Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						b134060f90 
					 
					
						
						
							
							Fix memory leak with crafted X.509 certs  
						
						
						
						
					 
					
						2014-11-12 00:01:52 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						ef9a6aec51 
					 
					
						
						
							
							Allow comparing name with mismatched encodings  
						
						
						
						
					 
					
						2014-10-17 12:42:31 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						88421246d8 
					 
					
						
						
							
							Rename a function  
						
						
						
						
					 
					
						2014-10-17 12:42:30 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						5a5fa92bfe 
					 
					
						
						
							
							x509_crt_parse() did not increase total_failed on PEM error  
						
						... 
						
						
						
						Result was that PEM errors in files with multiple certificates were not
detectable by the user. 
						
						
					 
					
						2014-10-03 15:47:13 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						d249b7ab9a 
					 
					
						
						
							
							Restore ability to trust non-CA selfsigned EE cert  
						
						
						
						
					 
					
						2014-06-25 11:26:13 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						c4eff16516 
					 
					
						
						
							
							Restore ability to use v1 CA if trusted locally  
						
						
						
						
					 
					
						2014-06-25 11:26:12 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						1c082f34f3 
					 
					
						
						
							
							Update description and references for X.509 files  
						
						
						
						
					 
					
						2014-06-23 11:52:59 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						66d5d076f7 
					 
					
						
						
							
							Fix formatting in various code to match spacing from coding style  
						
						
						
						
					 
					
						2014-06-17 17:06:47 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						d8bb82665e 
					 
					
						
						
							
							Fix code styling for return statements  
						
						
						
						
					 
					
						2014-06-17 14:06:49 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						3461772559 
					 
					
						
						
							
							Introduce polarssl_zeroize() instead of memset() for zeroization  
						
						
						
						
					 
					
						2014-06-14 16:46:03 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						c2ff2083ee 
					 
					
						
						
							
							Merge parsing and verification of RSASSA-PSS in X.509 modules  
						
						
						
						
					 
					
						2014-06-12 22:02:47 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						d1539b1e88 
					 
					
						
						
							
							Rename RSASSA_PSS_CERTIFICATES to X509_RSASSA_PSS_SUPPORT  
						
						
						
						
					 
					
						2014-06-06 16:42:37 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						53882023e7 
					 
					
						
						
							
							Also verify CRLs signed with RSASSA-PSS  
						
						
						
						
					 
					
						2014-06-05 17:59:55 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						46db4b070c 
					 
					
						
						
							
							Use pk_verify_ext() in x509_crt.c  
						
						
						
						
					 
					
						2014-06-05 17:08:46 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						bf696d030b 
					 
					
						
						
							
							Make sig_opts non-optional in X509 structures  
						
						... 
						
						
						
						This simplifies the code. 
						
						
					 
					
						2014-06-05 17:08:46 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						dddbb1d1eb 
					 
					
						
						
							
							Rm sig_params from various X509 structures  
						
						
						
						
					 
					
						2014-06-05 17:08:46 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						9113603b6b 
					 
					
						
						
							
							Use sig_opts in x509_sig_alg_gets()  
						
						
						
						
					 
					
						2014-06-05 15:41:39 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						f75f2f7c46 
					 
					
						
						
							
							Add sig_opts member to X509 structures  
						
						
						
						
					 
					
						2014-06-05 15:14:59 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						920e1cd5e2 
					 
					
						
						
							
							Add basic PSS cert verification  
						
						... 
						
						
						
						Still todo:
- handle MGF-hash != sign-hash
- check effective salt len == announced salt len
- add support in the PK layer so that we don't have to bypass it here 
						
						
					 
					
						2014-06-04 12:09:08 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						cac31eed9e 
					 
					
						
						
							
							Factor common code for printing sig_alg  
						
						
						
						
					 
					
						2014-06-02 16:12:46 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						cf975a3857 
					 
					
						
						
							
							Factor out some common code  
						
						
						
						
					 
					
						2014-06-02 16:12:46 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						9df5c96214 
					 
					
						
						
							
							Fix dependencies  
						
						
						
						
					 
					
						2014-06-02 16:10:29 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						e76b750b69 
					 
					
						
						
							
							Finish parsing RSASSA-PSS parameters  
						
						
						
						
					 
					
						2014-06-02 16:10:29 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						f346bab139 
					 
					
						
						
							
							Start parsing RSASSA-PSS parameters  
						
						
						
						
					 
					
						2014-06-02 16:10:29 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						59a75d5b9d 
					 
					
						
						
							
							Basic parsing of certs signed with RSASSA-PSS  
						
						
						
						
					 
					
						2014-06-02 16:10:29 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						14b16c62e9 
					 
					
						
						
							
							Minor optimizations (original by Peter Vaskovic, modified by Paul Bakker)  
						
						... 
						
