TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / cbb590369c554c294b885c52b8a57774d810a1d9
  1. cbb5903 Minor fixes to CA callback tests by Hanno Becker · 6 years ago
  2. e15dae7 Declare CA callback type even if feature is disabled by Hanno Becker · 6 years ago
  3. f53893b Implement X.509 CRT verification using CA callback by Hanno Becker · 6 years ago
  4. 3116fb3 Add prototype for CRT verification with static and dynamic CA list by Hanno Becker · 6 years ago
  5. afd0b0a Make use of CA callback if present when verifying peer CRT chain by Hanno Becker · 6 years ago
  6. 5adaad9 Add X.509 CA callback to SSL configuration and implement setter API by Hanno Becker · 6 years ago
  7. 1b4a2ba Add possibility to use ca_callbacks in ssl programs by Jarno Lamsa · 6 years ago
  8. 557426a Add a failure testcase for ca callback by Jarno Lamsa · 6 years ago
  9. 912ed33 Change callback name to ca_callback by Jarno Lamsa · 6 years ago
  10. 03cd120 Test for ca list callback by Jarno Lamsa · 6 years ago
  11. 8bf74f3 Add SSL configuration API for trusted CA callbacks by Hanno Becker · 6 years ago
  12. 902451d Improve documentation of old X.509 CRT verification functions by Hanno Becker · 6 years ago
  13. 5c8df78 Add X.509 CRT verification API using trusted CA callbacks by Hanno Becker · 6 years ago
  14. 288dedc Add compile-time option to enable X.509 CA callbacks by Hanno Becker · 6 years ago
  15. 3f8d784 Update library version to 2.17.0 by Jaeden Amero · 6 years ago mbedtls-2.17.0
  16. 535ee4a Merge remote-tracking branch 'public/pr/2421' into development by Simon Butcher · 6 years ago archive/mbedtls-2.17 mbedtls-2.17
  17. 195bdde Merge remote-tracking branch 'restricted/pr/528' into development by Simon Butcher · 6 years ago
  18. 74ac6e3 Merge remote-tracking branch 'public/pr/2028' into development by Simon Butcher · 6 years ago
  19. bbed914 Merge remote-tracking branch 'public/pr/2447' into development by Simon Butcher · 6 years ago
  20. 700cbac Merge remote-tracking branch 'public/pr/2448' into development by Simon Butcher · 6 years ago
  21. 56b9a93 Update query_config.c by Manuel Pégourié-Gonnard · 6 years ago
  22. aa946b2 Fix failure in SSLv3 per-version suites test by Manuel Pégourié-Gonnard · 6 years ago
  23. 419bd00 Adjust DES exclude lists in test scripts by Andres Amaya Garcia · 6 years ago
  24. f8dffb3 Clarify 3DES changes in ChangeLog by Andres Amaya Garcia · 6 years ago
  25. bdfba79 Fix documentation for 3DES removal by Andres Amaya Garcia · 6 years ago
  26. 2dadab7 Exclude 3DES tests in test scripts by Andres Amaya Garcia · 7 years ago
  27. 22a8905 Fix wording of ChangeLog and 3DES_REMOVE docs by Andres Amaya Garcia · 7 years ago
  28. 4a51228 Reduce priority of 3DES ciphersuites by Andres Amaya Garcia · 7 years ago
  29. 84d9d27 Fix unused variable warning in ssl_parse_certificate_coordinate() by Hanno Becker · 6 years ago
  30. 1e198f5 Update the crypto submodule to a78c958 by Simon Butcher · 6 years ago
  31. ce04951 Fix ChangeLog entry to correct release version by Andres Amaya Garcia · 6 years ago
  32. 412ddf3 Fix typo in x509write test data by Andres Amaya Garcia · 6 years ago
  33. d588ff7 Add ChangeLog entry for unused bits in bitstrings by Andres Amaya Garcia · 7 years ago
  34. d8233f7 Improve docs for named bitstrings and their usage by Andres Amaya Garcia · 7 years ago
