]>
git.ipfire.org Git - thirdparty/gnutls.git/log
Nikos Mavrogiannopoulos [Fri, 19 Jun 2015 20:55:04 +0000 (22:55 +0200)]
tests: added a verify-chain test case
Nikos Mavrogiannopoulos [Fri, 19 Jun 2015 19:53:27 +0000 (21:53 +0200)]
tests: don't quote provider in common.sh
That caused testpkcs11 to fail.
Nikos Mavrogiannopoulos [Thu, 18 Jun 2015 20:50:18 +0000 (22:50 +0200)]
tests: don't enforce alignment rules for caller buffers
Alon Bar-Lev [Wed, 17 Jun 2015 11:05:54 +0000 (14:05 +0300)]
tests: cert-tests: cleanup shell usage
Add quotes for most usages of variables.
Added ${} for variables.
Cleanup trailing spaces.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Nikos Mavrogiannopoulos [Thu, 18 Jun 2015 14:20:50 +0000 (16:20 +0200)]
Added gitlab-ci.yml
Nikos Mavrogiannopoulos [Thu, 18 Jun 2015 13:52:39 +0000 (15:52 +0200)]
reduced the exported functions to the minimum needed
Nikos Mavrogiannopoulos [Thu, 18 Jun 2015 13:49:39 +0000 (15:49 +0200)]
_gnutls_ext_register was made static
Nikos Mavrogiannopoulos [Thu, 18 Jun 2015 13:49:06 +0000 (15:49 +0200)]
libgnutls.map: use a 3.4 related name for private functions
This eliminates any collisions with functions from 3.3.x
Alon Bar-Lev [Thu, 18 Jun 2015 06:41:54 +0000 (09:41 +0300)]
tests: nist-pkits: cleanup shell/perl usage
Add quotes for most usages of variables.
Added ${} for variables.
Consistent indent.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Nikos Mavrogiannopoulos [Thu, 18 Jun 2015 12:15:18 +0000 (14:15 +0200)]
tests: force link with nettle of mini-alignment
Nikos Mavrogiannopoulos [Thu, 18 Jun 2015 12:11:08 +0000 (14:11 +0200)]
tests: Check the OID functions
Nikos Mavrogiannopoulos [Thu, 18 Jun 2015 12:01:42 +0000 (14:01 +0200)]
doc update
Nikos Mavrogiannopoulos [Thu, 18 Jun 2015 11:59:57 +0000 (13:59 +0200)]
Exported functions to convert from and to OIDs
Saurav Babu [Thu, 18 Jun 2015 07:20:32 +0000 (12:50 +0530)]
gnutls-cli: Fixed Possible Memory Leak
This patch fixes possible memory leak in psk_callback() function, rawkey
is allocated memory by gnutls_malloc() and is not freed when
gnutls_hex_decode() returns with error
Signed-off-by: Saurav Babu <saurav.babu@samsung.com>
Nikos Mavrogiannopoulos [Thu, 18 Jun 2015 09:19:37 +0000 (11:19 +0200)]
pkcs7: corrected write_signer_id() when GNUTLS_PKCS7_WRITE_SPKI was used
Alon Bar-Lev [Thu, 18 Jun 2015 06:41:55 +0000 (09:41 +0300)]
tests: openpgp-certs: cleanup shell usage
Add quotes for most usages of variables.
Added ${} for variables.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Alon Bar-Lev [Thu, 18 Jun 2015 06:41:53 +0000 (09:41 +0300)]
tests: key-tests: cleanup shell usage
Add quotes for most usages of variables.
Added ${} for variables.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Alon Bar-Lev [Thu, 18 Jun 2015 06:41:52 +0000 (09:41 +0300)]
tests: ecdsa: cleanup shell usage
Add quotes for most usages of variables.
Added ${} for variables.
Cleanup trailing spaces.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Alon Bar-Lev [Wed, 17 Jun 2015 21:57:04 +0000 (00:57 +0300)]
tests: dsa: cleanup shell usage
Add quotes for most usages of variables.
Added ${} for variables.
Cleanup trailing spaces.
Removal of unneeded ';'.
Minor fix in tests/scripts/common.sh at trap to pass message and avoid
killing.
