TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / b3def1d341129db4ab4d19df44fcf05ece13df76 / library
  1. b3def1d Move length check into mbedtls_x509_memcasecmp() by Hanno Becker · 6 years ago
  2. f1b39bf Implement v3 Extension parsing through ASN.1 SEQUENCE OF traversal by Hanno Becker · 6 years ago
  3. c7c638e Implement ExtKeyUsage traversal via ASN.1 SEQUENCE OF traversal by Hanno Becker · 6 years ago
  4. 90b9408 Implement SubjectAltName traversal via ASN.1 SEQUENCE OF traversal by Hanno Becker · 6 years ago
  5. 8730610 Introduce ASN.1 API for traversing ASN.1 SEQUENCEs by Hanno Becker · 6 years ago
  6. 5984d30 Make use of cb to build linked list presentation of SubjectAltName by Hanno Becker · 6 years ago
  7. ad46219 Add cb to build dynamic linked list representation of SubjectAltName by Hanno Becker · 6 years ago
  8. da41082 Add callback to search through SubjectAltNames extension by Hanno Becker · 6 years ago
  9. 2c6cc04 Add function to traverse raw SubjectAltName extension by Hanno Becker · 6 years ago
  10. 2492622 Pass raw data to x509_check_wildcard() and `x509_crt_check_cn()` by Hanno Becker · 6 years ago
  11. ded167e Add raw buffer holding SubjectAlternativeName ext to CRT structure by Hanno Becker · 6 years ago
  12. e1956af Check for extended key usage by traversing raw extension data by Hanno Becker · 6 years ago
  13. 7ec9c36 Add buffer holding raw ExtKeyUsage extension data to CRT struct by Hanno Becker · 6 years ago
  14. 8b543b3 Make use of abort condition callback in CN comparison by Hanno Becker · 6 years ago
  15. 67284cc Add abort condition callback to `mbedtls_x509_name_cmp_raw()` by Hanno Becker · 6 years ago
  16. 7dee12a Make use of raw comparison function in CRT verification by Hanno Becker · 6 years ago
  17. f8a4286 Add buffers with raw issuer/subject data to CRT structure by Hanno Becker · 6 years ago
  18. a632e36 Add buffer with raw issuer data to CRL structure by Hanno Becker · 6 years ago
  19. a3a2ca1 Provide X.509 name comparison based on raw ASN.1 data by Hanno Becker · 6 years ago
  20. 88de342 Move x509_name_cmp() from x509_crt.c to x509.c by Hanno Becker · 6 years ago
  21. 83cd867 Remove `sig_oid` parameter from mbedtls_x509_sig_alg_gets() by Hanno Becker · 6 years ago
  22. f226998 Reduce code-size of mbedtls_asn1_get_sequence_of() by Hanno Becker · 6 years ago
  23. b541986 Reduce code-size of mbedtls_asn1_get_alg() by Hanno Becker · 6 years ago
  24. 30cb1ac Reduce code-size of mbedtls_x509_get_name() by Hanno Becker · 6 years ago
  25. 3470d59 Simplify implementation of mbedtls_x509_get_name() by Hanno Becker · 6 years ago
  26. b40dc58 Introduce a helper macro to check for ASN.1 string tags by Hanno Becker · 6 years ago
  27. ace04a6 Move bounds check into ASN.1 parsing function by Hanno Becker · 6 years ago
  28. 74b89f6 Use private key to check suitability of PK type when picking srv CRT by Hanno Becker · 6 years ago
  29. 81bb4d0 Simplify server-side ssl_decrypt_encrypted_pms() by Hanno Becker · 6 years ago
  30. cd03bb2 Introduce helper functions to free X.509 names and sequences by Hanno Becker · 6 years ago
  31. 393338c Merge pull request #586 from ARMmbed/remove_peer_crt_after_handshake_no_digest-baremetal by Manuel Pégourié-Gonnard · 6 years ago
  32. 79cf74a Merge pull request #583 from ARMmbed/remove_peer_crt_after_handshake-baremetal by Manuel Pégourié-Gonnard · 6 years ago
