DNSSEC PKCS11 support
Merge request reports
Activity
Filter activity
Added 193 commits:
- 2ce2a757...7e8072e2 - 127 commits from branch
master
- 512b2030 - dnssec: pkcs11 placeholder API
- c013881b - dnssec: manual pkcs11 initialization
- cbd12e04 - dnssec: add DNSSEC_PKCS11_FAILED_TO_LOAD
- 2836f2f3 - dnssec: add cleanup macro for gnutls_pubkey_t
- abc390f9 - dnssec: PKCS11 generate key with fixed CKA_ID
- 768052bc - dnssec: initial unit tests for PKCS11 interface
- 22cc3bdc - dnssec: conditional compilation of PKCS11 support
- 9cf192fa - dnssec: dnssec_key_t remove key ID
- af23f7a1 - dnssec: key ID required to import private key from keystore
- a73b2907 - dnssec: fix missing includes
- f12c5d00 - dnssec: KASP store key ID in dnssec_kasp_key_t
- 54f95867 - dnssec: keymgr, update to new key ID location
- c2765dff - dnssec/tests: validate empty zone in KASP zone_load callback
- 81dd3656 - dnssec: validate zone before serializing into KASP
- 80610225 - server: adapt to new key loading API
- 6f68da36 - online signing: adapt to new key loading API
- cef80ba4 - dnssec: fix gnutls_pkcs11_privkey_generate3 detection
- b3799a65 - dnssec: PKCS11, generate key with random CKA_ID
- 82f978ac - dnssec: PKCS11, generate key unique URL
- 85f5a892 - dnssec: PKCS11, delete key from token
- bc3a9659 - dnssec: PKCS11, load private key
- c0d7ffe2 - dnssec: PKCS11, refactor variable names
- 0b4f52c5 - dnssec: pkcs11 keystore close is no-op
- 59edb801 - dnssec: pkcs11, implement keystore content listing
- df6b0e67 - dnssec: pkcs11 key delete, fix error code processing
- bc6eee03 - indicate PKCS 11 supported in configure summary
- 1ce8d660 - libtap: add test_mkdtemp() and test_rm_rf()
- adaa36bf - dnssec: conditional PKCS 11 crypto initialization
- 98a55ce4 - dnssec: tests for PKCS 11 keystore
- f9b4fa5f - dnssec: fix leak in PKCS 11 keystore deinit
- 08452521 - dnssec: remove unused context variable
- ed1c42c4 - dnssec: tidy up the internal PEM interface
- 72cec143 - dnssec: fix config name in PKCS 11 test
- 41e91c85 - dnssec: prepare for internal keyid API
- cc0f4df8 - dnssec: key ID conversions for GnuTLS in internal API
- e3e4a5a8 - dnssec: PEM, use new key ID API
- c46dfcac - dnssec: fix typo in tests
- c0a9cea5 - dnssec: add expected signature into PKCS 11 test
- 15f61248 - dnssec: share flags for all objects added to PKCS 11 token
- 320883f1 - dnssec: implement key import into PKCS 11 token
- 1c3fb5ce - dnssec: fix error code for invalid key lookup in PKCS11 token
- 934aa2bf - dnssec: use default GnuTLS key ID flags
- 7ea80342 - dnssec: skelet for KASP keystore entity
- 6f152e46 - dnssec: add tests for KASP keystore
- 37c8a4c1 - dnssec: fix memory leak in dnssec_kasp_keystore_free
- 05440fc8 - dnssec: KASP dir storage, keystore placeholder implementation
- be84ffbc - dnssec: refactor entity access in KASP dir implementation
- b759e27e - dnssec: remove KASP dir store implementation from module scope
- c54c6bc3 - dnssec: add kasp_keystore_cleanup into internal API
- 9dd60a7e - dnssec: KASP string attribute encoding in JSON
- 23c32c12 - dnssec: KASP keystore serialization
- 2ea0fe47 - dnssec: fix JSON string serialization
- 21e3f572 - dnssec: fix configuration path construction in KASP dir storage
- 1d85cc2b - dnssec: internal API providing KASP base path
- fa416144 - dnssec: interface to open key store from the KASP configuration
- 40e2f321 - dnssec: add 'manual' flag into policy
- 8c298aa4 - dnssec: algorithm aware default policy
- 2f7ce9c5 - server: manual policy based on libdnssec defaults
- 82cf91aa - fix different enum values comparison
- 454ba99d - dnssec: fix key ID setting in automatic key generating
- 980bf56f - dnssec: set keystore in policy
- c4ab2569 - dnssec: use constants for backend specification
- 3e485752 - dnssec: require module name in PKCS 11 config
- 5a70bb8c - server: pick correct dnssec keystore
- 6a9a6a58 - dnssec: remove useless comment
- a4c56124 - dnssec: fix shared linking by moving keyid to shared
Toggle commit list- 2ce2a757...7e8072e2 - 127 commits from branch
Added 6 commits:
- 240976b4 - dnssec: more details in keymgr keystore show
- 88f68903 - dnssec: keymgr man, provide new description of keystore subcommand
- d3051aff - dnssec: keymgr man, init command adds default policy and default key store
- cd196686 - dnssec: keymgr man, add new policy attributes
- 42acb42a - dnssec: keymgr man, fix wrapping of long commands
- 6ec6a9b3 - dnssec: keymgr man, regenerate manual page
Toggle commit listAdded 6 commits:
- e0ad606e - dnssec: keystore open/init with path fix workaround
- f8b74011 - dnssec: remove outdated TODO
- 0a00aa12 - dnssec: retain reference to keystore when clearing policy settings
- 1d2d0cce - dnssec: keymgr, enforce policy and keystore setting
- 4b8403c5 - server: policy loading in server with updated API
- 95e9dad7 - tests-extra: manual signing policy in all KASP databases
Toggle commit listAdded 1 commit:
- 6d36fc6b - dnssec: fix memory leak in KASP zone freeing
mentioned in commit 0b60906a
Please register or sign in to reply