TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / a4dfc0d73d1f94d55dfd77d69505b22a7de93ba6 / library
  1. fd5c185 Use uint16_t to store key usage field in X.509 CRT by Hanno Becker · 6 years ago
  2. 54f1c2c Rename MBEDTLS_X509_SAFE_SNPRINTF_WITH_ERROR to _WITH_CLEANUP by Hanno Becker · 6 years ago
  3. f332a97 Add ASN.1 API to free linked list representation of ASN.1 sequences by Hanno Becker · 6 years ago
  4. 7b8e11e Avoid allocating empty buffers when handling length-0 CRTs by Hanno Becker · 6 years ago
  5. 529f25d Don't use mbedtls_asn1_get_sequence_of() in x509_crt.c by Hanno Becker · 6 years ago
  6. 15b73b4 Correct placement of comment on X.509 SAN parsing by Hanno Becker · 6 years ago
  7. e452add Comment on return value type in two internal X.509 functions by Hanno Becker · 6 years ago
  8. be0cf9b Improve formatting in x509.c by Hanno Becker · 6 years ago
  9. f6bc888 Move declarations of internal X.509 functions to separate header by Hanno Becker · 6 years ago
  10. 1421246 Update version_features.c by Hanno Becker · 6 years ago
  11. 7642835 Move existence check for pk/frame to mbedtls_x509_crt_provide_xxx() by Hanno Becker · 6 years ago
  12. bc68519 Implement MBEDTLS_X509_ALWAYS_FLUSH by Hanno Becker · 6 years ago
  13. c6d1c3e Remove frame/pk parameter from mbedtls_x509_crt_xxx_release() by Hanno Becker · 6 years ago
  14. 38f0cb4 Introduce helpers for conversion between X.509 buffer structs by Hanno Becker · 6 years ago
  15. 1e11f21 Solely use raw X.509 name data references including SEQUENCE header by Hanno Becker · 6 years ago
  16. 4e021c8 Remove raw SubjectAltNames and ExtKeyUsage from legacy CRT struct by Hanno Becker · 6 years ago
  17. ea32d8b Provide direct way of setting up a CRT frame from legacy CRT struct by Hanno Becker · 6 years ago
  18. 5226c53 Modify mbedtls_x509_crt_info() to use getter API by Hanno Becker · 6 years ago
  19. 7a4de9c Flush CRT cache after parsing by Hanno Becker · 6 years ago
  20. 828a8c0 Add compile-guard for < TLS1.2 path in server-side ssl_pick_cert() by Hanno Becker · 6 years ago
  21. 2bcc764 Give x509_{sequence|name}_free() external linkage by Hanno Becker · 6 years ago
  22. ab6c8ea Add public API to query SubjectAltNames and ExtKeyUsage extensions by Hanno Becker · 6 years ago
  23. 63e6998 Add public API to query subject and issuer from CRT by Hanno Becker · 6 years ago
  24. 823efad Add public API to query for CRT frame and PK by Hanno Becker · 6 years ago
  25. 180f7bf Add compile-time option to remove legacy CRT fields by Hanno Becker · 6 years ago
  26. b6c39fc Add parsing cache to `mbedtls_x509_crt` by Hanno Becker · 6 years ago
  27. 73cd8d8 Make use of acquire/release in ssl_parse_certificate_verify() by Hanno Becker · 6 years ago
  28. 2fefa48 Make use of acquire/release in ssl_parse_server_key_exchange() by Hanno Becker · 6 years ago
  29. 39ae65c Make use of acquire/release in ssl_get_ecdh_params_from_cert() by Hanno Becker · 6 years ago
  30. 0c16816 Make use of acquire/release in client-side ssl_write_encrypted_pms() by Hanno Becker · 6 years ago
  31. 232f8fa Make use of CRT acquire/release in ssl_write_certificate_request() by Hanno Becker · 6 years ago
  32. 30649f7 Make use of CRT acquire/release in server-side ssl_pick_cert() by Hanno Becker · 6 years ago
  33. 8c13ee6 Make use of CRT acquire/release in ssl_parse_certificate_verify() by Hanno Becker · 6 years ago
  34. 6cb5f86 Make use of CRT acquire/release in mbedtls_debug_print_crt() by Hanno Becker · 6 years ago
