Manuel Pégourié-Gonnard
352143fa1e
Refactor for clearer correctness/security
2015-01-13 12:02:55 +01:00
Manuel Pégourié-Gonnard
18292456c5
Add support for getrandom()
2015-01-09 14:34:13 +01:00
Manuel Pégourié-Gonnard
e117a8fc0d
Make truncated hmac a runtime option server-side
...
Reading the documentation of ssl_set_truncated_hmac() may give the impression
I changed the default for clients but I didn't, the old documentation was
wrong.
2015-01-09 12:52:20 +01:00
Manuel Pégourié-Gonnard
f01768c55e
Specific error for suites in common but none good
2015-01-08 17:06:16 +01:00
Manuel Pégourié-Gonnard
df331a55d2
Prefer SHA-1 certificates for pre-1.2 clients
2015-01-08 16:43:07 +01:00
Manuel Pégourié-Gonnard
6458e3b743
Some more refactoring/tuning.
2015-01-08 14:16:56 +01:00
Manuel Pégourié-Gonnard
846ba473af
Minor refactoring
2015-01-08 13:54:38 +01:00
Manuel Pégourié-Gonnard
cfa477ef2f
Allow disabling record splitting at runtime
2015-01-07 14:56:54 +01:00
Manuel Pégourié-Gonnard
d76314c44c
Add 1/n-1 record splitting
2015-01-07 14:56:54 +01:00
Manuel Pégourié-Gonnard
d94232389e
Skip signature_algorithms ext if PSK only
2014-12-02 11:57:29 +01:00
Manuel Pégourié-Gonnard
eaecbd3ba8
Fix warning in reduced configs
2014-12-02 10:40:55 +01:00
Manuel Pégourié-Gonnard
837f0fe831
Make renego period configurable
2014-12-02 10:40:55 +01:00
Manuel Pégourié-Gonnard
b445805283
Auto-renegotiate before sequence number wrapping
2014-12-02 10:40:55 +01:00
Manuel Pégourié-Gonnard
6186019d5d
Save 48 bytes if SSLv3 is not defined
2014-12-02 10:40:54 +01:00
Manuel Pégourié-Gonnard
615e677c0b
Make renegotiation a compile-time option
2014-12-02 10:40:54 +01:00
Manuel Pégourié-Gonnard
60346be2a3
Improve debugging message.
...
This actually prints only the payload, not the potential IV and/or MAC,
so (to me at least) it's much less confusing
2014-11-27 17:44:46 +01:00
Manuel Pégourié-Gonnard
e423246e7f
Fix net_usleep for durations greater than 1 second
2014-11-27 17:44:46 +01:00
Manuel Pégourié-Gonnard
9439f93ea4
Use pk_load_file() in X509
...
Saves a bit of ROM. X509 depends on PK anyway.
2014-11-27 17:44:46 +01:00
Manuel Pégourié-Gonnard
2457fa0915
Create ticket keys only if enabled
2014-11-27 17:44:45 +01:00
Manuel Pégourié-Gonnard
d16d1cb96a
Use more #ifdef's on CLI_C and SRV_C in ssl_tls.c
2014-11-27 17:44:45 +01:00
Manuel Pégourié-Gonnard
fd6c85c3eb
Set a compile-time limit to X.509 chain length
2014-11-20 16:37:41 +01:00
Manuel Pégourié-Gonnard
6ed2d92629
Make x509_crl_parse() iterative
2014-11-20 16:36:07 +01:00
Manuel Pégourié-Gonnard
426d4ae7ff
Split x509_crl_parse_der() out of x509_crl_parse()
2014-11-20 16:36:07 +01:00
Manuel Pégourié-Gonnard
8c9223df84
Add text view to debug_print_buf()
2014-11-19 13:21:38 +01:00
Manuel Pégourié-Gonnard
8e4b3374d7
Fix some more warnings in reduced configs
2014-11-17 15:06:13 +01:00
Manuel Pégourié-Gonnard
98aa19148c
Adjust warnings in different modes
2014-11-14 16:45:48 +01:00
Manuel Pégourié-Gonnard
e5b0fc1847
Make malloc-init script a bit happier
2014-11-13 12:42:12 +01:00
Manuel Pégourié-Gonnard
f631bbc1da
Make x509_string_cmp() iterative
2014-11-13 12:42:06 +01:00
Manuel Pégourié-Gonnard
8a5e3d4a40
Forbid repeated X.509 extensions
2014-11-12 18:13:58 +01:00
Manuel Pégourié-Gonnard
d681443f69
Fix potential stack overflow
2014-11-12 01:25:31 +01:00
Manuel Pégourié-Gonnard
b134060f90
Fix memory leak with crafted X.509 certs
2014-11-12 00:01:52 +01:00
Manuel Pégourié-Gonnard
0369a5291b
Fix uninitialised pointer dereference
