brunner [Fri, 5 Oct 2018 09:23:36 +0000 (11:23 +0200)]
leak-detective: Use hashtable to cache ignored/whitelisted backtraces

Checking for whitelisted functions in every backtrace is not very
efficient.  And because OpenSSL 1.1 does no proper cleanup anymore until
the process is terminated there are now a lot more "leaks" to ignore.
For instance, in the openssl-ikev2/rw-cert scenario, just starting and
stopping the daemon (test vectors are checked) now causes 3594 whitelisted
leaks compared to the 849 before.  This prolonged the shutdown of the
daemon on each guest in every scenario, amounting to multiple seconds of
additional runtime for every affected scenario.  But even with this
patch there is still some overhead, compared to running the scenarios on

3 years agoleak-detective: Whitelist additional OpenSSL functions used by libcurl
Tobias Brunner [Fri, 14 Sep 2018 15:13:09 +0000 (17:13 +0200)]
leak-detective: Whitelist additional OpenSSL functions used by libcurl

3 years agoscripts: Include botan in and
Tobias Brunner [Wed, 31 Oct 2018 14:10:23 +0000 (15:10 +0100)]
scripts: Include botan in and

Also, using sudo is not necessary in

3 years agoopenssl: Fix some const issues with OpenSSL 1.1.0
Tobias Brunner [Tue, 30 Oct 2018 16:15:49 +0000 (17:15 +0100)]
openssl: Fix some const issues with OpenSSL 1.1.0

3 years agoopenssl: Don't use functions deprecated with OpenSSL 1.1.0
Tobias Brunner [Tue, 30 Oct 2018 15:55:32 +0000 (16:55 +0100)]
openssl: Don't use functions deprecated with OpenSSL 1.1.0

3 years agoVersion bump to 5.7.2dr2 5.7.2dr2
Andreas Steffen [Wed, 31 Oct 2018 13:22:03 +0000 (14:22 +0100)]
Version bump to 5.7.2dr2

3 years agobotan: SHA-3 support
Andreas Steffen [Tue, 30 Oct 2018 15:03:05 +0000 (16:03 +0100)]
botan: SHA-3 support

3 years agoUse Botan 2.8.0 for tests
Tobias Brunner [Mon, 1 Oct 2018 15:24:58 +0000 (17:24 +0200)]
Use Botan 2.8.0 for tests

3 years agotesting: Use AES-GCM for SSH connections
Tobias Brunner [Tue, 18 Sep 2018 14:49:49 +0000 (16:49 +0200)]
testing: Use AES-GCM for SSH connections

RC4, which was previously used for performance reasons, is not supported
anymore with newer versions of SSH (stretch still supports it, but it
requires explicit configuration on the guests when they act as clients
too - the version in Ubuntu 18.04 apparently doesn't support it anymore
at all).

AES-GCM should actually be faster (at least for larger amounts of data and
in particular with hardware acceleration).

3 years agotesting: Avoid unnecessary rebuilds of components built from Git repos
Tobias Brunner [Fri, 14 Sep 2018 15:19:55 +0000 (17:19 +0200)]
testing: Avoid unnecessary rebuilds of components built from Git repos

Installing apparently changes the timestamp on the repo dir triggering make
to checkout and build the whole thing again.

3 years agotesting: Disable predictable network interface names assigned by systemd/udev
Tobias Brunner [Fri, 14 Sep 2018 14:28:03 +0000 (16:28 +0200)]
testing: Disable predictable network interface names assigned by systemd/udev

3 years agotesting: Remove unused custom OIDs from openssl.cnf files
Tobias Brunner [Fri, 14 Sep 2018 14:08:13 +0000 (16:08 +0200)]
testing: Remove unused custom OIDs from openssl.cnf files

ClientAuthentication is known in OpenSSL 1.1 and the redefinition, therefore,
causes an error.  These two OIDs are not used anyway in these config

3 years agotesting: Fixed evaluation in swanctl/rw-cert-pss scenario
Andreas Steffen [Sat, 27 Oct 2018 06:47:57 +0000 (08:47 +0200)]
testing: Fixed evaluation in swanctl/rw-cert-pss scenario

3 years agoVersion bump to 5.7.2dr1 5.7.2dr1
Andreas Steffen [Fri, 26 Oct 2018 16:47:48 +0000 (18:47 +0200)]
Version bump to 5.7.2dr1

3 years agotesting: Added botan/net2net-ed25519 scenario
Andreas Steffen [Fri, 26 Oct 2018 16:46:59 +0000 (18:46 +0200)]
testing: Added botan/net2net-ed25519 scenario

3 years agoNEWS: Add some recent changes
Tobias Brunner [Fri, 26 Oct 2018 13:24:51 +0000 (15:24 +0200)]
NEWS: Add some recent changes

3 years agodhcp: Ignore DHCP OFFER messages without assigned address
Tobias Brunner [Tue, 16 Oct 2018 10:07:05 +0000 (12:07 +0200)]
dhcp: Ignore DHCP OFFER messages without assigned address

FreeRADIUS seems to respond that way if it can't allocate an address to
the client.

