Commit graph

293 commits

Author SHA1 Message Date
Manuel Pégourié-Gonnard 244569f4b1 Use generic x509_get_pubkey() for RSA functions 2013-07-17 15:59:40 +02:00
Paul Bakker 8ea6c61477 Rename of prvkey -> privkey fix in test suite files 2013-07-16 17:16:58 +02:00
Manuel Pégourié-Gonnard de44a4aecf Rename ecp_check_prvkey with a 'i' for consistency 2013-07-09 16:42:34 +02:00
Manuel Pégourié-Gonnard 8838099330 Add x509parse_{,public}_key{,file}()
Also make previously public *_ec functions private.
2013-07-08 17:32:27 +02:00
Manuel Pégourié-Gonnard 2b9252cd8f Add tests for x509parse_key_ec()
Test files were generated as follows:

openssl ecparam -name prime192v1 -genkey > key.pem

openssl ec -in key.pem -pubout -outform PEM > pub.pem
openssl ec -in key.pem -pubout -outform DER > pub.der

openssl ec -in key.pem -outform pem > prv.sec1.pem
openssl ec -in key.pem -outform der > prv.sec1.der
openssl ec -in key.pem -des -passout pass:polar -outform pem > prv.sec1.pw.pem

openssl pkcs8 -topk8 -in key.pem -nocrypt -outform pem > prv.pk8.pem
openssl pkcs8 -topk8 -in key.pem -nocrypt -outform der > prv.pk8.der
openssl pkcs8 -topk8 -in key.pem -passout pass:polar -outform der \
    > prv.pk8.pw.der
openssl pkcs8 -topk8 -in key.pem -passout pass:polar -outform pem \
    > prv.pk8.pw.pem
2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard 1bc6931f8c Add test for x509parse_public_keyfile_ec 2013-07-08 15:31:19 +02:00
Manuel Pégourié-Gonnard ba4878aa64 Rename x509parse_key & co with _rsa suffix 2013-07-08 15:31:18 +02:00
Manuel Pégourié-Gonnard c8dc295e83 Add ecp_check_prvkey, with test
Also group key checking and generation functions in ecp.h and ecp.c.
2013-07-08 15:31:18 +02:00
Paul Bakker 92b8dc0535 Fixed memory leaks in tests 2013-07-03 17:22:31 +02:00
Paul Bakker e07c431eb3 Test suite automatically uses buffer-based memory allocator if present
Eat your own dog-food..
2013-07-03 17:22:31 +02:00
Paul Bakker d2681d82e2 Renamed sha2.{c,h} to sha256.{c,h} and sha4.{c,h} to sha512.{c,h} 2013-06-30 14:49:12 +02:00
Paul Bakker 9e36f0475f SHA2 renamed to SHA256, SHA4 renamed to SHA512 and functions accordingly
The SHA4 name was not clear with regards to the new SHA-3 standard. So
SHA2 and SHA4 have been renamed to better represent what they are:
SHA256 and SHA512 modules.
2013-06-30 14:34:05 +02:00
Paul Bakker fd3eac5786 Cleaned up ECP error codes 2013-06-29 23:31:33 +02:00
Paul Bakker 5dc6b5fb05 Made supported curves configurable 2013-06-29 23:26:34 +02:00
Paul Bakker f8d018a274 Made asn1_get_alg() and asn1_get_alg_null() as generic functions
A generic function for retrieving the AlgorithmIdentifier structure with
its parameters and adapted X509, PKCS#5 and PKCS#12 to use them.
2013-06-29 18:35:40 +02:00
Paul Bakker b9d3cfa114 Split up GCM into a start/update/finish cycle 2013-06-26 15:08:29 +02:00
Paul Bakker 534f82c77a Made ctr_drbg_init_entropy_len() non-static and defined 2013-06-25 16:47:55 +02:00
Paul Bakker b6c5d2e1a6 Cleanup up non-prototyped functions (static) and const-correctness
More fixes based on the compiler directives -Wcast-qual -Wwrite-strings
-Wmissing-prototypes -Wmissing-declarations. Not everything with regards
to -Wcast-qual has been fixed as some have unwanted consequences for the
rest of the code.
2013-06-25 16:25:17 +02:00
Paul Bakker f67edd9db8 Made x509parse PKCS#12 and PKCS#5 tests dependent on defines
(cherry picked from commit db7ea6f162)
2013-06-25 15:06:53 +02:00
Paul Bakker 38b50d73a1 Moved PKCS#12 PBE functions to cipher / md layer where possible
The 3-key and 2-key Triple DES PBE functions have been replaced with a
single pkcs12_pbe() function that handles both situations (and more).

