Manuel Pégourié-Gonnard
21ef42f257
Don't select a PSK ciphersuite if no key available
2013-10-28 14:00:45 +01:00
Paul Bakker
45a2c8d99a
Prevent possible alignment warnings on casting from char * to 'aligned *'
2013-10-28 12:57:08 +01:00
Paul Bakker
677377f472
Server does not send out extensions not advertised by client
2013-10-28 12:54:26 +01:00
Paul Bakker
f34673e37b
Merged RSA-PSK key-exchange and ciphersuites
2013-10-15 12:46:41 +02:00
Paul Bakker
376e8153a0
Merged ECDHE-PSK ciphersuites
2013-10-15 12:45:36 +02:00
Manuel Pégourié-Gonnard
bac0e3b7d2
Dependency fixes
2013-10-15 11:54:47 +02:00
Manuel Pégourié-Gonnard
09258b9537
Refactor parse_server_key_exchange a bit
2013-10-15 11:19:54 +02:00
Manuel Pégourié-Gonnard
8a3c64d73f
Fix and simplify *-PSK ifdef's
2013-10-14 19:54:10 +02:00
Manuel Pégourié-Gonnard
0fae60bb71
Implement RSA-PSK key exchange
2013-10-14 19:34:48 +02:00
Paul Bakker
b9cfaa0c7f
Explicit conversions and minor changes to prevent MSVC compiler warnings
2013-10-14 15:50:40 +02:00
Manuel Pégourié-Gonnard
1b62c7f93d
Fix dependencies and related issues
2013-10-14 14:02:19 +02:00
Manuel Pégourié-Gonnard
bd1ae24449
Factor PSK pms computation to ssl_tls.c
2013-10-14 13:17:36 +02:00
Manuel Pégourié-Gonnard
b59d699a65
Fix bugs in ECDHE_PSK key exchange
2013-10-14 12:00:45 +02:00
Manuel Pégourié-Gonnard
3ce3bbdc00
Add support for ECDHE_PSK key exchange
2013-10-11 18:16:35 +02:00
Paul Bakker
beccd9f226
Explicit void pointer cast for buggy MS compiler
2013-10-11 15:20:27 +02:00
Paul Bakker
caa3af47c0
Handle missing curve extension correctly in ssl_parse_client_hello()
2013-09-28 11:08:43 +02:00
Manuel Pégourié-Gonnard
8372454615
Rework SNI to fix memory issues
2013-09-24 22:30:56 +02:00
Manuel Pégourié-Gonnard
705fcca409
Adapt support for SNI to recent changes
2013-09-24 21:25:54 +02:00
Manuel Pégourié-Gonnard
d09453c88c
Check our ECDSA cert(s) against supported curves
2013-09-24 21:25:53 +02:00
Manuel Pégourié-Gonnard
f24b4a7316
Interface change in ECP info functions
...
ecp_named_curve_from_grp_id() -> ecp_curve_info_from_grp_id()
ecp_grp_id_from_named_curve() -> ecp_curve_info_from_tls_id()
2013-09-24 21:25:53 +02:00
Manuel Pégourié-Gonnard
3ebb2cdb52
Add support for multiple server certificates
2013-09-24 21:25:53 +02:00
Manuel Pégourié-Gonnard
834ea8587f
Change internal structs for multi-cert support
2013-09-24 21:25:53 +02:00
Manuel Pégourié-Gonnard
164d894b9a
Fix: session start time wasn't set server side
2013-09-23 23:00:50 +02:00
Manuel Pégourié-Gonnard
1a483833b3
SSL_TLS doesn't depend on PK any more
...
(But PK does depend on RSA or ECP.)
2013-09-20 12:29:15 +02:00
Manuel Pégourié-Gonnard
34ced2dffe
Fix mis-sized buffer
...
Reported by rgacogne on twitter.
Also spotted by gcc-4.8 with -O2
2013-09-20 11:37:39 +02:00
Manuel Pégourié-Gonnard
a7496f00ff
Fix a few more warnings in small configurations
2013-09-20 11:29:59 +02:00
Paul Bakker
6db455e6e3
PSK callback added to SSL server
2013-09-18 21:14:58 +02:00
Manuel Pégourié-Gonnard
a310459f5c
Fix a few things that broke with RSA compiled out
2013-09-18 15:37:44 +02:00
Manuel Pégourié-Gonnard
51451f8d26
Replace EC flag with ssl_ciphersuite_uses_ec()
2013-09-18 14:35:56 +02:00
Manuel Pégourié-Gonnard
15d5de1969
Simplify usage of DHM blinding
2013-09-18 14:35:55 +02:00
Manuel Pégourié-Gonnard
568c9cf878
Add ecp_supported_curves and simplify some code
2013-09-18 14:34:34 +02:00
Manuel Pégourié-Gonnard
7038039f2e
Dissociate TLS and internal EC curve identifiers
...