  33. cc3b7cc Merge pull request #579 from Patater/bm-dont-use-non-existent-encrypt-then-mac by Manuel Pégourié-Gonnard · 6 years ago
  34. 5882dd0 Remove CRT digest from SSL session if !RENEGO + !KEEP_PEER_CERT by Hanno Becker · 6 years ago
  35. 0528f82 Clarify documentation of serialized session format by Hanno Becker · 6 years ago
  36. 17daaa5 Move return statement in ssl_srv_check_client_no_crt_notification by Hanno Becker · 6 years ago
  37. 2326d20 Validate consistency of certificate hash type and length in session by Hanno Becker · 6 years ago
  38. fd5dc8a Fix unused variable warning in ssl_parse_certificate_coordinate() by Hanno Becker · 6 years ago
  39. c39e23e Add further debug statements on assertion failures by Hanno Becker · 6 years ago
  40. 42de8f8 Fix typo in documentation of ssl_parse_certificate_chain() by Hanno Becker · 6 years ago
  41. e9839c0 Add debug output in case of assertion failure by Hanno Becker · 6 years ago
  42. 9d64b78 Set peer CRT length only after successful allocation by Hanno Becker · 6 years ago
  43. 257ef65 Remove question in comment about verify flags on cli vs. server by Hanno Becker · 6 years ago
  44. 34106f6 Free peer CRT chain immediately after verifying it by Hanno Becker · 6 years ago
  45. 0cc7af5 Parse peer's CRT chain in-place from the input buffer by Hanno Becker · 6 years ago
  46. 6c83db7 Free peer's public key as soon as it's no longer needed by Hanno Becker · 6 years ago
  47. 1757247 Correct compile-time guards for ssl_clear_peer_cert() by Hanno Becker · 6 years ago
  48. bfab9df Guard mbedtls_ssl_get_peer_cert() by new compile-time option by Hanno Becker · 6 years ago
  49. 81d11aa Adapt mbedtls_ssl_parse_certificate() to removal of peer_cert field by Hanno Becker · 6 years ago
  50. 5062897 Adapt ssl_clear_peer_cert() to removal of `peer_cert` field by Hanno Becker · 6 years ago
  51. d5258fa Adapt mbedtls_ssl_session_copy() to removal of `peer_cert` field by Hanno Becker · 6 years ago
  52. cd90126 Adapt client auth detection in ssl_parse_certificate_verify() by Hanno Becker · 6 years ago
  53. 0833c10 Adapt server-side signature verification to use raw public key by Hanno Becker · 6 years ago
  54. 69fad13 Adapt client-side signature verification to use raw public key by Hanno Becker · 6 years ago
  55. 53b6b7e Adapt ssl_get_ecdh_params_from_cert() to use raw public key by Hanno Becker · 6 years ago
  56. 374800a Adapt ssl_write_encrypted_pms() to use raw public key by Hanno Becker · 6 years ago
  57. cf291d6 Make a copy of peer's raw public key after verifying its CRT chain by Hanno Becker · 6 years ago
  58. 3bf8cdf Add field for peer's raw public key to TLS handshake param structure by Hanno Becker · 6 years ago
  59. 32c530e Add raw public key buffer bounds to mbedtls_x509_crt struct by Hanno Becker · 6 years ago
  60. 2e6d347 Remove peer CRT from mbedtls_ssl_session if !KEEP_PEER_CERT by Hanno Becker · 6 years ago
  61. 4a2f8e5 Add peer CRT digest to session tickets by Hanno Becker · 6 years ago
  62. e4aeb76 Parse and verify peer CRT chain in local variable by Hanno Becker · 7 years ago
  63. df75938 Mitigate triple handshake attack by comparing digests only by Hanno Becker · 7 years ago
  64. 3008d28 Compute digest of peer's end-CRT in mbedtls_ssl_parse_certificate() by Hanno Becker · 7 years ago
  65. 9fb6e2e Extend mbedtls_ssl_session by buffer holding peer CRT digest by Hanno Becker · 7 years ago
  66. c88289a Update version_features.c by Hanno Becker · 6 years ago
