sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-05 00:00:45 -04:00
Code Issues Projects Releases Wiki Activity
12,504 Commits 101 Branches 327 Tags
Commit Graph

34 Commits

Author SHA1 Message Date
Martin Willi
e5d73b0dfa aead: Support custom AEAD salt sizes 
The salt, or often called implicit nonce, varies between AEAD algorithms and
their use in protocols. For IKE and ESP, GCM uses 4 bytes, while CCM uses
3 bytes. With TLS, however, AEAD mode uses 4 bytes for both GCM and CCM.

Our GCM backends currently support 4 bytes and CCM 3 bytes only. This is fine
until we go for CCM mode support in TLS, which requires 4 byte nonces.
 2014-03-31 15:56:12 +02:00
Tobias Brunner
636076d45d unit-tests: Actually verify registered algorithms against test vectors 
Previously, the {ns}.crypto_test.on_add option had to be enabled to
actually test the algorithms, which we can't enforce for the tests in
the test_runner as the option is already read when the crypto factory
is initialized.  Even so, we wouldn't want to do this for every unit
test, which would be the result of enabling that option.
 2014-03-20 15:49:05 +01:00
Tobias Brunner
8dc6e71632 lib: All settings use configured namespace 2014-02-12 14:34:32 +01:00
Andreas Steffen
6623dfa84d Revert refactoring which broke CentOS build 2013-10-13 19:56:04 +02:00
Tobias Brunner
ec91f15e3b crypto-factory: Try next available RNG implementation if constructor fails 2013-10-11 15:13:25 +02:00
Tobias Brunner
2e22333fbc crypto-factory: Order entries by algorithm identifier and (optionally) speed 2013-10-11 15:13:25 +02:00
Tobias Brunner
e2c9a03d15 Remove HASH_PREFERRED, usages are replaced with HASH_SHA1, which is required for IKEv2 anyway 2013-10-11 15:13:25 +02:00
Martin Willi
e9e4759733 crypto-factory: count the number of test vector failures during registration 2013-06-21 10:53:20 +02:00
Tobias Brunner
f05b427265 Moved debug.[ch] to utils folder 2012-10-24 16:00:51 +02:00
Tobias Brunner
12642a6831 Moved data structures to new collections subfolder 2012-10-24 16:00:49 +02:00
Tobias Brunner
24aa55867e Initialize g and p in create_dh factory method 2012-09-28 15:48:09 +02:00
Martin Willi
11d6bc3eb0 Move MODP_CUSTOM va_arg fetching out of loop 
It seems problematic at least on PPC with gcc 4.3, fixes #208.
 2012-08-02 12:08:27 +02:00
Martin Willi
75d4e01c4a Enumerate correct list while removing nonce_gens, fix deregistration 2012-05-21 12:28:01 +02:00
Tobias Brunner
b826b192ba Add enumerator for registered nonce generators. 2012-05-18 08:15:41 +02:00
Adrian-Ken Rueegsegger
e2fc09c186 Add nonce generator interface 
Nonce generators (nonce_gen_t) can be used to get or allocate nonces.

Users can request nonce generators from the crypto factory while nonce
plugins register/remove themselves to/from the crypto factory.
 2012-05-18 08:15:40 +02:00
Andreas Steffen
5932f41fcc trace back crypto algorithms to the plugins that registered them 2010-12-18 16:31:12 +01:00
Martin Willi
0abd558a65 Added a MODP_CUSTOM DH group which takes g and p as constructor arguments 2010-09-02 19:33:08 +02:00
Martin Willi
77b55e8a96 Added support for AEAD algorithms to crypto factory 2010-08-19 19:02:34 +02:00
Martin Willi
a369a5ece9 Do not free registered algorithms, plugins are responsible for unregistering 2010-08-16 17:06:28 +02:00
Martin Willi
1b0eff58e0 Implemented algorithm benchmarking during registration 2010-08-16 17:06:28 +02:00
Martin Willi
e8bf9d6e16 Migrated crypto_factory to INIT/METHOD macros 2010-08-16 17:06:27 +02:00
Tobias Brunner
8b0e09103b Adding DBG_LIB to all calls of libstrongswan's version of DBG*. 2010-04-06 12:47:40 +02:00
Tobias Brunner
eba64cef41 Separated the public interfaces of the threading primitives. 2009-12-23 17:01:53 +01:00
Tobias Brunner
14f7091280 Moved mutex.c to a separate folder in order to cleanly wrap other threading primitives (and utils/mutex.h is now threading.h). 2009-12-23 17:00:58 +01:00
Martin Willi
323f9f990f replaces four spaces by tabs, where appropriate 2009-09-04 14:50:23 +02:00
Martin Willi
7daf5226b7 removed trailing spaces ([[:space:]]+$) 2009-09-04 13:46:09 +02:00
Tobias Brunner
3901937d14 OpenSolaris defines MUTEX_DEFAULT therefore we rename the members of the enums mutex/condvar/rwlock_type_t. 2009-08-14 13:30:59 +02:00
Martin Willi
72e174f966 removed one hierarchy level for crypto test options 2009-06-16 09:48:45 +02:00
Martin Willi
28a0728b67 make use of the crypto_tester in the crypto_factory 
libstrongswan.crypto.test.on_add to test algorithms during initialization
libstrongswan.crypto.test.on_create to test algorithms on each instantiation
 2009-06-11 15:55:48 +02:00
Tobias Brunner
8c5d72cd0b removing svn keyword $Id$ from all files 2009-04-30 13:19:35 +00:00
Martin Willi
e76078e877 use read-write locks in crypto factory for parallelization 2008-11-05 16:21:57 +00:00
Martin Willi
9482208633 crypto_factory algorithm enumeration API 
implementation of "ipsec listalgs"
 2008-08-28 09:24:42 +00:00
Martin Willi
6a365f0740 added API for random number generators, served through credential factory 
ported randomizer_t to a rng_t on top of /dev/(u)random (plugin random)
 2008-04-15 05:56:35 +00:00
Martin Willi
552cc11b1f merged the modularization branch (credentials) back to trunk 2008-03-13 14:14:44 +00:00