  35. 7067f81 Add tests for (named) bitstring to suite_asn1write by Andres Amaya Garcia · 7 years ago
  36. 6e95914 Add new function mbedtls_asn1_write_named_bitstring() by Andres Amaya Garcia · 7 years ago
  37. bdf75eb Add missing compile time guard in ssl_client2 by Hanno Becker · 6 years ago
  38. 775655e Update programs/ssl/query_config.c by Hanno Becker · 6 years ago
  39. 23699ef ssl_client2: Reset peer CRT info string on reconnect by Hanno Becker · 6 years ago
  40. bd5580a Add further debug statements on assertion failures by Hanno Becker · 6 years ago
  41. 353a6f0 Fix typo in documentation of ssl_parse_certificate_chain() by Hanno Becker · 6 years ago
  42. 62d58ed Add debug output in case of assertion failure by Hanno Becker · 6 years ago
  43. 6883874 Fix typo in SSL ticket documentation by Hanno Becker · 6 years ago
  44. fe4ef0c Add config sanity check for !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE by Hanno Becker · 6 years ago
  45. a1051b4 ssl_client2: Zeroize peer CRT info buffer when reconnecting by Hanno Becker · 6 years ago
  46. fe9aec4 Reintroduce numerous ssl-opt.sh tests if !MBEDTLS_SSL_KEEP_PEER_CERT by Hanno Becker · 6 years ago
  47. a9766c2c ssl_client2: Extract peer CRT info from verification callback by Hanno Becker · 6 years ago
  48. 958efeb Improve documentation of mbedtls_ssl_get_peer_cert() by Hanno Becker · 6 years ago
  49. fd7f298 Improve documentation of MBEDTLS_SSL_KEEP_PEER_CERTIFICATE by Hanno Becker · 6 years ago
  50. 3fd3f5e Fix indentation of Doxygen comment in ssl_internal.h by Hanno Becker · 6 years ago
  51. accc599 Set peer CRT length only after successful allocation by Hanno Becker · 6 years ago
  52. 3acc9b9 Remove question in comment about verify flags on cli vs. server by Hanno Becker · 6 years ago
  53. 1aed777 Remove misleading and redundant guard around restartable ECC field by Hanno Becker · 6 years ago
  54. 545ced4 Add test for !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE to all.sh by Hanno Becker · 6 years ago
  55. 6b8fbab Free peer CRT chain immediately after verifying it by Hanno Becker · 6 years ago
  56. 0056eab Parse peer's CRT chain in-place from the input buffer by Hanno Becker · 6 years ago
  57. ae553dd Free peer's public key as soon as it's no longer needed by Hanno Becker · 6 years ago
  58. b9d4479 Correct compile-time guards for ssl_clear_peer_cert() by Hanno Becker · 6 years ago
  59. e31505d Adapt ChangeLog by Hanno Becker · 6 years ago
  60. e682457 Guard mbedtls_ssl_get_peer_cert() by new compile-time option by Hanno Becker · 6 years ago
  61. d0aac14 Add dependency to ssl-opt.sh tests which need peer CRT debug info by Hanno Becker · 6 years ago
  62. b6c5eca Adapt mbedtls_ssl_parse_certificate() to removal of peer_cert field by Hanno Becker · 6 years ago
  63. 13c327d Adapt ssl_clear_peer_cert() to removal of `peer_cert` field by Hanno Becker · 6 years ago
  64. 6d1986e Adapt mbedtls_ssl_session_copy() to removal of `peer_cert` field by Hanno Becker · 6 years ago
  65. 94cc26d Adapt session ticket implementation to removal of `peer_cert` field by Hanno Becker · 6 years ago
  66. abe6f66 Remove peer CRT from mbedtls_ssl_session if new option is disabled by Hanno Becker · 6 years ago
  67. 2a831a4 Adapt client auth detection in ssl_parse_certificate_verify() by Hanno Becker · 6 years ago
