Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								0e06c0fdb4 
								
							 
						 
						
							
							
								
								Assigned error codes to the error defines  
							
							
							
						 
						
							2013-08-25 11:21:30 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								82e2945ed2 
								
							 
						 
						
							
							
								
								Changed naming and prototype convention for x509write functions  
							
							... 
							
							
							
							CSR writing functions now start with x509write_csr_*()
DER writing functions now have the context at the start instead of the
end conforming to other modules. 
							
						 
						
							2013-08-25 11:01:31 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								2130796658 
								
							 
						 
						
							
							
								
								Switched order of storing x509_req_names to match inputed order  
							
							
							
						 
						
							2013-08-25 10:51:18 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								8eabfc1461 
								
							 
						 
						
							
							
								
								Rewrote x509 certificate request writing to use structure for storing  
							
							
							
						 
						
							2013-08-25 10:51:18 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								fff80f8879 
								
							 
						 
						
							
							
								
								PK: use NULL for unimplemented operations  
							
							
							
						 
						
							2013-08-20 20:46:05 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								f73da02962 
								
							 
						 
						
							
							
								
								PK: change pk_verify arguments (md_info "optional")  
							
							
							
						 
						
							2013-08-20 20:46:04 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								ab46694558 
								
							 
						 
						
							
							
								
								Change pk_set_type to pk_init_ctx for consistency  
							
							
							
						 
						
							2013-08-20 20:46:04 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								ac4cd36297 
								
							 
						 
						
							
							
								
								PK rsa_verify: check signature length  
							
							
							
						 
						
							2013-08-20 20:46:04 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								15699380e5 
								
							 
						 
						
							
							
								
								Small PK cleanups  
							
							... 
							
							
							
							- better error codes
- rm now-useless include 
							
						 
						
							2013-08-20 20:46:04 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								3fb5c5ee1c 
								
							 
						 
						
							
							
								
								PK: rename members for consistency CIPHER, MD  
							
							... 
							
							
							
							Also add pk_get_name() to remove a direct access to pk_type 
							
						 
						
							2013-08-20 20:46:04 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								09162ddcaa 
								
							 
						 
						
							
							
								
								PK: reuse some eckey functions for ecdsa  
							
							... 
							
							
							
							Also add some forgotten 'static' while at it. 
							
						 
						
							2013-08-20 20:46:04 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								c6ac8870d5 
								
							 
						 
						
							
							
								
								Nicer interface between PK and debug.  
							
							... 
							
							
							
							Finally get rid of pk_context.type member, too. 
							
						 
						
							2013-08-20 20:46:04 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								b3d9187cea 
								
							 
						 
						
							
							
								
								PK: add nice interface functions  
							
							... 
							
							
							
							Also fix a const-corectness issue. 
							
						 
						
							2013-08-20 20:46:04 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								765db07dfb 
								
							 
						 
						
							
							
								
								PK: use alloc and free function pointers  
							
							
							
						 
						
							2013-08-20 20:46:04 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								3053f5bcb4 
								
							 
						 
						
							
							
								
								Get rid of pk_wrap_rsa()  
							
							
							
						 
						
							2013-08-20 20:46:04 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								f8c948a674 
								
							 
						 
						
							
							
								
								Add name and get_size() members in PK  
							
							
							
						 
						
							2013-08-20 20:46:04 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								835eb59c6a 
								
							 
						 
						
							
							
								
								PK: fix support for ECKEY_DH  
							
							
							
						 
						
							2013-08-20 20:46:04 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								f18c3e0378 
								
							 
						 
						
							
							
								
								Add a PK can_do() method and simplify code  
							
							
							
						 
						
							2013-08-20 20:46:04 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								d73b3c13be 
								
							 
						 
						
							
							
								
								PK: use wrappers and function pointers for verify  
							
							
							
						 
						
							2013-08-20 20:46:03 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								f499993cb2 
								
							 
						 
						
							
							
								
								Add ecdsa_from_keypair()  
							
							... 
							
							
							
							Also fix bug/limitation in mpi_copy: would segfault if src just initialised
and not set to a value yet. (This case occurs when copying a context which
contains only the public part of the key, eg.) 
							
						 
						
							2013-08-20 20:46:03 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								cc0a9d040d 
								
							 
						 
						
							
							
								
								Fix const-correctness of rsa_*_verify()  
							
							
							
						 
						
							2013-08-20 20:46:03 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								f84b4d6498 
								
							 
						 
						
							
							
								
								Check sig_pk for signature verification  
							
							
							
						 
						
							2013-08-20 20:46:03 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								96d5912088 
								
							 
						 
						
							
							
								
								Implement EC cert and crl verification  
							
							
							
						 
						
							2013-08-20 20:26:28 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								211a64c79f 
								
							 
						 
						
							
							
								
								Add eckey to ecdsa conversion in the PK layer  
							
							
							
						 
						
							2013-08-20 20:26:28 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								b4d69c41f8 
								
							 
						 
						
							
							
								
								Prepare for EC cert & crl validation  
							
							
							
						 
						