3 years agovici: Properly handle absence of peer ID on mediation connections
Tobias Brunner [Thu, 11 Oct 2018 12:19:20 +0000 (14:19 +0200)]
vici: Properly handle absence of peer ID on mediation connections

Fixes #2794.

3 years agotask-manager-v2: Reject requests for incomplete IKE_SAs as initiator
Tobias Brunner [Fri, 26 Oct 2018 09:21:38 +0000 (11:21 +0200)]
task-manager-v2: Reject requests for incomplete IKE_SAs as initiator

Based on a patch by Thomas Egerer.

3 years agomysql: Don't release the connection if transactions are still using it
Tobias Brunner [Wed, 3 Oct 2018 07:34:02 +0000 (09:34 +0200)]
mysql: Don't release the connection if transactions are still using it

Fixes #2779.

3 years agoMerge branch 'botan-algos'
Tobias Brunner [Fri, 26 Oct 2018 09:09:00 +0000 (11:09 +0200)]
Merge branch 'botan-algos'

This adds wrappers for additional algorithms (Ed25519, ChaCha20/Poly1305,
AES-CCM) to the botan plugin and fixes some potential compile issues.

3 years agobotan: Fix build without specific asymmetric crypto
Tobias Brunner [Thu, 25 Oct 2018 12:22:21 +0000 (14:22 +0200)]
botan: Fix build without specific asymmetric crypto

3 years agobotan: Fix build without AES and its modes
Tobias Brunner [Thu, 25 Oct 2018 12:21:38 +0000 (14:21 +0200)]
botan: Fix build without AES and its modes

3 years agobotan: Add support for AES-CCM
Tobias Brunner [Tue, 23 Oct 2018 10:19:46 +0000 (12:19 +0200)]
botan: Add support for AES-CCM

3 years agotest-vectors: Add another ChaCha20/Poly1305 test vector from RFC 7539
Tobias Brunner [Tue, 23 Oct 2018 09:44:06 +0000 (11:44 +0200)]
test-vectors: Add another ChaCha20/Poly1305 test vector from RFC 7539

3 years agobotan: Add support for ChaCha20/Poly1305 AEAD algorithm
Tobias Brunner [Tue, 23 Oct 2018 09:26:02 +0000 (11:26 +0200)]
botan: Add support for ChaCha20/Poly1305 AEAD algorithm

3 years agobotan: Add support for Ed25519 keys
Tobias Brunner [Mon, 22 Oct 2018 15:55:13 +0000 (17:55 +0200)]
botan: Add support for Ed25519 keys

3 years agobotan: Add helper function for signature verification
Tobias Brunner [Mon, 22 Oct 2018 15:12:26 +0000 (17:12 +0200)]
botan: Add helper function for signature verification

3 years agoMerge branch 'ssh-eddsa'
Tobias Brunner [Fri, 26 Oct 2018 09:01:24 +0000 (11:01 +0200)]
Merge branch 'ssh-eddsa'

This adds support for Ed25519/Ed448 SSH keys and their signatures via
agent plugin.

3 years agoagent: Support signatures with Ed25519/Ed448 keys
Tobias Brunner [Mon, 22 Oct 2018 13:15:13 +0000 (15:15 +0200)]
agent: Support signatures with Ed25519/Ed448 keys

3 years agosshkey: Support encoding Ed25519/Ed448 SSH public keys
Tobias Brunner [Mon, 22 Oct 2018 13:04:48 +0000 (15:04 +0200)]
sshkey: Support encoding Ed25519/Ed448 SSH public keys

3 years agosshkey: Add support for parsing Ed25519/Ed448 SSH keys
Tobias Brunner [Mon, 22 Oct 2018 12:37:01 +0000 (14:37 +0200)]
sshkey: Add support for parsing Ed25519/Ed448 SSH keys

3 years agocurve25519: Support loading Ed25519 public keys from simple blobs
Tobias Brunner [Mon, 22 Oct 2018 12:33:36 +0000 (14:33 +0200)]
curve25519: Support loading Ed25519 public keys from simple blobs

3 years agocharon-cmd: Print plugin list before parsing arguments
Tobias Brunner [Fri, 19 Oct 2018 13:35:56 +0000 (15:35 +0200)]
charon-cmd: Print plugin list before parsing arguments

Helps debugging e.g. failures to load certs/keys.

