aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan/plugins/x509/x509_ac.c
Commit message (Collapse)AuthorAgeFilesLines
* x509: Initialize signature params when parsing attribute certificatesTobias Brunner2017-11-151-1/+1
|
* x509: Add support for signature schemes with parametersTobias Brunner2017-11-081-30/+61
| | | | | Also adds support for specifying the hash algorithm for attribute certificate signatures.
* certificate: Return signature scheme and parameters from issued_by() methodTobias Brunner2017-11-081-2/+5
| | | | | This also required some include restructuring (avoid including library.h in headers) to avoid unresolvable circular dependencies.
* private-key: Add optional parameters argument to sign() methodTobias Brunner2017-11-081-1/+1
|
* public-key: Add optional parameters argument to verify() methodTobias Brunner2017-11-081-1/+2
|
* Change interface for enumerator_create_filter() callbackTobias Brunner2017-05-261-13/+20
| | | | | This avoids the unportable 5 pointer hack, but requires enumerating in the callback.
* x509: Evaluate return codes of parsing functionsAndreas Steffen2017-05-081-4/+7
|
* x509: Properly wrap keyid in authorityKeyIdentifier in attribute certificatesTobias Brunner2016-06-061-1/+2
| | | | | | | The correct encoding got lost in bdec2e4f5291 ("refactored openac and its attribute certificate factory"). Fixes #1370.
* Implemented full BLISS support for IKEv2 public key authentication and the ↵Andreas Steffen2014-11-291-2/+2
| | | | pki tool
* x509: Check return value when signing attribute certificatesMartin Willi2014-06-041-9/+16
| | | | | | In addition that this lets AC generation fail properly if private key signing fails, it also fixes an issue when compiling on Windows with MinGW 4.8.1, where for some reason the attributeCertificateInfo got encoded incorrectly.
* x509: Match acert has_subject() against entityName or holder serialMartin Willi2014-03-311-5/+25
| | | | | This allows us to find attribute certificates for a subject certificate in credential sets.
* x509: Replace the comma separated string AC group builder with a list based oneMartin Willi2014-03-311-5/+5
|
* x509: Integrate IETF attribute handling, and obsolete ietf_attributes_tMartin Willi2014-03-311-9/+184
| | | | | The ietf_attributes_t class is used for attribute certificates only these days, and integrating them to x509_ac_t simplifies things significantly.
* x509: Replace fixed acert group string getter by a more dynamic group enumeratorMartin Willi2014-03-311-3/+3
|
* x509: Skip parsing of acert chargingIdentity, as we don't use it anywayMartin Willi2014-03-311-9/+1
|
* x509: Fix some whitespaces and do some minor style cleanups in acertMartin Willi2014-03-311-72/+76
|
* Moved debug.[ch] to utils folderTobias Brunner2012-10-241-1/+1
|
* Moved data structures to new collections subfolderTobias Brunner2012-10-241-1/+1
|
* certificate_t->issued_by takes an argument to receive signature schemeMartin Willi2012-06-121-1/+5
|
* Allow callers to force ASN.1 date encoding as GENERALIZEDTIME.Tobias Brunner2011-12-231-2/+2
|
* Properly ASN.1 encode dates in certificates depending on the year.Tobias Brunner2011-12-231-2/+2
|
* Log most X.509 related messages in new ASN log group.Tobias Brunner2011-12-161-14/+14
|
* Migrated x509_ac to INIT/METHOD macrosAndreas Steffen2011-09-281-107/+63
|
* Replaced simple iterator usages.Tobias Brunner2011-07-061-3/+3
|
* Support different encoding types in certificate.get_encoding()Martin Willi2010-07-131-4/+14
|
* Renamed key_encod{ing,der}_t and constants, prepare for generic credential ↵Martin Willi2010-07-131-2/+2
| | | | encoding
* Removed is_newer() from certificate_t, obsoleting all implementationsMartin Willi2010-05-211-20/+0
|
* Adding DBG_LIB to all calls of libstrongswan's version of DBG*.Tobias Brunner2010-04-061-17/+18
|
* streamlined output from get_validity()Andreas Steffen2009-10-061-23/+3
|
* pluto now uses x509 plugin for attribute certificate handlingAndreas Steffen2009-10-051-15/+27
|
* added some notBefore/notAfter debugging infoAndreas Steffen2009-10-021-1/+13
|
* generate known OIDs dynamicallyAndreas Steffen2009-09-301-14/+6
|
* Removed chunk_from_buf() in favor of a simpler chunk_from_chars() macroMartin Willi2009-09-111-15/+6
|
* Updated x509 plugin to the new builder APIMartin Willi2009-09-101-114/+68
|
* remove spaces within tabs (\t( )+\t)Martin Willi2009-09-041-3/+3
|
* replaces four spaces by tabs, where appropriateMartin Willi2009-09-041-1/+1
|
* removed trailing spaces ([[:space:]]+$)Martin Willi2009-09-041-41/+41
|
* create algorithmIdentifier dynamically from OID databaseMartin Willi2009-08-271-2/+2
|
* updated x509 plugin to public key/x509 API changesMartin Willi2009-08-261-81/+69
|
* make use of the pem helper plugin to load credentialsMartin Willi2009-08-261-34/+1
|
* created signature_scheme_from_oid() helper functionAndreas Steffen2009-06-091-25/+5
|
* hide credentials headers in credential_factory.hAndreas Steffen2009-05-281-0/+1
|
* removing svn keyword $Id$ from all filesTobias Brunner2009-04-301-2/+0
|
* printf hooks refactored to increase portability (i.e. support for platforms ↵Tobias Brunner2009-03-121-1/+1
| | | | without glibc-compatible customizable printf - the Vstr string library is currently required on such platforms).
* fixed refactoring error in openacAndreas Steffen2008-12-041-1/+3
|
* got rid of deprecated create_iterator_locked()Martin Willi2008-11-051-0/+2
|
* refactored credential builderMartin Willi2008-09-021-13/+14
| | | | | | | | | allow enumeration of matching builders try a second builder if the first one fails builder clones resources internally on demand caller frees added resources on failure and success stricter handling of non-supported build parts
* support of ECDSA signatures for all certificate typesAndreas Steffen2008-06-221-0/+3
|
* added display of holderIssuer, holderSerial, and authorityKeyIdentifierAndreas Steffen2008-05-231-3/+40
|
* implement basic listing of attribute certificatesAndreas Steffen2008-05-221-8/+3
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-27 16:16:27 +0000