TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / c39e23ebb68cf0bb49f68a54f77bf88494d04dd1
  1. c39e23e Add further debug statements on assertion failures by Hanno Becker · 6 years ago
  2. 42de8f8 Fix typo in documentation of ssl_parse_certificate_chain() by Hanno Becker · 6 years ago
  3. e9839c0 Add debug output in case of assertion failure by Hanno Becker · 6 years ago
  4. 2984bd2 Add config sanity check for !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE by Hanno Becker · 6 years ago
  5. f9ca30d ssl_client2: Zeroize peer CRT info buffer when reconnecting by Hanno Becker · 6 years ago
  6. 890d7ee Reintroduce numerous ssl-opt.sh tests if !MBEDTLS_SSL_KEEP_PEER_CERT by Hanno Becker · 6 years ago
  7. 975c463 ssl_client2: Extract peer CRT info from verification callback by Hanno Becker · 6 years ago
  8. 24bc570 Improve documentation of mbedtls_ssl_get_peer_cert() by Hanno Becker · 6 years ago
  9. 3ed6457 Improve documentation of MBEDTLS_SSL_KEEP_PEER_CERTIFICATE by Hanno Becker · 6 years ago
  10. dd68931 Fix indentation of Doxygen comment in ssl_internal.h by Hanno Becker · 6 years ago
  11. 9d64b78 Set peer CRT length only after successful allocation by Hanno Becker · 6 years ago
  12. 257ef65 Remove question in comment about verify flags on cli vs. server by Hanno Becker · 6 years ago
  13. e669770 Remove misleading and redundant guard around restartable ECC field by Hanno Becker · 6 years ago
  14. 92820a1 Add test for !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE to all.sh by Hanno Becker · 6 years ago
  15. 34106f6 Free peer CRT chain immediately after verifying it by Hanno Becker · 6 years ago
  16. 0cc7af5 Parse peer's CRT chain in-place from the input buffer by Hanno Becker · 6 years ago
  17. 6c83db7 Free peer's public key as soon as it's no longer needed by Hanno Becker · 6 years ago
  18. 1757247 Correct compile-time guards for ssl_clear_peer_cert() by Hanno Becker · 6 years ago
  19. 597ffe4 Adapt ChangeLog by Hanno Becker · 6 years ago
  20. bfab9df Guard mbedtls_ssl_get_peer_cert() by new compile-time option by Hanno Becker · 6 years ago
  21. 8b6d2cd Add dependency to ssl-opt.sh tests which need peer CRT debug info by Hanno Becker · 6 years ago
  22. 81d11aa Adapt mbedtls_ssl_parse_certificate() to removal of peer_cert field by Hanno Becker · 6 years ago
  23. 5062897 Adapt ssl_clear_peer_cert() to removal of `peer_cert` field by Hanno Becker · 6 years ago
  24. d5258fa Adapt mbedtls_ssl_session_copy() to removal of `peer_cert` field by Hanno Becker · 6 years ago
  25. cd90126 Adapt client auth detection in ssl_parse_certificate_verify() by Hanno Becker · 6 years ago
  26. b265f5f Use mbedtls_ssl_get_peer_cert() to query peer cert in cert_app by Hanno Becker · 6 years ago
  27. 0833c10 Adapt server-side signature verification to use raw public key by Hanno Becker · 6 years ago
  28. 69fad13 Adapt client-side signature verification to use raw public key by Hanno Becker · 6 years ago
  29. 53b6b7e Adapt ssl_get_ecdh_params_from_cert() to use raw public key by Hanno Becker · 6 years ago
  30. 374800a Adapt ssl_write_encrypted_pms() to use raw public key by Hanno Becker · 6 years ago
  31. cf291d6 Make a copy of peer's raw public key after verifying its CRT chain by Hanno Becker · 6 years ago
