| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | diffie-hellman: Verify public DH values in backends | Martin Willi | 2015-03-23 | 1 | -0/+5 |
| | | |||||
| * | diffie-hellman: Add a bool return value to set_other_public_value() | Martin Willi | 2015-03-23 | 1 | -7/+7 |
| | | |||||
| * | diffie-hellman: Add a bool return value to get_my_public_value() | Martin Willi | 2015-03-23 | 1 | -1/+2 |
| | | |||||
| * | diffie-hellman: Use bool instead of status_t as get_shared_secret() return value | Martin Willi | 2015-03-23 | 1 | -3/+3 |
| | | | | | | While such a change is not unproblematic, keeping status_t makes the API inconsistent once we introduce return values for the public value operations. | ||||
| * | pkcs11: Convert RFC 3279 ECDSA signatures when verifying | Tobias Brunner | 2015-03-09 | 1 | -4/+33 |
| | | | | | References #873. | ||||
| * | pkcs11: Properly encode RFC 3279 ECDSA signatures | Tobias Brunner | 2015-03-09 | 1 | -2/+19 |
| | | | | | Fixes #873. | ||||
| * | pkcs11: Properly encode EC_POINTs created on a token | Tobias Brunner | 2015-03-09 | 1 | -5/+8 |
| | | | | | | | | Some tokens might not fail when creating EC public keys in the incorrect format, but they will later not be able to use them to verify signatures. References #872. | ||||
| * | pkcs11: Properly handle EC_POINTs returned as ASN.1 octet string | Tobias Brunner | 2015-03-09 | 1 | -1/+43 |
| | | | | | | | | This is the correct encoding but we internally only use unwrapped keys and some tokens return them unwrapped. Fixes #872. | ||||
| * | crypto: Define MODP_CUSTOM outside of IKE DH range | Tobias Brunner | 2014-12-23 | 1 | -1/+1 |
| | | | | | | | | | | Before this fix it was possible to crash charon with an IKE_SA_INIT message containing a KE payload with DH group MODP_CUSTOM(1025). Defining MODP_CUSTOM outside of the two byte IKE DH identifier range prevents it from getting negotiated. Fixes CVE-2014-9221. | ||||
| * | plugins: Don't link with -rdynamic on Windows | Martin Willi | 2014-06-04 | 1 | -1/+1 |
| | | |||||
| * | enum: Don't directly include enum.h | Martin Willi | 2014-05-16 | 1 | -1/+1 |
| | | | | | | To allow enum.h to depend on utils.h definitions, avoid its direct inclusion. Instead include utils.h, which includes enum.h as well. | ||||
| * | lib: All settings use configured namespace | Tobias Brunner | 2014-02-12 | 3 | -14/+14 |
| | | |||||
| * | automake: replace INCLUDES by AM_CPPFLAGS | Martin Willi | 2013-07-18 | 1 | -3/+4 |
| | | | | | | | INCLUDES are now deprecated and throw warnings when using automake 1.13. We now also differentiate AM_CPPFLAGS and AM_CFLAGS, where includes and defines are passed to AM_CPPFLAGS only. | ||||
| * | pkcs11: Use plugin_features_add() in get_features() | Tobias Brunner | 2013-06-11 | 1 | -21/+8 |
| | | |||||
| * | Moved debug.[ch] to utils folder | Tobias Brunner | 2012-10-24 | 9 | -9/+9 |
| | | |||||
| * | Moved enum_name_t to utils folder | Tobias Brunner | 2012-10-24 | 1 | -1/+1 |
| | | |||||
| * | Moved chunk_t to utils folder | Tobias Brunner | 2012-10-24 | 1 | -1/+1 |
| | | |||||
| * | Moved data structures to new collections subfolder | Tobias Brunner | 2012-10-24 | 5 | -5/+5 |
| | | |||||
| * | PKCS#11 library search using keyid uses a fallback to look for certificates | Martin Willi | 2012-10-24 | 1 | -4/+8 |
| | | |||||
| * | Add a strongswan.conf option to disable loading of all certificates from a ↵ | Martin Willi | 2012-10-24 | 1 | -6/+11 |
| | | | | | pkcs11 module | ||||
| * | Explicit pkcs11 certificate loading can enforce a module and a slot | Martin Willi | 2012-10-24 | 2 | -4/+21 |
| | | |||||
| * | Be less verbose if loading PKCS#11 certificate fails | Martin Willi | 2012-10-24 | 1 | -6/+1 |
| | | |||||
| * | Add a builder to load specific pkcs11 certificates by keyid | Martin Willi | 2012-10-24 | 3 | -0/+115 |
| | | |||||
| * | If no pkcs11 public key for a private key found, search for a certificate | Martin Willi | 2012-10-24 | 1 | -4/+53 |
