ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
12,768 Commits 6 Branches 233 Tags 88 MiB
Commit Graph

168 Commits

Author SHA1 Message Date
Andreas Steffen 98ae0492b6 Added support for msSmartcardLogon EKU 2014-04-08 13:09:03 +02:00
Andreas Steffen e2df745122 Added some more OIDs 2014-04-08 11:32:30 +02:00
Andreas Steffen 60451e2fb6 Added SHA3 OIDs 2014-04-04 23:44:55 +02:00
Andreas Steffen 1f9e4d029e Fixed a minor vulnerability in which a malformed ASN.1 length field could cause a crash of the charon daemon if the verbose debug level 3 (raw hex dump) for the asn subsystem is enabled. 2014-02-14 15:06:57 +01:00
Tobias Brunner ebc665be4d asn1: Support dates before 1970-01-01 (i.e. when time_t gets negative) 
On x86 we allow "overflows" around 1969/1970 but not for other dates.

Fixes #509.
 2014-02-12 13:54:05 +01:00
Tobias Brunner addc34d5f0 asn1: Add additional validation for parsed ASN.1 date/time values 2014-02-12 13:53:57 +01:00
Andreas Steffen 146ad86be5 Prototype implementation of IKE key exchange via NTRU encryption 2013-11-27 20:21:40 +01:00
Andreas Steffen 7817d88e1a unit-tests: 100% function coverage for asn1.c 2013-11-03 17:40:51 +01:00
Andreas Steffen c3103700fc Some minor refactoring in asn1.c 2013-11-02 21:17:46 +01:00
Andreas Steffen 1347c936bd Do not free zero-length integer 2013-11-02 02:11:32 +01:00
Tobias Brunner b3393c88c1 asn1: Fix handling of invalid ASN.1 length in is_asn1() 
Fixes CVE-2013-5018.
 2013-07-31 22:16:58 +02:00
Andreas Steffen 126778679f Recognize critical IssuingDistributionPoint CRL extension 2013-07-12 09:00:47 +02:00
Tobias Brunner feef637368 Add pkcs12 plugin which adds support for decoding PKCS#12 containers 2013-05-08 15:02:39 +02:00
Tobias Brunner 594d847f79 PKCS#5 wrapper can decrypt PKCS#12-like schemes 2013-05-08 15:02:38 +02:00
Tobias Brunner c734c2d875 Extract function to convert ASN.1 INTEGER object to u_int64_t 2013-05-08 14:53:08 +02:00
Martin Willi f932677f0c Use the GEN silent rule when generating oid database with perl 2013-05-06 15:04:56 +02:00
Andreas Steffen 486f4b5838 added some otherNames OIDs 2013-03-06 11:50:32 +01:00
Tobias Brunner f05b427265 Moved debug.[ch] to utils folder 2012-10-24 16:00:51 +02:00
Andreas Steffen e6a58e5d5d added some new SHA-512 OIDs 2012-10-03 15:33:56 +02:00
Tobias Brunner 82e526ce81 Properly encode 0 in ASN.1. 
According to X.690 an INTEGER object always has at least one content
octet.
 2012-06-11 17:09:20 +02:00
Tobias Brunner e8120632ae Don't use chunk_skip() in asn1_length(). 
chunk_skip() returns chunk_empty if the length of the chunk is equal to
the number of bytes to skip, this is problematic as asn1_length() modifies
the original chunk.  asn1_parser_t for instance uses the modified chunk to
later calculate the length of the resulting ASN.1 object which produces
incorrect results if it is based on chunk_empty.
 2012-06-11 17:09:20 +02:00
Martin Willi b24be29646 Merge branch 'ikev1' 
Conflicts:
	configure.in
	man/ipsec.conf.5.in
	src/libcharon/encoding/generator.c
	src/libcharon/encoding/payloads/notify_payload.c
	src/libcharon/encoding/payloads/notify_payload.h
	src/libcharon/encoding/payloads/payload.c
	src/libcharon/network/receiver.c
	src/libcharon/sa/authenticator.c
	src/libcharon/sa/authenticator.h
	src/libcharon/sa/ikev2/tasks/ike_init.c
	src/libcharon/sa/task_manager.c
	src/libstrongswan/credentials/auth_cfg.c
 2012-05-02 11:12:31 +02:00
Tobias Brunner ef511fc03d Add support for dnQualifier in DNs. 2012-03-29 10:01:55 +02:00
Martin Willi b1f2f05c92 Merge branch 'ikev1-clean' into ikev1-master 
Conflicts:
	configure.in
	man/ipsec.conf.5.in
	src/libcharon/daemon.c
	src/libcharon/plugins/eap_ttls/eap_ttls_peer.c
	src/libcharon/plugins/eap_radius/eap_radius_accounting.c
	src/libcharon/plugins/eap_radius/eap_radius_forward.c
	src/libcharon/plugins/farp/farp_listener.c
	src/libcharon/sa/ike_sa.c
	src/libcharon/sa/keymat.c
	src/libcharon/sa/task_manager.c
	src/libcharon/sa/trap_manager.c
	src/libstrongswan/plugins/x509/x509_cert.c
	src/libstrongswan/utils.h

