yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-26 12:25:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
705 Commits 88 Branches 205 Tags 69 MiB
a5402fee04
Commit Graph

369 Commits

Author SHA1 Message Date
Paul Bakker
c110d025c2 - Added extra check to prevent crash on failed memory allocation 2012-10-19 12:15:08 +00:00
Paul Bakker
0be82f20a9 - Updated rsa_pkcs1_verify() and rsa_pkcs1_sign() to use appropriate buffer size for max MPIs 2012-10-03 20:36:33 +00:00
Paul Bakker
36fec23dc2 - Updated to 1.2.0 2012-10-02 15:40:44 +00:00
Paul Bakker
62261d6bd6 - Rewrote bignum type definition #ifdef tree to work better on all 
systems
 2012-10-02 12:19:31 +00:00
Paul Bakker
3338b792da - Fixed WIN32 version of x509parse_crtpath() 2012-10-01 21:13:10 +00:00
Paul Bakker
d6f17b492f - Moved definition to top to prevent MS VC compiler warning 2012-10-01 20:58:19 +00:00
Paul Bakker
5c2364c2ba - Moved from unsigned long to uint32_t throughout code 2012-10-01 14:41:15 +00:00
Paul Bakker
0e19e9ff1c - Minor define change to prevent warning 2012-10-01 11:02:48 +00:00
Paul Bakker
993d11dd05 - Send ClientHello with 'minimal version' 2012-09-28 15:00:12 +00:00
Paul Bakker
23f3680898 - Added proper support for TLS 1.2 signature_algorithm extension on server 
side
 - Minor const changes to other extension parsing functions
 2012-09-28 14:15:14 +00:00
Paul Bakker
1d29fb5e33 - Added option to add minimum accepted SSL/TLS protocol version 2012-09-28 13:28:45 +00:00
Paul Bakker
62f2deef8b - Set POLARSSL_DHM_RFC5114_MODP_1024_[PG] as default DHM MODP group for SSL/TLS 2012-09-28 07:31:51 +00:00
Paul Bakker
915275ba78 - Revamped x509_verify() and the SSL f_vrfy callback implementations 2012-09-28 07:10:55 +00:00
Paul Bakker
5701cdcd02 - Added ServerName extension parsing (SNI) at server side 2012-09-27 21:49:42 +00:00
Paul Bakker
eb2c658163 - Generalized external private key implementation handling (like PKCS#11) in SSL/TLS 2012-09-27 19:15:01 +00:00
Paul Bakker
321df6fb80 - Expanded rsa_check_privkey() to check DP, DQ and QP as well 2012-09-27 13:21:34 +00:00
Paul Bakker
5531c6d92c - Change buffer size on mpi_write_file() to cover larger size MPIs 2012-09-26 19:20:46 +00:00
Paul Bakker
49d75678a5 - Support INTEGRITY OS 2012-09-26 15:22:07 +00:00
Paul Bakker
d14277d7de - Added PBKDF2 error code 2012-09-26 15:19:05 +00:00
Paul Bakker
0a59707523 - Added simple SSL session cache implementation 
- Revamped session resumption handling
 2012-09-25 21:55:46 +00:00
Paul Bakker
b00ca42f2a - Handle existence of OpenSSL Trust Extensions at end of X.509 DER blob 2012-09-25 12:10:00 +00:00
Paul Bakker
29b64761fd - Added predefined DHM groups from RFC 5114 2012-09-25 09:36:44 +00:00
Paul Bakker
d0f6fa7bdc - Sending of handshake_failures during renegotiation added 
- Handle two legacy modes differently: SSL_LEGACY_BREAK_HANDSHAKE and SSL_LEGACY_NO_RENEGOTIATION
 2012-09-17 09:18:12 +00:00
Paul Bakker
2d319fdfcb - Fixed bug in mpi_add_abs with adding a small number to a large mpi with carry rollover. 2012-09-16 21:34:26 +00:00
Paul Bakker
48916f9b67 - Added Secure Renegotiation (RFC 5746) 2012-09-16 19:57:18 +00:00
Paul Bakker
b5b20f19e7 - Extra sanity check for input added 2012-09-16 15:07:49 +00:00
Paul Bakker
5f70b25c9b - Correctly handle SHA256 ciphersuites in SSLv3 
- Moved ssl3_prf to separate function (no exceptions)
 2012-09-13 14:23:06 +00:00
Paul Bakker
ec636f3bdd - Removed handling for SSLv2 Client Hello (as per RFC 5246 recommendation) 2012-09-09 19:17:02 +00:00
Paul Bakker
94a6796179 - Correctly handle MS certificate's key usage bits 2012-08-23 13:03:52 +00:00
Paul Bakker
f518b16f97 - Added PKCS#5 PBKDF2 key derivation function 2012-08-23 13:03:18 +00:00
Paul Bakker
535e97dbab - Better checking for reading over buffer boundaries 