In addition this allows for some PASSWORD_MISMATCH checking
(cherry picked from commit 14a222cef2)
2013-06-25 15:06:53 +02:00
Paul Bakker a4232a7ccb x509parse_crt() and x509parse_crt_der() return X509 password related codes
POLARSSL_ERR_X509_PASSWORD_MISMATCH is returned instead of
POLARSSL_ERR_PEM_PASSWORD_MISMATCH and
POLARSSL_ERR_X509_PASSWORD_REQUIRED instead of
POLARSSL_ERR_PEM_PASSWORD_REQUIRED

Rationale: For PKCS#8 encrypted keys the same are returned
(cherry picked from commit b495d3a2c7)
2013-06-25 15:06:53 +02:00
Paul Bakker 28144decef PKCS#5 v2 PBES2 support and use in PKCS#8 encrypted certificates
The error code POLARSSL_ERR_X509_PASSWORD_MISMATCH is now properly
returned in case of an encryption failure in the padding. The
POLARSSL_ERR_X509_PASSWORD_REQUIRED error code is only returned for PEM
formatted private keys as for DER formatted ones it is impossible to
distinguish if a DER blob is PKCS#8 encrypted or not.
(cherry picked from commit 1fd4321ba2)

Conflicts:
	include/polarssl/error.h
	scripts/generate_errors.pl
2013-06-25 15:06:52 +02:00
Paul Bakker b0c19a4b3d PKCS#5 module added. Moved PBKDF2 functionality inside and deprecated
old PBKDF2 module.
(cherry picked from commit 19bd297dc8)

Conflicts:
	include/polarssl/error.h
	scripts/generate_errors.pl
2013-06-25 15:06:52 +02:00
Paul Bakker 28837ff2f4 Make sure polarssl/config.h is included at the start
(cherry picked from commit 9691bbe9b3)
2013-06-25 15:06:51 +02:00
Paul Bakker f1f21fe825 Parsing of PKCS#8 encrypted private key files added and PKCS#12 basis
PKCS#8 encrypted key file support has been added to x509parse_key() with
support for some PCKS#12 PBE functions (pbeWithSHAAnd128BitRC4,
pbeWithSHAAnd3-KeyTripleDES-CBC and pbeWithSHAAnd2-KeyTripleDES-CBC)
(cherry picked from commit cf6e95d9a8)

Conflicts:
	scripts/generate_errors.pl
2013-06-25 15:06:51 +02:00
Paul Bakker e2f5040876 Internally split up x509parse_key()
Split up x509parse_key() into a (PEM) handler function and specific
DER parser functions for the PKCS#1 (x509parse_key_pkcs1_der()) and
unencrypted PKCS#8 (x509parse_key_pkcs8_unencrypted_der()) private
key formats.
(cherry picked from commit 65a1909dc6)

Conflicts:
	library/x509parse.c
2013-06-25 15:06:50 +02:00
Paul Bakker ef3f8c747e Fixed const correctness issues in programs and tests
(cherry picked from commit e0225e4d7f)

Conflicts:
	programs/ssl/ssl_client2.c
	programs/ssl/ssl_server2.c
	programs/test/ssl_test.c
	programs/x509/cert_app.c
2013-06-24 19:09:24 +02:00
Paul Bakker 286bf3c501 Split up largest test suite data files into smaller chunks 2013-04-08 18:09:51 +02:00
Paul Bakker c70b982056 OID functionality moved to a separate module.
A new OID module has been created that contains the main OID searching
functionality based on type-dependent arrays. A base type is used to
contain the basic values (oid_descriptor_t) and that type is extended to
contain type specific information (like a pk_alg_t).

