sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-06 00:00:47 -04:00
Code Issues Projects Releases Wiki Activity
14,168 Commits 101 Branches 327 Tags
Commit Graph

14168 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Martin Willi
377f13f794 apidoc: Set QUIET to YES, suppressing any parsing/generating status output 
As WARNING messages still get printed, this makes spotting any warnings much
simpler.
 2015-04-16 15:28:28 +02:00
Martin Willi
4eabc35b97 apidoc: Enable documentation of static functions 
As we scan for header files only, this does not affect any local functions,
but documents any static inlines we define in header files.
 2015-04-16 15:28:25 +02:00
Martin Willi
b3811cfd52 strerror: Move to its own Doxygen subgroup 2015-04-16 14:50:41 +02:00
Martin Willi
80e05dc8fd utils: Clean up includes 2015-04-16 14:50:41 +02:00
Martin Willi
04f12ecd29 align: Move min/max/padding/alignment functions to separate files 2015-04-16 14:50:40 +02:00
Martin Willi
eaa02bc925 time: Move time related functions to separate files 2015-04-16 14:50:24 +02:00
Martin Willi
1f2326ce58 object: Move OO programming helper macros to a separate header file 2015-04-16 14:50:05 +02:00
Martin Willi
1e02eddb72 status: Move status_t type and functions to separate files 2015-04-16 14:50:05 +02:00
Martin Willi
001a22e2c1 path: Move path related utility functions to separate files 2015-04-16 14:50:04 +02:00
Martin Willi
7585a85f1a tty: Move tty related functions to separate files 2015-04-16 14:50:04 +02:00
Martin Willi
7802ab88a1 memory: Move memory manipulation related functions to separate files 2015-04-16 14:50:02 +02:00
Martin Willi
bbfe7a80b1 string: Move string related utility functions to separate files 2015-04-16 14:49:19 +02:00
Martin Willi
03cf888277 byteorder: Move byte order related functions to separate header file 2015-04-16 14:49:19 +02:00
Martin Willi
95726f7617 types: Use generic type definitions to separate header file 2015-04-16 14:49:19 +02:00
Martin Willi
717313c542 atomics: Move atomics/recounting support to separate files 2015-04-16 14:49:19 +02:00
Martin Willi
31a171f5c4 unit-tests: Further increase the test vector testing timeout 
Some build bots running make check seem to have longer for the DH testing.
 2015-04-16 10:15:13 +02:00
Martin Willi
7d1ffe013d test-vectors: Define test vector symbols as extern 
We don't actually define a vector, but only prototype the test vector
implemented in a different file. GCC uses the correct symbol during testing,
but clang correctly complains about duplicated symbols during linking.
 2015-04-16 09:38:14 +02:00
Tobias Brunner
d1e7b31e80 Fix years in some copyright statements 2015-04-16 09:21:00 +02:00
Martin Willi
23947b2a4f aesni: Fix doxygen groups 2015-04-15 17:29:56 +02:00
Martin Willi
44136bec94 Merge branch 'dh-test-vectors' 
Add a Diffie-Hellman backend test method, a set of test vectors and implement
testing of the gmp, openssl and gcrypt DH backend.
 2015-04-15 14:45:55 +02:00
Martin Willi
22458c18ff kernel-netlink: Don't mangle verbosity during test initialization 
We now properly manage thread verbosity in the test framework, and don't need
to silence thread spawning messages.
 2015-04-15 14:38:44 +02:00
Martin Willi
432d712048 unit-tests: Set test verbosity just after test suite loading 
We see any plugin startup messages during suite configuration, where
initialization is called once to query plugin features. No need to be verbose
and show these messages once again in the first test.
 2015-04-15 14:38:43 +02:00
Martin Willi
80469c2168 crypto-factory: Remove obsolete transform testing functions 2015-04-15 14:38:43 +02:00
Martin Willi
e507c48e8d unit-tests: Use progressive testing of transforms with test vectors 
This allows us to show which transform from which plugin failed. Also, we use
the new cleanup handler functionality that allows proper deinitialization on
failure or timeout.
 2015-04-15 14:38:43 +02:00
Martin Willi
1d55e0756a transform: Add a getter for the enum_names for a specific transform type 2015-04-15 14:38:43 +02:00
Martin Willi
de1c492a0f enum-names: Fail gracefully when passing a NULL value as enum names 2015-04-15 14:38:43 +02:00
Martin Willi
e03fb1fb26 crypto-factory: Add enumerator method to support individual transform testing 2015-04-15 14:38:43 +02:00
Martin Willi
30003bc51a unit-tests: Invoke all registered thread cleanup handlers on test failure 
If a test fails in a timeout or a test failure, longjmp() is used to restore
the thread context and handle test failure. However, there might be unreleased
resources, namely locks, which prevent the library to clean up properly after
finishing the test.

