aboutsummaryrefslogtreecommitdiffstats
path: root/src/pki
Commit message (Collapse)AuthorAgeFilesLines
* automake: replace INCLUDES by AM_CPPFLAGSMartin Willi2013-07-181-2/+2
| | | | | | INCLUDES are now deprecated and throw warnings when using automake 1.13. We now also differentiate AM_CPPFLAGS and AM_CFLAGS, where includes and defines are passed to AM_CPPFLAGS only.
* plugin-loader: Removed unused path argument of load() methodTobias Brunner2013-06-281-1/+1
| | | | | Multiple additional search paths can be added with the add_path() method.
* Fixed Doxygen comments after scanning complete src directoryTobias Brunner2013-03-022-2/+4
|
* Encode RSA public keys in RFC 3110 DNSKEY formatAndreas Steffen2013-02-192-1/+12
|
* Properly read data from stream in pki --pkcs7Tobias Brunner2013-01-241-6/+9
|
* Properly destroy mem_cred object on pki --pkcs7 --helpTobias Brunner2013-01-241-0/+1
|
* Allocate data returned by pkcs7_t.get_attribute()Martin Willi2012-12-191-0/+1
|
* Add a --show option to pki --pkcs7 to print contained certificatesMartin Willi2012-12-191-1/+50
|
* pki --pkcs7 --verify shows prints the signing time, if availableMartin Willi2012-12-191-1/+17
|
* Fix leak in pki --pkcs7 --decryptMartin Willi2012-12-191-0/+1
|
* Add a pki command to sign, verify, encrypt and decrypt PKCS#7 containersMartin Willi2012-12-192-0/+392
|
* allow the optional sharing if RSA private keysAndreas Steffen2012-11-221-3/+31
|
* implemented generation of safe primesAndreas Steffen2012-11-181-7/+20
|
* Moved debug.[ch] to utils folderTobias Brunner2012-10-244-4/+4
|
* Moved data structures to new collections subfolderTobias Brunner2012-10-244-4/+4
|
* Avoid overrunning array when registering pki command line optionsTobias Brunner2012-09-281-1/+1
|
* Use centralized hasher names in pki utilityMartin Willi2012-07-176-45/+8
|
* Check rng return value when generating serial numbers in pki utilityTobias Brunner2012-07-162-8/+8
|
* certificate_t->issued_by takes an argument to receive signature schemeMartin Willi2012-06-121-1/+1
|
* Merge branch 'ikev1'Martin Willi2012-05-023-0/+12
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/encoding/generator.c src/libcharon/encoding/payloads/notify_payload.c src/libcharon/encoding/payloads/notify_payload.h src/libcharon/encoding/payloads/payload.c src/libcharon/network/receiver.c src/libcharon/sa/authenticator.c src/libcharon/sa/authenticator.h src/libcharon/sa/ikev2/tasks/ike_init.c src/libcharon/sa/task_manager.c src/libstrongswan/credentials/auth_cfg.c
| * Merge branch 'ikev1-clean' into ikev1-masterMartin Willi2012-03-203-0/+12
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/daemon.c src/libcharon/plugins/eap_ttls/eap_ttls_peer.c src/libcharon/plugins/eap_radius/eap_radius_accounting.c src/libcharon/plugins/eap_radius/eap_radius_forward.c src/libcharon/plugins/farp/farp_listener.c src/libcharon/sa/ike_sa.c src/libcharon/sa/keymat.c src/libcharon/sa/task_manager.c src/libcharon/sa/trap_manager.c src/libstrongswan/plugins/x509/x509_cert.c src/libstrongswan/utils.h Applied lost changes of moved files keymat.c and task_manager.c. Updated listener_t.message hook signature in new plugins.
| | * Added support for iKEIntermediate flag to ipsec pki.Tobias Brunner2012-03-203-0/+12
| | |
* | | ASN.1 two's complement encoding prevents overflow in CRL serial numberAndreas Steffen2012-04-041-10/+18
| | |
* | | moved chunk_skip_zero to chunk.hAndreas Steffen2012-04-031-17/+0
| | |
* | | remove leading zeros in ASN.1 encoded serial numbersAndreas Steffen2012-03-271-2/+22
|/ /
* | Cache list of plugin names to further simplify its usage.Tobias Brunner2012-01-191-3/+2
| | | | | | | | Also helpful for ipsec statusall to avoid having to enumerate plugins.
* | Log list of loaded plugins in main PKI help output.Tobias Brunner2012-01-191-0/+8
| |
* | pki: Avoid integer overflow when calculating certificate lifetimes.Tobias Brunner2011-12-233-3/+3
|/ | | | This only works properly if sizeof(time_t) > 4.
* Do proper cleanup in error case in pki req.Tobias Brunner2011-04-141-1/+2
|
* Do proper cleanup in some error cases in pki signcrl.Tobias Brunner2011-04-141-2/+4
|
* use DN from pkcs10 request if it existsAndreas Steffen2011-02-071-5/+6
|
* Added support for empty subjects DNs to pki --issueMartin Willi2011-01-051-8/+7
|
* Use incremented serial of base CRL when signing delta CRLMartin Willi2011-01-051-0/+2
|
* Slightly renamed different policyConstraints to distinguish them betterMartin Willi2011-01-052-12/+12
|
* Added inhibitAnyPolicy constraint support to pki toolMartin Willi2011-01-053-5/+21
|
* Use a generic getter for all numerical X.509 constraintsMartin Willi2011-01-051-10/+10
|
* Added support for delta CRLs to pki toolMartin Willi2011-01-053-18/+91
|
* Simplified format of x509 CRL URI parsing/enumeratorMartin Willi2011-01-052-14/+30
|
* Added policyConstraints support to pki toolMartin Willi2011-01-054-46/+87
|
* Slightly renamed X509_NO_PATH_LEN_CONSTRAINT to use it for ↵Martin Willi2011-01-053-3/+3
| | | | PolicyConstraints, too
* Added policyMappings support to pki toolMartin Willi2011-01-053-12/+121
|
* Added certificatePolicy options to pki toolMartin Willi2011-01-054-5/+136
|
* pki --issue/self support permitted/excluded NameConstraintsMartin Willi2011-01-053-19/+57
|
* pki --print prints NameConstraintsMartin Willi2011-01-051-0/+25
|
* CRLSign keyUsage or CA basicConstraint are sufficient for CRL validationMartin Willi2011-01-051-2/+2
|
* pki tool shows and builds crlSign keyUsageMartin Willi2011-01-053-2/+14
|
* Added --crlissuer option to pki --issueMartin Willi2011-01-052-19/+26
|
* Added support for CRL Issuers to x509 and OpenSSL pluginsMartin Willi2011-01-051-3/+8
|
* Added crl support to pki --printMartin Willi2010-08-301-7/+52
|
* Build dedicated plugin lists for each strongSwan componentMartin Willi2010-08-121-1/+1
|
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-02 06:36:02 +0000