]> git.ipfire.org Git - thirdparty/gnutls.git/log
thirdparty/gnutls.git
11 years agotests: added a verify-chain test case
Nikos Mavrogiannopoulos [Fri, 19 Jun 2015 20:55:04 +0000 (22:55 +0200)] 
tests: added a verify-chain test case

11 years agotests: don't quote provider in common.sh
Nikos Mavrogiannopoulos [Fri, 19 Jun 2015 19:53:27 +0000 (21:53 +0200)] 
tests: don't quote provider in common.sh

That caused testpkcs11 to fail.

11 years agotests: don't enforce alignment rules for caller buffers
Nikos Mavrogiannopoulos [Thu, 18 Jun 2015 20:50:18 +0000 (22:50 +0200)] 
tests: don't enforce alignment rules for caller buffers

11 years agotests: cert-tests: cleanup shell usage
Alon Bar-Lev [Wed, 17 Jun 2015 11:05:54 +0000 (14:05 +0300)] 
tests: cert-tests: cleanup shell usage

Add quotes for most usages of variables.

Added ${} for variables.

Cleanup trailing spaces.

Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
11 years agoAdded gitlab-ci.yml
Nikos Mavrogiannopoulos [Thu, 18 Jun 2015 14:20:50 +0000 (16:20 +0200)] 
Added gitlab-ci.yml

11 years agoreduced the exported functions to the minimum needed
Nikos Mavrogiannopoulos [Thu, 18 Jun 2015 13:52:39 +0000 (15:52 +0200)] 
reduced the exported functions to the minimum needed

11 years ago_gnutls_ext_register was made static
Nikos Mavrogiannopoulos [Thu, 18 Jun 2015 13:49:39 +0000 (15:49 +0200)] 
_gnutls_ext_register was made static

11 years agolibgnutls.map: use a 3.4 related name for private functions
Nikos Mavrogiannopoulos [Thu, 18 Jun 2015 13:49:06 +0000 (15:49 +0200)] 
libgnutls.map: use a 3.4 related name for private functions

This eliminates any collisions with functions from 3.3.x

11 years agotests: nist-pkits: cleanup shell/perl usage
Alon Bar-Lev [Thu, 18 Jun 2015 06:41:54 +0000 (09:41 +0300)] 
tests: nist-pkits: cleanup shell/perl usage

Add quotes for most usages of variables.

Added ${} for variables.

Consistent indent.

Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
11 years agotests: force link with nettle of mini-alignment
Nikos Mavrogiannopoulos [Thu, 18 Jun 2015 12:15:18 +0000 (14:15 +0200)] 
tests: force link with nettle of mini-alignment

11 years agotests: Check the OID functions
Nikos Mavrogiannopoulos [Thu, 18 Jun 2015 12:11:08 +0000 (14:11 +0200)] 
tests: Check the OID functions

11 years agodoc update
Nikos Mavrogiannopoulos [Thu, 18 Jun 2015 12:01:42 +0000 (14:01 +0200)] 
doc update

11 years agoExported functions to convert from and to OIDs
Nikos Mavrogiannopoulos [Thu, 18 Jun 2015 11:59:57 +0000 (13:59 +0200)] 
Exported functions to convert from and to OIDs

11 years agognutls-cli: Fixed Possible Memory Leak
Saurav Babu [Thu, 18 Jun 2015 07:20:32 +0000 (12:50 +0530)] 
gnutls-cli: Fixed Possible Memory Leak

This patch fixes possible memory leak in psk_callback() function, rawkey
is allocated memory by gnutls_malloc() and is not freed when
gnutls_hex_decode() returns with error

Signed-off-by: Saurav Babu <saurav.babu@samsung.com>
11 years agopkcs7: corrected write_signer_id() when GNUTLS_PKCS7_WRITE_SPKI was used
Nikos Mavrogiannopoulos [Thu, 18 Jun 2015 09:19:37 +0000 (11:19 +0200)] 
pkcs7: corrected write_signer_id() when GNUTLS_PKCS7_WRITE_SPKI was used

11 years agotests: openpgp-certs: cleanup shell usage
Alon Bar-Lev [Thu, 18 Jun 2015 06:41:55 +0000 (09:41 +0300)] 
tests: openpgp-certs: cleanup shell usage

Add quotes for most usages of variables.

