Paul Bakker
66c4810ffe
Better handling of ciphersuite version range and forced version in
...
ssl_client2
2013-07-26 14:05:32 +02:00
Paul Bakker
6c85279719
Newline fixes in help text for ssl_client2 / ssl_server2
2013-07-26 14:02:13 +02:00
Paul Bakker
52cf16caeb
Fixed multiple use of GCM-context bug due to split-up of GCM functions
2013-07-26 13:56:22 +02:00
Paul Bakker
d6f41c5bcd
Fixed size of ctx_enc / ctx_dec in ssl for gcm_context size
2013-07-25 17:01:54 +02:00
Paul Bakker
524691c0a0
Added --modes option to tests/compat.sh
2013-07-25 17:01:20 +02:00
Paul Bakker
f16db18c55
Fixed header file comments on ciphersuites
2013-07-25 11:30:31 +02:00
Paul Bakker
d9ca94a677
Updated merged pk.c and x509parse.c changes with new memory allocation functions
2013-07-25 11:25:09 +02:00
Paul Bakker
dbd79ca617
ssl_client2 and ssl_server2 now exit with 1 on errors (shell
...
limitations)
2013-07-24 16:28:35 +02:00
Paul Bakker
f85778efb0
Updated Changelog for EC Key / Cert and RFC 6066 extensions
2013-07-19 14:55:25 +02:00
Paul Bakker
872c29b705
Merge branch 'truncated-hmac' into development
2013-07-19 14:52:07 +02:00
Paul Bakker
8c1ede655f
Changed prototype for ssl_set_truncated_hmac() to allow disabling
2013-07-19 14:51:47 +02:00
Manuel Pégourié-Gonnard
277f7f23e2
Implement hmac truncation
2013-07-19 14:51:47 +02:00
Manuel Pégourié-Gonnard
57c2852807
Added truncated hmac negociation (without effect)
2013-07-19 14:51:47 +02:00
Manuel Pégourié-Gonnard
e980a994f0
Add interface for truncated hmac
2013-07-19 14:51:47 +02:00
Paul Bakker
5b55b79021
Better handling of ciphersuite version range and forced version in
...
ssl_server2
2013-07-19 14:51:31 +02:00
Paul Bakker
bd5fd4d1da
RFC6229 ARC4 test vectors added to testsuite
2013-07-19 14:51:31 +02:00
Paul Bakker
accd4eb665
compat.sh now has -f command-line option to filter used ciphersuites
2013-07-19 14:51:31 +02:00
Paul Bakker
a7eaba5ef9
Merge branch 'maximum-fragment-length' into development
2013-07-19 14:51:13 +02:00
Manuel Pégourié-Gonnard
e048b67d0a
Misc minor fixes
...
- avoid "multi-line comment" warning in ssl_client2.c
- rm useless initialisation of mfl_code in ssl_init()
- const-correctness of ssl_parse_*_ext()
- a code formating issue
2013-07-19 12:56:08 +02:00
Manuel Pégourié-Gonnard
0c017a55e0
Add max_frag_len option in ssl_server2
...
Also reformat code and output more information in ssl_client2
2013-07-18 14:07:36 +02:00
Manuel Pégourié-Gonnard
ed4af8b57c
Move negotiated max fragment length to session
...
User-set max fragment length remains in ssl_context.
The min of the two is used for sizing fragments.
2013-07-18 14:07:09 +02:00
Manuel Pégourié-Gonnard
581e6b6d6c
Prepare migrating max fragment length to session
...
Remove max_frag_len member so that reseting session by memset()ing it to zero
does the right thing.