  35. 8723336 Make use of CRT acquire/release in x509_crt_verify_restartable by Hanno Becker · 6 years ago
  36. 082435c Make use of CRT acquire/release in x509_crt_verify_name() by Hanno Becker · 6 years ago
  37. 58c3564 Make use of CRT acquire/release in CRT chain verification #2 by Hanno Becker · 6 years ago
  38. bb26613 Make use of CRT acquire/release in x509_crt_verifycrl() by Hanno Becker · 6 years ago
  39. 79ae5b6 Make use of CRT acquire/release in x509_serial_is_revoked() by Hanno Becker · 6 years ago
  40. e9718b4 Make use of CRT acquire/release in ExtKeyUsage checking by Hanno Becker · 6 years ago
  41. 371e0e4 Determine whether CRT is initialized or not through raw data pointer by Hanno Becker · 6 years ago
  42. 4f869ed Make use of CRT acquire/release in mbedtls_x509_crt_info() by Hanno Becker · 6 years ago
  43. 45eedf1 Make use of CRT acquire/release in mbedtls_x509_crt_check_key_usage by Hanno Becker · 6 years ago
  44. 43bf900 Make use of CRT acquire/release searching for issuer in CRT verif. by Hanno Becker · 6 years ago
  45. e449e2d Make use of CRT acquire/release for X.509 CRT signature checking by Hanno Becker · 6 years ago
  46. 5299cf8 Add structure holding X.509 CRT signature information by Hanno Becker · 6 years ago
  47. a788cab Check validity of potential parent before checking signature by Hanno Becker · 6 years ago
  48. 1e0677a Make use of CRT acquire/release for child in CRT chain verification by Hanno Becker · 6 years ago
  49. 337088a Add internal API for acquire/release of CRT frames and PKs by Hanno Becker · 6 years ago
  50. 21f5567 Introduce X.509 CRT frame structure by Hanno Becker · 6 years ago
  51. c6573a2 Convert X.509 name buffer to linked list via name traversal callback by Hanno Becker · 6 years ago
  52. 6b37812 Add `next_merged` field to X.509 name comparison abort callback by Hanno Becker · 6 years ago
  53. 10e6b9b Move point of re-entry for restartable X.509 verification by Hanno Becker · 6 years ago
  54. b59d3f1 Add single function to parse ASN.1 AlgorithmIdentifier to x509.c by Hanno Becker · 6 years ago
  55. 1898b68 Allow NULL pointer in mbedtls_x509_get_sig_alg if params not needed by Hanno Becker · 6 years ago
  56. c84fd1c Check whether CRT is revoked by passing its serial number only by Hanno Becker · 6 years ago
  57. b3def1d Move length check into mbedtls_x509_memcasecmp() by Hanno Becker · 6 years ago
  58. f1b39bf Implement v3 Extension parsing through ASN.1 SEQUENCE OF traversal by Hanno Becker · 6 years ago
  59. c7c638e Implement ExtKeyUsage traversal via ASN.1 SEQUENCE OF traversal by Hanno Becker · 6 years ago
  60. 90b9408 Implement SubjectAltName traversal via ASN.1 SEQUENCE OF traversal by Hanno Becker · 6 years ago
  61. 8730610 Introduce ASN.1 API for traversing ASN.1 SEQUENCEs by Hanno Becker · 6 years ago
  62. 5984d30 Make use of cb to build linked list presentation of SubjectAltName by Hanno Becker · 6 years ago
  63. ad46219 Add cb to build dynamic linked list representation of SubjectAltName by Hanno Becker · 6 years ago
  64. da41082 Add callback to search through SubjectAltNames extension by Hanno Becker · 6 years ago
  65. 2c6cc04 Add function to traverse raw SubjectAltName extension by Hanno Becker · 6 years ago
  66. 2492622 Pass raw data to x509_check_wildcard() and `x509_crt_check_cn()` by Hanno Becker · 6 years ago
