Commit Graph

265 Commits

Author SHA1 Message Date
Paul Bakker
05ef835b6a - Added support for Hardware Acceleration hooking in SSL/TLS 2012-05-08 09:17:57 +00:00
Paul Bakker
430ffbe564 - Fixed potential heap corruption in x509_name allocation 2012-05-01 08:14:20 +00:00
Paul Bakker
aec37cb653 - Added extra sanity check to DHM values 2012-04-26 18:59:59 +00:00
Paul Bakker
279432a7c0 - Fixed size of clean 2012-04-26 10:09:35 +00:00
Paul Bakker
901c65620e - Fill full buffer (Wrong parameter usage) 2012-04-20 13:25:38 +00:00
Paul Bakker
380da53c48 - Abstracted checksum updating during handshake 2012-04-18 16:10:25 +00:00
Paul Bakker
ca4ab49158 - Added GCM ciphersuites to TLS implementation 2012-04-18 14:23:57 +00:00
Paul Bakker
d8ef167833 - Updated for latest GCM error 2012-04-18 14:17:32 +00:00
Paul Bakker
fc5183cf5d - Added input checking and more efficient buffer overlap use 2012-04-18 14:17:01 +00:00
Paul Bakker
369e14bbf1 - Small code rewrite 2012-04-18 14:16:09 +00:00
Paul Bakker
030277ab1e - Updated error.c to include GCM errors 2012-04-17 12:24:26 +00:00
Paul Bakker
13ed9ab921 - Removed unused variable 2012-04-16 09:43:49 +00:00
Paul Bakker
0a9251870a - Report unexpected_message if unknown record type is received 2012-04-16 06:46:41 +00:00
Paul Bakker
10cd225962 - Added support for the SHA256 ciphersuites of AES and Camellia 2012-04-12 21:26:34 +00:00
Paul Bakker
bf63b36127 - Updated comments 2012-04-12 20:44:34 +00:00
Paul Bakker
c3f177a77b - Added client side support for signature_algorithm extension and affiliated handling 2012-04-11 16:11:49 +00:00
Paul Bakker
1ef83d66dd - Initial bare version of TLS 1.2 2012-04-11 12:09:53 +00:00
Paul Bakker
f34cf85534 - Fixed too restrictive test 2012-04-10 07:48:40 +00:00
Paul Bakker
96d42da8fe - Removed debug value 2012-04-05 13:22:07 +00:00
Paul Bakker
c7ffd36a97 - Added automatic debug flags to CFLAGS if DEBUG is set in shell 2012-04-05 12:08:29 +00:00
Paul Bakker
452d532955 - Fixed potential memory corruption on miscrafted client messages (found by Frama-C team at CEA LIST) 2012-04-05 12:07:34 +00:00
Paul Bakker
6126481796 - Added compat for sun in net.c 2012-04-03 07:54:30 +00:00
Paul Bakker
56a7684023 - Added alternative for SHA1 signature structure to check for (without NULL) 2012-03-22 15:31:27 +00:00
Paul Bakker
0c8f73ba8b - Fixed a mistake in mpi_cmp_mpi() where longer B values are handled wrong 2012-03-22 14:08:57 +00:00
Paul Bakker
f9169629c9 - Removed unused variables 2012-03-20 15:05:51 +00:00
Paul Bakker
89e80c9a43 - Added base Galois/Counter mode (GCM) for AES 2012-03-20 13:50:09 +00:00
Paul Bakker
b6ad62dd21 - Added missing x509write.c 2012-03-20 13:41:33 +00:00
Paul Bakker
02f61692ef - Removed trailing char 2012-03-15 10:54:25 +00:00
Paul Bakker
f654371b2b - Only include dependencies when required 2012-03-05 14:01:29 +00:00
Paul Bakker
ad8d354a1a - Updated RFC ref 2012-02-16 15:28:14 +00:00
Paul Bakker
3cac5e012b - x509_write_cert_req() now supports all available hash functions 2012-02-16 14:08:06 +00:00
Paul Bakker
058881547f - Certificate Requests written now have the Email address written in IA5String 2012-02-16 10:26:57 +00:00
Paul Bakker
bdb912db69 - Added preliminary ASN.1 buffer writing support
- Added preliminary X509 Certificate Request writing support
 - Added key_app_writer example application
 - Added cert_req example application
2012-02-13 23:11:30 +00:00
Paul Bakker
048d04ef4b - AES code only check for Padlock once 2012-02-12 17:31:04 +00:00
Paul Bakker
39dfdaca8f - Fixed mpi_fill_random() to fill and create right size MPI 2012-02-12 17:17:27 +00:00
Paul Bakker
8afa70dcd5 - Clean Subject Alternative Name data 2012-02-11 18:42:45 +00:00
Paul Bakker
57b12982b3 - Multi-domain certificates support wildcards as well 2012-02-11 17:38:38 +00:00
Paul Bakker
1504af585c - Removed redundant POLARSSL_DEBUG_MSG define 2012-02-11 16:17:43 +00:00
Paul Bakker
a8cd239d6b - Added support for wildcard certificates
- Added support for multi-domain certificates through the X509 Subject Alternative Name extension
2012-02-11 16:09:32 +00:00
Paul Bakker
fab5c829e7 - Added support for NULL cipher (POLARSSL_CIPHER_NULL_CIPHER) and weak ciphersuites (POLARSSL_ENABLE_WEAK_CIPHERSUITES). They are disabled by default! 2012-02-06 16:45:10 +00:00
Paul Bakker
3c18a830b3 - Made changes for 1.1.1 release 2012-01-23 09:44:43 +00:00
Paul Bakker
17caec12af - Changed back statement 2012-01-22 20:37:32 +00:00
Paul Bakker
e88186d2ff - Fixed selftest for CTR_DRBG 2012-01-22 20:29:47 +00:00
Paul Bakker
cf0360a14e - Fixed compiler error on 64-bit systems not using GCC
- t_udbl optimization now also works on platforms that did not define POLARSSL_HAVE_LONGLONG
2012-01-20 10:08:14 +00:00
Paul Bakker
ec1b9842c4 - Fixed type of length in get_pkcs_padding() 2012-01-14 18:24:43 +00:00
Paul Bakker
87e5cdad5b - Fixed warning for t if no debugging defined 2012-01-14 18:14:15 +00:00
Paul Bakker
ed375caa3b - Fixed signed status of ret 2012-01-14 18:10:38 +00:00
Paul Bakker
8913f82c26 - Fixed compiler warning for unreferenced ret in md_file() when POLARSSL_FS_IO not declared 2012-01-14 18:07:41 +00:00
Paul Bakker
b15b851d6d - Check for failed malloc() in ssl_set_hostname() and x509_get_entries() (Closes ticket #47, found by Hugo Leisink) 2012-01-13 13:44:06 +00:00
Paul Bakker
394c56f854 - Support for FreeBSD _SOCKLEN_T_DECLARED 2011-12-20 12:19:03 +00:00