mbedtls

mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-10-31 21:50:31 +03:00

Author	SHA1	Message	Date
Valerio Setti	25b282ebfe	x509: move internal functions declarations to a private header Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>	2024-01-19 09:07:35 +01:00
Dave Rodgman	16799db69a	update headers Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-11-02 19:47:20 +00:00
Gilles Peskine	3cea3efc25	Merge pull request #8025 from AgathiyanB/accept-numericoid-hexstring-x509 Accept numericoid hexstring x509	2023-09-13 08:54:33 +00:00
Agathiyan Bragadeesh	c7959b22c6	Remove magic number in x509.c Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-09-12 17:56:58 +01:00
Agathiyan Bragadeesh	86dc08599b	Add asn1 write tag and len to x509 use c config Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-09-04 15:40:41 +01:00
Agathiyan Bragadeesh	15df01240d	Fix code style Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 17:50:00 +01:00
Agathiyan Bragadeesh	022f86f108	Prevent output of escaped null characters dn gets Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 16:56:04 +01:00
Agathiyan Bragadeesh	8aa74ab6a9	Add return for buffer too small when reading OIDs Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 16:42:27 +01:00
Agathiyan Bragadeesh	f3b9724dcd	Remove questionable use of macro. MBEDTLS_X509_SAFE_SNPRINTF was used after mbedtls_oid_get_numeric_string so instead we have expanded the macro and kept the relevant code. Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 16:37:11 +01:00
Agathiyan Bragadeesh	07f472a88b	Add corruption detected return when writing asn1 Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 16:29:39 +01:00
Agathiyan Bragadeesh	eb55867520	Fix code style Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh	af70c7dce7	Write numeric oid directly to buffer mbedtls_oid_get_numeric_string now points to output buffer in dn_gets Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh	a7f9630925	Remove duplicate '+' in comparison string Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh	5adffb2488	Refactor dn_gets use library function to write tag Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh	2bf09a61a3	Fix style on left shift operations Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh	ee642d93a8	Format preprocessor conditionals Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh	7f639fc7ab	Fix Windows x64 build errors with type conversions Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh	a1f5c2d06f	Move declaration of variables in dn_gets to top Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh	0a4b6d88d0	Alter conditions on hexstring output dn_gets Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh	4987c8fcb0	Fix code style on x509.c and x509_create.c Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh	c9d74f3109	Refactor AttributeType in mbedtls_x509_dn_gets Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh	0eb6673a80	Add preprocessor config guards Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh	ddc720d209	Add mbedtls_x509_dn_gets hexstring output If the data is a bitstring or an octet string, instead use the hexstring of the BER encoding (RFC 4514 Section 2.4) Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh	f0e1ac59d8	Rewrite nibble_to_hex_digit for readability Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh	9d2507c81d	Rename x509_int_to_hexdigit to nibble_to_hex_digit Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 10:39:56 +01:00
Agathiyan Bragadeesh	ef2decbe4a	Escape hexpairs characters RFC 4514 Converts none ascii to escaped hexpairs in mbedtls_x509_dn_gets and interprets hexpairs in mbedtls_x509_string_to_names. Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 10:38:16 +01:00
Agathiyan Bragadeesh	48513b8639	Escape special characters RFC 4514 This escapes special characters according to RFC 4514 in mbedtls_x509_dn_gets and de-escapes in mbedtls_x509_string_to_names. This commit does not handle hexpairs. Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>	2023-08-22 10:38:16 +01:00
