DeforaNetworks/fwknop
3
0
Fork 0
Code Releases Activity
953 Commits 15 Branches 0 Tags
fcac5ca413df89e2e766e3a78554ada1564bfaed
Commit Graph

953 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Michael Rash
fcac5ca413 [test suite] minor encryption key variable name update 2013-04-02 07:48:17 -04:00
Michael Rash
98d5b6d8a0 added 'legacy' initialization vector text to man pages 2013-04-02 07:47:20 -04:00
Michael Rash
9ee21aae12 Merge branch 'hmac_support' of ssh://192.168.10.1/home/mbr/git/bare_repos/fwknop into hmac_support 2013-03-29 20:45:30 -04:00
Michael Rash
fb18b778d1 added test/fko-python.py test script 2013-03-29 20:44:48 -04:00
Michael Rash
08c9cc0938 HMAC function rename for consistency 
Make sure that HMAC function names conform to previously established get_*,
set_* naming convention.
 2013-03-29 20:42:44 -04:00
Michael Rash
d6b4a2a1c3 added fuzzing tests for long Rijndael and HMAC keys 2013-03-28 20:42:12 -04:00
Michael Rash
6ecf6514c9 Enforce Rijndael and HMAC key length maximum sizes 
This commit fixes a couple of overflow conditions for Rijndael and HMAC keys
that are larger than anticipated maximums.  In the case of Rijndael, PKCS#5 1.5
is supported up to key sizes of 32 bytes or smaller (and maintains compatibility
with OpenSSL, and future versions will support PKCS#5 2.0 (PBKDF2) while allowing
for larger key sizes.  HMAC keys may be up to 128 bytes even for digest
algorithms such as SHA256 that have block sizes that are smaller than this.
 2013-03-24 21:04:18 -04:00
Michael Rash
08ab1cf8e1 remove execute bit 2013-03-23 08:56:22 -04:00
Michael Rash
6b845cce43 remove execute bit 2013-03-23 08:53:48 -04:00
Michael Rash
6ca996a173 [test suite] minor spacing update 2013-03-22 22:34:10 -04:00
Michael Rash
112dc6959e Merge remote-tracking branch 'fjoncourt/hmac_support' into hmac_support 2013-03-21 21:58:05 -04:00
Michael Rash
42cfc58e20 [perl FKO] add HMAC support along with test suite HMAC verification (closes #16) 2013-03-21 21:55:18 -04:00
Michael Rash
d677e18e25 minor ChangeLog wording update for HMAC section 2013-03-21 21:48:38 -04:00
Franck Joncourt
11ba153832 Merge remote-tracking branch 'upstream/hmac_support' into hmac_support 2013-03-20 22:33:45 +01:00
Franck Joncourt
4b63181387 Updated fwknop documentation. 2013-03-20 22:31:58 +01:00
Franck Joncourt
b6bd8a8e8c Fixed issue when trying to save options for a new stanza. 2013-03-20 21:38:52 +01:00
Michael Rash
49c956dafc [test suite] added two basic tests for installation and operations of the python fko extension 2013-03-19 21:23:36 -04:00
Michael Rash
b92fcce648 [python extension] minor function name updates 2013-03-19 21:22:32 -04:00
Michael Rash
8c3cab0269 [python extension] update key_gen() parse tuple format arg to handle hmac_type integer 2013-03-19 21:15:45 -04:00
Michael Rash
e4689892ef [client] minor http resolve update to include URL in error output 2013-03-19 21:09:11 -04:00
Michael Rash
ab40e30022 minor typo fix 2013-03-18 21:49:00 -04:00
Franck Joncourt
d8090a8143 Allowed an fwknoprc stanza (-n) to be overriden by arguments from the command line. 
Added a sanity check to make sure the -n option is used with the --save-rc-stanza option.
 2013-03-18 22:06:31 +01:00
Michael Rash
817a719a9c [python module] update fko_new_with_data() call to include hmac_type 2013-03-17 23:03:48 -04:00
Michael Rash
92af5b53be Merge remote-tracking branch 'fjoncourt/python_binding' into hmac_support 2013-03-17 23:02:57 -04:00
Michael Rash
247edec004 minor hmac prototype update to add const qualifier 2013-03-17 22:48:29 -04:00
Michael Rash
066e90d955 [test suite] added hmac_force_nat_access.conf file to Makefile.am 2013-03-17 22:42:52 -04:00
Michael Rash
c7b5611fa4 Merge remote-tracking branch 'fjoncourt/hmac_support' into hmac_support 
Significant merge from Franck Joncourt to add the ability to save command line
args to ~/.fwknoprc stanzas.  This merge is in support of #4.