- Zeroize altSubjectName chain memory before use
 2012-08-23 10:49:55 +00:00
Paul Bakker
b68cad6cc7 - Made cipersuites in ssl context const (no intention to modify) 
- Adjusted ssl_set_ciphersuites() to match
 2012-08-23 08:34:18 +00:00
Paul Bakker
bb51f0cb3d - Only include md.h if needed by POLARSSL_PKCS1_V21 2012-08-23 07:46:58 +00:00
Paul Bakker
6a2f857b08 - Added DragonflyBSD support 2012-08-23 07:45:37 +00:00
Paul Bakker
3c16db9a10 - Fixed potential memory zeroization on miscrafted RSA key 2012-07-05 13:58:08 +00:00
Paul Bakker
6132d0aa93 - Added Blowfish to generic cipher layer 
- Renamed POLARSSL_MODE_CFB128 to POLARSSL_MODE_CFB
 2012-07-04 17:10:40 +00:00
Paul Bakker
83f00bba9c - Updated strerror codes for SSL Compression and Blowfish 2012-07-04 11:08:50 +00:00
Paul Bakker
a9379c0ed1 - Added base blowfish algorithm 2012-07-04 11:02:11 +00:00
Paul Bakker
2770fbd651 - Added DEFLATE compression support as per RFC3749 (requires zlib) 2012-07-03 13:30:23 +00:00
Paul Bakker
cefb396a77 - Handle empty certificate subject names 2012-06-27 11:51:09 +00:00
Paul Bakker
e4791f3936 - Bugfix for Windows in cert path handling 2012-06-04 21:29:15 +00:00
Paul Bakker
67820bd38e - Only include padlock header when POLARSSL_PADLOCK_C is defined 2012-06-04 12:47:23 +00:00
Paul Bakker
8d914583f3 - Added X509 CA Path support 2012-06-04 12:46:42 +00:00
Paul Bakker
e6ee41f932 - Added OpenSSL / PolarSSL compatibility script (tests/compat.sh) and example application (programs/ssl/o_p_test) (Requires OpenSSL) 
- Handle encryption with private key and decryption with public key as per RFC 2313
 2012-05-19 08:43:48 +00:00
Paul Bakker
50546921ac - Moved to prevent uninitialized exit var 2012-05-19 08:40:49 +00:00
Paul Bakker
f6198c1513 - mpi_exp_mod() now correctly handles negative base numbers (Closes ticket #52) 2012-05-16 08:02:29 +00:00
Paul Bakker
2a5c7a87af - Add Windows required library 2012-05-10 21:54:28 +00:00
Paul Bakker
62f88dc473 Makefile more compatible with WINDOWS environment 2012-05-10 21:26:28 +00:00
Paul Bakker
cd5b529d6d - Added automatic WINDOWS define in Makefile 2012-05-10 20:49:10 +00:00
Paul Bakker
4d2c1243b1 - Changed certificate verify behaviour to comply with RFC 6125 section 6.3 to not match CN if subjectAltName extension is present. 2012-05-10 14:12:46 +00:00
Paul Bakker
7e2c728178 - Updated to support NetBSD 2012-05-08 13:23:16 +00:00
Paul Bakker
186751d9dd - Moved out_msg to out_hdr + 32 to support hardware acceleration 2012-05-08 13:16:14 +00:00
Paul Bakker
3aac1daf1d - Added exception error parsing when FATAL ssl message is received 2012-05-08 13:12:27 +00:00
Paul Bakker
6b906e5095 - Const correctness mpi_get_bit() 
- Documentation mpi_lsb(), mpi_msb()
 2012-05-08 12:01:43 +00:00
Paul Bakker
05ef835b6a - Added support for Hardware Acceleration hooking in SSL/TLS 2012-05-08 09:17:57 +00:00
Paul Bakker
430ffbe564 - Fixed potential heap corruption in x509_name allocation 2012-05-01 08:14:20 +00:00
Paul Bakker
aec37cb653 - Added extra sanity check to DHM values 2012-04-26 18:59:59 +00:00
Paul Bakker
279432a7c0 - Fixed size of clean 2012-04-26 10:09:35 +00:00
Paul Bakker
901c65620e - Fill full buffer (Wrong parameter usage) 2012-04-20 13:25:38 +00:00
Paul Bakker
380da53c48 - Abstracted checksum updating during handshake 2012-04-18 16:10:25 +00:00
Paul Bakker
ca4ab49158 - Added GCM ciphersuites to TLS implementation 2012-04-18 14:23:57 +00:00
Paul Bakker
d8ef167833 - Updated for latest GCM error 2012-04-18 14:17:32 +00:00
Paul Bakker
fc5183cf5d - Added input checking and more efficient buffer overlap use 2012-04-18 14:17:01 +00:00
Paul Bakker
369e14bbf1 - Small code rewrite 2012-04-18 14:16:09 +00:00
Paul Bakker
030277ab1e - Updated error.c to include GCM errors 2012-04-17 12:24:26 +00:00
Paul Bakker