							2013-08-20 20:26:28 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								e09631b7c4 
								
							 
						 
						
							
							
								
								Create ecp_group_copy() and use it  
							
							
							
						 
						
							2013-08-20 20:08:29 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								8eebd012b9 
								
							 
						 
						
							
							
								
								Add an ecdsa_genkey() function  
							
							
							
						 
						
							2013-08-20 20:08:28 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								b694b4896c 
								
							 
						 
						
							
							
								
								Add ecdsa_{read,write}_signature()  
							
							
							
						 
						
							2013-08-20 20:04:16 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								3a074a7996 
								
							 
						 
						
							
							
								
								Actually skip certificate if we do not understand hash type  
							
							
							
						 
						
							2013-08-20 12:45:03 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								dc4baf11ab 
								
							 
						 
						
							
							
								
								Removed errant printf in x509parse_self_test()  
							
							
							
						 
						
							2013-08-20 12:44:33 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								42c3ccf36e 
								
							 
						 
						
							
							
								
								Fixed potential negative value misinterpretation in load_file()  
							
							
							
						 
						
							2013-08-19 14:29:31 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								75c1a6f97c 
								
							 
						 
						
							
							
								
								Fixed potential heap buffer overflow on large hostname setting  
							
							
							
						 
						
							2013-08-19 14:25:29 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								694d3aeb47 
								
							 
						 
						
							
							
								
								Fixed potential heap buffer overflow on large file reading  
							
							
							
						 
						
							2013-08-19 14:23:38 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								5fd4917d97 
								
							 
						 
						
							
							
								
								Add missing ifdefs in ssl modules  
							
							
							
						 
						
							2013-08-19 13:30:28 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								04376b1419 
								
							 
						 
						
							
							
								
								Fixed memory leak in ssl_parse_server_key_exchange from missing  
							
							... 
							
							
							
							md_free_ctx() 
							
						 
						
							2013-08-16 14:45:26 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								298aae4524 
								
							 
						 
						
							
							
								
								Adapt core OID functions to embeded null bytes  
							
							
							
						 
						
							2013-08-16 14:00:52 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								c13c0d4524 
								
							 
						 
						
							
							
								
								Add a length check in rsa_get_pubkey()  
							
							
							
						 
						
							2013-08-16 14:00:52 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								56a487a17f 
								
							 
						 
						
							
							
								
								Minor ecdsa cleanups  
							
							... 
							
							
							
							- point_format is of no use
- d was init'ed and free'd twice 
							
						 
						
							2013-08-16 14:00:52 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								686bfae244 
								
							 
						 
						
							
							
								
								Fix memory error in x509_get_attr_type_value  
							
							
							
						 
						
							2013-08-16 14:00:52 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								ba77bbf840 
								
							 
						 
						
							
							
								
								Fix memory error in asn1_get_alg()  
							
							
							
						 
						
							2013-08-16 14:00:52 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								06dab806ce 
								
							 
						 
						
							
							
								
								Fix memory error in asn1_get_bitstring_null()  
							
							... 
							
							
							
							When *len is 0, **p would be read, which is out of bounds. 
							
						 
						
							2013-08-16 14:00:52 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								0b2726732e 
								
							 
						 
						
							
							
								
								Fix ifdef conditions for EC-related extensions.  
							
							... 
							
							
							
							Was alternatively ECP_C and ECDH_C. 
							
						 
						
							2013-08-16 13:56:17 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								5734b2d358 
								
							 
						 
						
							
							
								
								Actually use the point format selected for ECDH  
							
							
							
						 
						
							2013-08-16 13:56:16 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								7b19c16b74 
								
							 
						 
						
							
							
								
								Handle suported_point_formats in ServerHello  
							
							
							
						 
						
							2013-08-16 13:56:16 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
						
							
							
							
							
								
							
							
								6b8846d929 
								
							 
						 
						
							
							
								
								Stop advertising support for compressed points  
							
							... 
							
							
							
							(We can only write them, not read them.) 
							
						 
						
							2013-08-16 13:56:16 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								1f2bc6238b 
								
							 
						 
						
							
							
								
								Made support for the truncated_hmac extension configurable  
							
							
							
						 
						
							2013-08-15 13:45:55 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								05decb24c3 
								
							 
						 
						
							
							
								
								Made support for the max_fragment_length extension configurable  
							
							
							
						 
						
							2013-08-15 13:33:48 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								606b4ba20f 
								
							 
						 
						
							
							
								
								Session ticket expiration checked on server  
							
							
							
						 
						
							2013-08-15 11:42:48 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								f0e39acb58 
								
							 
						 
						
							
							
								
								Fixed unitialized n when resuming a session  
							
							
							
						 
						
							2013-08-15 11:40:48 +02:00 
							
								 
							
						 
					 
				
					
						
							
							
								Paul Bakker 
							
						 
						
							
							
							
							
								
							
							
								a503a63b85 
								
							 
						 
						
							
							
								
								Made session tickets support configurable from config.h  
							
							
							
						 
						
							2013-08-14 14:26:03 +02:00