As a result the rsa sign and verify function prototypes have changed. They
now expect a md_type_t identifier instead of the removed RSA_SIG_XXX
defines.

All OID definitions have been moved to oid.h
All OID matching code is in the OID module.

The RSA PKCS#1 functions cleaned up as a result and adapted to use the
MD layer.

The SSL layer cleanup up as a result and adapted to use the MD layer.

The X509 parser cleaned up and matches OIDs in certificates with new
module and adapted to use the MD layer.

The X509 writer cleaned up and adapted to use the MD layer.

Apps and tests modified accordingly
2013-04-07 22:00:46 +02:00
Paul Bakker 00c1f43743 Merge branch 'ecc-devel-mpg' into development 2013-03-13 16:31:01 +01:00
Paul Bakker 90f042d4cb Prepared for PolarSSL 1.2.6 release 2013-03-11 11:38:44 +01:00
Manuel Pégourié-Gonnard 424fda5d7b Add ecdh_calc_secret() 2013-02-11 22:05:42 +01:00
Manuel Pégourié-Gonnard 5cceb41d2c Add ecdh_{make,read}_public() 2013-02-11 21:51:45 +01:00
Manuel Pégourié-Gonnard 854fbd7ba2 Add ecdh_read_params(). 2013-02-11 21:32:24 +01:00
Manuel Pégourié-Gonnard 98f51815d6 Fix ecp_tls_read_point's signature 2013-02-10 13:38:29 +01:00
Manuel Pégourié-Gonnard 7c145c6418 Fix ecp_tls_read_group's signature 2013-02-10 13:20:52 +01:00
Manuel Pégourié-Gonnard 8c16f96259 Add a few tests for ecp_tls_read_point 2013-02-10 13:00:20 +01:00
Manuel Pégourié-Gonnard 46106a9d75 Add tests for (and fix bug in) ecp_tls_write_group 2013-02-10 12:51:17 +01:00
Manuel Pégourié-Gonnard 420f1eb675 Fix ecp_tls_write_point's signature 2013-02-10 12:22:46 +01:00
Manuel Pégourié-Gonnard 6282acaec2 Add basic tests for ecp_tls_*_point 2013-02-10 11:15:11 +01:00
Manuel Pégourié-Gonnard 7e86025f32 Rename ecp_*_binary to ecp_point_*_binary 2013-02-10 10:58:48 +01:00
Manuel Pégourié-Gonnard d84895dc22 Supress 'format' argument to ecp_read_binary.
And adjust error codes for ecp_*_binary while at it.
2013-02-10 10:53:04 +01:00
Manuel Pégourié-Gonnard 1a96728964 Add function parsing a TLS ECParameters record 2013-02-09 17:53:31 +01:00
Paul Bakker c7a2da437e Updated for PolarSSL 1.2.5 2013-02-02 19:23:57 +01:00
Manuel Pégourié-Gonnard cf4a70c8ed Adjust names of ECDSA tests. 2013-01-27 09:10:53 +01:00
Manuel Pégourié-Gonnard 450a163c81 Fix valgrind warning in ECDSA test suite. 2013-01-27 09:08:18 +01:00
Manuel Pégourié-Gonnard 007b7177ef ECDH : add test vectors from RFC 5903. 2013-01-27 09:00:02 +01:00
Manuel Pégourié-Gonnard 602a8973d7 ECDSA : test vectors from RFC 4754 2013-01-27 08:10:28 +01:00
Manuel Pégourié-Gonnard d1c7150bf5 Basic tests for ECDSA. 2013-01-26 19:11:28 +01:00
Manuel Pégourié-Gonnard 61ce13b728 Basic tests for ECDH primitive 2013-01-26 19:11:28 +01:00
Manuel Pégourié-Gonnard 45a035a9ac Add ecp_gen_keypair() 2013-01-26 14:42:45 +01:00
Paul Bakker 14c56a3378 Updated for PolarSSL 1.2.4 2013-01-25 17:11:37 +01:00
Manuel Pégourié-Gonnard 5e402d88ea Added ecp_read_binary(). 2013-01-16 16:31:54 +01:00
Manuel Pégourié-Gonnard 37d218a8e3 Added support for writing points compressed 2013-01-16 16:31:54 +01:00
