sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-04 00:00:14 -04:00
Code Issues Projects Releases Wiki Activity
18,200 Commits 101 Branches 327 Tags
Commit Graph

18200 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andreas Steffen
e6d193df94 test-vectors: No changes for Saber KE NIST Round 3 tests 2022-03-14 10:19:09 +01:00
Andreas Steffen
b945a1ee2f oqs: Support for HQC key exchange algorithm 2022-03-14 10:19:09 +01:00
Andreas Steffen
14a2596be6 test-vectors: Upgraded Kyber KE tests to NIST Round 3 2022-03-14 10:19:09 +01:00
Andreas Steffen
8190030f1d test-vectors: Upgraded NTRU KE tests to NIST Round 3 2022-03-14 10:19:09 +01:00
Andreas Steffen
38d83d07bc scripts: Fixed NIST KAT scripts 2022-03-14 10:19:09 +01:00
Andreas Steffen
89bba5924c oqs: Support of Falcon signature algorithms 2022-03-14 10:19:09 +01:00
Andreas Steffen
f828c1275d oqs: Complete post-quantum signature support 2022-03-14 10:19:09 +01:00
Andreas Steffen
2fe4a4a4e6 ntru: Removed legacy NTRU key exchange method 2022-03-14 10:19:09 +01:00
Andreas Steffen
4d0c1bf490 newhope: Removed legacy Newhope key exchange method 2022-03-14 10:19:09 +01:00
Andreas Steffen
71bf647d46 bliss: Removed legacy BLISS signatures 2022-03-14 10:19:09 +01:00
Andreas Steffen
8e790fd5a6 oqs: Added signature tests 2022-03-14 10:19:09 +01:00
Andreas Steffen
09fa2cd2eb scripts: Added nist_sig_kat script 2022-03-14 10:19:09 +01:00
Andreas Steffen
2cfc5d5e1e oqs: Postponed freeing of kem object 2022-03-14 10:19:08 +01:00
Andreas Steffen
77a0f681c8 oqs: Support of Dilithium signature algorithms 2022-03-14 10:19:08 +01:00
Andreas Steffen
5e07e97a02 oqs: Update to NIST round 3 KEM candidates 2022-03-14 10:19:08 +01:00
Andreas Steffen
32a13dce39 oqs: Removed BIKE round 1 version including test vectors 2022-03-14 10:19:08 +01:00
Andreas Steffen
274dd9d88b testing: Added ikev2/rw-cert-qske scenario 2022-03-14 10:19:08 +01:00
Andreas Steffen
f92656a5f5 wip: ikev2: Change multi-KE codepoints for testing 2022-03-14 10:19:08 +01:00
Andreas Steffen
45e9bbd221 vici: List additional key exchanges 
Co-authored-by: Tobias Brunner <tobias@strongswan.org>
 2022-03-14 10:19:08 +01:00
Andreas Steffen
eb5a34f783 frodo: FrodoKEM KE method 2022-03-14 10:19:08 +01:00
Andreas Steffen
ec25c4d3a8 oqs: Added post-quantum KEM methods based on liboqs 2022-03-14 10:19:08 +01:00
Andreas Steffen
21257e0251 nist_kem_kat: Added script formating NIST KEM KAT records into ke_test vectors 2022-03-14 10:19:08 +01:00
Andreas Steffen
9e391cb934 test-vectors: Added NIST KEM test vectors 2022-03-14 10:19:08 +01:00
Andreas Steffen
e557629ba8 key-exchange: Joint ke_test_vector format for DH and KEM 
Both Diffie-Hellman (DH) and Key Encapsulation Mechanism (KEM) based
key exchange methods use a common ke_test_vector format. The
set_seed() function is used to provide deterministic private key
material for the crypto tests.
 2022-03-14 10:19:08 +01:00
Andreas Steffen
aa0bc52adb key-exchange: Added NIST round 2 submission KEM candidates 2022-03-14 10:19:08 +01:00
Tobias Brunner
29ccd78ed0 wip: ike-init: Indicate support for IKE_INTERMEDIATE 
wip: Not strictly necessary. I guess we should also add some checks if
the notify was not received.
 2022-03-14 10:19:08 +01:00
Tobias Brunner
91a667ddfc proposal: Prevent selection of duplicate key exchange methods 
All additional (and the initial) key exchanges must use a different method.
 2022-03-14 10:19:08 +01:00
Tobias Brunner
5cee4a9322 proposal: Add helper to check if additional key exchanges are contained 2022-03-14 10:19:08 +01:00
Tobias Brunner
e9a3a99f20 proposal: Accept NONE for additional key exchanges also for IKE proposals 2022-03-14 10:19:08 +01:00
Tobias Brunner
24131b0a63 unit-tests: Add tests for CHILD_SA rekeying with multiple key exchanges 2022-03-14 10:19:08 +01:00
Tobias Brunner
5ddb1715e8 unit-tests: Add tests for CHILD_SA creation with multiple key exchanges 2022-03-14 10:19:08 +01:00
Tobias Brunner
cf4780f5ac unit-tests: Tests for additional key exchanges 2022-03-14 10:19:08 +01:00
Tobias Brunner
596d18a352 unit-tests: Support multiple proposals in exchange tests 2022-03-14 10:19:08 +01:00
Tobias Brunner
a50be75323 unit-tests: Hand out an actual shared secret in mock KE implementation 
Makes key derivation a bit more realistic.
 2022-03-14 10:19:08 +01:00
Tobias Brunner
9d3908ca95 proposal: Add prefix for additional key exchanges when logging proposals 2022-03-14 10:19:08 +01:00
Tobias Brunner
c3b3be96af key-exchange: Add dynamic parser for additional key exchange methods 2022-03-14 10:19:08 +01:00
Tobias Brunner
2e36460d60 child-rekey: Support CHILD_SA rekeying with multiple key exchanges 2022-03-14 10:19:08 +01:00
Tobias Brunner
0cb8095032 child-sa: Cache and forward actual initiator flag for outbound SA 
Kernel interfaces (e.g. TKM) might rely on this flag to be correct.
 2022-03-14 10:19:08 +01:00
Tobias Brunner
3f72b47c10 unit-tests: Fix CHILD_SA rekey tests after INVALID_KE_PAYLOAD handling changes 
The responder doesn't create a CHILD_SA and allocate an SPI anymore
when responding with an INVALID_KE_PAYLOAD notify.
 2022-03-14 10:19:08 +01:00
Tobias Brunner
bb49d87b63 child-create: Add support for multiple key exchanges 
It also changes that payloads are built before installing the CHILD_SA on
the responder, that is, the KE payload is generated before keys are derived,
so that key_exchange_t::get_public_key() is called before get_shared_secret(),
or it's internal equivalent, which could be relevant for KE implementations
that want to ensure that the key can't be used again after the key
derivation.
 2022-03-14 10:19:08 +01:00
Tobias Brunner
38a848e089 ike-rekey: Support IKE_SA rekeying with multiple key exchanges 2022-03-14 10:19:08 +01:00
Tobias Brunner
42aee9945b ikev2: Send deletes also for rekeyed SAs 
This way we can use the IKE_REKEYED state for both redundant and old SAs
to suppress ike_updown().

