Paul Bakker
|
1ebc0c592c
|
Fix typos
|
2014-05-22 15:47:58 +02:00 |
|
Paul Bakker
|
b5212b436f
|
Merge CCM cipher mode and ciphersuites
Conflicts:
library/ssl_tls.c
|
2014-05-22 15:30:31 +02:00 |
|
Paul Bakker
|
0c5e4290e1
|
benchmark application also works without POLARSSL_ERROR_C
|
2014-05-22 14:11:13 +02:00 |
|
Manuel Pégourié-Gonnard
|
58d78a8d70
|
Add CCM to benchmark
|
2014-05-14 14:10:35 +02:00 |
|
Manuel Pégourié-Gonnard
|
a6916fada8
|
Add (placeholder) CCM module
|
2014-05-06 11:28:09 +02:00 |
|
Paul Bakker
|
525f87559f
|
Cast alpn_list to void * to prevent MSVC compiler warnings
|
2014-05-01 10:59:27 +02:00 |
|
Manuel Pégourié-Gonnard
|
cef4ad2509
|
Adapt sources to configurable config.h name
|
2014-04-30 16:40:20 +02:00 |
|
Paul Bakker
|
c73079a78c
|
Add debug_set_threshold() and thresholding of messages
|
2014-04-25 16:58:16 +02:00 |
|
Paul Bakker
|
93c32b21b3
|
Allow ssl_client to pad request to SSL_MAX_CONTENT_LEN
|
2014-04-25 16:58:12 +02:00 |
|
Paul Bakker
|
fdba46885b
|
cert_write app should use subject of issuer certificate as issuer of cert
|
2014-04-25 11:48:35 +02:00 |
|
Paul Bakker
|
8a0c0a9ed9
|
Check additional return values in some test cases
|
2014-04-17 17:24:23 +02:00 |
|
Paul Bakker
|
df71dd1618
|
Cleaner initialization (values did not matter, but were uninitialized)
|
2014-04-17 16:03:48 +02:00 |
|
Paul Bakker
|
030decdb4e
|
Actually increment the loop counter to quit in ssl_fork_server
|
2014-04-17 16:03:23 +02:00 |
|
Paul Bakker
|
0c22610693
|
Cleaned up location of init and free for some programs to prevent memory
leaks on incorrect arguments
|
2014-04-17 16:02:36 +02:00 |
|
Paul Bakker
|
cbe3d0d5cc
|
Added return value checking for correctness in programs
|
2014-04-17 16:00:59 +02:00 |
|
Paul Bakker
|
1cfc45835f
|
Add option 'use_dev_random' to gen_key application
|
2014-04-09 15:49:58 +02:00 |
|
Manuel Pégourié-Gonnard
|
0f79babd4b
|
Disable timing_selftest() for now
|
2014-04-09 15:49:51 +02:00 |
|
Paul Bakker
|
17b85cbd69
|
Merged additional tests and improved code coverage
Conflicts:
ChangeLog
|
2014-04-08 14:38:48 +02:00 |
|
Paul Bakker
|
0763a401a7
|
Merged support for the ALPN extension
|
2014-04-08 14:37:12 +02:00 |
|
Shuo Chen
|
95a0d118a9
|
Fix compile error when POLARSSL_ERROR_STRERROR_BC is undefined.