Added ${} for variables.

Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
11 years agotests: key-tests: cleanup shell usage
Alon Bar-Lev [Thu, 18 Jun 2015 06:41:53 +0000 (09:41 +0300)] 
tests: key-tests: cleanup shell usage

Add quotes for most usages of variables.

Added ${} for variables.

Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
11 years agotests: ecdsa: cleanup shell usage
Alon Bar-Lev [Thu, 18 Jun 2015 06:41:52 +0000 (09:41 +0300)] 
tests: ecdsa: cleanup shell usage

Add quotes for most usages of variables.

Added ${} for variables.

Cleanup trailing spaces.

Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
11 years agotests: dsa: cleanup shell usage
Alon Bar-Lev [Wed, 17 Jun 2015 21:57:04 +0000 (00:57 +0300)] 
tests: dsa: cleanup shell usage

Add quotes for most usages of variables.

Added ${} for variables.

Cleanup trailing spaces.

Removal of unneeded ';'.

Minor fix in tests/scripts/common.sh at trap to pass message and avoid
killing.

Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
11 years agoindentation fix
Nikos Mavrogiannopoulos [Thu, 18 Jun 2015 08:51:09 +0000 (10:51 +0200)] 
indentation fix

11 years agoAlways align in 16-byte boundary our input to crypto
Nikos Mavrogiannopoulos [Thu, 18 Jun 2015 08:46:13 +0000 (10:46 +0200)] 
Always align in 16-byte boundary our input to crypto

That allows faster operations in almost all instruction sets.

11 years agotests: added check for memory alignment
Nikos Mavrogiannopoulos [Thu, 18 Jun 2015 08:44:45 +0000 (10:44 +0200)] 
tests: added check for memory alignment

11 years agotests: only run test with long dates in 64-bit systems
Nikos Mavrogiannopoulos [Wed, 17 Jun 2015 20:26:51 +0000 (22:26 +0200)] 
tests: only run test with long dates in 64-bit systems

11 years agotests: regenerate the results in template-test using UTC times
Nikos Mavrogiannopoulos [Wed, 17 Jun 2015 15:17:10 +0000 (17:17 +0200)] 
tests: regenerate the results in template-test using UTC times

11 years agoensure that gnutls_pubkey_verify_data2 returns 0 on success
Nikos Mavrogiannopoulos [Wed, 17 Jun 2015 14:48:36 +0000 (16:48 +0200)] 
ensure that gnutls_pubkey_verify_data2 returns 0 on success

11 years agoAdded gnutls_pkcs7_get_signature_count
Nikos Mavrogiannopoulos [Wed, 17 Jun 2015 14:40:15 +0000 (16:40 +0200)] 
Added gnutls_pkcs7_get_signature_count

11 years agotests: suite: run testpkcs11 if PKCS#11 is enabled
Alon Bar-Lev [Wed, 17 Jun 2015 08:59:55 +0000 (11:59 +0300)] 
tests: suite: run testpkcs11 if PKCS#11 is enabled

Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
11 years agotests: remove bash usage
Alon Bar-Lev [Wed, 17 Jun 2015 08:59:56 +0000 (11:59 +0300)] 
tests: remove bash usage

Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
11 years agodoc update
Nikos Mavrogiannopoulos [Wed, 17 Jun 2015 09:34:46 +0000 (11:34 +0200)] 
doc update

11 years agotests: verify that we generate dates with UTCTime prior to 2050
Nikos Mavrogiannopoulos [Wed, 17 Jun 2015 09:19:10 +0000 (11:19 +0200)] 
tests: verify that we generate dates with UTCTime prior to 2050

Also that we generate dates with GeneralizedTime format after 2050.

