Paul Bakker
|
645ce3a2b4
|
- Moved ciphersuite naming scheme to IANA reserved names
|
2012-10-31 12:32:41 +00:00 |
|
Paul Bakker
|
b0550d90c9
|
- Added ssl_get_peer_cert() to SSL API
|
2012-10-30 07:51:03 +00:00 |
|
Paul Bakker
|
21654f392e
|
- Smaller default values
|
2012-10-24 14:29:17 +00:00 |
|
Paul Bakker
|
520ea911f6
|
- Fixed to support 4096 bit DHM params as well
|
2012-10-24 14:17:01 +00:00 |
|
Paul Bakker
|
f1ab0ec1ff
|
- Changed default compiler flags to include -O2
|
2012-10-23 12:12:53 +00:00 |
|
Paul Bakker
|
1d56958963
|
- Updated examples to use appropriate sizes for larger RSA keys (up to 16k)
|
2012-10-03 20:35:44 +00:00 |
|
Paul Bakker
|
3ad34d4110
|
- Added key_app_writer to CMakeLists.txt
|
2012-10-03 20:34:37 +00:00 |
|
Paul Bakker
|
3fad7b3fdd
|
- Changed saved value to RCF 3526 2048 MODP group
|
2012-10-03 19:50:54 +00:00 |
|
Paul Bakker
|
5da01caa50
|
- Added warning about example use
|
2012-10-03 19:48:33 +00:00 |
|
Paul Bakker
|
1d29fb5e33
|
- Added option to add minimum accepted SSL/TLS protocol version
|
2012-09-28 13:28:45 +00:00 |
|
Paul Bakker
|
5d19f86fdd
|
- Added comment
|
2012-09-28 07:33:00 +00:00 |
|
Paul Bakker
|
cbbd9998da
|
- SSL/TLS now has default group
|
2012-09-28 07:32:06 +00:00 |
|
Paul Bakker
|
915275ba78
|
- Revamped x509_verify() and the SSL f_vrfy callback implementations
|
2012-09-28 07:10:55 +00:00 |
|
Paul Bakker
|
819370c7b7
|
- Removed lowercasing of parameters
|
2012-09-28 07:04:41 +00:00 |
|
Paul Bakker
|
5ef9db2ae3
|
- Added rsa_check_privkey() check to rsa_sign
|
2012-09-27 13:19:22 +00:00 |
|
Paul Bakker
|
db2509c9cd
|
- Added password and password_file options for reading private keys
|
2012-09-27 12:44:31 +00:00 |
|
Paul Bakker
|
d43241060b
|
- Removed clutter from my_dhm values
|
2012-09-26 08:29:38 +00:00 |
|
Paul Bakker
|
0a59707523
|
- Added simple SSL session cache implementation
- Revamped session resumption handling
|
2012-09-25 21:55:46 +00:00 |
|
Paul Bakker
|
4811b56524
|
- Added util/CMakelists.txt
|
2012-09-25 11:45:38 +00:00 |
|
Paul Bakker
|
29b64761fd
|
- Added predefined DHM groups from RFC 5114
|
2012-09-25 09:36:44 +00:00 |
|
Paul Bakker
|
b60b95fd7f
|
- Added first version of ssl_server2 example application
|
2012-09-25 09:05:17 +00:00 |
|
Paul Bakker
|
0f409a1911
|
- Added missing subdirectory line for util
|
2012-09-25 08:19:18 +00:00 |
|
Paul Bakker
|
d0f6fa7bdc
|
- Sending of handshake_failures during renegotiation added
- Handle two legacy modes differently: SSL_LEGACY_BREAK_HANDSHAKE and SSL_LEGACY_NO_RENEGOTIATION
|
2012-09-17 09:18:12 +00:00 |
|
Paul Bakker
|
48916f9b67
|
- Added Secure Renegotiation (RFC 5746)
|
2012-09-16 19:57:18 +00:00 |
|
Paul Bakker
|
f518b16f97
|
- Added PKCS#5 PBKDF2 key derivation function
|
2012-08-23 13:03:18 +00:00 |
|
Paul Bakker
|
835b29e7c3
|
