Manuel Pégourié-Gonnard
|
31e59400d2
|
Add missing f_rng/p_rng arguments to x509write_crt
|
2013-09-12 11:57:02 +02:00 |
|
Manuel Pégourié-Gonnard
|
53c642504e
|
Use PK internally for x509write_crt
|
2013-09-12 11:57:02 +02:00 |
|
Manuel Pégourié-Gonnard
|
f38e71afd5
|
Convert x509write_crt interface to PK
|
2013-09-12 11:57:02 +02:00 |
|
Manuel Pégourié-Gonnard
|
6de63e480d
|
Add EC support to x509write_key
|
2013-09-12 11:57:01 +02:00 |
|
Manuel Pégourié-Gonnard
|
edda9041fc
|
Adapt asn1_write_algorithm_identifier() to params
|
2013-09-12 11:57:01 +02:00 |
|
Manuel Pégourié-Gonnard
|
3837daec9e
|
Add EC support to x509write_pubkey
|
2013-09-12 11:57:01 +02:00 |
|
Manuel Pégourié-Gonnard
|
e1f821a6eb
|
Adapt x509write_pubkey interface to use PK
key_app_writer will be fixed later
|
2013-09-12 11:57:01 +02:00 |
|
Manuel Pégourié-Gonnard
|
ee73179b2f
|
Adapt x509write_csr prototypes for PK
|
2013-09-12 11:57:00 +02:00 |
|
Manuel Pégourié-Gonnard
|
8053da4057
|
x509write_csr() now fully using PK internally
|
2013-09-12 11:57:00 +02:00 |
|
Manuel Pégourié-Gonnard
|
5353a03eb9
|
x509write_csr using PK internally (WIP)
|
2013-09-12 11:57:00 +02:00 |
|
Paul Bakker
|
1c3853b953
|
oid_get_oid_by_*() now give back oid length as well
|
2013-09-10 11:43:44 +02:00 |
|
Paul Bakker
|
eba3ccf785
|
Typo in config.h
|
2013-09-09 15:56:09 +02:00 |
|
Paul Bakker
|
f9f377e652
|
CSR Parsing (without attributes / extensions) implemented
|
2013-09-09 15:35:10 +02:00 |
|
Paul Bakker
|
cdda097507
|
Fixed doxygen documentation in asn1.h (added \brief)
|
2013-09-09 12:51:29 +02:00 |
|
Paul Bakker
|
52be08c299
|
Added support for writing Key Usage and NS Cert Type extensions
|
2013-09-09 12:38:45 +02:00 |
|
Paul Bakker
|
cd35803684
|
Changes x509_csr to x509write_csr
|
2013-09-09 12:38:45 +02:00 |
|
Paul Bakker
|
5f45e62afe
|
Migrated from x509_req_name to asn1_named_data structure
|
2013-09-09 12:02:36 +02:00 |
|
Paul Bakker
|
c547cc992e
|
Added generic asn1_free_named_data_list()
|
2013-09-09 12:01:23 +02:00 |
|
Paul Bakker
|
59ba59fa30
|
Generalized x509_set_extension() behaviour to asn1_store_named_data()
|
2013-09-09 11:34:44 +02:00 |
|
Paul Bakker
|
15162a054a
|
Writing of X509v3 extensions supported
Standard extensions already in: basicConstraints, subjectKeyIdentifier
and authorityKeyIdentifier
|
2013-09-06 19:27:21 +02:00 |
|
Paul Bakker
|
329def30c5
|
Added asn1_write_bool()
|
2013-09-06 16:34:38 +02:00 |
|
Paul Bakker
|
9397dcb0e8
|
Base X509 certificate writing functinality
|
2013-09-06 10:36:28 +02:00 |
|
Paul Bakker
|
f451bac000
|
Blinding RSA only active when f_rng is provided
|
2013-08-30 15:48:53 +02:00 |
|
Paul Bakker
|
48377d9834
|
Configuration option to enable/disable POLARSSL_PKCS1_V15 operations
|
2013-08-30 13:41:14 +02:00 |
|
Paul Bakker
|
548957dd49
|
Refactored RSA to have random generator in every RSA operation
Primarily so that rsa_private() receives an RNG for blinding purposes.