|
2014-04-08 10:53:51 +02:00 |
|
Manuel Pégourié-Gonnard
|
1bd2281260
|
Add an alpn option to ssl_client2 and ssl_server2
|
2014-04-05 14:51:42 +02:00 |
|
Manuel Pégourié-Gonnard
|
13a1ef8600
|
Misc selftest adjustements
|
2014-04-04 16:33:01 +02:00 |
|
Manuel Pégourié-Gonnard
|
470fc935b5
|
Add timing_self_test() with consistency tests
|
2014-04-04 16:33:01 +02:00 |
|
Manuel Pégourié-Gonnard
|
388dac4037
|
Still test pbkdf2 while it's there
|
2014-04-04 16:33:00 +02:00 |
|
Manuel Pégourié-Gonnard
|
6b0d268bc9
|
Add ssl_close_notify() to servers that missed it
|
2014-03-31 11:28:11 +02:00 |
|
Manuel Pégourié-Gonnard
|
00d538f8f9
|
Disable renegotiation by default in example cli/srv
|
2014-03-31 11:03:06 +02:00 |
|
Paul Bakker
|
5a1d687274
|
Fixed typo introduced in 486485b
|
2014-03-26 11:20:05 +01:00 |
|
Manuel Pégourié-Gonnard
|
486485bc07
|
PBKDF2 -> PKCS5 in selftest.c
|
2014-03-20 09:59:51 +01:00 |
|
Paul Bakker
|
a4b0343edf
|
Merged massive SSL Testing improvements
|
2014-03-14 16:30:36 +01:00 |
|
Manuel Pégourié-Gonnard
|
84fd6877c6
|
Use ssl_client2 to terminate ssl_server2
|
2014-03-14 08:41:02 +01:00 |
|
Manuel Pégourié-Gonnard
|
5b2d776d2a
|
GnuTLS in compat.sh: server-side
|
2014-03-14 08:41:02 +01:00 |
|
Manuel Pégourié-Gonnard
|
3e1b178ba2
|
Add options for no certificates in test srv/cli
|
2014-03-14 08:41:02 +01:00 |
|
Manuel Pégourié-Gonnard
|
5575316385
|
Add options for non-blocking I/O in test cli & srv
|
2014-03-14 08:41:01 +01:00 |
|
Manuel Pégourié-Gonnard
|
0d8780b2cd
|
Add a server_adrr option to ssl_client2
|
2014-03-14 08:41:01 +01:00 |
|
Manuel Pégourié-Gonnard
|
5d917ff6a8
|
Add a 'sni' option to ssl_server2
|
2014-03-14 08:41:01 +01:00 |
|
Manuel Pégourié-Gonnard
|
dbe1ee1988
|
Add tests for session ticket lifetime
|
2014-03-14 08:41:00 +01:00 |
|
Manuel Pégourié-Gonnard
|
c55a5b7d6f
|
Add tests for cache timeout
|
2014-03-14 08:41:00 +01:00 |
|
Manuel Pégourié-Gonnard
|
4c88345f19
|
Add test for ssl_cache max_entries
|
2014-03-14 08:41:00 +01:00 |
|
Manuel Pégourié-Gonnard
|
780d671f9d
|
Add tests for renegotiation
|
2014-03-14 08:41:00 +01:00 |
|
Manuel Pégourié-Gonnard
|
2fc243d06a
|
Rearrange help messages of example cli/srv
|
2014-03-14 08:41:00 +01:00 |
|
Manuel Pégourié-Gonnard
|
fcf2fc2960
|
Make auth_mode=required the default in ssl_client2
|
2014-03-13 19:25:07 +01:00 |
|
Manuel Pégourié-Gonnard
|
844a4c0aef
|
Fix RSASSA-PSS example programs
|
2014-03-13 19:25:06 +01:00 |
|
Manuel Pégourié-Gonnard
|
c580a00e3c
|
Print protocol version in example cli/srv
|
2014-02-12 10:15:30 +01:00 |
|
Paul Bakker
|
64abd83b67
|
Fixed file descriptor leak in generic_sum
|
2014-02-06 15:03:06 +01:00 |
|
Paul Bakker
|
247b487d61
|
Missing 'else' in gen_key
|
2014-02-06 14:33:52 +01:00 |
|
Gergely Budai
|
a5d336bcec
|
Increase title size (fits to increased curve names). Give verbose errors on failures.