Allows to add new curves before they get a TLS number
2013-09-18 14:34:34 +02:00
Manuel Pégourié-Gonnard
a97c015f89
Rm useless/wrong DHM lenght test
2013-09-18 14:34:33 +02:00
Paul Bakker
b6b0956631
Rm of memset instead of x509_crt_init()
2013-09-18 14:32:52 +02:00
Paul Bakker
c559c7a680
Renamed x509_cert structure to x509_crt for consistency
2013-09-18 14:32:52 +02:00
Paul Bakker
ddf26b4e38
Renamed x509parse_* functions to new form
...
e.g. x509parse_crtfile -> x509_crt_parse_file
2013-09-18 13:46:23 +02:00
Paul Bakker
7c6b2c320e
Split up X509 files into smaller modules
2013-09-16 21:41:54 +02:00
Paul Bakker
2292d1fad0
Fixed warnings in case POLARSSL_X509_PARSE_C is not defined
2013-09-15 17:06:49 +02:00
Paul Bakker
c0dcf0ceb1
Merged blinding additions for EC, RSA and DHM into development
2013-09-10 14:44:27 +02:00
Manuel Pégourié-Gonnard
9f5a3c4a0a
Fix possible memory error.
2013-09-08 20:08:59 +02:00
Manuel Pégourié-Gonnard
032c34e206
Don't use DH blinding for ephemeral DH
2013-09-07 13:06:27 +02:00
Manuel Pégourié-Gonnard
2d627649bf
Change dhm_calc_secret() prototype
2013-09-04 14:22:07 +02:00
Manuel Pégourié-Gonnard
e09d2f8261
Change ecp_mul() prototype to allow randomization
...
(Also improve an error code while at it.)
2013-09-02 14:29:09 +02:00
Paul Bakker
9659dae046
Some extra code defined out
2013-08-28 16:21:34 +02:00
Paul Bakker
577e006c2f
Merged ECDSA-based key-exchange and ciphersuites into development
...
Conflicts:
include/polarssl/config.h
library/ssl_cli.c
library/ssl_srv.c
library/ssl_tls.c
2013-08-28 11:58:40 +02:00
Manuel Pégourié-Gonnard
9cc6f5c61b
Fix some hash debugging
2013-08-27 22:21:21 +02:00
Manuel Pégourié-Gonnard
4bd1284f59
Fix ECDSA hash selection bug with TLS 1.0 and 1.1
2013-08-27 22:21:21 +02:00
Manuel Pégourié-Gonnard
e511ffca50
Allow compiling without RSA or DH
...
Only library and programs now, need to check test suites later.
2013-08-27 22:21:21 +02:00
Manuel Pégourié-Gonnard
f484282e96
Rm a few unneeded tests
2013-08-27 22:21:21 +02:00
Manuel Pégourié-Gonnard
d11eb7c789
Fix sig_alg extension on client.
...
Temporary solution on server.
2013-08-27 22:21:21 +02:00
Manuel Pégourié-Gonnard
bfe32efb9b
pk_{sign,verify}() now accept hash_len = 0
2013-08-27 22:21:21 +02:00
Manuel Pégourié-Gonnard
a20c58c6f1
Use convert functions for SSL_SIG_* and SSL_HASH_*
2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard
0d42049440
Merge code for RSA and ECDSA in SSL
2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard
070cc7fd21
Use the new PK RSA-alt interface
2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard
a2d3f22007
Add and use pk_encrypt(), pk_decrypt()
2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard
8df2769178
Introduce pk_sign() and use it in ssl
2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard
583b608401
Fix some return values
2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard
abae74c4a0
Add server support for ECDHE_ECDSA key exchange
2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard
32ea60a127
Declare ECDSA key exchange and ciphersuites
...
Also fix bug in ssl_list_ciphersuites().
For now, disable it on server.
Client will offer it but fail if server selects it.
2013-08-27 22:21:19 +02:00
Manuel Pégourié-Gonnard
0b03200e96
Add server-side support for ECDSA client auth
2013-08-27 22:21:19 +02:00
Paul Bakker
0be444a8b1
Ability to disable server_name extension (RFC 6066)
2013-08-27 21:55:01 +02:00
Paul Bakker
d2f068e071
Ability to enable / disable SSL v3 / TLS 1.0 / TLS 1.1 / TLS 1.2 individually
2013-08-27 21:19:20 +02:00
Manuel Pégourié-Gonnard
0a20171d52
Fix compiler warning from gcc -Os
2013-08-26 14:31:43 +02:00
Manuel Pégourié-Gonnard
c6554aab3d
Check length of session tickets we write
2013-08-26 14:26:33 +02:00
Manuel Pégourié-Gonnard
b3d9187cea
PK: add nice interface functions
...
Also fix a const-corectness issue.
2013-08-20 20:46:04 +02:00
Paul Bakker
5fd4917d97
Add missing ifdefs in ssl modules
2013-08-19 13:30:28 +02:00
Manuel Pégourié-Gonnard
0b2726732e
Fix ifdef conditions for EC-related extensions.
...
Was alternatively ECP_C and ECDH_C.
