mbedtls

mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-23 22:05:47 +01:00

Author	SHA1	Message	Date
Paul Bakker	e47b34bdc8	Removed further timing differences during SSL message decryption in ssl_decrypt_buf() New padding checking is unbiased on correct or incorrect padding and has no branch prediction timing differences. The additional MAC checks further straighten out the timing differences.	2013-02-27 14:48:00 +01:00
Paul Bakker	2ca8ad10a1	Made x509parse.c also work with missing hash header files	2013-02-19 13:17:38 +01:00
Paul Bakker	6deb37e03e	Added comments to indicate dependency from PEM on AES, DES and MD5	2013-02-19 13:17:08 +01:00
Paul Bakker	fbb5cf9f59	Fixed typo in base64.h	2013-02-14 11:56:58 +01:00
Paul Bakker	86f04f400b	Fixed comment	2013-02-14 11:20:09 +01:00
Paul Bakker	c0463502ff	Fixed memory leak in ssl_free() and ssl_reset() for active session	2013-02-14 11:19:38 +01:00
Paul Bakker	c7a2da437e	Updated for PolarSSL 1.2.5	2013-02-02 19:23:57 +01:00
Paul Bakker	40865c8e5d	Added sending of alert messages in case of decryption failures as per RFC The flag POLARSSL_SSL_ALERT_MESSAGES switched between enabling and disabling the sending of alert messages that give adversaries intel about the result of their action. PolarSSL can still communicate with other parties if they are disabled, but debugging of issues might be harder.	2013-02-02 19:04:13 +01:00
Paul Bakker	d66f070d49	Disable debug messages that can introduce a timing side channel. Introduced the POLARSSL_SSL_DEBUG_ALL flag to enable all these debug messages in case somebody does want to see the reason checks fail.	2013-02-02 19:04:13 +01:00
Paul Bakker	4582999be6	Fixed timing difference resulting from badly formatted padding.	2013-02-02 19:04:13 +01:00
Paul Bakker	8fe40dcd7d	Allow enabling of dummy error_strerror() to support some use-cases Enable a dummy error function to make use of error_strerror() in third party libraries easier. Disable if you run into name conflicts and want to really remove the error_strerror()	2013-02-02 12:43:08 +01:00
Paul Bakker	14c56a3378	Updated for PolarSSL 1.2.4	2013-01-25 17:11:37 +01:00
Paul Bakker	9d2bb658fc	Added PolarSSL 1.1.5 ChangeLog from 1.1 branch	2013-01-25 16:07:49 +01:00
Paul Bakker	1961b709d8	Added ssl_handshake_step() to allow single stepping the handshake process Single stepping the handshake process allows for better support of non-blocking network stacks and for getting information from specific handshake messages if wanted.	2013-01-25 14:49:24 +01:00
Paul Bakker	9c94cddeae	Correctly handle CertificateRequest with empty DN list in <= TLS 1.1	2013-01-22 14:21:49 +01:00
Paul Bakker	f626e1dd28	Fixed comment on maximum tested size for POLARSSL_MPI_MAX_LIMBS	2013-01-21 12:14:17 +01:00
Paul Bakker	21dca69ef0	Handle future version properly in ssl_write_certificate_request()	2013-01-03 11:41:08 +01:00
Paul Bakker	58ef6ec613	Cleaner test-memory cleanups	2013-01-03 11:33:48 +01:00
Paul Bakker	02303e8be4	Moved md_init_ctx() calls around to minimize exit points	2013-01-03 11:08:31 +01:00
Paul Bakker	40628bad98	Memory leak when using RSA_PKCS_V21 operations fixed	2013-01-03 10:50:31 +01:00
Paul Bakker	34558735d2	Inserted bump_version.sh in git repository	2012-11-26 17:18:12 +01:00
Paul Bakker	77d51d7867	Merge branch 'polarssl-1.2' for release of PolarSSL 1.2.3	2012-11-26 16:30:11 +01:00
Paul Bakker	fb1ba781b3	Updated for release 1.2.3	2012-11-26 16:28:25 +01:00
Paul Bakker	bc3d98469f	Fixed multiple DN size	2012-11-26 16:12:02 +01:00
Paul Bakker	df5069cb97	Updated for 1.2.2 release	2012-11-24 12:20:19 +01:00
Paul Bakker	3497d8c7bf	Do not check sig on trust-ca (might not be top)	2012-11-24 11:53:17 +01:00
Paul Bakker	769075dfb6	Fixed dependency on POLARSSL_SHA4_C in ssl modules	2012-11-24 11:26:46 +01:00
Paul Bakker	1eeceaeac8	More expansive testing	2012-11-23 14:25:34 +01:00
Paul Bakker	78ce507988	Fixed typo	2012-11-23 14:23:53 +01:00
Paul Bakker	91ebfb5272	Made auth_mode as an command line option	2012-11-23 14:04:08 +01:00
Paul Bakker	7c90da9e75	Amended ChangeLog for client authentication fix	2012-11-23 14:02:40 +01:00
Paul Bakker	926af7582a	Fixed client certificate handling with TLS 1.2	2012-11-23 13:38:07 +01:00
Paul Bakker	e667c98fb1	Added p_hw_data to ssl_context for context specific hardware acceleration data	2012-11-20 13:50:22 +01:00
Paul Bakker	1492633e54	Updated date for release	2012-11-20 10:58:09 +01:00
Paul Bakker	d10ff14355	Merged trunk changes for 1.2	2012-11-20 10:55:17 +01:00
Paul Bakker	1f9d02dc90	Added more notes / comments on own_cert, trust_ca purposes	2012-11-20 10:30:55 +01:00
Manuel Pégourié-Gonnard	e44ec108be	Fixed segfault in mpi_shift_r() Fixed memory leak in test_suite_mpi Amended ChangeLog	2012-11-18 23:15:02 +01:00
Paul Bakker	25338d74ac	Added proper gitignores for Linux CMake use	2012-11-18 22:56:39 +01:00
Paul Bakker	90f309ffe7	Added proper gitignores for linux compilation	2012-11-17 00:04:49 +01:00
Paul Bakker	75242c30fb	Added checking of CA peer cert to ssl_client1 as sane default	2012-11-17 00:03:46 +01:00
Paul Bakker	9a73632fd9	- Merged changesets 1399 up to and including 1415 into 1.2 branch	2012-11-14 12:39:52 +00:00
Paul Bakker	580153573b	- Do not free uninitialized ssl context	2012-11-14 12:15:41 +00:00
Paul Bakker	43ae298410	- Fixed argument types	2012-11-14 12:14:19 +00:00
Paul Bakker	34d8dbcc6d	- Depth that the certificate verify callback receives is now numbered bottom-up (Peer cert depth is 0)	2012-11-14 12:11:38 +00:00
Paul Bakker	e0f41f3086	- Updated version to 1.2.1	2012-11-13 12:55:02 +00:00
Paul Bakker	b815682a48	- Updated Changelog for 1.2.1	2012-11-13 12:52:17 +00:00
Paul Bakker	9daf0d0651	- Added max length check for rsa_pkcs1_sign with PKCS#1 v2.1	2012-11-13 12:13:27 +00:00
Paul Bakker	96c4ed8134	- Proper building of shared lib when SHARED defined	2012-11-13 10:37:52 +00:00
Paul Bakker	644db3893a	- Added SHARED define for building with -fPIC	2012-11-13 10:35:00 +00:00
Paul Bakker	f6bdf8d86c	- Added uninstall target	2012-11-13 10:28:43 +00:00

1 2 3 4 5 ...

806 Commits