Paul Bakker
23986e5d5d
- Major type rewrite of int to size_t for most variables and arguments used for buffer lengths and loops
2011-04-24 08:57:21 +00:00
Paul Bakker
eaa89f8366
- Do not depend on dhm code if POLARSSL_DHM_C not defined
2011-04-04 21:36:15 +00:00
Paul Bakker
66b78b2d16
- Added missing rsa_init() call in x509parse_self_test()
2011-03-25 14:22:50 +00:00
Paul Bakker
53019ae6f7
- RSASSA-PSS verification now properly handles salt lengths other than hlen
2011-03-25 13:58:48 +00:00
Paul Bakker
400ff6f0fd
- Corrected parsing of UTCTime dates before 1990 and after 1950
...
- Support more exotic OID's when parsing certificates
- Support more exotic name representations when parsing certificates
- Replaced the expired test certificates
2011-02-20 10:40:16 +00:00
Paul Bakker
96743fc5f5
- Parsing of PEM files moved to separate module (Fixes ticket #13 ). Also possible to remove PEM support for systems only using DER encoding
...
- Parsing PEM private keys encrypted with DES and AES are now supported (Fixes ticket #5 )
- Added tests for encrypted keyfiles
2011-02-12 14:30:57 +00:00
Paul Bakker
d61e7d98cb
- Cleaned up warning-generating code
2011-01-18 16:17:47 +00:00
Paul Bakker
0f5f72e949
- Fixed doxygen syntax to standard '\' instead of '@'
2011-01-18 14:58:55 +00:00
Paul Bakker
3cccddb238
- Fixed identification of non-critical CA certificates
2011-01-16 21:46:31 +00:00
Paul Bakker
b619499eb3
- x509parse_time_expired() checks time now in addition to the existing date check
2011-01-16 21:40:22 +00:00
Paul Bakker
a056efc8f9
- Fixed serial length check
2011-01-16 21:38:35 +00:00
Paul Bakker
dd47699ba5
- Moved storing of a printable serial into a separate function
2011-01-16 21:34:59 +00:00
Paul Bakker
76fd75a3de
- Improved certificate validation and validation against the available CRLs
2011-01-16 21:12:10 +00:00
Paul Bakker
74111d30b7
- Improved X509 certificate parsing to include extended certificate fields, such as Key Usage
2011-01-15 16:57:55 +00:00
Paul Bakker
b63b0afc05
- Added verification callback in certificate verification chain in order to allow external blacklisting
2011-01-13 17:54:59 +00:00
Paul Bakker
1b57b06751
- Added reading of DHM context from memory and file
2011-01-06 15:48:19 +00:00
Paul Bakker
b96f154e51
- Fixed copyright message
2010-07-18 20:36:00 +00:00
Paul Bakker
84f12b76fc
- Updated Copyright to correct entity
2010-07-18 10:13:04 +00:00
Paul Bakker
fc8c4360b8
- Updated copyright line to 2010
2010-03-21 17:37:16 +00:00
Paul Bakker
1f3c39c194
- Removed copyright line for Christophe Devine for clarity
2010-03-21 17:30:05 +00:00
Paul Bakker
27d661657b
- Added x509_get_sig_alg() to allow easy future X509 signature algorithm determination expansion
2010-03-17 06:56:01 +00:00
Paul Bakker
ff60ee6c2a
- Added const-correctness to main codebase
2010-03-16 21:09:09 +00:00
Paul Bakker
9120018f3d
- Added support for GeneralizedTime in X509 certificates
2010-02-18 21:26:15 +00:00
Paul Bakker
fe1aea7877
- Fixed typo in MD4 define
2009-10-03 20:09:14 +00:00
Paul Bakker
de4d2eae95
- Added handling of missing POLARSSL_MD5_C define and POLARSSL_SHA1_c define
2009-10-03 19:58:52 +00:00
Paul Bakker
77b385e91a
- Updated copyright messages on all relevant files
2009-07-28 17:23:11 +00:00
Paul Bakker
c6ce838d8f
- Better handling of extension parsing
2009-07-27 21:34:45 +00:00
Paul Bakker
9be19375e5
- Fill base data for x509_crl_entry in CRL correctly
...
- Internal structure of sequences is not optional anymore (as per RFC)
- nextUpdate handles optionality correct if no revokedCertificates are present.
- x509parse_crl_info handles the case of no entries correctly
2009-07-27 20:21:53 +00:00
Paul Bakker
635f4b4cf9
- Updated error check on optional nextUpdate in CRL
2009-07-20 20:34:41 +00:00
Paul Bakker
1e27bb24bc
- Added newline at end of CRL info
2009-07-19 20:25:25 +00:00
Paul Bakker
1973e4c582
- Fixed selftest of X509parse code
2009-07-10 22:32:40 +00:00
Paul Bakker
40ea7de46d
- Added CRL revocation support to x509parse_verify()
...
- Fixed an off-by-one allocation in ssl_set_hostname()
- Added CRL support to SSL/TLS code
2009-05-03 10:18:48 +00:00
Paul Bakker
7d06ad2b52
- Fixed formatting
2009-05-02 15:53:56 +00:00
Paul Bakker
d98030e7d6
- Added prelimenary CRL parsing and info support
2009-05-02 15:13:40 +00:00
Paul Bakker
2b245ebd9f
- Moved file loading to load_file
2009-04-19 18:44:26 +00:00
Paul Bakker
7c6d4a4e6b
- Fixed new logic on certificate chains in x509parse_verify()
2009-03-28 20:35:47 +00:00
Paul Bakker
e9581d66b0
- Fixed logic error on end of 'full' chain
2009-03-28 20:29:25 +00:00
Paul Bakker
320a4b59a8
- Added input handling for x509parse_crt()
...
- Prevented memory leak by only adding new certificate if needed in x509parse_crt()
- Add certificate before parsing if chain is 'full' in x509parse_crt()
2009-03-28 18:52:39 +00:00
Paul Bakker
026c03b7f4
- Made changes for better compatibility with old-style C compilers
2009-03-28 17:53:03 +00:00
Paul Bakker
4593aeadaf
- Added support for RFC4055 SHA2 and SHA4 signature algorithms for
...
use with PKCS#1 v1.5 signing and verification.
- Added extra certificates to test-ca and test code to further test
functionality of SHA2 and SHA4 signing and verification.
- Updated other program files accordingly
2009-02-09 22:32:35 +00:00
Paul Bakker
3681b118ec
- Enlarged debug buffer to facilitate long certificate values and filenames
2009-02-07 17:14:21 +00:00
Paul Bakker
785a9eeece
- Added email address to header license information
2009-01-25 14:15:10 +00:00
Paul Bakker
e0ccd0a7c3
- Updated Copyright notices
2009-01-04 16:27:10 +00:00
Paul Bakker
40e46940df
- First replacement of xyssl by polarssl where needed
2009-01-03 21:51:57 +00:00
Paul Bakker
5121ce5bdb
- Renamed include directory to polarssl
2009-01-03 21:22:43 +00:00