| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | certtool: fixed documentation of sign-params | Nikos Mavrogiannopoulos | 2017-08-17 | 1 | -2/+2 |
| | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | updated auto-generated filestmp-to-rsa | Nikos Mavrogiannopoulos | 2017-08-15 | 2 | -636/+668 |
| | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | certtool: introduced --to-rsa option | Nikos Mavrogiannopoulos | 2017-08-15 | 2 | -1/+76 |
| | | | | | | | This allows converting an RSA-PSS key to raw RSA. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | gnutls-serv: --require-client-cert no longer implies --verify-client-cert | Nikos Mavrogiannopoulos | 2017-08-10 | 2 | -2/+3 |
| | | | | | | | | That is, it is now possible to require a client certificate without verifying it. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | updated auto-generated filestmp-p11tool-generate-update | Nikos Mavrogiannopoulos | 2017-08-09 | 2 | -462/+495 |
| | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | p11tool: --generate-xxx options were replaced by generate-privkey | Nikos Mavrogiannopoulos | 2017-08-09 | 5 | -23/+47 |
| | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | certtool: eliminated unused variable | Nikos Mavrogiannopoulos | 2017-08-08 | 2 | -7/+0 |
| | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | certtool: improved documentation on --provable option | Nikos Mavrogiannopoulos | 2017-08-07 | 1 | -2/+11 |
| | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> | ||||
| * | certtool: create mapping between --load-x and --info options | Nikos Mavrogiannopoulos | 2017-08-07 | 1 | -12/+31 |
| | | | | | | | | | | That allows using: certtool --certificate-info --load-certificate FILE and certtool --certificate-info --infile FILE Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> | ||||
| * | certtool: removed definitions of non-existing functions | Nikos Mavrogiannopoulos | 2017-08-07 | 1 | -3/+0 |
| | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> | ||||
| * | gnutls_x509_privkey_verify_seed: improved error on missing validation parameters | Nikos Mavrogiannopoulos | 2017-08-07 | 1 | -1/+4 |
| | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> | ||||
| * | certtool: silence warnings related to --pkcs8 | Nikos Mavrogiannopoulos | 2017-08-07 | 1 | -3/+5 |
| | | | | | | | There is no reason to bug the user with such details by default. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | certtool: better print provable key validation parameters | Nikos Mavrogiannopoulos | 2017-08-07 | 1 | -6/+9 |
| | | | | | | | | That is, include hash in the printable set, and keep spaces from next fields. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | certtool: provable private keys are always exported in PKCS#8 form | Nikos Mavrogiannopoulos | 2017-08-07 | 3 | -21/+15 |
| | | | | | | | That allows the provable parameters to be included. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | p11tool: auto-generate the list of PKCS#11 mechanisms from p11-kit | Nikos Mavrogiannopoulos | 2017-08-04 | 4 | -216/+257 |
| | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | updated auto-generated files | Nikos Mavrogiannopoulos | 2017-08-04 | 2 | -1374/+1593 |
| | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | spki: combined all exported functions to a single set and get | Nikos Mavrogiannopoulos | 2017-08-04 | 2 | -19/+20 |
| | | | | | | | | | This simplifies setting parameters for a particular key type, as well as getting them. The advantage is that they are set atomically, preventing an inadverterly half-filled structure. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | certtool: set RSA-PSS parameters using GNUTLS_KEYGEN_SPKI kdata type | Nikos Mavrogiannopoulos | 2017-08-04 | 1 | -4/+19 |
| | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | certtool: print signature algorithm in cert verification output | Nikos Mavrogiannopoulos | 2017-08-04 | 1 | -0/+19 |
| | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | certtool: sign_params_to_flags: use strtok to parse input | Nikos Mavrogiannopoulos | 2017-08-04 | 1 | -5/+20 |
| | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | certtool: copy SPKI information from private key when available | Nikos Mavrogiannopoulos | 2017-08-04 | 1 | -15/+14 |
| | | | | | | | That also addresses a bug due to which SPKI information was not set. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | certtool: allow specifying RSA-PSS parameters for key generation | Nikos Mavrogiannopoulos | 2017-08-04 | 2 | -14/+30 |
| | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | certtool: group together common options | Nikos Mavrogiannopoulos | 2017-08-04 | 1 | -202/+279 |
| | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | certtool: do not print error on missing RSA-PSS parameters on key | Nikos Mavrogiannopoulos | 2017-08-03 | 1 | -0/+3 |
| | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | x509.h: Renamed SPKI related functions | Nikos Mavrogiannopoulos | 2017-08-03 | 2 | -4/+15 |
| | | | | | | | | | This better reflects their purpose as providers of information for subject public key. In addition use 'const' for fields that should be left intact. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | updated auto-generated files | Nikos Mavrogiannopoulos | 2017-08-03 | 2 | -329/+395 |
| | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> | ||||
| * | gnutls-cli: introduced options to save client and server traces | Nikos Mavrogiannopoulos | 2017-08-03 | 4 | -7/+90 |
| | | | | | | | This allows to easier obtain traces for use in fuzzers. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> | ||||
| * | gnutls-cli: use FFDHE3072 parameters for benchmarking | Nikos Mavrogiannopoulos | 2017-08-02 | 1 | -54/+2 |
| | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | cli,serv: do not print any information on compression | Nikos Mavrogiannopoulos | 2017-08-02 | 1 | -9/+0 |
| | | | | | | | Compression is always NULL. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | cli,serv: no longer print parameters when FFDHE groups are used | Nikos Mavrogiannopoulos | 2017-08-02 | 1 | -0/+7 |
| | | | | | | | | | The negotiated RFC7919 group is now printed as part of the Description string, and there is no reason to print more information on parameters defined by the protocol. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | gnutls-cli: print the supported groups instead of curves | Nikos Mavrogiannopoulos | 2017-08-02 | 1 | -7/+7 |
| | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | gnutls-cli: use gnutls_priority_set | Nikos Mavrogiannopoulos | 2017-07-25 | 1 | -2/+2 |
| | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | gnutls-cli: re-use priorities for both client and server on benchmarks | Nikos Mavrogiannopoulos | 2017-07-18 | 1 | -2/+2 |
| | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | gnutls-cli: re-use priorities when measuring performancetmp-gnutls-benchmark-update | Nikos Mavrogiannopoulos | 2017-07-17 | 1 | -2/+10 |
| | | | | | | | This avoids measuring cache misses due to priority processing time. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> | ||||
| * | updated auto-generated files | Nikos Mavrogiannopoulos | 2017-07-17 | 2 | -133/+134 |
| | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | gnutls-cli: added RSA-PSS signatures in benchmark | Nikos Mavrogiannopoulos | 2017-07-17 | 1 | -12/+54 |
| | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | gnutls-cli: added benchmark on X25519-Ed25519 key exchange | Nikos Mavrogiannopoulos | 2017-07-17 | 1 | -13/+49 |
| | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | tests: replaced rsa-pss/eddsa certtool options with --key-type | Nikos Mavrogiannopoulos | 2017-07-17 | 1 | -5/+5 |
| | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | certtool: introduced the --key-type option | Nikos Mavrogiannopoulos | 2017-07-17 | 2 | -18/+35 |
| | | | | | | | This replaces the --rsa-pss and --eddsa options. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | Added support for EdDSA (Ed25519) curve keys | Nikos Mavrogiannopoulos | 2017-07-17 | 4 | -25/+51 |
| | | | | | | | | | This adds support for draft-ietf-curdle-pkix-04. Resolves #25 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | updated auto-generated files | Nikos Mavrogiannopoulos | 2017-07-13 | 2 | -200/+232 |
| | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | gnutls-cli: added option to allow verification with broken algorithms | Nikos Mavrogiannopoulos | 2017-07-13 | 2 | -0/+13 |
| | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | gnutls-serv: allow receiving requests up to 16kb | Nikos Mavrogiannopoulos | 2017-07-11 | 1 | -5/+4 |
| | | | | | | | This makes gnutls-serv useful for few tlsfuzzer test cases. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | updated auto-generated filestmp-alpn-updates | Nikos Mavrogiannopoulos | 2017-07-06 | 2 | -344/+409 |
| | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> | ||||
| * | gnutls-serv: added the --alpn and --alpn-fatal options | Nikos Mavrogiannopoulos | 2017-07-04 | 2 | -0/+41 |
| | | | | | | | | This allows specifying ALPN protocols supported by server, allowing to test the ALPN negotiation. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | gnutls-cli: save OCSP response at the time certificate is saved | Nikos Mavrogiannopoulos | 2017-06-29 | 1 | -8/+17 |
| | | | | | | | | That ensures that we always save the OCSP response, even when certificate verification fails. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> | ||||
| * | gnutls-cli: be less verbose in OCSP error messagestmp-ocsptool-updates | Nikos Mavrogiannopoulos | 2017-06-20 | 1 | -1/+2 |
| | | | | | | | | | Previously we were reporting "No issuer found" if any certificate in a chain could not be verified. That was confusing information and not strictly necessary. No longer print that. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | gnutls-cli: improved error message of OCSP failure | Nikos Mavrogiannopoulos | 2017-06-20 | 1 | -2/+2 |
| | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | updated auto-generated files | Nikos Mavrogiannopoulos | 2017-06-20 | 2 | -151/+238 |
| | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
| * | ocsptool: verify_response will print information on the response | Nikos Mavrogiannopoulos | 2017-06-20 | 1 | -0/+12 |
| | | | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> | ||||
 |
index : delta/gnutls.git | |
| gitlab.com: gnutls/gnutls.git |
| summaryrefslogtreecommitdiff |