Commit Graph

4426 Commits

Author SHA1 Message Date
Paul Bakker
376e8153a0 Merged ECDHE-PSK ciphersuites 2013-10-15 12:45:36 +02:00
Paul Bakker
a7ea6a5a18 config.h is more script-friendly 2013-10-15 11:55:10 +02:00
Manuel Pégourié-Gonnard
8a3c64d73f Fix and simplify *-PSK ifdef's 2013-10-14 19:54:10 +02:00
Manuel Pégourié-Gonnard
0fae60bb71 Implement RSA-PSK key exchange 2013-10-14 19:34:48 +02:00
Paul Bakker
be089b0483 Introduced POLARSSL_HAVE_READDIR_R for systems without it 2013-10-14 15:51:50 +02:00
Paul Bakker
b9cfaa0c7f Explicit conversions and minor changes to prevent MSVC compiler warnings 2013-10-14 15:50:40 +02:00
Manuel Pégourié-Gonnard
057e0cf263 Fix ciphersuites dependencies on MD5 and SHA1 2013-10-14 14:26:04 +02:00
Manuel Pégourié-Gonnard
1b62c7f93d Fix dependencies and related issues 2013-10-14 14:02:19 +02:00
Manuel Pégourié-Gonnard
bd1ae24449 Factor PSK pms computation to ssl_tls.c 2013-10-14 13:17:36 +02:00
Manuel Pégourié-Gonnard
225d6aa786 Add ECDHE_PSK ciphersuites 2013-10-11 19:07:56 +02:00
Manuel Pégourié-Gonnard
3ce3bbdc00 Add support for ECDHE_PSK key exchange 2013-10-11 18:16:35 +02:00
Paul Bakker
4aa40d4f51 Better support for MSVC 2013-10-11 10:49:24 +02:00
Paul Bakker
b799dec4c0 Merged support for Brainpool curves and ciphersuites 2013-10-11 10:05:43 +02:00
Paul Bakker
1677033bc8 TLS compression only allocates working buffer once 2013-10-11 09:59:44 +02:00
Paul Bakker
d61cc3b246 Possible naming collision in dhm_context 2013-10-11 09:38:49 +02:00
Paul Bakker
fcc172138c Fixed const-correctness issues 2013-10-11 09:38:06 +02:00
Manuel Pégourié-Gonnard
bdc96765d6 Remove polarssl/ from header includes 2013-10-11 09:17:09 +02:00
Manuel Pégourié-Gonnard
0cd6f98c0f Don't special-case a = -3, not worth it 2013-10-10 15:55:39 +02:00
Manuel Pégourié-Gonnard
b8012fca5f Adjust dependencies 2013-10-10 15:40:49 +02:00
Manuel Pégourié-Gonnard
48ac3db551 Add OIDs for brainpool curves 2013-10-10 15:11:33 +02:00
Manuel Pégourié-Gonnard
cd7458aafd Support brainpool curves in ecp_check_pubkey() 2013-10-10 12:56:00 +02:00
Manuel Pégourié-Gonnard
8195c1a567 Add identifiers for Brainpool curves 2013-10-10 12:56:00 +02:00
Manuel Pégourié-Gonnard
9eb883104e Update some comments on ecp_group 2013-10-07 19:38:56 +02:00
Paul Bakker
30b95fa921 Fixed cplusplus extern defines in header files 2013-10-01 10:09:06 +02:00
Paul Bakker
6838bd1d73 Clarified threading issues 2013-09-30 15:24:33 +02:00
Paul Bakker
c9965dca27 RSA blinding threading support 2013-09-29 15:02:11 +02:00
Paul Bakker
1337affc91 Buffer allocator threading support 2013-09-29 15:02:11 +02:00
Paul Bakker
f4e7dc50ea entropy_func() threading support 2013-09-29 15:02:07 +02:00
Paul Bakker
1ffefaca1e Introduced entropy_free() 2013-09-29 15:01:42 +02:00
Paul Bakker
c55988406f SSL Cache threading support 2013-09-28 15:24:59 +02:00
Paul Bakker
2466d93546 Threading abstraction layer added 2013-09-28 15:00:02 +02:00
Manuel Pégourié-Gonnard
a0fdf8b0a0 Simplify the way default certs are used 2013-09-25 14:05:49 +02:00
Manuel Pégourié-Gonnard
641de714b6 Use both RSA and ECDSA CA if available 2013-09-25 13:23:33 +02:00
Manuel Pégourié-Gonnard
8372454615 Rework SNI to fix memory issues 2013-09-24 22:30:56 +02:00
Manuel Pégourié-Gonnard
482a2828e4 Offer both EC and RSA in certs.c, RSA first 2013-09-24 21:25:54 +02:00
Manuel Pégourié-Gonnard
705fcca409 Adapt support for SNI to recent changes 2013-09-24 21:25:54 +02:00
Manuel Pégourié-Gonnard
d09453c88c Check our ECDSA cert(s) against supported curves 2013-09-24 21:25:53 +02:00
Manuel Pégourié-Gonnard
f24b4a7316 Interface change in ECP info functions
ecp_named_curve_from_grp_id() -> ecp_curve_info_from_grp_id()
ecp_grp_id_from_named_curve() -> ecp_curve_info_from_tls_id()
2013-09-24 21:25:53 +02:00
Manuel Pégourié-Gonnard
3ebb2cdb52 Add support for multiple server certificates 2013-09-24 21:25:53 +02:00
Manuel Pégourié-Gonnard
834ea8587f Change internal structs for multi-cert support 2013-09-24 21:25:53 +02:00
Manuel Pégourié-Gonnard
cbf3ef3861 RSA and ECDSA key exchanges don't depend on CRL 2013-09-24 21:25:53 +02:00
Paul Bakker
c2148753df Added missing uint32_t def for Windows in gcm.h 2013-09-23 15:11:46 +02:00
Paul Bakker
c27c4e2efb Support faulty X509 v1 certificates with extensions
(POLARSSL_X509_ALLOW_EXTENSIONS_NON_V3)
2013-09-23 15:01:36 +02:00
Manuel Pégourié-Gonnard
fe28646f72 Fix references to x509parse in config.h 2013-09-20 16:51:13 +02:00
Manuel Pégourié-Gonnard
09fff7ee25 Cosmetics in config.h 2013-09-20 16:51:13 +02:00
Manuel Pégourié-Gonnard
1a483833b3 SSL_TLS doesn't depend on PK any more
(But PK does depend on RSA or ECP.)
2013-09-20 12:29:15 +02:00
Manuel Pégourié-Gonnard
4fee79b885 Fix some more depend issues 2013-09-20 10:58:59 +02:00
Manuel Pégourié-Gonnard
1032c1d3ec Fix some dependencies and warnings in small config 2013-09-19 10:49:00 +02:00
Paul Bakker
5ad403f5b5 Prepared for 1.3.0 RC0 2013-09-18 21:21:30 +02:00
Paul Bakker
6db455e6e3 PSK callback added to SSL server 2013-09-18 21:14:58 +02:00
Paul Bakker
4fc090af9c Minor typos in pk.h 2013-09-18 15:43:25 +02:00
Manuel Pégourié-Gonnard
da179e4870 Add ecp_curve_list(), hide ecp_supported_curves 2013-09-18 15:37:44 +02:00
Manuel Pégourié-Gonnard
dace82f805 Refactor cipher information management 2013-09-18 15:37:44 +02:00
Manuel Pégourié-Gonnard
161ef968db Cache pre-computed points for ecp_mul()
Up to 1.25 speedup on ECDSA sign for small curves, but mainly useful as a
preparation for fixed-point mult (a few prototypes changed in constness).
2013-09-18 15:37:44 +02:00
Manuel Pégourié-Gonnard
56cd319f0e Add human-friendly name in ecp_curve_info 2013-09-18 15:37:44 +02:00
Manuel Pégourié-Gonnard
a79d123a55 Make ecp_supported_curves constant 2013-09-18 14:35:57 +02:00
Manuel Pégourié-Gonnard
51451f8d26 Replace EC flag with ssl_ciphersuite_uses_ec() 2013-09-18 14:35:56 +02:00
Manuel Pégourié-Gonnard
15d5de1969 Simplify usage of DHM blinding 2013-09-18 14:35:55 +02:00
Manuel Pégourié-Gonnard
c83e418149 Prepare for ECDH point blinding just in case 2013-09-18 14:35:54 +02:00
Manuel Pégourié-Gonnard
c972770f78 Prepare ecp_group for future extensions 2013-09-18 14:35:53 +02:00
Manuel Pégourié-Gonnard
456d3b9b0b Make ECP error codes more specific 2013-09-18 14:35:53 +02:00
Manuel Pégourié-Gonnard
568c9cf878 Add ecp_supported_curves and simplify some code 2013-09-18 14:34:34 +02:00
Manuel Pégourié-Gonnard
7038039f2e Dissociate TLS and internal EC curve identifiers
Allows to add new curves before they get a TLS number
2013-09-18 14:34:34 +02:00
Paul Bakker
c559c7a680 Renamed x509_cert structure to x509_crt for consistency 2013-09-18 14:32:52 +02:00
Paul Bakker
ddf26b4e38 Renamed x509parse_* functions to new form
e.g. x509parse_crtfile -> x509_crt_parse_file
2013-09-18 13:46:23 +02:00
Paul Bakker
369d2eb2a2 Introduced x509_crt_init(), x509_crl_init() and x509_csr_init() 2013-09-18 12:01:43 +02:00
Paul Bakker
86d0c1949e Generalized function names of x509 functions not parse-specific
x509parse_serial_gets -> x509_serial_gets
x509parse_dn_gets -> x509_dn_gets
x509parse_time_expired -> x509_time_expired
2013-09-18 12:01:42 +02:00
Paul Bakker
5187656211 Renamed X509 / X509WRITE error codes to generic (non-cert-specific) 2013-09-17 14:36:05 +02:00
Paul Bakker
f20ba4b7b6 Minor typo in config.h 2013-09-16 22:46:20 +02:00
Paul Bakker
da7711594e Changed pk_parse_get_pubkey() to pk_parse_subpubkey() 2013-09-16 22:45:03 +02:00
Paul Bakker
ff3a518e78 Changed doxygen comments in pk.h from x509_module to pk_module 2013-09-16 22:42:19 +02:00
Paul Bakker
d1a983fe77 Removed x509parse key functions and moved them to compat-1.2.h 2013-09-16 22:26:53 +02:00
Paul Bakker
f8db11f454 Fixed typo is ssl_list_ciphersuites() prototype 2013-09-16 22:22:39 +02:00
Paul Bakker
7c6b2c320e Split up X509 files into smaller modules 2013-09-16 21:41:54 +02:00
Paul Bakker
cff6842b39 POLARSSL_PEM_C split into POLARSSL_PEM_PARSE_C and POLARSSL_PEM_WRITE_C 2013-09-16 13:36:18 +02:00
Paul Bakker
77e23fb0e0 Move *_pemify() function to PEM module 2013-09-15 20:03:26 +02:00
Paul Bakker
40ce79f1e6 Moved DHM parsing from X509 module to DHM module 2013-09-15 17:43:54 +02:00
Paul Bakker
2292d1fad0 Fixed warnings in case POLARSSL_X509_PARSE_C is not defined 2013-09-15 17:06:49 +02:00
Paul Bakker
4606c7317b Added POLARSSL_PK_PARSE_C and POLARSSL_PK_WRITE_C 2013-09-15 17:04:23 +02:00
Paul Bakker
c7bb02be77 Moved PK key writing from X509 module to PK module 2013-09-15 14:54:56 +02:00
Paul Bakker
1a7550ac67 Moved PK key parsing from X509 module to PK module 2013-09-15 13:47:30 +02:00
Manuel Pégourié-Gonnard
92cb1d3a91 Make CBC an option, step 3: individual ciphers 2013-09-13 17:25:43 +02:00
Manuel Pégourié-Gonnard
989ed38de2 Make CBC an option, step 2: cipher layer 2013-09-13 15:48:40 +02:00
