Commit Graph

216 Commits

Author SHA1 Message Date
Paul Bakker
65a1909dc6 Internally split up x509parse_key()
Split up x509parse_key() into a (PEM) handler function and specific
DER parser functions for the PKCS#1 (x509parse_key_pkcs1_der()) and
unencrypted PKCS#8 (x509parse_key_pkcs8_unencrypted_der()) private
key formats.
2013-06-06 21:17:08 +02:00
Paul Bakker
e0225e4d7f Fixed const correctness issues in programs and tests 2013-06-06 12:58:12 +02:00
Paul Bakker
822e958bb2 Prepared for PolarSSL 1.2.7 release 2013-04-13 11:56:17 +02:00
Paul Bakker
d68703b17f Split up largest test suite data files into smaller chunks
(cherry picked from commit 286bf3c501)

Conflicts:
	tests/Makefile
2013-04-12 13:20:30 +02:00
Paul Bakker
90f042d4cb Prepared for PolarSSL 1.2.6 release 2013-03-11 11:38:44 +01:00
Paul Bakker
c7a2da437e Updated for PolarSSL 1.2.5 2013-02-02 19:23:57 +01:00
Paul Bakker
14c56a3378 Updated for PolarSSL 1.2.4 2013-01-25 17:11:37 +01:00
Paul Bakker
58ef6ec613 Cleaner test-memory cleanups 2013-01-03 11:33:48 +01:00
Paul Bakker
fb1ba781b3 Updated for release 1.2.3 2012-11-26 16:28:25 +01:00
Paul Bakker
df5069cb97 Updated for 1.2.2 release 2012-11-24 12:20:19 +01:00
Paul Bakker
1eeceaeac8 More expansive testing 2012-11-23 14:25:34 +01:00
Manuel Pégourié-Gonnard
e44ec108be Fixed segfault in mpi_shift_r()
Fixed memory leak in test_suite_mpi
Amended ChangeLog
2012-11-18 23:15:02 +01:00
Paul Bakker
90f309ffe7 Added proper gitignores for linux compilation 2012-11-17 00:04:49 +01:00
Paul Bakker
e0f41f3086 - Updated version to 1.2.1 2012-11-13 12:55:02 +00:00
Paul Bakker
9daf0d0651 - Added max length check for rsa_pkcs1_sign with PKCS#1 v2.1 2012-11-13 12:13:27 +00:00
Paul Bakker
f02c5642d0 - Allow R and A to point to same mpi in mpi_div_mpi 2012-11-13 10:25:21 +00:00
Paul Bakker
645ce3a2b4 - Moved ciphersuite naming scheme to IANA reserved names 2012-10-31 12:32:41 +00:00
Paul Bakker
f1ab0ec1ff - Changed default compiler flags to include -O2 2012-10-23 12:12:53 +00:00
Paul Bakker
8f387e6605 - Updated trunk base version to 1.2.0 for prerelease 1 2012-10-02 15:26:45 +00:00
Paul Bakker
5c2364c2ba - Moved from unsigned long to uint32_t throughout code 2012-10-01 14:41:15 +00:00
Paul Bakker
915275ba78 - Revamped x509_verify() and the SSL f_vrfy callback implementations 2012-09-28 07:10:55 +00:00
Paul Bakker
31417a71f8 - Fixed tests for enhanced rsa_check_privkey() 2012-09-27 20:41:37 +00:00
Paul Bakker
1a0f552030 - Fixed test for 'trust extension' change 2012-09-25 21:53:55 +00:00
Paul Bakker
17a9790918 - Added regression check for latest mpi_add_abs() issue 2012-09-17 08:44:35 +00:00
Paul Bakker
0c93d126bc - Ability to define openssl at top
- Also add SHA256 ciphersuites in non-tls 1.2 modes
2012-09-13 14:26:09 +00:00
Paul Bakker
68b6d88f5e - Clear all memory 2012-09-08 14:04:13 +00:00
Paul Bakker
f518b16f97 - Added PKCS#5 PBKDF2 key derivation function 2012-08-23 13:03:18 +00:00
