Age | Commit message (Collapse) | Author | |
---|---|---|---|
2013-10-28 | Organize method and protocol source files into distinct source directories | Matthias Schiffer | |
2013-08-28 | ec25519: ensure old sessions are invalidated quickly after a new one has ↵ | Matthias Schiffer | |
been established | |||
2013-08-27 | Introduce new log level debug2 for potentially very frequent messages | Matthias Schiffer | |
2013-08-20 | Prevent zero-before-free operations from being optimized out | Matthias Schiffer | |
2013-08-20 | Fix lots of -Wextra warnings | Matthias Schiffer | |
Everything clang and GCC warn about, except GCC's missing-field-initializers which are just stupid as they don't allow {} syntax to zero a field. | |||
2013-08-08 | aes128-gcm: don't restore buffer on verification failure | Matthias Schiffer | |
The buffer descriptor is a local variable and no buffer data is changed, so there is nothing to restore before returning | |||
2013-03-02 | Print error message on aborts due to buffer push/pull errors | Matthias Schiffer | |
2013-02-23 | Subtract splay time to key refresh interval | Matthias Schiffer | |
A random splay time of up to 5 minutes will ensure that simultaneous handshakes with many peers are desynchronized as fast as possible. | |||
2013-01-21 | Add error message for OOM on buffer alloc | Matthias Schiffer | |
2013-01-05 | Adjust copyright years | Matthias Schiffer | |
2012-12-18 | Convert type names to _t convention | Matthias Schiffer | |
2012-11-01 | Move unistd.h include to fastd.h | Matthias Schiffer | |
2012-09-21 | Nicely encapsulate different crypto algorithm implementations | Matthias Schiffer | |
2012-09-16 | Fix alignment for NaCl's core2 assembler implementation of AES128-CTR | Matthias Schiffer | |
2012-09-15 | Use inline function for alignment | Matthias Schiffer | |
2012-09-15 | Add support for kernel AES implementations | Matthias Schiffer | |
This gives AES128 a slight boost on my system, but it is still slower than XSalsa20... I should probably write userspace code that can make use of AES-NI and CLMUL. Or directly jump to the kernel space with the whole forwarding code. Nevertheless, this might run nicely on Geode CPUs and similar hardware with AES acceleration, at least if the context switches aren't too expensive... | |||
2012-09-15 | Add support for using kernel implementations of GHASH | Matthias Schiffer | |
This doesn't really improve performance on my Intel CPU (I guess due to the context switches), but more tests have to be made, in combination with offloading the AES to the kernel as well, and on different hardware. | |||
2012-09-15 | Rework some parts of the AES128-GCM method | Matthias Schiffer | |
These changes improve the performance of the AES128-GCM method by ~10% on my Intel CPU when compiled with -O2. Furthermore, the AES and the GHASH parts are separated now, allowing to switch to other implementations of the algorithms more easily. | |||
2012-09-14 | Critical: fix various problems in the AES128-GCM method | Matthias Schiffer | |
There were several bugs in the code that were severely lowering the expected security and completely breaking compatiblity with alternative implementations. The fixed version is checked against the test vectors specified in [1], and should thus be correct. [1] http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/gcm/gcm-revised-spec.pdf | |||
2012-06-27 | Remove unneeded size bytes from GCM to suppress warnings | Matthias Schiffer | |
2012-06-27 | Implement GCM with lookup table | Matthias Schiffer | |
2012-06-27 | Optimized GCM implementation | Matthias Schiffer | |
2012-06-27 | Primitive aes128-gcm implementation | Matthias Schiffer | |