Applied lost changes of moved files keymat.c and task_manager.c.
Updated listener_t.message hook signature in new plugins.
 2012-03-20 17:57:53 +01:00
Tobias Brunner f29a4f1c64 Added support for iKEIntermediate X.509 extended key usage flag. 
Mac OS X requires server certificates to have this flag set.
 2012-03-20 17:31:24 +01:00
Tobias Brunner e81260d426 Moved log message for unexpected ASN.1 objects to level 2. 
This avoids error messages if later builders can successfully decode something.
 2012-02-01 18:27:46 +01:00
Tobias Brunner fd1ff46f61 Added support for PKCS#5 v2 schemes when decrypting PKCS#8 files. 2012-02-01 18:27:46 +01:00
Tobias Brunner cab127cba6 Added support for encrypted PKCS#8 files (for some PKCS#5 v1.5 schemes). 2012-02-01 18:27:46 +01:00
Tobias Brunner 25c6d26c1d Return parsed parameters from algorithmIdentifier if they are an OID (aka EC named curve). 
Explicit EC parameters are not supported with this function, but before this
change no parameters were actually ever returned.
 2012-02-01 18:27:45 +01:00
Tobias Brunner e86b685da5 Allow callers to force ASN.1 date encoding as GENERALIZEDTIME. 2011-12-23 18:07:39 +01:00
Tobias Brunner f4095fdc8a Avoid integer overflow when parsing ASN.1 dates. 
This only works properly if sizeof(time_t) > 4.
 2011-12-23 16:38:28 +01:00
Tobias Brunner 1267127c11 Properly ASN.1 encode dates in certificates depending on the year. 2011-12-23 16:29:41 +01:00
Tobias Brunner c7f3a056dd Log ASN.1 parsing in new ASN debug group. 2011-12-16 16:44:38 +01:00
Andreas Steffen a30e025901 support unstructuredAddress in left|rightid 2011-04-18 23:40:31 +02:00
Andreas Steffen 19897724d3 fixed asn1_oid_from_string(), allowing it to handle up to 32 bit node numbers 2011-03-12 13:46:14 +01:00
Andreas Steffen cfeb687d7f added tcg-at-tpmIdLabel OID 2011-03-11 11:48:46 +01:00
Andreas Steffen fc01176a7d output unknown OIDs in dot string notation 2011-03-11 11:48:22 +01:00
Andreas Steffen f813069e89 fixed asn1_oid_to_string() conversion 2011-03-09 15:36:05 +01:00
Andreas Steffen c54e1bb83b defined some TCG attribute OIDs 2011-03-08 07:27:00 +01:00
Andreas Steffen 04be19127d support of RSAES-OAEP public keys 2011-03-08 07:03:22 +01:00
Andreas Steffen bf10d793f6 added id-RSAES-OAEP and id-pSpecified OIDs 2011-03-07 22:46:28 +01:00
Andreas Steffen b98dfe1477 defined OID_STRONGSWAN 2011-02-07 23:42:29 +01:00
Martin Willi a742d97fb8 Added support for policyConstraints to x509 plugin 2011-01-05 16:46:02 +01:00
Martin Willi 5122fa1e02 Added policyMappings OID identifier 2011-01-05 16:46:02 +01:00
Martin Willi 2d3ae93832 Added CertificatePolicy OID identifier 2011-01-05 16:46:02 +01:00
Martin Willi feac4a8162 Added conversion functions between string OIDs and its DER encoding 2011-01-05 16:46:02 +01:00
Andreas Steffen 53e2c2e283 replaced spaces by tabs 2010-12-30 03:45:08 +01:00
Andreas Steffen 375dacca8e removed superfluous whitespace 2010-12-03 11:26:13 +01:00
Andreas Steffen 3cd69cfab1 Migrated asn1_parser_t to INIT/METHOD macros 2010-12-02 22:12:02 +01:00
Andreas Steffen 0ebff9f442 added ITA and strongSwan OIDs 2010-11-17 22:46:45 +01:00