11 years agoWhen writing the Time ASN.1 structure follow the RFC5280 recommendations
Nikos Mavrogiannopoulos [Wed, 17 Jun 2015 09:12:03 +0000 (11:12 +0200)] 
When writing the Time ASN.1 structure follow the RFC5280 recommendations

11 years agoSet time in PKCS #7 structures properly (in UTCTime format).
Nikos Mavrogiannopoulos [Wed, 17 Jun 2015 09:03:29 +0000 (11:03 +0200)] 
Set time in PKCS #7 structures properly (in UTCTime format).

11 years agodoc update
Nikos Mavrogiannopoulos [Wed, 17 Jun 2015 08:42:54 +0000 (10:42 +0200)] 
doc update

11 years agotests: cert-tests: pkcs7: support separate builddir
Alon Bar-Lev [Tue, 16 Jun 2015 20:48:58 +0000 (23:48 +0300)] 
tests: cert-tests: pkcs7: support separate builddir

Signed-off-by: Alon Bar-Lev <alon.barlev@gmail.com>
11 years agoaccount new symbols gnutls_3_4_2
Nikos Mavrogiannopoulos [Tue, 16 Jun 2015 20:00:41 +0000 (22:00 +0200)] 
account new symbols

11 years agoupdated makefiles for the new functions
Nikos Mavrogiannopoulos [Tue, 16 Jun 2015 20:00:01 +0000 (22:00 +0200)] 
updated makefiles for the new functions

11 years agodoc update
Nikos Mavrogiannopoulos [Tue, 16 Jun 2015 19:53:29 +0000 (21:53 +0200)] 
doc update

11 years agouse common base for pkcs7 files
Nikos Mavrogiannopoulos [Tue, 16 Jun 2015 19:47:37 +0000 (21:47 +0200)] 
use common base for pkcs7 files

11 years agoadded missing symbol
Nikos Mavrogiannopoulos [Tue, 16 Jun 2015 19:41:42 +0000 (21:41 +0200)] 
added missing symbol

11 years agoreleased 3.4.2
Nikos Mavrogiannopoulos [Tue, 16 Jun 2015 19:34:30 +0000 (21:34 +0200)] 
released 3.4.2

11 years agocerttool: made explicit the inclusion of time in PKCS #7 signatures
Nikos Mavrogiannopoulos [Tue, 16 Jun 2015 15:18:51 +0000 (17:18 +0200)] 
certtool: made explicit the inclusion of time in PKCS #7 signatures

11 years agopkcs7: write the DER encoded time
Nikos Mavrogiannopoulos [Tue, 16 Jun 2015 15:15:04 +0000 (17:15 +0200)] 
pkcs7: write the DER encoded time

11 years agocerttool: include the signature time in PKCS #7 signatures
Nikos Mavrogiannopoulos [Tue, 16 Jun 2015 14:56:30 +0000 (16:56 +0200)] 
certtool: include the signature time in PKCS #7 signatures

11 years agopkcs7: corrected usage of GNUTLS_PKCS7_INCLUDE_TIME flag
Nikos Mavrogiannopoulos [Tue, 16 Jun 2015 14:55:40 +0000 (16:55 +0200)] 
pkcs7: corrected usage of GNUTLS_PKCS7_INCLUDE_TIME flag

11 years agotests: minor updates in pkcs7 output checks to match new certtool
Nikos Mavrogiannopoulos [Tue, 16 Jun 2015 11:31:54 +0000 (13:31 +0200)] 
tests: minor updates in pkcs7 output checks to match new certtool

11 years agocerttool: rely on gnutls_pkcs7_print() even more
Nikos Mavrogiannopoulos [Tue, 16 Jun 2015 11:31:30 +0000 (13:31 +0200)] 
certtool: rely on gnutls_pkcs7_print() even more