  67. f02d550 Re-classify errors on missing peer CRT by Hanno Becker · 6 years ago
  68. a177b38 Simplify session cache implementation via mbedtls_ssl_session_copy() by Hanno Becker · 6 years ago
  69. 58fccf2 Give ssl_session_copy() external linkage by Hanno Becker · 6 years ago
  70. 35e4177 Allow passing any X.509 CRT chain to ssl_parse_certificate_chain() by Hanno Becker · 7 years ago
  71. 3cf5061 Introduce helper function for peer CRT chain verification by Hanno Becker · 7 years ago
  72. a7c1df6 Don't progress TLS state machine on peer CRT chain parsing error by Hanno Becker · 7 years ago
  73. ae39b9e Make use of macro and helper detecting whether CertRequest allowed by Hanno Becker · 6 years ago
  74. 6b9a6f3 Add helper function to check whether a CRT msg is expected by Hanno Becker · 6 years ago
  75. 5097cba Introduce helper function to determine whether suite uses server CRT by Hanno Becker · 7 years ago
  76. b71e90a Use helper macro to detect whether some ciphersuite uses CRTs by Hanno Becker · 7 years ago
  77. 613d490 Unify state machine update in mbedtls_ssl_parse_certificate() by Hanno Becker · 7 years ago
  78. a46c287 Clear peer's CRT chain outside before parsing new one by Hanno Becker · 7 years ago
  79. b8a0857 Introduce helper to check for no-CRT notification from client by Hanno Becker · 7 years ago
  80. 8794fd9 Introduce CRT counter to CRT chain parsing function by Hanno Becker · 7 years ago
  81. 2214159 Introduce helper function to clear peer CRT from session structure by Hanno Becker · 7 years ago
  82. 933b9fc Break overly long line in definition of mbedtls_ssl_get_session() by Hanno Becker · 7 years ago
  83. 1332f35 Don't reuse CRT from initial handshake during renegotiation by Hanno Becker · 7 years ago
  84. 7400e8f Merge remote-tracking branch 'origin/pr/591' into baremetal by Simon Butcher · 6 years ago
  85. f2ef573 Merge remote-tracking branch 'origin/pr/598' into baremetal by Simon Butcher · 6 years ago
  86. f1ff745 Merge remote-tracking branch 'origin/pr/597' into baremetal by Simon Butcher · 6 years ago
  87. c6043f2 Address review comments by Hanno Becker · 6 years ago
  88. 02a2193 Rename MBEDTLS_X509_INFO to !MBEDTLS_X509_REMOVE_INFO by Hanno Becker · 6 years ago
  89. dc470ae Reduce code size when mbedtls_x509_*_info() unused by Peter Kolbus · 7 years ago
  90. e83b2c2 Fix unused variable warnings in pkparse.c by Manuel Pégourié-Gonnard · 6 years ago
  91. 889bbc7 Fix unreachable code warnings with armc5 by Manuel Pégourié-Gonnard · 6 years ago
  92. cc71c77 Fix typos, grammar and wording in documentation by Manuel Pégourié-Gonnard · 6 years ago
  93. d87601e Declare and document ssl_context_save()/load() by Manuel Pégourié-Gonnard · 6 years ago
  94. 91fa5ba Add new config MBEDTLS_SSL_CONTEXT_SERIALIZATION by Manuel Pégourié-Gonnard · 6 years ago
  95. 1abb159 Merge branch 'mbedtls-2.16' into baremetal by Hanno Becker · 6 years ago
  96. c725e4b Merge remote-tracking branch 'origin/pr/590' into baremetal by Simon Butcher · 6 years ago
  97. 01a8eb2 Merge remote-tracking branch 'origin/pr/585' into baremetal by Simon Butcher · 6 years ago
  98. ba8b1eb Use negated option for controlling TLS support. by Manuel Pégourié-Gonnard · 6 years ago
  99. 418e761 Merge remote-tracking branch 'origin/pr/2484' into mbedtls-2.16 by Jaeden Amero · 6 years ago
  100. ec1c222 Fix a few style issues by Manuel Pégourié-Gonnard · 6 years ago