In the ike-delete task we don't suppress events in state IKE_REKEYING as
that's the case when we delete an SA the peer is currently rekeying with
multiple key exchanges.
 2022-03-14 10:19:07 +01:00
Tobias Brunner
a53a3090b4 ikev2: Let ike/child-rekey tasks indicate if the passive task was adopted 
This gives us more flexibility with tasks that return NEED_MORE (currently
none of the colliding tasks do, but that will change with multi-KE
rekeyings).  The active task has to check itself if the passive task is
done and should be removed from the task manager.
 2022-03-14 10:19:07 +01:00
Tobias Brunner
623cf6ba83 ike-rekey: Remove collision task type checks 
Since f67199378df9 ("ike-rekey: Handle undetected collisions also if
delete is delayed") we only ever track tasks of type TASK_IKE_REKEY, so
there is no need to check the type or use the generic task_t interface.

Also changed some of the comments to clarify collision handling.
 2022-03-14 10:19:07 +01:00
Tobias Brunner
52c471906c ike-rekey: Don't actively rekey already rekeyed SAs 
If the peer successfully rekeyed the SA it gets marked as IKE_REKEYED
and it remains until the peer deletes it (or a timeout).  There is no
point in rekeying such SAs again.

IKE_REKEYING will be relevant if we have multi-KE rekeyings and are
waiting for followup key exchanges for a passive rekeying.
 2022-03-14 10:19:07 +01:00
Tobias Brunner
604336bf4c ike-init: Ignore COOKIE payloads during rekeying 
This ensures that process_i() only returns NEED_MORE due to multiple
key exchanges or an INVALID_KE_PAYLOAD notify.
 2022-03-14 10:19:07 +01:00
Tobias Brunner
0e6c490a07 ike-init: Add support for multiple key exchanges 
Initially, this is handled with a key derivation for each
IKE_INTERMEDIATE exchange.  When rekeying the keys are derived only when
all IKE_FOLLOWUP_KE exchanges are done.
 2022-03-14 10:19:07 +01:00
Tobias Brunner
ce389ec94b bus: Support multiple key exchanges in ike/child_keys() events 2022-03-14 10:19:07 +01:00
Tobias Brunner
4047aa2ec3 keymat_v2: Support key derivation with multiple key exchanges 2022-03-14 10:19:07 +01:00
Tobias Brunner
089fdcac1c key-exchange: Add helper to concatenate shared secrets of several key exchanges 2022-03-14 10:19:07 +01:00