Andreas Steffen
a7e1f37371
added pts_dh_group_select
2011-11-28 18:05:01 +01:00
Andreas Steffen
2b899b50ca
combine two algorithm checks
2011-11-28 18:03:34 +01:00
Andreas Steffen
09f01caf3a
fixed setting of PTS DH group
2011-11-28 18:01:08 +01:00
Sansar Choinyambuu
0788198047
Improved implementation of Read PCR/ Extend PCR/ Quote_TPM functions
...
Implemented creating/handling of Simple Evidence Final attribute (incomplete)
2011-11-28 17:53:34 +01:00
Sansar Choinyambuu
ee6a3bd711
Changed definition of output and set them in quote_tpm function
2011-11-28 17:46:54 +01:00
Sansar Choinyambuu
6c33703c4a
Implemented first version of tpm quote function
2011-11-28 17:43:00 +01:00
Andreas Steffen
c0e4e0a6ab
added newline at end of file
2011-11-28 17:39:53 +01:00
Sansar Choinyambuu
54af64dc10
Changed definition of get_my_pub_val function a little
2011-11-28 17:34:40 +01:00
Sansar Choinyambuu
0bfdae3b90
Implemented hasndling of Request Functional Component Evidence and creation of Simple Component Evidences
2011-11-28 17:30:17 +01:00
Sansar Choinyambuu
09f34eb4d0
Implemented functions for reading and extending TPM PCR
...
Made hash_file function a member of pts object
2011-11-28 17:27:58 +01:00
Sansar Choinyambuu
b10465fdc1
Use struct containing the parameters for Create function
...
Deleted unnecessary setter functions
2011-11-28 17:23:52 +01:00
Sansar Choinyambuu
b9d6aded18
Fixed memory leaks
2011-11-28 17:19:40 +01:00
Sansar Choinyambuu
31b1e389ea
Clone chunk_t parameters in create function
2011-11-28 17:11:14 +01:00
Sansar Choinyambuu
be922d56b2
Implemented handling of DH Parameters Response and Finish attributes
...
Implemented calculating session secrets
2011-11-28 16:05:19 +01:00
Sansar Choinyambuu
e3cbd18892
Cloning chunk_t parameters in process message
2011-11-28 15:54:02 +01:00
Sansar Choinyambuu
d83bcc310d
Started implementing handling of DH Nonce attributes
2011-11-28 15:48:38 +01:00
Sansar Choinyambuu
8a55b83319
Implemented Diffie Hellman Nonce attributes
2011-11-28 15:32:36 +01:00
Sansar Choinyambuu
157c9c173d
Write/Read flags field directly to/from variable
2011-11-28 15:18:00 +01:00
Sansar Choinyambuu
d2a905ea98
Began implementing handline of Functional Component Measuring attributes
2011-11-28 15:14:13 +01:00
Sansar Choinyambuu
75d5f6d132
Fixed bug at checking error code from file stat
2011-11-28 15:02:49 +01:00
Sansar Choinyambuu
c5b346d1d0
Implemented handling of File Metadata
2011-11-28 15:01:53 +01:00
Sansar Choinyambuu
381b3452f3
File not Found, Invalid path, Invalid Delimiter PTS errors case checks implemented
2011-11-28 14:41:27 +01:00
Sansar Choinyambuu
1e28c937fe
Fixed bug in construction of PCR_SELECT structure
2011-11-28 14:39:53 +01:00
Sansar Choinyambuu
2aa28b164e
Defined functional components within ITA namespace
...
Implemented handling of functional components evidence request/response
2011-11-28 14:39:53 +01:00
Sansar Choinyambuu
19fa287f6e
Reverse the changes made to openssl plugin for signature verification
2011-11-28 14:39:53 +01:00
Andreas Steffen
90cc99db5a
reordered options
2011-11-28 14:39:53 +01:00
Sansar Choinyambuu
103218b912
Reversed unintended commit
2011-11-28 14:39:53 +01:00
Sansar Choinyambuu
71741df078
Changed the static function name in openssl_rsa_public_key object
...
