Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | build: fix make distclean by including src/gl only oncegnutls_3_4_8 | Nikos Mavrogiannopoulos | 2016-01-08 | 2 | -2/+3 |
| | |||||
* | symbols.last: added new symbol | Nikos Mavrogiannopoulos | 2016-01-08 | 1 | -0/+1 |
| | |||||
* | bumped version | Nikos Mavrogiannopoulos | 2016-01-08 | 3 | -4/+4 |
| | |||||
* | trust_list_get_issuer_by_dn: fixed check for DN or SPKI | Nikos Mavrogiannopoulos | 2016-01-07 | 1 | -19/+19 |
| | |||||
* | symbols.last: don't include internal symbols into exported list | Nikos Mavrogiannopoulos | 2016-01-07 | 1 | -1/+1 |
| | |||||
* | updated auto-generated files | Nikos Mavrogiannopoulos | 2016-01-07 | 3 | -17/+3 |
| | |||||
* | configure: no longer distribute lzip tarballs | Nikos Mavrogiannopoulos | 2016-01-07 | 1 | -1/+1 |
| | |||||
* | tests: updated to account for cert generation after ↵ | Nikos Mavrogiannopoulos | 2016-01-05 | 8 | -67/+67 |
| | | | | 2adb9b2bfb31afebbdd9f990e2b74c9a3d4e5c57 fix | ||||
* | doc update | Nikos Mavrogiannopoulos | 2016-01-04 | 1 | -0/+3 |
| | |||||
* | Fix out-of-bounds read in gnutls_x509_ext_export_key_usage | Tim Kosse | 2016-01-04 | 1 | -1/+1 |
| | |||||
* | .gitlab-ci.yml: optimized build process | Nikos Mavrogiannopoulos | 2015-12-31 | 1 | -2/+2 |
| | | | | That is, in slow asan and valgrind builds don't check the full test suite. | ||||
* | doc update [ci skip] | Nikos Mavrogiannopoulos | 2015-12-31 | 1 | -0/+3 |
| | |||||
* | doc update [ci skip] | Nikos Mavrogiannopoulos | 2015-12-31 | 1 | -2/+3 |
| | |||||
* | gnutls_pkcs11_copy_x509_privkey2: corrected the writing of ECC private key | Nikos Mavrogiannopoulos | 2015-12-31 | 1 | -1/+1 |
| | |||||
* | tests: pkcs11-pubkey-import will check both RSA and ECDSA keys | Nikos Mavrogiannopoulos | 2015-12-31 | 4 | -13/+102 |
| | |||||
* | gnutls_pkcs11_copy_x509_privkey2: corrected the type of the written object | Nikos Mavrogiannopoulos | 2015-12-31 | 1 | -5/+5 |
| | | | | Previously only RSA objects were correctly written. | ||||
* | tests: added ECDSA key in cert-common.h | Nikos Mavrogiannopoulos | 2015-12-31 | 1 | -0/+26 |
| | |||||
* | pkcs11: import public keys from any available object | Nikos Mavrogiannopoulos | 2015-12-31 | 1 | -15/+56 |
| | | | | | | | That is, load public keys from the public key object, or the certificate object if they are present. That affects non-RSA public keys which do not contain all required fields on the private key object. | ||||
* | session DB: made the magic number depending on gnutls' version | Nikos Mavrogiannopoulos | 2015-12-31 | 1 | -1/+1 |
| | | | | | That will make sure that sessions not stored by this version of gnutls will not be resumed by another (which may be incompatible). | ||||
* | Fix some typos [ci skip] | Andreas Metzler | 2015-12-27 | 7 | -8/+8 |
| | |||||
* | NEWS: doc update [ci skip] | Nikos Mavrogiannopoulos | 2015-12-24 | 1 | -0/+3 |
| | |||||
* | max_record: don't consider this extension on DTLS | Nikos Mavrogiannopoulos | 2015-12-24 | 1 | -0/+6 |
| | | | | | That is because it doesn't work as expected, and does not fragment handshake messages. Relates with #61 | ||||
* | updated documentation on supported algorithms [ci skip] | Nikos Mavrogiannopoulos | 2015-12-22 | 2 | -17/+25 |
| | |||||
* | Added SHA384 to the list of TLS support MAC algorithms | Nikos Mavrogiannopoulos | 2015-12-22 | 1 | -3/+6 |
| | |||||
* | tests: don't run the no-signal test in systems which MSG_NOSIGNAL is not ↵ | Nikos Mavrogiannopoulos | 2015-12-18 | 1 | -11/+21 |
| | | | | available | ||||
* | doc: manpages: remove generated tpmtool.1 page | Nikos Mavrogiannopoulos | 2015-12-18 | 1 | -229/+0 |
| | |||||
* | .gitignore: add m4/extern-inline.m4 | Alon Bar-Lev | 2015-12-18 | 1 | -0/+1 |
| | |||||
