Paul Bakker
6992eb762c
Fixed potential overflow in certificate size in ssl_write_certificate()
2013-12-31 11:38:33 +01:00
Paul Bakker
6ea1a95ce8
Added missing MPI_CHK() around some statements
2013-12-31 11:17:14 +01:00
Paul Bakker
5bc07a3d30
Prepped for 1.3.3
2013-12-31 10:57:44 +01:00
Paul Bakker
00f5c52bfe
Added cast to socket() return value to prevent Windows warning
2013-12-31 10:45:16 +01:00
Paul Bakker
c73879139e
Merged ECP memory usage optimizations
2013-12-31 10:33:47 +01:00
Paul Bakker
53e1513fea
Initialize ebx and edx in padlock functions
2013-12-31 09:46:09 +01:00
Manuel Pégourié-Gonnard
26bc1c0f5d
Fix a few unchecked return codes in EC
2013-12-30 19:33:33 +01:00
Paul Bakker
93759b048f
Made AES-NI bit-size specific key expansion functions static
2013-12-30 19:20:06 +01:00
Manuel Pégourié-Gonnard
9e4191c3e7
Add another option to reduce EC memory usage
...
Also document speed/memory trade-offs better.
2013-12-30 19:16:05 +01:00
Manuel Pégourié-Gonnard
70896a023e
Add statistics about number of allocated blocks
2013-12-30 19:16:05 +01:00
Paul Bakker
ec4bea7eee
Forced cast to unsigned int for %u format in ecp_selftest()
2013-12-30 19:04:47 +01:00
Manuel Pégourié-Gonnard
1f789b8348
Lessen peak memory usage in EC by freeing earlier
...
Cuts peak usage by 25% :)
2013-12-30 17:36:54 +01:00
Manuel Pégourié-Gonnard
72c172a13d
Save some small memory allocations inside ecp_mul()
2013-12-30 16:04:55 +01:00
Paul Bakker
f0fc2a27b0
Properly put the pragma comment for the MSVC linker in defines
2013-12-30 15:42:43 +01:00
Paul Bakker
92bcadb110
Removed 'z' length modifier from low-value size_t in ecp_selftest()
2013-12-30 15:37:17 +01:00
Paul Bakker
e7f5133590
Fixed superfluous return value in aesni.c
2013-12-30 15:32:02 +01:00
Paul Bakker
0d0de92156
Only specify done label in aes.c when AES-NI is possible
2013-12-30 15:29:04 +01:00
Paul Bakker
956c9e063d
Reduced the input / output overhead with 200+ bytes and covered corner
...
case
The actual input / output buffer overhead is only 301 instead of 512.
This requires a proper check on the padding_idx to prevent out of bounds
reads.
Previously a remote party could potentially trigger an access error and
thus stop the application when sending a malicious packet having
MAX_CONTENT_LEN of data, 32 bytes of MAC and a decrypted padlen of .
This would result in reading from in_ctr + 13 + 32 + MAX_CONTENT_LEN - 1 - 1
for 256 bytes (including fake padding check). Or 13 + 32 bytes over the
buffer length.