2013-08-16 13:56:17 +02:00
Manuel Pégourié-Gonnard
5734b2d358
Actually use the point format selected for ECDH
2013-08-16 13:56:16 +02:00
Manuel Pégourié-Gonnard
7b19c16b74
Handle suported_point_formats in ServerHello
2013-08-16 13:56:16 +02:00
Paul Bakker
1f2bc6238b
Made support for the truncated_hmac extension configurable
2013-08-15 13:45:55 +02:00
Paul Bakker
05decb24c3
Made support for the max_fragment_length extension configurable
2013-08-15 13:33:48 +02:00
Paul Bakker
606b4ba20f
Session ticket expiration checked on server
2013-08-15 11:42:48 +02:00
Paul Bakker
f0e39acb58
Fixed unitialized n when resuming a session
2013-08-15 11:40:48 +02:00
Paul Bakker
a503a63b85
Made session tickets support configurable from config.h
2013-08-14 14:26:03 +02:00
Manuel Pégourié-Gonnard
56dc9e8bba
Authenticate session tickets.
2013-08-14 14:08:07 +02:00
Manuel Pégourié-Gonnard
990c51a557
Encrypt session tickets
2013-08-14 14:08:07 +02:00
Manuel Pégourié-Gonnard
779e42982c
Start adding ticket keys (only key_name for now)
2013-08-14 14:08:06 +02:00
Manuel Pégourié-Gonnard
aa0d4d1aff
Add ssl_set_session_tickets()
2013-08-14 14:08:06 +02:00
Manuel Pégourié-Gonnard
306827e3bc
Prepare ticket structure for securing
2013-08-14 14:08:06 +02:00
Manuel Pégourié-Gonnard
593058e35e
Don't renew ticket when the current one is OK
2013-08-14 14:08:05 +02:00
Manuel Pégourié-Gonnard
c086cce3d3
Don't cache empty session ID nor resumed session
2013-08-14 14:08:05 +02:00
Manuel Pégourié-Gonnard
7cd5924cec
Rework NewSessionTicket handling in state machine
...
Fixes bug: NewSessionTicket was ommited in resumed sessions.
2013-08-14 14:08:05 +02:00
Manuel Pégourié-Gonnard
3ffa3db80b
Fix server session ID handling with ticket
2013-08-14 14:08:05 +02:00
Manuel Pégourié-Gonnard
72882b2079
Relax limit on ClientHello size
2013-08-14 14:08:05 +02:00
Manuel Pégourié-Gonnard
609bc81a76
ssl_srv: read & write ticket, unsecure for now
2013-08-14 14:08:05 +02:00
Manuel Pégourié-Gonnard
94f6a79cde
Auxiliary functions to (de)serialize ssl_session
2013-08-14 14:08:05 +02:00
Manuel Pégourié-Gonnard
7a358b8580
ssl_srv: write & parse session ticket ext & msg
2013-08-14 14:08:04 +02:00
Manuel Pégourié-Gonnard
57c2852807
Added truncated hmac negociation (without effect)
2013-07-19 14:51:47 +02:00
Manuel Pégourié-Gonnard
e048b67d0a
Misc minor fixes
...
- avoid "multi-line comment" warning in ssl_client2.c
- rm useless initialisation of mfl_code in ssl_init()
- const-correctness of ssl_parse_*_ext()
- a code formating issue
2013-07-19 12:56:08 +02:00
Manuel Pégourié-Gonnard
ed4af8b57c
Move negotiated max fragment length to session
...
User-set max fragment length remains in ssl_context.
The min of the two is used for sizing fragments.
2013-07-18 14:07:09 +02:00
Manuel Pégourié-Gonnard
7bb7899121
Send max_fragment_length extension (server)
2013-07-18 11:23:48 +02:00
Manuel Pégourié-Gonnard
f11a6d78c7
Rework server extensions writing
2013-07-18 11:23:38 +02:00
Manuel Pégourié-Gonnard
48f8d0dbbd
Read max_fragment_length extension (server)
2013-07-18 11:18:14 +02:00
Manuel Pégourié-Gonnard
ff56da3a26
Fix direct uses of x509_cert.rsa, now use pk_rsa()
2013-07-17 15:59:42 +02:00
Paul Bakker
61d113bb7b
Init and free new contexts in the right place for SSL to prevent
...
memory leaks
2013-07-16 17:48:58 +02:00
Paul Bakker
fa9b10050b
Also compiles / runs without time-based functions in OS
...
Can now run without need of time() / localtime() and gettimeofday()
2013-07-03 17:22:32 +02:00
Paul Bakker
9e36f0475f
SHA2 renamed to SHA256, SHA4 renamed to SHA512 and functions accordingly
...
The SHA4 name was not clear with regards to the new SHA-3 standard. So
SHA2 and SHA4 have been renamed to better represent what they are:
SHA256 and SHA512 modules.
2013-06-30 14:34:05 +02:00
Paul Bakker
5dc6b5fb05
Made supported curves configurable
2013-06-29 23:26:34 +02:00
Paul Bakker
2fbefde1d8
Client and server now filter sent and accepted ciphersuites on minimum
...
and maximum protocol version
2013-06-29 18:35:40 +02:00
Paul Bakker
59c28a2723
SSL v2 handshake should also handle dynamic ciphersuites
2013-06-29 18:35:40 +02:00