Tobias Brunner
c0d39c205c
Implemented AES-CMAC based PRF and signer.
...
The cmac plugin implements AES-CMAC as defined in RFC 4493 and the
signer and PRF based on it as defined in RFC 4494 and RFC 4615,
respectively.
2012-04-03 10:40:47 +02:00
Tobias Brunner
9a6b1cb412
Fixed GNU license header in hmac and xcbc plugins.
2012-04-03 10:33:59 +02:00
Tobias Brunner
ef511fc03d
Add support for dnQualifier in DNs.
2012-03-29 10:01:55 +02:00
Tobias Brunner
817ab8a8d4
Don't cast second argument of mem_printf_hook (%b) to size_t.
...
Also treat the given number as unsigned int.
Due to the printf hook registration the second argument of
mem_printf_hook (if called via printf etc.) is always of type int*.
Casting this to a size_t pointer and then dereferencing that as int does
not work on big endian machines if int is smaller than size_t (e.g. on ppc64).
In order to make this change work if the argument is of a type larger
than int, size_t for instance, the second argument for %b has to be casted
to (u_)int.
2012-03-27 09:10:34 +02:00
Tobias Brunner
686cfd4e34
Added support for untruncated MD5 and SHA1 HMACs in ESP as used in RFC 4595.
...
This requires a Linux kernel >= 2.6.33.
2012-02-27 14:31:19 +01:00
Tobias Brunner
a190ec0ac5
Compiler warnings fixed.
2012-02-14 16:09:44 +01:00
Tobias Brunner
e81260d426
Moved log message for unexpected ASN.1 objects to level 2.
...
This avoids error messages if later builders can successfully decode something.
2012-02-01 18:27:46 +01:00
Tobias Brunner
fd1ff46f61
Added support for PKCS#5 v2 schemes when decrypting PKCS#8 files.
2012-02-01 18:27:46 +01:00
Tobias Brunner
cab127cba6
Added support for encrypted PKCS#8 files (for some PKCS#5 v1.5 schemes).
2012-02-01 18:27:46 +01:00
Tobias Brunner
db3334dc32
Added support to parse PKCS#8 encoded ECDSA private keys.
2012-02-01 18:27:45 +01:00
Tobias Brunner
27f8a61df3
OpenSSL plugin parses ECDSA private keys with explicitly specified EC parameters.
...
This is needed in case the key itself does not contain the parameters,
which is the case for PKCS#8.
2012-02-01 18:27:45 +01:00
Tobias Brunner
b20c54ff3f
Add builder part for parameters from algorithmIdentifier.
2012-02-01 18:27:45 +01:00
Tobias Brunner
25c6d26c1d
Return parsed parameters from algorithmIdentifier if they are an OID (aka EC named curve).
...
Explicit EC parameters are not supported with this function, but before this
change no parameters were actually ever returned.
2012-02-01 18:27:45 +01:00
Tobias Brunner
9255aa87ec
Parse RSA private keys from PKCS#8 encoded blobs.
2012-02-01 18:27:45 +01:00
Tobias Brunner
5ec525c1d1
Added PKCS#8 stub plugin.
2012-02-01 18:27:45 +01:00
Tobias Brunner
7171d8765e
Disable crypto benchmarking if CLOCK_THREAD_CPUTIME_ID is not available.
2012-01-30 11:04:55 +01:00
Tobias Brunner
f1ba06c1c6
Cache list of plugin names to further simplify its usage.
...
Also helpful for ipsec statusall to avoid having to enumerate plugins.
2012-01-19 12:37:42 +01:00
Tobias Brunner
ad1aaf4be3
Function added to plugin_loader to get a list of the names of loaded plugins.
2012-01-19 11:51:51 +01:00
Adrian-Ken Rueegsegger
5ed3e3a7e6
Various style, typo and whitespace corrections
2012-01-13 16:27:35 +01:00
Tobias Brunner
2e0b478a01
Android 4 requires LOCAL_MODULE_TAGS to be set for all modules.
...
Because all packages are now marked as optional executables that are to
be installed on the final system have to be added to PRODUCT_PACKAGES in
build/target/product/core.mk. Dependencies (such as libraries) are
installed automatically.
2012-01-12 19:18:35 +01:00
Tobias Brunner
35a1986142
Fixed additional typos in comments and log messages.