Manuel Pégourié-Gonnard e19feb5b46 Added ecp_write_binary(). 2013-01-16 16:31:53 +01:00
Manuel Pégourié-Gonnard 1c33057a63 Added ecp_check_pubkey(). 2013-01-16 16:31:53 +01:00
Manuel Pégourié-Gonnard c554e9acf1 Added test vectors from RFC 5903 2013-01-16 16:31:53 +01:00
Manuel Pégourié-Gonnard b63f9e98f5 Made ecp_mul() faster and truly SPA resistant 2013-01-16 16:31:53 +01:00
Manuel Pégourié-Gonnard b4a310b472 Added a selftest about SPA resistance 2013-01-16 16:31:52 +01:00
Manuel Pégourié-Gonnard 9674fd0d5e Added ecp_sub() as a variant of ecp_add() 2013-01-16 16:31:52 +01:00
Manuel Pégourié-Gonnard 1c2782cc7c Changed to jacobian coordinates everywhere 2013-01-16 16:31:52 +01:00
Manuel Pégourié-Gonnard 4bdd47d2cb Multiplication by negative is now forbidden 2013-01-16 16:31:52 +01:00
Manuel Pégourié-Gonnard 8433824d5f Added fast mod_p192 2013-01-16 16:31:52 +01:00
Manuel Pégourié-Gonnard e739f0133b Added test vectors from RFC 5114 to test suite 2013-01-16 16:31:50 +01:00
Manuel Pégourié-Gonnard 4b8c3f2a1c Moved tests from selftest to tests/test_suite_ecp 2013-01-16 16:31:50 +01:00
Paul Bakker 58ef6ec613 Cleaner test-memory cleanups 2013-01-03 11:33:48 +01:00
Paul Bakker fb1ba781b3 Updated for release 1.2.3 2012-11-26 16:28:25 +01:00
Paul Bakker df5069cb97 Updated for 1.2.2 release 2012-11-24 12:20:19 +01:00
Manuel Pégourié-Gonnard e44ec108be Fixed segfault in mpi_shift_r()
Fixed memory leak in test_suite_mpi
Amended ChangeLog
2012-11-18 23:15:02 +01:00
Paul Bakker e0f41f3086 - Updated version to 1.2.1 2012-11-13 12:55:02 +00:00
Paul Bakker 9daf0d0651 - Added max length check for rsa_pkcs1_sign with PKCS#1 v2.1 2012-11-13 12:13:27 +00:00
Paul Bakker f02c5642d0 - Allow R and A to point to same mpi in mpi_div_mpi 2012-11-13 10:25:21 +00:00
Paul Bakker 8f387e6605 - Updated trunk base version to 1.2.0 for prerelease 1 2012-10-02 15:26:45 +00:00
Paul Bakker 5c2364c2ba - Moved from unsigned long to uint32_t throughout code 2012-10-01 14:41:15 +00:00
Paul Bakker 915275ba78 - Revamped x509_verify() and the SSL f_vrfy callback implementations 2012-09-28 07:10:55 +00:00
Paul Bakker 31417a71f8 - Fixed tests for enhanced rsa_check_privkey() 2012-09-27 20:41:37 +00:00
Paul Bakker 1a0f552030 - Fixed test for 'trust extension' change 2012-09-25 21:53:55 +00:00
Paul Bakker 17a9790918 - Added regression check for latest mpi_add_abs() issue 2012-09-17 08:44:35 +00:00
Paul Bakker 68b6d88f5e - Clear all memory 2012-09-08 14:04:13 +00:00
Paul Bakker f518b16f97 - Added PKCS#5 PBKDF2 key derivation function 2012-08-23 13:03:18 +00:00
Paul Bakker 9195662a4c - Added test for no-subject certificates with altSubjectNames 2012-08-23 10:46:54 +00:00
Paul Bakker 6132d0aa93 - Added Blowfish to generic cipher layer
- Renamed POLARSSL_MODE_CFB128 to POLARSSL_MODE_CFB
2012-07-04 17:10:40 +00:00
Paul Bakker a9379c0ed1 - Added base blowfish algorithm 2012-07-04 11:02:11 +00:00
Paul Bakker f6198c1513 - mpi_exp_mod() now correctly handles negative base numbers (Closes ticket #52) 2012-05-16 08:02:29 +00:00