2014-11-12 00:01:52 +01:00
Manuel Pégourié-Gonnard
e959979621
Fix ECDSA sign buffer size
2014-11-12 00:01:52 +01:00
Manuel Pégourié-Gonnard
b31b61b9e8
Fix potential undefined behaviour in Camellia
2014-11-12 00:01:51 +01:00
Manuel Pégourié-Gonnard
7c13d69cb5
Fix dependency issues
2014-11-12 00:01:34 +01:00
Manuel Pégourié-Gonnard
a1efcb084f
Implement pk_check_pair() for RSA-alt
2014-11-08 18:00:22 +01:00
Manuel Pégourié-Gonnard
27e3edbe2c
Check key/cert pair in ssl_set_own_cert()
2014-11-06 18:25:51 +01:00
Manuel Pégourié-Gonnard
70bdadf54b
Add pk_check_pair()
2014-11-06 18:25:51 +01:00
Manuel Pégourié-Gonnard
30668d688d
Add ecp_check_pub_priv()
2014-11-06 18:25:51 +01:00
Manuel Pégourié-Gonnard
2f8d1f9fc3
Add rsa_check_pub_priv()
2014-11-06 18:25:51 +01:00
Manuel Pégourié-Gonnard
e10e06d863
Blind RSA operations even without CRT
2014-11-06 18:25:44 +01:00
Manuel Pégourié-Gonnard
d056ce0e3e
Use seq_num as AEAD nonce by default
2014-11-06 18:23:49 +01:00
Manuel Pégourié-Gonnard
9d7821d774
Fix warning in reduced config
2014-11-06 01:19:52 +01:00
Manuel Pégourié-Gonnard
1a03473576
Keep EtM state across renegotiations
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
169dd6a514
Adjust minimum length for EtM
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
78e745fc0a
Don't send back EtM extension if not using CBC
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
08558e5b46
Fix for the RFC erratum
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
313d796e80
Implement EtM
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
0098e7dc70
Preparation for EtM
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
699cafaea2
Implement initial negotiation of EtM
...
Not implemented yet:
- actually using EtM
- conditions on renegotiation
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
b575b54cb9
Forbid extended master secret with SSLv3
2014-11-05 16:00:50 +01:00
Manuel Pégourié-Gonnard
ada3030485
Implement extended master secret
2014-11-05 16:00:49 +01:00
Manuel Pégourié-Gonnard
367381fddd
Add negotiation of Extended Master Secret
...
(But not the actual thing yet.)
2014-11-05 16:00:49 +01:00
Manuel Pégourié-Gonnard
01b2699198
Implement FALLBACK_SCSV server-side
2014-11-05 16:00:49 +01:00
Manuel Pégourié-Gonnard
1cbd39dbeb
Implement FALLBACK_SCSV client-side
2014-11-05 16:00:49 +01:00
Paul Bakker
82788fb63b
Fix minor style issues
2014-10-20 13:59:19 +02:00
Paul Bakker
9eac4f7c4e
Prepare for release 1.3.9
2014-10-20 13:56:15 +02:00
Manuel Pégourié-Gonnard
f7cdbc0e87
Fix potential bad read of length
2014-10-17 17:02:10 +02:00
Manuel Pégourié-Gonnard
ef9a6aec51
Allow comparing name with mismatched encodings
2014-10-17 12:42:31 +02:00
Manuel Pégourié-Gonnard
88421246d8
Rename a function
2014-10-17 12:42:30 +02:00
Manuel Pégourié-Gonnard
43c3b28ca6
Fix memory leak with crafted ClientHello
2014-10-17 12:42:11 +02:00
Manuel Pégourié-Gonnard
5d8618539f
Fix memory leak while parsing some X.509 certs
2014-10-17 12:41:41 +02:00
Manuel Pégourié-Gonnard
64938c63f0
Accept spaces at end of line/buffer in base64
2014-10-15 23:53:33 +02:00
Manuel Pégourié-Gonnard
7f4ed67a97
Fix compile error with armcc in mpi_is_prime()
2014-10-15 22:06:46 +02:00
Paul Bakker
5a5fa92bfe
x509_crt_parse() did not increase total_failed on PEM error
...
Result was that PEM errors in files with multiple certificates were not
detectable by the user.
2014-10-03 15:47:13 +02:00
Manuel Pégourié-Gonnard
480905d563
Fix selection of hash from sig_alg ClientHello ext.