Manuel Pégourié-Gonnard
f7dc378ead Make CBC an option, step 1: ssl ciphersuites 2013-09-13 15:37:03 +02:00
Manuel Pégourié-Gonnard
4fe9200f47 Fix memory leak in GCM by adding gcm_free() 2013-09-13 13:45:58 +02:00
Paul Bakker
9013af76a3 Merged major refactoring of x509write module into development
This refactoring adds support for proper CSR writing and X509
certificate generation / signing
2013-09-12 11:58:04 +02:00
Manuel Pégourié-Gonnard
0237620a78 Fix some dependencies declaration 2013-09-12 11:57:02 +02:00
Manuel Pégourié-Gonnard
31e59400d2 Add missing f_rng/p_rng arguments to x509write_crt 2013-09-12 11:57:02 +02:00
Manuel Pégourié-Gonnard
53c642504e Use PK internally for x509write_crt 2013-09-12 11:57:02 +02:00
Manuel Pégourié-Gonnard
f38e71afd5 Convert x509write_crt interface to PK 2013-09-12 11:57:02 +02:00
Manuel Pégourié-Gonnard
6de63e480d Add EC support to x509write_key 2013-09-12 11:57:01 +02:00
Manuel Pégourié-Gonnard
edda9041fc Adapt asn1_write_algorithm_identifier() to params 2013-09-12 11:57:01 +02:00
Manuel Pégourié-Gonnard
3837daec9e Add EC support to x509write_pubkey 2013-09-12 11:57:01 +02:00
Manuel Pégourié-Gonnard
e1f821a6eb Adapt x509write_pubkey interface to use PK
key_app_writer will be fixed later
2013-09-12 11:57:01 +02:00
Manuel Pégourié-Gonnard
ee73179b2f Adapt x509write_csr prototypes for PK 2013-09-12 11:57:00 +02:00
Manuel Pégourié-Gonnard
8053da4057 x509write_csr() now fully using PK internally 2013-09-12 11:57:00 +02:00
Manuel Pégourié-Gonnard
5353a03eb9 x509write_csr using PK internally (WIP) 2013-09-12 11:57:00 +02:00
Paul Bakker
dcbfdcc177 Updated doxygen documentation in header files and HTML pages 2013-09-10 16:16:50 +02:00
Paul Bakker
c0dcf0ceb1 Merged blinding additions for EC, RSA and DHM into development 2013-09-10 14:44:27 +02:00
Paul Bakker
36b7e1efe7 Merged GCM refactoring into development
GCM is now independent of AES and can be used as a mode for any
cipher-layer supported 128-bit based block cipher
2013-09-10 14:41:05 +02:00
Manuel Pégourié-Gonnard
ea53a55c0f Refactor to prepare for RSA blinding optimisation 2013-09-10 13:55:35 +02:00
Paul Bakker
1c3853b953 oid_get_oid_by_*() now give back oid length as well 2013-09-10 11:43:44 +02:00
Paul Bakker
7db0109436 Made POLARSSL_MD_MAX_SIZE dependent on POLARSSL_SHA512_C 2013-09-10 11:10:57 +02:00
Paul Bakker
eba3ccf785 Typo in config.h 2013-09-09 15:56:09 +02:00
Paul Bakker
f9f377e652 CSR Parsing (without attributes / extensions) implemented 2013-09-09 15:35:10 +02:00
Paul Bakker
cdda097507 Fixed doxygen documentation in asn1.h (added \brief) 2013-09-09 12:51:29 +02:00
Paul Bakker
52be08c299 Added support for writing Key Usage and NS Cert Type extensions 2013-09-09 12:38:45 +02:00
Paul Bakker
cd35803684 Changes x509_csr to x509write_csr 2013-09-09 12:38:45 +02:00
Paul Bakker
5f45e62afe Migrated from x509_req_name to asn1_named_data structure 2013-09-09 12:02:36 +02:00
Paul Bakker
c547cc992e Added generic asn1_free_named_data_list() 2013-09-09 12:01:23 +02:00
Paul Bakker
59ba59fa30 Generalized x509_set_extension() behaviour to asn1_store_named_data() 2013-09-09 11:34:44 +02:00
Paul Bakker
43aff2aec4 Moved GCM to use cipher layer instead of AES directly 2013-09-09 00:10:27 +02:00
Paul Bakker
f46b6955e3 Added cipher_info_from_values() to cipher layer (Search by ID+keylen+mode) 2013-09-09 00:08:26 +02:00
Paul Bakker
5e0efa7ef5 Added POLARSSL_MODE_ECB to the cipher layer 2013-09-08 23:04:04 +02:00
Manuel Pégourié-Gonnard
032c34e206 Don't use DH blinding for ephemeral DH 2013-09-07 13:06:27 +02:00
Manuel Pégourié-Gonnard
337b29c334 Test and document EC blinding overhead 2013-09-07 11:52:27 +02:00
Paul Bakker
15162a054a Writing of X509v3 extensions supported
Standard extensions already in: basicConstraints, subjectKeyIdentifier
and authorityKeyIdentifier
2013-09-06 19:27:21 +02:00
Paul Bakker
329def30c5 Added asn1_write_bool() 2013-09-06 16:34:38 +02:00
Paul Bakker
9397dcb0e8 Base X509 certificate writing functinality 2013-09-06 10:36:28 +02:00
Manuel Pégourié-Gonnard
7da0a38d43 Rm some includes that are now useless 2013-09-05 17:06:11 +02:00
Manuel Pégourié-Gonnard
b8bd593741 Restrict cipher_update() for GCM 2013-09-05 17:06:10 +02:00
Manuel Pégourié-Gonnard
226d5da1fc GCM ciphersuites partially using cipher layer 2013-09-05 17:06:10 +02:00
Manuel Pégourié-Gonnard
143b5028a5 Implement DH blinding 2013-09-04 16:29:59 +02:00
Paul Bakker
c049955b32 Merged new cipher layer enhancements 2013-09-04 16:12:55 +02:00
Manuel Pégourié-Gonnard
2d627649bf Change dhm_calc_secret() prototype 2013-09-04 14:22:07 +02:00
Manuel Pégourié-Gonnard
ce4112538c Fix RC4 key length in cipher 2013-09-04 12:29:26 +02:00
Manuel Pégourié-Gonnard
83f3fc0d77 Add AES-192-GCM 2013-09-04 12:14:13 +02:00
Manuel Pégourié-Gonnard
43a4780b03 Ommit AEAD functions if GCM not defined 2013-09-03 19:28:35 +02:00
Manuel Pégourié-Gonnard
aa9ffc5e98 Split tag handling out of cipher_finish() 2013-09-03 19:20:55 +02:00
Manuel Pégourié-Gonnard
2adc40c346 Split cipher_update_ad() out or cipher_reset() 2013-09-03 19:20:55 +02:00
Manuel Pégourié-Gonnard
a235b5b5bd Fix iv_len interface.
cipher_info->iv_size == 0 is no longer ambiguous, and
cipher_get_iv_size() always returns something useful to generate an IV.
2013-09-03 13:25:52 +02:00
Manuel Pégourié-Gonnard
9c853b910c Split cipher_set_iv() out of cipher_reset() 2013-09-03 13:04:44 +02:00
Manuel Pégourié-Gonnard
e09d2f8261 Change ecp_mul() prototype to allow randomization
(Also improve an error code while at it.)
2013-09-02 14:29:09 +02:00
Paul Bakker
eb851f6cd5 Merged current cipher enhancements for ARC4 and AES-GCM 2013-09-01 15:49:38 +02:00
Manuel Pégourié-Gonnard
9241be7ac5 Change cipher prototypes for GCM 2013-08-31 18:07:42 +02:00
Paul Bakker
da02a7f45e AES_CBC ciphersuites now run purely via cipher layer 2013-08-31 17:25:14 +02:00
Manuel Pégourié-Gonnard
b5e85885de Handle NULL as a stream cipher for more uniformity 2013-08-30 17:11:28 +02:00
Manuel Pégourié-Gonnard
37e230c022 Add arc4 support in the cipher layer 2013-08-30 17:11:28 +02:00
Paul Bakker
f451bac000 Blinding RSA only active when f_rng is provided 2013-08-30 15:48:53 +02:00
Paul Bakker
48377d9834 Configuration option to enable/disable POLARSSL_PKCS1_V15 operations 2013-08-30 13:41:14 +02:00
Paul Bakker
548957dd49 Refactored RSA to have random generator in every RSA operation
Primarily so that rsa_private() receives an RNG for blinding purposes.
2013-08-30 10:30:02 +02:00
Paul Bakker
ca174fef80 Merged refactored x509write module into development 2013-08-28 16:32:51 +02:00
Manuel Pégourié-Gonnard
c852a68b96 More robust selection of ctx_enc size 2013-08-28 13:13:30 +02:00
Paul Bakker
577e006c2f Merged ECDSA-based key-exchange and ciphersuites into development
Conflicts:
	include/polarssl/config.h
	library/ssl_cli.c
	library/ssl_srv.c
	library/ssl_tls.c
2013-08-28 11:58:40 +02:00
Manuel Pégourié-Gonnard
acc7505a35 Temporary fix for size of cipher contexts 2013-08-27 22:21:21 +02:00
Manuel Pégourié-Gonnard
db77175e99 Make ecdsa_verify() return value more explicit 2013-08-27 22:21:21 +02:00
Manuel Pégourié-Gonnard
2fb15f694c Un-rename ssl_set_own_cert_alt() 2013-08-27 22:21:21 +02:00
Manuel Pégourié-Gonnard
c6b6803dcf Add forgotten "inline" keyword 2013-08-27 22:21:21 +02:00
Manuel Pégourié-Gonnard
e511ffca50 Allow compiling without RSA or DH
Only library and programs now, need to check test suites later.
2013-08-27 22:21:21 +02:00
Manuel Pégourié-Gonnard
bfe32efb9b pk_{sign,verify}() now accept hash_len = 0 2013-08-27 22:21:21 +02:00
Manuel Pégourié-Gonnard
a20c58c6f1 Use convert functions for SSL_SIG_* and SSL_HASH_* 2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard
51be559c53 Fix PKCS#11 deps: now goes through PK 2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard
c40b4c3708 Add configuration item for the PK module 2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard
0d42049440 Merge code for RSA and ECDSA in SSL 2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard
070cc7fd21 Use the new PK RSA-alt interface 2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard
12c1ff0ecb Add RSA-alt to the PK layer 2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard
a2d3f22007 Add and use pk_encrypt(), pk_decrypt() 2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard
8df2769178 Introduce pk_sign() and use it in ssl 2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard
ac75523593 Adapt ssl_set_own_cert() to generic keys 2013-08-27 22:21:20 +02:00
Manuel Pégourié-Gonnard
09edda888e Check key type against selected key exchange 2013-08-27 22:21:19 +02:00
Manuel Pégourié-Gonnard
32ea60a127 Declare ECDSA key exchange and ciphersuites
Also fix bug in ssl_list_ciphersuites().