11 years agopkcs7: print certificates and CRLs in FULL mode
Nikos Mavrogiannopoulos [Tue, 16 Jun 2015 11:27:43 +0000 (13:27 +0200)] 
pkcs7: print certificates and CRLs in FULL mode

11 years agodoc update
Nikos Mavrogiannopoulos [Tue, 16 Jun 2015 10:29:53 +0000 (12:29 +0200)] 
doc update

11 years agocerttool: use gnutls_pkcs7_print() - partially
Nikos Mavrogiannopoulos [Tue, 16 Jun 2015 10:29:38 +0000 (12:29 +0200)] 
certtool: use gnutls_pkcs7_print() - partially

11 years agoAdded gnutls_pkcs7_print()
Nikos Mavrogiannopoulos [Tue, 16 Jun 2015 10:18:55 +0000 (12:18 +0200)] 
Added gnutls_pkcs7_print()

11 years agobumped version
Nikos Mavrogiannopoulos [Mon, 15 Jun 2015 09:36:58 +0000 (11:36 +0200)] 
bumped version

11 years agotests: added signature/verification stress test
Nikos Mavrogiannopoulos [Thu, 11 Jun 2015 08:34:55 +0000 (10:34 +0200)] 
tests: added signature/verification stress test

11 years agotests: check also individual ciphers for interoperability
Nikos Mavrogiannopoulos [Thu, 11 Jun 2015 08:11:35 +0000 (10:11 +0200)] 
tests: check also individual ciphers for interoperability

11 years agofips140: better debug messages when verifying MAC
Nikos Mavrogiannopoulos [Mon, 8 Jun 2015 09:38:54 +0000 (11:38 +0200)] 
fips140: better debug messages when verifying MAC

11 years agotpmtool: added newline in error messages
Nikos Mavrogiannopoulos [Fri, 5 Jun 2015 09:19:13 +0000 (11:19 +0200)] 
tpmtool: added newline in error messages

11 years agofips140: added check for reseed detection
Nikos Mavrogiannopoulos [Wed, 3 Jun 2015 14:10:30 +0000 (16:10 +0200)] 
fips140: added check for reseed detection

11 years agotests: check random generator for long outputs as well
Nikos Mavrogiannopoulos [Wed, 3 Jun 2015 13:48:23 +0000 (15:48 +0200)] 
tests: check random generator for long outputs as well

11 years agofips140: when GNUTLS_SKIP_FIPS_INTEGRITY_CHECKS is setup do not perform integrity...
Nikos Mavrogiannopoulos [Wed, 3 Jun 2015 13:42:42 +0000 (15:42 +0200)] 
fips140: when GNUTLS_SKIP_FIPS_INTEGRITY_CHECKS is setup do not perform integrity tests

11 years agofips140: reset the reseed counter only on reseed
Nikos Mavrogiannopoulos [Wed, 3 Jun 2015 13:38:09 +0000 (15:38 +0200)] 
fips140: reset the reseed counter only on reseed

11 years agofips140: when reseeding only reseed the required context not all
Nikos Mavrogiannopoulos [Wed, 3 Jun 2015 13:37:39 +0000 (15:37 +0200)] 
fips140: when reseeding only reseed the required context not all

11 years agofips140: added more checks on the reseed and generate function
Nikos Mavrogiannopoulos [Wed, 3 Jun 2015 12:37:11 +0000 (14:37 +0200)] 
fips140: added more checks on the reseed and generate function

11 years agofips140: enforce the max_number_of_bits_per_request
Nikos Mavrogiannopoulos [Wed, 3 Jun 2015 12:36:35 +0000 (14:36 +0200)] 
fips140: enforce the max_number_of_bits_per_request

11 years agotests: do not include times in the PKCS #7 checks as they depend on local timezone
Nikos Mavrogiannopoulos [Wed, 3 Jun 2015 14:36:32 +0000 (16:36 +0200)] 
tests: do not include times in the PKCS #7 checks as they depend on local timezone