Paul Bakker
9195662a4c - Added test for no-subject certificates with altSubjectNames 2012-08-23 10:46:54 +00:00
Paul Bakker
6132d0aa93 - Added Blowfish to generic cipher layer
- Renamed POLARSSL_MODE_CFB128 to POLARSSL_MODE_CFB
2012-07-04 17:10:40 +00:00
Paul Bakker
a9379c0ed1 - Added base blowfish algorithm 2012-07-04 11:02:11 +00:00
Paul Bakker
92eeea4627 - Modified CMakeLists to support zlib 2012-07-03 15:10:33 +00:00
Paul Bakker
2770fbd651 - Added DEFLATE compression support as per RFC3749 (requires zlib) 2012-07-03 13:30:23 +00:00
Paul Bakker
f6198c1513 - mpi_exp_mod() now correctly handles negative base numbers (Closes ticket #52) 2012-05-16 08:02:29 +00:00
Paul Bakker
40dd5303c2 - Fixed test on Big Endian systems (Fixed Ticket #54) 2012-05-15 15:02:38 +00:00
Paul Bakker
62f88dc473 Makefile more compatible with WINDOWS environment 2012-05-10 21:26:28 +00:00
Paul Bakker
cd5b529d6d - Added automatic WINDOWS define in Makefile 2012-05-10 20:49:10 +00:00
Paul Bakker
4d2c1243b1 - Changed certificate verify behaviour to comply with RFC 6125 section 6.3 to not match CN if subjectAltName extension is present. 2012-05-10 14:12:46 +00:00
Paul Bakker
d14cd35ece - Adapted Makefile for buildbot 2012-05-08 15:39:50 +00:00
Paul Bakker
02adedb0b1 - Added casting to prevent warnings on some compilers 2012-05-08 13:35:48 +00:00
Paul Bakker
ca4ab49158 - Added GCM ciphersuites to TLS implementation 2012-04-18 14:23:57 +00:00
Paul Bakker
10cd225962 - Added support for the SHA256 ciphersuites of AES and Camellia 2012-04-12 21:26:34 +00:00
Paul Bakker
398cb514e2 - Allow to test for multiple modes 2012-04-10 08:22:31 +00:00
Paul Bakker
c7ffd36a97 - Added automatic debug flags to CFLAGS if DEBUG is set in shell 2012-04-05 12:08:29 +00:00
Paul Bakker
0c8f73ba8b - Fixed a mistake in mpi_cmp_mpi() where longer B values are handled wrong 2012-03-22 14:08:57 +00:00
Paul Bakker
89e80c9a43 - Added base Galois/Counter mode (GCM) for AES 2012-03-20 13:50:09 +00:00
Paul Bakker
6d6205091b - First tests for x509_write_cert_req() compat with OpenSSL output 2012-02-16 14:09:13 +00:00
Paul Bakker
b08e6843c2 - Removed test memory leaks 2012-02-11 18:43:20 +00:00
Paul Bakker
57b12982b3 - Multi-domain certificates support wildcards as well 2012-02-11 17:38:38 +00:00
Paul Bakker
a8cd239d6b - Added support for wildcard certificates
- Added support for multi-domain certificates through the X509 Subject Alternative Name extension
2012-02-11 16:09:32 +00:00
Paul Bakker
fab5c829e7 - Added support for NULL cipher (POLARSSL_CIPHER_NULL_CIPHER) and weak ciphersuites (POLARSSL_ENABLE_WEAK_CIPHERSUITES). They are disabled by default! 2012-02-06 16:45:10 +00:00
Paul Bakker
3c18a830b3 - Made changes for 1.1.1 release 2012-01-23 09:44:43 +00:00
Paul Bakker
69e095cc15 - Changed the behaviour of x509parse_parse_crt for permissive parsing. Now returns the number of 'failed certificates' instead of having a switch to enable it.
