135f1e9c70
Move PEM conversion of DER data to x509write module
2013-08-26 17:37:18 +02:00
57be6e22cf
cert_req now supports key_usage and ns_cert_type command line options
2013-08-26 17:37:18 +02:00
82e2945ed2
Changed naming and prototype convention for x509write functions
...
CSR writing functions now start with x509write_csr_*()
DER writing functions now have the context at the start instead of the
end conforming to other modules.
2013-08-25 11:01:31 +02:00
384d4351ce
Added cert_req to CMakeLists.txt
2013-08-25 10:51:18 +02:00
8eabfc1461
Rewrote x509 certificate request writing to use structure for storing
2013-08-25 10:51:18 +02:00
ba4878aa64
Rename x509parse_key & co with _rsa suffix
2013-07-08 15:31:18 +02:00
3c5ef71322
Cleanup up non-prototyped functions (static) and const-correctness in programs
2013-06-25 16:37:45 +02:00
ef3f8c747e
Fixed const correctness issues in programs and tests
...
(cherry picked from commit e0225e4d7f
2013-06-24 19:09:24 +02:00
777a5757d6
ca_path and ca_file arguments added to support chain validation in
...
cert_app
2013-05-21 16:20:04 +02:00
c70b982056
OID functionality moved to a separate module.
...
A new OID module has been created that contains the main OID searching
functionality based on type-dependent arrays. A base type is used to
contain the basic values (oid_descriptor_t) and that type is extended to
contain type specific information (like a pk_alg_t).
As a result the rsa sign and verify function prototypes have changed. They
now expect a md_type_t identifier instead of the removed RSA_SIG_XXX
defines.
All OID definitions have been moved to oid.h
All OID matching code is in the OID module.
The RSA PKCS#1 functions cleaned up as a result and adapted to use the
MD layer.
The SSL layer cleanup up as a result and adapted to use the MD layer.
The X509 parser cleaned up and matches OIDs in certificates with new
module and adapted to use the MD layer.
The X509 writer cleaned up and adapted to use the MD layer.
Apps and tests modified accordingly
2013-04-07 22:00:46 +02:00
68884e3c09
Moved to advanced ciphersuite representation and more dynamic SSL code
2013-03-13 14:48:32 +01:00
9a73632fd9
- Merged changesets 1399 up to and including 1415 into 1.2 branch
2012-11-14 12:39:52 +00:00
0a59707523
- Added simple SSL session cache implementation
...
- Revamped session resumption handling
2012-09-25 21:55:46 +00:00
48916f9b67
- Added Secure Renegotiation (RFC 5746)
2012-09-16 19:57:18 +00:00
92eeea4627
- Modified CMakeLists to support zlib
2012-07-03 15:10:33 +00:00
12f5dbb8b4
- Fixed MD type to SHA1
2012-03-05 13:37:13 +00:00
89f3fc5bf1
- Removed superfluous debugging info
2012-02-16 13:36:38 +00:00
bdb912db69
- Added preliminary ASN.1 buffer writing support
...
- Added preliminary X509 Certificate Request writing support
- Added key_app_writer example application
- Added cert_req example application
2012-02-13 23:11:30 +00:00
b1dee1cfd2
- Changed commands to lowercase where it was not the case
2011-12-11 11:29:51 +00:00
69e095cc15
- Changed the behaviour of x509parse_parse_crt for permissive parsing. Now returns the number of 'failed certificates' instead of having a switch to enable it.
...
- As a consequence all error code that were positive were changed. A lot of MALLOC_FAILED and FILE_IO_ERROR error codes added for different modules.
- Programs and tests were adapted accordingly
2011-12-10 21:55:01 +00:00
b8ba90b316
- Enlarged default CRL size buffer
2011-12-05 14:34:12 +00:00
508ad5ab6d
- Moved all examples programs to use the new entropy and CTR_DRBG
2011-12-04 17:09:26 +00:00
6c0ceb3f9a
- Added permissive certificate parsing to x509parse_crt() and x509parse_crtfile(). With permissive parsing the parsing does not stop on encountering a parse-error
2011-12-04 12:24:18 +00:00
a3d195c41f
- Changed the used random function pointer to more flexible format. Renamed havege_rand() to havege_random() to prevent mistakes. Lots of changes as a consequence in library code and programs
2011-11-27 21:07:34 +00:00
5c356d6f8f
- Fixed typo
2011-11-25 13:17:45 +00:00
14cb63a40c
- cert_app now prints all certificates in the file given, not just the first
2011-11-25 12:44:31 +00:00
cce9d77745
- Lots of minimal changes to better support WINCE as a build target
2011-11-18 14:26:47 +00:00
d3b486a743
- Fixed typo in usage
2011-10-12 10:15:05 +00:00
5690efccc4
- Fixed a whole bunch of dependencies on defines between files, examples and tests
2011-05-26 13:16:06 +00:00
831a755d9e
- Changed behaviour of net_recv(), ssl_fetch_input() and ssl_read(). net_recv() now returns 0 on EOF instead of POLARSSL_ERR_NET_CONN_RESET. ssl_fetch_input() returns POLARSSL_ERR_SSL_CONN_EOF on an EOF from its f_recv() function. ssl_read() returns 0 if a POLARSSL_ERR_SSL_CONN_EOF is received after the handshake.
...
- Network functions now return POLARSSL_ERR_NET_WANT_READ or POLARSSL_ERR_NET_WANT_WRITE instead of the ambiguous POLARSSL_ERR_NET_TRY_AGAIN
2011-05-18 13:32:51 +00:00
a9507c063b
- Added crl_app program to allow easy reading and printing of X509 CRLs from file
2011-02-12 15:27:28 +00:00
1a207ec8af
- Set sane start values for structures that are closed or freed.
2011-02-06 13:22:40 +00:00
e3166ce040
- Renamed ciphers member of ssl_context and cipher member of ssl_session to ciphersuites and ciphersuite respectively. This clarifies the difference with the generic cipher layer and is better naming altogether
...
- Adapted in the rest of using code as well
2011-01-27 17:40:50 +00:00
b06819bb5d
- Adapted CMake files for the PKCS#11 support
2011-01-18 16:18:38 +00:00
547f73d66f
- Added install targets to the CMake files
2011-01-05 15:07:54 +00:00
b96f154e51
- Fixed copyright message
2010-07-18 20:36:00 +00:00
84f12b76fc
- Updated Copyright to correct entity
2010-07-18 10:13:04 +00:00
fc8c4360b8
- Updated copyright line to 2010
2010-03-21 17:37:16 +00:00
1f3c39c194
- Removed copyright line for Christophe Devine for clarity
2010-03-21 17:30:05 +00:00
4fc45522f1
- Added cert_app application
2010-03-18 20:11:58 +00:00