  68. 57b33c9 Use mbedtls_ssl_get_peer_cert() to query peer cert in cert_app by Hanno Becker · 6 years ago
  69. a1ab9be Adapt server-side signature verification to use raw public key by Hanno Becker · 6 years ago
  70. a6899bb Adapt client-side signature verification to use raw public key by Hanno Becker · 6 years ago
  71. be7f508 Adapt ssl_get_ecdh_params_from_cert() to use raw public key by Hanno Becker · 6 years ago
  72. c7d7e29 Adapt ssl_write_encrypted_pms() to use raw public key by Hanno Becker · 6 years ago
  73. a274753 Make a copy of peer's raw public key after verifying its CRT chain by Hanno Becker · 6 years ago
  74. 7517312 Add field for peer's raw public key to TLS handshake param structure by Hanno Becker · 6 years ago
  75. 494dd7a Add raw public key buffer bounds to mbedtls_x509_crt struct by Hanno Becker · 6 years ago
  76. a887d1a Remove peer CRT from cache if !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE by Hanno Becker · 6 years ago
  77. c966bd1 Remove peer CRT from tickets if !MBEDTLS_SSL_KEEP_PEER_CERTIFICATE by Hanno Becker · 6 years ago
  78. c5fcbb3 Add peer CRT digest to session tickets by Hanno Becker · 6 years ago
  79. 3dad311 Parse and verify peer CRT chain in local variable by Hanno Becker · 7 years ago
  80. 177475a Mitigate triple handshake attack by comparing digests only by Hanno Becker · 7 years ago
  81. 6bbd94c Compute digest of peer's end-CRT in mbedtls_ssl_parse_certificate() by Hanno Becker · 7 years ago
  82. 9198ad1 Extend mbedtls_ssl_session by buffer holding peer CRT digest by Hanno Becker · 7 years ago
  83. 8d84fd8 Update version_features.c by Hanno Becker · 6 years ago
  84. bb278f5 Add configuration option to remove peer CRT after handshake by Hanno Becker · 7 years ago
  85. 4a82c1c Improve documentation of mbedtls_ssl_get_peer_cert() by Hanno Becker · 7 years ago
  86. 8273df8 Re-classify errors on missing peer CRT by Hanno Becker · 6 years ago
  87. 0329f75 Increase robustness and documentation of ticket implementation by Hanno Becker · 6 years ago
  88. aee8717 Simplify session cache implementation via mbedtls_ssl_session_copy() by Hanno Becker · 6 years ago
  89. 52055ae Give ssl_session_copy() external linkage by Hanno Becker · 6 years ago
  90. c7bd780 Allow passing any X.509 CRT chain to ssl_parse_certificate_chain() by Hanno Becker · 7 years ago
  91. 6863619 Introduce helper function for peer CRT chain verification by Hanno Becker · 7 years ago
  92. fcd9e71 Don't progress TLS state machine on peer CRT chain parsing error by Hanno Becker · 7 years ago
  93. 77adddc Make use of macro and helper detecting whether CertRequest allowed by Hanno Becker · 6 years ago
  94. 28f2fcd Add helper function to check whether a CRT msg is expected by Hanno Becker · 6 years ago
  95. 7177a88 Introduce helper function to determine whether suite uses server CRT by Hanno Becker · 7 years ago
  96. 2148993 Use helper macro to detect whether some ciphersuite uses CRTs by Hanno Becker · 7 years ago
  97. 6bdfab2 Unify state machine update in mbedtls_ssl_parse_certificate() by Hanno Becker · 7 years ago
  98. 7a955a0 Clear peer's CRT chain outside before parsing new one by Hanno Becker · 7 years ago
  99. 4a55f63 Introduce helper to check for no-CRT notification from client by Hanno Becker · 7 years ago
  100. a028c5b Introduce CRT counter to CRT chain parsing function by Hanno Becker · 7 years ago