Martin Willi
6f00ddb90c
keychain: support on-the-fly enumeration of trusted/untrusted certificates
2013-07-18 12:17:54 +02:00
Martin Willi
7b8edabd8a
keychain: add a stub for a credential plugin using OS X Keychain Services
2013-07-18 12:17:54 +02:00
Martin Willi
c3e7b3de0b
openssl: parse X.509 extended key usage from extension parsing loop
...
Otherwise parsing gets aborted if unknown critical extensions are handled as
error.
2013-07-18 12:17:53 +02:00
Martin Willi
3f55f203ee
openssl: show which critical X.509 extension is not supported
2013-07-18 12:17:53 +02:00
Tobias Brunner
e0b868f79e
pkcs12: Add plugin dependencies with soft dependencies on the most common algorithms
2013-07-15 10:48:19 +02:00
Andreas Steffen
126778679f
Recognize critical IssuingDistributionPoint CRL extension
2013-07-12 09:00:47 +02:00
Tobias Brunner
d27f225d9a
Use strpfx() helper where appropriate
2013-07-08 18:49:30 +02:00
Martin Willi
324b90cc46
openssl: RAND_pseudo_bytes() returns 0 if bytes are not cryptographically strong
...
For our purposes with RNG_WEAK this is fine, so accept a zero return value.
2013-07-04 11:09:54 +02:00
Tobias Brunner
b18a531715
plugin-loader: Removed unused path argument of load() method
...
Multiple additional search paths can be added with the add_path()
method.
2013-06-28 10:44:15 +02:00
Tobias Brunner
f2086e42ff
plugin-loader: Method added to provide additional search paths for plugins
2013-06-27 10:27:24 +02:00
Tobias Brunner
0d25c4ef87
plugin-loader: Move logging of failed features to status()
...
Still log an error message if critical features fail, as loaded
plugins/features are not logged in that case.
This way loaded plugins are printed before failed features and
the relation is easier to make for users. It also allows programs
to log this message on a different level.
2013-06-21 15:22:46 +02:00
Tobias Brunner
607f8e9906
plugin-loader: Add method to print loaded plugins on a given log level
2013-06-21 15:17:53 +02:00
Tobias Brunner
34ee14dd28
plugin-loader: Collect statistics while loading features, print them in case features failed to load
...
There is no need to explicitly search for failed features in critical
plugins as this is now detected while loading the features.
2013-06-21 15:13:25 +02:00
Tobias Brunner
681e53c70c
plugin-loader: Use different log level if failed feature is in critical plugin
2013-06-21 15:13:25 +02:00
Tobias Brunner
13d2d8f634
plugin-loader: Log message when failing to load plugin
2013-06-21 15:13:25 +02:00
Tobias Brunner
51b9d7513d
plugin-loader: Reduce verbosity while loading plugins
2013-06-21 15:13:25 +02:00
Martin Willi
2bedb0f270
Move test-runners has_feature() function to plugin loader
2013-06-21 10:53:22 +02:00
Tobias Brunner
c0d0391a51
pubkey: Improve comparison of raw public key certificate objects
2013-06-21 10:02:25 +02:00
Martin Willi
fe20f752f1
curl: add an option to fetch bound to a local source address
2013-06-11 15:54:26 +02:00
Tobias Brunner
49d7a98f47
Refactored plugin-loader with improved dependency resolution
...
With the new implementation the plugins don't have to be listed in any
special order, dependencies are properly resolved. The order only
matters if two plugins provide the same feature.
