aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan/asn1
Commit message (Collapse)AuthorAgeFilesLines
* identification: Add support for dmdName RDN (2.5.4.54)Yannick Cann2016-04-251-0/+1
| | | | | | | It's listed in RFC 2256 but was later removed with RFC 4519, but there are still some certs that use it. Closes strongswan/strongswan#43.
* Use standard unsigned integer typesAndreas Steffen2016-03-242-5/+5
|
* Support pseudonym RDNAndreas Steffen2016-01-271-0/+1
|
* vici: list-cert sends subject, not-before and not-after attributes for pubkeysAndreas Steffen2016-01-091-0/+1
|
* Explicitly mention SHA2 algorithm in BLISS OIDs and signature schemesAndreas Steffen2015-11-061-3/+3
|
* Defined SHA-3 hashersAndreas Steffen2015-11-031-4/+7
|
* Fixed some typos, courtesy of codespellTobias Brunner2015-08-271-1/+1
|
* asn1: Undefine TIME_UTC, which is used by C11Martin Willi2015-04-081-0/+4
| | | | | When building with C11 support, TIME_UTC is used for timespec_get() and defined in <time.h>. Undefine TIME_UTC for our own internal use in asn1.c.
* Fixed two BLISS key type identifier stringsAndreas Steffen2015-03-161-2/+2
|
* Allow SHA256 and SHA384 data hash for BLISS signatures.Andreas Steffen2015-02-261-0/+2
| | | | | The default is SHA512 since this hash function is also used for the c_indices random oracle.
* Implemented improved BLISS-B signature algorithmAndreas Steffen2015-02-251-0/+4
|
* asn1: Add OID for Blowfish CBCTobias Brunner2014-12-051-0/+4
| | | | | | | | The OID (1.3.6.1.4.1.3029.1.2) is technically not correct, the correct one is (1.3.6.1.4.1.3029.1.1.2). Every other library or tool (like OpenSSL) uses the incorrect one so we do the same. References #740.
* Started implementing BLISS signature generationAndreas Steffen2014-11-291-0/+2
|
* Store and parse BLISS private and public keys in DER and PEM formatAndreas Steffen2014-11-291-1/+1
| | | | | | | | Additionally generate SHA-1 fingerprints of raw BLISS subjectPublicKey and subjectPublicKeyInfo objects. Some basic functions used by the bliss_public_key class are shared with the bliss_private_key class.
* Added BLISS OIDs in ITA-HSR OID treeAndreas Steffen2014-11-291-0/+10
|
* asn1: Try to fill the available binary OID buffer if possibleTobias Brunner2014-09-091-11/+24
|
* asn1: Make sure not to exceed buffer for binary OIDTobias Brunner2014-09-091-1/+1
|
* asn1: Return a zeroed ASN1 time if gmtime_r() conversion failsMartin Willi2014-06-041-1/+1
|
* windows: Add a common Windows header for platform specific wrappersMartin Willi2014-06-031-1/+1
| | | | | Include some more basic system headers in utils.h, so we can use that common header on the different platforms.
* Added support for msSmartcardLogon EKUAndreas Steffen2014-04-081-1/+1
|
* Added some more OIDsAndreas Steffen2014-04-081-1/+20
|
* Added SHA3 OIDsAndreas Steffen2014-04-041-6/+12
|
* Fixed a minor vulnerability in which a malformed ASN.1 length field could ↵5.1.2rc1Andreas Steffen2014-02-141-0/+1
| | | | cause a crash of the charon daemon if the verbose debug level 3 (raw hex dump) for the asn subsystem is enabled.
* asn1: Support dates before 1970-01-01 (i.e. when time_t gets negative)Tobias Brunner2014-02-122-4/+23
| | | | | | On x86 we allow "overflows" around 1969/1970 but not for other dates. Fixes #509.
* asn1: Add additional validation for parsed ASN.1 date/time valuesTobias Brunner2014-02-121-1/+12
|
* Prototype implementation of IKE key exchange via NTRU encryptionAndreas Steffen2013-11-271-0/+24
|
* unit-tests: 100% function coverage for asn1.cAndreas Steffen2013-11-031-2/+2
|
* Some minor refactoring in asn1.cAndreas Steffen2013-11-021-11/+17
|
* Do not free zero-length integerAndreas Steffen2013-11-021-5/+10
|
* asn1: Fix handling of invalid ASN.1 length in is_asn1()Tobias Brunner2013-07-311-0/+5
| | | | Fixes CVE-2013-5018.
