369d2eb2a2
Introduced x509_crt_init(), x509_crl_init() and x509_csr_init()
2013-09-18 12:01:43 +02:00
86d0c1949e
Generalized function names of x509 functions not parse-specific
...
x509parse_serial_gets -> x509_serial_gets
x509parse_dn_gets -> x509_dn_gets
x509parse_time_expired -> x509_time_expired
2013-09-18 12:01:42 +02:00
7fc7fa630f
cert_write application also works without POLARSSL_X509_CSR_PARSE_C
2013-09-17 14:44:00 +02:00
36713e8ed9
Fixed bunch of X509_PARSE related defines / dependencies
2013-09-17 13:25:29 +02:00
7c6b2c320e
Split up X509 files into smaller modules
2013-09-16 21:41:54 +02:00
ace02867f6
Do not lowercase key values in arguments in cert_app.c
2013-09-16 21:40:34 +02:00
1a7550ac67
Moved PK key parsing from X509 module to PK module
2013-09-15 13:47:30 +02:00
26b4d45f49
Fix key_app_writer
2013-09-12 11:57:02 +02:00
31e59400d2
Add missing f_rng/p_rng arguments to x509write_crt
2013-09-12 11:57:02 +02:00
f38e71afd5
Convert x509write_crt interface to PK
2013-09-12 11:57:02 +02:00
ee73179b2f
Adapt x509write_csr prototypes for PK
2013-09-12 11:57:00 +02:00
b2d7f23592
Ability to selfsign certificates added to cert_write app
2013-09-09 16:24:18 +02:00
4122f3eacf
Removed POLARSSL_ERROR_C define and added as requirement defing for
...
cert_req and cert_write apps
2013-09-09 16:01:46 +02:00
80d44fee2e
Moved 'define handling code' to top
2013-09-09 15:59:20 +02:00
e2673fb34b
cert_write app now parses presented CSR for subject name and key
2013-09-09 15:56:09 +02:00
f9f377e652
CSR Parsing (without attributes / extensions) implemented
2013-09-09 15:35:10 +02:00
8693274219
Small typo in usage of cert_req app
2013-09-09 14:09:42 +02:00
1014e95775
Use issuer_name from the issuer_certificate in cert_write app
2013-09-09 13:59:42 +02:00
52be08c299
Added support for writing Key Usage and NS Cert Type extensions
2013-09-09 12:38:45 +02:00
cd35803684
Changes x509_csr to x509write_csr
2013-09-09 12:38:45 +02:00
15162a054a
Writing of X509v3 extensions supported
...
Standard extensions already in: basicConstraints, subjectKeyIdentifier
and authorityKeyIdentifier
2013-09-06 19:27:21 +02:00
9397dcb0e8
Base X509 certificate writing functinality
2013-09-06 10:36:28 +02:00
ca174fef80
Merged refactored x509write module into development
2013-08-28 16:32:51 +02:00
ac75523593
Adapt ssl_set_own_cert() to generic keys
2013-08-27 22:21:20 +02:00
135f1e9c70
Move PEM conversion of DER data to x509write module
2013-08-26 17:37:18 +02:00
57be6e22cf
cert_req now supports key_usage and ns_cert_type command line options
2013-08-26 17:37:18 +02:00
82e2945ed2
Changed naming and prototype convention for x509write functions
...
CSR writing functions now start with x509write_csr_*()
DER writing functions now have the context at the start instead of the
end conforming to other modules.
2013-08-25 11:01:31 +02:00
384d4351ce
Added cert_req to CMakeLists.txt
2013-08-25 10:51:18 +02:00
8eabfc1461
Rewrote x509 certificate request writing to use structure for storing
2013-08-25 10:51:18 +02:00
ba4878aa64
Rename x509parse_key & co with _rsa suffix
2013-07-08 15:31:18 +02:00
3c5ef71322
Cleanup up non-prototyped functions (static) and const-correctness in programs
2013-06-25 16:37:45 +02:00
ef3f8c747e
Fixed const correctness issues in programs and tests
...
(cherry picked from commit e0225e4d7f
2013-06-24 19:09:24 +02:00
777a5757d6
ca_path and ca_file arguments added to support chain validation in
...
cert_app
2013-05-21 16:20:04 +02:00
c70b982056
OID functionality moved to a separate module.
...
A new OID module has been created that contains the main OID searching
functionality based on type-dependent arrays. A base type is used to
contain the basic values (oid_descriptor_t) and that type is extended to
contain type specific information (like a pk_alg_t).
As a result the rsa sign and verify function prototypes have changed. They
now expect a md_type_t identifier instead of the removed RSA_SIG_XXX
defines.
All OID definitions have been moved to oid.h
All OID matching code is in the OID module.
The RSA PKCS#1 functions cleaned up as a result and adapted to use the
MD layer.
The SSL layer cleanup up as a result and adapted to use the MD layer.
The X509 parser cleaned up and matches OIDs in certificates with new
module and adapted to use the MD layer.
The X509 writer cleaned up and adapted to use the MD layer.
Apps and tests modified accordingly
2013-04-07 22:00:46 +02:00
68884e3c09
Moved to advanced ciphersuite representation and more dynamic SSL code
2013-03-13 14:48:32 +01:00
9a73632fd9
- Merged changesets 1399 up to and including 1415 into 1.2 branch
2012-11-14 12:39:52 +00:00
0a59707523
- Added simple SSL session cache implementation
...
- Revamped session resumption handling
2012-09-25 21:55:46 +00:00
48916f9b67
- Added Secure Renegotiation (RFC 5746)
2012-09-16 19:57:18 +00:00
92eeea4627
- Modified CMakeLists to support zlib
2012-07-03 15:10:33 +00:00
12f5dbb8b4
- Fixed MD type to SHA1
2012-03-05 13:37:13 +00:00
89f3fc5bf1
- Removed superfluous debugging info
2012-02-16 13:36:38 +00:00
bdb912db69
- Added preliminary ASN.1 buffer writing support
...
- Added preliminary X509 Certificate Request writing support
- Added key_app_writer example application
- Added cert_req example application
2012-02-13 23:11:30 +00:00
b1dee1cfd2
- Changed commands to lowercase where it was not the case
2011-12-11 11:29:51 +00:00
69e095cc15
- Changed the behaviour of x509parse_parse_crt for permissive parsing. Now returns the number of 'failed certificates' instead of having a switch to enable it.
...
- As a consequence all error code that were positive were changed. A lot of MALLOC_FAILED and FILE_IO_ERROR error codes added for different modules.
- Programs and tests were adapted accordingly
2011-12-10 21:55:01 +00:00
b8ba90b316
- Enlarged default CRL size buffer
2011-12-05 14:34:12 +00:00
508ad5ab6d
- Moved all examples programs to use the new entropy and CTR_DRBG
2011-12-04 17:09:26 +00:00
6c0ceb3f9a
- Added permissive certificate parsing to x509parse_crt() and x509parse_crtfile(). With permissive parsing the parsing does not stop on encountering a parse-error
2011-12-04 12:24:18 +00:00
a3d195c41f
- Changed the used random function pointer to more flexible format. Renamed havege_rand() to havege_random() to prevent mistakes. Lots of changes as a consequence in library code and programs
2011-11-27 21:07:34 +00:00
5c356d6f8f
- Fixed typo
2011-11-25 13:17:45 +00:00
14cb63a40c
- cert_app now prints all certificates in the file given, not just the first
2011-11-25 12:44:31 +00:00
