ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
17,542 Commits 6 Branches 233 Tags 88 MiB
Commit Graph

225 Commits

Author SHA1 Message Date
Martin Willi a864eb37b1 Added policyConstraints support to pki tool 2011-01-05 16:46:02 +01:00
Martin Willi 5dba5852fc Slightly renamed X509_NO_PATH_LEN_CONSTRAINT to use it for PolicyConstraints, too 2011-01-05 16:46:02 +01:00
Martin Willi 3ffc9d9a88 Added policyMappings support to pki tool 2011-01-05 16:46:02 +01:00
Martin Willi 6c3ac04478 Added certificatePolicy options to pki tool 2011-01-05 16:46:02 +01:00
Martin Willi e6fbe5933b pki --issue/self support permitted/excluded NameConstraints 2011-01-05 16:46:00 +01:00
Martin Willi 64bcaae203 pki --print prints NameConstraints 2011-01-05 16:46:00 +01:00
Martin Willi dffb176f2b CRLSign keyUsage or CA basicConstraint are sufficient for CRL validation 2011-01-05 16:45:56 +01:00
Martin Willi bb0cda2fa9 pki tool shows and builds crlSign keyUsage 2011-01-05 16:45:56 +01:00
Martin Willi 630d58724a Added --crlissuer option to pki --issue 2011-01-05 16:45:56 +01:00
Martin Willi 4e508517d7 Added support for CRL Issuers to x509 and OpenSSL plugins 2011-01-05 16:45:55 +01:00
Martin Willi 21f80e9dbc Added crl support to pki --print 2010-08-30 11:23:45 +02:00
Martin Willi 8f01815143 Build dedicated plugin lists for each strongSwan component 2010-08-12 14:46:57 +02:00
Martin Willi a944d2092b Use bits instead of bytes for a private/public key 2010-08-10 18:46:30 +02:00
Martin Willi efab731338 Added PKCS#11 private key support to the pki tool 2010-08-04 09:26:21 +02:00
Martin Willi 089d554a01 The pki tool uses a callback credential set to read in passphrase/PIN 2010-08-04 09:26:21 +02:00
Martin Willi 3429be9514 Use a dedicated build part for challenge passwords, BUILD_PASSPHRASE gets obsolete 2010-08-04 09:26:21 +02:00
Martin Willi b5b95c75de Added pki PEM encoding support for certificates, CRLs and PKCS10 requests 2010-07-13 14:14:39 +02:00
Martin Willi 0406eeaacb Support different encoding types in certificate.get_encoding() 2010-07-13 13:53:20 +02:00
Martin Willi da9724e6d0 Renamed key_encod{ing,der}_t and constants, prepare for generic credential encoding 2010-07-13 11:29:35 +02:00
Martin Willi a2cf26f1c1 Changed default lifetime of certificates to 3 years 2010-05-31 13:15:19 +02:00
Martin Willi 70ac7c43a5 Support extendedKeyUsage flags in self-signed certificates 2010-05-31 13:15:05 +02:00
Martin Willi 0c73ceff0a Added a --signcrl command to the pki utility 2010-05-21 16:25:51 +02:00
Martin Willi 2e57b21252 Added a --print command to pki that dumps different credentials 2010-05-20 17:37:18 +02:00
Tobias Brunner 257e27df07 Fixing out-of-tree build after adding dependency to config.status. 2010-04-29 13:29:53 +02:00
Martin Willi b0e789035c Users of PLUGINS depend on config.status, rebuilding them if plugin configuration is updated 2010-04-29 11:28:27 +02:00
Tobias Brunner 8b0e09103b Adding DBG_LIB to all calls of libstrongswan's version of DBG*. 2010-04-06 12:47:40 +02:00
Andreas Steffen e3943f5559 fixed short option name 2010-04-04 10:30:08 +02:00
Andreas Steffen c0df187cb4 we don't accept a serial number with leading zeroes 2010-03-14 19:41:40 +01:00
Martin Willi 7eab4a1be6 Support TLS client authentication Extended Key Usage in x509 generation 2010-01-14 12:00:43 +01:00
Andreas Steffen 3e33ae1004 ipsec pki --self|issue supports --pathlen option setting a path length constraint 2009-12-31 15:13:35 +01:00
Martin Willi 4952dc11da Fixed all doxygen warnings 2009-10-22 14:34:10 +02:00
Andreas Steffen 408e46a324 ipsec pki --issue suports --flag authServer option 2009-10-05 22:44:01 +02:00
Andreas Steffen ce40bf5def ipsec pki --issue supports --flag ocspSigning option 2009-10-05 21:20:42 +02:00
Martin Willi 17859fe6cf Right-align short options in pki usage 2009-09-24 11:28:53 +02:00
Martin Willi b538b606da Use the default debug hook if possible 2009-09-16 13:16:00 +02:00