- As a consequence all error code that were positive were changed. A lot of MALLOC_FAILED and FILE_IO_ERROR error codes added for different modules.
 - Programs and tests were adapted accordingly
2011-12-10 21:55:01 +00:00
Paul Bakker
18d32911c0 - Added internal ctr_drbg_init_entropy_len() to allow NIST determined entropy tests to work 2011-12-10 21:42:49 +00:00
Paul Bakker
c50132d4fa - Updated version of PolarSSL to 1.1.0 2011-12-05 14:38:36 +00:00
Paul Bakker
c0a1a319df - Moved test to entropy and CTR_DRBG 2011-12-04 17:12:15 +00:00
Paul Bakker
6c0ceb3f9a - Added permissive certificate parsing to x509parse_crt() and x509parse_crtfile(). With permissive parsing the parsing does not stop on encountering a parse-error 2011-12-04 12:24:18 +00:00
Paul Bakker
cb37aa5912 - Better buffer handling in mpi_read_file() 2011-11-30 16:00:20 +00:00
Paul Bakker
a3d195c41f - Changed the used random function pointer to more flexible format. Renamed havege_rand() to havege_random() to prevent mistakes. Lots of changes as a consequence in library code and programs 2011-11-27 21:07:34 +00:00
Paul Bakker
0e04d0e9a3 - Added CTR_DRBG based on AES-256-CTR (NIST SP 800-90) random generator 2011-11-27 14:46:59 +00:00
Paul Bakker
fae618fa8b - Updated tests to reflect recent changes 2011-10-12 11:53:52 +00:00
Paul Bakker
fa1c592860 - Fixed faulty HMAC-MD2 implementation (Fixes ticket #37) 2011-10-06 14:18:49 +00:00
Paul Bakker
968bc9831b - Preparations for v1.0.0 release of PolarSSL 2011-07-27 17:03:00 +00:00
Paul Bakker
73043766c7 - Fixed CMakeLists.txt for new suites with multiple data files 2011-07-13 15:03:10 +00:00
Paul Bakker
46c1794110 - Split cipher test suite into three different sets
- Adapted test source code generation accordingly
2011-07-13 14:54:54 +00:00
Paul Bakker
26b41a8370 - Fixed compiler warning 2011-07-13 14:53:58 +00:00
Paul Bakker
eaf90d9a9c - Removed unused but initialized variables 2011-07-13 14:21:52 +00:00
Paul Bakker
36f1b197ca - Added test for PKCS#8 wrapped private and public keys 2011-07-13 11:32:29 +00:00
Paul Bakker
ed56b224de - Added support for PKCS#8 wrapper on reading private keys (Fixes ticket #20) 2011-07-13 11:26:43 +00:00
Paul Bakker
a585beb87e - Introduced windows DLL build and SYS_LDFLAGS 2011-06-21 08:59:44 +00:00
Paul Bakker
c65ab340a7 - Fixed error code 2011-06-09 15:44:37 +00:00
Paul Bakker
343a870daa - Expanded generic cipher layer with support for CTR and CFB128 modes of operation. 2011-06-09 14:27:58 +00:00
Paul Bakker
1ef71dffc7 - Updated unsignedness in some missed cases 2011-06-09 14:14:58 +00:00
Paul Bakker
cd43a0beec - Adjusted to use proper size_t arguments 2011-06-09 13:55:44 +00:00
Paul Bakker
828acb2234 - Updated for release 0.99-pre5 2011-05-27 09:25:42 +00:00
Paul Bakker
d7d8dbe3bf - Fixed two typos 2011-05-26 15:29:38 +00:00
Paul Bakker
c3f5656ff6 - Fixed dependency of MD4 and MD2 of POLARSSL_FS_IO 2011-05-26 14:38:05 +00:00
Paul Bakker
5690efccc4 - Fixed a whole bunch of dependencies on defines between files, examples and tests 2011-05-26 13:16:06 +00:00
Paul Bakker
c8cad6af29 - Upgraded to version 1.6.1 of FCTX 2011-05-25 11:35:09 +00:00
Paul Bakker
02722ea867 - Added missing semicolon 2011-05-25 11:34:44 +00:00
Paul Bakker
2f5947e1f6 - Added mpi_get_bit() and mpi_set_bit() individual bit setter/getter functions. 2011-05-18 15:47:11 +00:00
Paul Bakker
9d781407bc - A error_strerror function() has been added to translate between error codes and their description.