For now, disable it on server.
Client will offer it but fail if server selects it.
2013-08-27 22:21:19 +02:00
Manuel Pégourié-Gonnard
0b03200e96 Add server-side support for ECDSA client auth 2013-08-27 22:21:19 +02:00
Paul Bakker
0be444a8b1 Ability to disable server_name extension (RFC 6066) 2013-08-27 21:55:01 +02:00
Paul Bakker
d2f068e071 Ability to enable / disable SSL v3 / TLS 1.0 / TLS 1.1 / TLS 1.2 individually 2013-08-27 21:19:20 +02:00
Paul Bakker
fb08fd2e23 Entropy collector and CTR-DRBG now also work on SHA-256 if SHA-512 not available 2013-08-27 15:06:54 +02:00
Paul Bakker
9852d00de6 Moved asn1write funtions to use asn1_write_raw_buffer() 2013-08-26 17:56:37 +02:00
Paul Bakker
7accbced87 Doxygen documentation added to asn1write.h 2013-08-26 17:37:18 +02:00
Paul Bakker
f3df61ad10 Generalized PEM writing in x509write module for RSA keys as well 2013-08-26 17:37:18 +02:00
Paul Bakker
135f1e9c70 Move PEM conversion of DER data to x509write module 2013-08-26 17:37:18 +02:00
Paul Bakker
1c0e550e21 Added support for Netscape Certificate Types in CSR writing
Further generalization of extension adding / replacing in the CSR
structure
2013-08-26 17:37:18 +02:00
Paul Bakker
e5eae76bf0 Generalized the x509write_csr_set_key_usage() function and key_usage
storage
2013-08-26 17:37:18 +02:00
Paul Bakker
6db915b5a9 Added asn1_write_raw_buffer() 2013-08-26 17:37:17 +02:00
Manuel Pégourié-Gonnard
5151b45aa1 Minor comment fixes 2013-08-26 14:31:20 +02:00
Manuel Pégourié-Gonnard
38d1eba3b5 Move verify_result from ssl_context to session 2013-08-26 14:26:02 +02:00
Paul Bakker
fde4270186 Added support for writing key_usage extension 2013-08-25 14:47:27 +02:00
Paul Bakker
598e450538 Added asn1_write_bitstring() and asn1_write_octet_string() 2013-08-25 14:46:39 +02:00
Paul Bakker
ef0ba55a78 Removed old X509 write data from x509.h 2013-08-25 11:48:10 +02:00
Paul Bakker
f677466d9a Doxygen documentation added to x509write.h 2013-08-25 11:47:51 +02:00
Paul Bakker
0e06c0fdb4 Assigned error codes to the error defines 2013-08-25 11:21:30 +02:00
Paul Bakker
82e2945ed2 Changed naming and prototype convention for x509write functions
CSR writing functions now start with x509write_csr_*()
DER writing functions now have the context at the start instead of the
end conforming to other modules.
2013-08-25 11:01:31 +02:00
Paul Bakker
8eabfc1461 Rewrote x509 certificate request writing to use structure for storing 2013-08-25 10:51:18 +02:00
Manuel Pégourié-Gonnard
fff80f8879 PK: use NULL for unimplemented operations 2013-08-20 20:46:05 +02:00
Manuel Pégourié-Gonnard
f73da02962 PK: change pk_verify arguments (md_info "optional") 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard
ab46694558 Change pk_set_type to pk_init_ctx for consistency 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard
15699380e5 Small PK cleanups
- better error codes
- rm now-useless include
2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard
3fb5c5ee1c PK: rename members for consistency CIPHER, MD
Also add pk_get_name() to remove a direct access to pk_type
2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard
09162ddcaa PK: reuse some eckey functions for ecdsa
Also add some forgotten 'static' while at it.
2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard
c6ac8870d5 Nicer interface between PK and debug.
Finally get rid of pk_context.type member, too.
2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard
b3d9187cea PK: add nice interface functions
Also fix a const-corectness issue.
2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard
765db07dfb PK: use alloc and free function pointers 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard
3053f5bcb4 Get rid of pk_wrap_rsa() 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard
f8c948a674 Add name and get_size() members in PK 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard
835eb59c6a PK: fix support for ECKEY_DH 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard
f18c3e0378 Add a PK can_do() method and simplify code 2013-08-20 20:46:04 +02:00
Manuel Pégourié-Gonnard
d73b3c13be PK: use wrappers and function pointers for verify 2013-08-20 20:46:03 +02:00
Manuel Pégourié-Gonnard
f499993cb2 Add ecdsa_from_keypair()
Also fix bug/limitation in mpi_copy: would segfault if src just initialised
and not set to a value yet. (This case occurs when copying a context which
contains only the public part of the key, eg.)
2013-08-20 20:46:03 +02:00
Manuel Pégourié-Gonnard
cc0a9d040d Fix const-correctness of rsa_*_verify() 2013-08-20 20:46:03 +02:00
Manuel Pégourié-Gonnard
211a64c79f Add eckey to ecdsa conversion in the PK layer 2013-08-20 20:26:28 +02:00
Manuel Pégourié-Gonnard
e09631b7c4 Create ecp_group_copy() and use it 2013-08-20 20:08:29 +02:00
Manuel Pégourié-Gonnard
aa431613b3 Add ecdsa example program 2013-08-20 20:08:29 +02:00
Manuel Pégourié-Gonnard
8eebd012b9 Add an ecdsa_genkey() function 2013-08-20 20:08:28 +02:00
Manuel Pégourié-Gonnard
4846f5ecbc ecdsa now depends on ASN.1 parse & write 2013-08-20 20:04:16 +02:00
Manuel Pégourié-Gonnard
b694b4896c Add ecdsa_{read,write}_signature() 2013-08-20 20:04:16 +02:00
Paul Bakker
04784f57e4 Added config check for SSL/TLS module that depends on cipher layer 2013-08-19 13:31:39 +02:00
Paul Bakker
59da0a46a4 Added config check for POLARSSL_SSL_SESSION_TICKETS 2013-08-19 13:27:17 +02:00
Manuel Pégourié-Gonnard
298aae4524 Adapt core OID functions to embeded null bytes 2013-08-16 14:00:52 +02:00
Manuel Pégourié-Gonnard
56a487a17f Minor ecdsa cleanups
- point_format is of no use
- d was init'ed and free'd twice
2013-08-16 14:00:52 +02:00
Manuel Pégourié-Gonnard
0b2726732e Fix ifdef conditions for EC-related extensions.
Was alternatively ECP_C and ECDH_C.
2013-08-16 13:56:17 +02:00
Manuel Pégourié-Gonnard
5734b2d358 Actually use the point format selected for ECDH 2013-08-16 13:56:16 +02:00
Paul Bakker
1f2bc6238b Made support for the truncated_hmac extension configurable 2013-08-15 13:45:55 +02:00
Paul Bakker
05decb24c3 Made support for the max_fragment_length extension configurable 2013-08-15 13:33:48 +02:00
Paul Bakker
606b4ba20f Session ticket expiration checked on server 2013-08-15 11:42:48 +02:00
Paul Bakker
a503a63b85 Made session tickets support configurable from config.h 2013-08-14 14:26:03 +02:00
Manuel Pégourié-Gonnard
56dc9e8bba Authenticate session tickets. 2013-08-14 14:08:07 +02:00
Manuel Pégourié-Gonnard
990c51a557 Encrypt session tickets 2013-08-14 14:08:07 +02:00
Manuel Pégourié-Gonnard
779e42982c Start adding ticket keys (only key_name for now) 2013-08-14 14:08:06 +02:00
Manuel Pégourié-Gonnard
aa0d4d1aff Add ssl_set_session_tickets() 2013-08-14 14:08:06 +02:00
Manuel Pégourié-Gonnard
06650f6a37 Fix reusing session more than once 2013-08-14 14:08:06 +02:00
Manuel Pégourié-Gonnard
a5cc6025e7 Parse NewSessionTicket message 2013-08-14 14:08:04 +02:00
Manuel Pégourié-Gonnard
60182ef989 ssl_cli: write & parse session ticket extension 2013-08-14 14:08:04 +02:00
Manuel Pégourié-Gonnard
75d440192c Introduce ticket field in session structure 2013-08-14 14:08:04 +02:00
Manuel Pégourié-Gonnard
747180391d Add ssl_get_session() to save session on client 2013-08-14 14:08:03 +02:00
Paul Bakker
48e93c84b7 Made padding modes configurable from config.h 2013-08-14 14:02:48 +02:00
Paul Bakker
1a45d91cf2 Restructured cipher_set_padding_mode() to use switch statement 2013-08-14 14:02:48 +02:00
Manuel Pégourié-Gonnard
ebdc413f44 Add 'no padding' mode 2013-08-14 14:02:48 +02:00
Manuel Pégourié-Gonnard
0e7d2c0f95 Add zero padding 2013-08-14 14:02:47 +02:00
Manuel Pégourié-Gonnard
8d4291b52a Add zeros-and-length (ANSI X.923) padding 2013-08-14 14:02:47 +02:00
Manuel Pégourié-Gonnard
679f9e90ad Add one-and-zeros (ISO/IEC 7816-4) padding 2013-08-14 14:02:47 +02:00
Manuel Pégourié-Gonnard
ac56a1aec4 Make cipher_set_padding() actually work
(Only one padding mode recognized yet.)
2013-08-14 14:02:46 +02:00
Manuel Pégourié-Gonnard
d5fdcaf9e5 Add cipher_set_padding() (no effect yet)
Fix pattern in tests/.gitignore along the way.
2013-08-14 14:02:46 +02:00
Paul Bakker
0f2f0bfc87 CAMELLIA-based PSK and DHE-PSK ciphersuites added 2013-07-26 15:04:03 +02:00
Paul Bakker
d6f41c5bcd Fixed size of ctx_enc / ctx_dec in ssl for gcm_context size 2013-07-25 17:01:54 +02:00
Paul Bakker
f16db18c55 Fixed header file comments on ciphersuites 2013-07-25 11:30:31 +02:00
Paul Bakker
8c1ede655f Changed prototype for ssl_set_truncated_hmac() to allow disabling 2013-07-19 14:51:47 +02:00
Manuel Pégourié-Gonnard
277f7f23e2 Implement hmac truncation 2013-07-19 14:51:47 +02:00
Manuel Pégourié-Gonnard
57c2852807 Added truncated hmac negociation (without effect) 2013-07-19 14:51:47 +02:00
Manuel Pégourié-Gonnard
e980a994f0 Add interface for truncated hmac 2013-07-19 14:51:47 +02:00
Manuel Pégourié-Gonnard
e048b67d0a Misc minor fixes
- avoid "multi-line comment" warning in ssl_client2.c
- rm useless initialisation of mfl_code in ssl_init()
- const-correctness of ssl_parse_*_ext()
- a code formating issue
2013-07-19 12:56:08 +02:00
Manuel Pégourié-Gonnard
ed4af8b57c Move negotiated max fragment length to session
User-set max fragment length remains in ssl_context.
The min of the two is used for sizing fragments.
2013-07-18 14:07:09 +02:00
Manuel Pégourié-Gonnard
581e6b6d6c Prepare migrating max fragment length to session
Remove max_frag_len member so that reseting session by memset()ing it to zero
does the right thing.
2013-07-18 12:32:27 +02:00
Manuel Pégourié-Gonnard
48f8d0dbbd Read max_fragment_length extension (server) 2013-07-18 11:18:14 +02:00
Manuel Pégourié-Gonnard
8b46459ae5 Add ssl_set_max_frag_len() 2013-07-18 11:18:13 +02:00
Manuel Pégourié-Gonnard
fd5164e283 Fix some more ifdef's RSA/EC, in pk and debug 2013-07-17 15:59:44 +02:00
Manuel Pégourié-Gonnard
ab2d9836b4 Fix some ifdef's in x509parse
While at it:
- move _rsa variants systematically after generic functions
- unsplit x509parse_key_pkcs8_encrypted_der() (reverts a5d9974)
2013-07-17 15:59:44 +02:00
Manuel Pégourié-Gonnard
96f3a4e1b3 Rm ecp_keypair.alg
Avoid duplicating information already present in pk_context.
2013-07-17 15:59:44 +02:00
Manuel Pégourié-Gonnard
a2d4e644ac Some more EC pubkey parsing refactoring
Fix a bug in pk_rsa() and pk_ec() along the way
2013-07-17 15:59:43 +02:00
Manuel Pégourié-Gonnard
1c808a011c Refactor some EC key parsing code 2013-07-17 15:59:43 +02:00
Manuel Pégourié-Gonnard
991d0f5aca Remove rsa member from x509_cert structure 2013-07-17 15:59:42 +02:00
Manuel Pégourié-Gonnard
360a583029 Adapt x509parse_cert_info() for EC 2013-07-17 15:59:41 +02:00
Manuel Pégourié-Gonnard
674b2243eb Prepare transition from x509_cert.rsa to pk 2013-07-17 15:59:41 +02:00
Manuel Pégourié-Gonnard
2692a30c1b Relax ifdef's in pk.h by analogy with md.h 2013-07-17 15:59:41 +02:00
Manuel Pégourié-Gonnard
1e60cd09b0 Expand oid_get_sig_alg() for ECDSA-based algs 2013-07-17 15:59:40 +02:00
Manuel Pégourié-Gonnard
244569f4b1 Use generic x509_get_pubkey() for RSA functions 2013-07-17 15:59:40 +02:00
Manuel Pégourié-Gonnard
788db112a5 Get rid of x509_cert.pkoid
Unused, comment did not match reality, and will soon be superseeded by the
'type' field of the pk_context which will replace rsa_context.
2013-07-17 15:59:39 +02:00
Manuel Pégourié-Gonnard
374e4b87d4 pk_set_type() cannot be used to reset key type 2013-07-17 15:59:39 +02:00
Paul Bakker
f4a1427ae7 base64_decode() also forcefully returns on dst == NULL 2013-07-16 17:48:58 +02:00
Manuel Pégourié-Gonnard
7d4e5b739e Simplify password check in pem_read_buffer() 2013-07-09 16:42:35 +02:00
Manuel Pégourié-Gonnard
de44a4aecf Rename ecp_check_prvkey with a 'i' for consistency 2013-07-09 16:42:34 +02:00
Manuel Pégourié-Gonnard
81c313ccc6 Add #ifdef's on RSA and EC in PK 2013-07-09 10:49:09 +02:00
Manuel Pégourié-Gonnard
7a6c946446 Fix error code in pk.h 2013-07-09 10:37:27 +02:00
Manuel Pégourié-Gonnard
8838099330 Add x509parse_{,public}_key{,file}()
Also make previously public *_ec functions private.
2013-07-08 17:32:27 +02:00
Manuel Pégourié-Gonnard
12e0ed9115 Add pk_context and associated functions 2013-07-08 17:32:27 +02:00
Manuel Pégourié-Gonnard
f8648d51b1 Fix undocumented feature of pem_read_buffer()
Used to work only for RSAPrivateKey content, now accepts ECPrivateKey too,
and may even work with similar enough structures when they appear.
2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard
f838eeda09 Add x509_get_ecparams() 2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard
f0b30d0542 Add oid_get_ec_grp() and associated data 2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard
5a9b82e234 Make oid_get_pk_alg handle EC algorithms 2013-07-08 17:32:26 +02:00
Manuel Pégourié-Gonnard
26833c2fc6 Add stubs for x509parse_key_ec and co. 2013-07-08 15:31:19 +02:00
Manuel Pégourié-Gonnard
ba4878aa64 Rename x509parse_key & co with _rsa suffix 2013-07-08 15:31:18 +02:00
Manuel Pégourié-Gonnard
c8dc295e83 Add ecp_check_prvkey, with test
Also group key checking and generation functions in ecp.h and ecp.c.
2013-07-08 15:31:18 +02:00
Manuel Pégourié-Gonnard
b8c6e0e3e9 Add ecp_keypair struct, init/free and constants 2013-07-08 15:31:18 +02:00
Manuel Pégourié-Gonnard
7c8934ea0e Add ecdsa_init and ecdsa_free 2013-07-08 15:30:23 +02:00
Manuel Pégourié-Gonnard
bec2f45cfc Add ecdsa_context structure 2013-07-08 15:30:23 +02:00
Paul Bakker
fa9b10050b Also compiles / runs without time-based functions in OS
Can now run without need of time() / localtime() and gettimeofday()
2013-07-03 17:22:32 +02:00
Paul Bakker
ecd54fb897 Disable POLARSSL_TIMING_C by default (only required for HAVEGE) 2013-07-03 17:22:31 +02:00
Paul Bakker
6e339b52e8 Memory-allocation abstraction layer and buffer-based allocator added 2013-07-03 17:22:31 +02:00
Paul Bakker
d2681d82e2 Renamed sha2.{c,h} to sha256.{c,h} and sha4.{c,h} to sha512.{c,h} 2013-06-30 14:49:12 +02:00
Paul Bakker
9e36f0475f SHA2 renamed to SHA256, SHA4 renamed to SHA512 and functions accordingly
The SHA4 name was not clear with regards to the new SHA-3 standard. So
SHA2 and SHA4 have been renamed to better represent what they are:
SHA256 and SHA512 modules.
2013-06-30 14:34:05 +02:00
Paul Bakker
fd3eac5786 Cleaned up ECP error codes 2013-06-29 23:31:33 +02:00
Paul Bakker
5dc6b5fb05 Made supported curves configurable 2013-06-29 23:26:34 +02:00
Paul Bakker
e2ab84f4a1 Renamed error_strerror() to the less conflicting polarssl_strerror()
Ability to keep old function error_strerror() as well with
POLARSSL_ERROR_STRERROR_BC. Also works with
POLARSSL_ERROR_STRERROR_DUMMY.
2013-06-29 18:35:41 +02:00
Paul Bakker
2fbefde1d8 Client and server now filter sent and accepted ciphersuites on minimum
and maximum protocol version
2013-06-29 18:35:40 +02:00
Paul Bakker
f8d018a274 Made asn1_get_alg() and asn1_get_alg_null() as generic functions
A generic function for retrieving the AlgorithmIdentifier structure with
its parameters and adapted X509, PKCS#5 and PKCS#12 to use them.
2013-06-29 18:35:40 +02:00
Paul Bakker
47fce02bd8 Defines around module-dependent OIDs 2013-06-29 18:35:40 +02:00
Paul Bakker
7749a22974 Moved PKCS#12 cipher layer based PBE detection to use OID database 2013-06-29 18:32:16 +02:00
Paul Bakker
9b5e885611 PKCS#5 PBES2 now uses OID database for algorithm detection 2013-06-28 16:12:50 +02:00
Paul Bakker
407a0da160 Moved __cplusplus extern statement to include struct definitions as well. 2013-06-27 14:29:21 +02:00
Paul Bakker
b9d3cfa114 Split up GCM into a start/update/finish cycle 2013-06-26 15:08:29 +02:00
Paul Bakker
534f82c77a Made ctr_drbg_init_entropy_len() non-static and defined 2013-06-25 16:47:55 +02:00
Paul Bakker
b6c5d2e1a6 Cleanup up non-prototyped functions (static) and const-correctness
More fixes based on the compiler directives -Wcast-qual -Wwrite-strings
-Wmissing-prototypes -Wmissing-declarations. Not everything with regards
to -Wcast-qual has been fixed as some have unwanted consequences for the
rest of the code.
2013-06-25 16:25:17 +02:00
Paul Bakker
b0713c7e1f Updated PKCS#12 define dependencies
(cherry picked from commit 602c31be23)
2013-06-25 15:06:54 +02:00
Paul Bakker
38b50d73a1 Moved PKCS#12 PBE functions to cipher / md layer where possible
The 3-key and 2-key Triple DES PBE functions have been replaced with a
single pkcs12_pbe() function that handles both situations (and more).