|
2014-02-06 10:28:38 +01:00 |
|
Manuel Pégourié-Gonnard
|
79afaa0551
|
Add hmac_drbg_selftest()
|
2014-01-31 11:52:14 +01:00 |
|
Manuel Pégourié-Gonnard
|
fef0f8f55a
|
Add HMAC_DRBG to benchmark
|
2014-01-30 23:17:33 +01:00 |
|
Paul Bakker
|
d75ba40cc3
|
SMTP lines are officially terminated with CRLF, ssl_mail_client fixed
|
2014-01-24 16:12:18 +01:00 |
|
Paul Bakker
|
5eb264cfa7
|
Minor fixes to o_p_test.c (CMakeLists.txt and includes)
|
2014-01-23 15:47:29 +01:00 |
|
Paul Bakker
|
5862eee4ca
|
Merged RIPEMD-160 support
|
2014-01-22 14:18:34 +01:00 |
|
Paul Bakker
|
61b699ed1b
|
Renamed RMD160 to RIPEMD160
|
2014-01-22 14:17:31 +01:00 |
|
Manuel Pégourié-Gonnard
|
2f5217ea02
|
Gitignore ssl_pthread_server
|
2014-01-22 12:56:06 +01:00 |
|
Manuel Pégourié-Gonnard
|
1744d72902
|
Add RIPEMD-160 to selftest
|
2014-01-17 14:46:36 +01:00 |
|
Manuel Pégourié-Gonnard
|
01b0b38421
|
Add RIPEMD-160 to benchmark
|
2014-01-17 14:29:46 +01:00 |
|
Paul Bakker
|
caf0e60969
|
Forced cast to unsigned int for %u format in the ecdsa application
|
2013-12-30 19:15:48 +01:00 |
|
Paul Bakker
|
f0fc2a27b0
|
Properly put the pragma comment for the MSVC linker in defines
|
2013-12-30 15:42:43 +01:00 |
|
Paul Bakker
|
29e86eae29
|
Removed 'z' length modifier from format in ecdsa program
|
2013-12-30 15:38:48 +01:00 |
|
Paul Bakker
|
3e72f6effd
|
Only search for Pthread on Windows platforms
|
2013-12-30 15:28:46 +01:00 |
|
Paul Bakker
|
f9c4953e39
|
Added version of the SSL pthread server example
|
2013-12-30 14:55:54 +01:00 |
|
Paul Bakker
|
5a607d26b7
|
Merged IPv6 support in the NET module
|
2013-12-17 14:34:19 +01:00 |
|
Paul Bakker
|
f70fe81a6e
|
Fixed memory leak in benchmark application
|
2013-12-17 13:09:12 +01:00 |
|
Manuel Pégourié-Gonnard
|
18d31f8e59
|
Make listening address configurable in ssl_server2
|
2013-12-17 12:00:57 +01:00 |
|
Paul Bakker
|
014f143c2a
|
Merged EC key generation support
|
2013-12-02 14:55:09 +01:00 |
|
Manuel Pégourié-Gonnard
|
6e16cdb37c
|
Allow curve selection in gen_key
|
2013-11-30 15:32:47 +01:00 |
|
Paul Bakker
|
fdda785248
|
Removed dependency on unistd.h for MSVC in apps
|
2013-11-30 15:15:31 +01:00 |
|
Paul Bakker
|
840ab20ea2
|
Explicit conversions to int from size_t for MSVC (64-bit) in apps
|
2013-11-30 15:14:38 +01:00 |
|
Paul Bakker
|
c97f9f6465
|
Removed making commandline arguments case insensitive
|
2013-11-30 15:14:11 +01:00 |
|
Manuel Pégourié-Gonnard
|
49d738b50d
|
Ignore file generated by gen_key
|
2013-11-30 14:39:15 +01:00 |
|
Manuel Pégourié-Gonnard
|
8c237710a0
|
Start adding EC support in gen_key
|
2013-11-30 14:36:54 +01:00 |
|
Paul Bakker
|
a8239a4490
|
Removed Windows auto-spawn client code
|
2013-11-29 11:16:37 +01:00 |
|
Manuel Pégourié-Gonnard
|
0f2eacbd09
|
crypt_and_hash: check MAC earlier
|
2013-11-26 15:19:57 +01:00 |
|
Paul Bakker
|
e4c71f0e11
|
Merged Prime generation improvements
|
2013-11-25 14:27:28 +01:00 |
|
Paul Bakker
|
8fc30b178c
|
Various const fixes
|
2013-11-25 13:29:43 +01:00 |
|
Manuel Pégourié-Gonnard
|
5e1e61124a
|
Insert warning about time in dh_genprime
|
2013-11-22 21:16:10 +01:00 |
|
Paul Bakker
|
993e386a73
|
Merged renegotiation refactoring
