sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-06 00:00:47 -04:00
Code Issues Projects Releases Wiki Activity
12,340 Commits 101 Branches 327 Tags
Commit Graph

12340 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tobias Brunner
d62a6ec3f9 chunk: Fix chunk_mac/hash tests on big-endian systems 
Our SipHash-2-4 implementation returns the result in host order, while
the test vectors are little-endian.  Use a custom comparison function to
account for this.

Fixes #478.
 2014-01-06 17:31:07 +01:00
Tobias Brunner
13f2d3a2f6 utils: Fix %T printf hook on big-endian systems 
The cast to a bool* cut of the actual value on big-endian systems
if bool was shorter than int because the bool argument to printf gets
promoted to an int.

Fixes #479.
 2014-01-06 15:30:02 +01:00
Tobias Brunner
0773c7fd71 checksum: Delay building of checksum_builder until required by make install 
This ensures PLUGINDIR includes any DESTDIR set during make install.
 2014-01-06 14:38:34 +01:00
Tobias Brunner
5d826357b8 checksum: Remove unnecessary pluto symbol 2014-01-06 13:37:12 +01:00
Tobias Brunner
261fd9d33b stroke: Fix error message if parsing leftsourceip fails 2014-01-06 12:55:45 +01:00
Andreas Steffen
6810388064 Update PCR even if measurement does not equal reference value 2013-12-21 00:40:45 +01:00
Tobias Brunner
bfa2201537 tun-device: Include system headers before our own 
On CentOS 6.5 the sys/capability.h header file defines _LINUX_TYPES_H
without actually including that header, preventing its later inclusion
here.

As library.h (via which the capabilities headers are included) is not
actually required in tun_device.[ch], moving the inclusion of tun_device.h
would not strictly be necessary.  But it's probably a good idea to
include our own headers after system headers anyway, for if one of the
recursively included files at a later point includes library.h we'd have
the same problem again.
 2013-12-20 11:33:16 +01:00
Tobias Brunner
7c4629060a aes-test: Fix compiler warnings from older versions of GCC 2013-12-19 11:02:23 +01:00
Andreas Steffen
f5fd12b932 Fixed check_file_measurement method in pts_database_t 2013-12-13 14:37:31 +01:00
Andreas Steffen
953a922e9b unit-tests: NTRU test to check a special branch 2013-12-08 10:18:33 +01:00
Andreas Steffen
84814a6b7c min_MGF_hash_calls parameter is not needed anymore 2013-12-07 23:54:53 +01:00
Andreas Steffen
5da659523e Optimized MGF1 implementation 2013-12-07 23:29:04 +01:00
Andreas Steffen
abd4797dc1 Implemented ntru_trits class 2013-12-07 23:27:59 +01:00
Andreas Steffen
a978a8194d Streamlined DRBG and MGF1 debug output 2013-12-07 00:21:28 +01:00
Andreas Steffen
bced16ee11 Version bump to 5.1.2dr2 5.1.2.dr2 2013-12-06 10:10:24 +01:00
Andreas Steffen
933f3c6e8f unit-tests: Added crypter tests 2013-12-06 10:09:36 +01:00
Andreas Steffen
fdc6c682b2 Added own MGF1 mask generating function 2013-12-05 22:55:47 +01:00
Andreas Steffen
78affed0a0 unit-tests: Added hasher tests 2013-12-04 23:09:32 +01:00
Andreas Steffen
2006709ec5 Moved test_rng to a test suite of its own 2013-12-04 21:23:30 +01:00
Tobias Brunner
f1e12da7ef unit-tests: Don't use priority for destructor that unregisters testable functions 
This fixes coverage reports, at least if leak detective is disabled.
If it is enabled the plugins are not unloaded so the destructor is not
executed until the process is destroyed, which seems not to be covered
by gcov.
 2013-12-04 20:33:00 +01:00
Tobias Brunner
d5a0abfa92 unit-tests: Export ntru_drbg_create as testable function so no linking is required 
This way the plugin does not have to be linked explicitly to the test
runner, which otherwise would require that the plugin is either always
enabled to build the tests or that ifdefs are added to the Makefile.
 2013-12-04 20:32:59 +01:00
Tobias Brunner
4cea186b64 unit-tests: Add facility to register testable functions 
These can be defined in plugins, or other parts of the tested libraries.
They can even be static.
 2013-12-04 20:32:59 +01:00
Tobias Brunner
a24eec4649 unit-tests: Move ntru_test_rng_t to a utility class in libtest 2013-12-04 20:32:59 +01:00
Tobias Brunner
6354466a5b unit-tests: Fix apidoc for libtest 2013-12-04 20:32:59 +01:00
Tobias Brunner
3e8a44c2aa ntru: Fix compiler warning caused by ++/-- on righthand side of an assignment 
The behavior of stuff like x = --x; (or x++) is not defined.
 2013-12-04 20:32:59 +01:00
Reto Buerki
ea4f71c2c3 testing: Fix status output in build-baseimage script 2013-12-04 10:42:03 +01:00
Reto Buerki
e570628557 Remove check library from HACKING document 2013-12-04 10:42:03 +01:00
Reto Buerki
d33df7ed51 charon-tkm: Abort if gprbuild binary is not found 2013-12-04 10:42:03 +01:00
Reto Buerki
8416ebb628 charon-tkm: Update integration tests 2013-12-04 10:41:54 +01:00
Adrian-Ken Rueegsegger
6db7feacf6 charon-tkm: Implement IANA DH Id to TKM Id mapping 
The TKM Diffie-Hellman plugin now maps IANA DH identifiers to TKM DH
algorithm identifiers. The mapping is specified in the daemon's
'dh_mapping' section in the strongswan.conf file:

dh_mapping {
	iana_id1 = tkm_id1
	iana_id2 = tkm_id2
	iana_id3 = tkm_id3
	...
}

Only the mapped IANA IDs are registered as supported DH groups.
 2013-12-03 11:58:53 +01:00
Adrian-Ken Rueegsegger
9e8a52003a charon-tkm: Drop unnecessary include 2013-12-03 11:58:53 +01:00
Andreas Steffen
623fdcb7de Fixed formatting in strongswan.conf 2013-12-03 08:17:39 +01:00
Tobias Brunner
7c7148b038 ike: Log SK_p consistently on level 4 2013-11-28 19:04:47 +01:00
Andreas Steffen
acc25f29bd Updated NEWS for 5.1.2dr1 5.1.2dr1 2013-11-27 20:37:11 +01:00
Andreas Steffen
7d5b9e81a4 Added DRBG automatic reseeding tests 2013-11-27 20:21:41 +01:00
Andreas Steffen
5443762491 Use strongSwan hash plugins for SHA-1 and SHA-256 2013-11-27 20:21:41 +01:00
Andreas Steffen
d993a567b7 Extended NIST SP 800-90A HMAC_DRBG test cases 2013-11-27 20:21:41 +01:00
Andreas Steffen
a7047cda59 Cleaned up ntru-crypto library 2013-11-27 20:21:41 +01:00
Andreas Steffen
98c6421674 Implemented NIST SP 800-90A DRBG_HMAC with SHA-256 2013-11-27 20:21:41 +01:00
Andreas Steffen
798a36dc14 Added NTRU key exchange to default IKE proposal 2013-11-27 20:21:41 +01:00
Andreas Steffen
9013973cc8 unit-tests: Added ntru wrong ciphertext test 2013-11-27 20:21:41 +01:00
Andreas Steffen
885e699b58 unit-tests: Added ntru entropy, retransmission and ciphertext tests 2013-11-27 20:21:41 +01:00
Andreas Steffen
802eaf3789 Any of the four NTRU parameter sets can be selected 2013-11-27 20:21:41 +01:00
Andreas Steffen
1f73969eb5 Make the NTRU parameter set configurable 2013-11-27 20:21:41 +01:00
Andreas Steffen
2c620cb089 unit-tests: first NTRU test case 2013-11-27 20:21:40 +01:00
Andreas Steffen
d5cd6eba2b Added ikev2/net2net-ntru-cert and ikev2/rw-ntru-psk scenarios 2013-11-27 20:21:40 +01:00
Andreas Steffen
146ad86be5 Prototype implementation of IKE key exchange via NTRU encryption 2013-11-27 20:21:40 +01:00
Tobias Brunner
e9b49d412b Merge branch 'nm-psk' 
This adds support for PSK authentication to the NetworkManager frontend.
 2013-11-27 18:37:11 +01:00
Tobias Brunner
0b506edb19 nm: Require the PSK to be at least 20 characters long 2013-11-27 18:36:58 +01:00
Tobias Brunner
692a421aa0 nm: German translation updated 2013-11-27 18:36:58 +01:00