sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-04 00:00:14 -04:00
Code Issues Projects Releases Wiki Activity
18,340 Commits 101 Branches 327 Tags
Commit Graph

18340 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andreas Steffen
89e3b6d6e1 Version bump to 6.0dr15 6.0dr15 2022-04-29 09:53:43 +02:00
Tobias Brunner
9bd32e8d6e ikev2: Update IntAuth calculation to the latest draft version 
Instead of concatenating the IntAuth values of all IKE_INTERMEDIATE
messages, this only requires two PRF-sized values for all exchanges,
plus the message ID of the first IKE_AUTH exchange.  The latter is a
safe-guard against potential truncation attacks if IKE_INTERMEDIATE
exchanges are not used for multiple key exchanges but some other future
use where the number of exchanges might not depend on the selected
proposal.
 2022-04-29 09:51:27 +02:00
Tobias Brunner
76bf6abe1a ikev2: Reject IKE_INTERMEDIATE requests after IKE_AUTH 
We currently only support these exchanges for additional key exchanges,
so once we have the final keys derived and the ike-init task is removed,
we don't expect any more of them.
 2022-04-29 09:51:27 +02:00
Tobias Brunner
c91b1274b3 unit-tests: Allow configuring log levels for individual groups 2022-04-29 09:51:27 +02:00
Tobias Brunner
d35300ce23 debug: Support configuring different log levels for groups in default logger 2022-04-29 09:51:27 +02:00
Andreas Steffen
fba086fd2b oqs: Included version 4.1 of BIKE Round 3 (L1 and L3) 
Requirement: liboqs-0.7.0
 2022-04-29 09:51:27 +02:00
Tobias Brunner
73439707b6 wolfssl: Move shared secret calculation to get_shared_secret() 
The ECDH implementation gets a bit simpler since we removed the
ecp_x_coordinate_only option a while ago.

Also added calls to verify public keys.
 2022-04-29 09:51:27 +02:00
Tobias Brunner
6ae51d35d0 pkcs11: Move shared secret calculation to get_shared_secret() 2022-04-29 09:51:27 +02:00
Tobias Brunner
e24e14a67a gcrypt: Move shared secret calculation to get_shared_secret() 2022-04-29 09:51:27 +02:00
Tobias Brunner
586e55f5d5 curve25519: Move shared secret calculation to get_shared_secret() 2022-04-29 09:51:27 +02:00
Tobias Brunner
bc36e255e7 botan: Move shared secret calculation to get_shared_secret() 2022-04-29 09:51:27 +02:00
Tobias Brunner
156e391192 gmp: Move shared secret calculation to get_shared_secret() 
This avoids doing costly operations when just setting the public key.
For the same reason the optional extended public key check is moved.
 2022-04-29 09:51:27 +02:00
Tobias Brunner
aa13feb3bf key-exchange: Warn about costly operations in set_public_key() 2022-04-29 09:51:27 +02:00
Tobias Brunner
12fc5f62b0 ike-auth: Move packet collection to post_build() method 
This way we avoid having to pre-generate the message when it could
theoretically still get modified by a task that follows or from a plugin
via message() hook.
 2022-04-29 09:51:27 +02:00
Tobias Brunner
8047b9becb message: Store original encrypted payload when generating fragments 
If we don't do this, get_plain() will fail after generating the message
fragmented.
 2022-04-29 09:51:27 +02:00
Tobias Brunner
351aefa891 ikev2: Delay IKE key derivation until next message 
In particular as responder, this delays costly cryptographic operations
until the IKE_AUTH (or the next IKE_INTERMEDIATE) request is received,
which is preferable to reduce the impact of DoS attacks.