2014-08-30 14:19:59 +02:00
Sander Niemeijer
ef5087d150
Added explicit casts to prevent compiler warnings when trying to build for iOS
2014-08-21 23:48:14 +02:00
Manuel Pégourié-Gonnard
8ef7088bb9
Use polarssl_zeroize() in asn1parse too
2014-08-21 18:15:09 +02:00
Peter Vaskovic
a676acf66b
Fix missing curly braces.
2014-08-21 17:56:25 +02:00
Manuel Pégourié-Gonnard
a13500fdf7
Fix bug with ssl_close_notify and non-blocking I/O
2014-08-19 16:14:04 +02:00
Manuel Pégourié-Gonnard
44ade654c5
Implement (partial) renego delay on client
2014-08-19 13:58:40 +02:00
Manuel Pégourié-Gonnard
f07f421759
Fix server-initiated renego with non-blocking I/O
2014-08-19 13:32:15 +02:00
Manuel Pégourié-Gonnard
6591962f06
Allow delay on renego on client
...
Currently unbounded: will be fixed later
2014-08-19 12:50:30 +02:00
Manuel Pégourié-Gonnard
f26a1e8602
ssl_read() stops returning non-application data
2014-08-19 12:28:50 +02:00
Manuel Pégourié-Gonnard
55e4ff2ace
Tune comments
2014-08-19 11:52:33 +02:00
Manuel Pégourié-Gonnard
462906f955
Do no test net_usleep() when not defined
2014-08-14 11:34:35 +02:00
Manuel Pégourié-Gonnard
192253aaa9
Fix buffer size in pk_write_*_pem()
2014-08-14 11:34:35 +02:00
Alfred Klomp
b308dd72d9
timing.c: avoid referencing garbage value
...
Found with Clang's `scan-build` tool.
When get_timer() is called with `reset` set to 1, the value of
t->start.tv_sec is used as a rvalue without being initialized first.
This is relatively harmless because the result of get_timer() is not
used by the callers when called in "reset mode". However, scan-build
prints a warning.
Silence the warning by only calculating the delta on non-reset runs,
returning zero otherwise.
2014-08-14 11:34:35 +02:00
Alfred Klomp
7ee55624fb
gcm.c: remove dead store
...
Found with Clang's `scan-build` tool.
The value written to `hi` is never used, resulting in a warning. Remove
the dead store to get rid of the warning.
2014-08-14 11:34:35 +02:00
Alfred Klomp
1b4eda3af9
pkcs5.c: fix dead store: return proper exit status
...
Found with Clang's `scan-build` tool.
The error value assigned to `ret` is not returned, meaning that the
selftest always succeeds. Ensure the error value is propagated back to
the caller.
2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard
8d77eeeaf6
Fix integer suffix rejected by some MSVC versions
2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard
9a6b442cee
Fix non-blocking sockets in net_accept()
2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard
a04fa4fa04
RSA-PSK key exchange requires TLS 1.x
...
It's not clear if, with SSL3, one should include send the two length bytes for
EncryptedPreMasterSecret or not, so require TLS to avoid interop issues.
2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard
8d4ad07706
SHA-2 ciphersuites now require TLS 1.x
2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard
2fbf311391
Fix dependency issue in memory_buffer_alloc
2014-08-14 11:34:34 +02:00
Manuel Pégourié-Gonnard
97884a31cb
Fix printf format warnings in memory_buffer_alloc
2014-08-14 11:34:33 +02:00
Manuel Pégourié-Gonnard
86bbc7fc30
Fix typo causing compile error with NULL cipher
2014-08-14 11:34:33 +02:00
Paul Bakker
8dcb2d7d7e
Support escaping of commas in x509_string_to_names()
2014-08-11 11:59:52 +02:00
Paul Bakker
21e081b068
Prevent (incorrect) compiler warning
2014-07-24 10:38:01 +02:00
Paul Bakker
6c343d7d9a
Fix mpi_write_string() to write "00" as hex output for empty MPI
2014-07-10 15:27:10 +02:00
Paul Bakker
5b11d026cd
Fix dependencies and includes without FS_IO and PLATFORM_C
2014-07-10 15:27:10 +02:00
Manuel Pégourié-Gonnard
b196fc23b1
Fix dhm_selftest() return value
2014-07-09 16:53:29 +02:00
Paul Bakker
968afaa06f
ssl_key_cert not available in all configurations
2014-07-09 11:34:48 +02:00
Paul Bakker
ec3a617d40
Make ready for release of 1.3.8 and soversion 7
2014-07-09 10:21:28 +02:00
Paul Bakker
84bbeb58df
Adapt cipher and MD layer with _init() and _free()
