sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-04 00:00:14 -04:00
Code Issues Projects Releases Wiki Activity
18,221 Commits 101 Branches 327 Tags
Commit Graph

18221 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andreas Steffen
31a36fefd9 Version bump to 6.0dr14 6.0dr14 2022-03-15 12:51:59 +01:00
Andreas Steffen
ed50699e29 Version bump to 6.0dr13 2022-03-14 10:19:10 +01:00
Tobias Brunner
9e6940b25a ikev2: Update IntAuth calculation to the latest draft version 
Instead of concatenating the IntAuth values of all IKE_INTERMEDIATE
messages, this only requires two PRF-sized values for all exchanges,
plus the message ID of the first IKE_AUTH exchange.  The latter is a
safe-guard against potential truncation attacks if IKE_INTERMEDIATE
exchanges are not used for multiple key exchanges but some other future
use where the number of exchanges might not depend on the selected
proposal.
 2022-03-14 10:19:10 +01:00
Tobias Brunner
bc73504681 ikev2: Reject IKE_INTERMEDIATE requests after IKE_AUTH 
We currently only support these exchanges for additional key exchanges,
so once we have the final keys derived and the ike-init task is removed,
we don't expect any more of them.
 2022-03-14 10:19:09 +01:00
Tobias Brunner
8144043c0e unit-tests: Allow configuring log levels for individual groups 2022-03-14 10:19:09 +01:00
Tobias Brunner
53611de838 debug: Support configuring different log levels for groups in default logger 2022-03-14 10:19:09 +01:00
Andreas Steffen
dcd0e9da0d oqs: Included version 4.1 of BIKE Round 3 (L1 and L3) 
Requirement: liboqs-0.7.0
 2022-03-14 10:19:09 +01:00
Tobias Brunner
a62909c8c3 wolfssl: Move shared secret calculation to get_shared_secret() 
The ECDH implementation gets a bit simpler since we removed the
ecp_x_coordinate_only option a while ago.

Also added calls to verify public keys.
 2022-03-14 10:19:09 +01:00
Tobias Brunner
e97fd260df pkcs11: Move shared secret calculation to get_shared_secret() 2022-03-14 10:19:09 +01:00
Tobias Brunner
65dd5a7f38 openssl: Move shared secret calculation to get_shared_secret() 2022-03-14 10:19:09 +01:00
Tobias Brunner
b3c9c005b6 gcrypt: Move shared secret calculation to get_shared_secret() 2022-03-14 10:19:09 +01:00
Tobias Brunner
5d1f1dd8f0 curve25519: Move shared secret calculation to get_shared_secret() 2022-03-14 10:19:09 +01:00
Tobias Brunner
f0812fe9d2 botan: Move shared secret calculation to get_shared_secret() 2022-03-14 10:19:09 +01:00
Tobias Brunner
3792326769 gmp: Move shared secret calculation to get_shared_secret() 
This avoids doing costly operations when just setting the public key.
For the same reason the optional extended public key check is moved.
 2022-03-14 10:19:09 +01:00
Tobias Brunner
9c9b683b7b key-exchange: Warn about costly operations in set_public_key() 2022-03-14 10:19:09 +01:00
Tobias Brunner
895b8bae30 ike-auth: Move packet collection to post_build() method 
This way we avoid having to pre-generate the message when it could
theoretically still get modified by a task that follows or from a plugin
via message() hook.
 2022-03-14 10:19:09 +01:00
Tobias Brunner
4980f08548 message: Store original encrypted payload when generating fragments 
If we don't do this, get_plain() will fail after generating the message
fragmented.
 2022-03-14 10:19:09 +01:00
Tobias Brunner
0be0f59fef ikev2: Delay IKE key derivation until next message 
In particular as responder, this delays costly cryptographic operations
until the IKE_AUTH (or the next IKE_INTERMEDIATE) request is received,
which is preferable to reduce the impact of DoS attacks.

