xfnw/plan9fox
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
5434 commits 1 branch 0 tags 118 MiB
Commit graph

28 commits

Author SHA1 Message Date
cinap_lenrek
1492f46f87 libsec: add scrypt password based key derivation function 2016-07-10 21:41:57 +02:00
cinap_lenrek
2fa4c8ef66 libsec: implement elliptic curve group operations in jacobian coordinate system 2016-04-20 20:09:59 +02:00
cinap_lenrek
aa6673fcfb add portable AES-GCM (Galois/Counter Mode) implementation to libsec and devtls 2016-03-23 02:45:35 +01:00
cinap_lenrek
4a92397236 libsec: have 16 32-bit words in DigestState to avoid out of bounds warnings for poly1305 2016-02-28 09:09:41 +01:00
cinap_lenrek
a291bbdedd libsec: ecdsa client support for tlshand, cleanups 2016-02-01 21:34:49 +01:00
cinap_lenrek
7cf11db685 libsec: add salsa20 stream cipher 2016-01-19 12:50:33 +01:00
cinap_lenrek
39f18c9d88 libsec: implement TLS-PSK for tlsClient()/tlsServer() 2015-12-25 17:05:05 +01:00
cinap_lenrek
254031cf70 libsec: add chacha20 poly1305 aead, allow 64 bit iv's for chacha, add tsmemcmp() 
chacha20 comes in two variants: ietf rfc7539, using 96 bit iv and 32 bit counter
and draft-agl-tls-chacha20poly1305 using 64 bit iv and a 64 bit counter. so
setupChachastate() now takes a ivlen argument which sets the mode.

add ccpoly_encrypt()/ccpoly_decrypt() routines.

to implement timing safe ccpoly_decrypt(), a constant time memcmp was needed, so
adding tsmemcmp() to libsec.
 2015-11-26 15:25:10 +01:00
cinap_lenrek
847f3a0cf5 libsec: add chacha cipher (from charles forsyth) 2015-10-22 07:48:26 +02:00
cinap_lenrek
7effba9d98 libsec: add poly1305 2015-10-22 07:17:25 +02:00
cinap_lenrek
c3e1c158f6 libsec: implement dh parameter signature verification, stop lying about non-rsa ciphers, fix memory leaks in X509 code 
actually verify the diffie hellman parameter signature, this
comes in two flavours. TLS1.2 uses X509 signature with a
single hash specified by the signature algorithm field in
the signature itself and pre TLS1.2 where md5+sha1 hashes
of the signed blob are pkcs1 padded and encrypted with the
rsa private key.

stop advertizing non-rsa cipher suits (DSS and ECDSA), as
we have not implmenented them.

fix some memory leaks in X509 code while we'r at it.
 2015-09-22 18:10:52 +02:00
cinap_lenrek
7ed22aaeec libsec: add rfc5869 hmac-based key derivation function hkdf_x() 2015-09-02 11:30:17 +02:00
cinap_lenrek
b749f36baa libsec: generalize pbkdf2_hmac_sha1() to pbkdf2_x() passing the hmac as an argument 2015-09-02 11:28:11 +02:00
cinap_lenrek
b5737e8726 libsec: add curve25519 diffie hellman 2015-09-01 21:38:20 +02:00
cinap_lenrek
e3a64494e7 libsec: remove flawed aes() digest and hmac_aes() implementations (thanks aiju) 2015-09-01 21:35:43 +02:00
cinap_lenrek
0e51046942 libsec: add curve25519() from http://code.google.com/p/curve25519-donna/ 
this is a portable version of curve25519() by google.
 2015-08-28 12:08:54 +02:00
cinap_lenrek
3bb0b9f4ea libsec: add q parameter to dh_new() for subgroup support, sanitize dh parameters 2015-08-26 05:59:42 +02:00
glenda
c4fdc6bfdb fix fuckup 2015-08-25 09:35:10 +00:00
mischief
6b402b83cf import E script from bell labs 2015-08-25 02:07:46 -07:00
cinap_lenrek
a40c4006d2 libsec: add pbkdf2_hmac_sha1() (from wpapsk factotum module) 2015-08-20 00:45:08 +02:00
cinap_lenrek
40360a992d libsec: implement tlsClient support for RFC6066 server name identification (SNI) 
tlsClient() now can optionally send the server_name in the ClientHello
message by setting the TLSconn.serverName. This is required for some
https sites.
 2015-05-21 02:26:57 +02:00
cinap_lenrek
12bb7bcfff libsec: remove aesCTRencrypt()/aesCTRdecrypt() (thanks mischief and qrstuv) 
as mischief and qrstuv point out, these functions are not very usefull
and are even implemented wrong (incrementCTR()), so deleting the code.
 2015-04-29 02:58:10 +02:00
cinap_lenrek
6c68876db6 libsec: add diffie-hellman functions 2014-09-14 02:29:18 +02:00
aiju
d2357e6961 added ecdsa to factotum 2012-06-06 16:43:15 +02:00
aiju
005248b4c5 added elliptic curve stuff and RIPEMD-160 2012-06-04 11:50:37 +02:00
taruti
9655db2550 devfs crypto code - alpha version 2011-05-24 22:19:33 +00:00
Taru Karttunen
a9060cc06b Import sources from 2011-03-30 iso image - lib 2011-03-30 19:35:09 +03:00
Taru Karttunen
c558a99e0b Import sources from 2011-03-30 iso image - sys/include 2011-03-30 16:47:56 +03:00