2014-07-09 10:19:24 +02:00
Paul Bakker
accaffe2c3
Restructure ssl_handshake_init() and small fixes
2014-07-09 10:19:24 +02:00
Paul Bakker
a317a98221
Adapt programs / test suites
2014-07-09 10:19:24 +02:00
Paul Bakker
8f870b047c
Add dhm_init()
2014-07-09 10:19:23 +02:00
Paul Bakker
fff0366bba
Add ctr_drbg_free()
2014-07-09 10:19:23 +02:00
Paul Bakker
5b4af39a36
Add _init() and _free() for hash modules
2014-07-09 10:19:23 +02:00
Paul Bakker
c7ea99af4f
Add _init() and _free() for cipher modules
2014-07-09 10:19:22 +02:00
Manuel Pégourié-Gonnard
d27680bd5e
Clarify code using PSK callback
2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard
0698f7c21a
Rm duplicate entry in oid_md_alg
2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard
14beb08542
Fix missing const
2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard
ba782bbc4b
Save some space in ECP curve tables
2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard
67dbe1ef44
Better length checking in ecp_point_read_binary()
2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard
08e81e0c8f
Change selection of hash algorithm for TLS 1.2
2014-07-08 14:20:26 +02:00
Manuel Pégourié-Gonnard
bd77254b18
md_list() starting with strongest hash
2014-07-08 13:03:02 +02:00
Paul Bakker
8fb99abaac
Merge changes for leaner memory footprint
2014-07-04 15:02:19 +02:00
Paul Bakker
b9e08b086b
Merge server-side enforced renegotiation requests
2014-07-04 15:01:37 +02:00
Paul Bakker
d598318661
Fix base64_decode() to return and check length correctly
2014-07-04 15:01:00 +02:00
Manuel Pégourié-Gonnard
481fcfde93
Make PSK_LEN configurable and adjust PMS size
2014-07-04 14:59:08 +02:00
Manuel Pégourié-Gonnard
dfc7df0bec
Add SSL_CIPHERSUITES config option
2014-07-04 14:59:02 +02:00
Manuel Pégourié-Gonnard
a9964dbcd5
Add ssl_set_renegotiation_enforced()
2014-07-04 14:16:07 +02:00
Manuel Pégourié-Gonnard
791684c058
Save RAM when only a few ciphersuites are defined
2014-06-30 19:07:01 +02:00
Manuel Pégourié-Gonnard
31855456f9
Fix clang's check mode again
2014-06-25 15:59:50 +02:00
Manuel Pégourié-Gonnard
bee8ded03a
Fix warning depending on configuration
2014-06-25 12:22:59 +02:00
Manuel Pégourié-Gonnard
01edb1044c
Add POLARSSL_REMOVE_RC4_CIPHERSUITES
2014-06-25 11:27:59 +02:00
Paul Bakker
2a45d1c8bb
Merge changes to config examples and configuration issues
2014-06-25 11:27:00 +02:00
Manuel Pégourié-Gonnard
dd0c0f33c0
Better usage of dhm_calc_secret in SSL
2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard
8df68632e8
Fix bug in DHE-PSK PMS computation
2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard
5c1f032653
Abort handshake if no point format in common
2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard
fd35af1579
Fix off-by-one error in point format parsing
2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard
87a8ffeaba
Padlock asm using \n\t too
2014-06-25 11:26:14 +02:00
Manuel Pégourié-Gonnard
0534fd4c1a
Change asm format to \n\t in aesni.c too
2014-06-25 11:26:13 +02:00
Manuel Pégourié-Gonnard
03576887c2
Remove misplaced debugging message
2014-06-25 11:26:13 +02:00
Manuel Pégourié-Gonnard
42b5374523
Switch CCM and GCM in default suite order
...
The upcoming BCP document recommends GCM as the default.
2014-06-25 11:26:13 +02:00
Manuel Pégourié-Gonnard
d249b7ab9a
Restore ability to trust non-CA selfsigned EE cert
2014-06-25 11:26:13 +02:00
Manuel Pégourié-Gonnard
c4eff16516
Restore ability to use v1 CA if trusted locally
2014-06-25 11:26:12 +02:00
Manuel Pégourié-Gonnard
eaa76f7e20
Fix computation of minlen for encrypted packets
2014-06-25 11:26:12 +02:00
Manuel Pégourié-Gonnard
e800cd81d7
Re-arrange some code in ssl_derive_keys()
2014-06-25 11:26:11 +02:00
Manuel Pégourié-Gonnard
b46e6adb9c
Check input lengths in GCM
2014-06-25 11:26:11 +02:00
Manuel Pégourié-Gonnard
0bcc4e1df7
Fix length checking for AEAD ciphersuites
2014-06-25 11:26:10 +02:00
Manuel Pégourié-Gonnard
66e20c6318
Fix warning and typo->error.
