aboutsummaryrefslogtreecommitdiffstats
path: root/src/pki/commands
Commit message (Collapse)AuthorAgeFilesLines
...
* pki: Fix minor resource leak on failure to read the private key in --req5.1.2rc2Tobias Brunner2014-02-181-1/+2
|
* chunk: Use dynamically allocated buffer in chunk_from_fd()Martin Willi2014-01-237-11/+53
| | | | | | | | When acting on files, we can use fstat() to estimate the buffer size. On non-file FDs, we dynamically increase an allocated buffer. Additionally we slightly change the function signature to properly handle zero-length files and add appropriate unit tests.
* pki: Replace BUILD_FROM_FD with passing a chunk via BUILD_BLOBTobias Brunner2013-10-237-10/+42
| | | | This allows more than one builder to try parsing the data read from STDIN.
* pki: --pub also accepts public keys (i.e. to convert them to a different format)Tobias Brunner2013-09-131-1/+15
|
* pki: Add support to encode public keys in SSH key formatTobias Brunner2013-09-131-1/+1
|
* pki: Add pki --verify man pageTobias Brunner2013-09-131-2/+1
|
* pki: Add pki --pub man pageTobias Brunner2013-09-131-2/+2
|
* pki: Add pki --pkcs7 man pageTobias Brunner2013-09-131-4/+4
|
* pki: Add pki --req man pageTobias Brunner2013-09-131-3/+2
|
* pki: Add pki --signcrl man pageTobias Brunner2013-09-131-6/+6
|
* pki: Add pki --issue man pageTobias Brunner2013-09-131-6/+6
|
* pki: Add pki --self man pageTobias Brunner2013-09-131-2/+2
| | | | Can be opened with "man pki --self".
* pki: Add pki --gen man pageTobias Brunner2013-09-131-2/+2
| | | | Can be opened with "man pki --gen".
* Encode RSA public keys in RFC 3110 DNSKEY formatAndreas Steffen2013-02-191-1/+1
|
* Properly read data from stream in pki --pkcs7Tobias Brunner2013-01-241-6/+9
|
* Properly destroy mem_cred object on pki --pkcs7 --helpTobias Brunner2013-01-241-0/+1
|
* Allocate data returned by pkcs7_t.get_attribute()Martin Willi2012-12-191-0/+1
|
* Add a --show option to pki --pkcs7 to print contained certificatesMartin Willi2012-12-191-1/+50
|
* pki --pkcs7 --verify shows prints the signing time, if availableMartin Willi2012-12-191-1/+17
|
* Fix leak in pki --pkcs7 --decryptMartin Willi2012-12-191-0/+1
|
* Add a pki command to sign, verify, encrypt and decrypt PKCS#7 containersMartin Willi2012-12-191-0/+391
|
* allow the optional sharing if RSA private keysAndreas Steffen2012-11-221-3/+31
|
* implemented generation of safe primesAndreas Steffen2012-11-181-7/+20
|
* Moved debug.[ch] to utils folderTobias Brunner2012-10-242-2/+2
|
* Moved data structures to new collections subfolderTobias Brunner2012-10-244-4/+4
|
* Use centralized hasher names in pki utilityMartin Willi2012-07-174-8/+8
|
* Check rng return value when generating serial numbers in pki utilityTobias Brunner2012-07-162-8/+8
|
* certificate_t->issued_by takes an argument to receive signature schemeMartin Willi2012-06-121-1/+1
|
* Merge branch 'ikev1'Martin Willi2012-05-023-0/+12
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/encoding/generator.c src/libcharon/encoding/payloads/notify_payload.c src/libcharon/encoding/payloads/notify_payload.h src/libcharon/encoding/payloads/payload.c src/libcharon/network/receiver.c src/libcharon/sa/authenticator.c src/libcharon/sa/authenticator.h src/libcharon/sa/ikev2/tasks/ike_init.c src/libcharon/sa/task_manager.c src/libstrongswan/credentials/auth_cfg.c
| * Merge branch 'ikev1-clean' into ikev1-masterMartin Willi2012-03-203-0/+12
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/daemon.c src/libcharon/plugins/eap_ttls/eap_ttls_peer.c src/libcharon/plugins/eap_radius/eap_radius_accounting.c src/libcharon/plugins/eap_radius/eap_radius_forward.c src/libcharon/plugins/farp/farp_listener.c src/libcharon/sa/ike_sa.c src/libcharon/sa/keymat.c src/libcharon/sa/task_manager.c src/libcharon/sa/trap_manager.c src/libstrongswan/plugins/x509/x509_cert.c src/libstrongswan/utils.h Applied lost changes of moved files keymat.c and task_manager.c. Updated listener_t.message hook signature in new plugins.
| | * Added support for iKEIntermediate flag to ipsec pki.Tobias Brunner2012-03-203-0/+12
| | |
* | | ASN.1 two's complement encoding prevents overflow in CRL serial numberAndreas Steffen2012-04-041-10/+18
| | |
* | | moved chunk_skip_zero to chunk.hAndreas Steffen2012-04-031-17/+0
| | |
* | | remove leading zeros in ASN.1 encoded serial numbersAndreas Steffen2012-03-271-2/+22
|/ /
* / pki: Avoid integer overflow when calculating certificate lifetimes.Tobias Brunner2011-12-233-3/+3
|/ | | | This only works properly if sizeof(time_t) > 4.
* Do proper cleanup in error case in pki req.Tobias Brunner2011-04-141-1/+2
|
* Do proper cleanup in some error cases in pki signcrl.Tobias Brunner2011-04-141-2/+4
|
* use DN from pkcs10 request if it existsAndreas Steffen2011-02-071-5/+6
|
* Added support for empty subjects DNs to pki --issueMartin Willi2011-01-051-8/+7
|
* Use incremented serial of base CRL when signing delta CRLMartin Willi2011-01-051-0/+2
|
* Slightly renamed different policyConstraints to distinguish them betterMartin Willi2011-01-052-12/+12
|
* Added inhibitAnyPolicy constraint support to pki toolMartin Willi2011-01-053-5/+21
|
* Use a generic getter for all numerical X.509 constraintsMartin Willi2011-01-051-10/+10
|
* Added support for delta CRLs to pki toolMartin Willi2011-01-053-18/+91
|
* Simplified format of x509 CRL URI parsing/enumeratorMartin Willi2011-01-052-14/+30
|
* Added policyConstraints support to pki toolMartin Willi2011-01-053-45/+86
|
* Slightly renamed X509_NO_PATH_LEN_CONSTRAINT to use it for ↵Martin Willi2011-01-053-3/+3
| | | | PolicyConstraints, too
* Added policyMappings support to pki toolMartin Willi2011-01-053-12/+121
|
* Added certificatePolicy options to pki toolMartin Willi2011-01-053-4/+135
|
* pki --issue/self support permitted/excluded NameConstraintsMartin Willi2011-01-052-18/+56
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-01 10:30:31 +0000