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Nikos Mavrogiannopoulos [Thu, 18 Jun 2015 08:51:09 +0000 (10:51 +0200)]
indentation fix
Nikos Mavrogiannopoulos [Thu, 18 Jun 2015 08:46:13 +0000 (10:46 +0200)]
Always align in 16-byte boundary our input to crypto
That allows faster operations in almost all instruction sets.
Nikos Mavrogiannopoulos [Thu, 18 Jun 2015 08:44:45 +0000 (10:44 +0200)]
tests: added check for memory alignment
Nikos Mavrogiannopoulos [Wed, 17 Jun 2015 20:26:51 +0000 (22:26 +0200)]
tests: only run test with long dates in 64-bit systems
Nikos Mavrogiannopoulos [Wed, 17 Jun 2015 15:17:10 +0000 (17:17 +0200)]
tests: regenerate the results in template-test using UTC times
Nikos Mavrogiannopoulos [Wed, 17 Jun 2015 14:48:36 +0000 (16:48 +0200)]
ensure that gnutls_pubkey_verify_data2 returns 0 on success
Nikos Mavrogiannopoulos [Wed, 17 Jun 2015 14:40:15 +0000 (16:40 +0200)]
Added gnutls_pkcs7_get_signature_count
Alon Bar-Lev [Wed, 17 Jun 2015 08:59:55 +0000 (11:59 +0300)]
tests: suite: run testpkcs11 if PKCS#11 is enabled
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Alon Bar-Lev [Wed, 17 Jun 2015 08:59:56 +0000 (11:59 +0300)]
tests: remove bash usage
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Nikos Mavrogiannopoulos [Wed, 17 Jun 2015 09:34:46 +0000 (11:34 +0200)]
doc update
Nikos Mavrogiannopoulos [Wed, 17 Jun 2015 09:19:10 +0000 (11:19 +0200)]
tests: verify that we generate dates with UTCTime prior to 2050
Also that we generate dates with GeneralizedTime format after 2050.
Nikos Mavrogiannopoulos [Wed, 17 Jun 2015 09:12:03 +0000 (11:12 +0200)]
When writing the Time ASN.1 structure follow the RFC5280 recommendations
Nikos Mavrogiannopoulos [Wed, 17 Jun 2015 09:03:29 +0000 (11:03 +0200)]
Set time in PKCS #7 structures properly (in UTCTime format).
Nikos Mavrogiannopoulos [Wed, 17 Jun 2015 08:42:54 +0000 (10:42 +0200)]
doc update
Alon Bar-Lev [Tue, 16 Jun 2015 20:48:58 +0000 (23:48 +0300)]
tests: cert-tests: pkcs7: support separate builddir
Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
Nikos Mavrogiannopoulos [Tue, 16 Jun 2015 20:00:41 +0000 (22:00 +0200)]
account new symbols
Nikos Mavrogiannopoulos [Tue, 16 Jun 2015 20:00:01 +0000 (22:00 +0200)]
updated makefiles for the new functions
Nikos Mavrogiannopoulos [Tue, 16 Jun 2015 19:53:29 +0000 (21:53 +0200)]
doc update
Nikos Mavrogiannopoulos [Tue, 16 Jun 2015 19:47:37 +0000 (21:47 +0200)]
use common base for pkcs7 files
Nikos Mavrogiannopoulos [Tue, 16 Jun 2015 19:41:42 +0000 (21:41 +0200)]
added missing symbol
Nikos Mavrogiannopoulos [Tue, 16 Jun 2015 19:34:30 +0000 (21:34 +0200)]
released 3.4.2
Nikos Mavrogiannopoulos [Tue, 16 Jun 2015 15:18:51 +0000 (17:18 +0200)]
certtool: made explicit the inclusion of time in PKCS #7 signatures
Nikos Mavrogiannopoulos [Tue, 16 Jun 2015 15:15:04 +0000 (17:15 +0200)]
pkcs7: write the DER encoded time
Nikos Mavrogiannopoulos [Tue, 16 Jun 2015 14:56:30 +0000 (16:56 +0200)]
certtool: include the signature time in PKCS #7 signatures
Nikos Mavrogiannopoulos [Tue, 16 Jun 2015 14:55:40 +0000 (16:55 +0200)]
pkcs7: corrected usage of GNUTLS_PKCS7_INCLUDE_TIME flag
Nikos Mavrogiannopoulos [Tue, 16 Jun 2015 11:31:54 +0000 (13:31 +0200)]
tests: minor updates in pkcs7 output checks to match new certtool
Nikos Mavrogiannopoulos [Tue, 16 Jun 2015 11:31:30 +0000 (13:31 +0200)]
certtool: rely on gnutls_pkcs7_print() even more
Nikos Mavrogiannopoulos [Tue, 16 Jun 2015 11:27:43 +0000 (13:27 +0200)]