2014-06-24 17:47:40 +02:00
Manuel Pégourié-Gonnard
ac2ccf897c
Fix CCM ciphersuites definition: PSK <-> DHE-PSK!
2014-06-24 15:48:01 +02:00
Manuel Pégourié-Gonnard
8f625632bb
Fix dependencies: GCM != AEAD != CCM
2014-06-24 15:26:28 +02:00
Manuel Pégourié-Gonnard
5bfd968e01
Fix warning with TLS 1.2 without RSA or ECDSA
2014-06-24 15:18:11 +02:00
Paul Bakker
1c98ff96b5
Merge more test improvements and tests
...
Conflicts:
tests/suites/test_suite_cipher.blowfish.data
2014-06-24 11:12:00 +02:00
Paul Bakker
91c301abbe
Zeroize values in PKCS#12 operations
2014-06-24 11:09:39 +02:00
Manuel Pégourié-Gonnard
398c57b0b3
Blowfish accepts variable key len in cipher layer
2014-06-24 11:01:33 +02:00
Manuel Pégourié-Gonnard
f3b47243df
Split x509_csr_parse_der() out of x509_csr_parse()
2014-06-23 11:54:57 +02:00
Manuel Pégourié-Gonnard
4d2a8eb6ff
SSL modules now using x509_crt_parse_der()
...
Avoid uselessly trying to decode PEM.
2014-06-23 11:54:57 +02:00
Manuel Pégourié-Gonnard
b912616081
Rm unused functions in cipher_wrap
...
You can't initialise a context with DES_CFB or DES_CTR.
2014-06-23 11:54:57 +02:00
Manuel Pégourié-Gonnard
1c082f34f3
Update description and references for X.509 files
2014-06-23 11:52:59 +02:00
Manuel Pégourié-Gonnard
edc3ab20e2
Small cleanup: less side-effects
...
pkcs5_parse_pbkdf2_params() used to modify params.p, which does not look
clean, even if the function is static and params.p isn't use afterwards.
2014-06-23 11:52:59 +02:00
Manuel Pégourié-Gonnard
90dac90f53
Small code simplification in pkcs5_pbes2()
2014-06-23 11:52:59 +02:00
Manuel Pégourié-Gonnard
66aca931bc
Add tests for pkcs5_pbes2
2014-06-23 11:52:59 +02:00
Manuel Pégourié-Gonnard
2a8afa98e2
pkcs5_self_test depends on SHA1
2014-06-23 11:52:59 +02:00
Manuel Pégourié-Gonnard
f3e5c22f4d
Refactor x509_string_to_names(): data in a table
2014-06-23 11:52:58 +02:00
Manuel Pégourié-Gonnard
81754a0c35
Create a 'flags' field in cipher_info
2014-06-23 11:33:18 +02:00
Paul Bakker
66d5d076f7
Fix formatting in various code to match spacing from coding style
2014-06-17 17:06:47 +02:00
Paul Bakker
db20c10423
Add #endif comments for #endif more than 10 lines from #if / #else
2014-06-17 14:34:44 +02:00
Paul Bakker
d8bb82665e
Fix code styling for return statements
2014-06-17 14:06:49 +02:00
Paul Bakker
3461772559
Introduce polarssl_zeroize() instead of memset() for zeroization
2014-06-14 16:46:03 +02:00
Paul Bakker
14877e6250
Remove unused 'ret' variable
2014-06-12 23:01:18 +02:00
Paul Bakker
c2ff2083ee
Merge parsing and verification of RSASSA-PSS in X.509 modules
2014-06-12 22:02:47 +02:00
Paul Bakker
508e573231
Merge tests for asn1write, XTEA and Entropy modules
2014-06-12 21:26:33 +02:00
Manuel Pégourié-Gonnard
3ac6a2b9a7
Same as previous commit with Camellia
2014-06-12 21:16:02 +02:00
Manuel Pégourié-Gonnard
afd5a08e33
Minor tune-up in aes code
...