- Should not be debug_level 5 in repo (reset to 0)
|
2012-08-23 08:31:59 +00:00 |
|
Paul Bakker
|
3d58fe8af6
|
- Added Blowfish to benchmarks
|
2012-07-04 17:15:31 +00:00 |
|
Paul Bakker
|
26c4e3cb0b
|
- Made crypt_and_cipher more robust with other ciphers / hashes
|
2012-07-04 17:08:33 +00:00 |
|
Paul Bakker
|
a9379c0ed1
|
- Added base blowfish algorithm
|
2012-07-04 11:02:11 +00:00 |
|
Paul Bakker
|
92eeea4627
|
- Modified CMakeLists to support zlib
|
2012-07-03 15:10:33 +00:00 |
|
Paul Bakker
|
2770fbd651
|
- Added DEFLATE compression support as per RFC3749 (requires zlib)
|
2012-07-03 13:30:23 +00:00 |
|
Paul Bakker
|
8d914583f3
|
- Added X509 CA Path support
|
2012-06-04 12:46:42 +00:00 |
|
Paul Bakker
|
e6ee41f932
|
- Added OpenSSL / PolarSSL compatibility script (tests/compat.sh) and example application (programs/ssl/o_p_test) (Requires OpenSSL)
- Handle encryption with private key and decryption with public key as per RFC 2313
|
2012-05-19 08:43:48 +00:00 |
|
Paul Bakker
|
4248823f43
|
- Updated to handle x509parse_crtfile() positive return values
|
2012-05-16 08:21:05 +00:00 |
|
Paul Bakker
|
62f88dc473
|
Makefile more compatible with WINDOWS environment
|
2012-05-10 21:26:28 +00:00 |
|
Paul Bakker
|
cd5b529d6d
|
- Added automatic WINDOWS define in Makefile
|
2012-05-10 20:49:10 +00:00 |
|
Paul Bakker
|
4d2c1243b1
|
- Changed certificate verify behaviour to comply with RFC 6125 section 6.3 to not match CN if subjectAltName extension is present.
|
2012-05-10 14:12:46 +00:00 |
|
Paul Bakker
|
01cc394848
|
- Added commandline error code convertor (util/strerror)
|
2012-05-08 08:36:15 +00:00 |
|
Paul Bakker
|
88f17b8549
|
- Fixed for new DHM handling (TLS 1.2)
|
2012-04-26 18:52:13 +00:00 |
|
Paul Bakker
|
ca4ab49158
|
- Added GCM ciphersuites to TLS implementation
|
2012-04-18 14:23:57 +00:00 |
|
Paul Bakker
|
0b22e3e989
|
- Print return codes properly
|
2012-04-18 14:23:29 +00:00 |
|
Paul Bakker
|
6f3578cfc8
|
- Report proper error number
|
2012-04-16 06:46:01 +00:00 |
|
Paul Bakker
|
10cd225962
|
- Added support for the SHA256 ciphersuites of AES and Camellia
|
2012-04-12 21:26:34 +00:00 |
|
Paul Bakker
|
570267f01a
|
- print error string in useful format
|
2012-04-10 08:22:46 +00:00 |
|
Paul Bakker
|
c7ffd36a97
|
- Added automatic debug flags to CFLAGS if DEBUG is set in shell
|
2012-04-05 12:08:29 +00:00 |
|
Paul Bakker
|
b78c74551f
|
- Use standard IV of 12
|
2012-03-20 15:05:59 +00:00 |
|
Paul Bakker
|
89e80c9a43
|
- Added base Galois/Counter mode (GCM) for AES
|
2012-03-20 13:50:09 +00:00 |
|
Paul Bakker
|
12f5dbb8b4
|
- Fixed MD type to SHA1
|
2012-03-05 13:37:13 +00:00 |
|
Paul Bakker
|
92101f2d02
|
- Keep requests for future use
|
2012-02-16 14:09:31 +00:00 |
|
Paul Bakker
|
89f3fc5bf1
|
- Removed superfluous debugging info
|
2012-02-16 13:36:38 +00:00 |
|