summaryrefslogtreecommitdiff
path: root/sbin/iked/crypto.c
AgeCommit message (Expand)Author
2023-08-04Convert calls to ibuf_length() where it is clear that the ibuf is notClaudio Jeker
2023-07-28Use ibuf_data() instead of accessing the ibuf buf pointer directly.Claudio Jeker
2023-06-06Use ibuf_seek() instead of ibuf_data() + offset constructs. Effect isClaudio Jeker
2023-05-23Replace ibuf_release() with ibuf_free() since the former just calls the latterClaudio Jeker
2023-03-30i2d_ECDSA_SIG() may return a negative value in case of error.Alexander Bluhm
2022-11-30Switch idiom of d2i_ECDSA_SIG() invocationTheo Buehler
2022-11-07Free objects that were dynamically allocated in libcrypto with OPENSSL_free().Tobias Heider
2021-12-13Cleanup libcrypto memory management. Remove redundant NULL checksTobias Heider
2021-12-01whitespace cleanup during review readTheo de Raadt
2021-11-29sys/param.h was included for MAX(), MIN() and roundup(). make localTheo de Raadt
2021-11-18iked: replace a conditional EVP_CIPHER_CTX_cleanup() + free() stanzaTheo Buehler
2021-11-18Check if encoding works in dsa_init(). This avoids calling fatal()Tobias Heider
2021-02-25Constify cipher API.tobhe
2021-02-04Upgrade to OpenSSL 1.1 compatible crypto API. Add additionaltobhe
2021-01-26Add support for RSA-PSS PKCS1 signatures. Don't enable them bytobhe
2020-12-06Add support for RSASSA-PSS signature verification (RFC 7427).tobhe
2020-12-03Fix type mismatch. auth_method should be uint8_t.tobhe
2020-11-26Use a counter instead of random IV for AES-GCM. Security depends ontobhe
2020-05-26Add AES-GCM mode ciphers (IANA IDs 19 and 20) for IKEv2.tobhe
2020-05-14Stricter return value checking for EVP_Cipher* calls.tobhe
2020-04-22Fix leaks in signature validation.tobhe
2020-04-20Remove unused 'dsa_cert' variable.tobhe
2020-04-08Prevent multiple ibuf leaks. Clean up on proccess shutdown.tobhe
2020-02-14Switch from EVP_SignInit_ex() to the newer EVP_DigestSignInit()tobhe
2017-08-28fix char ** to const char ** conversion warning; ok mikeb@Otto Moerbeek
2017-03-27spacingReyk Floeter
2017-03-27Add support for RFC4754 (ECDSA) and RFC7427 authentication.Reyk Floeter
2015-10-31RFC4754 specifies ECDSA-521 (sic), not -512. ok reyk@Christian Weisgerber
2015-08-21Switch iked to C99-style fixed-width integer types.Reyk Floeter
2015-08-19spacing (no binary change, verified with checksums)Reyk Floeter
2015-03-26initial support for RFC 7427 signatures, so we are no longerMarkus Friedl
2015-01-16Replace <sys/param.h> with <limits.h> and other less dirty headers whereTheo de Raadt
2014-07-10add additional includes required to build with -DOPENSSL_NO_DEPRECATEDJonathan Gray
2014-02-17Fix compiler warnings in the format strings: use %zd for ssize_t andReyk Floeter
2014-01-24don't leak prv RSA key for each signature; ok mikebMarkus Friedl
2013-12-04Use EVP_sha1 directly instead of doing the EVP_get_digestbyname lookup.Mike Belopuhov
2013-11-14pass caller to ca_sslerror for better error messages; ok mikebMarkus Friedl
2013-01-08Remove private CVS tag from an obsolete repository and bump copyrightReyk Floeter
2012-12-15Plug two memory leaks when cleaning up the dh/dsa crypto structures.Reyk Floeter
2012-09-18update email addresses to match reality.Reyk Floeter
2011-08-27Under certain circumstances iked can be tricked to bypass a signatureMike Belopuhov
2010-12-21fixup log_warn and log_debug arguments; ok reykMike Belopuhov
2010-11-08fixup number rounding; ok reykMike Belopuhov
2010-09-30disable padding correctly. therefore we no longer need to supplyMike Belopuhov
2010-06-14fix block length for AESReyk Floeter
2010-06-03Import iked, a new implementation of the IKEv2 protocol.Reyk Floeter
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-29 18:04:58 +0000