  32. 3bf8cdf Add field for peer's raw public key to TLS handshake param structure by Hanno Becker · 6 years ago
  33. 32c530e Add raw public key buffer bounds to mbedtls_x509_crt struct by Hanno Becker · 6 years ago
  34. 2e6d347 Remove peer CRT from mbedtls_ssl_session if !KEEP_PEER_CERT by Hanno Becker · 6 years ago
  35. 4a2f8e5 Add peer CRT digest to session tickets by Hanno Becker · 6 years ago
  36. e4aeb76 Parse and verify peer CRT chain in local variable by Hanno Becker · 7 years ago
  37. df75938 Mitigate triple handshake attack by comparing digests only by Hanno Becker · 7 years ago
  38. 3008d28 Compute digest of peer's end-CRT in mbedtls_ssl_parse_certificate() by Hanno Becker · 7 years ago
  39. 9fb6e2e Extend mbedtls_ssl_session by buffer holding peer CRT digest by Hanno Becker · 7 years ago
  40. c88289a Update version_features.c by Hanno Becker · 6 years ago
  41. b90f655 Add configuration option to remove peer CRT after handshake by Hanno Becker · 7 years ago
  42. 869144b Improve documentation of mbedtls_ssl_get_peer_cert() by Hanno Becker · 7 years ago
  43. f02d550 Re-classify errors on missing peer CRT by Hanno Becker · 6 years ago
  44. a177b38 Simplify session cache implementation via mbedtls_ssl_session_copy() by Hanno Becker · 6 years ago
  45. 58fccf2 Give ssl_session_copy() external linkage by Hanno Becker · 6 years ago
  46. 35e4177 Allow passing any X.509 CRT chain to ssl_parse_certificate_chain() by Hanno Becker · 7 years ago
  47. 3cf5061 Introduce helper function for peer CRT chain verification by Hanno Becker · 7 years ago
  48. a7c1df6 Don't progress TLS state machine on peer CRT chain parsing error by Hanno Becker · 7 years ago
  49. ae39b9e Make use of macro and helper detecting whether CertRequest allowed by Hanno Becker · 6 years ago
  50. 6b9a6f3 Add helper function to check whether a CRT msg is expected by Hanno Becker · 6 years ago
  51. 5097cba Introduce helper function to determine whether suite uses server CRT by Hanno Becker · 7 years ago
  52. b71e90a Use helper macro to detect whether some ciphersuite uses CRTs by Hanno Becker · 7 years ago
  53. 613d490 Unify state machine update in mbedtls_ssl_parse_certificate() by Hanno Becker · 7 years ago
  54. a46c287 Clear peer's CRT chain outside before parsing new one by Hanno Becker · 7 years ago
  55. b8a0857 Introduce helper to check for no-CRT notification from client by Hanno Becker · 7 years ago
  56. 8794fd9 Introduce CRT counter to CRT chain parsing function by Hanno Becker · 7 years ago
  57. 2214159 Introduce helper function to clear peer CRT from session structure by Hanno Becker · 7 years ago
  58. 933b9fc Break overly long line in definition of mbedtls_ssl_get_session() by Hanno Becker · 7 years ago
  59. 1332f35 Don't reuse CRT from initial handshake during renegotiation by Hanno Becker · 7 years ago
  60. e210b66 Merge remote-tracking branch 'origin/pr/595' into baremetal by Simon Butcher · 6 years ago
  61. 7400e8f Merge remote-tracking branch 'origin/pr/591' into baremetal by Simon Butcher · 6 years ago
  62. f2ef573 Merge remote-tracking branch 'origin/pr/598' into baremetal by Simon Butcher · 6 years ago
  63. f1ff745 Merge remote-tracking branch 'origin/pr/597' into baremetal by Simon Butcher · 6 years ago
  64. 2ad7186 Merge remote-tracking branch 'origin/pr/575' into baremetal by Simon Butcher · 6 years ago
