Manuel Pégourié-Gonnard
|
378fb4b70a
|
Split mpi_is_prime() and make its first arg const
|
2013-11-22 19:40:32 +01:00 |
|
Manuel Pégourié-Gonnard
|
0160eacc82
|
gen_prime: ensure X = 2 mod 3 -> 2.5x speedup
|
2013-11-22 17:54:59 +01:00 |
|
Manuel Pégourié-Gonnard
|
711507a726
|
gen_prime: ensure X = 3 mod 4 always (2x speed-up)
|
2013-11-22 17:35:28 +01:00 |
|
Paul Bakker
|
d1bac4ae55
|
Removed core file
|
2013-11-19 17:37:08 +01:00 |
|
Paul Bakker
|
41d768e7a4
|
Removed debug-only include dirs in VS2010 project file
|
2013-11-19 15:41:58 +01:00 |
|
Paul Bakker
|
08b028ff0f
|
Prevent unlikely NULL dereference
|
2013-11-19 10:42:37 +01:00 |
|
Paul Bakker
|
911807284d
|
bump_version script also handled SOVERSION for library/Makefile
|
2013-11-05 11:28:32 +01:00 |
|
Paul Bakker
|
b076314ff8
|
Makefile now produces a .so.X with SOVERSION in it
|
2013-11-05 11:27:12 +01:00 |
|
Paul Bakker
|
f4dc186818
|
Prep for PolarSSL 1.3.2
|
2013-11-04 17:29:42 +01:00 |
|
Paul Bakker
|
0333b978fa
|
Handshake key_cert should be set on first addition to the key_cert chain
|
2013-11-04 17:08:28 +01:00 |
|
Paul Bakker
|
e1121b6217
|
Update ChangeLog for renegotiation changes
|
2013-10-31 15:57:22 +01:00 |
|
Paul Bakker
|
d46a9f1a82
|
Added missing endif in compat-1.2.h
|
2013-10-31 14:34:19 +01:00 |
|
Paul Bakker
|
993e386a73
|
Merged renegotiation refactoring
|
2013-10-31 14:32:38 +01:00 |
|
Paul Bakker
|
37ce0ff185
|
Added defines around renegotiation code for SSL_SRV and SSL_CLI
|
2013-10-31 14:32:04 +01:00 |
|
Manuel Pégourié-Gonnard
|
31ff1d2e4f
|
Safer buffer comparisons in the SSL modules
|
2013-10-31 14:23:12 +01:00 |
|
Manuel Pégourié-Gonnard
|
291f9af935
|
Make all hash checking in programs constant-time
|
2013-10-31 14:22:27 +01:00 |
|
Paul Bakker
|
424cd6943c
|
Check HMAC in constant-time in crypt_and_hash
|
2013-10-31 14:22:08 +01:00 |
|
Manuel Pégourié-Gonnard
|
6d8404d6ba
|
Server: enforce renegotiation
|
2013-10-30 16:48:10 +01:00 |
|
Manuel Pégourié-Gonnard
|
9c1e1898b6
|
Move some code around, improve documentation
|
2013-10-30 16:48:09 +01:00 |
|
Manuel Pégourié-Gonnard
|
214eed38c7
|
Make ssl_renegotiate the only interface
ssl_write_hello_request() is no private
|
2013-10-30 16:48:09 +01:00 |
|
Manuel Pégourié-Gonnard
|
caed0541a0
|
Allow ssl_renegotiate() to be called in a loop
Previously broken if waiting for network I/O in the middle of a re-handshake
initiated by the client.