Removed unused chunk variable from PTS verify_quote_signature function
2011-11-28 14:39:53 +01:00
Andreas Steffen
2b28a13182
implemented simple delete from database
2011-11-28 14:39:53 +01:00
Andreas Steffen
f4159ff816
add product and file entries to database
2011-11-28 14:39:53 +01:00
Sansar Choinyambuu
3cd6077b75
use openssl rsa_verify function
2011-11-28 14:39:53 +01:00
Sansar Choinyambuu
cb66320fee
Implemented matching of Optional PCR Composite field value when Hashing was done to reduce the size of it
...
Optional Composite Hash Algorithm field is always present, has value of all zeroes if was not used
2011-11-28 14:39:53 +01:00
Andreas Steffen
645f55eb20
allow file and product selection in hash query
2011-11-28 14:39:53 +01:00
Andreas Steffen
0ee1fe1516
applied some database fixes
2011-11-28 14:39:53 +01:00
Andreas Steffen
e881ee23ee
refactored attest database tool
2011-11-28 14:39:53 +01:00
Andreas Steffen
e4ac6698bd
fixed SQL queries
2011-11-28 14:39:53 +01:00
Andreas Steffen
09c4891459
get measurement hashes for a given file
2011-11-28 14:39:53 +01:00
Andreas Steffen
63c6709041
add directory prefix to file path
2011-11-28 14:39:53 +01:00
Andreas Steffen
4bf382742e
list file measurement hashes
2011-11-28 14:39:53 +01:00
Andreas Steffen
1fa5b95962
remove attest
2011-11-28 14:39:52 +01:00
Andreas Steffen
83ceee8abf
corrected copyright
2011-11-28 14:39:52 +01:00
Andreas Steffen
2da75114d9
ipsec attest lists data stored in an attestation database
2011-11-28 14:39:52 +01:00
Sansar Choinyambuu
8209ab86a5
free memories that are bound to the context
2011-11-28 14:39:52 +01:00
Sansar Choinyambuu
cb83fb3b72
Both D and T flags required to be set for PTS Component Measurement
...
DH Finish is sent only when D flag is set in TPM_INIT phase
2011-11-28 14:39:52 +01:00
Sansar Choinyambuu
6c5c5b6a2e
use D flag for PTS Protocol Capabilities
2011-11-28 14:39:52 +01:00
Andreas Steffen
a626ff9267
added measurements for Ubuntu 11.10 i686
2011-11-28 14:39:52 +01:00
Andreas Steffen
7a40949e18
changed method name to create_file_meas_enumerator
2011-11-28 14:39:52 +01:00
Andreas Steffen
d4171c6ea9
committed missing pts_file_type.c
2011-11-28 14:39:52 +01:00
Andreas Steffen
7b81a60c51
added pts_file_type_names
2011-11-28 14:39:52 +01:00
Andreas Steffen
96d611f585
Unix-Style File Metadata returns relative pathnames
2011-11-28 14:39:52 +01:00
Andreas Steffen
ba361d3cd7
use write_uint64 and read_uint64 in file measurements
2011-11-28 14:39:52 +01:00
Andreas Steffen
63ca82e56d
optimized handling of UNIX file metadata
2011-11-28 14:39:52 +01:00
Andreas Steffen
fbeb94544c
extended bio_reader and bio_writer to handle u_int64_t
2011-11-28 14:39:52 +01:00
Andreas Steffen
8ddf76dd13
shortened fieldnames of pts_file_metadata_t struct
2011-11-28 14:39:52 +01:00
Andreas Steffen
bd96953568
removed empty line
2011-11-28 14:39:52 +01:00
Andreas Steffen
5b0e14c48f
compacted file metadata debug output
2011-11-28 14:39:52 +01:00
Sansar Choinyambuu
dbe7751a22
Copy just 20 bytes of pcr after value
2011-11-28 14:39:52 +01:00
Sansar Choinyambuu
