Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | .gitlab-ci.yml: added zlib dependencytmp-debian-build-fix | Nikos Mavrogiannopoulos | 2016-11-29 | 1 | -1/+1 |
| | |||||
* | .gitlab-ci.yml: fixed artifacts paths for Debian buildtmp-uninorm-advanced | Nikos Mavrogiannopoulos | 2016-11-28 | 1 | -1/+1 |
| | |||||
* | tests: str-unicode: check whether exceptions are tolerated on decryption | Nikos Mavrogiannopoulos | 2016-11-28 | 1 | -1/+9 |
| | |||||
* | tests: added exception and join control characters in str-unicode | Nikos Mavrogiannopoulos | 2016-11-28 | 1 | -0/+10 |
| | |||||
* | unistring: added property-join-control | Nikos Mavrogiannopoulos | 2016-11-28 | 6 | -3/+232 |
| | |||||
* | unistring: added default_ignorable_code_point and not_a_character tests | Nikos Mavrogiannopoulos | 2016-11-28 | 8 | -4/+905 |
| | |||||
* | unistring: added NFKC normalization | Nikos Mavrogiannopoulos | 2016-11-28 | 8 | -5/+912 |
| | |||||
* | unistring: included all possible categories for simplicity and extensibility | Nikos Mavrogiannopoulos | 2016-11-28 | 86 | -1/+17372 |
| | |||||
* | tests: enhanced str-unicode with more char sets | Nikos Mavrogiannopoulos | 2016-11-28 | 1 | -1/+15 |
| | |||||
* | gnutls_utf8_password_normalize: perform more strict check on input characters | Nikos Mavrogiannopoulos | 2016-11-28 | 3 | -13/+164 |
| | | | | | That is, ensure that the input characters are in the valid class of characters for the PRECIS FreeformClass. | ||||
* | tests: fixed str-unicode tests with control characters | Nikos Mavrogiannopoulos | 2016-11-28 | 1 | -2/+2 |
| | |||||
* | gnutls_utf8_password_normalize: avoid use of strlen() | Nikos Mavrogiannopoulos | 2016-11-28 | 1 | -7/+6 |
| | |||||
* | tests: added pkcs12 file with long password | Nikos Mavrogiannopoulos | 2016-11-28 | 3 | -2/+2 |
| | |||||
* | renamed system/iconv.c -> str-iconv.ctmp-idna-print | Nikos Mavrogiannopoulos | 2016-11-25 | 2 | -1/+1 |
| | | | | | | We no longer use the system's functionality for converting between charsets (we use libunistring), hence it is no longer suitable for the wrappers to stay in system/. | ||||
* | x509: when printing ACE DNSnames ensure the actual name is also printed | Nikos Mavrogiannopoulos | 2016-11-25 | 1 | -7/+17 |
| | |||||
* | tests: added unit tests of of _gnutls_idna_reverse_map | Nikos Mavrogiannopoulos | 2016-11-25 | 1 | -16/+33 |
| | |||||
* | introduced _gnutls_idna_reverse_map() | Nikos Mavrogiannopoulos | 2016-11-25 | 3 | -0/+66 |
| | | | | This function allows mapping ACE formatted domains to UTF-8. | ||||
* | Combined checks for printable characterstmp-idna-write | Nikos Mavrogiannopoulos | 2016-11-25 | 2 | -20/+6 |
| | |||||
* | doc update | Nikos Mavrogiannopoulos | 2016-11-25 | 1 | -0/+4 |
| | |||||
* | tests: updated crt_apis to include setting UTF-8 SAN | Nikos Mavrogiannopoulos | 2016-11-25 | 1 | -1/+54 |
| | |||||
* | tests: updated crq_apis to include setting UTF-8 SAN | Nikos Mavrogiannopoulos | 2016-11-25 | 1 | -17/+62 |
| | |||||
* | gnutls_idna_map: check for printable data prior to mapping | Nikos Mavrogiannopoulos | 2016-11-25 | 1 | -0/+4 |
| | |||||
* | gnutls_x509_aia_set: IDNA encode when needed | Nikos Mavrogiannopoulos | 2016-11-25 | 3 | -31/+47 |
| | |||||
* | When writing alternative names to certificates ensure we write in ACE format | Nikos Mavrogiannopoulos | 2016-11-25 | 11 | -16/+129 |
| | |||||
* | doc update | Nikos Mavrogiannopoulos | 2016-11-25 | 1 | -0/+4 |
| | |||||
* | tests: added pkcs7 verification with struct generated from openssl (with keyid) | Nikos Mavrogiannopoulos | 2016-11-25 | 4 | -3/+107 |
| | |||||
