aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan/asn1
Commit message (Collapse)AuthorAgeFilesLines
* asn1: Add helper function to create algorithmIdentifier with parametersTobias Brunner2017-11-082-6/+23
|
* asn1: Add function to generate an ASN.1 integer from an uint64_tTobias Brunner2017-11-082-0/+28
|
* asn1: Add OID for MGF1Tobias Brunner2017-11-081-1/+1
|
* asn1: Add OID for RSASSA-PSSTobias Brunner2017-11-081-0/+1
|
* asn1: Add additional OIDs seen in certificate DNsTobias Brunner2017-11-021-0/+3
|
* asn1-parser: Fix CHOICE parsingAndreas Steffen2017-05-292-22/+75
| | | | Fixes: CVE-2017-9023
* asn1: Make sure the first argument to sscanf() is null-terminatedTobias Brunner2017-05-231-7/+9
|
* Added support of EdDSA signaturesAndreas Steffen2016-12-142-1/+6
|
* Added SHA-3 signature OIDsAndreas Steffen2016-07-261-1/+10
|
* identification: Add support for dmdName RDN (2.5.4.54)Yannick Cann2016-04-251-0/+1
| | | | | | | It's listed in RFC 2256 but was later removed with RFC 4519, but there are still some certs that use it. Closes strongswan/strongswan#43.
* Use standard unsigned integer typesAndreas Steffen2016-03-242-5/+5
|
* Support pseudonym RDNAndreas Steffen2016-01-271-0/+1
|
* vici: list-cert sends subject, not-before and not-after attributes for pubkeysAndreas Steffen2016-01-091-0/+1
|
* Explicitly mention SHA2 algorithm in BLISS OIDs and signature schemesAndreas Steffen2015-11-061-3/+3
|
* Defined SHA-3 hashersAndreas Steffen2015-11-031-4/+7
|
* Fixed some typos, courtesy of codespellTobias Brunner2015-08-271-1/+1
|
* asn1: Undefine TIME_UTC, which is used by C11Martin Willi2015-04-081-0/+4
| | | | | When building with C11 support, TIME_UTC is used for timespec_get() and defined in <time.h>. Undefine TIME_UTC for our own internal use in asn1.c.
* Fixed two BLISS key type identifier stringsAndreas Steffen2015-03-161-2/+2
|
* Allow SHA256 and SHA384 data hash for BLISS signatures.Andreas Steffen2015-02-261-0/+2
| | | | | The default is SHA512 since this hash function is also used for the c_indices random oracle.
* Implemented improved BLISS-B signature algorithmAndreas Steffen2015-02-251-0/+4
|
* asn1: Add OID for Blowfish CBCTobias Brunner2014-12-051-0/+4
| | | | | | | | The OID (1.3.6.1.4.1.3029.1.2) is technically not correct, the correct one is (1.3.6.1.4.1.3029.1.1.2). Every other library or tool (like OpenSSL) uses the incorrect one so we do the same. References #740.
* Started implementing BLISS signature generationAndreas Steffen2014-11-291-0/+2
|
* Store and parse BLISS private and public keys in DER and PEM formatAndreas Steffen2014-11-291-1/+1
| | | | | | | | Additionally generate SHA-1 fingerprints of raw BLISS subjectPublicKey and subjectPublicKeyInfo objects. Some basic functions used by the bliss_public_key class are shared with the bliss_private_key class.
* Added BLISS OIDs in ITA-HSR OID treeAndreas Steffen2014-11-291-0/+10
|
* asn1: Try to fill the available binary OID buffer if possibleTobias Brunner2014-09-091-11/+24
|
* asn1: Make sure not to exceed buffer for binary OIDTobias Brunner2014-09-091-1/+1
|
* asn1: Return a zeroed ASN1 time if gmtime_r() conversion failsMartin Willi2014-06-041-1/+1
|
* windows: Add a common Windows header for platform specific wrappersMartin Willi2014-06-031-1/+1
| | | | | Include some more basic system headers in utils.h, so we can use that common header on the different platforms.
* Added support for msSmartcardLogon EKUAndreas Steffen2014-04-081-1/+1
|
* Added some more OIDsAndreas Steffen2014-04-081-1/+20
|
* Added SHA3 OIDsAndreas Steffen2014-04-041-6/+12
|
* Fixed a minor vulnerability in which a malformed ASN.1 length field could ↵5.1.2rc1Andreas Steffen2014-02-141-0/+1
| | | | cause a crash of the charon daemon if the verbose debug level 3 (raw hex dump) for the asn subsystem is enabled.
* asn1: Support dates before 1970-01-01 (i.e. when time_t gets negative)Tobias Brunner2014-02-122-4/+23
| | | | | | On x86 we allow "overflows" around 1969/1970 but not for other dates. Fixes #509.
* asn1: Add additional validation for parsed ASN.1 date/time valuesTobias Brunner2014-02-121-1/+12
|
* Prototype implementation of IKE key exchange via NTRU encryptionAndreas Steffen2013-11-271-0/+24
|
* unit-tests: 100% function coverage for asn1.cAndreas Steffen2013-11-031-2/+2
|
* Some minor refactoring in asn1.cAndreas Steffen2013-11-021-11/+17
|
* Do not free zero-length integerAndreas Steffen2013-11-021-5/+10
|
* asn1: Fix handling of invalid ASN.1 length in is_asn1()Tobias Brunner2013-07-311-0/+5
| | | | Fixes CVE-2013-5018.
* Recognize critical IssuingDistributionPoint CRL extensionAndreas Steffen2013-07-121-1/+1
|
* Add pkcs12 plugin which adds support for decoding PKCS#12 containersTobias Brunner2013-05-081-0/+11
|
* PKCS#5 wrapper can decrypt PKCS#12-like schemesTobias Brunner2013-05-081-1/+9
|
* Extract function to convert ASN.1 INTEGER object to u_int64_tTobias Brunner2013-05-082-0/+25
|
* Use the GEN silent rule when generating oid database with perlMartin Willi2013-05-061-2/+0
|
* added some otherNames OIDsAndreas Steffen2013-03-061-0/+6
|
* Moved debug.[ch] to utils folderTobias Brunner2012-10-242-2/+2
|
* added some new SHA-512 OIDsAndreas Steffen2012-10-031-0/+2
|
* Properly encode 0 in ASN.1.Tobias Brunner2012-06-111-10/+7
| | | | | According to X.690 an INTEGER object always has at least one content octet.
* Don't use chunk_skip() in asn1_length().Tobias Brunner2012-06-111-1/+2
| | | | | | | | chunk_skip() returns chunk_empty if the length of the chunk is equal to the number of bytes to skip, this is problematic as asn1_length() modifies the original chunk. asn1_parser_t for instance uses the modified chunk to later calculate the length of the resulting ASN.1 object which produces incorrect results if it is based on chunk_empty.
* Merge branch 'ikev1'Martin Willi2012-05-021-0/+3
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/encoding/generator.c src/libcharon/encoding/payloads/notify_payload.c src/libcharon/encoding/payloads/notify_payload.h src/libcharon/encoding/payloads/payload.c src/libcharon/network/receiver.c src/libcharon/sa/authenticator.c src/libcharon/sa/authenticator.h src/libcharon/sa/ikev2/tasks/ike_init.c src/libcharon/sa/task_manager.c src/libstrongswan/credentials/auth_cfg.c
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-02 19:46:16 +0000