aboutsummaryrefslogtreecommitdiff
path: root/src/plugins/preauth
AgeCommit message (Expand)AuthorFilesLines
2023-12-12Refactor PKINIT KDF internal interfacesGreg Hudson6-132/+70
2023-11-30Remove PKINIT RSA supportGreg Hudson7-868/+131
2023-11-30In PKINIT, check for null PKCS7 enveloped fieldsGreg Hudson1-1/+3
2023-08-22Add missing dependenciesGreg Hudson2-0/+15
2023-08-22Get rid of pkinit_crypto_openssl.hGreg Hudson3-125/+83
2023-07-24Add ecdsa-with-sha512/256 to supportedCMSTypesJulien Rische1-0/+38
2023-07-24Eliminate old-style function declarationsKen Hornstein2-3/+3
2023-07-17PKINIT ECDH supportGreg Hudson9-178/+384
2023-06-02Enable PKINIT if at least one group is availableGreg Hudson5-35/+51
2023-04-11Convey realm names to certauth modulesGreg Hudson1-9/+11
2023-03-24Make k5buf more flexible for binary dataGreg Hudson1-7/+1
2023-01-13Fix PKINIT CMS error checking for older OpenSSLGreg Hudson1-11/+3
2022-08-18Update error checking for OpenSSL CMS_verifyJulien Rische1-3/+6
2022-07-20Remove include_certchain parameter in PKINITGreg Hudson4-51/+40
2022-07-13Remove pre-CMS PKINIT compatibility codeGreg Hudson2-42/+6
2022-07-07Set reasonable supportedCMSTypes in PKINITJulien Rische3-26/+60
2022-06-08Fix memory leak in OTP kdcpreauth moduleGreg Hudson1-2/+4
2022-06-08Fix uncommon PKINIT memory leaksashan1-1/+8
2022-05-31Fix memory leak in SPAKE kdcpreauth modulesashan1-0/+1
2022-04-29Add configure variable for default PKCS#11 moduleJulien Rische1-1/+0
2022-03-17Use SHA-256 instead of SHA-1 for PKINIT CMS digestJulien Rische1-17/+21
2022-01-28Remove unneeded SPAKE free_modreq methodGreg Hudson1-9/+0
2022-01-27Add replace_reply_key kdcpreauth callbackGreg Hudson3-69/+47
2021-12-29Use 14 instead of 9 for unkeyed SHA-1 checksumGreg Hudson2-11/+4
2021-11-15Update PKINIT for OpenSSL 3Robbie Harwood2-36/+165
2021-11-15Use OpenSSL 3 versions of remaining KDFsRobbie Harwood4-193/+186
2021-11-05Remove pkinit_kdf_constants.cGreg Hudson2-61/+2
2021-11-05Use EVP key agreement in PKINITGreg Hudson2-302/+388
2021-11-04Use OpenSSL SubjectPublicKeyInfo parsing in PKINITGreg Hudson7-336/+279
2021-11-02Use pre-encoded DH parameter constants in PKINITGreg Hudson4-303/+357
2021-10-28Support KRB5_CERTAUTH_HWAUTH_PASS in certauthKen Hornstein1-2/+4
2021-09-15Fix trivial leak in OTP kdcpreauth modulePavel Březina1-0/+1
2021-07-01Fix many unlikely memory leaksRobbie Harwood2-29/+39
2021-07-01Modernize pkinit_get_certs_pkcs11Robbie Harwood1-117/+113
2021-04-07Add additional KRB5_TRACE pointsKen Hornstein4-78/+129
2021-04-07Fix multiple UPN handling in PKINIT client certsKen Hornstein1-3/+2
2021-03-22Fix PKINIT memory leaksGreg Hudson2-2/+5
2021-03-16Use krb5int_open_plugin for PKCS#11 moduleKen Hornstein4-21/+20
2021-03-08Only require one valid pkinit anchor/pool valueKen Hornstein2-5/+25
2021-02-11Infer name type when creating principalsFraser Tweedale1-0/+4
2021-02-11Load certs when checking pkinit_identities valuesKen Hornstein2-21/+19
2020-10-22Use PKG_CHECK_MODULES for system library com_errAnonymous Maarten2-3/+3
2020-04-08Fix typos in commentsGreg Hudson4-5/+5
2020-03-26Make fiat 128-bit typedefs work with older gccGreg Hudson2-3/+5
2020-03-26Eliminate redundant PKINIT responder invocationGreg Hudson2-6/+12
2020-02-27Allow certauth modules to set hw-authent flagGreg Hudson1-8/+16
2019-11-13Use k5-buf.h integer helpers where appropriateGreg Hudson1-11/+4
2019-07-11Update edwards25519 code from BoringSSLGreg Hudson3-1073/+1470
2019-07-11Fix typosAntoine Cœur1-1/+1
2019-06-26Remove PKINIT draft 9 supportGreg Hudson9-805/+275
generated by cgit v1.1 at 2024-10-20 01:47:58 +0000