Tobias Brunner
|
b730fd6fbd
|
pkcs11: Add features support.
|
2011-10-31 18:45:36 +01:00 |
|
Tobias Brunner
|
1bb5d7c3cb
|
pkcs11: Added support for DH.
|
2011-10-31 18:45:36 +01:00 |
|
Tobias Brunner
|
df241121fd
|
pkcs11: Error message fixed.
|
2011-10-31 18:45:35 +01:00 |
|
Tobias Brunner
|
1bb522bc34
|
pkcs11: Added support to generate random numbers on a token.
|
2011-10-31 18:45:35 +01:00 |
|
Tobias Brunner
|
deba3da5b0
|
pkcs11: Properly destroy mutex in pkcs11_hasher if no token found.
|
2011-10-31 18:45:29 +01:00 |
|
Martin Willi
|
071903235a
|
Register manager of pkcs11 plugin as library object
|
2011-08-24 15:45:59 +02:00 |
|
Tobias Brunner
|
f3bb1bd039
|
Fixed common misspellings.
Mostly found by 'codespell'.
|
2011-07-20 16:14:10 +02:00 |
|
Martin Willi
|
ea90042233
|
Provide recursive mutex' just in case the PKCS#11 library requires it
|
2011-06-01 12:03:44 +02:00 |
|
Martin Willi
|
14bf2f689d
|
Use CRITICAL job priority class for long running dispatcher jobs
|
2011-05-16 15:24:15 +02:00 |
|
Martin Willi
|
5b0bcfb1fc
|
Revert alloc_str changes
This reverts commit fdead26ffe.
This reverts commit 3e2419ebe3.
This reverts commit 17ce69b47a.
|
2011-04-21 13:35:31 +02:00 |
|
Martin Willi
|
3e2419ebe3
|
Use thread save settings alloc_str function where appropriate
|
2011-04-21 10:48:16 +02:00 |
|
Martin Willi
|
c55818ebb0
|
Added a (not yet implemented) plugin_t method to reload plugin configuration
|
2011-04-15 10:07:13 +02:00 |
|
Martin Willi
|
787b5884aa
|
Added a get_name() function to plugin_t, create_plugin_enumerator enumerates over plugin_t
|
2011-04-15 10:07:12 +02:00 |
|
Andreas Steffen
|
a79eba2e9c
|
corrected pkcs11 error message
|
2011-03-01 22:19:58 +01:00 |
|
Martin Willi
|
33bfdf6f37
|
Fixed public key construction from PKCS#11 private key
|
2010-12-23 10:29:01 +01:00 |
|
Andreas Steffen
|
5932f41fcc
|
trace back crypto algorithms to the plugins that registered them
|
2010-12-18 16:31:12 +01:00 |
|
Martin Willi
|
b78ca4b04c
|
Do not query for CKA_ALWAYS_AUTHENTICATE if PKCS#11 Cryptoki version < 2.20
|
2010-11-18 08:56:12 +01:00 |
|
Martin Willi
|
cfa18d14f1
|
Use static args for C_Initialize(), OpenSC does not get a copy of the pointers
|
2010-11-18 08:44:22 +01:00 |
|
Martin Willi
|
9cda39923e
|
Added a PKCS#11 module option to enforce OS Locking functions
|
2010-11-12 16:14:03 +01:00 |
|
Martin Willi
|
57398f621a
|
Do not use CKA_TRUSTED attribute for Cryptoki version < 2.20, handling all certs as trusted
|
2010-11-10 18:36:15 +01:00 |
|
Martin Willi
|
59df2d2a6f
|
Add flags for PKCS#11 libraries with reduced feature set
|
2010-11-10 18:36:15 +01:00 |
|
Martin Willi
|
d987946e80
|
Added a final flag to builder registration to enumerate the actually supported algorithms
|
2010-09-03 18:09:48 +02:00 |
|
Tobias Brunner
|
f6697eadb9
|
Scheduler and processor have been moved to libstrongswan.
Also reverts 0c21dc000d as the dependency
to libcharon is no longer required.