2012-01-12 11:42:42 +01:00
Adrian-Ken Rueegsegger
d887b8e134
Fix whitespaces
2012-01-12 11:25:18 +01:00
Adrian-Ken Rueegsegger
2a375e62f3
Some documentation corrections
2012-01-12 11:25:12 +01:00
Tobias Brunner
17e3a92661
Fix gettid() on Android, which is defined in unistd.h there.
2012-01-12 11:08:22 +01:00
Tobias Brunner
66f16d9629
Use native gettid() if available (which is the case on Android).
2012-01-10 18:31:33 +01:00
Tobias Brunner
e86b685da5
Allow callers to force ASN.1 date encoding as GENERALIZEDTIME.
2011-12-23 18:07:39 +01:00
Tobias Brunner
f4095fdc8a
Avoid integer overflow when parsing ASN.1 dates.
...
This only works properly if sizeof(time_t) > 4.
2011-12-23 16:38:28 +01:00
Tobias Brunner
1267127c11
Properly ASN.1 encode dates in certificates depending on the year.
2011-12-23 16:29:41 +01:00
Tobias Brunner
5317dd6887
Added atomic compare and swap operations.
...
Using a GCC atomic builtin if available or a global mutex otherwise.
2011-12-23 11:04:55 +01:00
Tobias Brunner
cc4b48e886
Also log PGP parsing in ASN log group.
2011-12-16 16:44:38 +01:00
Tobias Brunner
b6e0784385
Log messages for PKCS1 and PEM parsing in ASN log group.
2011-12-16 16:44:38 +01:00
Tobias Brunner
eb497205e3
Log most X.509 related messages in new ASN log group.
2011-12-16 16:44:38 +01:00
Tobias Brunner
c7f3a056dd
Log ASN.1 parsing in new ASN debug group.
2011-12-16 16:44:38 +01:00
Tobias Brunner
54d096a712
Added ASN debug group to log low-level encoding/decoding (ASN.1, X.509).
...
This will allow us to remove quite some clutter from the LIB debug group
for higher debug levels.
2011-12-16 16:44:38 +01:00
Tobias Brunner
c17f6f96e2
Log native thread ID when a thread is created.
...
If possible gettid() is used, otherwise pthread_self() is logged (which is
not completely portable, but seems to work on most supported platforms).
2011-12-16 16:44:38 +01:00
Tobias Brunner
b24287c269
Log worker thread ID with two digits.
2011-12-16 16:44:38 +01:00
Tobias Brunner
a5951a2861
Make sure the certificate cache is flushed when plugins are unloaded.
...
This avoids segmentation faults when plugins implementing cert_t are
already unloaded when the cache is flushed during destruction.
2011-12-15 12:20:09 +01:00
Martin Willi
8b8fcfd631
Be less verbose if plugin dependecy not satisfied
2011-12-07 13:42:10 +01:00
Martin Willi
005b02cbe3
Create a dummy pthread key for value "0", as some buggy PKCS#11 libraries mangle it
2011-12-07 13:42:07 +01:00
Andreas Steffen
a91462df09
fixed copy-and-paste error
2011-12-04 12:53:47 +01:00
Sansar Choinyambuu
95e37555c3
Reverse the changes made to openssl plugin for signature verification
2011-11-28 21:18:05 +01:00
Sansar Choinyambuu
824ace105a
Changed the static function name in openssl_rsa_public_key object
...
Removed unused chunk variable from PTS verify_quote_signature function
2011-11-28 21:17:16 +01:00
Sansar Choinyambuu
5fbbfe0a48
use openssl rsa_verify function
2011-11-28 20:31:13 +01:00
Sansar Choinyambuu
19fa287f6e
Reverse the changes made to openssl plugin for signature verification
2011-11-28 14:39:53 +01:00
Sansar Choinyambuu
71741df078
Changed the static function name in openssl_rsa_public_key object
...
Removed unused chunk variable from PTS verify_quote_signature function
2011-11-28 14:39:53 +01:00
Sansar Choinyambuu
3cd6077b75
use openssl rsa_verify function
2011-11-28 14:39:53 +01:00
Andreas Steffen
fbeb94544c
extended bio_reader and bio_writer to handle u_int64_t
2011-11-28 14:39:52 +01:00
Sansar Choinyambuu
4002b41b92
Added ctime function to white list
2011-11-28 14:34:21 +01:00
Tobias Brunner
5ddeaf2884
Fixed compiler warnings for DH groups that define no subgroup.
2011-11-25 10:18:03 +01:00
Tobias Brunner
a660f1426e
Fixed missing initializer compiler warning.
2011-11-25 09:52:19 +01:00