Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Combined checks for printable characterstmp-idna-write | Nikos Mavrogiannopoulos | 2016-11-25 | 2 | -20/+6 |
| | |||||
* | doc update | Nikos Mavrogiannopoulos | 2016-11-25 | 1 | -0/+4 |
| | |||||
* | tests: updated crt_apis to include setting UTF-8 SAN | Nikos Mavrogiannopoulos | 2016-11-25 | 1 | -1/+54 |
| | |||||
* | tests: updated crq_apis to include setting UTF-8 SAN | Nikos Mavrogiannopoulos | 2016-11-25 | 1 | -17/+62 |
| | |||||
* | gnutls_idna_map: check for printable data prior to mapping | Nikos Mavrogiannopoulos | 2016-11-25 | 1 | -0/+4 |
| | |||||
* | gnutls_x509_aia_set: IDNA encode when needed | Nikos Mavrogiannopoulos | 2016-11-25 | 3 | -31/+47 |
| | |||||
* | When writing alternative names to certificates ensure we write in ACE format | Nikos Mavrogiannopoulos | 2016-11-25 | 11 | -16/+129 |
| | |||||
* | doc update | Nikos Mavrogiannopoulos | 2016-11-25 | 1 | -0/+4 |
| | |||||
* | tests: added pkcs7 verification with struct generated from openssl (with keyid) | Nikos Mavrogiannopoulos | 2016-11-25 | 4 | -3/+107 |
| | |||||
* | tests: added pkcs7 verification with struct generated from openssl | Nikos Mavrogiannopoulos | 2016-11-25 | 4 | -3/+101 |
| | |||||
* | doc: added certificate for ECC with any purpose | Nikos Mavrogiannopoulos | 2016-11-25 | 2 | -1/+18 |
| | |||||
* | pkcs7: return GNUTLS_E_PK_SIG_VERIFY_FAILED on hash mismatch | Nikos Mavrogiannopoulos | 2016-11-25 | 3 | -1/+8 |
| | | | | In addition introduce a new error code to warn about no embedded data. | ||||
* | pkcs7: only print signer's issuer DN when DN has contents | Nikos Mavrogiannopoulos | 2016-11-25 | 1 | -1/+2 |
| | |||||
* | pkcs7: added recursive discovery of structure's signer | Nikos Mavrogiannopoulos | 2016-11-25 | 1 | -94/+282 |
| | | | | | This uses the PKCS#7 certificate list as a pool of certificates to generate a certificate chain that leads to our root CAs. | ||||
* | pkcs7: on data verification failure log the signer | Nikos Mavrogiannopoulos | 2016-11-25 | 1 | -0/+1 |
| | |||||
* | tests: added complex verification example using PKCS#7 | Nikos Mavrogiannopoulos | 2016-11-25 | 4 | -2/+193 |
| | | | | That uses multiple intermediate certificates from the PKCS#7 structure. | ||||
* | doc: updated gnutls_x509_trust_list_verify_crt2() | Nikos Mavrogiannopoulos | 2016-11-25 | 1 | -10/+13 |
| | |||||
* | pkcs7: pass the verification flags down to ↵ | Nikos Mavrogiannopoulos | 2016-11-25 | 1 | -2/+3 |
| | | | | | | | gnutls_x509_trust_list_verify_crt2, in find_signer() This allows for flags like GNUTLS_VERIFY_DISABLE_TIME_CHECKS to apply when verifying PKCS#7 structures. | ||||
* | pkcs7: corrected iteration over stored certificates | Nikos Mavrogiannopoulos | 2016-11-25 | 1 | -1/+1 |
| | | | | | This allows to use all possibly stored certificates on chain discovery, not only the first. | ||||
* | pkcs7: added debug logging on verification discovery | Nikos Mavrogiannopoulos | 2016-11-25 | 1 | -0/+3 |
| | |||||
* | errors.h: added _gnutls_reason_log | Nikos Mavrogiannopoulos | 2016-11-25 | 1 | -0/+12 |
| | |||||
* | errors.h: added _gnutls_cert_log | Nikos Mavrogiannopoulos | 2016-11-25 | 1 | -0/+13 |
| | | | | This log function allows to easily log the name of a certificate. | ||||
* | certtool: One if check is enough | Andreas Schneider | 2016-11-24 | 1 | -6/+4 |
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> | ||||
* | corrected log message [ci skip] | Nikos Mavrogiannopoulos | 2016-11-24 | 1 | -2/+2 |
| | |||||