Another advantage is that the key material is not changed until all tasks
built or processed a message so e.g. IntAuth can be calculated with the
current keys without issues.
 2022-03-14 10:19:09 +01:00
Andreas Steffen
99aab8fe2a vici: Increase maximum proposal length 2022-03-14 10:19:09 +01:00
Andreas Steffen
fe14a9fb8b oqs: Updated Falcon sig tests to liboqs-0.5.0 2022-03-14 10:19:09 +01:00
Andreas Steffen
bebc19b4ba oqs: Upgraded Dilithium to NIST Round 3.1 2022-03-14 10:19:09 +01:00
Andreas Steffen
e6d193df94 test-vectors: No changes for Saber KE NIST Round 3 tests 2022-03-14 10:19:09 +01:00
Andreas Steffen
b945a1ee2f oqs: Support for HQC key exchange algorithm 2022-03-14 10:19:09 +01:00
Andreas Steffen
14a2596be6 test-vectors: Upgraded Kyber KE tests to NIST Round 3 2022-03-14 10:19:09 +01:00
Andreas Steffen
8190030f1d test-vectors: Upgraded NTRU KE tests to NIST Round 3 2022-03-14 10:19:09 +01:00
Andreas Steffen
38d83d07bc scripts: Fixed NIST KAT scripts 2022-03-14 10:19:09 +01:00
Andreas Steffen
89bba5924c oqs: Support of Falcon signature algorithms 2022-03-14 10:19:09 +01:00
Andreas Steffen
f828c1275d oqs: Complete post-quantum signature support 2022-03-14 10:19:09 +01:00
Andreas Steffen
2fe4a4a4e6 ntru: Removed legacy NTRU key exchange method 2022-03-14 10:19:09 +01:00
Andreas Steffen
4d0c1bf490 newhope: Removed legacy Newhope key exchange method 2022-03-14 10:19:09 +01:00
Andreas Steffen
71bf647d46 bliss: Removed legacy BLISS signatures 2022-03-14 10:19:09 +01:00
Andreas Steffen
8e790fd5a6 oqs: Added signature tests 2022-03-14 10:19:09 +01:00
Andreas Steffen
09fa2cd2eb scripts: Added nist_sig_kat script 2022-03-14 10:19:09 +01:00
Andreas Steffen
2cfc5d5e1e oqs: Postponed freeing of kem object 2022-03-14 10:19:08 +01:00
Andreas Steffen
77a0f681c8 oqs: Support of Dilithium signature algorithms 2022-03-14 10:19:08 +01:00
Andreas Steffen
5e07e97a02 oqs: Update to NIST round 3 KEM candidates 2022-03-14 10:19:08 +01:00
Andreas Steffen
32a13dce39 oqs: Removed BIKE round 1 version including test vectors 2022-03-14 10:19:08 +01:00
Andreas Steffen
274dd9d88b testing: Added ikev2/rw-cert-qske scenario 2022-03-14 10:19:08 +01:00
Andreas Steffen
f92656a5f5 wip: ikev2: Change multi-KE codepoints for testing 2022-03-14 10:19:08 +01:00
Andreas Steffen
45e9bbd221 vici: List additional key exchanges 
Co-authored-by: Tobias Brunner <tobias@strongswan.org>
 2022-03-14 10:19:08 +01:00
Andreas Steffen
eb5a34f783 frodo: FrodoKEM KE method 2022-03-14 10:19:08 +01:00
Andreas Steffen
ec25c4d3a8 oqs: Added post-quantum KEM methods based on liboqs 2022-03-14 10:19:08 +01:00
Andreas Steffen
21257e0251 nist_kem_kat: Added script formating NIST KEM KAT records into ke_test vectors 2022-03-14 10:19:08 +01:00
Andreas Steffen
9e391cb934 test-vectors: Added NIST KEM test vectors 2022-03-14 10:19:08 +01:00
Andreas Steffen
e557629ba8 key-exchange: Joint ke_test_vector format for DH and KEM 
Both Diffie-Hellman (DH) and Key Encapsulation Mechanism (KEM) based
key exchange methods use a common ke_test_vector format. The
set_seed() function is used to provide deterministic private key
material for the crypto tests.
 2022-03-14 10:19:08 +01:00
Andreas Steffen
aa0bc52adb key-exchange: Added NIST round 2 submission KEM candidates 2022-03-14 10:19:08 +01:00
Tobias Brunner
29ccd78ed0 wip: ike-init: Indicate support for IKE_INTERMEDIATE 
wip: Not strictly necessary. I guess we should also add some checks if
the notify was not received.
 2022-03-14 10:19:08 +01:00
Tobias Brunner
91a667ddfc proposal: Prevent selection of duplicate key exchange methods 
All additional (and the initial) key exchanges must use a different method.
 2022-03-14 10:19:08 +01:00
Tobias Brunner
5cee4a9322 proposal: Add helper to check if additional key exchanges are contained 2022-03-14 10:19:08 +01:00
Tobias Brunner
e9a3a99f20 proposal: Accept NONE for additional key exchanges also for IKE proposals 2022-03-14 10:19:08 +01:00