|
2013-10-30 16:48:09 +01:00 |
|
Manuel Pégourié-Gonnard
|
e5e1bb972c
|
Fix misplaced initialisation
|
2013-10-30 16:46:46 +01:00 |
|
Manuel Pégourié-Gonnard
|
f3dc2f6a1d
|
Add code for testing server-initiated renegotiation
|
2013-10-30 16:46:46 +01:00 |
|
Manuel Pégourié-Gonnard
|
53b3e0603b
|
Add code for testing client-initiated renegotiation
|
2013-10-30 16:46:46 +01:00 |
|
Paul Bakker
|
0d7702c3ee
|
Minor change that makes life easier for static analyzers / compilers
|
2013-10-29 16:18:35 +01:00 |
|
Paul Bakker
|
6edcd41c0a
|
Addition conditions for UEFI environment under MSVC
|
2013-10-29 15:44:13 +01:00 |
|
Paul Bakker
|
7b0be68977
|
Support for serialNumber, postalAddress and postalCode in X509 names
|
2013-10-29 14:24:37 +01:00 |
|
Paul Bakker
|
fa6a620b75
|
Defines for UEFI environment under MSVC added
|
2013-10-29 14:05:38 +01:00 |
|
Manuel Pégourié-Gonnard
|
178d9bac3c
|
Fix ECDSA corner case: missing reduction mod N
No security issue, can cause valid signatures to be rejected.
Reported by DualTachyon on github.
|
2013-10-29 13:40:17 +01:00 |
|
Paul Bakker
|
60b1d10131
|
Fixed spelling / typos (from PowerDNS:codespell)
|
2013-10-29 10:02:51 +01:00 |
|
Paul Bakker
|
93c6aa4014
|
Fixed that selfsign copies issuer_name to subject_name
|
2013-10-28 22:29:11 +01:00 |
|
Paul Bakker
|
50dc850c52
|
Const correctness
|
2013-10-28 21:19:10 +01:00 |
|
Paul Bakker
|
6a6087e71d
|
Added missing inline definition for MSCV and ARM environments
|
2013-10-28 18:53:08 +01:00 |
|
Paul Bakker
|
3292562a33
|
Fixed Makefile for test_suite_pk
|
2013-10-28 17:32:48 +01:00 |
|
Paul Bakker
|
7bc745b6a1
|
Merged constant-time padding checks
|
2013-10-28 14:40:26 +01:00 |
|
Paul Bakker
|
1642122f8b
|
Merged support for Camellia-GCM + ciphersuite and fixes to cipher layer
|
2013-10-28 14:38:35 +01:00 |
|
Paul Bakker
|
3f917e230d
|
Merged optimizations for MODP NIST curves
|
2013-10-28 14:18:26 +01:00 |
|
Paul Bakker
|
08bb187bb6
|
Merged Public Key framwork tests
|
2013-10-28 14:11:09 +01:00 |
|
Paul Bakker
|
68037da3cd
|
Update Changelog for minor fixes
|
2013-10-28 14:02:40 +01:00 |
|
Manuel Pégourié-Gonnard
|
1001e32d6f
|
Fix return value of ecdsa_from_keypair()
|
2013-10-28 14:01:08 +01:00 |
|
Manuel Pégourié-Gonnard
|
21ef42f257
|
Don't select a PSK ciphersuite if no key available
|
2013-10-28 14:00:45 +01:00 |
|
Manuel Pégourié-Gonnard
|
18dc0e2746
|
CERTS_C depends on PEM_PARSE_C
|
2013-10-28 13:59:26 +01:00 |
|
Manuel Pégourié-Gonnard
|
7c3291ea87
|
Check dependencies of protocol versions on hashes
|
2013-10-28 13:58:56 +01:00 |
|
Manuel Pégourié-Gonnard
|
3daaf3d21d
|
X509 key identifiers depend on SHA1
|
2013-10-28 13:58:32 +01:00 |
|
Manuel Pégourié-Gonnard
|
f8669dabf2
|
Fix error.c test suite relying on old name
|
2013-10-28 13:58:10 +01:00 |
|
Manuel Pégourié-Gonnard
|
c59c9c1453
|
Fix typo in b8012fca (ECP needs at least one curve)
|
2013-10-28 13:57:39 +01:00 |
|
Manuel Pégourié-Gonnard
|
7446833626
|
Fix endianness issue in test helper function
|
2013-10-28 13:02:20 +01:00 |
|
Paul Bakker
|
45a2c8d99a
|
Prevent possible alignment warnings on casting from char * to 'aligned *'
|
2013-10-28 12:57:08 +01:00 |
|
Paul Bakker
|
677377f472
|
Server does not send out extensions not advertised by client
|
2013-10-28 12:54:26 +01:00 |
|
Manuel Pégourié-Gonnard
|
e68bf171eb
|
Make get_zeros_padding() constant-time
|
2013-10-27 18:26:39 +01:00 |
|