|
2013-10-31 14:32:38 +01:00 |
|
Manuel Pégourié-Gonnard
|
291f9af935
|
Make all hash checking in programs constant-time
|
2013-10-31 14:22:27 +01:00 |
|
Paul Bakker
|
424cd6943c
|
Check HMAC in constant-time in crypt_and_hash
|
2013-10-31 14:22:08 +01:00 |
|
Manuel Pégourié-Gonnard
|
6d8404d6ba
|
Server: enforce renegotiation
|
2013-10-30 16:48:10 +01:00 |
|
Manuel Pégourié-Gonnard
|
9c1e1898b6
|
Move some code around, improve documentation
|
2013-10-30 16:48:09 +01:00 |
|
Manuel Pégourié-Gonnard
|
f3dc2f6a1d
|
Add code for testing server-initiated renegotiation
|
2013-10-30 16:46:46 +01:00 |
|
Manuel Pégourié-Gonnard
|
53b3e0603b
|
Add code for testing client-initiated renegotiation
|
2013-10-30 16:46:46 +01:00 |
|
Paul Bakker
|
60b1d10131
|
Fixed spelling / typos (from PowerDNS:codespell)
|
2013-10-29 10:02:51 +01:00 |
|
Paul Bakker
|
93c6aa4014
|
Fixed that selfsign copies issuer_name to subject_name
|
2013-10-28 22:29:11 +01:00 |
|
Paul Bakker
|
08bb187bb6
|
Merged Public Key framwork tests
|
2013-10-28 14:11:09 +01:00 |
|
Manuel Pégourié-Gonnard
|
3daaf3d21d
|
X509 key identifiers depend on SHA1
|
2013-10-28 13:58:32 +01:00 |
|
Manuel Pégourié-Gonnard
|
b0a467fdbe
|
Start adding a PK test suite
|
2013-10-15 15:19:59 +02:00 |
|
Paul Bakker
|
f34673e37b
|
Merged RSA-PSK key-exchange and ciphersuites
|
2013-10-15 12:46:41 +02:00 |
|
Paul Bakker
|
376e8153a0
|
Merged ECDHE-PSK ciphersuites
|
2013-10-15 12:45:36 +02:00 |
|
Manuel Pégourié-Gonnard
|
8a3c64d73f
|
Fix and simplify *-PSK ifdef's
|
2013-10-14 19:54:10 +02:00 |
|
Manuel Pégourié-Gonnard
|
1b62c7f93d
|
Fix dependencies and related issues
|
2013-10-14 14:02:19 +02:00 |
|
Paul Bakker
|
b799dec4c0
|
Merged support for Brainpool curves and ciphersuites
|
2013-10-11 10:05:43 +02:00 |
|
Manuel Pégourié-Gonnard
|
2f77ce3658
|
Fix forgotten snprintf define for MSVC
|
2013-10-11 09:17:19 +02:00 |
|
Manuel Pégourié-Gonnard
|
22f64c8a9a
|
Cosmetics in benchmark
|
2013-10-10 13:21:48 +02:00 |
|
Paul Bakker
|
1337affc91
|
Buffer allocator threading support
|
2013-09-29 15:02:11 +02:00 |
|
Paul Bakker
|
1ffefaca1e
|
Introduced entropy_free()
|
2013-09-29 15:01:42 +02:00 |
|
Paul Bakker
|
396333e0a3
|
Updated ssl_test to handle EOF return value
|
2013-09-28 11:08:43 +02:00 |
|
Manuel Pégourié-Gonnard
|
a0fdf8b0a0
|
Simplify the way default certs are used
|
2013-09-25 14:05:49 +02:00 |
|
Manuel Pégourié-Gonnard
|
641de714b6
|
Use both RSA and ECDSA CA if available
|
2013-09-25 13:23:33 +02:00 |
|
Manuel Pégourié-Gonnard
|
ac8474fb1c
|
Changed default cert loading in ssl_server2
|
2013-09-25 11:35:15 +02:00 |
|
Manuel Pégourié-Gonnard
|
b095a7bf29
|
Offer both RSA and ECDSA by default in ssl_server2
|
2013-09-24 21:25:54 +02:00 |
|
Manuel Pégourié-Gonnard
|
3ebb2cdb52
|
Add support for multiple server certificates
|
2013-09-24 21:25:53 +02:00 |
|
Manuel Pégourié-Gonnard
|
cbf3ef3861
|
RSA and ECDSA key exchanges don't depend on CRL
|
2013-09-24 21:25:53 +02:00 |
|
Paul Bakker
|
15b9b3a7e0
|
Key generation tool
|
2013-09-23 13:25:44 +02:00 |
|
Manuel Pégourié-Gonnard
|
abd6e02b7b
|
Rm _CRT_SECURE_NO_DEPRECATE for programs
(Already in config.h.)
