Andreas Steffen
98ae0492b6
Added support for msSmartcardLogon EKU
2014-04-08 13:09:03 +02:00
Andreas Steffen
e2df745122
Added some more OIDs
2014-04-08 11:32:30 +02:00
Andreas Steffen
60451e2fb6
Added SHA3 OIDs
2014-04-04 23:44:55 +02:00
Andreas Steffen
1f9e4d029e
Fixed a minor vulnerability in which a malformed ASN.1 length field could cause a crash of the charon daemon if the verbose debug level 3 (raw hex dump) for the asn subsystem is enabled.
2014-02-14 15:06:57 +01:00
Tobias Brunner
ebc665be4d
asn1: Support dates before 1970-01-01 (i.e. when time_t gets negative)
...
On x86 we allow "overflows" around 1969/1970 but not for other dates.
Fixes #509 .
2014-02-12 13:54:05 +01:00
Tobias Brunner
addc34d5f0
asn1: Add additional validation for parsed ASN.1 date/time values
2014-02-12 13:53:57 +01:00
Andreas Steffen
146ad86be5
Prototype implementation of IKE key exchange via NTRU encryption
2013-11-27 20:21:40 +01:00
Andreas Steffen
7817d88e1a
unit-tests: 100% function coverage for asn1.c
2013-11-03 17:40:51 +01:00
Andreas Steffen
c3103700fc
Some minor refactoring in asn1.c
2013-11-02 21:17:46 +01:00
Andreas Steffen
1347c936bd
Do not free zero-length integer
2013-11-02 02:11:32 +01:00
Tobias Brunner
b3393c88c1
asn1: Fix handling of invalid ASN.1 length in is_asn1()
...
Fixes CVE-2013-5018.
2013-07-31 22:16:58 +02:00
Andreas Steffen
126778679f
Recognize critical IssuingDistributionPoint CRL extension
2013-07-12 09:00:47 +02:00
Tobias Brunner
feef637368
Add pkcs12 plugin which adds support for decoding PKCS#12 containers
2013-05-08 15:02:39 +02:00
Tobias Brunner
594d847f79
PKCS#5 wrapper can decrypt PKCS#12-like schemes
2013-05-08 15:02:38 +02:00
Tobias Brunner
c734c2d875
Extract function to convert ASN.1 INTEGER object to u_int64_t
2013-05-08 14:53:08 +02:00
Martin Willi
f932677f0c
Use the GEN silent rule when generating oid database with perl
2013-05-06 15:04:56 +02:00
Andreas Steffen
486f4b5838
added some otherNames OIDs
2013-03-06 11:50:32 +01:00
Tobias Brunner
f05b427265
Moved debug.[ch] to utils folder
2012-10-24 16:00:51 +02:00
Andreas Steffen
e6a58e5d5d
added some new SHA-512 OIDs
2012-10-03 15:33:56 +02:00
Tobias Brunner
82e526ce81
Properly encode 0 in ASN.1.
...
According to X.690 an INTEGER object always has at least one content
octet.
2012-06-11 17:09:20 +02:00
Tobias Brunner
e8120632ae
Don't use chunk_skip() in asn1_length().
...
chunk_skip() returns chunk_empty if the length of the chunk is equal to
the number of bytes to skip, this is problematic as asn1_length() modifies
the original chunk. asn1_parser_t for instance uses the modified chunk to
later calculate the length of the resulting ASN.1 object which produces
incorrect results if it is based on chunk_empty.
2012-06-11 17:09:20 +02:00
Martin Willi
b24be29646
Merge branch 'ikev1'
...
Conflicts:
configure.in
man/ipsec.conf.5.in
src/libcharon/encoding/generator.c
src/libcharon/encoding/payloads/notify_payload.c
src/libcharon/encoding/payloads/notify_payload.h
src/libcharon/encoding/payloads/payload.c
src/libcharon/network/receiver.c
src/libcharon/sa/authenticator.c
src/libcharon/sa/authenticator.h
src/libcharon/sa/ikev2/tasks/ike_init.c
src/libcharon/sa/task_manager.c
src/libstrongswan/credentials/auth_cfg.c
2012-05-02 11:12:31 +02:00
Tobias Brunner
ef511fc03d
Add support for dnQualifier in DNs.
2012-03-29 10:01:55 +02:00
Martin Willi
b1f2f05c92
Merge branch 'ikev1-clean' into ikev1-master
...
