68f2197cf5
Use <cpuid.h>
...
fastd will segfault in valgrind otherwise (O_o)
2013-11-29 06:33:54 +01:00
3cd025bb17
generic-gmac: use HKDF expansion instead of the stream cipher to generate H
2013-11-29 06:18:26 +01:00
f04696e745
Reorder check: avoid undefined behaviour due to negative or to long shifts
2013-11-29 06:03:33 +01:00
30016f8c82
HKDF: add a forgotten const qualifier
2013-11-29 05:50:28 +01:00
61349d3d27
Compile with -std=c99 and restructure some code to ensure there is no invalid aliasing (hopefully)
2013-11-29 05:35:49 +01:00
c13fe36e4c
ghash-pclmulqdq: fix one left usage of a __builtin pclmulqdq instead of the _mm version
2013-11-28 22:39:26 +01:00
337d9e4787
ghash-pclmulqdq: rework implementation to allow both GCC and Clang to generate fast code
2013-11-28 22:36:41 +01:00
54c3e6adf0
ghash-pclmulqdq: make byteswap a macro
...
For some reason, this allows clang to optimize the code much better.
2013-11-28 19:58:58 +01:00
793c8db37c
ghash-pclmulqdq: speed up multiplication using the Karatsuba algorithm
2013-11-28 05:41:46 +01:00
ac55a91fe9
Add a pclmulqdq ghash implementation
2013-11-28 04:31:25 +01:00
ca49096f5d
Add CPUID function
2013-11-28 04:30:58 +01:00
7a08e6823e
Allow checking if a crypto algorithm is available at runtime
2013-11-27 20:53:00 +01:00
ba5abca808
Add OpenSSL-based aes128-ctr implementation
2013-11-27 20:28:16 +01:00
2f516f9cea
Correctly initialize OpenSSL
2013-11-27 19:55:54 +01:00
c62a0f592c
Move crypto algorithm information out of implementation
2013-11-25 23:18:11 +01:00
60c2c11de8
Move cipher and mac structures to a new header
2013-11-25 21:30:36 +01:00
c58ad42228
Add a new generic-gmac method
2013-11-25 17:06:41 +01:00
3fdec78db3
Rename generic-gmac method to composed-gmac
2013-11-25 16:53:29 +01:00
75e0885594
Add salsa20/12 cipher
2013-11-21 19:22:37 +01:00
08892cdc54
Add salsa20 cipher
2013-11-21 18:39:12 +01:00
c6cce0f5aa
Replace max_packet_size functions by a max_overhead field
2013-11-20 02:17:15 +01:00
b5112ff67f
Slightly simplify method/cipher/MAC definitions
2013-11-20 01:51:12 +01:00
9bb8a04e28
Add generic-poly1305 method
2013-11-20 01:26:04 +01:00
a97526d3d3
generic-gmac: some code simplifications
2013-11-18 21:16:40 +01:00
e29241e784
Add cipher-test method to measure the raw performance of a cipher
2013-11-18 21:09:09 +01:00
3fa0b84824
generic-gmac: don't access invalid pointer for the reorder check with null cipher
2013-11-18 21:08:46 +01:00
bfca35f657
blowfish-ctr: formatting fixes
2013-11-18 04:00:38 +01:00
33aa647d94
Remove OpenSSL-based blowfish implementation
...
It doesn't have any advantages over the builtin one.
2013-11-18 03:55:17 +01:00
7476dc0e9a
secure_memzero all cipher and MAC states
2013-11-18 03:53:37 +01:00
3e8e646b91
Some work towards a composable GMAC method
2013-11-18 03:49:25 +01:00
190878060d
generic-gcm: the method state itself doesn't hold any keys anymore, so we don't need to secure_memzero it
2013-11-18 03:49:18 +01:00
af90494cf1
generic-gcm: cipher_get returns a boolean
2013-11-18 03:49:18 +01:00
d646bd0332
Add null cipher
2013-11-17 21:13:55 +01:00
b4c9ab9a81
Revert bytewise ghash implementation
...
The performance gain is negligible, and OpenSSL avoids a bytewise implementation
to mitigate timing attacks.
This reverts commits d4916544291b06460aa9
2013-11-17 11:43:06 +01:00
1b06460aa9
ghash: builtin: use bytewise lookup table
2013-11-16 22:13:38 +01:00
d491654429
Add "tiny" copy of the builtin ghash implementation
2013-11-16 21:52:20 +01:00
db22981936
fastd_buffer_alloc: fix output of error message if posix_memalign fails
2013-11-16 20:05:42 +01:00
7bef106e82
aes128-ctr: allocate only one piece of memory for the key state
2013-11-16 20:01:58 +01:00
bc9addd994
generic-gcm: fix a GCC uninitialized-use warning
2013-11-16 17:27:47 +01:00
00e4aab6d1
blowfish-ctr: some optimizations to the builtin implementation
2013-11-16 17:23:22 +01:00
3d00ddf296
Allow using blowfish from OpenSSL on systems where it's available anyways
2013-11-15 21:52:45 +01:00
efdd366144
config: move check for no configured method
...
First check all error conditions before getting to the warnings (this is
important for --generate-key).
Also, downgrade the exit_bug to exit_error if method `null' is not supported.
2013-11-15 05:49:37 +01:00
0504f57c91
methods/common: decrease nonce length to 6, add flags byte
2013-11-15 05:44:02 +01:00
bef39b7283
Ensure sessions are invalidated before the nonce wraps
...
While it isn't realistic for the nonce to wrap in less than one hour, it's
better to check for this.
2013-11-14 23:16:43 +01:00
b05b3f3235
Move test for initiator in the session refresh check from protocol to method
2013-11-14 21:13:58 +01:00
2fb08c6455
CMake: add LINK_LIBRARIES workaround for old CMake versions
2013-11-07 18:09:32 +01:00
d971fce38b
CMake: really avoid target_include_directories
2013-11-07 17:53:30 +01:00
5cea3ff829
CMake: avoid target_include_directories command to stay compatible with CMake 2.8.9
2013-11-07 17:49:55 +01:00
bbd42ca7a9
blowfish-ctr: use the whole 56-byte key
2013-11-06 15:07:53 +01:00
cb42b5b1fa
Generalize cipher/MAC key/IV lengths
2013-11-05 16:29:57 +01:00