pkcs7: print certificates and CRLs in FULL mode
Nikos Mavrogiannopoulos [Tue, 16 Jun 2015 10:29:53 +0000 (12:29 +0200)]
doc update
Nikos Mavrogiannopoulos [Tue, 16 Jun 2015 10:29:38 +0000 (12:29 +0200)]
certtool: use gnutls_pkcs7_print() - partially
Nikos Mavrogiannopoulos [Tue, 16 Jun 2015 10:18:55 +0000 (12:18 +0200)]
Added gnutls_pkcs7_print()
Nikos Mavrogiannopoulos [Mon, 15 Jun 2015 09:36:58 +0000 (11:36 +0200)]
bumped version
Nikos Mavrogiannopoulos [Thu, 11 Jun 2015 08:34:55 +0000 (10:34 +0200)]
tests: added signature/verification stress test
Nikos Mavrogiannopoulos [Thu, 11 Jun 2015 08:11:35 +0000 (10:11 +0200)]
tests: check also individual ciphers for interoperability
Nikos Mavrogiannopoulos [Mon, 8 Jun 2015 09:38:54 +0000 (11:38 +0200)]
fips140: better debug messages when verifying MAC
Nikos Mavrogiannopoulos [Fri, 5 Jun 2015 09:19:13 +0000 (11:19 +0200)]
tpmtool: added newline in error messages
Nikos Mavrogiannopoulos [Wed, 3 Jun 2015 14:10:30 +0000 (16:10 +0200)]
fips140: added check for reseed detection
Nikos Mavrogiannopoulos [Wed, 3 Jun 2015 13:48:23 +0000 (15:48 +0200)]
tests: check random generator for long outputs as well
Nikos Mavrogiannopoulos [Wed, 3 Jun 2015 13:42:42 +0000 (15:42 +0200)]
fips140: when GNUTLS_SKIP_FIPS_INTEGRITY_CHECKS is setup do not perform integrity tests
Nikos Mavrogiannopoulos [Wed, 3 Jun 2015 13:38:09 +0000 (15:38 +0200)]
fips140: reset the reseed counter only on reseed
Nikos Mavrogiannopoulos [Wed, 3 Jun 2015 13:37:39 +0000 (15:37 +0200)]
fips140: when reseeding only reseed the required context not all
Nikos Mavrogiannopoulos [Wed, 3 Jun 2015 12:37:11 +0000 (14:37 +0200)]
fips140: added more checks on the reseed and generate function
Nikos Mavrogiannopoulos [Wed, 3 Jun 2015 12:36:35 +0000 (14:36 +0200)]
fips140: enforce the max_number_of_bits_per_request
Nikos Mavrogiannopoulos [Wed, 3 Jun 2015 14:36:32 +0000 (16:36 +0200)]
tests: do not include times in the PKCS #7 checks as they depend on local timezone
Nikos Mavrogiannopoulos [Wed, 3 Jun 2015 11:28:59 +0000 (13:28 +0200)]
pkcs7: addressed memory leaks
Nikos Mavrogiannopoulos [Wed, 3 Jun 2015 09:42:30 +0000 (11:42 +0200)]
doc update
Nikos Mavrogiannopoulos [Wed, 3 Jun 2015 09:38:55 +0000 (11:38 +0200)]
doc update
Nikos Mavrogiannopoulos [Wed, 3 Jun 2015 09:35:04 +0000 (11:35 +0200)]
tests: Added PKCS #7 attribute generation check
Nikos Mavrogiannopoulos [Wed, 3 Jun 2015 08:44:25 +0000 (10:44 +0200)]
tests: updated for new certtool output
Nikos Mavrogiannopoulos [Wed, 3 Jun 2015 08:40:54 +0000 (10:40 +0200)]
certtool: print signed and unsigned PKCS #7 attributes
Nikos Mavrogiannopoulos [Wed, 3 Jun 2015 08:24:05 +0000 (10:24 +0200)]
Added code to parse and set PKCS #7 attributes
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 14:34:45 +0000 (16:34 +0200)]
tests: added PKCS #7 verification check with MD5
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 14:31:49 +0000 (16:31 +0200)]
use the same flags in all verification functions
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 14:05:46 +0000 (16:05 +0200)]
_decode_pkcs7_signed_data: fixed mem leaks
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 13:58:14 +0000 (15:58 +0200)]
Initialization of gnutls_x509_dn_t was modified to allow deinitialization after failure
Part2: made gnutls_x509_crt_get_subject() and gnutls_x509_crt_get_issuer()
return a constant value and avoid leaks.