13ed9ab921 - Removed unused variable 2012-04-16 09:43:49 +00:00
Paul Bakker
0a9251870a - Report unexpected_message if unknown record type is received 2012-04-16 06:46:41 +00:00
Paul Bakker
10cd225962 - Added support for the SHA256 ciphersuites of AES and Camellia 2012-04-12 21:26:34 +00:00
Paul Bakker
bf63b36127 - Updated comments 2012-04-12 20:44:34 +00:00
Paul Bakker
c3f177a77b - Added client side support for signature_algorithm extension and affiliated handling 2012-04-11 16:11:49 +00:00
Paul Bakker
1ef83d66dd - Initial bare version of TLS 1.2 2012-04-11 12:09:53 +00:00
Paul Bakker
f34cf85534 - Fixed too restrictive test 2012-04-10 07:48:40 +00:00
Paul Bakker
96d42da8fe - Removed debug value 2012-04-05 13:22:07 +00:00
Paul Bakker
c7ffd36a97 - Added automatic debug flags to CFLAGS if DEBUG is set in shell 2012-04-05 12:08:29 +00:00
Paul Bakker
452d532955 - Fixed potential memory corruption on miscrafted client messages (found by Frama-C team at CEA LIST) 2012-04-05 12:07:34 +00:00
Paul Bakker
6126481796 - Added compat for sun in net.c 2012-04-03 07:54:30 +00:00
Paul Bakker
56a7684023 - Added alternative for SHA1 signature structure to check for (without NULL) 2012-03-22 15:31:27 +00:00
Paul Bakker
0c8f73ba8b - Fixed a mistake in mpi_cmp_mpi() where longer B values are handled wrong 2012-03-22 14:08:57 +00:00
Paul Bakker
f9169629c9 - Removed unused variables 2012-03-20 15:05:51 +00:00
Paul Bakker
89e80c9a43 - Added base Galois/Counter mode (GCM) for AES 2012-03-20 13:50:09 +00:00
Paul Bakker
b6ad62dd21 - Added missing x509write.c 2012-03-20 13:41:33 +00:00
Paul Bakker
02f61692ef - Removed trailing char 2012-03-15 10:54:25 +00:00
Paul Bakker
f654371b2b - Only include dependencies when required 2012-03-05 14:01:29 +00:00
Paul Bakker
ad8d354a1a - Updated RFC ref 2012-02-16 15:28:14 +00:00
Paul Bakker
3cac5e012b - x509_write_cert_req() now supports all available hash functions 2012-02-16 14:08:06 +00:00
Paul Bakker
058881547f - Certificate Requests written now have the Email address written in IA5String 2012-02-16 10:26:57 +00:00
Paul Bakker
bdb912db69 - Added preliminary ASN.1 buffer writing support 
- Added preliminary X509 Certificate Request writing support
 - Added key_app_writer example application
 - Added cert_req example application
 2012-02-13 23:11:30 +00:00
Paul Bakker
048d04ef4b - AES code only check for Padlock once 2012-02-12 17:31:04 +00:00
Paul Bakker
39dfdaca8f - Fixed mpi_fill_random() to fill and create right size MPI 2012-02-12 17:17:27 +00:00
Paul Bakker
8afa70dcd5 - Clean Subject Alternative Name data 2012-02-11 18:42:45 +00:00
Paul Bakker
57b12982b3 - Multi-domain certificates support wildcards as well 2012-02-11 17:38:38 +00:00
Paul Bakker
1504af585c - Removed redundant POLARSSL_DEBUG_MSG define 2012-02-11 16:17:43 +00:00
Paul Bakker
a8cd239d6b - Added support for wildcard certificates 
- Added support for multi-domain certificates through the X509 Subject Alternative Name extension
 2012-02-11 16:09:32 +00:00
Paul Bakker
fab5c829e7 - Added support for NULL cipher (POLARSSL_CIPHER_NULL_CIPHER) and weak ciphersuites (POLARSSL_ENABLE_WEAK_CIPHERSUITES). They are disabled by default! 2012-02-06 16:45:10 +00:00
Paul Bakker
3c18a830b3 - Made changes for 1.1.1 release 2012-01-23 09:44:43 +00:00
Paul Bakker
17caec12af - Changed back statement 2012-01-22 20:37:32 +00:00
Paul Bakker
e88186d2ff - Fixed selftest for CTR_DRBG 2012-01-22 20:29:47 +00:00
Paul Bakker
cf0360a14e - Fixed compiler error on 64-bit systems not using GCC 
- t_udbl optimization now also works on platforms that did not define POLARSSL_HAVE_LONGLONG
 2012-01-20 10:08:14 +00:00
Paul Bakker
ec1b9842c4 - Fixed type of length in get_pkcs_padding() 2012-01-14 18:24:43 +00:00
Paul Bakker
87e5cdad5b - Fixed warning for t if no debugging defined 2012-01-14 18:14:15 +00:00