David Horstmann	cfae6a1ae9	Fix incorrect detection of HardwareModuleName The hardware module name otherName SAN contains 2 OIDs: OtherName ::= SEQUENCE { type-id OBJECT IDENTIFIER, value [0] EXPLICIT ANY DEFINED BY type-id } HardwareModuleName ::= SEQUENCE { hwType OBJECT IDENTIFIER, hwSerialNum OCTET STRING } The first, type-id, is the one that identifies the otherName as a HardwareModuleName. The second, hwType, identifies the type of hardware. This change fixes 2 issues: 1. We were erroneously trying to identify HardwareModuleNames by looking at hwType, not type-id. 2. We accidentally inverted the check so that we were checking that hwType did NOT match HardwareModuleName. This fix ensures that type-id is correctly checked to make sure that it matches the OID for HardwareModuleName. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-08-18 19:31:39 +01:00
David Horstmann	2ea44d28de	Fix: Set type_id in x509_get_other_name() When parsing a subject alternative name of type otherName, retain the type-id field of the otherName. Previously this was not copied to the mbedtls_x509_san_other_name struct when it should have been. Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-08-18 18:36:02 +01:00
Tom Cosgrove	836aed7cf8	Merge pull request #6003 from gstrauss/x509_time mbedtls_x509_time performance and reduce memory use	2023-07-06 09:28:14 +01:00
David Horstmann	3ae1c4c0f7	Fix formatting of explanatory commented code Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-07-05 11:15:08 +01:00
David Horstmann	b1d27bcd69	Improve comment formatting Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-07-05 10:00:31 +01:00
David Horstmann	cdf5283dad	Rename variables to more descriptive names Signed-off-by: David Horstmann <david.horstmann@arm.com>	2023-07-05 09:58:03 +01:00
Dave Rodgman	f032c9842d	Improve #endif comments Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-29 12:09:27 +01:00
Dave Rodgman	ffabb7b7da	Fix unused function warning in x509.c Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>	2023-06-28 16:22:50 +01:00
Demi Marie Obenour	690b8c9ca7	Add a do-while loop around macros This is good practice in C. Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>	2023-06-20 11:48:04 -04:00
Glenn Strauss	06c31fcd9f	x509_parse_time() perf Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2023-06-09 17:02:35 +01:00
Glenn Strauss	811eeb21d8	mbedtls_x509_time_gmtime() read struct directly Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2023-06-09 17:01:03 +01:00
Glenn Strauss	61d99304da	mbedtls_x509_time_gmtime() to fill struct w/ time Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2023-06-09 17:01:03 +01:00
Glenn Strauss	5aef2971e6	mbedtls_x509_time_cmp() perf faster comparison of mbedtls_x509_time values with valid ranges per elt Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2023-06-09 17:01:03 +01:00
Glenn Strauss	416dc03467	mbedtls_x509_time_cmp() compare mbedtls_x509_time Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>	2023-06-09 17:01:03 +01:00
Przemek Stekiel	4d3fc216fc	Use safe snprintf Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 11:44:25 +02:00
Przemek Stekiel	01cb6eb251	Fix parsing of SAN IP (use mbedtls_snprintf, validate buffer length) Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 11:44:25 +02:00
Przemek Stekiel	093c97d492	Add separate case for ip address Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 11:44:25 +02:00
Przemek Stekiel	0ab5b93922	Add support for parsing SAN IP address Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-06-06 11:44:25 +02:00
Andrzej Kurek	154a605ae8	Change the name of the temporary san variable Explain why it is used. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-06-01 18:20:26 +01:00
Przemek Stekiel	725688b143	Fix code style Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 22:49:44 +02:00
Przemek Stekiel	21903ec860	Fix after rebase Handle manually functions that have been moved to different locations. Signed-off-by: Przemek Stekiel <przemyslaw.stekiel@mobica.com>	2023-04-04 17:48:28 +02:00
Andrzej Kurek	5f0c6e82fb	Add missing deallocation of subject alt name Since mbedtls_x509_get_name allocates memory when parsing a directoryName, deallocation has to be performed if anything fails in the meantime. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-03-29 11:40:38 -04:00
Andrzej Kurek	bf8ccd8109	Adjust error reporting in x509 SAN parsing Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>	2023-03-29 11:03:01 -04:00

1 2 3 4 5

214 Commits