  65. 0c7e36c Merge remote-tracking branch 'origin/pr/572' into baremetal by Simon Butcher · 6 years ago
  66. b2c6383 Add missing !MBEDTLS_X509_REMOVE_INFO guards to ssl-opt.sh by Hanno Becker · 6 years ago
  67. c6043f2 Address review comments by Hanno Becker · 6 years ago
  68. b1cb0bd all.sh: Add test for MBEDTLS_X509_REMOVE_INFO by Peter Kolbus · 7 years ago
  69. 4a156fc Apply guards to make ssl-opt.sh work with MBEDTLS_X509_REMOVE_INFO by Hanno Becker · 6 years ago
  70. b4d967a Remove MBEDTLS_X509_REMOVE_INFO from `scripts/config.pl full` by Hanno Becker · 6 years ago
  71. 98f85c8 Add missing dependencies on !MBEDTLS_X509_REMOVE_INFO by Hanno Becker · 6 years ago
  72. 02a2193 Rename MBEDTLS_X509_INFO to !MBEDTLS_X509_REMOVE_INFO by Hanno Becker · 6 years ago
  73. dc470ae Reduce code size when mbedtls_x509_*_info() unused by Peter Kolbus · 7 years ago
  74. 31ae7fa Add test for build warnings with baremetal.h by Manuel Pégourié-Gonnard · 6 years ago
  75. e83b2c2 Fix unused variable warnings in pkparse.c by Manuel Pégourié-Gonnard · 6 years ago
  76. 070f107 Add --check option to scripts/baremetal.sh by Manuel Pégourié-Gonnard · 6 years ago
  77. 889bbc7 Fix unreachable code warnings with armc5 by Manuel Pégourié-Gonnard · 6 years ago
  78. 19e8132 Add NO_TLS to configs/baremetal.h by Manuel Pégourié-Gonnard · 6 years ago
  79. 8b2608b Fix style issues by Jarno Lamsa · 6 years ago
  80. 29a15c2 Set timer callbacks with serialization by Jarno Lamsa · 6 years ago
  81. 85c2380 Fix spacing by Jarno Lamsa · 6 years ago
  82. 034ae84 Fix compiler warnings by Jarno Lamsa · 6 years ago
  83. 8a91c06 Add tests for re-init flow for context serialization by Jarno Lamsa · 6 years ago
  84. b5ff6a4 Add option for ssl-context re-initialization flow by Jarno Lamsa · 6 years ago
  85. bff4a91 Fix spacing by Jarno Lamsa · 6 years ago
  86. f4f8ed7 Allow stub implementation of the context_save for now by Jarno Lamsa · 6 years ago
  87. 5737ec9 Address review comments for code-style issues by Jarno Lamsa · 6 years ago
  88. 38061f4 Remove mbedtls_ssl_free() and mbedtls_ssl_init() from serialization flow in test by Jarno Lamsa · 6 years ago
  89. cc281b8 ssl-opt.sh tests for serialization are currently using stub implementation by Jarno Lamsa · 6 years ago
  90. dcfc2a7 Add missing slashes to tests by Jarno Lamsa · 6 years ago
  91. fa45e60 Add serialization tests to ssl-opt.sh by Jarno Lamsa · 6 years ago
  92. cf1b672 Use MBEDTLS_SSL_CONTEXT_SERIALIZATION flag by Jarno Lamsa · 6 years ago
  93. f457293 Serialize/deserialize for ssl_server2 by Jarno Lamsa · 6 years ago
  94. 654e8de Rely on opt.exchanges for sending after serialization by Jarno Lamsa · 6 years ago
  95. d736d08 Serialization/deserialization in ssl_client2 by Jarno Lamsa · 6 years ago
  96. 0ea3cfe Add option for serialization in ssl_client/server2 by Jarno Lamsa · 6 years ago
  97. 11d3282 Add a ChangeLog entry. by Manuel Pégourié-Gonnard · 6 years ago
  98. c84511f Add check for undocumented positive option by Manuel Pégourié-Gonnard · 6 years ago
  99. 41efa21 Improve documentation of PROTO_NO_TLS by Manuel Pégourié-Gonnard · 6 years ago
  100. 7667afd Clarify documentation of mbedtls_ssl_context_load() by Manuel Pégourié-Gonnard · 6 years ago