summaryrefslogtreecommitdiff
path: root/lib
Commit message (Expand)AuthorAgeFilesLines
* PKCS8/PKCS12: enforce a maximum number of iterationsNikos Mavrogiannopoulos2017-03-093-3/+7
* Do not attempt to parse a 32-bit integer if a packet is not 4 bytes.Alex Gaynor2017-03-091-1/+1
* sysrng-linux: define _rnd_get_system_entropy unconditionallyNikos Mavrogiannopoulos2017-03-091-1/+2
* Added openpgp stub fileNikos Mavrogiannopoulos2017-03-082-1/+703
* Rewritten gnutls_x509_rdn_get() and gnutls_x509_rdn_get2()Nikos Mavrogiannopoulos2017-03-081-43/+25
* gnutls_privkey_export_x509: doc updateNikos Mavrogiannopoulos2017-03-081-2/+3
* priority: do not enable HMAC-MD5 by defaultNikos Mavrogiannopoulos2017-03-081-1/+0
* gnutls.h: introduced GNUTLS_E_TLS_PACKET_DECODING_ERROR [ci skip]Nikos Mavrogiannopoulos2017-03-082-2/+3
* ext/signature: error on invalid extension formatNikos Mavrogiannopoulos2017-03-071-0/+2
* _gnutls_proc_x509_server_crt: return GNUTLS_E_CERTIFICATE_ERROR on parsing errorNikos Mavrogiannopoulos2017-03-071-0/+1
* alert: GNUTLS_E_NO_CERTIFICATE_FOUND maps to GNUTLS_A_DECODE_ERRORNikos Mavrogiannopoulos2017-03-071-1/+1
* read_client_hello: use integer for extensions sizeNikos Mavrogiannopoulos2017-03-071-1/+2
* ext/signature: reject an extension with padded dataNikos Mavrogiannopoulos2017-03-071-0/+3
* ext/signature: reject an extension size of zeroNikos Mavrogiannopoulos2017-03-071-1/+1
* gnutls_record_recv: do not accept a client hello while handshake is in progressNikos Mavrogiannopoulos2017-03-071-0/+1
* read_client_hello: fail early on illegally formatted messageNikos Mavrogiannopoulos2017-03-072-1/+9
* _gnutls_parse_extensions: do not fail on empty extensions fieldNikos Mavrogiannopoulos2017-03-071-1/+9
* alert: GNUTLS_E_PK_INVALID_PUBKEY maps to GNUTLS_A_ILLEGAL_PARAMETERNikos Mavrogiannopoulos2017-03-071-0/+1
* alerts: separated record overflow from decode error alertsNikos Mavrogiannopoulos2017-03-074-3/+9
* auth: failures of _gnutls_mpi_init_scan_nz map to GNUTLS_E_RECEIVED_ILLEGAL_P...Nikos Mavrogiannopoulos2017-03-072-12/+12
* nettle/rnd-fips: combined the FIPS-compliant generators to twoNikos Mavrogiannopoulos2017-03-061-15/+5
* nettle/rnd: use two random generators instead of 3Nikos Mavrogiannopoulos2017-03-061-19/+26
* nettle/pk: corrected call to gnutls_rnd() for rnd_nonce_funcNikos Mavrogiannopoulos2017-03-061-1/+1
* nettle/rnd: specify different limits for rekey in PRNGsNikos Mavrogiannopoulos2017-03-061-6/+14
* nettle/pk: use the GNUTLS_RND_RANDOM level for DH/DSA paramsNikos Mavrogiannopoulos2017-03-061-2/+2
* crypto.h: include gnutls.h to obtain required typesNikos Mavrogiannopoulos2017-03-061-0/+2
* rnd: reduce calls to _rnd_get_system_entropyNikos Mavrogiannopoulos2017-03-061-7/+7
* rnd: when reseeding the generators use the next best generatorNikos Mavrogiannopoulos2017-03-061-23/+24
* Added _gnutls_lib_force_operationalNikos Mavrogiannopoulos2017-03-063-0/+7
* pk: always use _gnutls_switch_lib_stateNikos Mavrogiannopoulos2017-03-062-24/+34
* rnd: switched to 3 chacha-based PRNGs for all security levelsNikos Mavrogiannopoulos2017-03-067-282/+67
* rnd: aligned type of data counter with input data type (size_t)Nikos Mavrogiannopoulos2017-03-061-2/+2
* random: keep global list of initialized contextsNikos Mavrogiannopoulos2017-03-061-4/+50
* rnd: removed call of _rnd_system_entropy_deinit on deinitNikos Mavrogiannopoulos2017-03-061-1/+0
* Removed locks from internal rngNikos Mavrogiannopoulos2017-03-062-84/+59
* Use a thread local random generator.Nikos Mavrogiannopoulos2017-03-062-33/+9
* datum.h: documented behavior of datum functionsNikos Mavrogiannopoulos2017-03-051-0/+5
* _gnutls_set_strdatum: always return an allocated string on successNikos Mavrogiannopoulos2017-03-051-2/+4
* Enforce the max packet length for OpenPGP subpackets as wellAlex Gaynor2017-03-051-2/+7
* gnutls_x509_crt_set_version: do not allow writing illegal versionsNikos Mavrogiannopoulos2017-03-031-1/+1
* x509: reject illegal certificate versionsNikos Mavrogiannopoulos2017-03-031-1/+1
* gnutls_x509_crt_set_serial: refuse to write all-zero serial numberNikos Mavrogiannopoulos2017-03-031-0/+16
* gnutls_x509_crt_set_serial: document the 20-byte limit for serial sizesNikos Mavrogiannopoulos2017-03-031-0/+4
* x509.h: introduced flag GNUTLS_VERIFY_IGNORE_UNKNOWN_CRIT_EXTENSIONSNikos Mavrogiannopoulos2017-03-022-5/+12
* x509/verify: refuse to verify certificates with unknown critical extensionsNikos Mavrogiannopoulos2017-03-026-2/+106
* crypto-self-tests: modified exported functions to work under fips140-2 modeNikos Mavrogiannopoulos2017-03-021-4/+18
* _gnutls_pk_params_copy: copy the provable algorithm usedNikos Mavrogiannopoulos2017-03-021-0/+1
* gnutls_session_ticket_key_generate: fixed operation under FIPS140-2 modeNikos Mavrogiannopoulos2017-03-011-1/+21
* gnutls-cli: print the ciphers, MACs and KXs when priority string is givenNikos Mavrogiannopoulos2017-03-011-0/+4
* gnutls_priority_get_cipher_suite_index: do not return values for non-existent...Nikos Mavrogiannopoulos2017-03-011-1/+6