TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-04-06 20:46:32 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
d48a4a62ddd1cdfedb5d4319ce7b34326f541b2a
mbedtls/library
History
Andres Amaya Garcia d48a4a62dd Idenfity relationship between OCSP issuer and cert 
Add code to identify the relationship between the OCSP request issuer
certificate and the certificate whose status was requested. According
to RFC 6960 Section 4.2.2.2 the OCSP response issuer can be:

 1. A locally configured signing authority.
    - This has not been implemented at this stage
 2. The certificate of the CA that issued the certificate in question
 3. A certificate that includes the value of id-kp-OCSPSigning in an
    extended key usage extension and is issued by the CA that issued
    the certificate in question

Note that at this stage the relationship between the certificates has
only been validated based on the information supplied within the OCSP
response.
2018-01-18 22:03:29 +00:00
..
.gitignore
Split libs with make + general make cleanups
2015-06-25 10:59:56 +02:00
aes.c
Export mbedtls_aes_(en/de)crypt to retain for API compatibility
2017-07-27 21:44:33 +01:00
aesni.c
Fix build errors on x32 by using the generic 'add' instruction
2016-05-23 14:29:28 +01:00
arc4.c
Adds casts to zeroize functions to allow building as C++
2016-05-23 14:29:32 +01:00
asn1parse.c
Fix 1 byte overread in mbedtls_asn1_get_int()
2016-10-13 13:54:14 +01:00
asn1write.c
Add mbedtls_asn1_write_len() support for 3 and 4 byte lengths
2016-08-25 15:42:27 +01:00
base64.c
Add comment to integer overflow fix in base64.c
2017-02-15 23:31:07 +02:00
bignum.c
Merge remote-tracking branch 'hanno/mpi_read_file_underflow' into development
2017-06-08 19:48:03 +02:00
blowfish.c
Adds casts to zeroize functions to allow building as C++
2016-05-23 14:29:32 +01:00
camellia.c
Address user reported coverity issues.
2016-06-07 14:52:35 +01:00
ccm.c
Adds casts to zeroize functions to allow building as C++
2016-05-23 14:29:32 +01:00
certs.c
Undo API change from SHA1 deprecation
2017-07-27 21:44:33 +01:00
cipher_wrap.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
cipher.c
Fix integer overflows in buffer bound checks
2017-02-15 23:31:07 +02:00
cmac.c
Rename time and index parameter to avoid name conflict.
2017-07-28 22:28:08 +01:00
CMakeLists.txt
Add OCSP parsing files as part of the X509 module
2017-11-11 12:44:26 +00:00
ctr_drbg.c
Fix integer overflows in buffer bound checks
2017-02-15 23:31:07 +02:00
debug.c
Fix compiler warning in debug.c
2017-02-15 09:08:26 +00:00
des.c
Adds casts to zeroize functions to allow building as C++
2016-05-23 14:29:32 +01:00
dhm.c
Check return code of mbedtls_mpi_fill_random
2017-07-27 21:44:33 +01:00
ecdh.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
ecdsa.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
ecjpake.c
Fix potential stack buffer overflow in ecjpake
2015-10-20 16:20:56 +02:00
ecp_curves.c
ECP: Add module and function level replacement options.
2017-05-11 22:42:14 +01:00
ecp.c
Check return code of mbedtls_mpi_fill_random
2017-07-27 21:44:33 +01:00
entropy_poll.c
Renames null entropy source function for clarity
2016-06-12 00:31:33 +01:00
entropy.c
Rename time and index parameter to avoid name conflict.
2017-07-28 22:28:08 +01:00
error.c
Relocate OCSP and CRL errors to x509.h
2017-11-11 12:49:19 +00:00
gcm.c
fix for issue 1118: check if iv is zero in gcm.