In addition this allows for some PASSWORD_MISMATCH checking
(cherry picked from commit 14a222cef2)
2013-06-25 15:06:53 +02:00
Paul Bakker
9bcf16c55d Centralized module option values in config.h
Allow user-defined settings without editing header files by using
POLARSSL_CONFIG_OPTIONS in config.h
(cherry picked from commit 6fa5488779)

Conflicts:
	include/polarssl/config.h
2013-06-25 15:06:53 +02:00
Paul Bakker
28144decef PKCS#5 v2 PBES2 support and use in PKCS#8 encrypted certificates
The error code POLARSSL_ERR_X509_PASSWORD_MISMATCH is now properly
returned in case of an encryption failure in the padding. The
POLARSSL_ERR_X509_PASSWORD_REQUIRED error code is only returned for PEM
formatted private keys as for DER formatted ones it is impossible to
distinguish if a DER blob is PKCS#8 encrypted or not.
(cherry picked from commit 1fd4321ba2)

Conflicts:
	include/polarssl/error.h
	scripts/generate_errors.pl
2013-06-25 15:06:52 +02:00
Paul Bakker
b0c19a4b3d PKCS#5 module added. Moved PBKDF2 functionality inside and deprecated
old PBKDF2 module.
(cherry picked from commit 19bd297dc8)

Conflicts:
	include/polarssl/error.h
	scripts/generate_errors.pl
2013-06-25 15:06:52 +02:00
Paul Bakker
fc4f46fa9a Fixed bignum.c and bn_mul.h to support Thumb2 and LLVM compiler
(cherry picked from commit 52b845be34)
2013-06-25 15:06:52 +02:00
Paul Bakker
90995b5ce3 Added mechanism to provide alternative cipher / hash implementations
All symmetric cipher algorithms and hash algorithms now include support
for a POLARSSL_XXX_ALT flag that prevents the definition of the
algorithm context structure and all 'core' functions.
(cherry picked from commit 4087c47043)
2013-06-25 15:06:51 +02:00
Paul Bakker
f1f21fe825 Parsing of PKCS#8 encrypted private key files added and PKCS#12 basis
PKCS#8 encrypted key file support has been added to x509parse_key() with
support for some PCKS#12 PBE functions (pbeWithSHAAnd128BitRC4,
pbeWithSHAAnd3-KeyTripleDES-CBC and pbeWithSHAAnd2-KeyTripleDES-CBC)
(cherry picked from commit cf6e95d9a8)

Conflicts:
	scripts/generate_errors.pl
2013-06-25 15:06:51 +02:00
Paul Bakker
89ecb2d074 ssl_parse_certificate() now calls x509parse_crt_der() directly
(cherry picked from commit 1922a4e6aa)
2013-06-24 19:09:25 +02:00
Paul Bakker
00b2860e8d pem_read_buffer() already update use_len after header and footer are read
After header and footer are read, pem_read_buffer() is able to determine
the length of input data used. This allows calling functions to skip
this PEM bit if an error occurs during its parsing.
(cherry picked from commit 9255e8300e)
2013-06-24 19:09:25 +02:00
Paul Bakker
2a84424a35 Disabled the HAVEGE random generator by default
Rationale: The HAVEGE random generator has too many caveats to be a
standard generator that people rely on. The HAVEGE random generator is not
suitable for virtualized environments. In addition the HAVEGE random
generator is dependent on timing and specific processor traits that
cannot be guaranteed by default on compile time.

Our advice: only use HAVEGE as an additional random source for your
entropy pool, never as your primary source.
(cherry picked from commit 08f06cf49f)
2013-06-24 19:09:24 +02:00
Paul Bakker
3c2122ff9d Fixed const correctness issues that have no impact on the ABI
(cherry picked from commit eae09db9e5)

Conflicts:
	library/gcm.c
2013-06-24 19:09:24 +02:00
Paul Bakker
45bda90caa Comments for extra PSK ciphersuites added to config.h 2013-04-19 22:28:21 +02:00
Paul Bakker
40afb4ba13 Added PSK GCM, SHA256 and SHA384 ciphers from RFC5487 2013-04-19 22:03:30 +02:00
Paul Bakker
0c5fac2931 Reordered ID's to numerical order 2013-04-19 21:10:51 +02:00
Paul Bakker
a1bf92ddb4 Added PSK NULL ciphers from RFC4785 2013-04-19 20:47:26 +02:00
Paul Bakker
bc956d900e Added missing config.h include 2013-04-19 20:47:26 +02:00
Paul Bakker
48f7a5d724 DHE-PSK based ciphersuite support added and cleaner key exchange based
code selection

The base RFC 4279 DHE-PSK ciphersuites are now supported and added.

The SSL code cuts out code not relevant for defined key exchange methods
2013-04-19 20:47:26 +02:00
Paul Bakker
e07f41d4be Introduced defines to control availability of specific SSL Key Exchange
methods.

Introduces POLARSSL_KEY_EXCHANGE_RSA_ENABLED,
POLARSSL_KEY_EXCHANGE_DHE_RSA_ENABLED,
POLARSSL_KEY_EXCHANGE_ECDHE_RSA_ENABLED, etc
2013-04-19 09:08:57 +02:00
Paul Bakker
7ad00f9808 Sanity checks added to config.h
At the end of config.h sanity checks have been added to check for
prerequisites in the different module dependencies
2013-04-18 23:12:34 +02:00
Paul Bakker
ed27a041e4 More granular define selections within code to allow for smaller code
sizes
2013-04-18 23:12:34 +02:00
Paul Bakker
73a899a9eb Changed error code message to also cover missing pre-shared key 2013-04-18 23:12:34 +02:00
Paul Bakker
d4a56ec6bf Added pre-shared key handling for the client side of SSL / TLS
Client side handling of the pure PSK ciphersuites is now in the base
code.
2013-04-18 23:12:33 +02:00
Paul Bakker
8f4ddaeea9 Ability to specify allowed ciphersuites based on the protocol version.
The ciphersuites parameter in the ssl_session structure changed from
'int *' to 'int *[4]'.

The new function ssl_set_ciphersuite_for_version() sets specific entries
inside this array. ssl_set_ciphersuite() sets all entries to the same
value.
(cherry picked from commit a62729888b)

Conflicts:
	ChangeLog
	library/ssl_srv.c
	library/ssl_tls.c
2013-04-16 18:09:45 +02:00
Paul Bakker
eff2e6d414 Fixed MPI assembly for ARM when -O2 is used
GCC with -O2 or higher also needs to now about 'cc' in the clobber list.
2013-04-11 17:13:22 +02:00
Paul Bakker
370e90c2f0 Enable PBKDF2 by default 2013-04-08 15:19:43 +02:00
Paul Bakker
27714b1aa1 Added Camellia ECDHE-based CBC ciphersuites
Added TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 and
TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384
2013-04-07 23:07:12 +02:00
Paul Bakker
d5c2b542cc Indication of x509_get_numeric_string() deprecation 2013-04-07 22:34:26 +02:00
Paul Bakker
c70b982056 OID functionality moved to a separate module.
A new OID module has been created that contains the main OID searching
functionality based on type-dependent arrays. A base type is used to
contain the basic values (oid_descriptor_t) and that type is extended to
contain type specific information (like a pk_alg_t).

