0a543a8bc5
Merge pull request #320 from Inikup/fix-issue-318
...
Fix boolean values according to DER specs
2015-11-02 05:52:42 +09:00
00ee6eee54
Test certificate "Server1 SHA1, key_usage" reissued.
2015-10-14 13:15:22 +02:00
ef4f2588f3
Additional corner cases for testing pathlen constrains. Just in case.
2015-10-11 16:17:27 +02:00
822b2c33b9
Added test case for pathlen constrains in intermediate certificates
2015-10-11 10:39:15 +02:00
560fea3767
Add tests for verify callback
...
As we're about to change the chain construction logic, we want to make sure
the callback will still be called exactly when it should, and not on the
(upcoming) ignored certs in the chain.
2015-09-01 17:24:42 +02:00
052d10c9d5
Accept a trailing space at end of PEM lines
...
With certs being copy-pasted from webmails and all, this will probably become
more and more common.
closes #226
2015-07-31 11:11:26 +02:00
9a702255f4
Add parsing/printing for new X.509 keyUsage flags
2015-06-23 13:09:10 +02:00
6ea831dcf4
Add tests for mbedtls_set_hs_ca_chain()
2015-06-22 17:30:18 +02:00
7a010aabde
Add tests for dhm_min_bitlen
2015-06-17 14:27:38 +02:00
5119df2022
Add test case for dh params with privateValueLength
2015-04-15 13:50:29 +02:00
e6c8366b46
Fix bug in pk_parse_key()
2015-04-15 11:21:24 +02:00
6152b0267c
Fixed typos
2015-04-14 15:00:09 +02:00
39ead3ef2f
Add test certificate for bitstring in DN
2015-03-27 13:11:33 +01:00
57a5d60abb
Add tests for concatenated CRLs
2014-11-19 16:08:34 +01:00
4be3449dbc
Add Readme about X.509 test files
2014-11-19 14:03:59 +01:00
9c911da68f
Add tests for X.509 name encoding mismatch
2014-10-17 12:42:31 +02:00
64938c63f0
Accept spaces at end of line/buffer in base64
2014-10-15 23:53:33 +02:00
da1b4de0e4
Increase MPI_MAX_BYTES to allow RSA 8192
2014-10-15 22:06:46 +02:00
5a5fa92bfe
x509_crt_parse() did not increase total_failed on PEM error
...
Result was that PEM errors in files with multiple certificates were not
detectable by the user.
2014-10-03 15:47:13 +02:00
192253aaa9
Fix buffer size in pk_write_*_pem()
2014-08-14 11:34:35 +02:00
d249b7ab9a
Restore ability to trust non-CA selfsigned EE cert
2014-06-25 11:26:13 +02:00
c4eff16516
Restore ability to use v1 CA if trusted locally
2014-06-25 11:26:12 +02:00
5873b00b7f
Add pathological RSASSA-PSS test certificates
...
Certificates announcing different PSS options than the ones actually used for
the signature. Makes sure the options are correctly passed to the verification
function.
2014-06-07 11:21:52 +02:00
eacccb7fb9
Add RSASSA-PSS certificate with all defaults
2014-06-05 18:00:08 +02:00
53882023e7
Also verify CRLs signed with RSASSA-PSS
2014-06-05 17:59:55 +02:00
920e1cd5e2
Add basic PSS cert verification
...
Still todo:
- handle MGF-hash != sign-hash
- check effective salt len == announced salt len
- add support in the PK layer so that we don't have to bypass it here
2014-06-04 12:09:08 +02:00
39868ee301
Parse CSRs signed with RSASSA-PSS
2014-06-02 16:10:30 +02:00
2a8d7fd76e
Add tests for parsing CSRs
2014-06-02 16:10:29 +02:00
8e42ff6bde
Parse CRLs signed with RSASSA-PSS
2014-06-02 16:10:29 +02:00
e76b750b69
Finish parsing RSASSA-PSS parameters
2014-06-02 16:10:29 +02:00
59a75d5b9d
Basic parsing of certs signed with RSASSA-PSS
2014-06-02 16:10:29 +02:00
7afb8a0dca
Add x509_crt_check_extended_key_usage()
2014-04-11 11:09:00 +02:00
99d4f19111
Add keyUsage checking for CAs
2014-04-09 15:50:58 +02:00
7f2a07d7b2
Check keyUsage in SSL client and server
2014-04-09 15:50:57 +02:00
3fec220a33
Add test for dhm_parse_dhmfile
2014-04-04 16:42:44 +02:00
6c1a73e061
Improve x509xrite_csr testing: extensions, version
2014-04-04 16:33:01 +02:00
c5ce83a3b8
Improve x509xrite_csr testing: extensions, ECDSA
2014-04-04 16:33:01 +02:00
6c33a16dae
Add previously forgotten test files... oops!
2014-04-04 16:23:29 +02:00
f6f4ab40d3
Print extended key usage in x509_crt_info()
2014-04-04 14:01:39 +02:00
76b8ab73cd
ssl-opt.sh: address some robustness issues
2014-03-26 14:21:34 +01:00
a11a77f316
Add test for SpecifiedECDomain
2014-03-19 16:50:59 +01:00
5b2d776d2a
GnuTLS in compat.sh: server-side
2014-03-14 08:41:02 +01:00
9533765b25
Reject certs and CRLs from the future
2014-03-13 19:25:06 +01:00
6304f786e0
Add x509_time_future()
2014-03-13 19:25:06 +01:00
c9093085ed
Revert "Merged RSA-PSS support in Certificate, CSR and CRL"
...
This reverts commit ab50d8d30ce31b1d992a
2014-02-12 09:39:59 +01:00
41cae8e1f9
Parse CSRs signed with RSASSA-PSS
2014-01-25 12:48:58 +01:00
d4fd57dda4
Add tests for parsing CSRs
2014-01-25 12:48:58 +01:00
5eeb32b552
Parse CRLs signed with RSASSA-PSS
2014-01-25 12:48:58 +01:00
3c1e8b539c
Finish parsing RSASSA-PSS parameters
2014-01-25 12:48:58 +01:00
b1d4eb16e4
Basic parsing of certs signed with RSASSA-PSS
2014-01-25 12:48:58 +01:00