b8017b5eba
follow strongswan coding rules
2011-11-28 14:39:52 +01:00
Sansar Choinyambuu
954be9f5e4
Sort the pcr entries list everytime new entry is added
2011-11-28 14:39:52 +01:00
Sansar Choinyambuu
b532c454ad
Modified some unnecessary todo statement
2011-11-28 14:39:51 +01:00
Sansar Choinyambuu
20c005f9e4
Cosmetics
2011-11-28 14:39:51 +01:00
Sansar Choinyambuu
e2d26e47e9
Deleted unnecessary debuggin statements for File Metadata on IMC side
2011-11-28 14:39:51 +01:00
Sansar Choinyambuu
7fa72be3f2
Implemented creating and handling of Optional PCR Composite field in Simple Evidence Final attribute
2011-11-28 14:39:51 +01:00
Sansar Choinyambuu
d6fc5bace3
Construct PCR Composite using information received in Simple Component Evidence attributes
2011-11-28 14:39:51 +01:00
Sansar Choinyambuu
d09cf19716
Temporary commenting out of processing optional PCR Composite field
2011-11-28 14:39:51 +01:00
Sansar Choinyambuu
52ae3f27f8
Used Openssl RSA_verify function
2011-11-28 14:39:51 +01:00
Sansar Choinyambuu
72684a710b
Fixed calculate quote info function -> initialize PCR bit mask array with zeroes
...
Return TPM Quote Info only, hash of it is calculated in IMV Process
Renamed digest with quote info
2011-11-28 14:39:51 +01:00
Sansar Choinyambuu
baee8292ad
Included hasher.h
2011-11-28 14:39:51 +01:00
Sansar Choinyambuu
0dd5914cc1
fixed typo in reason strings
2011-11-28 14:39:51 +01:00
Sansar Choinyambuu
b8cc499b7e
Check if matching value configured with the received pcr after value in Simple Component Evidence
2011-11-28 14:39:51 +01:00
Sansar Choinyambuu
26b657ce2b
Changed definition of pcr_value in pcr_entry_t structure
...
Implemented function to check if recevied PCR after value matches with any configured pcr value
2011-11-28 14:39:51 +01:00
Sansar Choinyambuu
d631a1dda5
deleted unnecessary debuggin statement
2011-11-28 14:39:51 +01:00
Sansar Choinyambuu
2eb3dc40b9
return SHA1 hash of TPM Quote Info in calculate_quote_digest
2011-11-28 14:39:51 +01:00
Sansar Choinyambuu
67299653e4
Modified reason strings
2011-11-28 14:39:51 +01:00
Sansar Choinyambuu
47e5d106a6
Replaced static string path with Metadata requests retrieved from pts database
2011-11-28 14:39:51 +01:00
Sansar Choinyambuu
8ed9f5552e
Implemented new create enumerator function to get metadata request paths
...
Modified existing file_enumerator function to include just measurement requests
2011-11-28 14:39:51 +01:00
Sansar Choinyambuu
df918eca8d
Added measurement and metadata columns to files table
...
Added "/etc/tnc_config" file record for metadata request
Modified files table entries with measurement flag set
2011-11-28 14:39:51 +01:00
Sansar Choinyambuu
a8be826be4
Implemented Quote Digest constructing function for IMV
...
Implemented Signature verification function to check TPM Quote Signature
Implemented Handling of Simple Evidence Final attribute
Fixed bug within tpm_quote function
2011-11-28 14:39:50 +01:00
Sansar Choinyambuu
7037b55ff1
Replaced with boolean variable for PCR info included and Evidence Signature included flags
...