|
2013-09-20 16:51:13 +02:00 |
|
Manuel Pégourié-Gonnard
|
3bd2aae5a5
|
Add forgotten initializations
|
2013-09-20 16:51:13 +02:00 |
|
Manuel Pégourié-Gonnard
|
7831b0cb3c
|
A few more issues with small configurations
|
2013-09-20 12:30:21 +02:00 |
|
Manuel Pégourié-Gonnard
|
a7496f00ff
|
Fix a few more warnings in small configurations
|
2013-09-20 11:29:59 +02:00 |
|
Manuel Pégourié-Gonnard
|
92e5b59355
|
Fix some dependencies/warnings in programs
|
2013-09-20 10:58:58 +02:00 |
|
Manuel Pégourié-Gonnard
|
da179e4870
|
Add ecp_curve_list(), hide ecp_supported_curves
|
2013-09-18 15:37:44 +02:00 |
|
Manuel Pégourié-Gonnard
|
56cd319f0e
|
Add human-friendly name in ecp_curve_info
|
2013-09-18 15:37:44 +02:00 |
|
Manuel Pégourié-Gonnard
|
803bb312a3
|
Remove ecp-bench (now in general benchmark)
|
2013-09-18 15:37:43 +02:00 |
|
Paul Bakker
|
940f9ce515
|
Added pk_decrypt, pk_encrypt, pk_sign, pk_verify example applications
|
2013-09-18 15:34:57 +02:00 |
|
Paul Bakker
|
2e24ca74b0
|
Updated key_app.c and key_app_writer.c for EC key printing
|
2013-09-18 15:25:16 +02:00 |
|
Manuel Pégourié-Gonnard
|
cc34f95b43
|
Include ECDSA and ECDH in benchmark
|
2013-09-18 14:35:57 +02:00 |
|
Manuel Pégourié-Gonnard
|
ed7cbe92d5
|
Allow selection of what to benchmark
|
2013-09-18 14:35:56 +02:00 |
|
Manuel Pégourié-Gonnard
|
8271f2ffb5
|
Shorten benchmark source using macros and loops
|
2013-09-18 14:35:56 +02:00 |
|
Manuel Pégourié-Gonnard
|
15d5de1969
|
Simplify usage of DHM blinding
|
2013-09-18 14:35:55 +02:00 |
|
Manuel Pégourié-Gonnard
|
568c9cf878
|
Add ecp_supported_curves and simplify some code
|
2013-09-18 14:34:34 +02:00 |
|
Manuel Pégourié-Gonnard
|
1b57878e4a
|
Add missing VS project files, generated by script
|
2013-09-18 14:34:33 +02:00 |
|
Manuel Pégourié-Gonnard
|
68821da01e
|
Fix clang warnings in applications
Some fd would be used uninitialized if we goto exit early.