un-duplicate a check, and remove useless default case, mainly so that these
lines don't appear as uncovered
2014-06-12 21:15:55 +02:00
Manuel Pégourié-Gonnard
e1ac0f8c5d
Add back timing selftest with new hardclock test
2014-06-12 21:15:50 +02:00
Manuel Pégourié-Gonnard
7792198a46
Normalize some error messages
2014-06-12 21:15:44 +02:00
Manuel Pégourié-Gonnard
4dd73925ab
Add entropy_self_test()
2014-06-10 15:38:43 +02:00
Paul Bakker
d6917f0eb3
Add LINK_WITH_PTHREAD to CMakeList for explicitly adding pthread linking
2014-06-09 23:46:41 +02:00
Manuel Pégourié-Gonnard
d1539b1e88
Rename RSASSA_PSS_CERTIFICATES to X509_RSASSA_PSS_SUPPORT
2014-06-06 16:42:37 +02:00
Manuel Pégourié-Gonnard
88aa6e0b58
Fix potential memory leak in RSASSA-PSS verify
2014-06-06 16:32:22 +02:00
Manuel Pégourié-Gonnard
0eaa8beb36
Fix signedness warning
2014-06-06 16:32:22 +02:00
Manuel Pégourié-Gonnard
53882023e7
Also verify CRLs signed with RSASSA-PSS
2014-06-05 17:59:55 +02:00
Manuel Pégourié-Gonnard
46db4b070c
Use pk_verify_ext() in x509_crt.c
2014-06-05 17:08:46 +02:00
Manuel Pégourié-Gonnard
bf696d030b
Make sig_opts non-optional in X509 structures
...
This simplifies the code.
2014-06-05 17:08:46 +02:00
Manuel Pégourié-Gonnard
dddbb1d1eb
Rm sig_params from various X509 structures
2014-06-05 17:08:46 +02:00
Manuel Pégourié-Gonnard
9113603b6b
Use sig_opts in x509_sig_alg_gets()
2014-06-05 15:41:39 +02:00
Manuel Pégourié-Gonnard
f75f2f7c46
Add sig_opts member to X509 structures
2014-06-05 15:14:59 +02:00
Manuel Pégourié-Gonnard
20422e9a3a
Add pk_verify_ext()
2014-06-05 14:02:05 +02:00
Manuel Pégourié-Gonnard
5ec628a2b9
Add rsa_rsassa_pss_verify_ext()
2014-06-05 14:02:05 +02:00
Manuel Pégourié-Gonnard
920e1cd5e2
Add basic PSS cert verification
...
Still todo:
- handle MGF-hash != sign-hash
- check effective salt len == announced salt len
- add support in the PK layer so that we don't have to bypass it here
2014-06-04 12:09:08 +02:00
Manuel Pégourié-Gonnard
e6d1d82b66
Relax checks on RSA mode for public key operations
2014-06-04 12:09:08 +02:00
Manuel Pégourié-Gonnard
78117d57b0
Consider trailerField a constant
2014-06-02 16:12:46 +02:00
Manuel Pégourié-Gonnard
cac31eed9e
Factor common code for printing sig_alg
2014-06-02 16:12:46 +02:00
Manuel Pégourié-Gonnard
cf975a3857
Factor out some common code
2014-06-02 16:12:46 +02:00
Manuel Pégourié-Gonnard
39868ee301
Parse CSRs signed with RSASSA-PSS
2014-06-02 16:10:30 +02:00
Manuel Pégourié-Gonnard
8e42ff6bde
Parse CRLs signed with RSASSA-PSS
2014-06-02 16:10:29 +02:00
Manuel Pégourié-Gonnard
9df5c96214
Fix dependencies
2014-06-02 16:10:29 +02:00
Manuel Pégourié-Gonnard
9c9cf5b51e
More checks for length match in rsassa-pss params
2014-06-02 16:10:29 +02:00
Manuel Pégourié-Gonnard
e76b750b69
Finish parsing RSASSA-PSS parameters
2014-06-02 16:10:29 +02:00
Manuel Pégourié-Gonnard
f346bab139
Start parsing RSASSA-PSS parameters
2014-06-02 16:10:29 +02:00
Manuel Pégourié-Gonnard
59a75d5b9d
Basic parsing of certs signed with RSASSA-PSS
2014-06-02 16:10:29 +02:00
Peter Vaskovic
7015de7e67
Fix WSAStartup return value check.
...
SOCKET_ERROR was not a valid return value.
WSAStartup returns 0 on success, so check that instead.
2014-05-28 11:40:51 +02:00
Paul Bakker
14b16c62e9
Minor optimizations (original by Peter Vaskovic, modified by Paul Bakker)
...
Move strlen out of for loop.
Remove redundant null checks before free.