Write and Read flags to int first and set flags /Due to special definition/
2011-11-28 14:39:50 +01:00
Sansar Choinyambuu
d25b7b3d9a
Loading AIK Blob from file configured
...
Finalized implementation of quote_tpm function
2011-11-28 14:39:50 +01:00
Sansar Choinyambuu
fe247ba2a6
Get AIK certificate encoding in PUBKEY_ASN1_DER if it's just public key
2011-11-28 14:39:50 +01:00
Sansar Choinyambuu
f557e5fcaf
Added parentesis for logical conditions of IF statement to get rid of the warning
2011-11-28 14:39:50 +01:00
Andreas Steffen
dc5995fb51
added pts_dh_group_error_create() and pts_dh_nonce_error_create()
2011-11-28 14:39:50 +01:00
Andreas Steffen
d7bc2841ca
moved building of attributes to imv_attestation_build
2011-11-28 14:39:50 +01:00
Andreas Steffen
5e5d6ecd94
cosmetics
2011-11-28 14:39:50 +01:00
Andreas Steffen
cae9bc9b59
moved comments
2011-11-28 14:39:50 +01:00
Andreas Steffen
03fe2ed684
added the IMV_ATTESTATION_STATE_NONCE_REQ state
2011-11-28 14:39:50 +01:00
Andreas Steffen
325704e1b4
moved attribute processing to imc_attestation_process
2011-11-28 14:39:50 +01:00
Andreas Steffen
95c6cdeee8
aborting after fatal imv_attestation error
2011-11-28 14:39:50 +01:00
Andreas Steffen
350f855ca4
moved attribute processing to imv_attestation_process
2011-11-28 14:39:50 +01:00
Andreas Steffen
cc1406d6fa
refactored DH group nonce exchange
2011-11-28 14:39:50 +01:00
Andreas Steffen
6728e09d39
cosmetics
2011-11-28 14:39:50 +01:00
Andreas Steffen
111ad5cc39
normalized and extended pts_meas_algo functions
2011-11-28 14:39:50 +01:00
Andreas Steffen
f29a36f2a3
renamed conversion function to pts_dh_group_to_ike
2011-11-28 14:39:50 +01:00
Andreas Steffen
2a415e77c7
normalized pts_dh_group function names
2011-11-28 14:39:49 +01:00
Andreas Steffen
3be8995c3e
added pts_dh_group_select
2011-11-28 14:39:49 +01:00
Andreas Steffen
542b33c350
combine two algorithm checks
2011-11-28 14:39:49 +01:00
Andreas Steffen
02855188ef
fixed setting of PTS DH group
2011-11-28 14:39:49 +01:00
Sansar Choinyambuu
ea195cb6ef
Changed encoding type to ASN.1 DER
2011-11-28 14:34:21 +01:00
Sansar Choinyambuu
924f3bf59e
Improved implementation of Read PCR/ Extend PCR/ Quote_TPM functions
...
Implemented creating/handling of Simple Evidence Final attribute (incomplete)
2011-11-28 14:34:21 +01:00
Sansar Choinyambuu
e1aebc940a
Removed unnecessary setter functions
2011-11-28 14:34:21 +01:00
Sansar Choinyambuu
768b6b95d7
Fixes for memory leaks
2011-11-28 14:34:21 +01:00
Sansar Choinyambuu
3ca2e65f0d
Freeing memory allocated for AIK after writing
2011-11-28 14:34:21 +01:00
Sansar Choinyambuu
a3be32a2d5
Changed definition of output and set them in quote_tpm function
2011-11-28 14:34:21 +01:00
Sansar Choinyambuu
20c70d9839
Use already negotiated Measurement algorithm as Hashing algorithm for Diffie Hellman secret calculation
2011-11-28 14:34:21 +01:00
Sansar Choinyambuu
b46930bf5f
Implemented first version of tpm quote function
2011-11-28 14:34:21 +01:00
Andreas Steffen
c0da11615b
added newline at end of file
2011-11-28 14:34:21 +01:00
Andreas Steffen
a81a5f8bc4
fixed pts_probe_dh_groups warning
2011-11-28 14:34:21 +01:00
Sansar Choinyambuu
ef8ea80a28
Fixed some memory leaks
2011-11-28 14:34:21 +01:00
Sansar Choinyambuu
4b3d992d08
Changed definition of get_my_pub_val function a little
2011-11-28 14:34:21 +01:00
Sansar Choinyambuu
4002b41b92
Added ctime function to white list
2011-11-28 14:34:21 +01:00
Sansar Choinyambuu
10210cc6e9
Fixed freeing invalid memory issue
2011-11-28 14:34:21 +01:00
Sansar Choinyambuu
849b903baa
Implemented hasndling of Request Functional Component Evidence and creation of Simple Component Evidences
2011-11-28 14:34:21 +01:00
Sansar Choinyambuu
f39197dd92
Implemented functions for reading and extending TPM PCR
...