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 12:40:56 +0000 (14:40 +0200)]
doc: Separated the PKCS #7 in manual
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 12:35:26 +0000 (14:35 +0200)]
doc update
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 12:26:20 +0000 (14:26 +0200)]
tests: check PKCS #7 structure signature generation
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 12:16:58 +0000 (14:16 +0200)]
tests: check PKCS #7 bundle generation
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 12:08:13 +0000 (14:08 +0200)]
certtool: added --p7-generate, --p7-sign and --p7-detached-sign
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 10:58:34 +0000 (12:58 +0200)]
Added gnutls_pkcs7_sign()
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 09:13:41 +0000 (11:13 +0200)]
Added gnutls_pkcs7_get_crl_raw2
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 09:00:39 +0000 (11:00 +0200)]
certtool: print the signing time when available
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 09:00:26 +0000 (11:00 +0200)]
pkcs7 verification: parse the signing time
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 07:54:38 +0000 (09:54 +0200)]
on PKCS #7 verification check the the content type matches the signed data
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 07:22:36 +0000 (09:22 +0200)]
certtool: print more info about the PKCS #7 struct
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 07:15:53 +0000 (09:15 +0200)]
certtool: allow verification against a direct PKCS #7 signer
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 07:05:27 +0000 (09:05 +0200)]
tests: added checks with PKCS #7 detached data
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 07:03:34 +0000 (09:03 +0200)]
pkcs7 verification: return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE when no encapsulated data exist
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 06:57:34 +0000 (08:57 +0200)]
certtool: allow verifying PKCS #7 with detached data
Nikos Mavrogiannopoulos [Mon, 1 Jun 2015 19:37:44 +0000 (21:37 +0200)]
certtool: improved PKCS #7 verification output
Nikos Mavrogiannopoulos [Mon, 1 Jun 2015 19:33:02 +0000 (21:33 +0200)]
tests: check the key purpose in PKCS #7 verification
Nikos Mavrogiannopoulos [Mon, 1 Jun 2015 18:07:57 +0000 (20:07 +0200)]
tests: added PKCS #7 test with more than 1 certs
Nikos Mavrogiannopoulos [Mon, 1 Jun 2015 16:56:51 +0000 (18:56 +0200)]
certtool: allow verification of PKCS #7 structures
Nikos Mavrogiannopoulos [Mon, 1 Jun 2015 16:55:37 +0000 (18:55 +0200)]
Initialization of gnutls_x509_dn_t was modified to allow deinitialization after failure
Nikos Mavrogiannopoulos [Mon, 1 Jun 2015 13:19:03 +0000 (15:19 +0200)]
Added PKCS #7 signature(s) verification
Nikos Mavrogiannopoulos [Mon, 1 Jun 2015 13:13:10 +0000 (15:13 +0200)]
Added gnutls_pkcs11_get_raw_issuer_by_subject_key_id and gnutls_x509_trust_list_get_issuer_by_subject_key_id
Nikos Mavrogiannopoulos [Mon, 1 Jun 2015 12:34:57 +0000 (14:34 +0200)]
tests: added check for gnutls_x509_dn_get_str
Nikos Mavrogiannopoulos [Mon, 1 Jun 2015 12:26:19 +0000 (14:26 +0200)]
added gnutls_x509_dn_get_str
Nikos Mavrogiannopoulos [Mon, 1 Jun 2015 09:52:58 +0000 (11:52 +0200)]
doc update
Nikos Mavrogiannopoulos [Mon, 1 Jun 2015 09:51:32 +0000 (11:51 +0200)]
Added gnutls_x509_crt_verify_data2() and kept gnutls_privkey_sign_data()