aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan/plugins/x509/x509_crl.c
Commit message (Collapse)AuthorAgeFilesLines
* x509: Add support for signature schemes with parametersTobias Brunner2017-11-081-26/+47
| | | | | Also adds support for specifying the hash algorithm for attribute certificate signatures.
* certificate: Return signature scheme and parameters from issued_by() methodTobias Brunner2017-11-081-2/+5
| | | | | This also required some include restructuring (avoid including library.h in headers) to avoid unresolvable circular dependencies.
* private-key: Add optional parameters argument to sign() methodTobias Brunner2017-11-081-1/+1
|
* public-key: Add optional parameters argument to verify() methodTobias Brunner2017-11-081-1/+1
|
* certificates: Use shared destructor for x509_cdp_tTobias Brunner2017-09-181-11/+2
|
* Change interface for enumerator_create_filter() callbackTobias Brunner2017-05-261-17/+25
| | | | | This avoids the unportable 5 pointer hack, but requires enumerating in the callback.
* x509: Evaluate return codes of parsing functionsAndreas Steffen2017-05-081-4/+8
|
* x509: Use subjectKeyIdentifier provided by issuer cert when checking CRL issuerTobias Brunner2015-03-061-18/+15
| | | | | | | | | Some CAs don't use SHA-1 hashes of the public key as subjectKeyIdentifier and authorityKeyIdentifier. If that's the case we can't force the calculation of the hash to compare that to authorityKeyIdentifier in the CRL, instead we use the subjectKeyIdentifier stored in the issuer certificate, if available. Otherwise, we fall back to the SHA-1 hash (or comparing the DNs) as before.
* x509: Fix public key reference leak if authority key identifier does not matchMartin Willi2015-02-061-10/+12
|
* Implemented full BLISS support for IKEv2 public key authentication and the ↵Andreas Steffen2014-11-291-1/+1
| | | | pki tool
* lib: All settings use configured namespaceTobias Brunner2014-02-121-1/+1
|
* Recognize critical IssuingDistributionPoint CRL extensionAndreas Steffen2013-07-121-0/+3
|
* Moved debug.[ch] to utils folderTobias Brunner2012-10-241-1/+1
|
* Moved data structures to new collections subfolderTobias Brunner2012-10-241-1/+1
|
* Properly initialize chunk for extension OID when parsing CRLsTobias Brunner2012-09-281-1/+1
|
* certificate_t->issued_by takes an argument to receive signature schemeMartin Willi2012-06-121-1/+5
|
* Allow callers to force ASN.1 date encoding as GENERALIZEDTIME.Tobias Brunner2011-12-231-3/+3
|
* Properly ASN.1 encode dates in certificates depending on the year.Tobias Brunner2011-12-231-3/+3
|
* Log most X.509 related messages in new ASN log group.Tobias Brunner2011-12-161-6/+6
|
* introduced libstrongswan.x509.enforce_critical parameterAndreas Steffen2011-02-051-2/+2
|
* Properly initialize variable 'critical'.Tobias Brunner2011-02-041-1/+1
|
* Added support for delta CRLs to x509 pluginMartin Willi2011-01-051-7/+110
|
* Respect enforce_critical setting in x509 plugin CRLsMartin Willi2011-01-051-0/+8
|
* Parse CRL extensions in a switch statementMartin Willi2011-01-051-18/+24
|
* Use subject, not issuer, of CRL issuing certificateMartin Willi2011-01-051-1/+1
|
* CRLSign keyUsage or CA basicConstraint are sufficient for CRL validationMartin Willi2011-01-051-1/+1
|
* Support different encoding types in certificate.get_encoding()Martin Willi2010-07-131-4/+13
|
* Renamed key_encod{ing,der}_t and constants, prepare for generic credential ↵Martin Willi2010-07-131-1/+1
| | | | encoding
* Use CAs subjectKeyIdentifier as CRLs authorityKeyIdentifierMartin Willi2010-05-211-1/+1
|
* Added support for CRL generation to x509 pluginMartin Willi2010-05-211-3/+186
|
* Removed is_newer() from certificate_t, obsoleting all implementationsMartin Willi2010-05-211-35/+0
|
* Migrated x509_crl_t to INIT/METHOD macrosMartin Willi2010-05-211-95/+70
|
* Adding DBG_LIB to all calls of libstrongswan's version of DBG*.Tobias Brunner2010-04-061-7/+8
|
* streamlined output from get_validity()Andreas Steffen2009-10-061-9/+1
|
* Updated x509 plugin to the new builder APIMartin Willi2009-09-101-63/+23
|
* remove spaces within tabs (\t( )+\t)Martin Willi2009-09-041-2/+2
|
* removed trailing spaces ([[:space:]]+$)Martin Willi2009-09-041-32/+32
|
* changed prefix of crl_reason_t values from CRL_ to CRL_REASON_Andreas Steffen2009-08-311-1/+1
|
* updated x509 plugin to public key/x509 API changesMartin Willi2009-08-261-29/+18
|
* make use of the pem helper plugin to load credentialsMartin Willi2009-08-261-73/+25
|
* created signature_scheme_from_oid() helper functionAndreas Steffen2009-06-091-25/+5
|
* removing svn keyword $Id$ from all filesTobias Brunner2009-04-301-2/+0
|
* merging changes from portability branch back to trunkTobias Brunner2009-04-301-1/+1
| | | | | important change for developers: %Y replaces %D to print identities!
* printf hooks refactored to increase portability (i.e. support for platforms ↵Tobias Brunner2009-03-121-1/+1
| | | | without glibc-compatible customizable printf - the Vstr string library is currently required on such platforms).
* got rid of deprecated create_iterator_locked()Martin Willi2008-11-051-0/+2
|
* refactored credential builderMartin Willi2008-09-021-19/+26
| | | | | | | | | allow enumeration of matching builders try a second builder if the first one fails builder clones resources internally on demand caller frees added resources on failure and success stricter handling of non-supported build parts
* support of ECDSA signatures for all certificate typesAndreas Steffen2008-06-221-0/+3
|
* introduced ASN1_EXIT command in ASN.1 object syntax definitionAndreas Steffen2008-04-281-3/+3
|
* optimized parser->success()Andreas Steffen2008-04-261-4/+2
|
* refactoring of the ASN.1 parserAndreas Steffen2008-04-261-28/+29
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-02 13:13:32 +0000