2013-07-18 12:32:27 +02:00
Paul Bakker
8e714d7aca
Modified LONG_RESPONSE and comments in ssl_server2
2013-07-18 11:23:48 +02:00
Manuel Pégourié-Gonnard
bd7ce63115
Adapt ssl_server2 to test sending long messages
2013-07-18 11:23:48 +02:00
Manuel Pégourié-Gonnard
6b4f237f6a
Forbid setting max_frag_len > MAX_CONTENT_LEN
2013-07-18 11:23:48 +02:00
Manuel Pégourié-Gonnard
30dc7ef3ad
Reset max_fragment_length in ssl_session_reset()
2013-07-18 11:23:48 +02:00
Manuel Pégourié-Gonnard
7bb7899121
Send max_fragment_length extension (server)
2013-07-18 11:23:48 +02:00
Manuel Pégourié-Gonnard
f11a6d78c7
Rework server extensions writing
2013-07-18 11:23:38 +02:00
Manuel Pégourié-Gonnard
de600e571a
Read max_fragment_length extension (client)
2013-07-18 11:18:14 +02:00
Manuel Pégourié-Gonnard
a052849640
Send max_fragment_length extension (client)
2013-07-18 11:18:14 +02:00
Manuel Pégourié-Gonnard
48f8d0dbbd
Read max_fragment_length extension (server)
2013-07-18 11:18:14 +02:00
Manuel Pégourié-Gonnard
787b658bb3
Implement max_frag_len write restriction
2013-07-18 11:18:14 +02:00
Manuel Pégourié-Gonnard
0df6b1f068
ssl_client2: add max_frag_len option
2013-07-18 11:18:13 +02:00
Manuel Pégourié-Gonnard
8b46459ae5
Add ssl_set_max_frag_len()
2013-07-18 11:18:13 +02:00
Paul Bakker
de9f9efc2e
Merge branch 'parse-ec-crt' into development
2013-07-17 16:00:33 +02:00
Manuel Pégourié-Gonnard
c2c90031ec
Fix pk_set_type() behaviour for unkown type
2013-07-17 15:59:44 +02:00
Manuel Pégourié-Gonnard
14d8564402
Fix overflow check in oid_get_numeric_string()
...
(The fix in 791eed3
was wrong.)
2013-07-17 15:59:44 +02:00
Manuel Pégourié-Gonnard
4f47538ad8
Fix some 'depends' in tests
2013-07-17 15:59:44 +02:00
Manuel Pégourié-Gonnard
fd5164e283
Fix some more ifdef's RSA/EC, in pk and debug
2013-07-17 15:59:44 +02:00
Manuel Pégourié-Gonnard
ab2d9836b4
Fix some ifdef's in x509parse
...
While at it:
- move _rsa variants systematically after generic functions
- unsplit x509parse_key_pkcs8_encrypted_der() (reverts a5d9974
)
2013-07-17 15:59:44 +02:00
Manuel Pégourié-Gonnard
96f3a4e1b3
Rm ecp_keypair.alg
...
Avoid duplicating information already present in pk_context.
2013-07-17 15:59:44 +02:00
Manuel Pégourié-Gonnard
8b863cd641
Merge EC & RSA versions of x509_parse_key()
2013-07-17 15:59:44 +02:00
Manuel Pégourié-Gonnard
6e88202a95
Merge EC & RSA versions of parse_pkcs8_unencrypted
2013-07-17 15:59:43 +02:00
Manuel Pégourié-Gonnard
a2d4e644ac
Some more EC pubkey parsing refactoring
...
Fix a bug in pk_rsa() and pk_ec() along the way
2013-07-17 15:59:43 +02:00
Manuel Pégourié-Gonnard
1c808a011c
Refactor some EC key parsing code
2013-07-17 15:59:43 +02:00
Manuel Pégourié-Gonnard
be50680a8c
Fix use of x509_cert.rsa in programs
2013-07-17 15:59:43 +02:00
Manuel Pégourié-Gonnard
991d0f5aca
Remove rsa member from x509_cert structure
2013-07-17 15:59:42 +02:00
Manuel Pégourié-Gonnard
ff56da3a26
Fix direct uses of x509_cert.rsa, now use pk_rsa()
2013-07-17 15:59:42 +02:00
Manuel Pégourié-Gonnard
893879adbd
Adapt debug_print_crt() for EC keys
2013-07-17 15:59:42 +02:00
Manuel Pégourié-Gonnard
a3c86c334c
Certificates with EC key and/or sig parsed
2013-07-17 15:59:42 +02:00