11 years agopkcs7: addressed memory leaks
Nikos Mavrogiannopoulos [Wed, 3 Jun 2015 11:28:59 +0000 (13:28 +0200)] 
pkcs7: addressed memory leaks

11 years agodoc update
Nikos Mavrogiannopoulos [Wed, 3 Jun 2015 09:42:30 +0000 (11:42 +0200)] 
doc update

11 years agodoc update
Nikos Mavrogiannopoulos [Wed, 3 Jun 2015 09:38:55 +0000 (11:38 +0200)] 
doc update

11 years agotests: Added PKCS #7 attribute generation check
Nikos Mavrogiannopoulos [Wed, 3 Jun 2015 09:35:04 +0000 (11:35 +0200)] 
tests: Added PKCS #7 attribute generation check

11 years agotests: updated for new certtool output
Nikos Mavrogiannopoulos [Wed, 3 Jun 2015 08:44:25 +0000 (10:44 +0200)] 
tests: updated for new certtool output

11 years agocerttool: print signed and unsigned PKCS #7 attributes
Nikos Mavrogiannopoulos [Wed, 3 Jun 2015 08:40:54 +0000 (10:40 +0200)] 
certtool: print signed and unsigned PKCS #7 attributes

11 years agoAdded code to parse and set PKCS #7 attributes
Nikos Mavrogiannopoulos [Wed, 3 Jun 2015 08:24:05 +0000 (10:24 +0200)] 
Added code to parse and set PKCS #7 attributes

11 years agotests: added PKCS #7 verification check with MD5
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 14:34:45 +0000 (16:34 +0200)] 
tests: added PKCS #7 verification check with MD5

11 years agouse the same flags in all verification functions
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 14:31:49 +0000 (16:31 +0200)] 
use the same flags in all verification functions

11 years ago_decode_pkcs7_signed_data: fixed mem leaks
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 14:05:46 +0000 (16:05 +0200)] 
_decode_pkcs7_signed_data: fixed mem leaks

11 years agoInitialization of gnutls_x509_dn_t was modified to allow deinitialization after failure
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 13:58:14 +0000 (15:58 +0200)] 
Initialization of gnutls_x509_dn_t was modified to allow deinitialization after failure

Part2: made gnutls_x509_crt_get_subject() and gnutls_x509_crt_get_issuer()
return a constant value and avoid leaks.

11 years agodoc: Separated the PKCS #7 in manual
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 12:40:56 +0000 (14:40 +0200)] 
doc: Separated the PKCS #7 in manual

11 years agodoc update
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 12:35:26 +0000 (14:35 +0200)] 
doc update

11 years agotests: check PKCS #7 structure signature generation
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 12:26:20 +0000 (14:26 +0200)] 
tests: check PKCS #7 structure signature generation

11 years agotests: check PKCS #7 bundle generation
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 12:16:58 +0000 (14:16 +0200)] 
tests: check PKCS #7 bundle generation

11 years agocerttool: added --p7-generate, --p7-sign and --p7-detached-sign
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 12:08:13 +0000 (14:08 +0200)] 
certtool: added --p7-generate, --p7-sign and --p7-detached-sign

11 years agoAdded gnutls_pkcs7_sign()
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 10:58:34 +0000 (12:58 +0200)] 
Added gnutls_pkcs7_sign()

11 years agoAdded gnutls_pkcs7_get_crl_raw2
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 09:13:41 +0000 (11:13 +0200)] 
Added gnutls_pkcs7_get_crl_raw2

11 years agocerttool: print the signing time when available
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 09:00:39 +0000 (11:00 +0200)] 
certtool: print the signing time when available

11 years agopkcs7 verification: parse the signing time
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 09:00:26 +0000 (11:00 +0200)] 
pkcs7 verification: parse the signing time