| | | |||||
| * | Move pkcs11 public key lookup function declaration to header file | Martin Willi | 2012-10-24 | 3 | -20/+18 |
| | | |||||
| * | Added an option to reload certificates from PKCS#11 tokens on SIGHUP | Tobias Brunner | 2012-10-18 | 1 | -0/+16 |
| | | |||||
| * | Copy the name of pkcs11_library_t objects | Tobias Brunner | 2012-10-18 | 2 | -2/+3 |
| | | | | | | Strings returned by settings_t.create_section_enumerator will be freed when the config is reloaded. | ||||
| * | Make sure first argument is an int when using %.*s to print e.g. chunks | Tobias Brunner | 2012-09-28 | 1 | -2/+3 |
| | | |||||
| * | Add a return value to hasher_t.reset() | Martin Willi | 2012-07-16 | 1 | -1/+2 |
| | | |||||
| * | Add a return value to hasher_t.allocate_hash() | Martin Willi | 2012-07-16 | 3 | -14/+15 |
| | | |||||
| * | Add a return value to hasher_t.get_hash() | Martin Willi | 2012-07-16 | 1 | -11/+24 |
| | | |||||
| * | RNGs' get_bytes and allocate_bytes return boolean | Tobias Brunner | 2012-07-16 | 1 | -4/+10 |
| | | |||||
| * | Centralized thread cancellation in processor_t | Tobias Brunner | 2012-06-25 | 1 | -17/+3 |
| | | | | | | | | | | | This ensures that no threads are active when plugins and the rest of the daemon are unloaded. callback_job_t was simplified a lot in the process as its main functionality is now contained in processor_t. The parent-child relationships were abandoned as these were only needed to simplify job cancellation. | ||||
| * | Compiler warnings fixed. | Tobias Brunner | 2012-02-14 | 1 | -1/+1 |
| | | |||||
| * | pkcs11: Fixed a bug when creating public keys. | Tobias Brunner | 2011-11-09 | 1 | -1/+1 |
| | | |||||
| * | Common spelling errors fixed. | Tobias Brunner | 2011-11-03 | 1 | -1/+1 |
| | | |||||
| * | pkcs11: Make public key operations on tokens optional. | Tobias Brunner | 2011-11-03 | 1 | -20/+21 |
| | | |||||
| * | pkcs11: Make sure a key can be used for a given signature scheme. | Tobias Brunner | 2011-11-02 | 3 | -16/+31 |
| | | |||||
| * | pkcs11: Register ECDSA feature. | Tobias Brunner | 2011-11-02 | 1 | -1/+10 |
| | | |||||
| * | pkcs11: We have to create our own hashes for some signature schemes. | Tobias Brunner | 2011-11-02 | 4 | -12/+81 |
| | | |||||
| * | pkcs11: Lookup the public key of a private key by CKA_ID. | Tobias Brunner | 2011-11-02 | 2 | -0/+125 |
| | | | | | | | Currently this only works if a public key object with the same ID is available, if there isn't one we could search for a certificate with the same ID and extract the key from there. | ||||
| * | pkcs11: Search for private keys in a more generic way. | Tobias Brunner | 2011-11-02 | 1 | -20/+19 |
| | | | | | | | Also, don't extract the public key directly from the private key. Some tokens actually do not return the public exponent (it's not required). We have to find a different way to get the public key. | ||||
| * | pkcs11: Added support to encode ECDSA public keys. | Tobias Brunner | 2011-11-02 | 1 | -0/+89 |
| | | |||||
| * | pkcs11: Parse ECDSA public keys and find/create them on tokens. | Tobias Brunner | 2011-11-02 | 1 | -2/+177 |
| | | |||||
| * | pkcs11: Added generic functions to find/create public keys on tokens. | Tobias Brunner | 2011-11-02 | 1 | -40/+75 |
| | | |||||
| * | pkcs11: Store public key length in bits. | Tobias Brunner | 2011-11-02 | 1 | -3/+3 |
| | | |||||
| * | pkcs11: Fix encoding of RSA public keys. | Tobias Brunner | 2011-11-02 | 1 | -0/+4 |
| | | |||||
| * | pkcs11: Use create_object_attr_enumerator to encode RSA public key. | Tobias Brunner | 2011-11-02 | 1 | -17/+7 |
| | | |||||
| * | pkcs11: Instead of a mutex use a new session to do multipart operations. | Tobias Brunner | 2011-11-02 | 2 | -40/+66 |
| | | |||||
| * | pkcs11: Function added to retrieve multiple attributes from a single object. | Tobias Brunner | 2011-11-02 | 2 | -6/+62 |
| | | |||||
 |
index : tteras/strongswan | |
| tteras' strongSwan tree | gitolite |
| aboutsummaryrefslogtreecommitdiffstats |