As a result the rsa sign and verify function prototypes have changed. They
now expect a md_type_t identifier instead of the removed RSA_SIG_XXX
defines.

All OID definitions have been moved to oid.h
All OID matching code is in the OID module.

The RSA PKCS#1 functions cleaned up as a result and adapted to use the
MD layer.

The SSL layer cleanup up as a result and adapted to use the MD layer.

The X509 parser cleaned up and matches OIDs in certificates with new
module and adapted to use the MD layer.

The X509 writer cleaned up and adapted to use the MD layer.

Apps and tests modified accordingly
2013-04-07 22:00:46 +02:00
Paul Bakker
37de6bec16 Const correctness added for asn1write functions 2013-04-07 13:11:31 +02:00
Paul Bakker
c295b834a2 Minor checks to prevent NULL-pointer exceptions 2013-04-02 11:13:39 +02:00
Paul Bakker
a54e493bc0 Added ECDHE-based SHA256 and SHA384 ciphersuites
Added TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 and
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ciphersuites
2013-03-20 15:31:54 +01:00
Paul Bakker
41c83d3f67 Added Ephemeral Elliptic Curve Diffie Hellman ciphersuites to SSL/TLS
Made all modifications to include Ephemeral Elliptic Curve Diffie
Hellman ciphersuites into the existing SSL/TLS modules. All basic
handling of the ECDHE-ciphersuites (TLS_ECDHE_RSA_WITH_NULL_SHA,
TLS_ECDHE_RSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA)
has been included.
2013-03-20 14:39:14 +01:00
Paul Bakker
00c1f43743 Merge branch 'ecc-devel-mpg' into development 2013-03-13 16:31:01 +01:00
Paul Bakker
d589a0ddb6 Modified Makefiles to include new files and and config.h to PolarSSL standard 2013-03-13 16:30:17 +01:00
Paul Bakker
68884e3c09 Moved to advanced ciphersuite representation and more dynamic SSL code 2013-03-13 14:48:32 +01:00
Paul Bakker
92be97b8e6 Align data with future location based on IV size 2013-03-13 11:46:00 +01:00
Paul Bakker
07eb38ba31 Update ssl_hw_record_init() to receive keylen, ivlen and maclen as well
Added ssl_hw_record_activate()
2013-03-13 11:44:40 +01:00
Paul Bakker
5bd422937a Reverted commit 186751d9dd and made out_hdr and out_msg back-to-back again 2013-03-13 11:44:40 +01:00
Paul Bakker
1bd3ae826c Added md_process() to MD layer for generic internal access to hash
process functions

Access to process functions is needed to reduce possible timing attacks
on SSL MAC checks. As SSL is set to move to using the dynamic MD layer,
the MD layer needs access to these process functions as well.
2013-03-13 10:26:44 +01:00
Paul Bakker
90f042d4cb Prepared for PolarSSL 1.2.6 release 2013-03-11 11:38:44 +01:00
Paul Bakker
fb1cbd3cea Fixed assembly code for ARM (Thumb and regular) for some compilers 2013-03-06 18:14:52 +01:00
Paul Bakker
e81beda60f The SSL session cache module (ssl_cache) now also retains peer_cert information (not the entire chain)
The real peer certificate is copied into a x509_buf in the
ssl_cache_entry and reinstated upon cache retrieval. The information
about the rest of the certificate chain is lost in the process.

As the handshake (and certificate verification) has already been
performed, no issue is foreseen.
2013-03-06 18:01:03 +01:00
Paul Bakker
78a8c71993 Re-added support for parsing and handling SSLv2 Client Hello messages
If the define POLARSSL_SSL_SRV_SUPPORT_SSLV2_CLIENT_HELLO is enabled,
the SSL Server module can handle the old SSLv2 Client Hello messages.

It has been updated to deny SSLv2 Client Hello messages during
renegotiation.
2013-03-06 18:01:03 +01:00
Paul Bakker
a43231c5a5 Added support for custom labels when using rsa_rsaes_oaep_encrypt() or rsa_rsaes_oaep_decrypt() 2013-03-06 18:01:02 +01:00
Paul Bakker
b386913f8b Split up the RSA PKCS#1 encrypt, decrypt, sign and verify functions
Split rsa_pkcs1_encrypt() into rsa_rsaes_oaep_encrypt() and
rsa_rsaes_pkcs1_v15_encrypt()
Split rsa_pkcs1_decrypt() into rsa_rsaes_oaep_decrypt() and
rsa_rsaes_pkcs1_v15_decrypt()
Split rsa_pkcs1_sign() into rsa_rsassa_pss_sign() and
rsa_rsassa_pkcs1_v15_sign()
Split rsa_pkcs1_verify() into rsa_rsassa_pss_verify() and
rsa_rsassa_pkcs1_v15_verify()

The original functions exist as generic wrappers to these functions.
2013-03-06 18:01:02 +01:00
Paul Bakker
8ea31ff3b5 Added missing typedef for INT64 2013-03-06 18:01:02 +01:00
Paul Bakker
9f2018ea28 Fixed typo in _MSC_VER (double underscore at the start) 2013-03-06 18:01:02 +01:00
Paul Bakker
e47b34bdc8 Removed further timing differences during SSL message decryption in ssl_decrypt_buf()
New padding checking is unbiased on correct or incorrect padding and
has no branch prediction timing differences.

The additional MAC checks further straighten out the timing differences.
2013-02-27 14:48:00 +01:00
Paul Bakker
6deb37e03e Added comments to indicate dependency from PEM on AES, DES and MD5 2013-02-19 13:17:08 +01:00
Paul Bakker
fbb5cf9f59 Fixed typo in base64.h 2013-02-14 11:56:58 +01:00
Manuel Pégourié-Gonnard
424fda5d7b Add ecdh_calc_secret() 2013-02-11 22:05:42 +01:00
Manuel Pégourié-Gonnard
5cceb41d2c Add ecdh_{make,read}_public() 2013-02-11 21:51:45 +01:00
Manuel Pégourié-Gonnard
854fbd7ba2 Add ecdh_read_params(). 2013-02-11 21:32:24 +01:00
Manuel Pégourié-Gonnard
13724765b2 Add ecdh_make_server_params (untested yet) 2013-02-10 15:01:54 +01:00
Manuel Pégourié-Gonnard
63533e44c2 Create ecdh_context structure 2013-02-10 14:22:44 +01:00
Manuel Pégourié-Gonnard
98f51815d6 Fix ecp_tls_read_point's signature 2013-02-10 13:38:29 +01:00
Manuel Pégourié-Gonnard
7c145c6418 Fix ecp_tls_read_group's signature 2013-02-10 13:20:52 +01:00
Manuel Pégourié-Gonnard
420f1eb675 Fix ecp_tls_write_point's signature 2013-02-10 12:22:46 +01:00
Manuel Pégourié-Gonnard
b325887fad Add ecp_tls_write_group() 2013-02-10 12:06:19 +01:00
Manuel Pégourié-Gonnard
7e86025f32 Rename ecp_*_binary to ecp_point_*_binary 2013-02-10 10:58:48 +01:00
Manuel Pégourié-Gonnard
d84895dc22 Supress 'format' argument to ecp_read_binary.
And adjust error codes for ecp_*_binary while at it.
2013-02-10 10:53:04 +01:00
Manuel Pégourié-Gonnard
0079405918 Add functions for read/write ECPoint records 2013-02-09 19:00:07 +01:00
Manuel Pégourié-Gonnard
1a96728964 Add function parsing a TLS ECParameters record 2013-02-09 17:53:31 +01:00
Paul Bakker
c7a2da437e Updated for PolarSSL 1.2.5 2013-02-02 19:23:57 +01:00
Paul Bakker
40865c8e5d Added sending of alert messages in case of decryption failures as per RFC
The flag POLARSSL_SSL_ALERT_MESSAGES switched between enabling and
disabling the sending of alert messages that give adversaries intel
about the result of their action. PolarSSL can still communicate with
other parties if they are disabled, but debugging of issues might be
harder.
2013-02-02 19:04:13 +01:00
Paul Bakker
d66f070d49 Disable debug messages that can introduce a timing side channel.
Introduced the POLARSSL_SSL_DEBUG_ALL flag to enable all these debug
messages in case somebody does want to see the reason checks fail.
2013-02-02 19:04:13 +01:00
Paul Bakker
8fe40dcd7d Allow enabling of dummy error_strerror() to support some use-cases
Enable a dummy error function to make use of error_strerror() in
third party libraries easier.

Disable if you run into name conflicts and want to really remove the
error_strerror()
2013-02-02 12:43:08 +01:00
Manuel Pégourié-Gonnard
3aeb5a7192 Add ECDSA signature primitive. 2013-01-26 19:11:28 +01:00
Manuel Pégourié-Gonnard
b309ab2936 Add ECDSA sign primitive 2013-01-26 19:11:28 +01:00
Manuel Pégourié-Gonnard
2aea1416f9 Add skeleton ecdsa.[ch] 2013-01-26 19:11:28 +01:00
Manuel Pégourié-Gonnard
6545ca7bed Add ECDH primitives 2013-01-26 19:11:24 +01:00
Manuel Pégourié-Gonnard
0bad5c2381 Add skeleton ecdh.[ch] 2013-01-26 15:30:46 +01:00
Manuel Pégourié-Gonnard
45a035a9ac Add ecp_gen_keypair() 2013-01-26 14:42:45 +01:00
Paul Bakker
14c56a3378 Updated for PolarSSL 1.2.4 2013-01-25 17:11:37 +01:00
Paul Bakker
1961b709d8 Added ssl_handshake_step() to allow single stepping the handshake
process