Conflicts:
configure.in
man/ipsec.conf.5.in
src/libcharon/daemon.c
src/libcharon/plugins/eap_ttls/eap_ttls_peer.c
src/libcharon/plugins/eap_radius/eap_radius_accounting.c
src/libcharon/plugins/eap_radius/eap_radius_forward.c
src/libcharon/plugins/farp/farp_listener.c
src/libcharon/sa/ike_sa.c
src/libcharon/sa/keymat.c
src/libcharon/sa/task_manager.c
src/libcharon/sa/trap_manager.c
src/libstrongswan/plugins/x509/x509_cert.c
src/libstrongswan/utils.h
Applied lost changes of moved files keymat.c and task_manager.c.
Updated listener_t.message hook signature in new plugins.
2012-03-20 17:57:53 +01:00
Tobias Brunner
f29a4f1c64
Added support for iKEIntermediate X.509 extended key usage flag.
...
Mac OS X requires server certificates to have this flag set.
2012-03-20 17:31:24 +01:00
Tobias Brunner
e81260d426
Moved log message for unexpected ASN.1 objects to level 2.
...
This avoids error messages if later builders can successfully decode something.
2012-02-01 18:27:46 +01:00
Tobias Brunner
fd1ff46f61
Added support for PKCS#5 v2 schemes when decrypting PKCS#8 files.
2012-02-01 18:27:46 +01:00
Tobias Brunner
cab127cba6
Added support for encrypted PKCS#8 files (for some PKCS#5 v1.5 schemes).
2012-02-01 18:27:46 +01:00
Tobias Brunner
25c6d26c1d
Return parsed parameters from algorithmIdentifier if they are an OID (aka EC named curve).
...
Explicit EC parameters are not supported with this function, but before this
change no parameters were actually ever returned.
2012-02-01 18:27:45 +01:00
Tobias Brunner
e86b685da5
Allow callers to force ASN.1 date encoding as GENERALIZEDTIME.
2011-12-23 18:07:39 +01:00
Tobias Brunner
f4095fdc8a
Avoid integer overflow when parsing ASN.1 dates.
...
This only works properly if sizeof(time_t) > 4.
2011-12-23 16:38:28 +01:00
Tobias Brunner
1267127c11
Properly ASN.1 encode dates in certificates depending on the year.
2011-12-23 16:29:41 +01:00
Tobias Brunner
c7f3a056dd
Log ASN.1 parsing in new ASN debug group.
2011-12-16 16:44:38 +01:00
Andreas Steffen
a30e025901
support unstructuredAddress in left|rightid
2011-04-18 23:40:31 +02:00
Andreas Steffen
19897724d3
fixed asn1_oid_from_string(), allowing it to handle up to 32 bit node numbers
2011-03-12 13:46:14 +01:00
Andreas Steffen
cfeb687d7f
added tcg-at-tpmIdLabel OID
2011-03-11 11:48:46 +01:00
Andreas Steffen
fc01176a7d
output unknown OIDs in dot string notation
2011-03-11 11:48:22 +01:00
Andreas Steffen
f813069e89
fixed asn1_oid_to_string() conversion
2011-03-09 15:36:05 +01:00
Andreas Steffen
c54e1bb83b
defined some TCG attribute OIDs
2011-03-08 07:27:00 +01:00
Andreas Steffen
04be19127d
support of RSAES-OAEP public keys
2011-03-08 07:03:22 +01:00
Andreas Steffen
bf10d793f6
added id-RSAES-OAEP and id-pSpecified OIDs
2011-03-07 22:46:28 +01:00
Andreas Steffen
b98dfe1477
defined OID_STRONGSWAN
2011-02-07 23:42:29 +01:00
Martin Willi
a742d97fb8
Added support for policyConstraints to x509 plugin
2011-01-05 16:46:02 +01:00
Martin Willi
5122fa1e02
Added policyMappings OID identifier
2011-01-05 16:46:02 +01:00
Martin Willi
2d3ae93832
Added CertificatePolicy OID identifier
2011-01-05 16:46:02 +01:00
Martin Willi
feac4a8162
Added conversion functions between string OIDs and its DER encoding
2011-01-05 16:46:02 +01:00
Andreas Steffen
53e2c2e283
replaced spaces by tabs
2010-12-30 03:45:08 +01:00
Andreas Steffen
375dacca8e
removed superfluous whitespace
2010-12-03 11:26:13 +01:00
Andreas Steffen
3cd69cfab1
Migrated asn1_parser_t to INIT/METHOD macros
2010-12-02 22:12:02 +01:00
Andreas Steffen
0ebff9f442
added ITA and strongSwan OIDs
2010-11-17 22:46:45 +01:00