Tobias Brunner
d7dc677ee5
x509: Correctly encode nonce in OCSP request
...
The nonce value is encoded as OCTET STRING, however, the extension
values themselves must also be encoded as OCTET STRING.
2017-07-07 08:57:14 +02:00
Andreas Steffen
a88d958933
Explicitly mention SHA2 algorithm in BLISS OIDs and signature schemes
2015-11-06 14:55:31 +01:00
Andreas Steffen
b6bb32e658
Implemented full BLISS support for IKEv2 public key authentication and the pki tool
2014-11-29 14:51:18 +01:00
Tobias Brunner
3f3680ec3f
x509: Initialize certs when building optionalSignature for OCSP requests
2014-04-09 16:06:17 +02:00
Tobias Brunner
f05b427265
Moved debug.[ch] to utils folder
2012-10-24 16:00:51 +02:00
Tobias Brunner
12642a6831
Moved data structures to new collections subfolder
2012-10-24 16:00:49 +02:00
Martin Willi
87dd205b61
Add a return value to hasher_t.allocate_hash()
2012-07-16 14:55:06 +02:00
Tobias Brunner
ae56e1eb97
Check rng return value when generating OCSP nonces
2012-07-16 14:53:35 +02:00
Martin Willi
a37f2d2006
certificate_t->issued_by takes an argument to receive signature scheme
2012-06-12 14:24:49 +02:00
Andreas Steffen
fbe52bb008
Migrated x509_ocsp_request to INIT/METHOD macros
2011-09-28 20:58:15 +02:00
Martin Willi
0406eeaacb
Support different encoding types in certificate.get_encoding()
2010-07-13 13:53:20 +02:00
Martin Willi
da9724e6d0
Renamed key_encod{ing,der}_t and constants, prepare for generic credential encoding
2010-07-13 11:29:35 +02:00
Tobias Brunner
8b0e09103b
Adding DBG_LIB to all calls of libstrongswan's version of DBG*.
2010-04-06 12:47:40 +02:00
Martin Willi
3b878dae7e
Removed chunk_from_buf() in favor of a simpler chunk_from_chars() macro
2009-09-11 15:39:35 +02:00
Martin Willi
d73f453c29
Updated x509 plugin to the new builder API
2009-09-10 16:20:21 +02:00
Martin Willi
323f9f990f
replaces four spaces by tabs, where appropriate
2009-09-04 14:50:23 +02:00
Martin Willi
7daf5226b7
removed trailing spaces ([[:space:]]+$)
2009-09-04 13:46:09 +02:00
Martin Willi
472cb4ce77
distinguish between RFC 4754 (concatenated) and RFC 3279 (DER encoded) ECDSA signatures
2009-08-27 17:37:42 +02:00
Martin Willi
eb73685dac
create algorithmIdentifier dynamically from OID database
2009-08-27 13:59:30 +02:00
Martin Willi
6b6ece636c
updated x509 plugin to public key/x509 API changes
2009-08-26 11:23:52 +02:00
Andreas Steffen
e24aaddde0
hide credentials headers in credential_factory.h
2009-05-28 15:35:02 +02:00
Tobias Brunner
8c5d72cd0b
removing svn keyword $Id$ from all files
2009-04-30 13:19:35 +00:00
Martin Willi
f7c17aa15c
refactored credential builder
...
allow enumeration of matching builders
try a second builder if the first one fails
builder clones resources internally on demand
caller frees added resources on failure and success
stricter handling of non-supported build parts
2008-09-02 11:00:13 +00:00
Andreas Steffen
0d12006def
support of ECDSA signatures for all certificate types
2008-06-22 17:41:07 +00:00
Martin Willi
6a365f0740
added API for random number generators, served through credential factory
...
ported randomizer_t to a rng_t on top of /dev/(u)random (plugin random)
2008-04-15 05:56:35 +00:00
Martin Willi
b5dbcc6270
compare certificates against full encoding to allow equality check of untrusted certs
2008-04-07 08:28:35 +00:00
Martin Willi
7b88a983d8
caching of ocsp responses (experimental), no crl caching yet
2008-03-26 15:21:50 +00:00
Martin Willi
552cc11b1f
merged the modularization branch (credentials) back to trunk
2008-03-13 14:14:44 +00:00