11 years agoon PKCS #7 verification check the the content type matches the signed data
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 07:54:38 +0000 (09:54 +0200)] 
on PKCS #7 verification check the the content type matches the signed data

11 years agocerttool: print more info about the PKCS #7 struct
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 07:22:36 +0000 (09:22 +0200)] 
certtool: print more info about the PKCS #7 struct

11 years agocerttool: allow verification against a direct PKCS #7 signer
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 07:15:53 +0000 (09:15 +0200)] 
certtool: allow verification against a direct PKCS #7 signer

11 years agotests: added checks with PKCS #7 detached data
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 07:05:27 +0000 (09:05 +0200)] 
tests: added checks with PKCS #7 detached data

11 years agopkcs7 verification: return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE when no encapsulated...
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 07:03:34 +0000 (09:03 +0200)] 
pkcs7 verification: return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE when no encapsulated data exist

11 years agocerttool: allow verifying PKCS #7 with detached data
Nikos Mavrogiannopoulos [Tue, 2 Jun 2015 06:57:34 +0000 (08:57 +0200)] 
certtool: allow verifying PKCS #7 with detached data

11 years agocerttool: improved PKCS #7 verification output
Nikos Mavrogiannopoulos [Mon, 1 Jun 2015 19:37:44 +0000 (21:37 +0200)] 
certtool: improved PKCS #7 verification output

11 years agotests: check the key purpose in PKCS #7 verification
Nikos Mavrogiannopoulos [Mon, 1 Jun 2015 19:33:02 +0000 (21:33 +0200)] 
tests: check the key purpose in PKCS #7 verification

11 years agotests: added PKCS #7 test with more than 1 certs
Nikos Mavrogiannopoulos [Mon, 1 Jun 2015 18:07:57 +0000 (20:07 +0200)] 
tests: added PKCS #7 test with more than 1 certs

11 years agocerttool: allow verification of PKCS #7 structures
Nikos Mavrogiannopoulos [Mon, 1 Jun 2015 16:56:51 +0000 (18:56 +0200)] 
certtool: allow verification of PKCS #7 structures

11 years agoInitialization of gnutls_x509_dn_t was modified to allow deinitialization after failure
Nikos Mavrogiannopoulos [Mon, 1 Jun 2015 16:55:37 +0000 (18:55 +0200)] 
Initialization of gnutls_x509_dn_t was modified to allow deinitialization after failure

11 years agoAdded PKCS #7 signature(s) verification
Nikos Mavrogiannopoulos [Mon, 1 Jun 2015 13:19:03 +0000 (15:19 +0200)] 
Added PKCS #7 signature(s) verification

11 years agoAdded gnutls_pkcs11_get_raw_issuer_by_subject_key_id and gnutls_x509_trust_list_get_i...
Nikos Mavrogiannopoulos [Mon, 1 Jun 2015 13:13:10 +0000 (15:13 +0200)] 
Added gnutls_pkcs11_get_raw_issuer_by_subject_key_id and gnutls_x509_trust_list_get_issuer_by_subject_key_id

11 years agotests: added check for gnutls_x509_dn_get_str
Nikos Mavrogiannopoulos [Mon, 1 Jun 2015 12:34:57 +0000 (14:34 +0200)] 
tests: added check for gnutls_x509_dn_get_str

11 years agoadded gnutls_x509_dn_get_str
Nikos Mavrogiannopoulos [Mon, 1 Jun 2015 12:26:19 +0000 (14:26 +0200)] 
added gnutls_x509_dn_get_str

11 years agodoc update
Nikos Mavrogiannopoulos [Mon, 1 Jun 2015 09:52:58 +0000 (11:52 +0200)] 
doc update

11 years agoAdded gnutls_x509_crt_verify_data2() and kept gnutls_privkey_sign_data()
Nikos Mavrogiannopoulos [Mon, 1 Jun 2015 09:51:32 +0000 (11:51 +0200)] 
Added gnutls_x509_crt_verify_data2() and kept gnutls_privkey_sign_data()