|
2013-08-30 10:30:02 +02:00 |
|
Paul Bakker
|
ca174fef80
|
Merged refactored x509write module into development
|
2013-08-28 16:32:51 +02:00 |
|
Manuel Pégourié-Gonnard
|
c852a68b96
|
More robust selection of ctx_enc size
|
2013-08-28 13:13:30 +02:00 |
|
Paul Bakker
|
577e006c2f
|
Merged ECDSA-based key-exchange and ciphersuites into development
Conflicts:
include/polarssl/config.h
library/ssl_cli.c
library/ssl_srv.c
library/ssl_tls.c
|
2013-08-28 11:58:40 +02:00 |
|
Manuel Pégourié-Gonnard
|
acc7505a35
|
Temporary fix for size of cipher contexts
|
2013-08-27 22:21:21 +02:00 |
|
Manuel Pégourié-Gonnard
|
db77175e99
|
Make ecdsa_verify() return value more explicit
|
2013-08-27 22:21:21 +02:00 |
|
Manuel Pégourié-Gonnard
|
2fb15f694c
|
Un-rename ssl_set_own_cert_alt()
|
2013-08-27 22:21:21 +02:00 |
|
Manuel Pégourié-Gonnard
|
c6b6803dcf
|
Add forgotten "inline" keyword
|
2013-08-27 22:21:21 +02:00 |
|
Manuel Pégourié-Gonnard
|
e511ffca50
|
Allow compiling without RSA or DH
Only library and programs now, need to check test suites later.
|
2013-08-27 22:21:21 +02:00 |
|
Manuel Pégourié-Gonnard
|
bfe32efb9b
|
pk_{sign,verify}() now accept hash_len = 0
|
2013-08-27 22:21:21 +02:00 |
|
Manuel Pégourié-Gonnard
|
a20c58c6f1
|
Use convert functions for SSL_SIG_* and SSL_HASH_*
|
2013-08-27 22:21:20 +02:00 |
|
Manuel Pégourié-Gonnard
|
51be559c53
|
Fix PKCS#11 deps: now goes through PK
|
2013-08-27 22:21:20 +02:00 |
|
Manuel Pégourié-Gonnard
|
c40b4c3708
|
Add configuration item for the PK module
|
2013-08-27 22:21:20 +02:00 |
|
Manuel Pégourié-Gonnard
|
0d42049440
|
Merge code for RSA and ECDSA in SSL
|
2013-08-27 22:21:20 +02:00 |
|
Manuel Pégourié-Gonnard
|
070cc7fd21
|
Use the new PK RSA-alt interface
|
2013-08-27 22:21:20 +02:00 |
|
Manuel Pégourié-Gonnard
|
12c1ff0ecb
|
Add RSA-alt to the PK layer
|
2013-08-27 22:21:20 +02:00 |
|
Manuel Pégourié-Gonnard
|
a2d3f22007
|
Add and use pk_encrypt(), pk_decrypt()
|
2013-08-27 22:21:20 +02:00 |
|
Manuel Pégourié-Gonnard
|
8df2769178
|
Introduce pk_sign() and use it in ssl
|
2013-08-27 22:21:20 +02:00 |
|
Manuel Pégourié-Gonnard
|
ac75523593
|
Adapt ssl_set_own_cert() to generic keys
|
2013-08-27 22:21:20 +02:00 |
|
Manuel Pégourié-Gonnard
|
09edda888e
|
Check key type against selected key exchange
|
2013-08-27 22:21:19 +02:00 |
|
Manuel Pégourié-Gonnard
|
32ea60a127
|
Declare ECDSA key exchange and ciphersuites
Also fix bug in ssl_list_ciphersuites().
For now, disable it on server.
Client will offer it but fail if server selects it.
|
2013-08-27 22:21:19 +02:00 |
|
Manuel Pégourié-Gonnard
|
0b03200e96
|
Add server-side support for ECDSA client auth
|
2013-08-27 22:21:19 +02:00 |
|
Paul Bakker
|
0be444a8b1
|
Ability to disable server_name extension (RFC 6066)
|
2013-08-27 21:55:01 +02:00 |
|
Paul Bakker
|
d2f068e071
|
Ability to enable / disable SSL v3 / TLS 1.0 / TLS 1.1 / TLS 1.2 individually
|
2013-08-27 21:19:20 +02:00 |
|
Paul Bakker
|
fb08fd2e23
|
Entropy collector and CTR-DRBG now also work on SHA-256 if SHA-512 not available
|
2013-08-27 15:06:54 +02:00 |
|
Paul Bakker
|
9852d00de6
|
Moved asn1write funtions to use asn1_write_raw_buffer()
|
2013-08-26 17:56:37 +02:00 |
|