12ccef2761
pkcs5v2: add support for additional hmacSHA algorithms
...
Currently only SHA1 is supported as PRF algorithm for PBKDF2
(PKCS#5 v2.0).
This means that keys encrypted and authenticated using
another algorithm of the SHA family cannot be decrypted.
This deficiency has become particularly incumbent now that
PKIs created with OpenSSL1.1 are encrypting keys using
hmacSHA256 by default (OpenSSL1.0 used PKCS#5 v1.0 by default
and even if v2 was forced, it would still use hmacSHA1).
Enable support for all the digest algorithms of the SHA
family for PKCS#5 v2.0.
Signed-off-by: Antonio Quartulli <antonio@openvpn.net >
2018-02-08 17:18:15 +08:00
a9f90f00aa
Removing in compile time unused entries from oid_ecp_grp list
2016-09-04 15:14:38 +01:00
06f1828fa2
Removing in compile time unused entries from oid_sig_alg list
2016-09-04 15:14:38 +01:00
4636fc6b0d
oid_x520_attr_type list is defined only when MBEDTLS_X509_USE_C or MBEDTLS_X509_CREATE_C
2016-09-04 15:14:38 +01:00
5730320225
Removing in compile time unused entries from oid_md_alg list
2016-09-04 15:14:38 +01:00
66fc07362e
Fix typo in an OID name
...
fixes #314
2015-10-21 16:40:29 +02:00
37ff14062e
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
6fb8187279
Update date in copyright line
2015-07-28 17:11:58 +02:00
9dbaf400ef
Rationalize other snprintf() uses
2015-06-22 14:42:04 +02:00
f78e4de6f4
Fix warnings from -pedantic
2015-05-29 10:52:14 +02:00
e6028c93f5
Fix some X509 macro names
...
For some reason, during the great renaming, some names that should have been
prefixed with MBEDTLS_X509_ have only been prefixed with MBEDTLS_
2015-04-20 12:19:02 +01:00
2cf5a7c98e
The Great Renaming
...
A simple execution of tmp/invoke-rename.pl
2015-04-08 13:25:31 +02:00
26c9f90cae
Merge branch 'mbedtls-1.3' into development
...
* mbedtls-1.3:
Add missing depends in x509 programs
Simplify ifdef checks in programs/x509
Fix thread safety issue in RSA operations
Add test certificate for bitstring in DN
Add support for X.520 uniqueIdentifier
Accept bitstrings in X.509 names
2015-03-31 17:56:15 +02:00
9409e0cea2
Add support for X.520 uniqueIdentifier
2015-03-27 13:03:54 +01:00
7f8099773e
Rename include directory to mbedtls
2015-03-10 11:23:56 +00:00
fe44643b0e
Rename website and repository
2015-03-06 13:17:10 +00:00
8f3a9436a9
modify oid.c to use polarssl_snprintf
2015-02-13 13:50:25 +00:00
a273371fc4
Fix "int vs enum" warnings from armcc v5
...
enumerated type mixed with another type
2015-02-10 17:34:48 +01:00
00ab47026b
cleanup library and some basic tests. Includes, add guards to includes
2015-02-10 11:28:46 +00:00
860b51642d
Fix url again
2015-01-28 17:12:07 +00:00
085ab040aa
Fix website url to use https.
2015-01-23 11:06:27 +00:00
9698f5852c
Remove maintainer line.
2015-01-23 10:59:00 +00:00
19f6b5dfaa
Remove redundant "all rights reserved"
2015-01-23 10:54:00 +00:00
a658a4051b
Update copyright
2015-01-23 09:55:24 +00:00
967a2a5f8c
Change name to mbed TLS in the copyright notice
2015-01-22 14:28:16 +00:00
0698f7c21a
Rm duplicate entry in oid_md_alg
2014-07-08 14:20:26 +02:00
66d5d076f7
Fix formatting in various code to match spacing from coding style
2014-06-17 17:06:47 +02:00
d8bb82665e
Fix code styling for return statements
2014-06-17 14:06:49 +02:00
59a75d5b9d
Basic parsing of certs signed with RSASSA-PSS
2014-06-02 16:10:29 +02:00
9af723cee7
Fix formatting: remove trailing spaces, #endif with comments (> 10 lines)
2014-05-01 13:03:14 +02:00
cef4ad2509
Adapt sources to configurable config.h name
2014-04-30 16:40:20 +02:00
6384440b13
Better support for the different Attribute Types from IETF PKIX (RFC 5280)
2014-04-30 15:34:12 +02:00
7afdb88216
Test and fix x509_oid functions
2014-04-04 16:34:30 +02:00
c9093085ed
Revert "Merged RSA-PSS support in Certificate, CSR and CRL"
...
This reverts commit ab50d8d30ce31b1d992a
2014-02-12 09:39:59 +01:00
b1d4eb16e4
Basic parsing of certs signed with RSASSA-PSS
2014-01-25 12:48:58 +01:00
9bcff3905b
Add OIDs and TLS IDs for prime Koblitz curves
2014-01-10 18:32:31 +01:00
6edcd41c0a
Addition conditions for UEFI environment under MSVC
2013-10-29 15:44:13 +01:00
7b0be68977
Support for serialNumber, postalAddress and postalCode in X509 names
2013-10-29 14:24:37 +01:00
fa6a620b75
Defines for UEFI environment under MSVC added
2013-10-29 14:05:38 +01:00
45a2c8d99a
Prevent possible alignment warnings on casting from char * to 'aligned *'
2013-10-28 12:57:08 +01:00
48ac3db551
Add OIDs for brainpool curves
2013-10-10 15:11:33 +02:00
7c6b2c320e
Split up X509 files into smaller modules
2013-09-16 21:41:54 +02:00
2292d1fad0
Fixed warnings in case POLARSSL_X509_PARSE_C is not defined
2013-09-15 17:06:49 +02:00
edda9041fc
Adapt asn1_write_algorithm_identifier() to params
2013-09-12 11:57:01 +02:00
3837daec9e
Add EC support to x509write_pubkey
2013-09-12 11:57:01 +02:00
1c3853b953
oid_get_oid_by_*() now give back oid length as well
2013-09-10 11:43:44 +02:00
298aae4524
Adapt core OID functions to embeded null bytes
2013-08-16 14:00:52 +02:00
14d8564402
Fix overflow check in oid_get_numeric_string()
...
(The fix in 791eed3
2013-07-17 15:59:44 +02:00
1e60cd09b0
Expand oid_get_sig_alg() for ECDSA-based algs
2013-07-17 15:59:40 +02:00
791eed3f33
Fix portability issue in oid_get_numeric_string()
2013-07-09 16:42:35 +02:00