* | gnutls_idna_map was prefixed with underscore to avoid clashes with exported ↵tmp-mini-idna2003-update | Nikos Mavrogiannopoulos | 2016-11-23 | 4 | -10/+11 |
| | | | | symbols | ||||
* | more files to ignore | Nikos Mavrogiannopoulos | 2016-11-23 | 1 | -0/+16 |
| | |||||
* | avoid the use of c_isascii() and use c_isprint() | Nikos Mavrogiannopoulos | 2016-11-23 | 3 | -3/+3 |
| | | | | | That latter detects correctly the printable characters we are interested in. | ||||
* | tests: added unit tests for gnutls_idna_map() | Nikos Mavrogiannopoulos | 2016-11-23 | 2 | -1/+97 |
| | |||||
* | IDNA code re-organization | Nikos Mavrogiannopoulos | 2016-11-23 | 11 | -159/+168 |
| | | | | | | That introduces the internal function gnutls_idna_map(), which utilizes libidn and libunistring to convert hostnames to IDNA ACE form. | ||||
* | tests: updated outputs to reflect new fingerprint/keyid formatstmp-add-sha256 | Nikos Mavrogiannopoulos | 2016-11-22 | 14 | -58/+58 |
| | |||||
* | tests: made tmp files unique | Nikos Mavrogiannopoulos | 2016-11-22 | 2 | -10/+11 |
| | |||||
* | doc update | Nikos Mavrogiannopoulos | 2016-11-22 | 1 | -0/+6 |
| | |||||
* | Align the printing of a certificate's fingerprint with the key ID printing | Nikos Mavrogiannopoulos | 2016-11-22 | 1 | -12/+21 |
| | |||||
* | Print a key's or certificate's key ID with SHA256 in addition to SHA1 | Nikos Mavrogiannopoulos | 2016-11-22 | 2 | -57/+60 |
| | |||||
* | certtool: address compiler warnings | Nikos Mavrogiannopoulos | 2016-11-22 | 1 | -1/+1 |
| | |||||
* | doc: document the RFC7613 normalization of passwords [ci skip] | Nikos Mavrogiannopoulos | 2016-11-22 | 3 | -1/+17 |
| | |||||
* | unistring: include only the required categoriestmp-uninorm-remove-unused-categories | Nikos Mavrogiannopoulos | 2016-11-21 | 136 | -17261/+537 |
| | | | | In addition fix the license text of the included library. | ||||
* | server_name: log server name sent | Nikos Mavrogiannopoulos | 2016-11-21 | 1 | -0/+2 |
| | |||||
* | x509/output: improve log message on embedded null | Nikos Mavrogiannopoulos | 2016-11-21 | 1 | -1/+1 |
| | |||||
* | build-aux: added unused-parameter.htmp-uninorm | Nikos Mavrogiannopoulos | 2016-11-21 | 1 | -0/+36 |
| | |||||
* | .gitlab-ci.yml: explicitly specify --with-included-unistring when needed | Nikos Mavrogiannopoulos | 2016-11-21 | 1 | -6/+6 |
| | |||||
* | hooks.m4: corrected typo | Nikos Mavrogiannopoulos | 2016-11-21 | 1 | -1/+1 |
| | |||||
* | .gitlab-ci.yml: ignore syntax-check issues caused by included unistring | Nikos Mavrogiannopoulos | 2016-11-21 | 1 | -1/+2 |
| | |||||
* | more files to ignore | Nikos Mavrogiannopoulos | 2016-11-21 | 1 | -0/+9 |
| | |||||
* | unconditionally include unistring code | Nikos Mavrogiannopoulos | 2016-11-21 | 6 | -385/+23 |
| | | | | | | That simplifies internationalization support, at the cost of including a version of libunistring, which is used on systems which do not ship it. | ||||
* | lib: added unistring sub-library | Nikos Mavrogiannopoulos | 2016-11-21 | 159 | -2/+34296 |
| | |||||
* | updated auto-generated files for gnutls_utf8_password_normalize() | Nikos Mavrogiannopoulos | 2016-11-21 | 3 | -0/+4 |
| | |||||
* | tests: enhanced str-unicode with GNUTLS_UTF8_IGNORE_ERRS flag | Nikos Mavrogiannopoulos | 2016-11-21 | 1 | -1/+23 |
| | | | | That is, enhanced to check the tolerable variant of gnutls_utf8_password_normalize() | ||||
* | .gitlab-ci.yml: added build without libunistring | Nikos Mavrogiannopoulos | 2016-11-21 | 1 | -3/+21 |
| | |||||
* | doc: mention the RFC7613 normalization and the libunistring dependency | Nikos Mavrogiannopoulos | 2016-11-21 | 2 | -2/+12 |
| |