3 years agoMerge commit 'key-sig-schemes'
Tobias Brunner [Fri, 26 Oct 2018 08:58:36 +0000 (10:58 +0200)]
Merge commit 'key-sig-schemes'

This adds the ability to return supported signature schemes (and
parameters) from a private key.

This is useful for keys on a TPM 2.0 as these can be used only with a
particular scheme (the hash algorithm and for RSA even the padding scheme
is fixed).  For RSA with PSS padding there is an additional complication
because different TPMs use different salt lengths, which we have to know
beforehand to correctly produce e.g. a certificate request (the signature
covers the algorithm identifier that describes the signature scheme).

It turned out that the new method is also useful for the agent plugin.
Newer ssh/gpg-agents support SHA-256 and SHA-512 for RSA signatures, but
not SHA-384, which we can now convey to the pubkey authenticator.
Unfortunately, older agents ignore the flags that request a SHA2 signature
and just return one with SHA-1, in such scenarios IKEv2 signature
authentication has to be disabled.

3 years agoagent: Enumerate only the supported signature schemes for RSA keys
Tobias Brunner [Fri, 19 Oct 2018 07:26:29 +0000 (09:26 +0200)]
agent: Enumerate only the supported signature schemes for RSA keys

SHA-384 is not supported but is selected by signature_schemes_for_key()
for keys between 3072 and 7680 bits.

Since this is only called for IKEv2 signature authentication we don't
even provide SHA-1 anymore.  We always provide both schemes, though,
which is what pubkey-authenticator does too for RSA.

Older agents apparently just ignore the flags and always return a SHA-1
signature.  If that's the case, charon.signature_authentication has to
be disabled.

3 years agoagent: Add support for RSA signatures with SHA256 and SHA512
Tobias Brunner [Fri, 19 Oct 2018 07:17:39 +0000 (09:17 +0200)]
agent: Add support for RSA signatures with SHA256 and SHA512

3 years agopubkey-authenticator: Append RSAPSS salt length to debug output
Andreas Steffen [Wed, 17 Oct 2018 08:05:31 +0000 (10:05 +0200)]
pubkey-authenticator: Append RSAPSS salt length to debug output

3 years agotravis: Build tmp2-tss from sources
Tobias Brunner [Mon, 15 Oct 2018 14:33:34 +0000 (16:33 +0200)]
travis: Build tmp2-tss from sources

3 years agolibtpmtss: Generalize AIK keys to signature keys
Andreas Steffen [Tue, 23 Oct 2018 16:55:16 +0000 (18:55 +0200)]
libtpmtss: Generalize AIK keys to signature keys

3 years agotpm: Check FIPS-140-2 and FIPS-186-4 compliance
Andreas Steffen [Tue, 23 Oct 2018 16:30:55 +0000 (18:30 +0200)]
tpm: Check FIPS-140-2 and FIPS-186-4 compliance

3 years agotpm: Return signature schemes supported by the key if TSS supports it
Tobias Brunner [Mon, 15 Oct 2018 11:16:44 +0000 (13:16 +0200)]
tpm: Return signature schemes supported by the key if TSS supports it

3 years agolibtpmtss: Add enumeration of supported signature schemes to TSS2 implementations
Tobias Brunner [Mon, 15 Oct 2018 11:28:51 +0000 (13:28 +0200)]
libtpmtss: Add enumeration of supported signature schemes to TSS2 implementations

3 years agolibtpmtss: TSS can optionally return signature schemes supported by a key
Tobias Brunner [Mon, 15 Oct 2018 11:16:06 +0000 (13:16 +0200)]
libtpmtss: TSS can optionally return signature schemes supported by a key

3 years agosignature-params: Provide option for maximum RSA/PSS salt length
Tobias Brunner [Fri, 12 Oct 2018 10:11:51 +0000 (12:11 +0200)]
signature-params: Provide option for maximum RSA/PSS salt length

However, the length now has to be resolved early, so we don't operate on
the negative constant values e.g. when generating the encoding.

