aboutsummaryrefslogtreecommitdiffstats
path: root/package/utils/px5g/px5g.c
Commit message (Collapse)AuthorAgeFilesLines
* px5g: support EC keysEneas U de Queiroz2019-09-041-17/+69
| | | | | | | | | | | | | | | | | | | This adds an 'eckey' command to generate an EC key, with an optional curve name argument, with P-256 as default. For the 'selfsigned' command, it adds an 'ec' algorithm argument to the '-newkey' option, and a '-pkeyopt ec_paramgen_curve:<curvename>' option, mirroring the way openssl specifies the curve name. Notice that curve names are not necessarily the same in mbedtls and openssl. In particular, secp256r1 works for mbedtls, but openssl uses prime256v1 instead. px5g uses mbedtls, but short NIST curve names P-256 and P-384 are specifically supported. Package size increased by about 900 bytes (arm). Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (cherry picked from commit a552ababd4ff8e91d3f03f7496f12d080a71ba28)
* px5g: remove legacy polarssl supportFelix Fietkau2017-01-091-43/+28
| | | | | | | The old polarssl 1.3 branch is EOL since end of 2016, and the package for it will be removed soon. Signed-off-by: Felix Fietkau <nbd@nbd.name>
* px5g: Create mbedtls variantDaniel Dickinson2016-07-051-29/+45
| | | | | | | | px5g has been listed as a blocker for switching to new mbedtls as the default, therefore make and mbedtls variant of px5g so that an new mbedtls-only image can be created. Signed-off-by: Daniel Dickinson <lede@daniel.thecshore.com>
* treewide: replace nbd@openwrt.org with nbd@nbd.nameFelix Fietkau2016-06-071-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* px5g: Use SHA-256 when generating self-signed certificatesFelix Fietkau2015-11-061-1/+1
| | | | | | Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com> SVN-Revision: 47391
* fix subject in generated certificatesJo-Philipp Wich2015-01-251-1/+1
| | | | | | Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 44149
* px5g: generate unique serial numbersJo-Philipp Wich2014-11-031-2/+6
| | | | | | | | | Generate a random serial from /dev/urandom when creating selfsigned certs. Fixes "sec_error_reused_issuer_and_serial" with Firefox. Signed-off-by: Jo-Philipp Wich <jow@openwrt.org> SVN-Revision: 43168
* px5g: rename the old package to px5g-standalone, add a new one that links ↵Felix Fietkau2014-03-211-0/+269
against polarssl Signed-off-by: Felix Fietkau <nbd@openwrt.org> SVN-Revision: 40000