2017-07-27 21:44:33 +01:00
havege.c
Fixes warnings found by Clang static analyser
2016-05-23 23:18:26 +01:00
hmac_drbg.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
Makefile
Add OCSP parsing files as part of the X509 module
2017-11-11 12:44:26 +00:00
md2.c
Fix integer overflows in buffer bound checks
2017-02-15 23:31:07 +02:00
md4.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
md5.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
md_wrap.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
md.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
memory_buffer_alloc.c
Fixes memory leak in memory_buffer_alloc.c debug
2016-05-23 14:29:29 +01:00
net_sockets.c
Fix typo and bracketing in macro args
2017-10-12 23:21:37 +01:00
oid.c
Add informational string for SingleResponse in OCSP
2017-11-11 12:49:19 +00:00
padlock.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
pem.c
Fix unused variable/function compilation warnings
2017-02-15 22:54:42 +02:00
pk_wrap.c
Fix data loss in unsigned int cast in PK
2017-05-11 21:55:17 +01:00
pk.c
Fix data loss in unsigned int cast in PK
2017-05-11 21:55:17 +01:00
pkcs5.c
Fix output of PKCS#5 and RIPEMD-160 self tests
2016-08-25 16:36:35 +01:00
pkcs11.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
pkcs12.c
Shut up a few clang-analyze warnings about use of uninitialized variables
2016-05-23 14:29:28 +01:00
pkparse.c
Store raw SubjectPublicKeyInfo when parsing cert
2018-01-18 22:03:28 +00:00
pkwrite.c
Fix other occurrences of same bounds check issue
2015-10-21 12:50:45 +02:00
platform.c
Rename macro SETUP_ALT to SETUP_TEARDOWN_ALT
2017-07-27 21:44:33 +01:00
ripemd160.c
Fix output of PKCS#5 and RIPEMD-160 self tests
2016-08-25 16:36:35 +01:00
rsa.c
Merge remote-tracking branch 'restricted/iotssl-1138-rsa-padding-check-restricted' into development-restricted
2017-06-08 20:31:06 +02:00
sha1.c
Adds casts to zeroize functions to allow building as C++
2016-05-23 14:29:32 +01:00
sha256.c
Use allocated memory for SHA self tests
2016-10-13 15:10:14 +01:00
sha512.c
Use allocated memory for SHA self tests
2016-10-13 15:10:14 +01:00
ssl_cache.c
Fix naked call to time() with platform call
2017-07-28 23:46:43 +01:00
ssl_ciphersuites.c
Undo API change
2017-07-27 21:44:33 +01:00
ssl_cli.c
Always print gmt_unix_time in TLS client
2017-10-06 11:59:13 +01:00
ssl_cookie.c
Fix resource leak when using mutex and ssl_cookie
2017-03-02 12:26:11 +00:00
ssl_srv.c
Parse Signature Algorithm ext when renegotiating
2017-10-12 23:21:37 +01:00
ssl_ticket.c
Puts platform time abstraction into its own header
2016-07-13 14:46:18 +01:00
ssl_tls.c
Enhance documentation of ssl_write_hostname_ext, adapt ChangeLog.
2017-10-06 11:58:50 +01:00
threading.c
Remove mutexes from ECP hardware acceleration
2017-07-27 21:44:32 +01:00
timing.c
Give better error messages for semi-portable parts
2016-02-22 10:47:32 +01:00
version_features.c
Run generate_features.pl and generate_visualc_files.pl
2018-01-18 19:45:30 +00:00
version.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00
x509_create.c
Fix other occurrences of same bounds check issue
2015-10-21 12:50:45 +02:00
x509_crl.c
Fix potential integer overflow parsing DER CRL
2017-07-27 21:44:34 +01:00
x509_crt.c
Store raw SubjectPublicKeyInfo when parsing cert
2018-01-18 22:03:28 +00:00
x509_csr.c
Prevent signed integer overflow in CSR parsing
2017-07-27 21:44:34 +01:00
x509_ocsp.c
Idenfity relationship between OCSP issuer and cert
2018-01-18 22:03:29 +00:00
x509.c
Add verification for each OCSP SingleResponse
2018-01-18 22:03:28 +00:00
x509write_crt.c
Rename time and index parameter to avoid name conflict.
2017-07-28 22:28:08 +01:00
x509write_csr.c
Add missing bounds check in X509 DER write funcs
2016-10-11 14:07:48 +01:00
xtea.c
Change main license to Apache 2.0
2015-09-04 14:21:07 +02:00