aboutsummaryrefslogtreecommitdiff
AgeCommit message (Expand)AuthorFilesLines
2019-02-26Remove peer CRT from mbedtls_ssl_session if new option is disabledHanno Becker1-2/+3
2019-02-26Adapt client auth detection in ssl_parse_certificate_verify()Hanno Becker1-2/+17
2019-02-26Use mbedtls_ssl_get_peer_cert() to query peer cert in cert_appHanno Becker1-1/+5
2019-02-26Adapt server-side signature verification to use raw public keyHanno Becker1-4/+15
2019-02-26Adapt client-side signature verification to use raw public keyHanno Becker1-3/+9
2019-02-26Adapt ssl_get_ecdh_params_from_cert() to use raw public keyHanno Becker1-3/+8
2019-02-26Adapt ssl_write_encrypted_pms() to use raw public keyHanno Becker1-3/+8
2019-02-26Make a copy of peer's raw public key after verifying its CRT chainHanno Becker1-0/+18
2019-02-26Add field for peer's raw public key to TLS handshake param structureHanno Becker2-0/+14
2019-02-26Add raw public key buffer bounds to mbedtls_x509_crt structHanno Becker2-0/+3
2019-02-26Remove peer CRT from cache if !MBEDTLS_SSL_KEEP_PEER_CERTIFICATEHanno Becker2-9/+14
2019-02-26Remove peer CRT from tickets if !MBEDTLS_SSL_KEEP_PEER_CERTIFICATEHanno Becker1-10/+18
2019-02-26Add peer CRT digest to session ticketsHanno Becker1-3/+59
2019-02-26Parse and verify peer CRT chain in local variableHanno Becker2-17/+50
2019-02-26Mitigate triple handshake attack by comparing digests onlyHanno Becker1-0/+31
2019-02-26Compute digest of peer's end-CRT in mbedtls_ssl_parse_certificate()Hanno Becker1-0/+27
2019-02-26Extend mbedtls_ssl_session by buffer holding peer CRT digestHanno Becker2-1/+51
2019-02-26Update version_features.cHanno Becker1-0/+3
2019-02-26Add configuration option to remove peer CRT after handshakeHanno Becker2-2/+28
2019-02-26Improve documentation of mbedtls_ssl_get_peer_cert()Hanno Becker1-12/+28
2019-02-26Re-classify errors on missing peer CRTHanno Becker1-8/+6
2019-02-26Increase robustness and documentation of ticket implementationHanno Becker1-5/+14
2019-02-26Simplify session cache implementation via mbedtls_ssl_session_copy()Hanno Becker1-12/+34
2019-02-26Give ssl_session_copy() external linkageHanno Becker2-5/+8
2019-02-26Allow passing any X.509 CRT chain to ssl_parse_certificate_chain()Hanno Becker1-45/+39
2019-02-26Introduce helper function for peer CRT chain verificationHanno Becker1-135/+150
2019-02-26Don't progress TLS state machine on peer CRT chain parsing errorHanno Becker1-1/+1
2019-02-26Make use of macro and helper detecting whether CertRequest allowedHanno Becker2-69/+15
2019-02-26Add helper function to check whether a CRT msg is expectedHanno Becker1-20/+42
2019-02-26Introduce helper function to determine whether suite uses server CRTHanno Becker2-17/+22
2019-02-26Use helper macro to detect whether some ciphersuite uses CRTsHanno Becker1-15/+3
2019-02-26Unify state machine update in mbedtls_ssl_parse_certificate()Hanno Becker1-17/+12
2019-02-26Clear peer's CRT chain outside before parsing new oneHanno Becker1-3/+3
2019-02-26Introduce helper to check for no-CRT notification from clientHanno Becker1-54/+55
2019-02-26Introduce CRT counter to CRT chain parsing functionHanno Becker1-2/+2
2019-02-26Introduce helper function to clear peer CRT from session structureHanno Becker1-15/+14
2019-02-26Break overly long line in definition of mbedtls_ssl_get_session()Hanno Becker1-1/+2
2019-02-26Don't reuse CRT from initial handshake during renegotiationHanno Becker1-11/+5
2019-02-22Merge remote-tracking branch 'origin/pr/2338' into developmentJaeden Amero7-45/+441
2019-02-22Merge remote-tracking branch 'origin/pr/2427' into developmentJaeden Amero1-0/+2
2019-02-22Merge remote-tracking branch 'origin/pr/2460' into developmentJaeden Amero1-14/+14
2019-02-22Fix typo in check_config.hHanno Becker1-1/+1
2019-02-22crypto: Update submodule to Mbed Crypto 1.0.0d6Jaeden Amero1-14/+14
2019-02-22Merge remote-tracking branch 'origin/pr/2105' into developmentJaeden Amero20-15/+3109
2019-02-22Merge remote-tracking branch 'origin/pr/2454' into developmentJaeden Amero4-6/+6
2019-02-22Merge remote-tracking branch 'origin/pr/2391' into developmentJaeden Amero3-68/+122
2019-02-22Merge remote-tracking branch 'origin/pr/2411' into developmentJaeden Amero9-34/+139
2019-02-22Merge remote-tracking branch 'origin/pr/2407' into developmentJaeden Amero2-1/+3
2019-02-22Merge remote-tracking branch 'origin/pr/2383' into developmentJaeden Amero3-396/+45
2019-02-22Disable restartable ECC in full config PSA test in all.shHanno Becker1-0/+1
generated by cgit v1.1 at 2024-07-11 10:25:46 +0000