  67. ded167e Add raw buffer holding SubjectAlternativeName ext to CRT structure by Hanno Becker · 6 years ago
  68. e1956af Check for extended key usage by traversing raw extension data by Hanno Becker · 6 years ago
  69. 7ec9c36 Add buffer holding raw ExtKeyUsage extension data to CRT struct by Hanno Becker · 6 years ago
  70. 8b543b3 Make use of abort condition callback in CN comparison by Hanno Becker · 6 years ago
  71. 67284cc Add abort condition callback to `mbedtls_x509_name_cmp_raw()` by Hanno Becker · 6 years ago
  72. 7dee12a Make use of raw comparison function in CRT verification by Hanno Becker · 6 years ago
  73. f8a4286 Add buffers with raw issuer/subject data to CRT structure by Hanno Becker · 6 years ago
  74. a632e36 Add buffer with raw issuer data to CRL structure by Hanno Becker · 6 years ago
  75. a3a2ca1 Provide X.509 name comparison based on raw ASN.1 data by Hanno Becker · 6 years ago
  76. 88de342 Move x509_name_cmp() from x509_crt.c to x509.c by Hanno Becker · 6 years ago
  77. 83cd867 Remove `sig_oid` parameter from mbedtls_x509_sig_alg_gets() by Hanno Becker · 6 years ago
  78. f226998 Reduce code-size of mbedtls_asn1_get_sequence_of() by Hanno Becker · 6 years ago
  79. b541986 Reduce code-size of mbedtls_asn1_get_alg() by Hanno Becker · 6 years ago
  80. 30cb1ac Reduce code-size of mbedtls_x509_get_name() by Hanno Becker · 6 years ago
  81. 3470d59 Simplify implementation of mbedtls_x509_get_name() by Hanno Becker · 6 years ago
  82. b40dc58 Introduce a helper macro to check for ASN.1 string tags by Hanno Becker · 6 years ago
  83. ace04a6 Move bounds check into ASN.1 parsing function by Hanno Becker · 6 years ago
  84. 74b89f6 Use private key to check suitability of PK type when picking srv CRT by Hanno Becker · 6 years ago
  85. 81bb4d0 Simplify server-side ssl_decrypt_encrypted_pms() by Hanno Becker · 6 years ago
  86. cd03bb2 Introduce helper functions to free X.509 names and sequences by Hanno Becker · 6 years ago
  87. 393338c Merge pull request #586 from ARMmbed/remove_peer_crt_after_handshake_no_digest-baremetal by Manuel Pégourié-Gonnard · 6 years ago
  88. 79cf74a Merge pull request #583 from ARMmbed/remove_peer_crt_after_handshake-baremetal by Manuel Pégourié-Gonnard · 6 years ago
  89. cc3b7cc Merge pull request #579 from Patater/bm-dont-use-non-existent-encrypt-then-mac by Manuel Pégourié-Gonnard · 6 years ago
  90. 5882dd0 Remove CRT digest from SSL session if !RENEGO + !KEEP_PEER_CERT by Hanno Becker · 6 years ago
  91. 0528f82 Clarify documentation of serialized session format by Hanno Becker · 6 years ago
  92. 17daaa5 Move return statement in ssl_srv_check_client_no_crt_notification by Hanno Becker · 6 years ago
  93. 2326d20 Validate consistency of certificate hash type and length in session by Hanno Becker · 6 years ago
  94. fd5dc8a Fix unused variable warning in ssl_parse_certificate_coordinate() by Hanno Becker · 6 years ago
  95. c39e23e Add further debug statements on assertion failures by Hanno Becker · 6 years ago
  96. 42de8f8 Fix typo in documentation of ssl_parse_certificate_chain() by Hanno Becker · 6 years ago
  97. e9839c0 Add debug output in case of assertion failure by Hanno Becker · 6 years ago
  98. 9d64b78 Set peer CRT length only after successful allocation by Hanno Becker · 6 years ago
  99. 257ef65 Remove question in comment about verify flags on cli vs. server by Hanno Becker · 6 years ago
  100. 34106f6 Free peer CRT chain immediately after verifying it by Hanno Becker · 6 years ago