By using thread cleanup handlers, we can release any test subject internal or
test specific external resources on test failure. We do so by calling all
registered cleanup handlers.
 2015-04-15 14:38:43 +02:00
Martin Willi
d36b30803e thread: Add a function to pop and call all registered cleanup handlers 2015-04-15 14:38:43 +02:00
Martin Willi
ef33f8e85d thread: Don't acquire lock for thread_cleanup_push/pop 
This is called only by the thread for its own thread_t, and does not need
synchronization.
 2015-04-15 14:38:42 +02:00
Martin Willi
3aa785507d travis: Run a gcrypt test with leak-detective 
And also enable gcrypt in the all tests with leak-detective enabled.
 2015-04-15 14:38:42 +02:00
Martin Willi
13a5a906e9 gcrypt: Explicitly initialize RNG backend to allocate static data 
The libgcrypt RNG implementation uses static buffer allocation which it does
not free. There is no symbol we can catch in leak-detective, hence we explicitly
initialize the RNG during the whitelisted gcrypt_plugin_create() function.
 2015-04-15 14:38:42 +02:00
Martin Willi
d72817491d leak-detective: Whitelist gcrypt_plugin_create() 
gcry_check_version() does not free statically allocated resources. However,
we can't whitelist it in some versions, as it is not a resolvable symbol name.
Instead, whitelist our own plugin constructor function.
 2015-04-15 14:38:42 +02:00
Martin Willi
162252aca9 unit-tests: Add a TESTS_PLUGINS environment variable 
This is often more convenient than specifying plugins in a configuration file.
 2015-04-15 14:38:42 +02:00
Martin Willi
26c215e818 unit-tests: Use a larger timeout for test vector testing 
As we test DH calculations this now takes more time. If multiple DH backends
are enabled, we likely hit the default test timeout.
 2015-04-15 14:38:42 +02:00
Martin Willi
41421b85a9 gcrypt: Support setting private value and testing of DH backend 2015-04-15 14:38:42 +02:00
Martin Willi
0778c027a7 openssl: Support setting ECDH private values 2015-04-15 14:38:42 +02:00
Martin Willi
e77ca5c79d openssl: Support setting private Diffie-Hellman values 2015-04-15 14:38:42 +02:00
Martin Willi
1a522d327e gmp: Support setting Diffie-Hellman private values 2015-04-15 14:38:41 +02:00
Martin Willi
b8f576a803 test-vectors: Add DH vectors for Brainpool groups 2015-04-15 14:38:41 +02:00
Martin Willi
8b070b1b36 test-vectors: Add DH vectors for ECDH groups 2015-04-15 14:38:41 +02:00
Martin Willi
57f1ef220c test-vectors: Add DH vectors for subgroup MODP groups 2015-04-15 14:38:41 +02:00
Martin Willi
e62906524c test-vectors: Add DH vectors for normal MODP groups 2015-04-15 14:38:39 +02:00
Martin Willi
79955b2b99 test-vectors: Support testing DH groups 2015-04-15 14:37:38 +02:00
Martin Willi
a94955e88a crypto-tester: Support testing DH groups using DH test vectors 2015-04-15 14:37:38 +02:00
Martin Willi
3941545fb9 diffie-hellman: Introduce an optional setter for the private value 
This allows us to work with deterministic values for testing purposes.
 2015-04-15 14:37:38 +02:00
Martin Willi
5331584cc4 Merge branch 'aesni' 
Add an aesni plugin providing CBC, CTR, XCBC, CMAC, CCM and GCM modes for
for AES-128/192/256 based on AES-NI/PCLMULQDQ intrinsics.
 2015-04-15 14:33:45 +02:00
Martin Willi
e8ba1d47cd NEWS: Add aesni plugin news 2015-04-15 13:44:40 +02:00
Martin Willi
37794878cc aesni: Avoid loading AES/GHASH round keys into local variables 
The performance impact is not measurable, as the compiler loads these variables
in xmm registers in unrolled loops anyway.

However, we avoid loading these sensitive keys onto the stack. This happens for
larger key schedules, where the register count is insufficient. If that key
material is not on the stack, we can avoid to wipe it explicitly after
crypto operations.
 2015-04-15 13:44:40 +02:00
Martin Willi
93f0080265 aesni: Align all class instances to 16 byte boundaries 
While the required members are aligned in the struct as required, on 32-bit
platforms the allocator aligns the structures itself to 8 bytes only. This
results in non-aligned struct members, and invalid memory accesses.
 2015-04-15 13:44:40 +02:00