Made hash_file function a member of pts object
2011-11-28 14:34:21 +01:00
Sansar Choinyambuu
7c7034f64c
Use struct containing the parameters for Create function
...
Deleted unnecessary setter functions
2011-11-28 14:34:21 +01:00
Sansar Choinyambuu
97ebeaa45c
Fixed memory leaks
2011-11-28 14:34:20 +01:00
Sansar Choinyambuu
2f229f10b1
Clone chunk_t parameters in create function
2011-11-28 14:34:20 +01:00
Sansar Choinyambuu
c10867f40b
Implemented handling of DH Parameters Response and Finish attributes
...
Implemented calculating session secrets
2011-11-28 14:34:20 +01:00
Sansar Choinyambuu
a2ca89676b
Replaced DH_NONCE state with TPM_INIT state
2011-11-28 14:34:20 +01:00
Sansar Choinyambuu
808017f6b7
Cloning chunk_t parameters in process message
2011-11-28 14:34:20 +01:00
Sansar Choinyambuu
f27c30329d
Fixed bug for updating supported diffie hellman groups
2011-11-28 14:34:20 +01:00
Sansar Choinyambuu
9d7ec5b6cd
Removed unnecessary debug statement
2011-11-28 14:34:20 +01:00
Sansar Choinyambuu
246e46a97c
Return false if mandatory DH Group IKE19 is not available
2011-11-28 14:34:20 +01:00
Sansar Choinyambuu
0daee96b05
Started implementing handling of DH Nonce attributes
2011-11-28 14:34:20 +01:00
Sansar Choinyambuu
9a49d2e065
Implemented Diffie Hellman Nonce attributes
2011-11-28 14:34:20 +01:00
Sansar Choinyambuu
4ec5d26fdf
Write/Read flags field directly to/from variable
2011-11-28 14:34:20 +01:00
Sansar Choinyambuu
1c6ebda3db
Began implementing handline of Functional Component Measuring attributes
2011-11-28 14:34:20 +01:00
Sansar Choinyambuu
9032e61b88
Fixed bug at checking error code from file stat
2011-11-28 14:34:20 +01:00
Sansar Choinyambuu
3e951334a2
Implemented handling of File Metadata
2011-11-28 14:28:00 +01:00
Sansar Choinyambuu
d22716509a
File not Found, Invalid path, Invalid Delimiter PTS errors case checks implemented
2011-11-28 14:28:00 +01:00
Tobias Brunner
b4f037bb08
libfast: Fixed compiler warning.
2011-11-25 10:22:41 +01:00
Tobias Brunner
5ddeaf2884
Fixed compiler warnings for DH groups that define no subgroup.
2011-11-25 10:18:03 +01:00
Tobias Brunner
a660f1426e
Fixed missing initializer compiler warning.
2011-11-25 09:52:19 +01:00
Tobias Brunner
b46a5cd4ef
Fixed check for log groups when debug_t is unsigned.
