Paul Bakker
0a59707523
- Added simple SSL session cache implementation
...
- Revamped session resumption handling
2012-09-25 21:55:46 +00:00
Paul Bakker
4811b56524
- Added util/CMakelists.txt
2012-09-25 11:45:38 +00:00
Paul Bakker
29b64761fd
- Added predefined DHM groups from RFC 5114
2012-09-25 09:36:44 +00:00
Paul Bakker
b60b95fd7f
- Added first version of ssl_server2 example application
2012-09-25 09:05:17 +00:00
Paul Bakker
0f409a1911
- Added missing subdirectory line for util
2012-09-25 08:19:18 +00:00
Paul Bakker
d0f6fa7bdc
- Sending of handshake_failures during renegotiation added
...
- Handle two legacy modes differently: SSL_LEGACY_BREAK_HANDSHAKE and SSL_LEGACY_NO_RENEGOTIATION
2012-09-17 09:18:12 +00:00
Paul Bakker
48916f9b67
- Added Secure Renegotiation (RFC 5746)
2012-09-16 19:57:18 +00:00
Paul Bakker
f518b16f97
- Added PKCS#5 PBKDF2 key derivation function
2012-08-23 13:03:18 +00:00
Paul Bakker
835b29e7c3
- Should not be debug_level 5 in repo (reset to 0)
2012-08-23 08:31:59 +00:00
Paul Bakker
3d58fe8af6
- Added Blowfish to benchmarks
2012-07-04 17:15:31 +00:00
Paul Bakker
26c4e3cb0b
- Made crypt_and_cipher more robust with other ciphers / hashes
2012-07-04 17:08:33 +00:00
Paul Bakker
a9379c0ed1
- Added base blowfish algorithm
2012-07-04 11:02:11 +00:00
Paul Bakker
92eeea4627
- Modified CMakeLists to support zlib
2012-07-03 15:10:33 +00:00
Paul Bakker
2770fbd651
- Added DEFLATE compression support as per RFC3749 (requires zlib)
2012-07-03 13:30:23 +00:00
Paul Bakker
8d914583f3
- Added X509 CA Path support
2012-06-04 12:46:42 +00:00
Paul Bakker
e6ee41f932
- Added OpenSSL / PolarSSL compatibility script (tests/compat.sh) and example application (programs/ssl/o_p_test) (Requires OpenSSL)
...
- Handle encryption with private key and decryption with public key as per RFC 2313
2012-05-19 08:43:48 +00:00
Paul Bakker
4248823f43
- Updated to handle x509parse_crtfile() positive return values
2012-05-16 08:21:05 +00:00
Paul Bakker
62f88dc473
Makefile more compatible with WINDOWS environment
2012-05-10 21:26:28 +00:00
Paul Bakker
cd5b529d6d
- Added automatic WINDOWS define in Makefile
2012-05-10 20:49:10 +00:00
Paul Bakker
4d2c1243b1
- Changed certificate verify behaviour to comply with RFC 6125 section 6.3 to not match CN if subjectAltName extension is present.
2012-05-10 14:12:46 +00:00
Paul Bakker
01cc394848
- Added commandline error code convertor (util/strerror)
2012-05-08 08:36:15 +00:00
Paul Bakker
88f17b8549
- Fixed for new DHM handling (TLS 1.2)
2012-04-26 18:52:13 +00:00
Paul Bakker
ca4ab49158
- Added GCM ciphersuites to TLS implementation
2012-04-18 14:23:57 +00:00
Paul Bakker
0b22e3e989
- Print return codes properly
2012-04-18 14:23:29 +00:00
Paul Bakker
6f3578cfc8
- Report proper error number
2012-04-16 06:46:01 +00:00
Paul Bakker
10cd225962
- Added support for the SHA256 ciphersuites of AES and Camellia
2012-04-12 21:26:34 +00:00
Paul Bakker
570267f01a
- print error string in useful format
2012-04-10 08:22:46 +00:00
Paul Bakker
c7ffd36a97
- Added automatic debug flags to CFLAGS if DEBUG is set in shell
2012-04-05 12:08:29 +00:00
Paul Bakker
b78c74551f
- Use standard IV of 12
2012-03-20 15:05:59 +00:00
Paul Bakker
89e80c9a43
- Added base Galois/Counter mode (GCM) for AES
2012-03-20 13:50:09 +00:00
Paul Bakker
12f5dbb8b4
- Fixed MD type to SHA1
2012-03-05 13:37:13 +00:00
Paul Bakker
92101f2d02
- Keep requests for future use
2012-02-16 14:09:31 +00:00
Paul Bakker
89f3fc5bf1
- Removed superfluous debugging info
2012-02-16 13:36:38 +00:00
Paul Bakker
bdb912db69
- Added preliminary ASN.1 buffer writing support
...
- Added preliminary X509 Certificate Request writing support
- Added key_app_writer example application
- Added cert_req example application
2012-02-13 23:11:30 +00:00
Paul Bakker
57b12982b3
- Multi-domain certificates support wildcards as well
2012-02-11 17:38:38 +00:00
Paul Bakker
a8cd239d6b
- Added support for wildcard certificates
...
- Added support for multi-domain certificates through the X509 Subject Alternative Name extension
2012-02-11 16:09:32 +00:00
Paul Bakker
fab5c829e7
- Added support for NULL cipher (POLARSSL_CIPHER_NULL_CIPHER) and weak ciphersuites (POLARSSL_ENABLE_WEAK_CIPHERSUITES). They are disabled by default!
2012-02-06 16:45:10 +00:00
Paul Bakker
13eb9f01cf
- Added error exit code
2012-02-06 15:35:10 +00:00
Paul Bakker
1052784054
- Fixed typo
2012-01-14 18:00:00 +00:00
Paul Bakker
fb3a83f9e3
- Added appropriate error handling to ctr_drbg_init()
2011-12-15 20:05:53 +00:00
Paul Bakker
3f9b650b4b
- Fixed renumber error code for POLARSSL_ERR_CTR_DRBG_FILE_IO_ERROR
2011-12-15 19:50:22 +00:00
Paul Bakker
b1dee1cfd2
- Changed commands to lowercase where it was not the case
2011-12-11 11:29:51 +00:00
Paul Bakker
69e095cc15
- Changed the behaviour of x509parse_parse_crt for permissive parsing. Now returns the number of 'failed certificates' instead of having a switch to enable it.
...
- As a consequence all error code that were positive were changed. A lot of MALLOC_FAILED and FILE_IO_ERROR error codes added for different modules.
- Programs and tests were adapted accordingly
2011-12-10 21:55:01 +00:00
Paul Bakker
b8ba90b316
- Enlarged default CRL size buffer
2011-12-05 14:34:12 +00:00
Paul Bakker
fc754a9178
- Addedd writing and updating of seedfiles as functions to CTR_DRBG
2011-12-05 13:23:51 +00:00
Paul Bakker
508ad5ab6d
- Moved all examples programs to use the new entropy and CTR_DRBG
2011-12-04 17:09:26 +00:00
Paul Bakker
4dc6457274
- Added public key of server1.key
2011-12-04 17:09:08 +00:00
Paul Bakker
310c25e564
- Fixed minor bug by zeroizing result memory
2011-12-04 17:06:56 +00:00
Paul Bakker
6c0ceb3f9a
- Added permissive certificate parsing to x509parse_crt() and x509parse_crtfile(). With permissive parsing the parsing does not stop on encountering a parse-error
2011-12-04 12:24:18 +00:00
Paul Bakker
a17bcc3033
- Fixed typo
2011-12-03 21:45:50 +00:00