Single stepping the handshake process allows for better support of
non-blocking network stacks and for getting information from specific
handshake messages if wanted.
2013-01-25 14:49:24 +01:00
Paul Bakker
f626e1dd28 Fixed comment on maximum tested size for POLARSSL_MPI_MAX_LIMBS 2013-01-21 12:14:17 +01:00
Paul Bakker
cf4365f560 Updated error codes for ECP 2013-01-16 17:00:43 +01:00
Manuel Pégourié-Gonnard
5e402d88ea Added ecp_read_binary(). 2013-01-16 16:31:54 +01:00
Manuel Pégourié-Gonnard
37d218a8e3 Added support for writing points compressed 2013-01-16 16:31:54 +01:00
Manuel Pégourié-Gonnard
e19feb5b46 Added ecp_write_binary(). 2013-01-16 16:31:53 +01:00
Manuel Pégourié-Gonnard
1c33057a63 Added ecp_check_pubkey(). 2013-01-16 16:31:53 +01:00
Manuel Pégourié-Gonnard
b63f9e98f5 Made ecp_mul() faster and truly SPA resistant 2013-01-16 16:31:53 +01:00
Manuel Pégourié-Gonnard
855560758c Added function preparing for faster multiplication 2013-01-16 16:31:52 +01:00
Manuel Pégourié-Gonnard
9674fd0d5e Added ecp_sub() as a variant of ecp_add() 2013-01-16 16:31:52 +01:00
Manuel Pégourié-Gonnard
1c2782cc7c Changed to jacobian coordinates everywhere 2013-01-16 16:31:52 +01:00
Manuel Pégourié-Gonnard
773ed546a2 Added a nbits member to ecp_group 2013-01-16 16:31:52 +01:00
Manuel Pégourié-Gonnard
4bdd47d2cb Multiplication by negative is now forbidden 2013-01-16 16:31:52 +01:00
Manuel Pégourié-Gonnard
4712325777 Clarifications in comments; code cosmetics & style 2013-01-16 16:31:52 +01:00
Manuel Pégourié-Gonnard
dada4da33f Moved domain paramaters to ecp.c 2013-01-16 16:31:51 +01:00
Manuel Pégourié-Gonnard
62aad14139 Added slot for fast modp, with mod_p521 2013-01-16 16:31:51 +01:00
Manuel Pégourié-Gonnard
e0c16922f9 Point multiplication using Jacobian coordinates 2013-01-16 16:31:51 +01:00
Manuel Pégourié-Gonnard
a5402fee04 Added ecp_use_known_dp() 2013-01-16 16:31:50 +01:00
Manuel Pégourié-Gonnard
b505c2796c Got first tests working, fixed ecp_copy() 2013-01-16 16:31:49 +01:00
Manuel Pégourié-Gonnard
847395a8a9 Added ecp_XXX_read_string() 2013-01-16 16:31:49 +01:00
Manuel Pégourié-Gonnard
7cfcea349c Documented error codes properly 2013-01-16 16:31:49 +01:00
Manuel Pégourié-Gonnard
ae180d0f20 Got started on ecp_add(): generic case done 2013-01-16 16:31:49 +01:00
Manuel Pégourié-Gonnard
883f313516 Added ecp_copy() (for points) 2013-01-16 16:31:49 +01:00
Manuel Pégourié-Gonnard
5179e463d5 Allowed point at infinity, supressed ecp_double() 2013-01-16 16:31:49 +01:00
Manuel Pégourié-Gonnard
d7e4570ad1 Copied ECP parameters from RFC 5114 2013-01-16 16:31:49 +01:00
Manuel Pégourié-Gonnard
39d2adbbd0 Added (skeleton) ecp.[ch] 2013-01-16 16:31:48 +01:00
Paul Bakker
fb1ba781b3 Updated for release 1.2.3 2012-11-26 16:28:25 +01:00
Paul Bakker
df5069cb97 Updated for 1.2.2 release 2012-11-24 12:20:19 +01:00
Paul Bakker
769075dfb6 Fixed dependency on POLARSSL_SHA4_C in ssl modules 2012-11-24 11:26:46 +01:00
Paul Bakker
926af7582a Fixed client certificate handling with TLS 1.2 2012-11-23 13:38:07 +01:00
Paul Bakker
e667c98fb1 Added p_hw_data to ssl_context for context specific hardware acceleration data 2012-11-20 13:50:22 +01:00
Paul Bakker
1f9d02dc90 Added more notes / comments on own_cert, trust_ca purposes 2012-11-20 10:30:55 +01:00
Paul Bakker
25338d74ac Added proper gitignores for Linux CMake use 2012-11-18 22:56:39 +01:00
Paul Bakker
43ae298410 - Fixed argument types 2012-11-14 12:14:19 +00:00
Paul Bakker
34d8dbcc6d - Depth that the certificate verify callback receives is now numbered bottom-up (Peer cert depth is 0) 2012-11-14 12:11:38 +00:00
Paul Bakker
e0f41f3086 - Updated version to 1.2.1 2012-11-13 12:55:02 +00:00
Paul Bakker
c893e0257f - Added extra documentation 2012-11-07 20:41:16 +00:00
Paul Bakker
096348fa79 - Fixed comments / typos 2012-11-07 20:05:38 +00:00
Paul Bakker
77db6ce348 - Fixed doxygen blocks 2012-11-07 19:57:39 +00:00
Paul Bakker
6831c4a1a8 - Fixed typos 2012-11-07 19:46:27 +00:00
Paul Bakker
7c900780d9 - Default to disabled renegotiation 2012-11-04 16:29:08 +00:00
Paul Bakker
7a2538ee38 - Fixes for MSVC6 2012-11-02 10:59:36 +00:00
Paul Bakker
645ce3a2b4 - Moved ciphersuite naming scheme to IANA reserved names 2012-10-31 12:32:41 +00:00
Paul Bakker
b0550d90c9 - Added ssl_get_peer_cert() to SSL API 2012-10-30 07:51:03 +00:00
Paul Bakker
4f024b7ba9 - Fixed for SPARC64 2012-10-30 07:29:57 +00:00
Paul Bakker
df2bb75c28 - Premaster should have a maximum of MPI size 2012-10-24 14:30:00 +00:00
Paul Bakker
ba26e9ebfd - Cache now only allows a maximum of entries in cache for preventing memory overrun 2012-10-23 22:18:28 +00:00
Paul Bakker
0fd018efb2 - Fixed preprocessor typo 2012-10-23 12:44:47 +00:00
Paul Bakker
09f097d45f - Added more documentation on disable / enable renegotiation 2012-10-23 11:54:56 +00:00
Paul Bakker
2b6af2fbf0 - Only define mpi_read_file and mpi_write_file if POLARSSL_FS_IO is present 2012-10-23 11:08:02 +00:00
Paul Bakker
0f5281a35b - Enlarged buffer to fit gcm_context on all platforms 2012-10-23 11:06:25 +00:00
Paul Bakker
8f387e6605 - Updated trunk base version to 1.2.0 for prerelease 1 2012-10-02 15:26:45 +00:00
Paul Bakker
62261d6bd6 - Rewrote bignum type definition #ifdef tree to work better on all
systems
2012-10-02 12:19:31 +00:00
Paul Bakker
9ef6e2bfb6 - Added missing int32_t definition 2012-10-01 20:57:38 +00:00
Paul Bakker
e23c31561f - Fixed typo 2012-10-01 14:42:47 +00:00
Paul Bakker
5c2364c2ba - Moved from unsigned long to uint32_t throughout code 2012-10-01 14:41:15 +00:00
Paul Bakker
6adff7497a - Fixed typo 2012-10-01 11:03:14 +00:00
Paul Bakker
23f3680898 - Added proper support for TLS 1.2 signature_algorithm extension on server
side
 - Minor const changes to other extension parsing functions
2012-09-28 14:15:14 +00:00
Paul Bakker
1d29fb5e33 - Added option to add minimum accepted SSL/TLS protocol version 2012-09-28 13:28:45 +00:00
Paul Bakker
62f2deef8b - Set POLARSSL_DHM_RFC5114_MODP_1024_[PG] as default DHM MODP group for SSL/TLS 2012-09-28 07:31:51 +00:00
Paul Bakker
da7e3f225a - Added RFC 3526 2048-bit and 3072-bit MODP groups 2012-09-28 07:18:17 +00:00
Paul Bakker
915275ba78 - Revamped x509_verify() and the SSL f_vrfy callback implementations 2012-09-28 07:10:55 +00:00
Paul Bakker
5701cdcd02 - Added ServerName extension parsing (SNI) at server side 2012-09-27 21:49:42 +00:00
Paul Bakker
f918310193 - Autosize POLARSSL_MPI_RW_BUFFER_SIZE at compile time 2012-09-27 20:42:35 +00:00
Paul Bakker
eb2c658163 - Generalized external private key implementation handling (like PKCS#11) in SSL/TLS 2012-09-27 19:15:01 +00:00
Paul Bakker
5531c6d92c - Change buffer size on mpi_write_file() to cover larger size MPIs 2012-09-26 19:20:46 +00:00
Paul Bakker
a864f2ee51 - Removed trailing semicolon 2012-09-26 08:29:20 +00:00
Paul Bakker
0a59707523 - Added simple SSL session cache implementation
- Revamped session resumption handling
2012-09-25 21:55:46 +00:00
Paul Bakker
29b64761fd - Added predefined DHM groups from RFC 5114 2012-09-25 09:36:44 +00:00
Paul Bakker
d0f6fa7bdc - Sending of handshake_failures during renegotiation added
- Handle two legacy modes differently: SSL_LEGACY_BREAK_HANDSHAKE and SSL_LEGACY_NO_RENEGOTIATION
2012-09-17 09:18:12 +00:00
Paul Bakker
48916f9b67 - Added Secure Renegotiation (RFC 5746) 2012-09-16 19:57:18 +00:00
Paul Bakker
f518b16f97 - Added PKCS#5 PBKDF2 key derivation function 2012-08-23 13:03:18 +00:00
Paul Bakker
894dece46c - Cleaner return value (for C++) 2012-08-23 08:34:32 +00:00
Paul Bakker
b68cad6cc7 - Made cipersuites in ssl context const (no intention to modify)
- Adjusted ssl_set_ciphersuites() to match
2012-08-23 08:34:18 +00:00
Paul Bakker
5552c8c0b3 - Updated documentation 2012-07-05 13:31:54 +00:00
Paul Bakker
6132d0aa93 - Added Blowfish to generic cipher layer
- Renamed POLARSSL_MODE_CFB128 to POLARSSL_MODE_CFB
2012-07-04 17:10:40 +00:00
Paul Bakker
a9379c0ed1 - Added base blowfish algorithm 2012-07-04 11:02:11 +00:00
Paul Bakker
2770fbd651 - Added DEFLATE compression support as per RFC3749 (requires zlib) 2012-07-03 13:30:23 +00:00
Paul Bakker
4f9a7bb7fd - Added Thumb assembly optimizations 2012-07-02 08:36:36 +00:00
Paul Bakker
8d914583f3 - Added X509 CA Path support 2012-06-04 12:46:42 +00:00
Paul Bakker
f6198c1513 - mpi_exp_mod() now correctly handles negative base numbers (Closes ticket #52) 2012-05-16 08:02:29 +00:00
Paul Bakker
186751d9dd - Moved out_msg to out_hdr + 32 to support hardware acceleration 2012-05-08 13:16:14 +00:00
Paul Bakker
6b906e5095 - Const correctness mpi_get_bit()
- Documentation mpi_lsb(), mpi_msb()
2012-05-08 12:01:43 +00:00
Paul Bakker
05ef835b6a - Added support for Hardware Acceleration hooking in SSL/TLS 2012-05-08 09:17:57 +00:00
Paul Bakker
c9b3e1e783 - Fixed typo 2012-04-26 18:59:23 +00:00
Paul Bakker
84bef1db2c - Fixed DHM length to correct one 2012-04-20 13:42:02 +00:00
Paul Bakker
380da53c48 - Abstracted checksum updating during handshake 2012-04-18 16:10:25 +00:00
Paul Bakker
ca4ab49158 - Added GCM ciphersuites to TLS implementation 2012-04-18 14:23:57 +00:00
Paul Bakker
d8ef167833 - Updated for latest GCM error 2012-04-18 14:17:32 +00:00
Paul Bakker
0a9251870a - Report unexpected_message if unknown record type is received 2012-04-16 06:46:41 +00:00
Paul Bakker
10cd225962 - Added support for the SHA256 ciphersuites of AES and Camellia 2012-04-12 21:26:34 +00:00
Paul Bakker
c3f177a77b - Added client side support for signature_algorithm extension and affiliated handling 2012-04-11 16:11:49 +00:00
Paul Bakker
1ef83d66dd - Initial bare version of TLS 1.2 2012-04-11 12:09:53 +00:00
Paul Bakker
e93dfa72a5 - Added hex documentation for alerts 2012-04-10 08:03:03 +00:00
Paul Bakker
56a7684023 - Added alternative for SHA1 signature structure to check for (without NULL) 2012-03-22 15:31:27 +00:00
Paul Bakker
89e80c9a43 - Added base Galois/Counter mode (GCM) for AES 2012-03-20 13:50:09 +00:00
Paul Bakker
3cac5e012b - x509_write_cert_req() now supports all available hash functions 2012-02-16 14:08:06 +00:00
Paul Bakker
058881547f - Certificate Requests written now have the Email address written in IA5String 2012-02-16 10:26:57 +00:00
Paul Bakker
bdb912db69 - Added preliminary ASN.1 buffer writing support
- Added preliminary X509 Certificate Request writing support
 - Added key_app_writer example application
 - Added cert_req example application
2012-02-13 23:11:30 +00:00
Paul Bakker
1504af585c - Removed redundant POLARSSL_DEBUG_MSG define 2012-02-11 16:17:43 +00:00
Paul Bakker
a8cd239d6b - Added support for wildcard certificates
- Added support for multi-domain certificates through the X509 Subject Alternative Name extension
2012-02-11 16:09:32 +00:00
Paul Bakker
fab5c829e7 - Added support for NULL cipher (POLARSSL_CIPHER_NULL_CIPHER) and weak ciphersuites (POLARSSL_ENABLE_WEAK_CIPHERSUITES). They are disabled by default! 2012-02-06 16:45:10 +00:00