...
The range and signedness of enum types is up to the compiler.
2011-11-25 09:48:32 +01:00
Tobias Brunner
282dcb9974
Fixed check of max_poll_time as it is an unsigned int.
2011-11-25 09:46:45 +01:00
Tobias Brunner
edad908792
Fixed compiler warnings regarding enum comparison.
...
Warnings like
comparison of unsigned expression < 0 is always false
are reported with -Wextra when enum types that are compiled to an
unsigned type (which is up to the compiler) are checked for negativity.
2011-11-25 09:40:30 +01:00
Tobias Brunner
4f775afda9
Added missing Android.mk files to distribution.
2011-11-22 18:31:12 +01:00
Martin Willi
b2e493ab58
Fixed proposal numbering check in sa_payload
2011-11-21 09:12:00 +01:00
Thomas Jarosch
00b9e598f3
Fix copy'n'paste error in libhydra's netlink interface
...
Detected by cppcheck.
2011-11-21 09:00:39 +01:00
Martin Willi
3fcacd283e
Fix unaligned aliasing warning in raw socket
2011-11-17 18:22:07 +01:00
Mirko Parthey
7b21873668
Fix network interface deletion handling in kernel-netlink plugin.
...
When the kernel reports the deletion of an interface (RTM_DELLINK),
the cached interface attributes, including ifindex, become invalid
and must be forgotten.
Interface link state changes ("up" and "down") show up as RTM_NEWLINK,
so they will not cause a cached entry to be removed or
prevent listening to address change notifications.
Once an interface has been deleted, the kernel ought to stop sending
notifications for it. If the interface gets recreated with the same
name later, the kernel again reports RTM_NEWLINK, which causes a new
cache entry to be created.
There should be no reason to keep a stale cache entry around, as was
claimed in the comment.
2011-11-14 15:24:48 +01:00
Tobias Brunner
727fe0f99e
libfreeswan: Fixed compiler warning.
2011-11-09 19:20:10 +01:00
Tobias Brunner
4de8f280e1
pkcs11: Fixed a bug when creating public keys.
2011-11-09 17:39:24 +01:00
Andreas Steffen
99246a4fc2
gcrypt does not support MD2
2011-11-09 06:48:55 +01:00
Andreas Steffen
4182d7a58d
added dummy libsimaka_init() function needed for integrity testing
2011-11-08 21:18:48 +01:00
Andreas Steffen
e7cb8f9b37
added dummy libtls_init() function needed for integrity testing
2011-11-08 20:27:17 +01:00
Tobias Brunner
856baca23e
Fixed monolithic build of libcharon with libtnccs enabled.
2011-11-08 18:35:11 +01:00
Tobias Brunner
59c5f048bb
Correctly refer to tnc-tnccs plugin when building monolithically.
2011-11-08 18:35:11 +01:00
Tobias Brunner
b12ad862c1
Calculate checksums for libsimaka and libtls.
...
These are currently not checked though. And because they don't define a
<libname>_init function an warning is reported when the checksum is
calculated.
2011-11-08 18:35:11 +01:00
Tobias Brunner
89bad63bac
Defer calculation of checksums until installation.
...
The checksum is now calculated from the installed libraries and plugins.
This allows to calculate checksums for plugins linking to libraries like
libtls as these are relinked during installation.
2011-11-08 18:35:11 +01:00
Tobias Brunner
4ad67fe7d5
Fixed formatting for longer plugin names in checksum_builder output.
2011-11-08 18:35:11 +01:00
Tobias Brunner
9192f78f70
Don't link libtnccs to checksum_builder.
...
Linking is only required for libraries defining global symbols used by
plugins to which the plugins do not link themselves.
2011-11-08 18:35:11 +01:00
Tobias Brunner
48e87e12ab
Revert "fixed integrity tests of plugins using libtls or libtnccs"
...
This reverts commit b597ac4a4c
(not
completely).