|
2013-09-18 14:34:33 +02:00 |
|
Manuel Pégourié-Gonnard
|
4cf0686d6d
|
Remove spurious '+ 3' in ecdsa_write_signature()
|
2013-09-18 14:34:33 +02:00 |
|
Paul Bakker
|
c559c7a680
|
Renamed x509_cert structure to x509_crt for consistency
|
2013-09-18 14:32:52 +02:00 |
|
Paul Bakker
|
ddf26b4e38
|
Renamed x509parse_* functions to new form
e.g. x509parse_crtfile -> x509_crt_parse_file
|
2013-09-18 13:46:23 +02:00 |
|
Paul Bakker
|
369d2eb2a2
|
Introduced x509_crt_init(), x509_crl_init() and x509_csr_init()
|
2013-09-18 12:01:43 +02:00 |
|
Paul Bakker
|
86d0c1949e
|
Generalized function names of x509 functions not parse-specific
x509parse_serial_gets -> x509_serial_gets
x509parse_dn_gets -> x509_dn_gets
x509parse_time_expired -> x509_time_expired
|
2013-09-18 12:01:42 +02:00 |
|
Paul Bakker
|
7fc7fa630f
|
cert_write application also works without POLARSSL_X509_CSR_PARSE_C
|
2013-09-17 14:44:00 +02:00 |
|
Paul Bakker
|
36713e8ed9
|
Fixed bunch of X509_PARSE related defines / dependencies
|
2013-09-17 13:25:29 +02:00 |
|
Paul Bakker
|
30520d1776
|
Moved rsa_sign_pss / rsa_verify_pss to use PK for key reading
|
2013-09-17 11:39:31 +02:00 |
|
Paul Bakker
|
1525495330
|
Key app updated to support pk_context / ECP keypairs
|
2013-09-17 11:24:56 +02:00 |
|
Paul Bakker
|
7504d7f806
|
Fixed X509 define in selftest.c
|
2013-09-16 22:56:18 +02:00 |
|
Paul Bakker
|
7c6b2c320e
|
Split up X509 files into smaller modules
|
2013-09-16 21:41:54 +02:00 |
|
Paul Bakker
|
ace02867f6
|
Do not lowercase key values in arguments in cert_app.c
|
2013-09-16 21:40:34 +02:00 |
|
Paul Bakker
|
40ce79f1e6
|
Moved DHM parsing from X509 module to DHM module
|
2013-09-15 17:43:54 +02:00 |
|
Paul Bakker
|
9a97c5d894
|
Fixed warnings in case application dependencies are not met
|
2013-09-15 17:07:33 +02:00 |
|
Paul Bakker
|
c7bb02be77
|
Moved PK key writing from X509 module to PK module
|
2013-09-15 14:54:56 +02:00 |
|
Paul Bakker
|
1a7550ac67
|
Moved PK key parsing from X509 module to PK module
|
2013-09-15 13:47:30 +02:00 |
|
Manuel Pégourié-Gonnard
|
92cb1d3a91
|
Make CBC an option, step 3: individual ciphers
|
2013-09-13 17:25:43 +02:00 |
|
Paul Bakker
|
9013af76a3
|
Merged major refactoring of x509write module into development
This refactoring adds support for proper CSR writing and X509
certificate generation / signing
|
2013-09-12 11:58:04 +02:00 |
|
Manuel Pégourié-Gonnard
|
26b4d45f49
|
Fix key_app_writer
|
2013-09-12 11:57:02 +02:00 |
|
Manuel Pégourié-Gonnard
|
31e59400d2
|
Add missing f_rng/p_rng arguments to x509write_crt
|
2013-09-12 11:57:02 +02:00 |
|
Manuel Pégourié-Gonnard
|
f38e71afd5
|
Convert x509write_crt interface to PK
|
2013-09-12 11:57:02 +02:00 |
|
Manuel Pégourié-Gonnard
|
ee73179b2f
|
Adapt x509write_csr prototypes for PK
|
2013-09-12 11:57:00 +02:00 |
|
Paul Bakker
|
8f0423afbc
|
Fix for benchmark app after GCM refactoring merge
|
2013-09-10 14:51:50 +02:00 |
|
Paul Bakker
|
c0dcf0ceb1
|
Merged blinding additions for EC, RSA and DHM into development
|
2013-09-10 14:44:27 +02:00 |
|
Paul Bakker
|
b2d7f23592
|
Ability to selfsign certificates added to cert_write app
|
2013-09-09 16:24:18 +02:00 |
|
Paul Bakker
|
4122f3eacf
|
Removed POLARSSL_ERROR_C define and added as requirement defing for
cert_req and cert_write apps
|
2013-09-09 16:01:46 +02:00 |
|
Paul Bakker
|
80d44fee2e
|
Moved 'define handling code' to top
|
2013-09-09 15:59:20 +02:00 |
|
Paul Bakker
|
e2673fb34b
|
cert_write app now parses presented CSR for subject name and key
|
2013-09-09 15:56:09 +02:00 |
|
Paul Bakker
|
f9f377e652
|
CSR Parsing (without attributes / extensions) implemented
|
2013-09-09 15:35:10 +02:00 |
|