- The error codes have been remapped and combining error codes is now done with a PLUS instead of an OR as error codes used are negative.
 - Descriptions to all error codes have been added.
 - Generation script for error.c has been created to automatically generate error.c from the available error definitions in the headers.
2011-05-09 16:17:09 +00:00
Paul Bakker
6c591fab72 - mpi_init() and mpi_free() only accept a single argument and do not accept variable arguments anymore. This prevents unexpected memory corruption in a number of use cases. 2011-05-05 11:49:20 +00:00
Paul Bakker
335db3f121 - Functions requiring File System functions can now be disables by undefining POLARSSL_FS_IO 2011-04-25 15:28:35 +00:00
Paul Bakker
f4a3f301fd - Updated for migration to size_t 2011-04-24 15:53:29 +00:00
Paul Bakker
a755ca1bbe - Renamed t_s_int, t_int and t_dbl to respectively t_sint, t_uint and t_udbl for clarity 2011-04-24 09:11:17 +00:00
Paul Bakker
23986e5d5d - Major type rewrite of int to size_t for most variables and arguments used for buffer lengths and loops 2011-04-24 08:57:21 +00:00
Paul Bakker
1be81a4e5f - Removed test for MD2 certificate as OpenSSL does not support it anymore 2011-04-23 14:46:28 +00:00
Paul Bakker
b6ecaf5276 - Added additional (configurable) cipher block modes. AES-CTR, Camellia-CTR, XTEA-CBC 2011-04-19 14:29:23 +00:00
Paul Bakker
3efa575ff2 - Ready for release 0.99-pre4 2011-04-01 12:23:26 +00:00
Paul Bakker
579923c51b - The config header file is now always included in all tests 2011-03-26 13:39:34 +00:00
Paul Bakker
be4e7dca08 - Debug print of MPI now removes leading zero octets and displays actual bit size of the value 2011-03-14 20:41:31 +00:00
Paul Bakker
b3dcbc18f6 - Made function resilient to endianness differences. 2011-03-13 16:57:25 +00:00
Paul Bakker
4cce2bbd5a - Renamed rnd_info structure to correct rnd_buf_info structure 2011-03-13 16:56:35 +00:00
Paul Bakker
4fa1a76c92 - Added dependency on helpers.function 2011-03-13 16:56:11 +00:00
Paul Bakker
997bbd10d8 - Removed dependency of tests on rand()
- Added pseudo-random helper function
2011-03-13 15:45:42 +00:00
Paul Bakker
9dcc32236b - Added support for PKCS#1 v2.1 encoding and thus support for the RSAES-OAEP and RSASSA-PSS operations (enabled by POLARSSL_PKCS1_V21) 2011-03-08 14:16:06 +00:00
Paul Bakker
345a6fee91 - Replaced function that fixes man-in-the-middle attack
- Added message to indicate inclusion of man-in-the-middle attack (Reported by Larry Highsmith, Subreption LLC)
 - Released version 0.99-pre3
2011-02-28 21:20:02 +00:00
Paul Bakker
1946e42dd4 - Made ready for 0.99-pre2 release 2011-02-25 09:39:39 +00:00
Paul Bakker
c43481aa82 - Release memory used 2011-02-20 16:34:26 +00:00
Paul Bakker
2544a04918 - Replaced with current value of the certificate after certificate replacement 2011-02-20 13:52:44 +00:00