2011-11-08 18:35:11 +01:00
Tobias Brunner
e034cc9ca9
Revert "fixed integrity tests of plugins using libsimaka"
...
This reverts commit 8c42f16dee
.
Conflicts:
src/charon/Makefile.am
2011-11-08 18:35:11 +01:00
Andreas Steffen
bc0a4f7663
assign get_features method
2011-11-07 19:15:41 +01:00
Thomas Egerer
72a1b2e308
Allow support for CA-certificate retrieval in scepclient
...
I think somehow this functionality got lost in the way from
strongswan-2.7.0...
2011-11-04 15:13:32 +01:00
Tobias Brunner
866858527d
Fix 'ipsec pool --status' for empty pools.
2011-11-04 15:07:54 +01:00
Tobias Brunner
39b30518c2
Syntax error in sqlite.sql fixed.
2011-11-04 14:37:22 +01:00
Andreas Steffen
ef4206b50e
if available link libsimaka to checksum_builder
2011-11-04 11:27:19 +01:00
Andreas Steffen
f094dbc9bf
use the correct USE_SIMAKA conditional
2011-11-04 11:27:19 +01:00
Andreas Steffen
8c42f16dee
fixed integrity tests of plugins using libsimaka
2011-11-04 11:27:19 +01:00
Thomas Egerer
93818392cd
Change order of ocsp uris when parsing a cert
2011-11-04 11:11:17 +01:00
Thomas Egerer
6e5e2762d3
Handle certificates being on hold in a CRL
...
Certificates which are set on hold in a CRL might be removed from any
subsequent CRL. Hence you cannot conclude that a certificate is revoked
for good in this case, you would try to retrieve an update CRL to see if
the certificate on hold is still on it or not.
2011-11-04 11:11:17 +01:00
Thomas Egerer
c125d1ba13
Memwipe request after sa update, too
2011-11-04 11:11:17 +01:00
Thomas Egerer
42e2da606c
Use chunk_clear to memwipe shared secret
2011-11-04 11:11:17 +01:00
Thomas Egerer
dbd2169569
Change order of destroy/get_ref function calls
...
Since DESTROY_IF might destroy the peer_cfg, a get_ref on a freed object
is subject to fail.
2011-11-04 11:11:17 +01:00
Thomas Egerer
c230885a07
Fix resource leak in x509_ocsp_response
2011-11-04 11:11:17 +01:00
Thomas Egerer
dbfd1a63aa
Extend xfrm_attr_type_names by newly added enum values
2011-11-04 11:11:17 +01:00
Tobias Brunner
051226d5c0
Silently install route again, even if it did not change.
...
Address/interface changes can cause the route to disappear. Afterwards
the route might look the same but that does not mean it is still installed.
2011-11-04 11:11:17 +01:00
Tobias Brunner
25d59e9e2d
Compile warning fixed in kernel interfaces.
2011-11-04 11:11:17 +01:00
Tobias Brunner
f3eef176f4
Common spelling errors fixed.
2011-11-03 19:30:17 +01:00
Tobias Brunner
1bdd255ed3
pkcs11: Make public key operations on tokens optional.
2011-11-03 17:56:40 +01:00
Tobias Brunner
5b85b94e27
pkcs11: Make sure a key can be used for a given signature scheme.
2011-11-02 20:27:55 +01:00
Tobias Brunner
58d0a8d49b
pkcs11: Register ECDSA feature.
2011-11-02 20:27:55 +01:00
Tobias Brunner
fd48b220ed
pkcs11: We have to create our own hashes for some signature schemes.
2011-11-02 20:27:55 +01:00
Tobias Brunner
30a3ede8ce
pkcs11: Lookup the public key of a private key by CKA_ID.
...
Currently this only works if a public key object with the same ID is
available, if there isn't one we could search for a certificate with the
same ID and extract the key from there.