Paul Bakker
e708e5c901 - Always return 0 fixed in doc for havege_random() 2012-02-03 08:13:57 +00:00
Paul Bakker
3c18a830b3 - Made changes for 1.1.1 release 2012-01-23 09:44:43 +00:00
Paul Bakker
6621987e1c - Made better fix to issue of defined long long type for bignum code 2012-01-22 20:38:13 +00:00
Paul Bakker
cf0360a14e - Fixed compiler error on 64-bit systems not using GCC
- t_udbl optimization now also works on platforms that did not define POLARSSL_HAVE_LONGLONG
2012-01-20 10:08:14 +00:00
Paul Bakker
8913f82c26 - Fixed compiler warning for unreferenced ret in md_file() when POLARSSL_FS_IO not declared 2012-01-14 18:07:41 +00:00
Paul Bakker
b15b851d6d - Check for failed malloc() in ssl_set_hostname() and x509_get_entries() (Closes ticket #47, found by Hugo Leisink) 2012-01-13 13:44:06 +00:00
Paul Bakker
8b21f7a55d - Fixed variable doc for 'tag' 2012-01-13 13:29:05 +00:00
Paul Bakker
43655f46b0 - Added option to prevent default entropy sources from loading (POLARSSL_NO_DEFAULT_ENTROPY_SOURCES) 2011-12-15 20:11:16 +00:00
Paul Bakker
ccdb028629 - Fixed include with relative directory 2011-12-15 19:49:51 +00:00
Paul Bakker
28c7e7f6fa - Added HAVEGE as a default entropy source 2011-12-15 19:49:30 +00:00
Paul Bakker
9bc2f320b8 - Added option to prevent installation of header files 2011-12-11 11:25:30 +00:00
Paul Bakker
69e095cc15 - Changed the behaviour of x509parse_parse_crt for permissive parsing. Now returns the number of 'failed certificates' instead of having a switch to enable it.
- As a consequence all error code that were positive were changed. A lot of MALLOC_FAILED and FILE_IO_ERROR error codes added for different modules.
 - Programs and tests were adapted accordingly
2011-12-10 21:55:01 +00:00
Paul Bakker
bd4a9d0cda - Changed entropy accumulator to have per-source thresholds 2011-12-10 17:02:19 +00:00
Paul Bakker
5cb9db4c5b - Seed-size now matches required entropy for key + IV 2011-12-10 17:01:41 +00:00
Paul Bakker
c50132d4fa - Updated version of PolarSSL to 1.1.0 2011-12-05 14:38:36 +00:00
Paul Bakker
fc754a9178 - Addedd writing and updating of seedfiles as functions to CTR_DRBG 2011-12-05 13:23:51 +00:00
Paul Bakker
4f5ae803fa - Fixed MS Visual C++ name clash with int64 in sha4.h 2011-12-04 22:10:28 +00:00
Paul Bakker
6c0ceb3f9a - Added permissive certificate parsing to x509parse_crt() and x509parse_crtfile(). With permissive parsing the parsing does not stop on encountering a parse-error 2011-12-04 12:24:18 +00:00
Paul Bakker
6083fd252d - Added a generic entropy accumulator that provides support for adding custom entropy sources and added some generic and platform dependent entropy sources 2011-12-03 21:45:14 +00:00
Paul Bakker
1bc9efc00a - Fixed const correctness
- Added ctr_drbg_update for non-fixed data lengths
 - Fixed void pointer arithmetic
2011-12-03 11:29:32 +00:00
Paul Bakker
cb37aa5912 - Better buffer handling in mpi_read_file() 2011-11-30 16:00:20 +00:00
Paul Bakker
2bc7cf16fe - Cleaned up and further documented CTR_DRBG code 2011-11-29 10:50:51 +00:00
Paul Bakker
a3d195c41f - Changed the used random function pointer to more flexible format. Renamed havege_rand() to havege_random() to prevent mistakes. Lots of changes as a consequence in library code and programs 2011-11-27 21:07:34 +00:00
Paul Bakker
0e04d0e9a3 - Added CTR_DRBG based on AES-256-CTR (NIST SP 800-90) random generator 2011-11-27 14:46:59 +00:00
Paul Bakker
4463740fe4 - Improved build support for s390x and sparc64 in bignum.h 2011-11-26 09:23:07 +00:00
Paul Bakker
fe3256e54b - Introduced POLARSSL_MPI_MAX_SIZE and POLARSSL_MPI_MAX_BITS for MPI size management (Closes ticket #44) 2011-11-25 12:11:43 +00:00
Paul Bakker
b6d5f08051 - Added POLARSSL_MPI_WINDOW_SIZE definition to allow easier time to memory trade-off 2011-11-25 11:52:11 +00:00
Paul Bakker
cce9d77745 - Lots of minimal changes to better support WINCE as a build target 2011-11-18 14:26:47 +00:00
Paul Bakker
a2713a327c - Made switch for ARM thumb assembly. Still has to be added! 2011-11-18 12:47:23 +00:00
Paul Bakker
5e18aed436 - Changed the defined key-length of DES ciphers in cipher.h to include the parity bits, to prevent mistakes in copying data. (Closes ticket #33) 2011-11-15 15:38:45 +00:00
Paul Bakker
f7e5bb5904 - Added cipher_get_cipher_mode() and cipher_get_cipher_operation() introspection functions (Closes ticket #40) 2011-11-11 10:53:37 +00:00
Paul Bakker
2028156556 - Fixed typos in copied text (Fixed ticket #39) 2011-11-11 10:34:04 +00:00
Paul Bakker
efc302964c - Extracted ASN.1 parsing code from the X.509 parsing code. Added new module. 2011-11-10 14:43:23 +00:00
Paul Bakker
fa1c592860 - Fixed faulty HMAC-MD2 implementation (Fixes ticket #37) 2011-10-06 14:18:49 +00:00
Paul Bakker
ca6f3e24a4 - Clarified use of AES and Camellia in CFB and CTR modes 2011-10-06 13:11:08 +00:00
Paul Bakker
490ecc8c3e - Added ssl_set_max_version() to set the client's maximum sent version number 2011-10-06 13:04:09 +00:00
Paul Bakker
7eb013face - Added ssl_session_reset() to allow re-use of already set non-connection specific context information 2011-10-06 12:37:39 +00:00
Paul Bakker
4793cc4620 - Fixed typo in doxygen info 2011-08-17 09:40:55 +00:00
Paul Bakker
314052fbfc - Removed extraneous "polarssl/" in front on include directives in header files 2011-08-15 09:07:52 +00:00
Paul Bakker
4d8ca70833 - Fixed order of comments to match function rsa_pkcs1_decrypt 2011-08-09 10:31:05 +00:00
Paul Bakker
968bc9831b - Preparations for v1.0.0 release of PolarSSL 2011-07-27 17:03:00 +00:00
Paul Bakker
5c721f98fd - Introduced POLARSSL_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION flag to continue parsing when encountering a critical flag that's not supported by PolarSSL
- Minor Fix in ASN.1 comments of PrivateKeyInfo
2011-07-27 16:51:09 +00:00
Paul Bakker
09b1ec68c8 - Adapted define for inline to be more solid 2011-07-27 16:28:54 +00:00
Paul Bakker
ed56b224de - Added support for PKCS#8 wrapper on reading private keys (Fixes ticket #20) 2011-07-13 11:26:43 +00:00
Paul Bakker
73206954d4 - Made des_key_check_weak() conform to other functions in return values.
- Added documentation for des_key_check_weak() and des_key_check_key_parity()
2011-07-06 14:37:33 +00:00
Paul Bakker
684ddce18c - Minor fixer to remove compiler warnings for ARMCC 2011-07-01 09:25:54 +00:00
Paul Bakker
74fb74ebd9 - Updated ARMCC_VERSION to __ARMCC_VERSION 2011-06-21 13:36:18 +00:00
Paul Bakker
569df2c135 - Fixed inline definition for ARM systems 2011-06-21 07:48:07 +00:00
Paul Bakker
1aa3d76309 - Fixed a missing t_udbl conversion 2011-06-21 07:37:28 +00:00
Paul Bakker
39bb418d93 - Made second argument of f_send() prototype and of net_send() const 2011-06-21 07:36:43 +00:00
Paul Bakker
9c021adeff - Added regular error codes for generic message digest layer 2011-06-09 15:55:11 +00:00
Paul Bakker
ff61a78a27 - Added and updated cipher error codes and documentation 2011-06-09 15:42:02 +00:00
Paul Bakker
343a870daa - Expanded generic cipher layer with support for CTR and CFB128 modes of operation. 2011-06-09 14:27:58 +00:00
Paul Bakker
1ef71dffc7 - Updated unsignedness in some missed cases 2011-06-09 14:14:58 +00:00
Paul Bakker
828acb2234 - Updated for release 0.99-pre5 2011-05-27 09:25:42 +00:00
Paul Bakker
5690efccc4 - Fixed a whole bunch of dependencies on defines between files, examples and tests 2011-05-26 13:16:06 +00:00
Paul Bakker
70338f50fa - Fixed position of padlock error definition 2011-05-23 10:19:31 +00:00
Paul Bakker
192381aa89 - Made listen backlog number a define 2011-05-20 12:31:31 +00:00
Paul Bakker
bcd5db493f - Added C++ wrapper code 2011-05-20 12:30:59 +00:00
Paul Bakker
2f5947e1f6 - Added mpi_get_bit() and mpi_set_bit() individual bit setter/getter functions. 2011-05-18 15:47:11 +00:00
Paul Bakker
831a755d9e - Changed behaviour of net_recv(), ssl_fetch_input() and ssl_read(). net_recv() now returns 0 on EOF instead of POLARSSL_ERR_NET_CONN_RESET. ssl_fetch_input() returns POLARSSL_ERR_SSL_CONN_EOF on an EOF from its f_recv() function. ssl_read() returns 0 if a POLARSSL_ERR_SSL_CONN_EOF is received after the handshake.
- Network functions now return POLARSSL_ERR_NET_WANT_READ or POLARSSL_ERR_NET_WANT_WRITE instead of the ambiguous POLARSSL_ERR_NET_TRY_AGAIN
2011-05-18 13:32:51 +00:00
Paul Bakker
e29ab06701 - Fixed minor typo 2011-05-18 13:26:54 +00:00
Paul Bakker
9d781407bc - A error_strerror function() has been added to translate between error codes and their description.
- The error codes have been remapped and combining error codes is now done with a PLUS instead of an OR as error codes used are negative.
 - Descriptions to all error codes have been added.
 - Generation script for error.c has been created to automatically generate error.c from the available error definitions in the headers.
2011-05-09 16:17:09 +00:00
Paul Bakker
6c591fab72 - mpi_init() and mpi_free() only accept a single argument and do not accept variable arguments anymore. This prevents unexpected memory corruption in a number of use cases. 2011-05-05 11:49:20 +00:00
Paul Bakker
f968857a82 - Removed conversions to int when not needed to prevent signed / unsigned situations
- Maximized mpi limb size
2011-05-05 10:00:45 +00:00
Paul Bakker
335db3f121 - Functions requiring File System functions can now be disables by undefining POLARSSL_FS_IO 2011-04-25 15:28:35 +00:00
Paul Bakker
15566e4396 - Reordered options alphabetically 2011-04-24 21:19:15 +00:00
Paul Bakker
2eee902be3 - Better timer for Windows platforms
- Made alarmed volatile for better Windows compatibility
2011-04-24 15:28:55 +00:00
Paul Bakker
a755ca1bbe - Renamed t_s_int, t_int and t_dbl to respectively t_sint, t_uint and t_udbl for clarity 2011-04-24 09:11:17 +00:00
Paul Bakker
23986e5d5d - Major type rewrite of int to size_t for most variables and arguments used for buffer lengths and loops 2011-04-24 08:57:21 +00:00
Paul Bakker
b6ecaf5276 - Added additional (configurable) cipher block modes. AES-CTR, Camellia-CTR, XTEA-CBC 2011-04-19 14:29:23 +00:00
Paul Bakker
af5c85fc10 - Improved portability with Microsoft Visual C 2011-04-18 03:47:52 +00:00
Paul Bakker
3efa575ff2 - Ready for release 0.99-pre4 2011-04-01 12:23:26 +00:00
Paul Bakker
0216cc1bee - Added flag to disable Chinese Remainder Theorem when using RSA private operation (POLARSSL_RSA_NO_CRT) 2011-03-26 13:40:23 +00:00
Paul Bakker
287781a965 - Added mpi_fill_random() for centralized filling of big numbers with random data (Fixed ticket #10) 2011-03-26 13:18:49 +00:00
Paul Bakker
917e754e9b - Added declaration of x509parse_public_key() and x509parse_public_keyfile() to
the x509 header file
2011-03-25 14:23:36 +00:00
Paul Bakker
fbc4a45f15 - Fixed typo in define 2011-03-25 09:07:46 +00:00
Paul Bakker
9dcc32236b - Added support for PKCS#1 v2.1 encoding and thus support for the RSAES-OAEP and RSASSA-PSS operations (enabled by POLARSSL_PKCS1_V21) 2011-03-08 14:16:06 +00:00