Another advantage is that the key material is not changed until all tasks
built or processed a message so e.g. IntAuth can be calculated with the
current keys without issues.
 2022-04-29 09:51:27 +02:00
Andreas Steffen
ab94c31cda vici: Increase maximum proposal length 2022-04-29 09:51:27 +02:00
Andreas Steffen
042ecac221 oqs: Updated Falcon sig tests to liboqs-0.5.0 2022-04-29 09:51:27 +02:00
Andreas Steffen
2e5abed9c6 oqs: Upgraded Dilithium to NIST Round 3.1 2022-04-29 09:51:27 +02:00
Andreas Steffen
37c153b52a test-vectors: No changes for Saber KE NIST Round 3 tests 2022-04-29 09:51:27 +02:00
Andreas Steffen
374217628e oqs: Support for HQC key exchange algorithm 2022-04-29 09:51:27 +02:00
Andreas Steffen
f10d73c7bb test-vectors: Upgraded Kyber KE tests to NIST Round 3 2022-04-29 09:51:27 +02:00
Andreas Steffen
2c3e7b31f3 test-vectors: Upgraded NTRU KE tests to NIST Round 3 2022-04-29 09:51:27 +02:00
Andreas Steffen
2f3c4fac25 scripts: Fixed NIST KAT scripts 2022-04-29 09:51:27 +02:00
Andreas Steffen
42b5b5fd55 oqs: Support of Falcon signature algorithms 2022-04-29 09:51:27 +02:00
Andreas Steffen
80b898c425 oqs: Complete post-quantum signature support 2022-04-29 09:51:27 +02:00
Andreas Steffen
a89f380cf1 ntru: Removed legacy NTRU key exchange method 2022-04-29 09:51:27 +02:00
Andreas Steffen
5b99043bed newhope: Removed legacy Newhope key exchange method 2022-04-29 09:51:27 +02:00
Andreas Steffen
143c438171 bliss: Removed legacy BLISS signatures 2022-04-29 09:51:27 +02:00
Andreas Steffen
1942281d3c oqs: Added signature tests 2022-04-29 09:51:27 +02:00
Andreas Steffen
eaa8ee5a1f scripts: Added nist_sig_kat script 2022-04-29 09:51:27 +02:00
Andreas Steffen
d8ab5fe793 oqs: Postponed freeing of kem object 2022-04-29 09:51:27 +02:00
Andreas Steffen
62761b129e oqs: Support of Dilithium signature algorithms 2022-04-29 09:51:27 +02:00
Andreas Steffen
6762e6c447 oqs: Update to NIST round 3 KEM candidates 2022-04-29 09:51:27 +02:00
Andreas Steffen
1bd6dae7e4 oqs: Removed BIKE round 1 version including test vectors 2022-04-29 08:46:33 +02:00
Andreas Steffen
4d4fb385c4 testing: Added ikev2/rw-cert-qske scenario 2022-04-29 08:46:33 +02:00
Andreas Steffen
e62d5a8019 wip: ikev2: Change multi-KE codepoints for testing 2022-04-29 08:46:33 +02:00
Andreas Steffen
f812c05356 vici: List additional key exchanges 
Co-authored-by: Tobias Brunner <tobias@strongswan.org>
 2022-04-29 08:46:33 +02:00
Andreas Steffen
0fea978b6f frodo: FrodoKEM KE method 2022-04-29 08:46:33 +02:00
Andreas Steffen
4ca41de368 oqs: Added post-quantum KEM methods based on liboqs 2022-04-29 08:46:33 +02:00
Andreas Steffen
75669fdad1 nist_kem_kat: Added script formating NIST KEM KAT records into ke_test vectors 2022-04-29 08:46:33 +02:00
Andreas Steffen
29ddfb1dcd test-vectors: Added NIST KEM test vectors 2022-04-29 08:46:33 +02:00
Andreas Steffen
2e12f165e1 key-exchange: Joint ke_test_vector format for DH and KEM 
Both Diffie-Hellman (DH) and Key Encapsulation Mechanism (KEM) based
key exchange methods use a common ke_test_vector format. The
set_seed() function is used to provide deterministic private key
material for the crypto tests.
 2022-04-29 08:46:33 +02:00
Andreas Steffen
84e799a636 key-exchange: Added NIST round 2 submission KEM candidates 2022-04-29 08:46:33 +02:00
Tobias Brunner
97242c1bb7 wip: ike-init: Indicate support for IKE_INTERMEDIATE 
wip: Not strictly necessary. I guess we should also add some checks if
the notify was not received.
 2022-04-29 08:46:33 +02:00
Tobias Brunner
5607099a93 proposal: Prevent selection of duplicate key exchange methods 
All additional (and the initial) key exchanges must use a different method.
 2022-04-29 08:46:33 +02:00
Tobias Brunner
b16c608d1d proposal: Add helper to check if additional key exchanges are contained 2022-04-29 08:46:33 +02:00
Tobias Brunner
44da32336d proposal: Accept NONE for additional key exchanges also for IKE proposals 2022-04-29 08:46:33 +02:00
Tobias Brunner
cd82b93ecc unit-tests: Add tests for CHILD_SA rekeying with multiple key exchanges 2022-04-29 08:46:33 +02:00
Tobias Brunner
90aa732f30 unit-tests: Add tests for CHILD_SA creation with multiple key exchanges 2022-04-29 08:46:33 +02:00