Conflicts:
	lib/fko_util.c
	lib/fko_util.h
 2013-03-17 21:34:23 -04:00
Franck Joncourt
d299f1de66 Add ne wdirective to setup.py in order to be able to build the python binding 
without having libfko installed on the system.
 2013-03-17 12:03:07 +01:00
Michael Rash
7e784df387 [server] allow long Rijndael command messages 
This change allows SPA clients to include long messages in command mode and
generally allows decryption operations to dictate success/failure instead of
SPA packet length to gate decryption attempts.  Closes #40.
 2013-03-16 14:43:15 -04:00
Michael Rash
1de5e370e1 [test suite] added 'server_conf' hash key verification 2013-03-16 14:40:08 -04:00
Michael Rash
4bdb71315a [client] --nat-rand-port bug fix 
Bug fix for --nat-rand-port mode to ensure that the port to be
NAT'd is properly defined so that the fwknopd server will NAT
connnections to this port instead of applying the NAT operation to the
port that is to be accessed via -A.  This change also prints the
randomly assigned port to stdout regardless of whether --verbose mode is
used (since it not then the user will have no idea which port is
actually going to be NAT'd on the fwknopd side).
 2013-03-16 14:38:20 -04:00
Michael Rash
253ccb7cea added encryption type/mode and message type string representations for FKO context diplay output 2013-03-14 22:26:44 -04:00
Franck Joncourt
b9046df64d Remove useless comment. 2013-03-14 22:39:36 +01:00
Franck Joncourt
212075094c Added the possibility to parse only sedction in a fwknoprc file and 
not only the whole file - more.
 2013-03-14 22:16:37 +01:00
Franck Joncourt
366536055f Added the possibility to parse only sedction in a fwknoprc file and not only the whole file 2013-03-13 07:13:50 +01:00
Michael Rash
aa36f3ffee bug fix to remove hmac_sha512_long_key_access.conf file (doesn't exist) from Makefile.am 2013-03-12 23:25:53 -04:00
Michael Rash
3ef3ab29c8 [test suite] 'key_file' hash key update for HMAC SHA384 test 2013-03-12 23:20:12 -04:00
Michael Rash
0b9f25362e [test suite] minor bug fix for HMAC SHA384 default key test rc file path 2013-03-12 23:10:09 -04:00
Michael Rash
9e32cdd6d9 [test suite] added files to Makefile.am and added a test to verify this 2013-03-12 22:50:37 -04:00
Michael Rash
55d188ed1f [test suite] added HMAC key tests 2013-03-12 22:18:43 -04:00
Michael Rash
fe22423a44 [libfko] bug fix to maintain OpenSSL compatibility for HMAC keys longer than associated block size 2013-03-12 22:17:41 -04:00
Michael Rash
402a545cb2 convert standard hmac access.conf file for HMAC SHA512 to use key size of 128 bytes 2013-03-11 23:12:56 -04:00
Michael Rash
bf6cc6c605 --key-gen bug fix to allow --key-len and --hmac-key-len values to apply to generated key lengths 2013-03-11 23:02:07 -04:00
Michael Rash
02d0255a7c update base64 key char arrays to use MAX_B64_KEY_LEN macro 2013-03-11 22:55:00 -04:00
Michael Rash
6478d2b892 minor fix to remove extraneous memset() call 2013-03-11 22:54:10 -04:00
Michael Rash
70c17be916 added MAX_B64_KEY_LEN for full length SHA512 keys 2013-03-11 22:50:02 -04:00
Michael Rash
4ef2a1ec57 fix fko_new_with_data() call to include the hmac type 2013-03-11 22:41:08 -04:00
Michael Rash
6e7a56067b [perl FKO module] add hmac_type to fko_new_with_data() calls 2013-03-11 21:13:20 -04:00
Michael Rash
343bd449d4 HMAC MD5 bug fix to ensure to set the MD5 block length to 64 2013-03-10 21:59:39 -04:00
Michael Rash
bd2af22691 [test suite] set HMAC_DIGEST_TYPE to md5 for HMAC MD5 test 2013-03-10 21:58:52 -04:00