Paul Bakker
345a6fee91 - Replaced function that fixes man-in-the-middle attack
- Added message to indicate inclusion of man-in-the-middle attack (Reported by Larry Highsmith, Subreption LLC)
 - Released version 0.99-pre3
2011-02-28 21:20:02 +00:00
Paul Bakker
1946e42dd4 - Made ready for 0.99-pre2 release 2011-02-25 09:39:39 +00:00
Paul Bakker
400ff6f0fd - Corrected parsing of UTCTime dates before 1990 and after 1950
- Support more exotic OID's when parsing certificates
 - Support more exotic name representations when parsing certificates
 - Replaced the expired test certificates
2011-02-20 10:40:16 +00:00
Paul Bakker
96743fc5f5 - Parsing of PEM files moved to separate module (Fixes ticket #13). Also possible to remove PEM support for systems only using DER encoding
- Parsing PEM private keys encrypted with DES and AES are now supported (Fixes ticket #5)
 - Added tests for encrypted keyfiles
2011-02-12 14:30:57 +00:00
Paul Bakker
cdf07e9979 - Information about missing or non-verified client certificate is not provided as well. 2011-01-30 17:05:13 +00:00
Paul Bakker
9fc4659b30 - Preparing for Release of 0.99 prerelease 1 2011-01-30 16:59:02 +00:00
Paul Bakker
e3166ce040 - Renamed ciphers member of ssl_context and cipher member of ssl_session to ciphersuites and ciphersuite respectively. This clarifies the difference with the generic cipher layer and is better naming altogether
- Adapted in the rest of using code as well
2011-01-27 17:40:50 +00:00
Paul Bakker
f3b86c1e62 - Updated Doxygen documentation generation and documentation on small parts 2011-01-27 15:24:17 +00:00
Paul Bakker
0a62cd1a18 - Extra clarification in config header 2011-01-21 11:00:08 +00:00
Paul Bakker
562535d11b - Split current md_starts() and md_hmac_starts() functionality into separate md_init_ctx() for allocating the context and the existing starts() functions to initialize the message digest for use. 2011-01-20 16:42:01 +00:00
Paul Bakker
1f14d08cf9 - Fixed typo
- Clarified necessity of different input and output buffer on cipher_update()
 - Fixed value of enumeration of cipher ids
2011-01-20 16:33:24 +00:00
Paul Bakker
d61e7d98cb - Cleaned up warning-generating code 2011-01-18 16:17:47 +00:00
Paul Bakker
f917e42c9b - Disables PKCS#11 support by default 2011-01-18 16:15:25 +00:00
Paul Bakker
43b7e35b25 - Support for PKCS#11 through the use of the pkcs11-helper library 2011-01-18 15:27:19 +00:00
Paul Bakker
0f5f72e949 - Fixed doxygen syntax to standard '\' instead of '@' 2011-01-18 14:58:55 +00:00
Paul Bakker
dd47699ba5 - Moved storing of a printable serial into a separate function 2011-01-16 21:34:59 +00:00
Paul Bakker
72f6266f02 - Improved information provided about current Hashing, Cipher and Suite capabilities 2011-01-16 21:27:44 +00:00
Paul Bakker
43ca69c38a - Added function for stringified SSL/TLS version 2011-01-15 17:35:19 +00:00
Paul Bakker
1f87fb6896 - Support for DES weak keys and parity bits added 2011-01-15 17:32:24 +00:00
Paul Bakker
74111d30b7 - Improved X509 certificate parsing to include extended certificate fields, such as Key Usage 2011-01-15 16:57:55 +00:00
Paul Bakker
b63b0afc05 - Added verification callback in certificate verification chain in order to allow external blacklisting 2011-01-13 17:54:59 +00:00
Paul Bakker
1b57b06751 - Added reading of DHM context from memory and file 2011-01-06 15:48:19 +00:00
Paul Bakker
8123e9d8f1 - Added generic cipher wrapper for integration with OpenVPN (donated by Fox-IT) 2011-01-06 15:37:30 +00:00
Paul Bakker
1737385e04 - Added generic message digest wrapper for integration with OpenVPN (donated by Fox-IT) 2011-01-06 14:20:01 +00:00
Paul Bakker
37ca75d6f2 - Added Doxygen source code documentation parts (donated by Fox-IT) 2011-01-06 12:28:03 +00:00
Paul Bakker
547f73d66f - Added install targets to the CMake files 2011-01-05 15:07:54 +00:00
Paul Bakker
7c8fc71aea - Updated compile-time and run-time version number and test 2010-08-16 12:41:27 +00:00
Paul Bakker
21eb2802fe - Changed origins of random function and pointer in rsa_pkcs1_encrypt, rsa_init, rsa_gen_key.
Moved to parameters of function instead of context pointers as within ssl_cli, context pointer cannot be set easily.
2010-08-16 11:10:02 +00:00
Paul Bakker
2e11f7d966 - Added support for TLS v1.1
- Renamed some SSL defines to prevent future naming confusion
2010-07-25 14:24:53 +00:00
Paul Bakker
b96f154e51 - Fixed copyright message 2010-07-18 20:36:00 +00:00
Paul Bakker
84f12b76fc - Updated Copyright to correct entity 2010-07-18 10:13:04 +00:00
Paul Bakker
c38b2f5bcf - Fixed documentation 2010-07-18 10:06:45 +00:00
Paul Bakker
ff7fe670bb - Minor DHM code cleanup/comments 2010-07-18 09:45:05 +00:00
Paul Bakker
f55ec08bc8 - Fixed typo 2010-07-18 09:22:04 +00:00
Paul Bakker
b924f0494a - Fixed documentation typo 2010-07-18 08:49:19 +00:00
Paul Bakker
b572adf5e6 - Removed dependency on rand() in rsa_pkcs1_encrypt(). Now using random fuction provided to context
- Expanded ssl_client2 arguments for more flexibility
 - rsa_check_private() now supports PKCS1v2 keys as well
 - Fixed deadlock in rsa_pkcs1_encrypt() on failing random generator
2010-07-18 08:29:32 +00:00
Paul Bakker
3ac1b2d952 - Added runtime and compiletime version information 2010-06-18 22:47:29 +00:00
Paul Bakker
77a43580da - Added support for the SSL_EDH_RSA_AES_128_SHA and SSL_EDH_RSA_CAMELLIA_128_SHA ciphersuites 2010-06-15 21:32:46 +00:00
Paul Bakker
57b7914445 - String peer_cn in ssl context made const as well. 2010-03-24 06:51:15 +00:00
Paul Bakker
fc8c4360b8 - Updated copyright line to 2010 2010-03-21 17:37:16 +00:00
Paul Bakker
1f3c39c194 - Removed copyright line for Christophe Devine for clarity 2010-03-21 17:30:05 +00:00
Paul Bakker
7d3b661bfe - Added reset functionality for HMAC context. Speed-up for some use-cases. 2010-03-21 16:23:13 +00:00
Paul Bakker
27caa8a17e - Changed text for return 0 lines 2010-03-21 15:43:59 +00:00
Paul Bakker
baad6504d4 - Changed ARC4 to use seperate input/output buffer 2010-03-21 15:42:15 +00:00
Paul Bakker
f3ccc68100 - Fixed cipher interface for encrypt/decrypt functions 2010-03-18 21:21:02 +00:00
Paul Bakker
27d661657b - Added x509_get_sig_alg() to allow easy future X509 signature algorithm determination expansion 2010-03-17 06:56:01 +00:00
Paul Bakker
ff60ee6c2a - Added const-correctness to main codebase 2010-03-16 21:09:09 +00:00
Paul Bakker
9120018f3d - Added support for GeneralizedTime in X509 certificates 2010-02-18 21:26:15 +00:00
Paul Bakker
477fd326bd - Removed dos newlines 2009-10-04 13:22:13 +00:00
Paul Bakker
6506aff92d - Removed MD2 and MD4 by default 2009-07-28 20:52:02 +00:00
Paul Bakker
3391b12ce3 - Fixed error codes. Negative when needed (SSL error codes). Non-negative if error-codes are OR'ed to other error codes (ASN1, Base64, MPI, DHM). The rest is negative by default. 2009-07-28 20:11:54 +00:00
Paul Bakker
77b385e91a - Updated copyright messages on all relevant files 2009-07-28 17:23:11 +00:00
Paul Bakker
13e2dfecaa - Cleaned up header documentation 2009-07-28 07:18:38 +00:00
Paul Bakker
2b222c830b - Changed interface for AES and Camellia setkey functions to indicate invalid key lengths. 2009-07-27 21:03:45 +00:00
Paul Bakker
c89cf7ceff - Updated assembly to not clobber ebx and allow shared libs again 2009-07-19 21:37:39 +00:00
Paul Bakker
38e2b482ff - Fixed typo in name of POLARSSL_ERR_RSA_OUTPUT_TOO_LARGE. 2009-07-19 20:41:06 +00:00
Paul Bakker
fc22c441bc - Renamed RSA_RAW to SIG_RSA_RAW for consistency in the code. 2009-07-19 20:36:27 +00:00
Paul Bakker
b5bf176f4c - Major change: Errors are now positive numbers instead of negative.
Reason: You cannot OR negative values correctly
2009-07-19 20:28:35 +00:00
Paul Bakker
1a9382ea80 - Prevented use of long long in bignum if POLARSSL_HAVE_LONGLONG not defined (found by Giles Bathgate). 2009-07-11 16:35:32 +00:00
Paul Bakker
40fe2b02db - Fixed clobberlist of asm command. (Required for correct handling of coverage testing) 2009-07-08 19:49:01 +00:00
Paul Bakker
e5c19aab6e - Fixed name of xtea_crypt_ecb() 2009-07-08 06:43:40 +00:00
Paul Bakker
ce40a6d21d - Fixed incorrect handling of negative first input value in mpi_mod_mpi() and mpi_mod_int(). Resulting change also affects mpi_write_string() (found by code coverage tests). 2009-06-23 19:46:08 +00:00
Paul Bakker
80ab9f5eb5 - Fixed uint32_t definition on Windows systems 2009-05-24 14:42:46 +00:00
Paul Bakker
4c067eb92b - Added extra comments explaining CBC mode should receive
multiples of block size as input.
2009-05-17 10:25:19 +00:00
Paul Bakker
c81f6c3f06 - Made Camellia use uint32_t for 64-bit compatibility 2009-05-03 13:09:15 +00:00
Paul Bakker
0fdf3cacf2 - Modified XTEA to use uint32_t instead of unsigned long 2009-05-03 12:54:07 +00:00
Paul Bakker
40ea7de46d - Added CRL revocation support to x509parse_verify()
- Fixed an off-by-one allocation in ssl_set_hostname()
 - Added CRL support to SSL/TLS code
2009-05-03 10:18:48 +00:00
Paul Bakker
d98030e7d6 - Added prelimenary CRL parsing and info support 2009-05-02 15:13:40 +00:00
Paul Bakker
68041ec500 - added description to POLARSSL_HAVE_ASM 2009-04-19 21:17:55 +00:00
Paul Bakker
34a9056f39 - POLARSSL_HAVE_ASM also used in padlock and timing code. 2009-04-19 21:17:09 +00:00
Paul Bakker
592457c0ad - Fixed documentation typos.. 2009-04-01 19:01:43 +00:00
Paul Bakker
619467aff8 - Added explanation for first bit/byte to zero in rsa_public 2009-03-28 23:26:51 +00:00
Paul Bakker
4593aeadaf - Added support for RFC4055 SHA2 and SHA4 signature algorithms for
use with PKCS#1 v1.5 signing and verification.
 - Added extra certificates to test-ca and test code to further test
   functionality of SHA2 and SHA4 signing and verification.
 - Updated other program files accordingly
2009-02-09 22:32:35 +00:00
Paul Bakker
785a9eeece - Added email address to header license information 2009-01-25 14:15:10 +00:00
Paul Bakker
060c56871c - Fixed possible heap overflow in pkcs1_decrypt on data larger than output
buffer after padding. For instance the premaster decryption in
   ssl_parse_client_key_exchange() in ssl_serv.c (Thanks to Christophe
   Devine)
2009-01-12 21:48:39 +00:00
Paul Bakker
b5ef0bada4 - Added SSL_RSA_CAMELLIA_128_SHA, SSL_RSA_CAMELLIA_256_SHA, SSL_EDH_RSA_CAMELLIA_256_SHA ciphersuites to SSL 2009-01-11 20:25:36 +00:00
Paul Bakker
38119b18d6 - Added first version of Camellia 2009-01-10 23:31:23 +00:00
Paul Bakker
7a7c78fd02 - Added XTEA Algorithm (Not used in SSL) 2009-01-04 18:15:48 +00:00
Paul Bakker
e0ccd0a7c3 - Updated Copyright notices 2009-01-04 16:27:10 +00:00
Paul Bakker
40e46940df - First replacement of xyssl by polarssl where needed 2009-01-03 21:51:57 +00:00
Paul Bakker
8e831edc24 2009-01-03 21:24:11 +00:00
Paul Bakker
5121ce5bdb - Renamed include directory to polarssl 2009-01-03 21:22:43 +00:00