* Recognize critical IssuingDistributionPoint CRL extensionAndreas Steffen2013-07-121-1/+1
|
* Add pkcs12 plugin which adds support for decoding PKCS#12 containersTobias Brunner2013-05-081-0/+11
|
* PKCS#5 wrapper can decrypt PKCS#12-like schemesTobias Brunner2013-05-081-1/+9
|
* Extract function to convert ASN.1 INTEGER object to u_int64_tTobias Brunner2013-05-082-0/+25
|
* Use the GEN silent rule when generating oid database with perlMartin Willi2013-05-061-2/+0
|
* added some otherNames OIDsAndreas Steffen2013-03-061-0/+6
|
* Moved debug.[ch] to utils folderTobias Brunner2012-10-242-2/+2
|
* added some new SHA-512 OIDsAndreas Steffen2012-10-031-0/+2
|
* Properly encode 0 in ASN.1.Tobias Brunner2012-06-111-10/+7
| | | | | According to X.690 an INTEGER object always has at least one content octet.
* Don't use chunk_skip() in asn1_length().Tobias Brunner2012-06-111-1/+2
| | | | | | | | chunk_skip() returns chunk_empty if the length of the chunk is equal to the number of bytes to skip, this is problematic as asn1_length() modifies the original chunk. asn1_parser_t for instance uses the modified chunk to later calculate the length of the resulting ASN.1 object which produces incorrect results if it is based on chunk_empty.
* Merge branch 'ikev1'Martin Willi2012-05-021-0/+3
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/encoding/generator.c src/libcharon/encoding/payloads/notify_payload.c src/libcharon/encoding/payloads/notify_payload.h src/libcharon/encoding/payloads/payload.c src/libcharon/network/receiver.c src/libcharon/sa/authenticator.c src/libcharon/sa/authenticator.h src/libcharon/sa/ikev2/tasks/ike_init.c src/libcharon/sa/task_manager.c src/libstrongswan/credentials/auth_cfg.c
| * Merge branch 'ikev1-clean' into ikev1-masterMartin Willi2012-03-201-0/+3
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/daemon.c src/libcharon/plugins/eap_ttls/eap_ttls_peer.c src/libcharon/plugins/eap_radius/eap_radius_accounting.c src/libcharon/plugins/eap_radius/eap_radius_forward.c src/libcharon/plugins/farp/farp_listener.c src/libcharon/sa/ike_sa.c src/libcharon/sa/keymat.c src/libcharon/sa/task_manager.c src/libcharon/sa/trap_manager.c src/libstrongswan/plugins/x509/x509_cert.c src/libstrongswan/utils.h Applied lost changes of moved files keymat.c and task_manager.c. Updated listener_t.message hook signature in new plugins.
| | * Added support for iKEIntermediate X.509 extended key usage flag.Tobias Brunner2012-03-201-0/+3
| | | | | | | | | | | | Mac OS X requires server certificates to have this flag set.
* | | Add support for dnQualifier in DNs.Tobias Brunner2012-03-291-0/+1
|/ /
* | Moved log message for unexpected ASN.1 objects to level 2.Tobias Brunner2012-02-011-1/+1
| | | | | | | | This avoids error messages if later builders can successfully decode something.
* | Added support for PKCS#5 v2 schemes when decrypting PKCS#8 files.Tobias Brunner2012-02-012-7/+13
| |
* | Added support for encrypted PKCS#8 files (for some PKCS#5 v1.5 schemes).Tobias Brunner2012-02-012-3/+10
| |
* | Return parsed parameters from algorithmIdentifier if they are an OID (aka EC ↵Tobias Brunner2012-02-011-1/+1
| | | | | | | | | | | | | | named curve). Explicit EC parameters are not supported with this function, but before this change no parameters were actually ever returned.
* | Allow callers to force ASN.1 date encoding as GENERALIZEDTIME.Tobias Brunner2011-12-232-6/+8
| |
* | Avoid integer overflow when parsing ASN.1 dates.Tobias Brunner2011-12-231-2/+2
| | | | | | | | This only works properly if sizeof(time_t) > 4.
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-03 01:52:55 +0000