Paul Bakker 40dd5303c2 - Fixed test on Big Endian systems (Fixed Ticket #54) 2012-05-15 15:02:38 +00:00
Paul Bakker 4d2c1243b1 - Changed certificate verify behaviour to comply with RFC 6125 section 6.3 to not match CN if subjectAltName extension is present. 2012-05-10 14:12:46 +00:00
Paul Bakker 0c8f73ba8b - Fixed a mistake in mpi_cmp_mpi() where longer B values are handled wrong 2012-03-22 14:08:57 +00:00
Paul Bakker 89e80c9a43 - Added base Galois/Counter mode (GCM) for AES 2012-03-20 13:50:09 +00:00
Paul Bakker 6d6205091b - First tests for x509_write_cert_req() compat with OpenSSL output 2012-02-16 14:09:13 +00:00
Paul Bakker b08e6843c2 - Removed test memory leaks 2012-02-11 18:43:20 +00:00
Paul Bakker 57b12982b3 - Multi-domain certificates support wildcards as well 2012-02-11 17:38:38 +00:00
Paul Bakker a8cd239d6b - Added support for wildcard certificates
- Added support for multi-domain certificates through the X509 Subject Alternative Name extension
2012-02-11 16:09:32 +00:00
Paul Bakker fab5c829e7 - Added support for NULL cipher (POLARSSL_CIPHER_NULL_CIPHER) and weak ciphersuites (POLARSSL_ENABLE_WEAK_CIPHERSUITES). They are disabled by default! 2012-02-06 16:45:10 +00:00
Paul Bakker 3c18a830b3 - Made changes for 1.1.1 release 2012-01-23 09:44:43 +00:00
Paul Bakker 69e095cc15 - Changed the behaviour of x509parse_parse_crt for permissive parsing. Now returns the number of 'failed certificates' instead of having a switch to enable it.
- As a consequence all error code that were positive were changed. A lot of MALLOC_FAILED and FILE_IO_ERROR error codes added for different modules.
 - Programs and tests were adapted accordingly
2011-12-10 21:55:01 +00:00
Paul Bakker 18d32911c0 - Added internal ctr_drbg_init_entropy_len() to allow NIST determined entropy tests to work 2011-12-10 21:42:49 +00:00
Paul Bakker c50132d4fa - Updated version of PolarSSL to 1.1.0 2011-12-05 14:38:36 +00:00
Paul Bakker c0a1a319df - Moved test to entropy and CTR_DRBG 2011-12-04 17:12:15 +00:00
Paul Bakker 6c0ceb3f9a - Added permissive certificate parsing to x509parse_crt() and x509parse_crtfile(). With permissive parsing the parsing does not stop on encountering a parse-error 2011-12-04 12:24:18 +00:00
Paul Bakker cb37aa5912 - Better buffer handling in mpi_read_file() 2011-11-30 16:00:20 +00:00
Paul Bakker a3d195c41f - Changed the used random function pointer to more flexible format. Renamed havege_rand() to havege_random() to prevent mistakes. Lots of changes as a consequence in library code and programs 2011-11-27 21:07:34 +00:00
Paul Bakker 0e04d0e9a3 - Added CTR_DRBG based on AES-256-CTR (NIST SP 800-90) random generator 2011-11-27 14:46:59 +00:00
Paul Bakker fae618fa8b - Updated tests to reflect recent changes 2011-10-12 11:53:52 +00:00
Paul Bakker fa1c592860 - Fixed faulty HMAC-MD2 implementation (Fixes ticket #37) 2011-10-06 14:18:49 +00:00
Paul Bakker 968bc9831b - Preparations for v1.0.0 release of PolarSSL 2011-07-27 17:03:00 +00:00