Martin Willi a474081f1f Removed obsolete per-command debug level option 2009-09-16 12:52:56 +02:00
Andreas Steffen 934942dddb corrected usage 2009-09-15 22:43:22 +02:00
Andreas Steffen c657492705 pki --req generates a PKCS#10 certificate request 2009-09-15 22:33:32 +02:00
Andreas Steffen 8101695b32 fixed typo 2009-09-15 16:48:13 +02:00
Martin Willi ae7452e87c Handle pki --debug and --options in a generic way for all command 2009-09-15 11:53:46 +02:00
Martin Willi 4fdb9f6f74 pki tool supports single letter short options 2009-09-15 10:20:22 +02:00
Andreas Steffen 622e558cb0 pki --pub and --keyid accept pkcs10 as input 2009-09-15 06:24:14 +02:00
Andreas Steffen 5a4dee6dc4 enable debug level setting 2009-09-14 19:29:05 +02:00
Andreas Steffen f03e0e9147 support of PKCS#10 certificate request parsing 2009-09-13 21:00:15 +02:00
Andreas Steffen 4da11016e7 fixed another typo 2009-09-12 06:44:11 +02:00
Andreas Steffen abffb63ffe fixed typo 2009-09-12 06:42:35 +02:00
Martin Willi 06a8df11d9 pki tool can issue/self-sign certificates with OCSP URIs 2009-09-11 17:17:56 +02:00
Martin Willi 3a7bd9bd49 pki tool can issue certificates with CRL distribution points 2009-09-11 15:36:22 +02:00
Martin Willi 356b2b2780 pass NULL to library_init() to load settings from default file 2009-09-10 18:52:42 +02:00
Martin Willi 5b03a350fc use NULL to load plugins from default plugin directory 2009-09-10 18:52:42 +02:00
Martin Willi 3ce9438b60 Use dynamic registration/usage invocation of command types 2009-09-10 16:18:30 +02:00
Martin Willi 6be68cc1c7 splitted PKI tool to a file per command 2009-09-10 12:31:40 +02:00
Martin Willi e5e6c6f43c use generic option parsing with usage information 2009-09-10 11:18:41 +02:00
Martin Willi 63ee88745a fixed memleak 2009-09-09 17:16:00 +02:00
Andreas Steffen 1f45e32594 split usage information 2009-09-09 02:37:17 +02:00
Andreas Steffen e666d45ddb updated usage of ipsec pki --self 2009-09-08 22:22:09 +02:00
Andreas Steffen a5fc71562a support --options also in ipsec pki --self 2009-09-08 21:54:00 +02:00
Andreas Steffen ddf8ee0f37 --options reads command line options from file 2009-09-08 21:36:35 +02:00
Martin Willi b5d31b3e56 pki tool supports subjectAltNames in certificates 2009-09-08 13:27:35 +02:00
Martin Willi 8871e59c11 pki tool --issue/--verify operations require a CA with CA basicConstraint 2009-09-08 10:44:08 +02:00
Martin Willi e4a4589606 pki tool can set CA basicConstraint on --self/--issued certificates 2009-09-08 10:39:04 +02:00
Martin Willi 58f34613e0 pki tool can issue certificates 2009-09-07 16:04:30 +02:00
Martin Willi 7daf5226b7 removed trailing spaces ([[:space:]]+$) 2009-09-04 13:46:09 +02:00
Martin Willi 8fb4edc4ff handle plugin loading failures 2009-09-01 16:20:45 +02:00
Andreas Steffen be04eef270 allow choice of digest algorithm in certificate generation 2009-08-28 09:08:03 +02:00
Andreas Steffen 050649ac41 cosmetics 2009-08-27 15:35:56 +02:00
Martin Willi cec37b643a fixed return value 2009-08-27 15:28:45 +02:00
Martin Willi 9436b31c94 PKI tool supports certificate verification 2009-08-27 14:43:40 +02:00
Martin Willi 5e97fa9900 PKI tool supports generation of self-signed certificates 2009-08-27 13:59:30 +02:00
Martin Willi d5dd43e777 implemented fingerprinting support for PKI tool 2009-08-27 10:41:07 +02:00
Andreas Steffen 289ce4ade6 use --outform consistantly 2009-08-26 18:55:18 +02:00
Andreas Steffen 2f1f17f137 the option has been changed to --outform 2009-08-26 18:41:19 +02:00
Martin Willi 083142c4a0 encoding public EC keys is not really possible without subjectPublicKeyInfo 2009-08-26 16:15:38 +02:00
Martin Willi d4df33f255 pki tool supports public key extraction from private key, certificates 2009-08-26 13:05:17 +02:00
Martin Willi 7c577c8ea2 started implementation of a PKI tool, currently supporting RSA|ECDSA key generation 2009-08-26 11:23:55 +02:00