aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan/plugins/openssl/openssl_plugin.c
Commit message (Collapse)AuthorAgeFilesLines
* lib: All settings use configured namespaceTobias Brunner2014-02-121-1/+1
|
* openssl: Add support for ECC Brainpool curves for DH, if defined by OpenSSLTobias Brunner2013-10-171-0/+4
| | | | OpenSSL does not include them in releases before 1.0.2.
* Remove HASH_PREFERRED, usages are replaced with HASH_SHA1, which is required ↵Tobias Brunner2013-10-111-3/+3
| | | | for IKEv2 anyway
* openssl: Properly log FIPS mode when enabled via openssl.confTobias Brunner2013-09-271-5/+13
| | | | | | | | | Enabling FIPS mode twice will fail, so if it is enabled in openssl.conf it should be disabled in strongswan.conf (or the other way around). Either way, we should log whether FIPS mode is enabled or not. References #412.
* openssl: Only warn about unavailable FIPS mode if the user requested itTobias Brunner2013-05-081-1/+1
|
* openssl: Cleanup thread specific error bufferTobias Brunner2013-05-081-5/+38
|
* openssl: Don't use deprecated CRYPTO_set_id_callback() with OpenSSL >= 1.0.0Tobias Brunner2013-05-081-17/+29
|
* openssl: Add PKCS#12 parsing via OpenSSLTobias Brunner2013-05-081-0/+3
|
* openssl: Properly cleanup OpenSSL libraryTobias Brunner2013-05-081-2/+7
|
* Add support for untruncated HMAC-SHA-512Tobias Brunner2013-05-081-0/+1
|
* openssl: Define a default for FIPS_MODETobias Brunner2013-05-031-0/+4
|
* support of OpenSSL FIPS-140-2 libraryAndreas Steffen2013-04-161-0/+19
|
* openssl: The EVP GCM interface requires at least OpenSSL 1.0.1Tobias Brunner2013-03-011-0/+2
|
* openssl: Provide AES-GCM implementationTobias Brunner2013-02-281-0/+14
|
* openssl: Disable PKCS#7/CMS when building against OpenSSL < 0.9.8gTobias Brunner2013-02-201-1/+2
| | | | Fixes #292.
* Add a stub for OpenSSL PKCS#7 parsingMartin Willi2012-12-191-0/+5
|
* Moved debug.[ch] to utils folderTobias Brunner2012-10-241-1/+1
|
* openssl: Fix registration of the PUBKEY builderTobias Brunner2012-08-181-1/+1
| | | | | libtls drops support for RSA suites if it does not find an RSA backend (final builder for RSA public keys).
* Check rng return value when seeding OpenSSL RNGTobias Brunner2012-07-161-1/+5
|
* openssl: Ensure the thread ID is never zeroTobias Brunner2012-07-031-1/+3
| | | | | | This might otherwise cause problems because OpenSSL tries to lock mutexes recursively if it assumes the lock is held by a different thread e.g. during FIPS initialization.
* Use simple wrappers for HMAC based PRF and signer in openssl pluginTobias Brunner2012-06-251-2/+1
|
* Adding OpenSSL HMAC signer functions to openssl pluginAleksandr Grinberg2012-06-251-0/+20
|
* Adding OpenSSL HMAC pseudo random functions to openssl pluginAleksandr Grinberg2012-06-251-0/+17
|
* Adding OpenSSL random number functions to openssl pluginAleksandr Grinberg2012-06-251-0/+4
|
* Certificate decoding soft-depends on public key decoding of specific typesMartin Willi2012-05-021-0/+3
|
* Fixed AES key length in openssl pluginMartin Willi2011-10-141-2/+2
|
* Announce openssl features only if actually supportedMartin Willi2011-10-141-16/+64
|
* Add features support to openssl pluginMartin Willi2011-10-141-141/+118
|
* Added a (not yet implemented) plugin_t method to reload plugin configurationMartin Willi2011-04-151-0/+1
|
* Added a get_name() function to plugin_t, create_plugin_enumerator enumerates ↵Martin Willi2011-04-151-38/+43
| | | | over plugin_t
* trace back crypto algorithms to the plugins that registered themAndreas Steffen2010-12-181-36/+38
|
* Added missing include for RAND_seed and RAND_status.Tobias Brunner2010-10-211-0/+1
|
* Added a final flag to builder registration to enumerate the actually ↵Martin Willi2010-09-031-10/+10
| | | | supported algorithms
* Added support for MODP_CUSTOM to openssl pluginMartin Willi2010-09-031-0/+2
|
* Use a seperate section for each nested struct member in INIT macroMartin Willi2010-08-181-1/+5
|
* Double check that the OpenSSL RNG has been seeded, do so otherwiseMartin Willi2010-08-111-0/+33
|
* Migrated remaining classes in openssl plugin to INIT/METHOD macrosMartin Willi2010-08-101-6/+6
|
* Support module names in %smartcard specifier, streamlined smartcard buildingMartin Willi2010-08-041-1/+1
|
* Fixing compilation of the OpenSSL plugin if ENGINE support is disabled.Tobias Brunner2010-06-221-2/+8
| | | | | That is, enable compilation if OpenSSL was configured with OPENSSL_NO_ENGINE.
* Fixing compilation of the OpenSSL plugin if Elliptic Curve support is disabled.Tobias Brunner2010-06-221-3/+9
| | | | | That is, enable compilation if OpenSSL was configured with OPENSSL_NO_EC.
* Implemented X.509 CRL reading using OpenSSLMartin Willi2010-05-211-0/+5
|
* Implemented X.509 certificate reading using OpenSSLMartin Willi2010-05-211-0/+7
|
* Support decoding of subjectPublicKeyInfo in openssl without pkcs1 pluginMartin Willi2010-05-051-0/+2
|
* Added support for DH groups 22, 23 and 24, patch contributed by Joy LattenMartin Willi2010-04-191-0/+6
|
* Implemented the PRF_KEYED_SHA1 algorithm in the openssl pluginMartin Willi2010-03-081-0/+7
|
* Changed plugin constructors from plugin_create to plugin_name_plugin_create.Tobias Brunner2010-03-021-1/+1
|
* Using the thread wrapper in charon, libstrongswan and their plugins.Tobias Brunner2009-12-231-2/+2
|
* Separated the public interfaces of the threading primitives.Tobias Brunner2009-12-231-1/+1
|
* Moved mutex.c to a separate folder in order to cleanly wrap other threading ↵Tobias Brunner2009-12-231-1/+1
| | | | primitives (and utils/mutex.h is now threading.h).
* Prefer MODP2048/1536 over ECP Diffie-Hellman groupsMartin Willi2009-11-121-11/+9
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-03 08:09:20 +0000