2014-05-28 11:34:33 +02:00
Peter Vaskovic
8ebfe084ab
Fix minor format string inconsistency.
2014-05-28 11:12:51 +02:00
Peter Vaskovic
c2bbac968b
Fix misplaced parenthesis.
2014-05-28 11:06:31 +02:00
Peter Vaskovic
541529e770
Remove unused arrays.
2014-05-28 11:04:48 +02:00
Paul Bakker
b5212b436f
Merge CCM cipher mode and ciphersuites
...
Conflicts:
library/ssl_tls.c
2014-05-22 15:30:31 +02:00
Paul Bakker
0f651c7422
Stricter check on SSL ClientHello internal sizes compared to actual packet size
2014-05-22 15:12:19 +02:00
Brian White
12895d15f8
Fix less-than-zero checks on unsigned numbers
2014-05-22 13:52:53 +02:00
Manuel Pégourié-Gonnard
82a5de7bf7
Enforce alignment even if buffer is not aligned
2014-05-22 13:52:49 +02:00
Manuel Pégourié-Gonnard
fe671f4aeb
Add markers around generated code in error.c
2014-05-22 13:52:48 +02:00
Manuel Pégourié-Gonnard
8ff17c544c
Add missing DEBUG_RET on cipher failures
2014-05-22 13:52:48 +02:00
Manuel Pégourié-Gonnard
61edffef28
Normalize "should never happen" messages/errors
2014-05-22 13:52:47 +02:00
Manuel Pégourié-Gonnard
2e5ee32033
Implement CCM and CCM_8 ciphersuites
2014-05-20 16:29:34 +02:00
Manuel Pégourié-Gonnard
5efd772ef0
Small readability improvement
2014-05-14 14:10:37 +02:00
Manuel Pégourié-Gonnard
6768da9438
Register CCM ciphersuites (not implemented yet)
2014-05-14 14:10:36 +02:00
Manuel Pégourié-Gonnard
41936957b3
Add AES-CCM and CAMELLIA-CCM to the cipher layer
2014-05-14 14:10:36 +02:00
Manuel Pégourié-Gonnard
de7bb44004
Use cipher_auth_{en,de}crypt() in ssl_tls.c
2014-05-14 14:10:36 +02:00
Manuel Pégourié-Gonnard
4562ffe2e6
Add cipher_auth_{en,de}crypt()
2014-05-14 14:10:36 +02:00
Manuel Pégourié-Gonnard
8764d271fa
Use cipher_crypt() in ssl_tls.c
2014-05-14 14:10:36 +02:00
Manuel Pégourié-Gonnard
3c1d150b3d
Add cipher_crypt()
2014-05-14 14:10:35 +02:00
Manuel Pégourié-Gonnard
0f6b66dba1
CCM operations allow input == output
2014-05-14 14:10:35 +02:00
Manuel Pégourié-Gonnard
aed6065793
CCM source cosmetics/tune-ups
...
- source a bit shorter
- generated code slightly smaller
- preserving performance
2014-05-14 14:10:35 +02:00
Manuel Pégourié-Gonnard
ce77d55023
Implement ccm_auth_decrypt()
2014-05-07 12:13:13 +02:00
Manuel Pégourié-Gonnard
002323340a
Refactor to prepare for CCM decryption
2014-05-07 12:13:12 +02:00
Manuel Pégourié-Gonnard
637eb3d31d
Add ccm_encrypt_and_tag()
2014-05-07 12:13:12 +02:00
Manuel Pégourié-Gonnard
9fe0d13e8d
Add ccm_init/free()
2014-05-06 12:12:45 +02:00
Manuel Pégourié-Gonnard
a6916fada8
Add (placeholder) CCM module
2014-05-06 11:28:09 +02:00
Paul Bakker
5593f7caae
Fix typo in debug_print_msg()
2014-05-06 10:29:28 +02:00
Paul Bakker
da13016d84
Prepped for 1.3.7 release
2014-05-01 14:27:19 +02:00
Paul Bakker
c37b0ac4b2
Fix typo in bignum.c
2014-05-01 14:19:23 +02:00
Paul Bakker
b9e4e2c97a
Fix formatting: fix some 'easy' > 80 length lines
2014-05-01 14:18:25 +02:00
Paul Bakker
9af723cee7
Fix formatting: remove trailing spaces, #endif with comments (> 10 lines)
2014-05-01 13:03:14 +02:00
Paul Bakker
c3f89aa26c
Removed word 'warning' from PKCS#5 selftest (buildbot warning as a result)
2014-05-01 10:56:03 +02:00
Paul Bakker
9bb04b6389
Removed redundant code in mpi_fill_random()
2014-05-01 09:47:02 +02:00
Paul Bakker
2ca1dc8958
Updated error.c and version_features.c based on changes
2014-05-01 09:46:38 +02:00