2011-11-02 20:27:55 +01:00
Tobias Brunner
5d2fccf439
pkcs11: Search for private keys in a more generic way.
...
Also, don't extract the public key directly from the private key. Some
tokens actually do not return the public exponent (it's not required).
We have to find a different way to get the public key.
2011-11-02 20:27:55 +01:00
Tobias Brunner
9e3b1e1495
pkcs11: Added support to encode ECDSA public keys.
2011-11-02 20:27:55 +01:00
Tobias Brunner
36d1627f6e
pkcs11: Parse ECDSA public keys and find/create them on tokens.
2011-11-02 20:27:55 +01:00
Tobias Brunner
574261163f
pkcs11: Added generic functions to find/create public keys on tokens.
2011-11-02 20:27:55 +01:00
Tobias Brunner
a8084ee011
pkcs11: Store public key length in bits.
2011-11-02 20:27:55 +01:00
Tobias Brunner
8859c1f26b
pkcs11: Fix encoding of RSA public keys.
2011-11-02 20:27:55 +01:00
Tobias Brunner
dae19d448d
pkcs11: Use create_object_attr_enumerator to encode RSA public key.
2011-11-02 20:27:54 +01:00
Tobias Brunner
b0319fe860
pkcs11: Instead of a mutex use a new session to do multipart operations.
2011-11-02 20:27:54 +01:00
Tobias Brunner
c198525104
pkcs11: Function added to retrieve multiple attributes from a single object.
2011-11-02 20:27:54 +01:00
Tobias Brunner
817d165cbc
pkcs11: Memory leak fixed in DH/ECDH implementation.
2011-11-02 20:27:54 +01:00
Tobias Brunner
43cd036a77
pkcs11: Invalid free fixed in DH/ECDH implementation.
2011-11-02 20:27:54 +01:00
Tobias Brunner
50ad6eacb6
pkcs11: Changed how pkcs11-manager is initialized.
...
The manager is now created directly, but events and certificate loading
is deferred.
2011-11-02 20:27:54 +01:00
Tobias Brunner
cf9d45ea08
pkcs11: Add attributes to specify what we use the DH/ECDH keys for.
2011-11-02 20:27:54 +01:00
Andreas Steffen
90bb98f4ac
charon must load libtls if available
2011-11-02 09:28:09 +01:00
Andreas Steffen
b597ac4a4c
fixed integrity tests of plugins using libtls or libtnccs
2011-11-02 06:42:08 +01:00
Tobias Brunner
b7b5bca048
pkcs11: Allow to build pkcs11 plugin on Android.
2011-10-31 18:55:27 +01:00
Tobias Brunner
23b50b776b
pkcs11: Use callback registration for pkcs11-manager.
...
Otherwise a plugin providing X509 decoding capabilities might be unloaded
before the manager which will result in a segmentation fault when
certificates in the manager's credential sets are to be destroyed.
2011-10-31 18:45:37 +01:00
Tobias Brunner
10b82be61f
pkcs11: Merged the ECDH into the DH implementation.
2011-10-31 18:45:37 +01:00
Tobias Brunner
89de89be57
pkcs11: Use get_ck_attribute for ECDH.
2011-10-31 18:45:37 +01:00
Tobias Brunner
cac6853180
pkcs11: Use get_ck_attribute for DH.
2011-10-31 18:45:37 +01:00
Tobias Brunner
8531106578
pkcs11: Method added to library to extract a single attribute from an object.
2011-10-31 18:45:36 +01:00
Tobias Brunner
6a5020fc67
pkcs11: Added names for CKA_* constants.
2011-10-31 18:45:36 +01:00
Tobias Brunner
4e346b1f97
pkcs11: Added support for ECDH.
2011-10-31 18:45:36 +01:00
Tobias Brunner
612e431305
pkcs11: Added definitions needed for ECDH to pkcs11.h.
2011-10-31 18:45:36 +01:00