Paul Bakker 46c1794110 - Split cipher test suite into three different sets
- Adapted test source code generation accordingly
2011-07-13 14:54:54 +00:00
Paul Bakker 26b41a8370 - Fixed compiler warning 2011-07-13 14:53:58 +00:00
Paul Bakker eaf90d9a9c - Removed unused but initialized variables 2011-07-13 14:21:52 +00:00
Paul Bakker 36f1b197ca - Added test for PKCS#8 wrapped private and public keys 2011-07-13 11:32:29 +00:00
Paul Bakker c65ab340a7 - Fixed error code 2011-06-09 15:44:37 +00:00
Paul Bakker 343a870daa - Expanded generic cipher layer with support for CTR and CFB128 modes of operation. 2011-06-09 14:27:58 +00:00
Paul Bakker 1ef71dffc7 - Updated unsignedness in some missed cases 2011-06-09 14:14:58 +00:00
Paul Bakker cd43a0beec - Adjusted to use proper size_t arguments 2011-06-09 13:55:44 +00:00
Paul Bakker 828acb2234 - Updated for release 0.99-pre5 2011-05-27 09:25:42 +00:00
Paul Bakker d7d8dbe3bf - Fixed two typos 2011-05-26 15:29:38 +00:00
Paul Bakker c3f5656ff6 - Fixed dependency of MD4 and MD2 of POLARSSL_FS_IO 2011-05-26 14:38:05 +00:00
Paul Bakker 5690efccc4 - Fixed a whole bunch of dependencies on defines between files, examples and tests 2011-05-26 13:16:06 +00:00
Paul Bakker 02722ea867 - Added missing semicolon 2011-05-25 11:34:44 +00:00
Paul Bakker 2f5947e1f6 - Added mpi_get_bit() and mpi_set_bit() individual bit setter/getter functions. 2011-05-18 15:47:11 +00:00
Paul Bakker 9d781407bc - A error_strerror function() has been added to translate between error codes and their description.
- The error codes have been remapped and combining error codes is now done with a PLUS instead of an OR as error codes used are negative.
 - Descriptions to all error codes have been added.
 - Generation script for error.c has been created to automatically generate error.c from the available error definitions in the headers.
2011-05-09 16:17:09 +00:00
Paul Bakker 6c591fab72 - mpi_init() and mpi_free() only accept a single argument and do not accept variable arguments anymore. This prevents unexpected memory corruption in a number of use cases. 2011-05-05 11:49:20 +00:00
Paul Bakker 335db3f121 - Functions requiring File System functions can now be disables by undefining POLARSSL_FS_IO 2011-04-25 15:28:35 +00:00
Paul Bakker f4a3f301fd - Updated for migration to size_t 2011-04-24 15:53:29 +00:00
Paul Bakker a755ca1bbe - Renamed t_s_int, t_int and t_dbl to respectively t_sint, t_uint and t_udbl for clarity 2011-04-24 09:11:17 +00:00
Paul Bakker 23986e5d5d - Major type rewrite of int to size_t for most variables and arguments used for buffer lengths and loops 2011-04-24 08:57:21 +00:00
Paul Bakker 1be81a4e5f - Removed test for MD2 certificate as OpenSSL does not support it anymore 2011-04-23 14:46:28 +00:00
Paul Bakker b6ecaf5276 - Added additional (configurable) cipher block modes. AES-CTR, Camellia-CTR, XTEA-CBC 2011-04-19 14:29:23 +00:00
Paul Bakker 3efa575ff2 - Ready for release 0.99-pre4 2011-04-01 12:23:26 +00:00
Paul Bakker 579923c51b - The config header file is now always included in all tests 2011-03-26 13:39:34 +00:00