						
						
						Move strlen out of for loop.
Remove redundant null checks before free. 
						
						
					 
					
						2014-05-28 11:34:33 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						b9e4e2c97a 
					 
					
						
						
							
							Fix formatting: fix some 'easy' > 80 length lines  
						
						
						
						
					 
					
						2014-05-01 14:18:25 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						9af723cee7 
					 
					
						
						
							
							Fix formatting: remove trailing spaces, #endif with comments (> 10 lines)  
						
						
						
						
					 
					
						2014-05-01 13:03:14 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						cef4ad2509 
					 
					
						
						
							
							Adapt sources to configurable config.h name  
						
						
						
						
					 
					
						2014-04-30 16:40:20 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						7afb8a0dca 
					 
					
						
						
							
							Add x509_crt_check_extended_key_usage()  
						
						
						
						
					 
					
						2014-04-11 11:09:00 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						490047cc44 
					 
					
						
						
							
							Code cosmetics  
						
						
						
						
					 
					
						2014-04-09 15:50:58 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						312010e6e9 
					 
					
						
						
							
							Factor common parent checking code  
						
						
						
						
					 
					
						2014-04-09 15:50:58 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						f93a3c4335 
					 
					
						
						
							
							Check the CA bit on trusted CAs too  
						
						
						
						
					 
					
						2014-04-09 15:50:58 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						99d4f19111 
					 
					
						
						
							
							Add keyUsage checking for CAs  
						
						
						
						
					 
					
						2014-04-09 15:50:58 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						3fed0b3264 
					 
					
						
						
							
							Factor some common code in x509_verify{,_child}  
						
						
						
						
					 
					
						2014-04-09 15:50:57 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						603116c570 
					 
					
						
						
							
							Add x509_crt_check_key_usage()  
						
						
						
						
					 
					
						2014-04-09 15:50:57 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						8c045ef8e4 
					 
					
						
						
							
							Fix embarrassing X.509 bug introduced in  9533765 
						
						
						
						
					 
					
						2014-04-08 11:55:03 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						e4205dc50a 
					 
					
						
						
							
							Merged printing of X509 extensions  
						
						
						
						
					 
					
						2014-04-04 15:36:10 +02:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						5ff3f9134b 
					 
					
						
						
							
							Small fix for EFI build under Windows in x509_crt.c  
						
						
						
						
					 
					
						2014-04-04 15:08:20 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						0db29b05b5 
					 
					
						
						
							
							More compact code using macros  
						
						
						
						
					 
					
						2014-04-04 14:01:39 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						7b30cfc5b0 
					 
					
						
						
							
							x509_crt_info() list output cosmectics  
						
						
						
						
					 
					
						2014-04-04 14:01:39 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						f6f4ab40d3 
					 
					
						
						
							
							Print extended key usage in x509_crt_info()  
						
						
						
						
					 
					
						2014-04-04 14:01:39 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						65c2ddc318 
					 
					
						
						
							
							Print key_usage in x509_crt_info()  
						
						
						
						
					 
					
						2014-04-04 14:01:39 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						bce2b30855 
					 
					
						
						
							
							Print subject alt name in x509_crt_info()  
						
						
						
						
					 
					
						2014-04-04 14:01:39 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						919f8f5829 
					 
					
						
						
							
							Print NS Cert Type in x509_crt_info()  
						
						
						
						
					 
					
						2014-04-04 14:01:39 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						b28487db1f 
					 
					
						
						
							
							Start printing extensions in x509_crt_info()  
						
						
						
						
					 
					
						2014-04-04 14:01:39 +02:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						9533765b25 
					 
					
						
						
							
							Reject certs and CRLs from the future  
						
						
						
						
					 
					
						2014-03-13 19:25:06 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						c9093085ed 
					 
					
						
						
							
							Revert "Merged RSA-PSS support in Certificate, CSR and CRL"  
						
						... 
						
						
						
						This reverts commit ab50d8d30ce31b1d992a 
						
						
					 
					
						2014-02-12 09:39:59 +01:00 
						 
				 
			
				
					
						
							
							
								Manuel Pégourié-Gonnard 
							
						 
					 
					
						
						
							
						
						6df09578bb 
					 
					
						
						
							
							Revert "Mutex call in x509_crt.c depended on PTHREAD specific instead of generic"  
						
						... 
						
						
						
						This reverts commit 9eae7aae80 
						
						
					 
					
						2014-02-12 09:29:05 +01:00 
						 
				 
			
				
					
						
							
							
								Paul Bakker 
							
						 
					 
					
						
						
							
						
						9eae7aae80 
					 
					
						
						
							
							Mutex call in x509_crt.c depended on PTHREAD specific instead of generic  
						
						... 
						
						
						
						threading 
						
						
					 
					
						2014-02-06 14:51:53 +01:00