aboutsummaryrefslogtreecommitdiffstats
path: root/src/pki/commands
Commit message (Collapse)AuthorAgeFilesLines
...
* Fix leak in pki --pkcs7 --decryptMartin Willi2012-12-191-0/+1
|
* Add a pki command to sign, verify, encrypt and decrypt PKCS#7 containersMartin Willi2012-12-191-0/+391
|
* allow the optional sharing if RSA private keysAndreas Steffen2012-11-221-3/+31
|
* implemented generation of safe primesAndreas Steffen2012-11-181-7/+20
|
* Moved debug.[ch] to utils folderTobias Brunner2012-10-242-2/+2
|
* Moved data structures to new collections subfolderTobias Brunner2012-10-244-4/+4
|
* Use centralized hasher names in pki utilityMartin Willi2012-07-174-8/+8
|
* Check rng return value when generating serial numbers in pki utilityTobias Brunner2012-07-162-8/+8
|
* certificate_t->issued_by takes an argument to receive signature schemeMartin Willi2012-06-121-1/+1
|
* Merge branch 'ikev1'Martin Willi2012-05-023-0/+12
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/encoding/generator.c src/libcharon/encoding/payloads/notify_payload.c src/libcharon/encoding/payloads/notify_payload.h src/libcharon/encoding/payloads/payload.c src/libcharon/network/receiver.c src/libcharon/sa/authenticator.c src/libcharon/sa/authenticator.h src/libcharon/sa/ikev2/tasks/ike_init.c src/libcharon/sa/task_manager.c src/libstrongswan/credentials/auth_cfg.c
| * Merge branch 'ikev1-clean' into ikev1-masterMartin Willi2012-03-203-0/+12
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/daemon.c src/libcharon/plugins/eap_ttls/eap_ttls_peer.c src/libcharon/plugins/eap_radius/eap_radius_accounting.c src/libcharon/plugins/eap_radius/eap_radius_forward.c src/libcharon/plugins/farp/farp_listener.c src/libcharon/sa/ike_sa.c src/libcharon/sa/keymat.c src/libcharon/sa/task_manager.c src/libcharon/sa/trap_manager.c src/libstrongswan/plugins/x509/x509_cert.c src/libstrongswan/utils.h Applied lost changes of moved files keymat.c and task_manager.c. Updated listener_t.message hook signature in new plugins.
| | * Added support for iKEIntermediate flag to ipsec pki.Tobias Brunner2012-03-203-0/+12
| | |
* | | ASN.1 two's complement encoding prevents overflow in CRL serial numberAndreas Steffen2012-04-041-10/+18
| | |
* | | moved chunk_skip_zero to chunk.hAndreas Steffen2012-04-031-17/+0
| | |
* | | remove leading zeros in ASN.1 encoded serial numbersAndreas Steffen2012-03-271-2/+22
|/ /
* / pki: Avoid integer overflow when calculating certificate lifetimes.Tobias Brunner2011-12-233-3/+3
|/ | | | This only works properly if sizeof(time_t) > 4.
* Do proper cleanup in error case in pki req.Tobias Brunner2011-04-141-1/+2
|
* Do proper cleanup in some error cases in pki signcrl.Tobias Brunner2011-04-141-2/+4
|
* use DN from pkcs10 request if it existsAndreas Steffen2011-02-071-5/+6
|
* Added support for empty subjects DNs to pki --issueMartin Willi2011-01-051-8/+7
|
* Use incremented serial of base CRL when signing delta CRLMartin Willi2011-01-051-0/+2
|
* Slightly renamed different policyConstraints to distinguish them betterMartin Willi2011-01-052-12/+12
|
* Added inhibitAnyPolicy constraint support to pki toolMartin Willi2011-01-053-5/+21
|
* Use a generic getter for all numerical X.509 constraintsMartin Willi2011-01-051-10/+10
|
* Added support for delta CRLs to pki toolMartin Willi2011-01-053-18/+91
|
* Simplified format of x509 CRL URI parsing/enumeratorMartin Willi2011-01-052-14/+30
|
* Added policyConstraints support to pki toolMartin Willi2011-01-053-45/+86
|
* Slightly renamed X509_NO_PATH_LEN_CONSTRAINT to use it for ↵Martin Willi2011-01-053-3/+3
| | | | PolicyConstraints, too
* Added policyMappings support to pki toolMartin Willi2011-01-053-12/+121
|
* Added certificatePolicy options to pki toolMartin Willi2011-01-053-4/+135
|
* pki --issue/self support permitted/excluded NameConstraintsMartin Willi2011-01-052-18/+56
|
* pki --print prints NameConstraintsMartin Willi2011-01-051-0/+25
|
* CRLSign keyUsage or CA basicConstraint are sufficient for CRL validationMartin Willi2011-01-051-2/+2
|
* pki tool shows and builds crlSign keyUsageMartin Willi2011-01-053-2/+14
|
* Added --crlissuer option to pki --issueMartin Willi2011-01-051-18/+25
|
* Added support for CRL Issuers to x509 and OpenSSL pluginsMartin Willi2011-01-051-3/+8
|
* Added crl support to pki --printMartin Willi2010-08-301-7/+52
|
* Use bits instead of bytes for a private/public keyMartin Willi2010-08-101-1/+1
|
* Added PKCS#11 private key support to the pki toolMartin Willi2010-08-044-22/+81
|
* Use a dedicated build part for challenge passwords, BUILD_PASSPHRASE gets ↵Martin Willi2010-08-041-1/+1
| | | | obsolete
* Added pki PEM encoding support for certificates, CRLs and PKCS10 requestsMartin Willi2010-07-136-14/+46
|
* Support different encoding types in certificate.get_encoding()Martin Willi2010-07-134-8/+4
|
* Renamed key_encod{ing,der}_t and constants, prepare for generic credential ↵Martin Willi2010-07-134-10/+10
| | | | encoding
* Changed default lifetime of certificates to 3 yearsMartin Willi2010-05-312-4/+4
|
* Support extendedKeyUsage flags in self-signed certificatesMartin Willi2010-05-311-0/+16
|
* Added a --signcrl command to the pki utilityMartin Willi2010-05-211-0/+375
|
* Added a --print command to pki that dumps different credentialsMartin Willi2010-05-201-0/+368
|
* Adding DBG_LIB to all calls of libstrongswan's version of DBG*.Tobias Brunner2010-04-061-4/+4
|
* fixed short option nameAndreas Steffen2010-04-041-1/+1
|
* we don't accept a serial number with leading zeroesAndreas Steffen2010-03-142-0/+10
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-02 22:47:02 +0000