aboutsummaryrefslogtreecommitdiffstats
Commit message (Expand)AuthorAgeFilesLines
...
* plugin-loader: Increase log level for warning about plugin features that fail...Tobias Brunner2015-03-091-3/+3
* tls-peer: Make sure to use the right trusted public key for peerTobias Brunner2015-03-091-4/+8
* pkcs11: Convert RFC 3279 ECDSA signatures when verifyingTobias Brunner2015-03-091-4/+33
* pkcs11: Properly encode RFC 3279 ECDSA signaturesTobias Brunner2015-03-091-2/+19
* pkcs11: Properly encode EC_POINTs created on a tokenTobias Brunner2015-03-091-5/+8
* pkcs11: Properly handle EC_POINTs returned as ASN.1 octet stringTobias Brunner2015-03-091-1/+43
* Updated products in imv databaseAndreas Steffen2015-03-081-0/+137
* attest: output trusted flag and device descriptionAndreas Steffen2015-03-081-8/+10
* Make access requestor IP address available to TNC serverAndreas Steffen2015-03-0824-244/+550
* testing: Update modified updown scripts to the latest templateTobias Brunner2015-03-0614-2589/+993
* Remove obsolete _updown_espmark scriptTobias Brunner2015-03-064-441/+1
* _updown: Remove obsolete stuff from default scriptTobias Brunner2015-03-061-192/+7
* ikev1: Set protocol ID and SPIs in INITIAL-CONTACT notification payloadsTobias Brunner2015-03-061-2/+13
* x509: Use subjectKeyIdentifier provided by issuer cert when checking CRL issuerTobias Brunner2015-03-061-18/+15
* kernel-pfkey: Add option to set receive buffer size of event socketTobias Brunner2015-03-063-0/+21
* use SHA512 for moon's BLISS signatureAndreas Steffen2015-03-042-2/+3
* Merge branch 'ikev2-signature-authentication'Tobias Brunner2015-03-0484-191/+1411
|\
| * NEWS: Introduce RFC 7427 signature authenticationTobias Brunner2015-03-041-0/+13
| * man: Add documentation about IKEv2 signature schemesTobias Brunner2015-03-041-0/+15
| * testing: Test classic public key authentication in ikev2/net2net-cert scenarioTobias Brunner2015-03-042-0/+2
| * testing: Disable signature authentication on dave in openssl-ikev2/ecdsa-cert...Tobias Brunner2015-03-042-2/+3
| * ikev2: Try all RSA signature schemes if none is configuredTobias Brunner2015-03-041-4/+19
| * ikev2: Consider signature schemes in rightauth when sending hash algorithmsTobias Brunner2015-03-041-14/+54
| * tkm: Implement hash algorithm storage methods of keymat_v2_t interfaceTobias Brunner2015-03-041-0/+29
| * keymat: Use hash algorithm setTobias Brunner2015-03-041-29/+7
| * hash-algorithm-set: Add class to manage a set of hash algorithmsTobias Brunner2015-03-044-1/+193
| * ikev2: Add an option to disable constraints against signature schemesTobias Brunner2015-03-042-1/+19
| * stroke: Enable BLISS-based public key constraintsTobias Brunner2015-03-041-4/+19
| * credential-manager: Store BLISS key strength in auth configTobias Brunner2015-03-041-0/+3
| * auth-cfg: Add BLISS key strength constraintTobias Brunner2015-03-042-21/+43
| * testing: Don't check for exact IKEv2 fragment sizeTobias Brunner2015-03-041-2/+2
| * testing: Update test conditions because signature schemes are now loggedTobias Brunner2015-03-0433-58/+58
| * testing: Add ikev2/rw-sig-auth scenarioTobias Brunner2015-03-0412-0/+180
| * testing: Add ikev2/net2net-cert-sha2 scenarioTobias Brunner2015-03-049-0/+104
| * ikev2: Fall back to SHA-1 signatures for RSATobias Brunner2015-03-041-0/+7
| * ikev2: Select a signature scheme appropriate for the given keyTobias Brunner2015-03-041-18/+13
| * public-key: Add helper to determine acceptable signature schemes for keysTobias Brunner2015-03-043-1/+122
| * ikev2: Log the actual signature scheme used for RFC 7427 authenticationTobias Brunner2015-03-041-4/+6
| * ikev2: Store signature scheme used to verify peer in auth_cfgTobias Brunner2015-03-041-0/+1
| * ikev2: Add a global option to disable RFC 7427 signature authenticationTobias Brunner2015-03-042-2/+15
| * ikev2: Remove private AUTH_BLISS methodTobias Brunner2015-03-043-18/+1
| * ikev2: Handle RFC 7427 signature authentication in pubkey authenticatorTobias Brunner2015-03-042-49/+179
| * hasher: Add helper to determine hash algorithm from signature schemeTobias Brunner2015-03-042-0/+44
| * public-key: Add helper to map signature schemes to ASN.1 OIDsTobias Brunner2015-03-042-3/+54
| * public-key: Add helper to determine key type from signature schemeTobias Brunner2015-03-042-0/+43
| * ikev2: Enable signature authentication by transmitting supported hash algorithmsTobias Brunner2015-03-042-4/+88
| * keymat: Add facility to store supported hash algorithmsTobias Brunner2015-03-042-1/+70
| * hasher: Add filter function for algorithms permitted by RFC 7427Tobias Brunner2015-03-042-0/+30
| * hasher: Redefine hash algorithms to match values defined by RFC 7427Tobias Brunner2015-03-042-27/+29
| * ikev2: Add SIGNATURE_HASH_ALGORITHMS notify payloadTobias Brunner2015-03-042-6/+18