* | tests: added pkcs7 verification with struct generated from openssl | Nikos Mavrogiannopoulos | 2016-11-25 | 4 | -3/+101 |
| | |||||
* | doc: added certificate for ECC with any purpose | Nikos Mavrogiannopoulos | 2016-11-25 | 2 | -1/+18 |
| | |||||
* | pkcs7: return GNUTLS_E_PK_SIG_VERIFY_FAILED on hash mismatch | Nikos Mavrogiannopoulos | 2016-11-25 | 3 | -1/+8 |
| | | | | In addition introduce a new error code to warn about no embedded data. | ||||
* | pkcs7: only print signer's issuer DN when DN has contents | Nikos Mavrogiannopoulos | 2016-11-25 | 1 | -1/+2 |
| | |||||
* | pkcs7: added recursive discovery of structure's signer | Nikos Mavrogiannopoulos | 2016-11-25 | 1 | -94/+282 |
| | | | | | This uses the PKCS#7 certificate list as a pool of certificates to generate a certificate chain that leads to our root CAs. | ||||
* | pkcs7: on data verification failure log the signer | Nikos Mavrogiannopoulos | 2016-11-25 | 1 | -0/+1 |
| | |||||
* | tests: added complex verification example using PKCS#7 | Nikos Mavrogiannopoulos | 2016-11-25 | 4 | -2/+193 |
| | | | | That uses multiple intermediate certificates from the PKCS#7 structure. | ||||
* | doc: updated gnutls_x509_trust_list_verify_crt2() | Nikos Mavrogiannopoulos | 2016-11-25 | 1 | -10/+13 |
| | |||||
* | pkcs7: pass the verification flags down to ↵ | Nikos Mavrogiannopoulos | 2016-11-25 | 1 | -2/+3 |
| | | | | | | | gnutls_x509_trust_list_verify_crt2, in find_signer() This allows for flags like GNUTLS_VERIFY_DISABLE_TIME_CHECKS to apply when verifying PKCS#7 structures. | ||||
* | pkcs7: corrected iteration over stored certificates | Nikos Mavrogiannopoulos | 2016-11-25 | 1 | -1/+1 |
| | | | | | This allows to use all possibly stored certificates on chain discovery, not only the first. | ||||
* | pkcs7: added debug logging on verification discovery | Nikos Mavrogiannopoulos | 2016-11-25 | 1 | -0/+3 |
| | |||||
* | errors.h: added _gnutls_reason_log | Nikos Mavrogiannopoulos | 2016-11-25 | 1 | -0/+12 |
| | |||||
* | errors.h: added _gnutls_cert_log | Nikos Mavrogiannopoulos | 2016-11-25 | 1 | -0/+13 |
| | | | | This log function allows to easily log the name of a certificate. | ||||
* | certtool: One if check is enough | Andreas Schneider | 2016-11-24 | 1 | -6/+4 |
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> | ||||
* | corrected log message [ci skip] | Nikos Mavrogiannopoulos | 2016-11-24 | 1 | -2/+2 |
| | |||||
* | gnutls_idna_map was prefixed with underscore to avoid clashes with exported ↵tmp-mini-idna2003-update | Nikos Mavrogiannopoulos | 2016-11-23 | 4 | -10/+11 |
| | | | | symbols | ||||
* | more files to ignore | Nikos Mavrogiannopoulos | 2016-11-23 | 1 | -0/+16 |
| | |||||
* | avoid the use of c_isascii() and use c_isprint() | Nikos Mavrogiannopoulos | 2016-11-23 | 3 | -3/+3 |
| | | | | | That latter detects correctly the printable characters we are interested in. | ||||
* | tests: added unit tests for gnutls_idna_map() | Nikos Mavrogiannopoulos | 2016-11-23 | 2 | -1/+97 |
| | |||||
* | IDNA code re-organization | Nikos Mavrogiannopoulos | 2016-11-23 | 11 | -159/+168 |
| | | | | | | That introduces the internal function gnutls_idna_map(), which utilizes libidn and libunistring to convert hostnames to IDNA ACE form. | ||||
* | tests: updated outputs to reflect new fingerprint/keyid formatstmp-add-sha256 | Nikos Mavrogiannopoulos | 2016-11-22 | 14 | -58/+58 |
| | |||||
* | tests: made tmp files unique | Nikos Mavrogiannopoulos | 2016-11-22 | 2 | -10/+11 |
| | |||||
* | doc update | Nikos Mavrogiannopoulos | 2016-11-22 | 1 | -0/+6 |
| | |||||
* | Align the printing of a certificate's fingerprint with the key ID printing | Nikos Mavrogiannopoulos | 2016-11-22 | 1 | -12/+21 |
| |