Paul Bakker be4e7dca08 - Debug print of MPI now removes leading zero octets and displays actual bit size of the value 2011-03-14 20:41:31 +00:00
Paul Bakker b3dcbc18f6 - Made function resilient to endianness differences. 2011-03-13 16:57:25 +00:00
Paul Bakker 4cce2bbd5a - Renamed rnd_info structure to correct rnd_buf_info structure 2011-03-13 16:56:35 +00:00
Paul Bakker 997bbd10d8 - Removed dependency of tests on rand()
- Added pseudo-random helper function
2011-03-13 15:45:42 +00:00
Paul Bakker 9dcc32236b - Added support for PKCS#1 v2.1 encoding and thus support for the RSAES-OAEP and RSASSA-PSS operations (enabled by POLARSSL_PKCS1_V21) 2011-03-08 14:16:06 +00:00
Paul Bakker 345a6fee91 - Replaced function that fixes man-in-the-middle attack
- Added message to indicate inclusion of man-in-the-middle attack (Reported by Larry Highsmith, Subreption LLC)
 - Released version 0.99-pre3
2011-02-28 21:20:02 +00:00
Paul Bakker 1946e42dd4 - Made ready for 0.99-pre2 release 2011-02-25 09:39:39 +00:00
Paul Bakker c43481aa82 - Release memory used 2011-02-20 16:34:26 +00:00
Paul Bakker 2544a04918 - Replaced with current value of the certificate after certificate replacement 2011-02-20 13:52:44 +00:00
Paul Bakker 400ff6f0fd - Corrected parsing of UTCTime dates before 1990 and after 1950
- Support more exotic OID's when parsing certificates
 - Support more exotic name representations when parsing certificates
 - Replaced the expired test certificates
2011-02-20 10:40:16 +00:00
Paul Bakker 96743fc5f5 - Parsing of PEM files moved to separate module (Fixes ticket #13). Also possible to remove PEM support for systems only using DER encoding
- Parsing PEM private keys encrypted with DES and AES are now supported (Fixes ticket #5)
 - Added tests for encrypted keyfiles
2011-02-12 14:30:57 +00:00
Paul Bakker 896b3be1d1 - Added proper dependencies 2011-02-06 13:12:25 +00:00
Paul Bakker 9fc4659b30 - Preparing for Release of 0.99 prerelease 1 2011-01-30 16:59:02 +00:00
Paul Bakker bbf2f63e92 - Added missing dependency on POLARSSL_DEBUG_C 2011-01-21 10:51:24 +00:00
Paul Bakker 562535d11b - Split current md_starts() and md_hmac_starts() functionality into separate md_init_ctx() for allocating the context and the existing starts() functions to initialize the message digest for use. 2011-01-20 16:42:01 +00:00
Paul Bakker 5a62408629 - Fixed compiler warnings 2011-01-18 16:31:52 +00:00
Paul Bakker 76fd75a3de - Improved certificate validation and validation against the available CRLs 2011-01-16 21:12:10 +00:00
Paul Bakker 1f87fb6896 - Support for DES weak keys and parity bits added 2011-01-15 17:32:24 +00:00
Paul Bakker f92d7a8c81 - Fixed faulty dependency in test 2011-01-15 17:05:17 +00:00
Paul Bakker b63b0afc05 - Added verification callback in certificate verification chain in order to allow external blacklisting 2011-01-13 17:54:59 +00:00
Paul Bakker 8123e9d8f1 - Added generic cipher wrapper for integration with OpenVPN (donated by Fox-IT) 2011-01-06 15:37:30 +00:00