We now reset padding_idx to 0, if it's clear that it will never be a
valid padding (padlen > msg_len || msg_len + padlen + 256 > buffer_len)
2013-12-30 15:00:51 +01:00
Manuel Pégourié-Gonnard
d4588cfb6a
aesni_gcm_mult() now returns void
2013-12-30 13:54:23 +01:00
Manuel Pégourié-Gonnard
bfa3c9a85f
Remove temporary code
2013-12-30 13:53:58 +01:00
Manuel Pégourié-Gonnard
23c2f6fee5
Add AES-NI key expansion for 192 bits
2013-12-29 16:05:22 +01:00
Manuel Pégourié-Gonnard
4a5b995c26
Add AES-NI key expansion for 256 bits
2013-12-29 13:50:32 +01:00
Manuel Pégourié-Gonnard
47a3536a31
Add AES-NI key expansion for 128 bits
2013-12-29 13:28:59 +01:00
Manuel Pégourié-Gonnard
01e31bbffb
Add support for key inversion using AES-NI
2013-12-28 16:22:08 +01:00
Manuel Pégourié-Gonnard
80637c7520
Use aesni_gcm_mult() if available
2013-12-26 16:09:58 +01:00
Manuel Pégourié-Gonnard
d333f67f8c
Add aesni_gcm_mult()
2013-12-26 15:51:13 +01:00
Manuel Pégourié-Gonnard
9d57482280
Add comments on GCM multiplication
2013-12-26 15:51:13 +01:00
Manuel Pégourié-Gonnard
8eaf20b18d
Allow detection of CLMUL
2013-12-26 15:51:13 +01:00
Manuel Pégourié-Gonnard
5b685653ef
Add aesni_crypt_ecb() and use it
2013-12-25 13:03:26 +01:00
Manuel Pégourié-Gonnard
92ac76f9db
Add files for (upcoming) AES-NI support
2013-12-25 13:03:26 +01:00
Paul Bakker
1e5369c7fa
Variables in proper block or within proper defines in ssl_decrypt_buf()
2013-12-19 16:40:57 +01:00
Paul Bakker
0c0476f92d
Disable ecp_use_curve25519() if not POLARSSL_ECP_DP_M255_ENABLED
2013-12-19 16:20:53 +01:00
Paul Bakker
1a56fc96a3
Fixed x509_crt_parse_path() bug on Windows platforms
2013-12-19 13:52:33 +01:00
Manuel Pégourié-Gonnard
1321135758
Fix MingW version issue
2013-12-17 17:38:55 +01:00
Manuel Pégourié-Gonnard
ee5db1d6b9
Fix typo in previous commit
2013-12-17 16:46:19 +01:00
Manuel Pégourié-Gonnard
6a398d4234
Add missing header for windows
2013-12-17 16:10:58 +01:00
Manuel Pégourié-Gonnard
173402bb61
net_prepare() returns int
2013-12-17 15:57:05 +01:00
Paul Bakker
5a607d26b7
Merged IPv6 support in the NET module
2013-12-17 14:34:19 +01:00
Manuel Pégourié-Gonnard
fd6b4cc1db
Add forgotten SO_REUSEADDR option
2013-12-17 13:59:01 +01:00
Paul Bakker
5ab68ba679
Merged storing curves fully in ROM
2013-12-17 13:11:18 +01:00
Paul Bakker
fdf946928d
Merged support for ECDH-RSA / ECDH-ECDSA key exchanges and ciphersuites
2013-12-17 13:10:27 +01:00
Paul Bakker
77e257e958
Fixed bad check for maximum size of fragment length index
2013-12-17 13:09:12 +01:00
Paul Bakker
6c21276342
Place olen initalization after reference check in cipher_update()
2013-12-17 13:09:12 +01:00
Paul Bakker
6f0636a09f
Potential memory leak in ssl_ticket_keys_init()
2013-12-17 13:09:12 +01:00
Manuel Pégourié-Gonnard
6e315a9009
Adapt net_accept() to IPv6
2013-12-17 12:00:57 +01:00
Manuel Pégourié-Gonnard
389ce63735
Add IPv6 support to net_bind()
2013-12-17 12:00:57 +01:00
Manuel Pégourié-Gonnard
10934de1ca
Adapt net_connect() for IPv6
2013-12-17 12:00:57 +01:00
Manuel Pégourié-Gonnard
2e5c3163db
Factor our some code in net.c
2013-12-17 12:00:57 +01:00
Manuel Pégourié-Gonnard
5538970d32
Add server support for ECDH key exchanges
2013-12-17 11:32:31 +01:00
Manuel Pégourié-Gonnard
d18cc57962
Add client-side support for ECDH key exchanges
2013-12-17 11:32:31 +01:00