3 years agopki: Query private key for supported signature schemes
Tobias Brunner [Fri, 12 Oct 2018 09:35:09 +0000 (11:35 +0200)]
pki: Query private key for supported signature schemes

3 years agopubkey-authenticator: Query private key for supported signature schemes
Tobias Brunner [Fri, 12 Oct 2018 09:14:05 +0000 (11:14 +0200)]
pubkey-authenticator: Query private key for supported signature schemes

3 years agoprivate-key: Add optional method that returns supported signature schemes
Tobias Brunner [Fri, 12 Oct 2018 08:35:04 +0000 (10:35 +0200)]
private-key: Add optional method that returns supported signature schemes

3 years agoMerge branch 'openssl-keyid'
Tobias Brunner [Wed, 24 Oct 2018 08:07:49 +0000 (10:07 +0200)]
Merge branch 'openssl-keyid'

Closes strongswan/strongswan#116.

3 years agoopenssl: Remove extra semicolon
ambiso [Tue, 23 Oct 2018 21:20:17 +0000 (23:20 +0200)]
openssl: Remove extra semicolon

3 years agoopenssl: Remove arbitrary keyid length check
ambiso [Tue, 23 Oct 2018 21:20:17 +0000 (23:20 +0200)]
openssl: Remove arbitrary keyid length check

3 years agoopenssl: Fix invalid keyid length check
ambiso [Tue, 23 Oct 2018 21:20:17 +0000 (23:20 +0200)]
openssl: Fix invalid keyid length check

Check was designed for base64 conversion, however a hex conversion is
being performed, which requires more memory.

3 years agolibtpmtss: Fixed inclusion of tcti-tabrmd.h header file
Andreas Steffen [Fri, 19 Oct 2018 08:46:08 +0000 (10:46 +0200)]
libtpmtss: Fixed inclusion of tcti-tabrmd.h header file

3 years agolibvici: Wrap header in extern "C" to include it from C++
Tobias Brunner [Thu, 11 Oct 2018 16:57:00 +0000 (18:57 +0200)]
libvici: Wrap header in extern "C" to include it from C++

Fixes #2795.

3 years agoandroid: New release after fixing DNS leak and some bugs
Tobias Brunner [Wed, 17 Oct 2018 10:08:47 +0000 (12:08 +0200)]
android: New release after fixing DNS leak and some bugs

3 years agoandroid: Force the two line button to be focusable
Tobias Brunner [Thu, 4 Oct 2018 09:48:45 +0000 (11:48 +0200)]
android: Force the two line button to be focusable

On newer Android versions (8+) this does not seem to be necessary (adding
the onClick handler also sets "clickable" and that in turn seems to make
it focusable), however, for older releases it is (tested with 7.1.1
keyboard navigation just skips over the button).  This was seen on a
Fire TV stick.

3 years agoandroid: Avoid DNS leak due to blocking TUN device without DNS servers
Tobias Brunner [Fri, 21 Sep 2018 13:07:44 +0000 (15:07 +0200)]
android: Avoid DNS leak due to blocking TUN device without DNS servers

It looks like Android 9 incorrectly continues to use the regular DNS
servers after the blocking TUN device is replaced with the actual
interface.  Setting DNS servers prevents that (since all traffic is
blocked, which ones doesn't really matter but local/loopback addresses
are rejected).
Interestingly, if the VPN server later does not assign any DNS servers, there
is no fallback to the non-VPN DNS servers for some reason (that's definitely
not as documented).  This could potentially be a problem as we don't
offer an option to configure DNS servers in the VPN profile.

Neither issue is seen on older Android versions (only tested on 7.1.1).

3 years agoandroid: Update Gradle plugin
Tobias Brunner [Fri, 21 Sep 2018 13:07:25 +0000 (15:07 +0200)]
android: Update Gradle plugin

3 years agoandroid: Make sure we actually have a tile when updating it
Tobias Brunner [Fri, 6 Jul 2018 14:01:34 +0000 (16:01 +0200)]
android: Make sure we actually have a tile when updating it

Not sure when this happens exactly, in particular because the reported
stack traces look like this

  at (
  at (
  at android.service.quicksettings.TileService$H.handleMessage (

which violates the API documentation for getQsTile(), which states:

  This tile is only valid for updates between onStartListening() and

But apparently that's not always the case. There have been two reports
of such a crash, both on Android 8.0 and on Xiaomi Mi 5/6 devices, so
maybe it's a bug in that particular image.