|
2010-09-02 19:04:23 +02:00 |
|
Martin Willi
|
ba31fe1fd6
|
Use a seperate section for each nested struct member in INIT macro
|
2010-08-18 12:15:03 +02:00 |
|
Martin Willi
|
01e4f5f32f
|
Implemented public key encryption/private key decryption in PKCS#11
|
2010-08-11 12:12:37 +02:00 |
|
Martin Willi
|
a944d2092b
|
Use bits instead of bytes for a private/public key
|
2010-08-10 18:46:30 +02:00 |
|
Martin Willi
|
33ddaaabec
|
Added support for different encryption schemes to private/public keys
|
2010-08-10 18:46:30 +02:00 |
|
Martin Willi
|
7c03d707a5
|
Create a PKCS#11 session public key if we don't find one
|
2010-08-06 17:32:32 +02:00 |
|
Martin Willi
|
fed9407bb1
|
Implemented PKCS#11 RSA public key for keys found on a token
|
2010-08-06 17:02:41 +02:00 |
|
Martin Willi
|
babed73257
|
Export scheme_to_mechanism conversion function
|
2010-08-06 17:02:01 +02:00 |
|
Martin Willi
|
a02784da5d
|
Load certificate after enumeration
|
2010-08-06 17:00:23 +02:00 |
|
Martin Willi
|
6e4f4d2fdf
|
Save/Load state of PKCS#11 hasher
|
2010-08-04 09:26:22 +02:00 |
|
Martin Willi
|
a3aeb89227
|
Do initial slot enumeration manually
|
2010-08-04 09:26:22 +02:00 |
|
Martin Willi
|
0f0fc891d8
|
Implemented hasher_t using PKCS#11
|
2010-08-04 09:26:22 +02:00 |
|
Martin Willi
|
66267ea515
|
Defer certificate loading until all PKCS#11 modules are loaded
|
2010-08-04 09:26:21 +02:00 |
|
Martin Willi
|
5a27bf8ad8
|
Provide a public PKCS#11 mechanism enumerator
|
2010-08-04 09:26:21 +02:00 |
|
Martin Willi
|
af007ed68a
|
Support PKCS#11 keys requiring reauthentication for each operation
|
2010-08-04 09:26:21 +02:00 |
|
Martin Willi
|
199b17122d
|
Do not try to log in if we already have a user session
|
2010-08-04 09:26:21 +02:00 |
|
Martin Willi
|
0556667dca
|
Use credential sets to load smartcard keys
|
2010-08-04 09:26:21 +02:00 |
|
Martin Willi
|
62be923683
|
Implemented a callback based credential set, currently for shared keys only
|
2010-08-04 09:26:21 +02:00 |
|
Martin Willi
|
a0bdd5d63e
|
Implemented callback PIN invocation for PKCS#11 login
|
2010-08-04 09:26:20 +02:00 |
|
Martin Willi
|
7afc00d03c
|
Implemented keyid discovery on all modules/slots
|
2010-08-04 09:26:20 +02:00 |
|
Martin Willi
|
0b8b664056
|
Pass the PKCS11 keyid as chunk, not as string
|
2010-08-04 09:26:20 +02:00 |
|
Martin Willi
|
353d10d590
|
Reuse generic passphrase build part, not a dedicated PIN part
|
2010-08-04 09:26:20 +02:00 |
|
Martin Willi
|
5f1e4438cb
|
Implemented private key on top of a PKCS#11 token
|
2010-08-04 09:26:20 +02:00 |
|
Martin Willi
|
d007ce3206
|
Extended the PKCS#11 object enumerator by attribute retrieval
|
2010-08-04 09:26:20 +02:00 |
|
Martin Willi
|
ddbac66028
|
Use the PKCS#11 object enumerator
|
2010-08-04 09:26:20 +02:00 |
|
Martin Willi
|
9baa41c52d
|
Implemented a generic PKCS#11 object enumerator
|
2010-08-04 09:26:20 +02:00 |
|
Martin Willi
|
36c852a08b
|
Added enumerator for PKCS#11 tokens
|
2010-08-04 09:26:20 +02:00 |
|
Martin Willi
|
fe876b24d9
|
Handle NOT_SUPPORT return value from WaitForSlot
|
2010-08-04 09:26:20 +02:00 |
|
Martin Willi
|
66033012c9
|
Reenabled dlclose
|
2010-08-04 09:26:20 +02:00 |
|
Martin Willi
|
a6d2ec331b
|
Implemented a credential set on top of a PKCS#11 token
|
2010-08-04 09:26:20 +02:00 |
|
Martin Willi
|
fdd7e21225
|
Added a token add/remove callback function to the manager
|
2010-08-04 09:26:19 +02:00 |
|
Martin Willi
|
6522d6c50b
|
Enumerate tokens and their mechanisms, wait for slot events
|
2010-08-04 09:26:19 +02:00 |
|
Martin Willi
|
0c21dc000d
|
Depend on libcharon until we have a thread pool to use
|
2010-08-04 09:26:19 +02:00 |
|
Martin Willi
|
75451ac8ba
|
Add enum names for CK_MECHANISM_TYPE constants
|
2010-08-04 09:26:19 +02:00 |
|
Martin Willi
|
b3b0e57cb1
|
Make the PKCS#11 padding string trimming public, add null terminator
|
2010-08-04 09:26:19 +02:00 |
|
Martin Willi
|
71151d3c1b
|
Added a getter for the library alias
|
2010-08-04 09:26:19 +02:00 |
|
Martin Willi
|
2e209becbc
|
Moved PKCS#11 library loading to dedicated manager
|
2010-08-04 09:26:19 +02:00 |
|
Martin Willi
|
50e1a710ea
|
Use locking, prefer our mutex abstraction layer
|
2010-08-04 09:26:19 +02:00 |
|
Martin Willi
|
a6456dd640
|
Added enum names for PKCS#11 return values
|
2010-08-04 09:26:19 +02:00 |
|
Martin Willi
|
e328ef4f4c
|
Load PKCS#11 modules defined in strongswan.conf
|
2010-08-04 09:26:19 +02:00 |
|
Martin Willi
|
34454dc39e
|
Implemented an abstraction layer for PKCS#11 module loading
|
2010-08-04 09:26:19 +02:00 |
|
Martin Willi
|
fb85d61980
|
Imported the free pkcs11.h header form the Scute project
|
2010-08-04 09:26:19 +02:00 |
|
Martin Willi
|
6e862e2152
|
Added PKCS#11 token plugin stub
|
2010-08-04 09:26:18 +02:00 |