Markus Pfeiffer
a26a005acf
Make compilation on DragonFly work
2014-04-30 16:52:28 +02:00
Paul Bakker
2a024ac86a
Merge dependency fixes
2014-04-30 16:50:59 +02:00
Manuel Pégourié-Gonnard
cef4ad2509
Adapt sources to configurable config.h name
2014-04-30 16:40:20 +02:00
Manuel Pégourié-Gonnard
c16f4e1f78
Move RC4 ciphersuites down the list
2014-04-30 16:27:06 +02:00
Paul Bakker
8eab8d368b
Merge more portable AES-NI
2014-04-30 16:21:08 +02:00
Paul Bakker
33dc46b080
Fix bug with mpi_fill_random() on big-endian
2014-04-30 16:20:39 +02:00
Paul Bakker
f96f7b607a
On OpenBSD, use arc4random_buf() instead of rand() to prevent warnings
2014-04-30 16:02:38 +02:00
Paul Bakker
6384440b13
Better support for the different Attribute Types from IETF PKIX (RFC 5280)
2014-04-30 15:34:12 +02:00
Paul Bakker
1a1fbba1ae
Sanity length checks in ssl_read_record() and ssl_fetch_input()
...
Both are already covered in other places, but not in a clear fashion. So
for instance Coverity thinks the value is still tainted.
2014-04-30 14:48:51 +02:00
Paul Bakker
24f37ccaed
rsa_check_pubkey() now allows an E up to N
2014-04-30 13:43:51 +02:00
Paul Bakker
0f90d7d2b5
version_check_feature() added to check for compile-time options at run-time
2014-04-30 11:49:44 +02:00
Paul Bakker
a70366317d
Improve interop by not writing ext_len in ClientHello / ServerHello when 0
...
The RFC also indicates that without any extensions, we should write a
struct {} (empty) not an array of length zero.
2014-04-30 10:16:16 +02:00
Manuel Pégourié-Gonnard
3d41370645
Fix hash dependencies in X.509 tests
2014-04-29 15:29:41 +02:00
Manuel Pégourié-Gonnard
3a306b9067
Fix misplaced #endif in ssl_tls.c
2014-04-29 15:11:17 +02:00
Manuel Pégourié-Gonnard
b1fd397be6
Adapt AES-NI code to "old" binutil versions
2014-04-26 17:17:31 +02:00
Paul Bakker
c73079a78c
Add debug_set_threshold() and thresholding of messages
2014-04-25 16:58:16 +02:00
Paul Bakker
92478c37a6
Debug module only outputs full lines instead of parts
2014-04-25 16:58:15 +02:00
Paul Bakker
eaebbd5eaa
debug_set_log_mode() added to determine raw or full logging
2014-04-25 16:58:14 +02:00
Paul Bakker
61885c7f7f
Fix false reject in padding check in ssl_decrypt_buf() for CBC ciphersuites
...
In case full SSL frames arrived, they were rejected because an overly
strict padding check.
2014-04-25 12:59:51 +02:00
Paul Bakker
4ffcd2f9c3
Typo in PKCS#11 module
2014-04-25 11:44:12 +02:00
Paul Bakker
10a9dd35ea
Typo in POLARSSL_PLATFORM_STD_FPRINTF in platform.c
2014-04-25 11:27:16 +02:00
Paul Bakker
0767e67d17
Add support for 'emailAddress' to x509_string_to_names()
2014-04-18 14:11:37 +02:00
Paul Bakker
c70e425a73
Only iterate over actual certificates in ssl_write_certificate_request()
2014-04-18 13:50:19 +02:00
Paul Bakker
f4cf80b86f
Restructured pk_parse_key_pkcs8_encrypted_der() to prevent unreachable code
2014-04-17 17:24:29 +02:00
Paul Bakker
4f42c11846
Remove arbitrary maximum length for cipher_list and content length
2014-04-17 15:37:39 +02:00
Paul Bakker
d893aef867
Force default value to curve parameter
2014-04-17 14:45:34 +02:00
Paul Bakker
93389cc620
Remove const indicator
2014-04-17 14:44:38 +02:00
Paul Bakker
874bd64b28
Check setsockopt() return value in net_bind()
2014-04-17 12:43:05 +02:00
Paul Bakker
3d8fb63e11
Added missing MPI_CHK around mpi functions
2014-04-17 12:42:41 +02:00