aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan/plugins/openssl
Commit message (Collapse)AuthorAgeFilesLines
* automake: replace INCLUDES by AM_CPPFLAGSMartin Willi2013-07-181-4/+5
| | | | | | INCLUDES are now deprecated and throw warnings when using automake 1.13. We now also differentiate AM_CPPFLAGS and AM_CFLAGS, where includes and defines are passed to AM_CPPFLAGS only.
* openssl: parse X.509 extended key usage from extension parsing loopMartin Willi2013-07-181-33/+38
| | | | | Otherwise parsing gets aborted if unknown critical extensions are handled as error.
* openssl: show which critical X.509 extension is not supportedMartin Willi2013-07-181-1/+6
|
* Recognize critical IssuingDistributionPoint CRL extensionAndreas Steffen2013-07-121-0/+4
|
* openssl: RAND_pseudo_bytes() returns 0 if bytes are not cryptographically strongMartin Willi2013-07-041-9/+6
| | | | For our purposes with RNG_WEAK this is fine, so accept a zero return value.
* openssl: add support for IP addr blocks in X.509 certificatesMichael Rossberg2013-05-241-1/+115
|
* openssl: Only warn about unavailable FIPS mode if the user requested itTobias Brunner2013-05-081-1/+1
|
* openssl: Cleanup thread specific error bufferTobias Brunner2013-05-081-5/+38
|
* openssl: Don't use deprecated CRYPTO_set_id_callback() with OpenSSL >= 1.0.0Tobias Brunner2013-05-081-17/+29
|
* openssl: Add PKCS#12 parsing via OpenSSLTobias Brunner2013-05-084-0/+307
|
* openssl: Properly cleanup OpenSSL libraryTobias Brunner2013-05-081-2/+7
|
* Add support for untruncated HMAC-SHA-512Tobias Brunner2013-05-081-0/+1
|
* openssl: Define a default for FIPS_MODETobias Brunner2013-05-031-0/+4
|
* support of OpenSSL FIPS-140-2 libraryAndreas Steffen2013-04-162-1/+20
|
* Allow SHA1_Init()/SHA1_Update() to fail if OpenSSL version >= 1.0Martin Willi2013-04-101-0/+14
|
* Check RSA_public_decrypt() length before constructing and comparing a chunkMartin Willi2013-04-101-7/+10
| | | | | If decryption fails, it returns -1. chunk_equals() should catch that error, but be more explicit in error checking.
* RSA_check_key() may return -1 if it failsMartin Willi2013-04-101-2/+2
|
* RAND_bytes/RAND_pseudo_bytes returns -1 if it is not supported by RAND methodMartin Willi2013-04-101-1/+1
|
* Check return value of ECDSA_Verify() correctlyMartin Willi2013-04-101-1/+1
|
* openssl: The EVP GCM interface requires at least OpenSSL 1.0.1Tobias Brunner2013-03-012-0/+8
|
* openssl: Provide AES-GCM implementationTobias Brunner2013-02-284-1/+312
|
* openssl: Disable PKCS#7/CMS when building against OpenSSL < 0.9.8gTobias Brunner2013-02-202-1/+5
| | | | Fixes #292.
* openssl: Properly honor OPENSSL_NO_* definesTobias Brunner2013-01-317-5/+31
|
* Properly check MSB in openssl plugin's PKCS#7 implementationTobias Brunner2013-01-241-1/+1
|
* Include opensslconf.h before checking its definesMartin Willi2013-01-031-0/+2
|
* Don't build OpenSSL PKCS#7 code if OPENSSL_NO_CMS definedMartin Willi2013-01-031-0/+4
|
* Fix up serialNumber in openssl PKCS#7 if it has a leading MSB setMartin Willi2012-12-191-2/+7
|
* Implement PKCS#7 decryption using opensslMartin Willi2012-12-191-16/+255
|
* Make available wrapped certificates while verifying PKCS#7 signatures in opensslMartin Willi2012-12-191-0/+22
|
* Implement openssl PKCS#7 certficiate enumerationMartin Willi2012-12-191-0/+72
|
* Implement get_attribute() in openssl PKCS#7 backendMartin Willi2012-12-191-1/+35
|
* Implement OpenSSL PKCS#7 signed-data parsing and verificationMartin Willi2012-12-191-4/+287
|
* Add a stub for OpenSSL PKCS#7 parsingMartin Willi2012-12-194-0/+172
|
* certificate_t.has_subject() matches for certificate serialNumberMartin Willi2012-12-191-0/+4
|
* Moved debug.[ch] to utils folderTobias Brunner2012-10-2411-11/+11
|
* Moved data structures to new collections subfolderTobias Brunner2012-10-242-2/+2
|
* Make sure first argument is an int when using %.*s to print e.g. chunksTobias Brunner2012-09-281-1/+2
|
* openssl: Fix registration of the PUBKEY builderTobias Brunner2012-08-181-1/+1
| | | | | libtls drops support for RSA suites if it does not find an RSA backend (final builder for RSA public keys).
* Use centralized hasher names in openssl pluginMartin Willi2012-07-172-73/+10
|
* Support void return values in OpenSSL 0.9.8 HMAC functionsMartin Willi2012-07-171-17/+28
|
* Resetting OpenSSL HMAC with NULL key reuses existing keyMartin Willi2012-07-161-11/+2
|
* Make sure HMAC_Init is called before HMAC_Update, fixes crashMartin Willi2012-07-161-0/+5
|
* Add a return value to hasher_t.reset()Martin Willi2012-07-161-4/+8
|
* Add a return value to hasher_t.allocate_hash()Martin Willi2012-07-164-12/+9
|
* Add a return value to hasher_t.get_hash()Martin Willi2012-07-161-3/+10
|
* Add a return value to crypter_t.set_key()Martin Willi2012-07-161-1/+2
|
* Add a return value to crypter_t.decrypt()Martin Willi2012-07-161-2/+2
|
* Add a return value to crypter_t.encryptMartin Willi2012-07-161-10/+11
|
* Add a return value to mac_t.set_key()Martin Willi2012-07-161-2/+2
|
* Add a return value to mac_t.get_bytes()Martin Willi2012-07-161-10/+8
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 05:17:02 +0000