* | doc update | Nikos Mavrogiannopoulos | 2015-12-17 | 1 | -2/+2 |
| | |||||
* | tests: added check to verify that the PKCS#7 embedded data are recovered as ↵ | Nikos Mavrogiannopoulos | 2015-12-17 | 1 | -0/+16 |
| | | | | expected | ||||
* | certtool: introduced the --p7-show-data option | Nikos Mavrogiannopoulos | 2015-12-17 | 2 | -6/+50 |
| | | | | | This option allows printing the embedded data in a PKCS#7 signed structure. | ||||
* | gnutls_pkcs7_get_embedded_data: added function | Nikos Mavrogiannopoulos | 2015-12-17 | 3 | -0/+62 |
| | | | | | This function allows extracting the embedded data from a PKCS#7 signed structure. | ||||
* | tests: updated pkcs7-gen to account for content-type attribute | Nikos Mavrogiannopoulos | 2015-12-16 | 1 | -2/+14 |
| | |||||
* | doc update | Nikos Mavrogiannopoulos | 2015-12-16 | 1 | -0/+3 |
| | |||||
* | tests: check whether the content-type attribute is set if we sign using time | Nikos Mavrogiannopoulos | 2015-12-16 | 1 | -0/+7 |
| | |||||
* | pkcs7: set by default the content type attribute | Nikos Mavrogiannopoulos | 2015-12-16 | 1 | -1/+45 |
| | | | | That is a requirement of rfc5652. Relates #59 | ||||
* | pkcs7: use the PK_PKIX1_RSA_OID when writing RSA signature OIDs for PKCS#7 ↵ | Nikos Mavrogiannopoulos | 2015-12-16 | 5 | -7/+18 |
| | | | | | | | structures That is because there are implementations which cannot cope with the normal RSA signature OIDs. Relates #59 | ||||
* | pkcs7: Disable the optional fields prior to generating the PKCS#7 structure | Nikos Mavrogiannopoulos | 2015-12-16 | 2 | -2/+25 |
| | | | | | This resolves issue with our PKCS#7 structures not being parsed by MacOSX' tools. Relates #59 | ||||
* | certtool: warn if an ECDSA key is marked for encryption | Nikos Mavrogiannopoulos | 2015-12-15 | 1 | -4/+10 |
| | |||||
* | certtool: corrected invalid free | Nikos Mavrogiannopoulos | 2015-12-15 | 1 | -2/+2 |
| | |||||
* | make sure gnutls_assert is present at the cases where ↵ | Nikos Mavrogiannopoulos | 2015-12-15 | 3 | -31/+28 |
| | | | | GNUTLS_E_INTERNAL_ERROR is returned | ||||
* | configure: really make --disable-crywrap work | Gustavo Zacarias | 2015-12-15 | 1 | -5/+4 |
| | | | | | | | | | The crywrap variable is set regardless of the state of enable_crywrap, hence --disable-crywrap never works. Just put the tests for crywrap deps inside the enable_crywrap conditional. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> | ||||
* | doc update | Nikos Mavrogiannopoulos | 2015-12-14 | 1 | -0/+3 |
| | |||||
* | updated chacha20 ciphers to conform to latest draft | Nikos Mavrogiannopoulos | 2015-12-14 | 1 | -8/+8 |
| | |||||
* | Modified the CHACHA20 cipher to conform to draft-ietf-tls-chacha20-poly1305-02 | Nikos Mavrogiannopoulos | 2015-12-14 | 6 | -82/+87 |
| | |||||
* | gnutls-cli-debug: rephrased inappropriate fallback test description to match ↵ | Nikos Mavrogiannopoulos | 2015-12-13 | 1 | -1/+1 |
| | | | | the rest | ||||
* | doc update | Nikos Mavrogiannopoulos | 2015-12-13 | 1 | -0/+2 |
| | |||||
* | .gitlab-ci.yml: valgrind build was moved at the end as it is the slowest build | Nikos Mavrogiannopoulos | 2015-12-13 | 1 | -9/+9 |
| | |||||
* | certtool: the --p7-include-cert option is enabled by default | Nikos Mavrogiannopoulos | 2015-12-13 | 2 | -2/+4 |
| | | | | | This allows to generate PKCS#7 structures by default that can be read by iOS. | ||||
* | #56 Feature: certtool --p7-sign support GNUTLS_PKCS7_INCLUDE_CERT | sskaje | 2015-12-13 | 2 | -0/+10 |
| | |||||
* | Do not allow importing public keys from PKCS #11 private keys for DSA and ECDSA | Nikos Mavrogiannopoulos | 2015-12-08 | 1 | -0/+8 |
| | | | | | This prevents the reading of the public key when non-RSA keys are available. This is a much cleaner approach than 5a4e692511dc3a829eda0d7c5a87e56cbc2055f0. |