2013-06-11 11:18:19 +02:00
Tobias Brunner
da04914933
test-vectors: Use plugin features
2013-06-11 11:18:18 +02:00
Tobias Brunner
17f00db6d6
revocation: Use plugin features with soft dependencies on fetcher and en-/decoding
2013-06-11 11:18:18 +02:00
Tobias Brunner
25da1943b3
padlock: Use plugin features to properly register algorithms
2013-06-11 11:18:18 +02:00
Tobias Brunner
7756c0383e
pkcs11: Use plugin_features_add() in get_features()
2013-06-11 11:18:18 +02:00
Tobias Brunner
886a40d75e
plugin-feature: Added helper function to extend arrays of plugin features
2013-06-11 11:18:18 +02:00
Tobias Brunner
c172a92bfb
constraints: Use plugin features with soft dependency on X.509 decoding
2013-06-11 11:18:18 +02:00
Tobias Brunner
e3bdf03af4
blowfish: Use plugin features to properly register crypter
2013-06-11 11:18:18 +02:00
Tobias Brunner
d895721489
unbound: Use plugin features and provide RESOLVER
2013-06-11 11:18:18 +02:00
Tobias Brunner
f5bd1a5e09
plugin-feature: Add feature for DNSSEC-enabled resolvers
2013-06-11 11:18:18 +02:00
Tobias Brunner
8a6cc1e35f
plugin-feature: Function added to exactly compare plugin features
2013-06-11 11:18:17 +02:00
Michael Rossberg
5e4b1ad20a
openssl: add support for IP addr blocks in X.509 certificates
2013-05-24 15:09:47 +02:00
Martin Willi
2e9201f4ef
af-alg: fix number of signers after adding untruncated HMAC-SHA-512 ( 1f2a34d6
)
2013-05-15 17:20:36 +02:00
Tobias Brunner
bd538e8c4a
openssl: Only warn about unavailable FIPS mode if the user requested it
2013-05-08 15:23:14 +02:00
Tobias Brunner
904390e887
openssl: Cleanup thread specific error buffer
2013-05-08 15:02:40 +02:00
Tobias Brunner
3ee2af97bf
openssl: Don't use deprecated CRYPTO_set_id_callback() with OpenSSL >= 1.0.0
2013-05-08 15:02:40 +02:00
Tobias Brunner
780900ab0e
openssl: Add PKCS#12 parsing via OpenSSL
2013-05-08 15:02:40 +02:00
Tobias Brunner
651d5ab8e7
openssl: Properly cleanup OpenSSL library
2013-05-08 15:02:40 +02:00
Tobias Brunner
3bd498284e
PEM plugin loads PKCS#12 containers from (DER-encoded) files
...
It is not actually able to handle PEM encoded PKCS#12 files produced
by OpenSSL.
2013-05-08 15:02:40 +02:00
Tobias Brunner
abc04e6b3f
Remove pluto specific certificate types
2013-05-08 15:02:40 +02:00
Tobias Brunner
1f2a34d6d8
Add support for untruncated HMAC-SHA-512
2013-05-08 15:02:39 +02:00
Tobias Brunner
feef637368
Add pkcs12 plugin which adds support for decoding PKCS#12 containers
2013-05-08 15:02:39 +02:00
Tobias Brunner
0d0929fa0c
Register PKCS#8 builder for KEY_ANY
2013-05-08 15:02:39 +02:00
Tobias Brunner
8e48e0009a
Add support for PKCS#7/CMS encrypted-data
2013-05-08 15:02:39 +02:00
Tobias Brunner
cb38e2f30a
Add test vectors for RC2
2013-05-08 15:02:38 +02:00
Tobias Brunner
9d4fc8677f
Add implementation of the RC2 block cipher (RFC 2268)
2013-05-08 15:02:34 +02:00
Tobias Brunner
4076e3ee91
Extract PKCS#5 handling from pkcs8 plugin to separate helper class
2013-05-08 14:53:08 +02:00
Tobias Brunner
e07e489d5f
agent: Use sshkey plugin to parse keys, adds support for ECDSA
2013-05-07 17:08:31 +02:00
Tobias Brunner
dd9e366814
sshkey: Add support for ECDSA keys
2013-05-07 17:08:31 +02:00
Tobias Brunner
cc4408abcb
sshkey: Added builder for SSHKEY RSA keys
2013-05-07 15:38:28 +02:00
Tobias Brunner
584d656b77
Add sshkey plugin stub that will parse RFC 4253 public keys
2013-05-07 14:08:51 +02:00